Science of Computer Programming最新文献

Context

Programs with non-termination behavior induce various bugs, such as denial-of-service vulnerability and memory exhaustion. Hence the ability to detect non-termination programs before software deployment is crucial. Existing detection methods are either execution-based or deep learning-based. Despite great advances, their limitations are evident. The former requires complex sandbox environments for execution, while the latter lacks fine-grained analysis.

Objective

To overcome the above limitations, this paper proposes a graph-enhanced contrastive approach, namely TerGEC, which combines both inter-class and intra-class semantics to carry out a more fine-grained analysis and exempt execution during the detection process.

Methods

In detail, TerGEC analyzes behaviors of programs from Abstract Syntax Trees (ASTs), thereby capturing intra-class semantics both syntactically and lexically. Besides, it incorporates contrastive learning to learn the discrepancy between program behaviors of termination and non-termination, thereby acquiring inter-class semantics. In addition, graph augmentation is designed to improve the robustness. Weighted contrastive loss and focal loss are also equipped in TerGEC to alleviate the classes-imbalance problem during the non-termination detection. Consequently, the whole detection process can be handled more fine-grained, and the execution can also be exempted due to the nature of deep learning.

Results

We evaluate TerGEC on five datasets of both Python and C languages. Extensive experiments demonstrate TerGEC achieves the best performance overall. Among all experimented datasets, TerGEC outperforms state-of-the-art baselines by 8.20% in terms of mAP and by 17.07% in terms of AUC on average.

Conclusion

TerGEC is capable of detecting non-terminating programs with high precision, showing that the combination of inter-class and intra-class learning, along with our proposed classes-imbalance solutions, is significantly effective in practice.

Requirements elicitation processes have a series of challenges and limitations in terms of business process focus, system transparency, and dealing with the complexity resulting from interdependence. The Design Thinking approach, which focuses on people and on understanding the context of problems, can contribute to solving them. For this reason, a requirements elicitation process based on Design Thinking has been defined, consisting of three activities: Empathise, Synthesise, and Ideate. For refining this process, a focus group discussion with experts was conducted. The experts provided feedback, specifically on the role of empathy in the process, its domain of application and activities. The results analysed from the focus group confirm the usefulness of the process and generate a series of lessons learned that allowed us to continue refining it. This paper presents the cited process, the main characteristics and results of the focus group and the refined process.

User eXperience (UX) significantly influences the success of free and open source software (FOSS) projects and is measured using UX capability maturity models (UXCMMs). Every organization desires higher levels of UX maturity; however, it requires upfront preparations and process quality control.

Harmonizing processes and analytical lenses for determining preparation for UX maturity are still challenging, and studies to create them are limited. The analysis is ad hoc and based on the actors’ will and experiences. This study proposes and validates analytical lenses.

Findings show that UX experts agreed that the lenses could be used with a consensus percentage of 81 %, the threshold value (d) = 0.112, and crisp values greater than α-cut = 0.5. On validation, 47.57 % of stakeholders agreed, and 52.43 % strongly agreed they were relevant. Results help evaluate the status quo and change culture and policies toward ideal preparation. Two areas are suggested for future research.

Quantum computing plays a crucial role in solving complex problems for which classical supercomputers require an impractical amount of time. This emerging paradigm has the potential to revolutionize various fields such as cryptography, chemistry, and finance, making it a highly relevant area of research and development. Major companies such as Google, Amazon, IBM, and Microsoft, along with prestigious research institutions such as Oxford and MIT, are investing significant efforts into advancing this technology. However, the lack of a standardized approach among different providers poses challenges for developers to effectively access and utilize quantum computing resources. In this study, we propose a quantum orchestrator that is designed to facilitate the orchestration and execution of quantum circuits across multiple quantum service providers. The proposed solution aims to simplify the process for developers and facilitate the execution of quantum tasks using resources offered by different providers. The proposal is validated with the implementation of the proposed orchestrator for Amazon Braket and IBM Quantum. It can support both quantum and classical developers in defining, configuring, and executing circuits independently of the selected provider.

Background and Context

In today's tech-driven world, programming courses are crucial. Yet, teaching programming is challenging, leading to high student failure rates. Understanding student learning patterns is key, but there's a lack of research utilizing tools to automatically collect and analyze interaction data for insights into student performance and behaviors.

Objectives

Study aims to compare problem-solving behaviors of novice and competent programmers during coding tests, identifying patterns and exploring relationships with program correctness.

Method

We built an online system with programming challenges to collect behavior data from novice and competent programmers. Our system analyzed data using various metrics to explore behavior-program correctness relationships.

