Information and Software Technology最新文献

Context:

Most research in software clustering and remodularisation typically concludes by recommending the refactoring operations without further insight into the practicality of the proposed technique. Developers might be hesitant to follow through with the refactoring suggestions due to the uncertainty in the effort needed.

Objective:

This work aims to address this gap by introducing an effoRt Estimation AppRoach foR softwAre clusteriNG-based rEmodularisation (REARRANGE) to close the loop in extant software clustering and remodularisation research by estimating the time required to carry out the suggested refactoring operations based on the history of the evolution of the software. By providing tangible estimates of refactoring effort in person-hours, we can inform developers of complex and time-consuming refactoring operations that will help prioritise refactoring efforts, allowing practitioners to weave in these activities during sprint planning.

Method:

REARRANGE builds a machine learning model to predict effort estimation based on past commit activity which extracts Software Features (lines of code, number of methods), Refactoring Features (refactoring type, source and destination) and Dependency Features (dependencies between classes). REARRANGE is then compared against sanity checks, baseline effort estimation models, and state-of-the-art software estimation models. We also attempt to cross-validate REARRANGE’s effort estimation with software developers.

Results:

Experimented through 25 open-source Java-based projects, the proposed approach estimated the refactoring effort of the test subjects with a Mean Absolute Error (MAE) of 5.47 person-hours against the MAE of the next-best approach of 453.31 person-hours. Based on a survey conducted among software developers, REARRANGE consistently delivers accurate estimates in 93.6% of cases.

Conclusion:

The lack of a direct comparison for REARRANGE highlights the need for a refactoring effort-focused estimation model that provides tangible effort estimates in person-hours for refactoring operations. Only then can developers selectively choose relevant refactoring operations while considering the available time and budget constraints, bridging the gap between software clustering research and real-world application.

Context:

Test case generation is a critical yet challenging task in software development. Recently, AthenaTest – a Deep Learning (DL) approach for generating unit test cases has been proposed. However, our revisiting study reveals that AthenaTest can generate less than one-fifth of the test cases correctly, due to a lack of assertion knowledge and test signature verification.

Objective:

This paper introduces A3Test, a novel DL-based approach to the generation of test cases, enhanced with assertion knowledge and a mechanism to verify consistency of the name and signatures of the tests. A3Test aims to adapt domain knowledge from assertion generation to test case generation.

Method:

A3Test employs domain adaptation principles and introduces a verification approach to name consistency and test signatures. We evaluate its effectiveness using 5,278 focal methods from the Defects4j dataset.

Results:

Our findings indicate that A3Test outperforms AthenaTest and ChatUniTest. A3Test generates 2.16% to 395.43% more correct test cases, achieves 2.17% to 34.29% higher method coverage, and 25.64% higher line coverage. A3Test achieves 2.13% to 12.20% higher branch coverage, 2.22% to 12.20% higher mutation scores, and 2.44% to 55.56% more correct assertions compared to both ChatUniTest and AthenaTest respectively for one iteration. When generating multiple test cases per method A3Test still shows improvements and comparable efficacy to ChatUnitTest. A survey of developers reveals that the majority of the participants 70.51% agree that test cases generated by A3Test are more readable than those generated by EvoSuite.

Conclusions:

A3Test significantly enhances test case generation through its incorporation of assertion knowledge and test signature verification, contributing to the generation of correct test cases.

Context:

Systematic Literature Reviews (SLR) have been recognized as an important research method for summarizing evidence in Software Engineering (SE). At the same, SLR still presents several problems, such as the high resource consumption (mainly human resources) and lack of effective impact on SE practitioners, although much research has already been done.

Objective:

The main goal of this paper is to explore the concept of sustainability in the SLR area, intending to contribute to understanding better and solving such problems in an integrated way. More specifically, this paper characterizes what sustainable SLR are, their core characteristics, critical factors (i.e., sensitive points in the SLR process), and guidelines for conducting such SLR.

Methods:

We performed a meta-ethnographic study to find key concepts of sustainable software systems and transpose them to sustainable SLR. For this, we systematically selected 16 studies about sustainable software systems and 14 distinguished studies about SLR. Following, we extracted the main keywords and metaphors, determined how both areas are correlated, and transposed them to obtain a set of core characteristics of sustainable SLR as well as critical factors and guidelines. Additionally, we validated them with specialists using the Delphi method.

Results:

We found 15 core characteristics that offer a broad view of sustainable SLR, 15 critical factors in the SLR process that should be carefully addressed when conducting and updating SLR, and also 16 guidelines to manage SLR from the sustainability perspective.

