Science of Computer Programming最新文献

How to run it? Automated setup steps generation for JavaWeb application 如何运行？自动生成JavaWeb应用程序的设置步骤

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-07-01 Epub Date: 2026-01-25 DOI: 10.1016/j.scico.2026.103448

Hongfan Zhang , Tengmei Wang , Hengwei Lu , Yihui Wang , Jinyan Yu , Huaxiao Liu

Open-source JavaWeb Applications (JWAs) have become increasingly prevalent, supporting a wide range of daily-life needs. Providing comprehensive setup instructions in ReadMe files is essential for enabling newcomers to effectively engage with these projects. However, some developers overlook this aspect, posing significant challenges for newcomers when setting up JWAs. Further, existing research in this area remains relatively underexplored due to the complex structure of JavaWeb applications. As a result, ensuring clear and concise setup steps in ReadMe files is crucial for facilitating newcomer participation in maintaining open-source JWAs. To address this challenge, we present PAL4JavaWeb, a novel method that automatically generates setup instructions for JWA projects by analyzing source files. Unlike traditional manual approaches, PAL4JavaWeb leverages a large language model (LLM) to produce comprehensive and actionable setup steps. Specifically, we employ static program analysis to extract relevant information and reduce complexity, and then utilize segmented outputs to guide the LLM in recognizing key configuration steps and generating setup instructions. Experimental results on 35 real-world JWAs demonstrate the effectiveness of PAL4JavaWeb, achieving a success rate of 91.43%, outperforming the baseline by 48.57%. Furthermore, we submitted the generated setup instructions as pull requests to 13 open-source JWAs on GitHub, of which 10 were merged, highlighting the practical utility of PAL4JavaWeb in simplifying newcomer onboarding.

开源JavaWeb应用程序（JWAs）已经变得越来越普遍，支持广泛的日常生活需求。在ReadMe文件中提供全面的设置说明对于新手有效地参与这些项目至关重要。然而，一些开发人员忽略了这一方面，这给新手在设置jwa时带来了巨大的挑战。此外，由于JavaWeb应用程序的复杂结构，该领域的现有研究相对来说还不够充分。因此，确保ReadMe文件中的设置步骤清晰而简洁，对于促进新手参与维护开源jwa至关重要。为了解决这个问题，我们提出了PAL4JavaWeb，这是一种通过分析源文件自动为JWA项目生成设置指令的新方法。与传统的手工方法不同，PAL4JavaWeb利用大型语言模型（LLM）来生成全面且可操作的设置步骤。具体来说，我们使用静态程序分析来提取相关信息并降低复杂性，然后利用分段输出来指导LLM识别关键配置步骤并生成设置指令。在35个真实JWAs上的实验结果证明了PAL4JavaWeb的有效性，成功率为91.43%，比基线高出48.57%。此外，我们将生成的设置指令作为拉取请求提交给GitHub上的13个开源java，其中10个被合并，突出了PAL4JavaWeb在简化新人入组方面的实际效用。

{"title":"How to run it? Automated setup steps generation for JavaWeb application","authors":"Hongfan Zhang , Tengmei Wang , Hengwei Lu , Yihui Wang , Jinyan Yu , Huaxiao Liu","doi":"10.1016/j.scico.2026.103448","DOIUrl":"10.1016/j.scico.2026.103448","url":null,"abstract":"<div><div>Open-source JavaWeb Applications (JWAs) have become increasingly prevalent, supporting a wide range of daily-life needs. Providing comprehensive setup instructions in ReadMe files is essential for enabling newcomers to effectively engage with these projects. However, some developers overlook this aspect, posing significant challenges for newcomers when setting up JWAs. Further, existing research in this area remains relatively underexplored due to the complex structure of JavaWeb applications. As a result, ensuring clear and concise setup steps in ReadMe files is crucial for facilitating newcomer participation in maintaining open-source JWAs. To address this challenge, we present PAL4JavaWeb, a novel method that automatically generates setup instructions for JWA projects by analyzing source files. Unlike traditional manual approaches, PAL4JavaWeb leverages a large language model (LLM) to produce comprehensive and actionable setup steps. Specifically, we employ static program analysis to extract relevant information and reduce complexity, and then utilize segmented outputs to guide the LLM in recognizing key configuration steps and generating setup instructions. Experimental results on 35 real-world JWAs demonstrate the effectiveness of PAL4JavaWeb, achieving a success rate of 91.43%, outperforming the baseline by 48.57%. Furthermore, we submitted the generated setup instructions as pull requests to 13 open-source JWAs on GitHub, of which 10 were merged, highlighting the practical utility of PAL4JavaWeb in simplifying newcomer onboarding.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"252 ","pages":"Article 103448"},"PeriodicalIF":1.4,"publicationDate":"2026-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Multi-objective optimization of cloud systems 云系统的多目标优化

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-07-01 Epub Date: 2026-01-29 DOI: 10.1016/j.scico.2026.103447

Miguel Pérez , Pablo C. Cañizares , Alberto Núñez

Currently, enormous amounts of data are continuously processed to support our daily activities, such as managing bank accounts, streaming movies, or interacting on social networks. In recent years, cloud infrastructures have proven to be a reliable solution, not only for processing this data but also for enabling users worldwide to access it remotely. However, this processing demands vast computing resources, leading to significant energy consumption.