Findings

Analysis showed distinct problem-solving behavior patterns. Competent programmers had fewer syntax errors, spent less time fixing bugs, and had higher program correctness. Novices made more syntax errors and spent more time fixing coding errors. Both groups used tabs for code structure, but competent programmers introduced unfamiliar variables more often and commented on them afterward. Emphasizing iterative revisions and active engagement enhances problem-solving skills and programming proficiency. Radar charts are effective for identifying improvement areas in teaching programming. The relationship between behavior and program correctness was positively correlated for competent programmers but not novices.

Implications

Study findings have implications for programming education. Radar charts help teachers identify course improvement areas. Novices can learn from competent programmers' behavior. Instructors should encourage continuous skill improvement through revisions and engagement. Identified unfamiliar programming aspects offer insights for targeted learning.

The field of model-based testing has witnessed the development of several test strategies on finite state machines. Although these strategies are often related, little effort has been made to explicitly identify patterns shared between them, and their concrete implementations as well as completeness proofs regularly exhibit redundancy. In this paper, we propose an approach for the systematic verification and implementation of strategies for the language-equivalence conformance relation. We present frameworks in the form of higher order functions that implement shared behaviour once and encapsulate diverging behaviour in procedural parameters, thus reducing duplication and improving maintainability and extensibility. We show that this simplifies completeness proofs by proving complete all considered strategies using the same argument. All presented frameworks, proofs, and concrete strategy implementations have been mechanised using the proof assistant Isabelle.

The Web of Things (WoT) is a new paradigm in which everyday objects are connected to the Internet using popular Web technologies. The smart things are abstracted into RESTful Web services to facilitate their manipulation. The composition of these objects within the same business process creates an automated, time-synchronized routine that can perform even the most complex tasks. BPEL is an orchestration language that defines the process responsible for coordinating the Web services involved. However, this language presents some limitations in this context. BPEL 2.0 does not support RESTful Web services; its specification is incompatible with this architectural style of services. Moreover, its temporal expressivity is insufficient to cover all the constraints that may arise when composing services. This work aims to adapt BPEL to the requirements of the WoT environment, enabling it to create processes that invoke the smart things in precise time intervals. The solution is to exploit one of BPEL's strengths: its extensibility. The BPEL specification is enriched with four activities that reflect the REST uniform interface. They include the necessary attributes to send the request to the target object and receive the response in convened format representation. Also, temporal attributes are added to BPEL elements to schedule their start, end, and duration of execution. The manual addition of these temporal values requires a verification of their accuracy. The BPEL process must be reviewed to ensure its validity before its execution. A temporal Petri Net is proposed to detect any conflicts or inconsistencies between BPEL activities. As a result, associating the formal model with the extension allows BPEL to orchestrate smart things represented by RESTful Web services according to a well-defined temporal scenario. They respect the REST constraints and provide the BPEL activities with temporal attributes for efficient time management. The approach can be applied in all application areas to create temporal scenarios.

We present the Software Tool for the Analysis of Robustness in the unKnown environment (Stark), our Java tool for the specification, analysis and verification of robustness properties of Cyber-Physical Systems (CPSs). Stark includes: (i) a specification language for systems behaviour, perturbations, distances on systems behaviours, and requirements on systems behaviour expressed in the Robustness Temporal Logic (RobTL), a temporal logic for the specification and verification of properties on the evolution of distances between the behaviours of CPSs, and thus also of robustness properties; (ii) a module for the simulation of system behaviours and their perturbed versions; (iii) a module for the evaluation of distances between behaviours; (iv) a statistical model checker for RobTL formulae.

Neural networks (NNs) are increasingly applied in safety-critical systems such as autonomous vehicles. However, they are fragile and are often ill-behaved. Consequently, their behaviors should undergo rigorous guarantees before deployment in practice. In this paper, we propose a set-boundary reachability method to investigate the safety verification problem of NNs from topological perspectives. Given an NN with an input set and a safe set, the safety verification problem is to determine whether all outputs of the NN resulting from the input set fall within the safe set. In our method, the homeomorphism property of NNs is first exploited, which establishes rigorous guarantees between the boundaries of the input set and the boundaries of the output set. A homeomorphism is a special case of open maps, and consequently our set-boundary method is considered to be generalized to situations with open map property then². The exploitation of these two properties facilitates reachability computations via extracting subsets of the input set rather than the entire input set, thus controlling the wrapping effect in reachability analysis and facilitating the reduction of computation burdens for safety verification. The homeomorphism property exists in some widely used NNs such as invertible residual networks (i-ResNets) and Neural ordinary differential equations (Neural ODEs), and the open map is a less strict topological property and is easier to satisfy compared with homeomorphisms. For NNs establishing either of these two properties, our set-boundary reachability method only needs to perform reachability analysis on the boundary of the input set. Moreover, for NNs that do not feature these properties with respect to the input set, we also explore subsets of the input set for establishing the local homeomorphism property and then abandon these subsets for reachability computations. Finally, some examples demonstrate the performance of our proposed method.