Article
Computer Science, Software Engineering
Thomas Bock, Claus Hunsen, Mitchell Joblin, Sven Apel
Summary: Mailing lists are essential for coordinating developers in open-source projects. This study proposes two methods for studying synchronization between collaboration and communication activities from a higher-level perspective, and finds that a higher-level view on developer coordination leads to stronger statistical dependence between technical activities.
AUTOMATED SOFTWARE ENGINEERING
(2022)
Article
Computer Science, Software Engineering
Wolfgang Mauerer, Mitchell Joblin, Damian A. Tamburri, Carlos Paradis, Rick Kazman, Sven Apel
Summary: This study investigates the impact of socio-technical congruence on software quality through a large-scale empirical study, finding no statistical relationship between socio-technical congruence and project quality measures.
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
(2022)
Article
Computer Science, Software Engineering
Mitchell Joblin, Barbara Eckl, Thomas Bock, Angelika Schmid, Janet Siegmund, Sven Apel
Summary: Despite the absence of a formal process and a central command-and-control structure, developer organization in open-source software (OSS) projects are not random. Highly successful OSS projects develop a hybrid organizational structure, with hierarchical and non-hierarchical parts. Developers' positions transition from the non-hierarchical part to the hierarchical part as they gain experience and engage in coordination and coding activities.
ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
(2023)
Article
Computer Science, Software Engineering
Binny M. Samuel, Hillol Bala, Sherae Daniel, V Ramesh
Summary: This study explores collaboration norms in organizations OSS (orgsOSS) and uncovers that developers in orgsOSS do not always adhere to traditional ideals of widespread sharing and participation. However, certain developer and task characteristics can influence the promotion of these ideals, providing important insights for future orgsOSS projects and other similarly structured software development projects.
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
(2022)
Article
Computer Science, Artificial Intelligence
Siqi Sun, Cheng Huang, Tiejun Wu, Yi Shen
Summary: With the increasing complexity of cyberattacks, multistage combination attacks have become the primary method of attack. This research proposes an automated knowledge graph construction architecture for open-source security tools, which fills a gap in the field of automated security tools' knowledge extraction.
INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS
(2023)
Article
Computer Science, Software Engineering
Moses Openja, Mohammad Mehdi Morovati, Le An, Foutse Khomh, Mouna Abidi
Summary: This paper investigates the distribution and evolution of technical debts in quantum software and their relationship with fault occurrences. The study finds that quantum software suffers from issues such as code convention violation, error-handling, and code design.
JOURNAL OF SYSTEMS AND SOFTWARE
(2022)
Article
Computer Science, Software Engineering
Rajdeep Kaur, Kuljit Kaur Chahal
Summary: This paper examines the impact of developer and project-related factors on developer abandonment in OSS projects. The findings show that developer experience, role, and joining date have an influence on whether developers abandon the projects, while coding language does not have a definite impact.
JOURNAL OF SOFTWARE-EVOLUTION AND PROCESS
(2022)
Article
Computer Science, Software Engineering
Mitchell Joblin, Sven Apel
Summary: Software development intersects the social and technical realms, and a socio-technical perspective provides rich information about a project's state and success. By classifying networks and using network analysis, we can compare and predict outcomes of software projects and identify key factors associated with success.
ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
(2022)
Review
Multidisciplinary Sciences
Binish Raza, Rodina Ahmad, Mohd H. N. M. Nasir, Shukor S. M. Fauzi, Muhammad A. Raza
Summary: Software development relies on team coordination, with social-technical congruence (STC) being a key technique to measure alignment. A systematic literature review (SLR) identified the need for further research on STC, including risk issues, measurement techniques, and development factors.
KUWAIT JOURNAL OF SCIENCE
(2022)
Article
Information Science & Library Science
Jiang Wu, Xiao Huang, Bin Wang
Summary: This study is the first attempt to consider the network metrics in both module networks of the technical sub-system and developer networks of the social sub-system to better understand their influences on project success.