In this paper, we present a strategy to address this problem by combining multi-objective optimization techniques with Metamorphic Testing (MT) and simulation tools to optimize cloud systems, focusing on both performance and energy consumption. To achieve this, several multi-objective genetic algorithms (MOGAs) have been integrated into the MT-EA4Cloud framework, a solution that previously applied single-objective evolutionary algorithms with MT. To determine the suitability of the proposed approach, an empirical study was conducted to analyze the behavior of the different MOGAs included in the framework. In this study, various test sets and two distinct workloads – inspired by big data analytics operations – were created to represent multiple cloud scenarios.

The results clearly demonstrate that MOGAs can be effectively combined with MT to optimize cloud systems while considering multiple objectives – in this case, performance and energy consumption. A careful analysis of the results indicates that increasing the mutation rate leads to the best outcomes. In general, the NSGA-II algorithm has produced the best results in the experiments conducted in this study.

目前，为了支持我们的日常活动，如管理银行账户、流媒体电影或在社交网络上互动，需要不断处理大量数据。近年来，云基础设施已被证明是一种可靠的解决方案，不仅可以处理这些数据，还可以使全球用户远程访问这些数据。然而，这种处理需要大量的计算资源，导致大量的能源消耗。在本文中，我们提出了一种解决这一问题的策略，通过将多目标优化技术与变形测试（MT）和仿真工具相结合来优化云系统，重点关注性能和能耗。为了实现这一目标，将几种多目标遗传算法（MOGAs）集成到MT- ea4cloud框架中，该解决方案之前将单目标进化算法与MT结合使用。为了确定所提出方法的适用性，进行了一项实证研究，分析了框架中包含的不同MOGAs的行为。在这项研究中，受大数据分析操作的启发，创建了各种测试集和两种不同的工作负载，以表示多种云场景。结果清楚地表明，MOGAs可以有效地与MT相结合，以优化云系统，同时考虑多个目标-在这种情况下，性能和能耗。对结果的仔细分析表明，增加突变率会导致最好的结果。总的来说，NSGA-II算法在本研究的实验中取得了最好的结果。

{"title":"Multi-objective optimization of cloud systems","authors":"Miguel Pérez , Pablo C. Cañizares , Alberto Núñez","doi":"10.1016/j.scico.2026.103447","DOIUrl":"10.1016/j.scico.2026.103447","url":null,"abstract":"<div><div>Currently, enormous amounts of data are continuously processed to support our daily activities, such as managing bank accounts, streaming movies, or interacting on social networks. In recent years, cloud infrastructures have proven to be a reliable solution, not only for processing this data but also for enabling users worldwide to access it remotely. However, this processing demands vast computing resources, leading to significant energy consumption.</div><div>In this paper, we present a strategy to address this problem by combining multi-objective optimization techniques with Metamorphic Testing (MT) and simulation tools to optimize cloud systems, focusing on both performance and energy consumption. To achieve this, several multi-objective genetic algorithms (MOGAs) have been integrated into the MT-EA4Cloud framework, a solution that previously applied single-objective evolutionary algorithms with MT. To determine the suitability of the proposed approach, an empirical study was conducted to analyze the behavior of the different MOGAs included in the framework. In this study, various test sets and two distinct workloads – inspired by big data analytics operations – were created to represent multiple cloud scenarios.</div><div>The results clearly demonstrate that MOGAs can be effectively combined with MT to optimize cloud systems while considering multiple objectives – in this case, performance and energy consumption. A careful analysis of the results indicates that increasing the mutation rate leads to the best outcomes. In general, the NSGA-II algorithm has produced the best results in the experiments conducted in this study.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"252 ","pages":"Article 103447"},"PeriodicalIF":1.4,"publicationDate":"2026-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146102614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Has cross-project defect prediction truly progressed? A five-year field diagnosis challenging the state-of-the-art 跨项目缺陷预测真的有进展吗？五年的现场诊断挑战了最先进的技术

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2026-01-20 DOI: 10.1016/j.scico.2026.103449

Kangjian Zhou

Background

Cross-Project Defect Prediction (CPDP) is a critically active area of software engineering. The past five years have witnessed a surge of proposed techniques, from complex feature representation learning to the application of Large Language Models (LLMs), all claiming state-of-the-art (SOTA).

Problem

However, this apparent innovation faces a fundamental challenge to the current research paradigm. The field has largely disregarded the established baseline, ManualDown, advocated years ago for its strong performance. This neglect makes it impossible to discern whether reported advancements constitute genuine progress or a false prosperity driven by inadequate comparisons.

Objective

This study aims to serve as a five-year field diagnosis. Our goal is to determine whether the CPDP field has truly progressed by empirically evaluating the most prominent recent approaches (2020–2024) against the ManualDown baseline, thereby correcting the course of the field.

