Automated Software Engineering最新文献

Software model optimization is a process that automatically generates design alternatives aimed at improving quantifiable non-functional properties of software systems, such as performance and reliability. Multi-objective evolutionary algorithms effectively help designers identify trade-offs among the desired non-functional properties. To reduce the use of computational resources, this work examines the impact of implementing a search budget to limit the search for design alternatives. In particular, we analyze how time budgets affect the quality of Pareto fronts by utilizing quality indicators and exploring the structural features of the generated design alternatives. This study identifies distinct behavioral differences among evolutionary algorithms when a search budget is implemented. It further reveals that design alternatives generated under a budget are structurally different from those produced without one. Additionally, we offer recommendations for designers on selecting algorithms in relation to time constraints, thereby facilitating the effective application of automated refactoring to improve non-functional properties.

Bug localization (BL) is known as one of the major steps in the program repair process, which generally seeks to find a set of commands causing a program to crash or fail. At the present time, locating bugs and their sources quickly seems to be impossible as the complexity of modern software development and scaling is soaring. Accordingly, there is a huge demand for BL techniques with minimal human intervention. A graph representing source code typically encodes valuable information about both the syntactic and semantic structures of programs. Many software bugs are associated with these structures, making graphs particularly suitable for bug localization (BL). Therefore, the key contributions of this work involve labeling graph nodes, classifying these nodes, and addressing imbalanced classifications within the graph data structure to effectively locate bugs in code. A graph-based bug classifier is initially introduced in the method proposed in this paper. For this purpose, the program source codes are mapped to a graph representation. Since the graph nodes do not have labels, the Gumtree algorithm is then exploited to label them by comparing the buggy graphs and the corresponding bug-free ones. Afterward, a trained, supervised node classifier, developed based on a graph neural network (GNN), is applied to classify the nodes into buggy or bug-free ones. Given the imbalance in the data, accuracy, precision, recall, and F1-score metrics are used for evaluation. Experimental results on identical datasets show that the proposed method outperforms other related approaches. The proposed approach effectively localizes a broader spectrum of bug types, such as undefined properties, functional bugs, variable naming errors, and variable misuse issues.

Code watermarking has gained increasing attention for tracing the provenance of code with the rapid growth of the open-source community. Existing work on code watermarking has shown promising results yet still falls short, especially when a multi-bit watermark for encoding diverse information is required. In this paper, we propose DWC, a novel code watermarking method with highly watermark capacity. The key idea of DWC is to first decompose the code into natural and formal channels, then embed the watermark separately into each channel based solely on its respective information. As such, DWC reduces the mutual interference between these two channels and the impacts of irrelevant information within the code, thus enabling more effective transformations for embedding watermarks with higher capacity and robustness. Our extensive experiments on source code snippets in four programming languages (C, C++, Java, and Python) demonstrate the effectiveness, efficiency, and capability of DWC in embedding multi-bit watermarks, as well as the utility and robustness of the watermarked code it generates.

Structured Query Language (SQL) is a standard language for interacting with relational databases and is widely used across various information systems, either through direct query execution or via object-relational mapping (ORM) frameworks. Recent approaches have focused on converting natural language into SQL to simplify database development for users without programming expertise. However, these methods overlook direct translation from sign language—an essential modality for users such as the deaf community who may lack experience with SQL syntax. In this paper, we present SIGN2SQL, an innovative end-to-end framework that generates SQL queries from signed input. The system first employs a dedicated gesture recognition module to interpret the visual signals, followed by a convolutional neural network (CNN)-based model that produces the corresponding SQL statements. Trained on a well-annotated dataset, SIGN2SQL is evaluated against multiple pipeline-based baselines. Experimental results demonstrate that SIGN2SQL outperforms existing methods in both effectiveness and efficiency, particularly for SELECT statements with WHERE clauses. It achieves an execution accuracy of 89.8%, highlighting its potential as an accessible and inclusive database interaction interface.

