Information and Software Technology最新文献

Context:

The research of machine learning for requirements engineering (ML4RE) has attracted more and more attention from researchers and practitioners. Although pioneering research has shown the potential of using ML techniques to improve RE practices, there lacks a systematic and comprehensive literature review in academia that integrates an industrial perspective. Specifically, none of the reviews available in ML4RE have considered the grey literature, which is primarily from practitioner origin and is more reflective of the real issues and challenges faced in practice.

Objective:

In this paper, we conduct a systematic survey of academic publications in ML4RE and complement it with the practitioners’ voices from Stack Overflow to complete a comprehensive literature review. Our research objective is to provide a comprehensive view of the current research progress in ML4RE, present the main questions and challenges faced in RE practice, understand the gap between research and practice, and provide our insights into how the RE academic domain can pragmatically develop in the future.

Method:

We systematically investigated 207 academic papers on ML4RE from 2010 to 2022, along with 375 questions related to RE practices on Stack Overflow and their corresponding answers. Our analysis encompassed their trends, focused RE activities and tasks, employed solutions, and associated data. Finally, we conducted a joint analysis, contrasting the outcomes of both parts.

Results:

Based on the statistical results from collected literature, we summarize an academic roadmap and analyse the disparities, offering research recommendations. Our suggestions include the development of intelligent question-answering assistants employing large language models, the integration of machine learning into industrial tools, and the promotion of collaboration between academia and industry.

Conclusion:

This study contributes by providing a holistic view of ML4RE, delineating disparities between research and practice, and proposing pragmatic suggestions to bridge the academia-industry gap.

Context:

Navigating the knowledge of Stack Overflow (SO) remains challenging. To make the posts vivid to users, SO allows users to write and edit posts with Markdown or HTML so that users can leverage various formatting styles (e.g., bold, italic, and code) to highlight the important information. Nonetheless, there have been limited studies on the highlighted information.

Objective:

We carried out the first large-scale exploratory study on the information highlighted in SO answers in our recent study. To extend our previous study, we develop approaches to automatically recommend highlighted content with formatting styles using neural network architectures initially designed for the Named Entity Recognition task.

Method:

In this paper, we studied 31,169,429 answers of Stack Overflow. For training recommendation models, we choose CNN-based and BERT-based models for each type of formatting (i.e., Bold, Italic, Code, and Heading) using the information highlighting dataset we collected from SO answers.

Results:

Our models achieve a precision ranging from 0.50 to 0.72 for different formatting types. It is easier to build a model to recommend Code than other types. Models for text formatting types (i.e., Heading, Bold, and Italic) suffer low recall. Our analysis of failure cases indicates that the majority of the failure cases are due to missing identification. One explanation is that the models are easy to learn the frequent highlighted words while struggling to learn less frequent words (i.g., long-tail knowledge).

Conclusion:

Our findings suggest that it is possible to develop recommendation models for highlighting information for answers with different formatting styles on Stack Overflow.

Context:

Deep neural networks (DNN) have been widely deployed in safety-critical domains, such as autonomous cars and healthcare, where error behaviors can lead to serious accidents, testing DNN is extremely important. Neuron coverage-guided fuzz testing (NCFT) has become an effective whitebox testing approach for testing DNN, which iteratively generates new test cases with the guidance of neuron coverage to explore different logics of DNN, and has found numerous defects. However, existing NCFT approaches ignore that the role of neurons is distinct for the final output of DNN. Given an input, only a fraction of neurons determines the final output of the DNN. These neurons hold the essential logic of the DNN.

Objective:

To ensure the quality of DNN and improve testing efficiency, NCFT should first cover neurons containing major logic of DNN.

Method:

In this paper, we propose the critical neurons that hold essential logic of DNN. In order to prioritize the detection of potential defects of critical neurons, we propose a fuzz testing framework, named CriticalFuzz, which mainly contains the energy-based test case generation and the critical neuron coverage criteria. The energy-based test case generation has the capability to produce test cases that are more likely to cover critical neurons and involves energy-based seed selection, power schedule, and seed mutation. The critical neuron coverage as a mechanism for providing feedback to guide the CriticalFuzz in prioritizing the coverage of critical neurons. To evaluate the significance of critical neurons and the performance of CriticalFuzz, we conducted experiments on popular DNNs and datasets.

Results:

The experiment results show that (1) the critical neurons have a 100% impact on the output of models, while the non-critical neurons have a lesser effect; (2) CriticalFuzz is effective in achieving 100% coverage of critical neurons and covering 10 classes of critical neurons, outperforming both DeepHunter and TensorFuzz. (3) CriticalFuzz exhibits exceptional error detection capabilities, successfully identifying thousands of errors across 10 diverse error classes within DNN.