Method

We conduct a large-scale, reproducible comparison by systematically selecting recent SOTA CPDP models. To ensure a fair and unambiguous assessment, we compare them against ManualDown using the identical target test projects and the exact same performance metrics as reported in the original studies of these models.

Results

Our diagnosis reveals a striking discrepancy: approximately half of the recently proposed SOTA models show no substantial improvement over ManualDown (exhibiting a small effect size at best), while the other half perform even worse. This finding poses a serious challenge to the current research paradigm, suggesting that the field's trajectory may be misguided. A notable exception is the emerging potential of LLMs, whose contextual understanding may hold the key to meaningful future gains.

Conclusion

ManualDown remains a robust, competitive baseline for both classification and the more practical effort-aware ranking tasks. Therefore, this field diagnosis establishes the formal adoption of ManualDown as a foundational baseline. This practice is essential to ensure that future CPDP research demonstrates verifiable, substantial improvements, thereby correcting the course of the field and steering it toward meaningful advancements.

跨项目缺陷预测（CPDP）是软件工程中一个非常活跃的领域。在过去的五年中，从复杂的特征表示学习到大型语言模型（llm）的应用，所有这些技术都声称是最先进的（SOTA）。然而，这种明显的创新面临着对当前研究范式的根本性挑战。该领域在很大程度上忽视了多年前因其强劲表现而提倡的既定基准ManualDown。这种忽视使得人们无法辨别所报道的进步是真正的进步，还是由不充分的比较所驱动的虚假繁荣。目的本研究旨在为5年的现场诊断提供依据。我们的目标是通过经验评估最近最突出的方法（2020-2024）来确定CPDP领域是否真正取得了进展，从而纠正该领域的进程。方法系统选择SOTA近期的CPDP模型，进行大规模、可重复的比较。为了确保公平和明确的评估，我们将它们与ManualDown进行比较，使用相同的目标测试项目和在这些模型的原始研究中报告的完全相同的性能指标。结果我们的诊断揭示了一个惊人的差异：最近提出的SOTA模型中，大约有一半没有显示出比ManualDown有实质性的改善（最多显示出很小的效应大小），而另一半的表现甚至更糟。这一发现对当前的研究范式提出了严峻的挑战，表明该领域的发展轨迹可能被误导了。一个值得注意的例外是法学硕士的新兴潜力，其上下文理解可能是未来有意义收益的关键。manualdown仍然是一个稳健的、有竞争力的基线，无论是分类还是更实际的努力意识排序任务。因此，该现场诊断确立了ManualDown作为基础基线的正式采用。这一实践对于确保未来的CPDP研究显示出可验证的、实质性的改进，从而纠正该领域的进程并将其引向有意义的进步至关重要。

{"title":"Has cross-project defect prediction truly progressed? A five-year field diagnosis challenging the state-of-the-art","authors":"Kangjian Zhou","doi":"10.1016/j.scico.2026.103449","DOIUrl":"10.1016/j.scico.2026.103449","url":null,"abstract":"<div><h3>Background</h3><div>Cross-Project Defect Prediction (CPDP) is a critically active area of software engineering. The past five years have witnessed a surge of proposed techniques, from complex feature representation learning to the application of Large Language Models (LLMs), all claiming state-of-the-art (SOTA).</div></div><div><h3>Problem</h3><div>However, this apparent innovation faces a fundamental challenge to the current research paradigm. The field has largely disregarded the established baseline, ManualDown, advocated years ago for its strong performance. This neglect makes it impossible to discern whether reported advancements constitute genuine progress or a false prosperity driven by inadequate comparisons.</div></div><div><h3>Objective</h3><div>This study aims to serve as a five-year field diagnosis. Our goal is to determine whether the CPDP field has truly progressed by empirically evaluating the most prominent recent approaches (2020–2024) against the ManualDown baseline, thereby correcting the course of the field.</div></div><div><h3>Method</h3><div>We conduct a large-scale, reproducible comparison by systematically selecting recent SOTA CPDP models. To ensure a fair and unambiguous assessment, we compare them against ManualDown using the identical target test projects and the exact same performance metrics as reported in the original studies of these models.</div></div><div><h3>Results</h3><div>Our diagnosis reveals a striking discrepancy: approximately half of the recently proposed SOTA models show no substantial improvement over ManualDown (exhibiting a small effect size at best), while the other half perform even worse. This finding poses a serious challenge to the current research paradigm, suggesting that the field's trajectory may be misguided. A notable exception is the emerging potential of LLMs, whose contextual understanding may hold the key to meaningful future gains.</div></div><div><h3>Conclusion</h3><div>ManualDown remains a robust, competitive baseline for both classification and the more practical effort-aware ranking tasks. Therefore, this field diagnosis establishes the formal adoption of ManualDown as a foundational baseline. This practice is essential to ensure that future CPDP research demonstrates verifiable, substantial improvements, thereby correcting the course of the field and steering it toward meaningful advancements.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103449"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146037773","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Towards developing an actor-based immune system for smart homes 为智能家居开发基于行为体的免疫系统