Conclusion:

The concept of sustainability in SLR can contribute to solving SLR problems in a more integrated way, while this work could change the mindset of the SLR community about the need to conduct sustainable SLR.

Context

Effective software testing requires test adequacy criteria. MC/DC, a widely used logic-based testing criterion, struggles to detect domain errors caused by incorrect arithmetic operations. Domain errors occur when test requirement boundaries shift or tilt, causing unpredictable behavior and system crashes.

Objective

To address the inadequacy of MC/DC in detecting domain errors, we present EvoDomain, a search-based testing technique.

Method

EvoDomain uses a memetic algorithm combining genetic and hill-climbing algorithms, along with the DBSCAN clustering algorithm to select diversified boundary test data. The memetic algorithm is designed to efficiently enhance the search process for covering boundary test data. We compared EvoDomain with two logic-based testing approaches, a domain-oriented test suite generation approach, and random testing.

Results

Evaluations on 30 case studies show EvoDomain increases fault detection by 74.44% over MC/DC and 65.06% over RoRG. Additionally, EvoDomain improves support for different fault types by up to 68.89% for MC/DC and 66.33% for RoRG. Compared to COSMOS, which uses static analysis, EvoDomain improves the convergence effectiveness of identifying feasible subdomains by 32%. It offers high accuracy (0.99-1) and F1-score (0.99-1). EvoDomain finds the subdomains in less than 1/3 the time of Random search.

Conclusion

EvoDomain effectively generates domain-oriented test suites, enhancing the accuracy and effectiveness of fault detection.

Context

Agile methodology has emerged as a fundamental framework guiding software development projects, emphasizing values and principles for achieving successful project outcomes. Despite the widespread recognition of the importance of agile principles, there remains a gap in empirical research investigating their actual impact on agile project success.

Objective

This research aims to examine the relationship between agile principles and project outcomes and provide empirical evidence supporting the importance of agile principles in achieving success in agile software development (ASD) projects.

Method

A total of 298 Agile project practitioners participated in an online survey between August and September 2023 to test this study's research model using the partial least square structural equation modeling (PLS-SEM) method.

Results

We find a significant relationship between adopting agile principles and project success, with regular delivery, technical excellence, team member proactivity, and customer collaboration showing the highest impact on Agile project success. However, process simplicity was found not to be significant in the study.

Conclusions

Our analysis verifies the importance of Agile principles and suggests areas for further study to successfully understand their impact on Agile projects. The findings contribute to the ongoing discourse on agile principles and their impact on software development project success, opening avenues for future research and the refinement of agile methodologies. These insights could assist organizations in optimizing Agile practices and decision-making, leading to more successful and efficient software development projects.

Context:

Software development organizations are composed of people working together towards a common goal. These people are connected in networks. The effectiveness of these networks seems like it would be an essential consideration for the effectiveness of the organization as a whole, but does network effectiveness actually matter?

Objective:

In this paper, we seek to understand whether causal relationships exist between the maintenance effort spent on files implicated in software vulnerabilities and suboptimal social behaviors – social smells – within that project’s developer community.

Methods:

To gain insight into this question, we chose to study OpenSSL and over 100 of its published vulnerabilities. We performed a socio-technical analysis on OpenSSL to understand whether social smells could be causally linked to the effort to maintain files implicated in vulnerabilities.

Results:

Our results indicate that this is the case: Social smells are, in fact, causally linked to the maintenance effort surrounding files implicated in software vulnerabilities.

Conclusion:

This result has significant implications for the management of software projects. These insights may motivate and help to guide project managers and architects to also focus on team communications, and not merely on technical quality measures such as bug rates or feature velocity. Social interactions among a project’s team members matter, and smells can be measured and monitored.

Context:

GitHub has introduced a new gamification element through personal achievements, whereby badges are unlocked and displayed on developers’ personal profile pages in recognition of their development activities.

Objective:

In this paper, we present an exploratory analysis using mixed methods to study the diffusion of personal badges in GitHub, in addition to the effects and reactions to their introduction.

Method:

First, we conduct an observational study by mining longitudinal data from more than 6,000 developers and performed correlation and regression analysis. Then, we conduct a survey and analyze over 300 GitHub community discussions on the topic of personal badges to gauge how the community responded to the introduction of the new feature.