INFORMATION TECHNOLOGY & PEOPLE
(2023)
Review
Computer Science, Information Systems
Binish Raza, Rodina Ahmad, Mohd Hairul Nizam Bin Md Nasir, Shukor Sanim Mohd Fauzi
Summary: This study conducts an analysis of STC literature, explores evolutionary trajectories, and performs scientometric analysis to reveal the research status and trends of STC, aiding software practitioners in identifying key research areas and applications. Results demonstrate the evolution of the STC field from its conception to recent developments, highlighting major research themes and structures in the community.
Article
Engineering, Electrical & Electronic
Zuo Xiang, Sreekrishna Pandi, Juan Cabrera, Fabrizio Granelli, Patrick Seeling, Frank H. P. Fitzek
Summary: Communication networks are undergoing tremendous changes with the introduction of softwareization technologies like NFV and SDN. Well-defined environments are crucial for effective testing and evaluation of protocols and mechanisms that integrate computing into networks.
IEEE COMMUNICATIONS MAGAZINE
(2021)
Article
Information Science & Library Science
Mario Schaarschmidt
Summary: This research explores the impact of resource deployment control on opinion leadership, and finds that developers who are assigned to an OSS project and perceive control also exhibit opinion leadership. The study also investigates the influence of the firm's OSS business model and developers' perception of their employer's reputation.
INFORMATION TECHNOLOGY & PEOPLE
(2023)
Article
Environmental Sciences
Kenneth W. Chapman, Troy E. Gilmore, Christian D. Chapman, Francois Birgand, Aaron R. Mittlestet, Mary J. Harner, Mehrube Mehrubeoglu, John E. Jr Jr Stranzl
Summary: Image-based water level measurement software provides data quality assurance and automates the detection and measurement of water levels, with potential accuracy of +/- 3 mm despite environmental factors affecting field deployment.
WATER RESOURCES RESEARCH
(2022)
Article
Business
Rajesh Rajaguru, Margaret Jekanyika Matanda, Prikshat Verma
Summary: Organizations integrate information systems with their channel partners to improve forecasting capabilities and respond to changes in consumers and the market. This study examines the role of perceived socio-technical congruence in enhancing the effects of inter-organisational information systems integration on forecast information quality and market responsiveness.
TECHNOLOGICAL FORECASTING AND SOCIAL CHANGE
(2023)
Article
Computer Science, Software Engineering
Yongqiang Tian, Shiqing Ma, Ming Wen, Yepang Liu, Shing-Chi Cheung, Xiangyu Zhang
Summary: This study proposes a metamorphic testing approach to assess unreliable inferences in deep neural network models, finding that these unreliable inferences significantly degrade the overall accuracy of the models. Recommendations are made for developers to pay more attention to this issue during model evaluations.
EMPIRICAL SOFTWARE ENGINEERING
(2021)
Article
Computer Science, Artificial Intelligence
Divya Saxena, Tarun Kulshrestha, Jiannong Cao, Shing-Chi Cheung
Summary: In this paper, a novel multi-constraint adversarial model (MCGAN) is proposed for unsupervised image-to-image translation. The model utilizes multiple adversarial constraints applied at the generator's multi-scale outputs to capture large discrepancies in appearance between two domains. Experimental results on public datasets (cat-to-dog, horse-to-zebra, and apple-to-orange) demonstrate that the proposed method significantly improves state-of-the-arts.
IEEE TRANSACTIONS ON IMAGE PROCESSING
(2022)
Article
Computer Science, Software Engineering
Ying Wang, Yibo Wang, Sinan Wang, Yepang Liu, Chang Xu, Shing-Chi Cheung, Hai Yu, Zhiliang Zhu
Summary: Android introduces a new permission model for runtime permissions, which presents challenges for app developers. Existing studies on runtime permission issues are still limited, and there is a need for comprehensive understanding and effective detection techniques. This study analyzes the common types of ARP issues in Android apps, their manifestations, pervasiveness, and fixes. The researchers also evaluate existing tools and identify their limitations for detecting ARP issues.
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
(2023)
Article
Computer Science, Software Engineering
Ming Wen, Junjie Chen, Yongqiang Tian, Rongxin Wu, Dan Hao, Shi Han, Shing-Chi Cheung
Summary: SBFL techniques have been proven effective in fault localization, but are limited by unclear root causes and lack of differentiation between buggy and non-buggy entities. To address these issues, HSFL leverages version history information for fault localization, resulting in significant performance improvement.