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2025-12-13 DOI: 10.1016/j.scico.2025.103431

Zahra Mohaghegh Rad, Ehsan Khamespanah

Smart home environments receive substantial improvement from the Internet of Things (IoT) through automated systems and connected devices, which optimize living space management. The advanced technology of smart homes requires strong anomaly detection systems together with Root Cause Analysis (RCA) to maintain security and reliability. This paper presents a new immune system model for smart homes that detects unusual behavior patterns and conducts full RCA. Our methodology uses the Actor Model together with deep learning approaches that process sensor events while applying causal inference to detect anomalies and their root causes. We use multiple deep learning architectures, including sequence-to-sequence (Seq2Seq), autoencoder, and LSTM networks, to detect various anomalies, which include missing data and abnormal data values. Our autoencoder-based solution demonstrates superior performance, achieving 96.2 % precision and a 98.0 % F1-score. These results represent a significant improvement of 76.8 % in precision and 73.7 % in F1-score over state-of-the-art baseline methods. Our research demonstrates how advanced techniques improve both anomaly detection accuracy and the efficiency of RCA, which results in better smart home environment reliability and resilience.

智能家居环境通过自动化系统和连接设备从物联网（IoT）中得到实质性改善，优化了生活空间管理。智能家居的先进技术需要强大的异常检测系统和根本原因分析（RCA）来保持安全性和可靠性。本文提出了一种新的智能家居免疫系统模型，可以检测异常行为模式并进行完整的RCA。我们的方法使用Actor模型和深度学习方法来处理传感器事件，同时应用因果推理来检测异常及其根本原因。我们使用多种深度学习架构，包括序列到序列（Seq2Seq）、自动编码器和LSTM网络，来检测各种异常，包括缺失数据和异常数据值。我们基于自动编码器的解决方案表现出卓越的性能，达到96.2%的精度和98.0%的f1分数。这些结果表明，与最先进的基线方法相比，精确度提高了76.8%，f1评分提高了73.7%。我们的研究展示了先进的技术如何提高异常检测的准确性和RCA的效率，从而提高智能家居环境的可靠性和弹性。

{"title":"Towards developing an actor-based immune system for smart homes","authors":"Zahra Mohaghegh Rad, Ehsan Khamespanah","doi":"10.1016/j.scico.2025.103431","DOIUrl":"10.1016/j.scico.2025.103431","url":null,"abstract":"<div><div>Smart home environments receive substantial improvement from the Internet of Things (IoT) through automated systems and connected devices, which optimize living space management. The advanced technology of smart homes requires strong anomaly detection systems together with Root Cause Analysis (RCA) to maintain security and reliability. This paper presents a new immune system model for smart homes that detects unusual behavior patterns and conducts full RCA. Our methodology uses the Actor Model together with deep learning approaches that process sensor events while applying causal inference to detect anomalies and their root causes. We use multiple deep learning architectures, including sequence-to-sequence (Seq2Seq), autoencoder, and LSTM networks, to detect various anomalies, which include missing data and abnormal data values. Our autoencoder-based solution demonstrates superior performance, achieving 96.2 % precision and a 98.0 % F1-score. These results represent a significant improvement of 76.8 % in precision and 73.7 % in F1-score over state-of-the-art baseline methods. Our research demonstrates how advanced techniques improve both anomaly detection accuracy and the efficiency of RCA, which results in better smart home environment reliability and resilience.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103431"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145808530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing software quality attributes through multi-dimensional refactoring at source-level 通过源代码级别的多维重构来增强软件质量属性

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2025-12-25 DOI: 10.1016/j.scico.2025.103434

Morteza Zakeri , Fatemeh Abdi , Fatemeh Bagheri

Cyber-Physical Systems (CPSs) increasingly depend on complex, high-level software components for coordination, integration, and control logic. As these components evolve, maintaining key quality attributes—such as modularity, testability, and architectural stability—becomes essential. Automated source-level refactoring offers a practical and systematic way to maintain software quality in dynamic CPS environments, where evolution occurs through ongoing development rather than autonomous runtime adaptation. Search-based refactoring methods identify optimal refactoring sequences to enhance software quality automatically. However, the multiplicity of quality attributes, the lack of formal definitions for them, and their non-correlation make it challenging to measure, reconcile, and appropriately apply quality attributes in search-based refactoring. This paper introduces an automated refactoring engine, CodART, which utilizes compiler principles to perform 18 different refactoring operations at the source code level, generating compilable code. Additionally, nine quality attributes are defined and evaluated to guide search-based refactoring effectively. The novel RNSGA-III algorithm is employed to better balance objectives in the nine-dimensional space. Many existing refactoring tools apply transformations at simplified code, UML, or AST level and do not directly output compilable, transformed source code. In contrast, CodART applies all transformations at the source level and produces compilable Java programs as output - a key requirement for integration into high-assurance CPS software pipelines. Compared to existing approaches, the proposed method enhances the number of quality attributes, refactorings, and optimization algorithms. The proposed algorithm improves software quality by an average of 9%, 12%, and 18% in large, medium, and small projects, respectively, surpassing state-of-the-art methods.