Conclusion:

The critical neurons defined in this paper hold more significant logic of DNN than non-critical neurons. CriticalFuzz can preferentially cover critical neurons, thereby improving the efficiency of the NCFT process. Additionally, CriticalFuzz is capable of identifying a greater number of errors, thus enhancing the reliability and effectiveness of the NCFT.

Context

Over the last decades, the rapid expansion of the internet has prompted an increasing number of organizations that have taken their work global and have outsourced their information technology (IT) activities to specialized suppliers. The longest part of the software life cycle includes software maintenance, which consumes 60-70% of the total IT budget. Therefore, organizations have adopted offshoring strategies to reduce maintenance costs and free up resources to focus on their core competencies. Offshore outsourcing decision-making involves technical, social, and other influencing factors; however, there is a limited understanding of the key factors associated with offshoring software maintenance within the global software development context.

Objective

This work presents the factors that have influenced the decision-making process of offshoring software maintenance. Further, this research sheds light on decision-making by identifying the models, frameworks, and software tools used within this context.

Method

A systematic literature review is conducted, delving into the factors related to the decision-making and analyzing the models, frameworks and tools supporting offshoring software maintenance.

Results

This study identifies the top 10 key factors concerning the decision-making process, namely human communication, cost reduction, organizational and employee maturity, project management practices, IT infrastructure support, language constraints, knowledge-based support, changes in requirements, legal issues and cultural diversity. In addition, the models, frameworks, and tools used in the decision-making process of software maintenance are analyzed, and research gaps are identified.

Conclusion

The findings reveal that the software industry lacks effective and efficient models tailored explicitly for software offshoring within the global software development landscape. Overall, this study provides valuable insights into the decision-making dynamics of software maintenance offshoring by identifying key factors and research gaps that can pave the way for developing more effective decision support systems.

Context:

Bug bisection is a common technique used to identify a revision that introduces a bug or indirectly fixes a bug, and often involves executing multiple revisions of a project to determine whether the bug is present within the revision. However, many legacy revisions often cannot be successfully compiled due to changes in the programming language or tools used in the compilation process, adding complexity and preventing automation in the bisection process.

Objective:

In this paper, we introduce an approach to repair test cases of Java projects by performing dependency minimization. Our approach aims to remove classes and methods that are not required for the execution of one or more test cases. Unlike existing state-of-the-art techniques, our approach performs minimization at source-level, which allows compile-time errors to be fixed.

Methods:

A standalone Java tool implementing our technique was developed, and we evaluated our technique using subjects from Defects4J retargeted against Java 8 and 17.

Results:

Our evaluation showed that a majority of subjects can be repaired solely by performing minimization, including replicating the test results of the original version. Furthermore, our technique is also shown to achieve accurate minimized results, while only adding a small overhead to the bisection process.

Conclusion:

Our proposed technique is shown to be effective for repairing build failures with minimal overhead, making it suitable for use in automated bug bisection. Our tool can also be adapted for use cases such as bug corpus creation and refactoring.

Context:

The adoption or acceptance of new technologies or ways of working in software development activities is a recurrent topic in the software engineering literature. The topic has, therefore, been empirically investigated extensively. It is, however, unclear which theoretical frames of reference are used in this research to explain acceptance behaviors.

Objective:

In this study, we explore how major theories and models of acceptance behavior have been used in the software engineering literature to empirically investigate acceptance behavior.

Method:

We conduct a systematic mapping study of empirical studies using acceptance behavior theories in software engineering.

Results:

We identified 47 primary studies covering 56 theory uses. The theories were categorized into six groups. Technology acceptance models (TAM and its extensions) were used in 29 of the 47 primary studies, innovation theories in 10, and the theories of planned behavior/ reasoned action (TPB/TRA) in six. All other theories were used in at most two of the primary studies. The usage and operationalization of the theories were, in many cases, inconsistent with the underlying theories. Furthermore, we identified 77 constructs used by these studies of which many lack clear definitions.

Conclusions:

Our results show that software engineering researchers are aware of some of the leading theories and models of acceptance behavior, which indicates an attempt to have more theoretical foundations. However, we identified issues related to theory usage that make it difficult to aggregate and synthesize results across studies. We propose mitigation actions that encourage the consistent use of theories and emphasize the measurement of key constructs.