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
(2021)
Article
Computer Science, Software Engineering
Jialun Cao, Meiziniu Li, Yeting Li, Ming Wen, Shing-Chi Cheung, Haiming Chen
Summary: Machine translation has wide applications in daily life, but incorrect translation can have serious consequences. To address the testing problem of machine translation systems, this article proposes an automatic testing approach based on semantic similarity checking. Experimental comparisons show that the proposed method outperforms existing techniques, and the possibility of further performance improvement is studied. A solution to locate problems is also discussed.
ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
(2022)
Article
Computer Science, Software Engineering
Ying Wang, Peng Sun, Lin Pei, Yue Yu, Chang Xu, Shing-Chi Cheung, Hai Yu, Zhiliang Zhu
Summary: There are vulnerabilities in the npm ecosystem, and 20% of the packages still have potential vulnerabilities even though the involved vulnerable packages have published fix versions. Previous studies showed that the propagation speed of fix versions is influenced by various factors, but how to design an effective technique to accelerate the propagation of vulnerability fixes remains an open question. Therefore, this paper conducted an empirical study to investigate the characteristics of packages that block the propagation of vulnerability fixes and proposed a technique called Plumber to boost the propagation of vulnerability fixes.
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
(2023)
Article
Computer Science, Software Engineering
Jiahao He, Shuangyin Li, Xinming Wang, Shing-Chi Cheung, Gansen Zhao, Jinji Yang
Summary: Millions of smart contracts have been deployed on the Ethereum platform, making them vulnerable to attacks. Analyzing contract binaries is crucial due to the lack of access to their source code, and it involves identifying function entries and detecting their boundaries. However, identifying functions from stripped contract binaries is challenging due to the absence of internal function call statements and compiler-induced instruction reshuffling.
JOURNAL OF SYSTEMS AND SOFTWARE
(2023)
Article
Computer Science, Software Engineering
Wuqi Zhang, Lili Wei, Shing-Chi Cheung, Yepang Liu, Shuqing Li, Lu Liu, Michael R. R. Lyu
Summary: In this study, an effective algorithm is designed to mine real-world front-running attacks on the blockchain, and an automated and scalable vulnerability localization approach is proposed. A benchmark consisting of 513 real-world attacks with vulnerable code labeled in 235 smart contracts is built, and seven state-of-the-art vulnerability detection techniques are empirically evaluated. The evaluation reveals the inadequacy of existing techniques in detecting front-running vulnerabilities, with a low recall of 6.04%.
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
(2023)
Proceedings Paper
Computer Science, Software Engineering
Huaxun Huang, Ming Wen, Lili Wei, Yepang Liu, Shing-Chi Cheung
Summary: The study found common patterns of Android framework code changes that can induce configuration compatibility issues. CONFDROID successfully extracts rules for detecting configuration compatibility issues, leading to the detection of numerous issues that cannot be found by current baselines.
2021 36TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING ASE 2021
(2021)
Proceedings Paper
Computer Science, Software Engineering
Lu Liu, Lili Wei, Wuqi Zhang, Ming Wen, Yepang Liu, Shing-Chi Cheung
Summary: Smart contracts, programs stored on blockchains for executing transactions, often utilize transaction-reverting statements for authority verifications and validity checks to ensure security. However, current smart contract security analyzers struggle to effectively handle such statements when detecting vulnerabilities. Further research is needed to understand the practical use and impact of transaction-reverting statements in smart contracts for improved quality assurance.
2021 36TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING ASE 2021
(2021)
Proceedings Paper
Computer Science, Software Engineering
Wuqi Zhang, Lali Wei, Shuqing Li, Yepang Liu, Shing-Chi Cheung
Summary: Since the emergence of Ethereum, blockchain-based decentralized applications (DApps) have become increasingly popular and important. In this work, the challenges of synchronizing on-chain and off-chain data in Ethereum-based DApps are investigated. Two types of bugs that could result in inconsistencies between the on-chain and off-chain layers are presented. To help detect such bugs, a state transition model is introduced to guide the testing of DApps and two effective oracles are proposed for bug identification. The testing framework, DArcher, achieves high precision, recall, and accuracy in bug detection and has found and confirmed real bugs in popular DApps.