信息物理系统（cps）越来越依赖于复杂的高级软件组件来进行协调、集成和控制逻辑。随着这些组件的发展，维护关键的质量属性——比如模块化、可测试性和架构稳定性——变得至关重要。自动化的源代码级重构提供了一种在动态CPS环境中维护软件质量的实用而系统的方法，在这种环境中，进化是通过持续的开发而不是自主的运行时适应发生的。基于搜索的重构方法识别最佳重构序列，自动提高软件质量。然而，质量属性的多样性、缺乏它们的正式定义以及它们的非相关性使得在基于搜索的重构中度量、协调和适当地应用质量属性变得具有挑战性。本文介绍了一个自动重构引擎，CodART，它利用编译器原理在源代码级别执行18种不同的重构操作，生成可编译的代码。此外，还定义和评估了9个质量属性，以有效地指导基于搜索的重构。采用新颖的RNSGA-III算法在九维空间中更好地平衡目标。许多现有的重构工具在简化代码、UML或AST级别应用转换，并且不直接输出可编译的、转换的源代码。相反，CodART在源代码级别应用所有转换，并生成可编译的Java程序作为输出——这是集成到高保证CPS软件管道中的关键需求。与现有方法相比，该方法增加了质量属性、重构和优化算法的数量。所提出的算法在大型、中型和小型项目中分别平均提高了9%、12%和18%的软件质量，超过了最先进的方法。

{"title":"Enhancing software quality attributes through multi-dimensional refactoring at source-level","authors":"Morteza Zakeri , Fatemeh Abdi , Fatemeh Bagheri","doi":"10.1016/j.scico.2025.103434","DOIUrl":"10.1016/j.scico.2025.103434","url":null,"abstract":"<div><div>Cyber-Physical Systems (CPSs) increasingly depend on complex, high-level software components for coordination, integration, and control logic. As these components evolve, maintaining key quality attributes—such as modularity, testability, and architectural stability—becomes essential. Automated source-level refactoring offers a practical and systematic way to maintain software quality in dynamic CPS environments, where evolution occurs through ongoing development rather than autonomous runtime adaptation. Search-based refactoring methods identify optimal refactoring sequences to enhance software quality automatically. However, the multiplicity of quality attributes, the lack of formal definitions for them, and their non-correlation make it challenging to measure, reconcile, and appropriately apply quality attributes in search-based refactoring. This paper introduces an automated refactoring engine, CodART, which utilizes compiler principles to perform 18 different refactoring operations at the source code level, generating compilable code. Additionally, nine quality attributes are defined and evaluated to guide search-based refactoring effectively. The novel RNSGA-III algorithm is employed to better balance objectives in the nine-dimensional space. Many existing refactoring tools apply transformations at simplified code, UML, or AST level and do not directly output compilable, transformed source code. In contrast, CodART applies all transformations at the source level and produces compilable Java programs as output - a key requirement for integration into high-assurance CPS software pipelines. Compared to existing approaches, the proposed method enhances the number of quality attributes, refactorings, and optimization algorithms. The proposed algorithm improves software quality by an average of 9%, 12%, and 18% in large, medium, and small projects, respectively, surpassing state-of-the-art methods.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103434"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145885477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Introducing a novel technique for call graph visualization and design pattern detection through runtime data profiling and dynamic warping 介绍了一种通过运行时数据分析和动态翘曲实现调用图可视化和设计模式检测的新技术

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2026-01-20 DOI: 10.1016/j.scico.2026.103445

Tarik Houichime, Younes el Amrani

Automated design patterns recovery (ADPR) is a significant academic endeavor focused on identifying and methodically recording design patterns found within software codebases. This process typically involves a thorough examination of source code to find characteristics indicative of specific patterns. Despite sophisticated techniques, persistent challenges remain. These challenges include the complexity of static analysis and variations in pattern appearance across languages. Critically, static methods are fundamentally ill-suited for capturing the temporal, interactive nature of behavioral design patterns. This has led to a field where dynamic methods, while promising, have seen limited exploration regarding their integration with modern, state-of-the-art classifiers, complicating the achievement of comprehensive results. This gap highlights a clear need for novel approaches that can effectively model and analyze runtime behavior directly. In response, this study introduces a dynamic, language-portable two-stage framework. First, we present a novel method for visualizing runtime data as a perceptually-tuned sinusoidal signal. This signal acts as a discovery tool for human analysts, encoding the “local” context of a call (e.g., method’s type) as amplitude and its “global” context (e.g., object interactions) as frequency. Second, we demonstrate how this visualization provides the foundational basis for the symbolic sequencing used in pattern detection. The signal acts as a procedural bridge, it allows an analyst to identify a ’Region of Interest’ from the signal, which then guides the extraction of the corresponding event snippet from the raw log. This snippet is then translated into a compact, symbolic “behavio-stuctural signature”, providing a robust and analyzable representation. Importantly, this work also studies the nature of these sequences, such as their optimal length, and how these properties impact the classification process, thereby validating the foundational basis of the sequential representation.