Context:

Software verification for critical systems is facing an unprecedented cost increase due to the large amount of software packed in multicore platforms generally. A substantial amount of the verification efforts are dedicated to testing. Spark/Ada is a language often employed in safety-critical systems due to its high reliability. Formal contracts are often inserted in Spark’s program specification to be used by a static theorem prover that checks whether the specification conforms with the implementation. However, this static analysis has its limitations as certain bugs can only be spotted through software testing.

Objective:

The main goal of our work is to use these formal contracts in Spark as input for a test oracle – whose method we describe – to generate test cases. Subsequent objectives consist of a) arguing about the traceability to comply with safety-critical software standards such as DO-178C for civil avionics and b) embracing the best-established software testing methods for these systems.

Method:

Our test generation method reads Spark formal contracts and applies Equivalence Class Partitioning with Boundary Analysis as a software testing method generating traceable test cases.

Results:

The evaluation, which uses an array of open-source examples of Spark contracts, shows a high level of passed test cases and statement coverage. The results are also compared against a random test generator.

Conclusion:

The proposed method is very effective at achieving a high number of passed test cases and coverage. We make the case that the effort to create formal specifications for Spark can be used both for proof and (automatic) testing. Lastly, we noticed that some formal contracts are more suitable than others for our test generation.

Libraries that implement Domain-Specific Language (DSL) components keep gaining traction when it comes to developing software for specific application domains. However, creating components that can be organically weaved into use cases is an extremely complex task. In this work, we introduce a meta-DSL to assist library development, called Forward-Oriented Programming (FOP). This combines lazy evaluation and aspect-oriented programming principles to align crosscutting component configurations and alter their execution outcomes depending on usage in subsequent code. Theoretical analysis shows that FOP simplifies component development and makes their combination logic learnable by library users. We realize the paradigm with a Python package, called pyfop, and conduct a case study that compares it with purely functional and object-oriented library implementations. In the study, source code quality metrics demonstrate reduced time and effort to write library components, and increased comprehensibility. Configurations are shared without modifying distant code segments.

The field of digital forensics has undergone rapid development alongside the technological advancements of the latest century. This study focuses in two of its subdomains, namely database forensics and data forensics. Though the concept of a database is relatively old, there is an academic void when it comes to its research compared to different domains in digital forensics. Data forensics has a myriad of applications, however there appears to be a lack of standardization in regards to the field itself throughout the different disciplines of the forensic field. Our main objectives with this study were to identify the prominent trends, uncover research gaps or further research necessity and to provide a high level outline of the selected domains. To fulfill the objectives, we designed and executed a protocol with predefined phases, steps, and activities that all stem from the principles of bibliometric analysis. The findings of the methodological procedure are presented and the research questions are answered in a concise manner. The two domains have considerable growth, given how recently they emerged in literature. However, there are issues present in the current literature that might hinder the future research and might repulse not only the aspiring but also the current professionals of the forensic field. These issues must be resolved in order to make the selected domains less elusive when it comes to cross-domain applications and when new practitioners are concerned.

Context:

Mentoring in Open Source Software (OSS) is important to its project’s growth and sustainability. Mentoring allows contributors to improve their technical skills and learn about the protocols and cultural norms of the project. However, mentoring has its challenges: mentors sometimes feel unappreciated, and mentees may have mismatched interests or lack interpersonal skills. Existing research has investigated the different challenges of mentoring in different OSS contexts, but we lack a holistic understanding.

Objective:

A comprehensive understanding of the current practices and challenges of mentoring in OSS is needed to implement appropriate strategies to facilitate mentoring.

Method:

This study presents a systematic literature review investigating how literature has characterized mentoring practices in OSS, including their challenges and the strategies to mitigate them. We retrieved 232 studies from four digital libraries. Out of these, 21 were primary studies. Using this, we performed backward and author snowballing, adding another 27 studies. We conducted a completeness check by reviewing the references of the 4 most relevant primary studies, which resulted in us adding 1 additional study. We then conducted a full-text review and evaluated the studies using a set of criteria; as a result, 10 papers were excluded. We then employed an open-coding approach to analyze, aggregate, and synthesize the selected studies.

Results:

We reviewed 39 studies to investigate the different facets of mentoring in OSS, encompassing motivations, goals, channels, and contributor dynamics. We then identified 13 challenges associated with mentoring in OSS, which fall into three categories: social, process, and technical. We also present a quick-reference strategy catalog to map these strategies to challenges for mitigation.

Conclusions:

Our study serves as a guideline for researchers and practitioners about mentoring challenges and potential strategies to mitigate these challenges.