Graph Neural Networks (GNNs) have demonstrated remarkable efficacy in handling graph-structured data; however, they exhibit failures after deployment, which can cause severe consequences. Hence, conducting thorough testing before deployment becomes imperative to ensure the reliability of GNNs. However, thorough testing requires numerous manually annotated test data. To mitigate the annotation cost, strategically prioritizing and labeling high-quality unlabeled inputs for testing becomes crucial, which facilitates uncovering more model failures with a limited labeling budget. Unfortunately, existing test input prioritization techniques either overlook the valuable information contained in graph structures or are overly reliant on attributes extracted from the target model, i.e., model-aware attributes, whose quality can vary significantly. To address these issues, we propose a novel test input prioritization framework, named GraphRank, for GNNs. GraphRank introduces model-agnostic attributes to compensate for the limitations of the model-aware ones. It also leverages the graph structure information to aggregate attributes from neighboring nodes, thereby enhancing the model-aware and model-agnostic attributes. Furthermore, GraphRank combines the above attributes with a binary classifier, using it as a ranking model to prioritize inputs. This classifier undergoes iterative training, which enables it to learn from each round’s feedback and improve its performance accordingly. Extensive experiments demonstrate GraphRank’s superiority over existing techniques.

Function Point Analysis (FPA) is a method in software engineering that focuses on identifying the functions provided by a software system to users, such as data input, processing, output, and database management. These functions are classified according to complexity to quantify the system’s size in functional point units. In this paper, we propose two graph neural networks: a Graph-based Similarity Detection Neural Network (GSDNN) and a Prior-Structural Information Graph Neural Network (PSI-GNN) with a pre-trained layer using transfer learning, to define the best model for functional size prediction and uncover patterns and trends in data. Additionally, the NESMA (Netherlands Software Metrics Users Association) method, from the functional families approach, will be in focus, where the ISBSG (International Software Benchmarking Standards Group) dataset, which provides standardized and relevant data for comparing software performance, was used to analyze 1704 industrial software projects. The goal was to identify the graph architecture with the smallest number of experiments to be performed and the lowest Mean Magnitude Relative Error (MMRE) using orthogonal-array tuning optimization via Latin Square extraction. In the proposed approach, the number of experiments is fewer than 8 for each dataset, and a minimum MMRE value of 0.97% was obtained using PSI-GNN. Additionally, the impact of five input features on the change in MMRE value was analyzed with the top-performing model, employing the SHAP (SHapley Additive exPlanations) feature importance method, visualized through GraphExplainer. The frequency of user-initiated transactions, quantified technically, emerged as the most significant determinant within the NESMA framework.

Anomaly detection in software logs is crucial for development and maintenance, allowing timely identification of system failures and ensuring normal operations. Although recent deep learning advancements in log anomaly detection have shown exceptional performance, the reliance on time-consuming log parsers raises concerns about their necessity for quickly identifying anomalies. Standardized preprocessing methods can mishandle or lose important information. Additionally, the significant imbalance between normal and anomalous log data, along with the scarcity of labeled data, presents a persistent challenge in anomaly detection. We first evaluated the impact of omitting a log parser on anomaly detection models. Subsequently, we propose LogRoBERTa, an innovative anomaly detection model that eliminates the need for a parser. LogRoBERTa creates a stable and diverse labeled training set using the Determinantal Point Process (DPP) method, needing only a small amount of labeled data. The hybrid language model is based on RoBERTa’s architecture, combined with an attention-based BiLSTM. This setup leverages RoBERTa’s strong contextual understanding and BiLSTM’s capability to capture sequential dependencies, enhancing performance in complex log sequences. Experiments on four widely used datasets demonstrate that LogRoBERTa outperforms state-of-the-art benchmark models—including three fully supervised approaches—without relying on a dedicated log parser. Furthermore, its consistently strong performance on low-resource datasets highlights its robustness and generalizability across varying data conditions. These results validate the overall effectiveness of LogRoBERTa’s design and offer a thorough evaluation of the implications of bypassing a log parser. Additionally, our ablation studies and training set construction experiments further confirm the contributions of each individual component to the model’s performance. The study empirically validated that a RoBERTa-based approach effectively handles software log anomaly detection in long and complex log sequences, providing a more efficient and robust solution for omitting a parser compared to existing models.