自动设计模式恢复（ADPR）是一项重要的学术研究，专注于识别和系统地记录在软件代码库中发现的设计模式。这个过程通常包括对源代码的彻底检查，以找到指示特定模式的特征。尽管技术成熟，但挑战依然存在。这些挑战包括静态分析的复杂性和跨语言模式外观的变化。关键的是，静态方法从根本上不适合捕捉行为设计模式的时间和交互特性。这导致了一个领域，动态方法，虽然有希望，已经看到有限的探索，他们与现代的，最先进的分类器的集成，复杂的实现全面的结果。这一差距突出了对能够直接有效地建模和分析运行时行为的新方法的明确需求。作为回应，本研究引入了一个动态的、语言可移植的两阶段框架。首先，我们提出了一种将运行时数据可视化为感知调谐正弦信号的新方法。该信号作为人类分析人员的发现工具，将调用的“本地”上下文（例如，方法的类型）编码为幅度，并将其“全局”上下文（例如，对象交互）编码为频率。其次，我们演示了这种可视化如何为模式检测中使用的符号排序提供基础基础。信号作为一个程序桥梁，它允许分析师从信号中识别一个“感兴趣的区域”，然后指导从原始日志中提取相应的事件片段。然后，这个片段被翻译成一个紧凑的、象征性的“行为结构签名”，提供一个健壮的、可分析的表示。重要的是，这项工作还研究了这些序列的性质，例如它们的最佳长度，以及这些属性如何影响分类过程，从而验证了序列表示的基础。

{"title":"Introducing a novel technique for call graph visualization and design pattern detection through runtime data profiling and dynamic warping","authors":"Tarik Houichime, Younes el Amrani","doi":"10.1016/j.scico.2026.103445","DOIUrl":"10.1016/j.scico.2026.103445","url":null,"abstract":"<div><div>Automated design patterns recovery (ADPR) is a significant academic endeavor focused on identifying and methodically recording design patterns found within software codebases. This process typically involves a thorough examination of source code to find characteristics indicative of specific patterns. Despite sophisticated techniques, persistent challenges remain. These challenges include the complexity of static analysis and variations in pattern appearance across languages. Critically, static methods are fundamentally ill-suited for capturing the temporal, interactive nature of behavioral design patterns. This has led to a field where dynamic methods, while promising, have seen limited exploration regarding their integration with modern, state-of-the-art classifiers, complicating the achievement of comprehensive results. This gap highlights a clear need for novel approaches that can effectively model and analyze runtime behavior directly. In response, this study introduces a dynamic, language-portable two-stage framework. First, we present a novel method for visualizing runtime data as a perceptually-tuned sinusoidal signal. This signal acts as a discovery tool for human analysts, encoding the “local” context of a call (e.g., method’s type) as amplitude and its “global” context (e.g., object interactions) as frequency. Second, we demonstrate how this visualization provides the foundational basis for the symbolic sequencing used in pattern detection. The signal acts as a procedural bridge, it allows an analyst to identify a ’Region of Interest’ from the signal, which then guides the extraction of the corresponding event snippet from the raw log. This snippet is then translated into a compact, symbolic “behavio-stuctural signature”, providing a robust and analyzable representation. Importantly, this work also studies the nature of these sequences, such as their optimal length, and how these properties impact the classification process, thereby validating the foundational basis of the sequential representation.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103445"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146078412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The annotated dependency pair framework for almost-sure termination of probabilistic term rewriting 用于几乎确定地终止概率项重写的带注释的依赖对框架

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2025-12-06 DOI: 10.1016/j.scico.2025.103417

Jan-Christoph Kassing , Jürgen Giesl

Dependency pairs are one of the most powerful techniques to analyze termination of term rewrite systems automatically. We adapt dependency pairs to the probabilistic setting and develop an annotated dependency pair framework for automatically proving almost-sure termination of probabilistic term rewrite systems, both for full and innermost rewriting. To evaluate its power, we implemented our framework in the tool AProVE.

依赖对是自动分析术语重写系统终止的最强大的技术之一。我们使依赖对适应于概率设置，并开发了一个带注释的依赖对框架，用于自动证明概率项重写系统的几乎确定终止，包括完全重写和最内部重写。为了评估它的功能，我们在AProVE工具中实现了我们的框架。

引用次数: 0

DATVD: A novel vulnerability detection method based on dynamic attention and hybrid convolutional pooling DATVD：一种基于动态关注和混合卷积池的新型漏洞检测方法

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2026-01-21 DOI: 10.1016/j.scico.2026.103443