PROCEEDINGS OF THE 29TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING (ESEC/FSE '21)
(2021)
Proceedings Paper
Computer Science, Software Engineering
Qingchao Shen, Haoyang Ma, Junjie Chen, Yongqiang Tian, Shing-Chi Cheung, Xiang Chen
Summary: DL compilers are being used more and more to optimize code performance, but they can also introduce bugs that may cause unexpected model behavior. Research shows that around 20% of DL compiler bugs are related to types, leading to the development of new mutation operators and valuable guidelines for detection and debugging. This systematic study provides insights into the characteristics of DL compiler bugs and offers practical solutions for improving future work in this area.
PROCEEDINGS OF THE 29TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING (ESEC/FSE '21)
(2021)
Proceedings Paper
Computer Science, Information Systems
Yeting Li, Zixuan Chen, Jialun Cao, Zhiwu Xu, Qiancheng Peng, Haiming Chen, Liyuan Chen, Shing-Chi Cheung
Summary: ReDoSHunter is a reliable framework for detecting ReDoS-vulnerable regexes, which can accurately pinpoint multiple vulnerabilities and generate attack-triggering string examples. The framework achieves 100% precision and recall on multiple large datasets, outperforming other techniques significantly.
PROCEEDINGS OF THE 30TH USENIX SECURITY SYMPOSIUM
(2021)
Proceedings Paper
Computer Science, Software Engineering
Ying Wang, Liang Qiao, Chang Xu, Yepang Liu, Shing-Chi Cheung, Na Meng, Hai Yu, Zhiliang Zhu
Summary: The Go programming language (Golang) has been well received due to its library-based development support, but issues with dependency management arise from heterogeneous use of library-referencing modes. Through an empirical study and development of the HERO technique, detection and resolution of multiple dependency management issues have been achieved, improving software quality and stability.
2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2021)
(2021)
Proceedings Paper
Computer Science, Software Engineering
Yeting Li, Shuaimin Li, Zhiwu Xu, Jialun Cao, Zixuan Chen, Yun Hu, Haiming Chen, Shing-Chi Cheung
Summary: TRANSREGEX is a tool that automatically constructs regexes from natural language descriptions and examples, achieving higher accuracy than traditional NI.P-based methods and state-of-the-art multi-modal techniques. The evaluation results show that TRANSREGEX effectively utilizes natural language and examples.
2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2021)
(2021)
Review
Computer Science, Software Engineering
Orvila Sarker, Asangi Jayatilaka, Sherif Haggag, Chelsea Liu, M. Ali Babar
Summary: This study provides a comprehensive view of the challenges and critical success factors in the design, implementation, and evaluation stages of phishing education, training, and awareness (PETA). The findings highlight the need to address human-centric issues, bridge users' knowledge gaps, and adopt personalized approaches to enhance defense against phishing attacks.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Carlos Araujo, Meuse Oliveira Jr., Bruno Nogueira, Paulo Maciel, Eduardo Tavares
Summary: This paper proposes a method based on stochastic Petri nets for evaluating the consistency levels of storage systems based on NoSQL DBMS. The method takes into account different consistency levels and redundant nodes, and estimates the system's availability, throughput, and the probability of accessing the newest data. Experimental results demonstrate the practical feasibility of this approach.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Review
Computer Science, Software Engineering
L. Giamattei, A. Guerriero, R. Pietrantuono, S. Russo, I. Malavolta, T. Islam, M. Dinga, A. Koziolek, S. Singh, M. Armbruster, J. M. Gutierrez-Martinez, S. Caro-Alvaro, D. Rodriguez, S. Weber, J. Henss, E. Fernandez Vogelin, F. Simon Panojo
Summary: This article presents the results of a systematic study on the available monitoring tools for DevOps and microservices. It provides a classification and analysis of these tools, aiming to be a useful reference for researchers and practitioners in this field.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Jessica Diaz, Jorge Perez, Isaque Alves, Fabio Kon, Leonardo Leite, Paulo Meirelles, Carla Rocha
Summary: This paper presents empirical research on the structure of DevOps teams in software-producing organizations to better understand the organizational structure and characteristics of teams adopting DevOps. A theory of DevOps taxonomies is built through analysis, and its consistency with other taxonomies is tested.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Sinan Sigurd Tanilkan, Jo Erskine Hannay