Results:

We find that most of the developers sampled own at least a badge, but we also observe an increasing number of users who choose to keep their profile private and opt out of displaying badges. Additionally, badges are generally poorly correlated with developers’ skills and dispositions such as timeliness and desire to collaborate. We also find that, except for the Starstruck badge (reflecting the number of followers), their introduction does not have an effect. Finally, the reaction of the community has been in general mixed, as developers find them appealing in principle but without a clear purpose and hardly reflecting their abilities in the current form.

Conclusions:

We provide recommendations to the designers of the GitHubplatform on how to improve the current implementation of personal badges as both a gamification mechanism and as sources of reliable cues for assessing the abilities of developers.

Context:

The boom of Android market makes mobile products more popular and convenient. However, in the face of the complex Android application market, how to efficiently and accurately identify malware has become one of the focuses of research. Various new types of disguised malware lurk in the web pages, links and major application malls. Therefore, people’s privacy and property security have become a major obstacle to the continued development of mobile devices.

Objective:

Most of the existing malware classification methods are fixed on one or several types of characteristics of Android devices, such as static characteristics, dynamic characteristics and traffic characteristics. Single feature detection or fixed feature fusion models limit the dimension of detection software, and also cause imbalanced classification results. This paper proposes an Android Malware Dynamic Classification Method based on Gray-scale Image and Feature-selection Tree (DCM-GIFT), which aims to improve and stabilize the precision of Android software classification and enhance the robustness of malware classification.

Method:

In this paper, we construct gray-scale images for the original Android traffic to retain the characteristics of the time series and spatial structure of the original network traffic. At the same time, we take the dynamic information and static information of Android software as auxiliary features to build a feature selection tree. The feature-selection algorithm helps the classifier dynamically select the optimal feature fusion scheme, and the resulting fusion feature vector will be trained and predicted using machine learning clusters for model training.

Results:

We evaluate the performance of DCM-GIFT on multiple datasets published at the Canadian Institute for Cybersecurity, the area under the accuracy, precision, recall and $F{1}_{measure}$. The results show that the proposed DCM-GIFT model has significantly better prediction performance compared to other software classification models.

Conclusion:

It can be concluded that: (1) In terms of accuracy, precision, recall and $F{1}_{measure}$, the DCM-GIFT model has a higher average value. (2) The DCM-GIFT model effectively solves the problem of imbalanced classification results in Android software. (3) The DCM-GIFT model achieves the goal of dynamic feature fusion and significantly improves the utilization of system resources.

Software architecture has been shown to provide an appropriate level of granularity for representation of a managed software system and reasoning about the impact of adaptation choices on its properties. Software architecture-based adaptability is the ability to adapt a software system in terms of its architectural elements, such as its components and their interfaces. Despite its promise, architecture-based adaptation has remained largely elusive, mainly because it involves heavy engineering effort of making non-trivial changes to the manner in which a software system is implemented. In this paper, we present Acadia—a framework that automatically enables architecture-based adaptation of practically any Java 9+ application without requiring any changes to the implementation of the application itself. Acadia builds on the Java Platform Module System (JPMS), which has brought extensive support for architecture-based development to Java 9 and subsequent versions. Acadia extends JPMS with the ability to provide and maintain a representation of an application’s architecture and make changes to it at runtime. The results of our experimental evaluation, conducted on three large open-source Java applications, indicate that Acadia is able to efficiently apply dynamic changes to the architecture of these applications without requiring any changes to their implementation.

Context:

Human-centric software design and development prioritises the way users prefer to complete their jobs, rather than expecting users to adapt to the software. Software users can have different genders, ages, cultures, languages, disabilities, socioeconomic statuses, and educational backgrounds, among many other differences. Due to the inherently varied nature of these differences and their impact on software usage, preferences and issues of users can vary, resulting in user-specific defects that we term as ‘human-centric defects’ (HCDs).

Objective:

This research aims to understand the perception and current management practices of such HCDs by software practitioners, identify key challenges in reporting, understanding and fixing them, and provide recommendations to improve HCDs management in software engineering.

Methods:

We conducted a survey and interviews with software engineering practitioners to gauge their knowledge and experience on HCDs and the defect tracking process.

Results:

We analysed fifty (50) survey- and ten (10) interview-responses from SE practitioners and identified that there are multiple gaps in the current management of HCDs in software engineering practice. There is a lack of awareness regarding human-centric aspects, causing them to be lost or under-appreciated during software development. Our results revealed that handling HCDs could be improved by following a better feedback process with end-users, a more descriptive taxonomy, and suitable automation.

Conclusion:

HCDs, given their diverse end-user base, present a major challenge to software practitioners. In the software engineering domain, research on HCDs has been limited and requires effort from research and practice communities to create awareness and support for human-centric aspects.