Jinfu Chen , Jinyu Mu , Saihua Cai , Jiapeng Zhou , Ziyan Liu , Xinping Shi

Nowadays, the digitization process is constantly advancing. While software has become an indispensable part of people’s lives, software vulnerabilities have also become a serious security threat. With the expansion of software scale and the rapid development of artificial intelligence technology, deep learning technology has been widely used in vulnerability detection. However, it performs poorly in the task of detecting whether there are vulnerabilities in real-world code. The reason is that the amount of real-world code has increased and its structure has become more complex. It is difficult for deep learning models to learn the relationship between code snippets and vulnerability triggers, so that the existing vulnerability detection models have low accuracy in real-world code vulnerability detection tasks. In order to solve the above problems, we propose a software vulnerability detection system DATVD based on dynamic attention. The model consists of three components. The graph embedding component extracts code semantics and structural information and generates a graph representation of the code; the GGNN_DAT component uses the dynamic attention mechanism to learn code features and generate a one-dimensional vector representation; the hybrid convolution pooling component performs graph classification. Due to the limited availability of real-world code datasets, we conducted experiments on the widely recognized public datasets-Debian, Chrome, and Hybrid. Experimental results show that compared with existing neural networks, the proposed DATVD model can effectively improve the accuracy of source code vulnerability detection. When compared to Devign model, the accuracy of the model on these datasets is improved by an average of 3.13 %. The proposed DATVD also demonstrates better detection stability.

如今，数字化进程在不断推进。在软件成为人们生活中不可或缺的一部分的同时，软件漏洞也成为了严重的安全威胁。随着软件规模的扩大和人工智能技术的快速发展，深度学习技术在漏洞检测中得到了广泛的应用。然而，它在检测真实代码中是否存在漏洞的任务中表现不佳。原因是实际代码的数量增加了，其结构变得更加复杂。深度学习模型难以学习代码片段与漏洞触发器之间的关系，使得现有的漏洞检测模型在现实世界的代码漏洞检测任务中准确率较低。为了解决上述问题，我们提出了一种基于动态关注的软件漏洞检测系统DATVD。该模型由三个部分组成。图嵌入组件提取代码语义和结构信息，并生成代码的图表示；GGNN_DAT组件使用动态关注机制学习代码特征并生成一维向量表示；混合卷积池化组件执行图分类。由于实际代码数据集的可用性有限，我们在广泛认可的公共数据集（debian、Chrome和Hybrid）上进行了实验。实验结果表明，与现有神经网络相比，所提出的DATVD模型能有效提高源代码漏洞检测的准确性。与Devign模型相比，该模型在这些数据集上的准确率平均提高了3.13%。所提出的DATVD也显示出更好的检测稳定性。

{"title":"DATVD: A novel vulnerability detection method based on dynamic attention and hybrid convolutional pooling","authors":"Jinfu Chen , Jinyu Mu , Saihua Cai , Jiapeng Zhou , Ziyan Liu , Xinping Shi","doi":"10.1016/j.scico.2026.103443","DOIUrl":"10.1016/j.scico.2026.103443","url":null,"abstract":"<div><div>Nowadays, the digitization process is constantly advancing. While software has become an indispensable part of people’s lives, software vulnerabilities have also become a serious security threat. With the expansion of software scale and the rapid development of artificial intelligence technology, deep learning technology has been widely used in vulnerability detection. However, it performs poorly in the task of detecting whether there are vulnerabilities in real-world code. The reason is that the amount of real-world code has increased and its structure has become more complex. It is difficult for deep learning models to learn the relationship between code snippets and vulnerability triggers, so that the existing vulnerability detection models have low accuracy in real-world code vulnerability detection tasks. In order to solve the above problems, we propose a software vulnerability detection system DATVD based on dynamic attention. The model consists of three components. The graph embedding component extracts code semantics and structural information and generates a graph representation of the code; the GGNN_DAT component uses the dynamic attention mechanism to learn code features and generate a one-dimensional vector representation; the hybrid convolution pooling component performs graph classification. Due to the limited availability of real-world code datasets, we conducted experiments on the widely recognized public datasets-Debian, Chrome, and Hybrid. Experimental results show that compared with existing neural networks, the proposed DATVD model can effectively improve the accuracy of source code vulnerability detection. When compared to Devign model, the accuracy of the model on these datasets is improved by an average of 3.13 %. The proposed DATVD also demonstrates better detection stability.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103443"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146078409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Event-B formalisation of a chat system: A case study 聊天系统的事件- b形式化：一个案例研究

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2025-12-27 DOI: 10.1016/j.scico.2025.103432

Néstor Cataño

This paper presents the formal modelling and refinement of a chat system using the Event-B formal method. We elicit software requirements as User Stories and manually map them into Event-B. We model core chat functionalities, including user creation, chat session creation, message sending, message forwarding, and message deletion, while ensuring consistency via invariants and proof obligations in Rodin. We discuss challenges, lessons learnt, and propose several best modelling practices for the design and verification of similar event-driven messaging systems. Our work outlines directions for future integration with tool-supported code generation.