Summary: When deciding to develop new software, it is important to have a clear understanding of the intended benefits. However, our research shows that stakeholders' understanding of benefits often fluctuates during the development process, leading to uncertainty. Therefore, we recommend focusing on helping practitioners embrace changes in their understanding of benefits.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Pingyan Wang, Shaoying Liu, Ai Liu, Wen Jiang
Summary: This paper presents an approach that combines static analysis tools and manual audits to effectively detect various types of security vulnerabilities. By using a special Petri net representation, the proposed method is able to assist in the detection of taint-style vulnerabilities.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Edgar Sarmiento-Calisaya, Julio Cesar Sampaio do Prado Leite
Summary: This research introduces an automated requirements analysis approach that combines natural language processing, Petri-nets, and visualization techniques to improve the quality of scenario-based specifications, identify defects, and anticipate inconsistencies.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Jian Hu
Summary: This paper proposes a two-stage trace matrix optimization method for fault localization, which addresses the challenges of coincidental correctness and data imbalance in the current trace matrix. Through extensive experiments, significant improvements in fault localization effectiveness are demonstrated.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Fan Zhang, Manman Peng, Yuanyuan Shen, Qiang Wu
Summary: This study proposes a novel method called HFEDR that utilizes the hierarchical features of Transformer models and reorganizes training data to improve code search performance. Experimental results demonstrate the effectiveness and rationality of the proposed approach.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Tong Wang, Bixin Li
Summary: Software architecture erosion has a negative impact on software quality, performance, and evolution cost. This paper proposes an approach called EsArCost to locate the causes of architecture erosion and estimate the repair cost of each erosion problem. Experimental results show that EsArCost can effectively and efficiently estimate repair costs.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Xiajing Wang, Rui Ma, Wei Huo, Zheng Zhang, Jinyuan He, Chaonan Zhang, Donghai Tian
Summary: This paper proposes a new potential-aware fuzzing scheme called SYNTONY that measures seed potential using multiple objectives and prioritizes promising seeds to increase the number of unique crashes and coverage. Experimental results show that SYNTONY outperforms other fuzzing tools and has high compatibility and expansibility.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Stefano Lambiase, Gemma Catolino, Fabiano Pecorelli, Damian A. Tamburri, Fabio Palomba, Willem-Jan van den Heuvel, Filomena Ferrucci
Summary: This paper contributes to the existing body of knowledge on factors affecting productivity in software development by studying the cultural and geographical dispersion of a development community. The results show that cultural and geographical dispersion significantly impact productivity, suggesting that managers and practitioners should consider these aspects throughout the software development lifecycle.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Elaine Venson, Bradford Clark, Barry Boehm
Summary: The software industry has been under pressure to adopt security practices and reduce software vulnerabilities. This study quantifies the effort required to develop secure software in increasing levels of rigor and scope and provides validated cost multipliers for practitioners to estimate proper resources for adopting security practices.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Yangyang Zhao, Mingyue Jiang, Yibiao Yang, Yuming Zhou, Hanjie Ma, Zuohua Ding
Summary: Previous studies have ignored the potential associations between modules involved in the same defect, and this comprehensive study explores the implications of intra-defect associations for defect prediction. The majority of defects occur across functions, with implicit dependencies between the modules. By considering intra-defect associations and merging modules, the proposed data processing approach significantly improves defect prediction performance.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)
Article
Computer Science, Software Engineering
Meira Levy, Irit Hadar
Summary: This research sheds new light on how students learn and practice hybrid work in educational settings through two educational studies. The findings show the benefits of new educational programs in fostering empathy and innovation among students, while also highlighting the challenges and opportunities in addressing real challenges.
JOURNAL OF SYSTEMS AND SOFTWARE
(2024)