Bug report summarization aims to generate concise and accurate descriptions to help developers understand and maintain. The existing methodologies prioritize simplifying reporting content but fail to provide a structured and well-rounded description of bugs, limiting developers’ understanding efficiency. In this paper, we leverage large language models (LLMs) to generate detailed, multi-dimensional summaries. Our intuition is based on the following facts: (1) LLMs establish robust semantic connections through extensive pre-training on paired data; (2) Real-world bug reports contain multi-dimensional information. We propose the Bug Report Multi-Dimensional Summary (BRMDS) approach, defining five dimensions: environment, actual behavior, expected behavior, bug category, and solution suggestions, and use specific instructions for each dimension to guide LLM in Parameter Efficient Fine-Tuning (PEFT). We construct a dataset in multi-dimensional information for PEFT and experimental evaluation, thereby addressing the gaps in existing datasets within this domain. The experimental results show that multi-dimensional summaries enhance developers’ understanding of bug reports. BRMDS approach outperforms baseline approaches in both automatic and human evaluations. Our datasets are publicly available at https://github.com/yunjua/bug-reports-multi-dimensional.

Pre-trained models of code have shown significant effectiveness in a variety of software engineering tasks, but they are difficult for local deployment due to their large size. Existing works mainly focus on compressing these large models into small models to achieve similar performance and efficient inference. However, it is ignored that the small models should be robust enough to deal with adversarial examples that make incorrect predictions to users. Knowledge distillation techniques typically transform the model compression problem into a combinatorial optimization problem of the student architecture space to achieve the best student model performance. But they can only improve the robustness of the student model to a limited extent through traditional adversarial training. This paper proposes PIONEER (ImProvIng the RObustness of StudeNt ModEls WhEn CompRessing Code Models), a novel knowledge distillation technique that enhances the robustness of the student model without requiring adversarial training. PIONEER incorporates robustness evaluation during distillation to guide the optimization of the student model architecture. By using the probability distributions of original examples and adversarial examples as soft labels, the student model learns the features of both the original samples and adversarial examples during training. We conduct experimental evaluations on two downstream tasks (vulnerability prediction and clone detection) for the three models (CodeBERT, GraphCodeBERT, and CodeT5). We utilize PIONEER to compress six downstream task models to small (3 MB) models that are 206(times) smaller than the original size. The results show that compressed models reduce the inference latency (76(times)) and improve the robustness of the model (87.54%) with negligible loss of effectiveness (1.67%).

Reinforcement learning (RL) is increasingly applied in areas such as gaming, robotic control, and autonomous driving. Like to deep learning, RL systems also encounter failures during operation. However, RL differs from deep learning in terms of its error causes and symptom manifestations. What are the differences in error causes and symptoms between RL and deep learning? How are RL errors and their symptoms related? Understanding the symptoms and causes of RL failures can advance research on RL failure detection and repair. In this paper, we conducted a comprehensive empirical study by collecting 1,155 error reports from the popular Q&A forum Stack Overflow and four GitHub repositories: baselines, stable-baselines3, tianshou and keras-rl. We analyzed the root causes and symptoms of these failures and examined the differences in resolution times across various root causes. Additionally, we analyzed the correlations between causes and symptoms. Our study yielded 14 key findings, and six implications for developing RL detection and failure repair tools. Our work is the first to integrate LLM-based analysis with manual validation for RL bug studies, providing actionable insights for tool development and testing strategies.