本文采用Event-B形式化方法对聊天系统进行形式化建模和改进。我们以用户故事的形式引出软件需求，并手动将它们映射到Event-B中。我们为核心聊天功能建模，包括用户创建、聊天会话创建、消息发送、消息转发和消息删除，同时通过Rodin中的不变量和证明义务确保一致性。我们讨论了挑战和经验教训，并为类似事件驱动的消息传递系统的设计和验证提出了几个最佳建模实践。我们的工作概述了未来与工具支持的代码生成集成的方向。

引用次数: 0

Adaptive urgency-based real-time task scheduling in ADAS systems ADAS系统中基于自适应紧急度的实时任务调度

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming

Pub Date : 2026-06-01 Epub Date: 2026-01-09 DOI: 10.1016/j.scico.2026.103436

Mahdi Seyfipoor, Sayyed Muhammad Jaffry, Siamak Mohammadi

Advanced driver assistance systems (ADAS) are quintessential examples of real-time Cyber-Physical Systems (CPS), where physical processes and computational elements interact in real-time to enhance safety and automation in transportation. Efficient task scheduling is one of the most important software aspects in real-time systems. In this paper, we propose a CPS-oriented framework for real-time task scheduling in ADAS with a real-time scheduler. Our design integrates object detection, distance estimation, and an Adaptive Urgency scheduler that fuses normalized laxity, dynamic priority, and computational load into a unified metric to manage aperiodic tasks with strict temporal requirements. By adjusting the number of frames between each tracking based on the environment stress, we reduce unneeded object detection tasks, relying on tracking instead. Focusing on aperiodic tasks, the proposed multi-core task scheduler design handles sensor-triggered events and adapts scheduling dynamically while reducing context switch overhead by limiting unnecessary preemption. Experimental results demonstrate improved deadline adherence and improved priority reinforcement, validating the approach for real-time CPS implementations in automotive domains. This paper focuses on the performance of the scheduler from the aspect of deadline misses, context switches, and stability, as well as the ratio of high-priority deadline misses to the total number of deadline misses. We use software simulation to evaluate the algorithms, where the results show an improvement over classical real-time scheduling algorithms, as well as newer algorithms that have contributed to this field. Our proposed algorithm achieved a proportional miss rate of 3 % for critical tasks, which is a 16 % improvement over baselines such as EDF and MLLF.

高级驾驶辅助系统（ADAS）是实时网络物理系统（CPS）的典型例子，物理过程和计算元素实时交互，以提高交通运输的安全性和自动化程度。高效的任务调度是实时系统中最重要的软件方面之一。本文提出了一种基于cps的ADAS实时任务调度框架。我们的设计集成了目标检测、距离估计和一个自适应紧急调度程序，该调度程序将规范化松弛性、动态优先级和计算负载融合到一个统一的度量中，以管理具有严格时间要求的非周期性任务。通过根据环境压力调整每次跟踪之间的帧数，减少不必要的目标检测任务，转而依赖于跟踪。针对非周期任务，提出的多核任务调度器设计处理传感器触发事件并动态调整调度，同时通过限制不必要的抢占来减少上下文切换开销。实验结果表明，改进的截止日期遵守和改进的优先级强化，验证了该方法在汽车领域的实时CPS实施。本文从截止日期缺失、上下文切换、稳定性以及高优先级截止日期缺失与总截止日期缺失的比例三个方面对调度程序的性能进行了研究。我们使用软件模拟来评估算法，结果显示优于经典的实时调度算法，以及对该领域做出贡献的新算法。我们提出的算法在关键任务中实现了3%的比例缺失率，比EDF和MLLF等基准提高了16%。

{"title":"Adaptive urgency-based real-time task scheduling in ADAS systems","authors":"Mahdi Seyfipoor, Sayyed Muhammad Jaffry, Siamak Mohammadi","doi":"10.1016/j.scico.2026.103436","DOIUrl":"10.1016/j.scico.2026.103436","url":null,"abstract":"<div><div>Advanced driver assistance systems (ADAS) are quintessential examples of real-time Cyber-Physical Systems (CPS), where physical processes and computational elements interact in real-time to enhance safety and automation in transportation. Efficient task scheduling is one of the most important software aspects in real-time systems. In this paper, we propose a CPS-oriented framework for real-time task scheduling in ADAS with a real-time scheduler. Our design integrates object detection, distance estimation, and an Adaptive Urgency scheduler that fuses normalized laxity, dynamic priority, and computational load into a unified metric to manage aperiodic tasks with strict temporal requirements. By adjusting the number of frames between each tracking based on the environment stress, we reduce unneeded object detection tasks, relying on tracking instead. Focusing on aperiodic tasks, the proposed multi-core task scheduler design handles sensor-triggered events and adapts scheduling dynamically while reducing context switch overhead by limiting unnecessary preemption. Experimental results demonstrate improved deadline adherence and improved priority reinforcement, validating the approach for real-time CPS implementations in automotive domains. This paper focuses on the performance of the scheduler from the aspect of deadline misses, context switches, and stability, as well as the ratio of high-priority deadline misses to the total number of deadline misses. We use software simulation to evaluate the algorithms, where the results show an improvement over classical real-time scheduling algorithms, as well as newer algorithms that have contributed to this field. Our proposed algorithm achieved a proportional miss rate of 3 % for critical tasks, which is a 16 % improvement over baselines such as EDF and MLLF.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103436"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146078410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0