Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleDecember 2023
Test flakiness’ causes, detection, impact and responses: A multivocal review
Journal of Systems and Software (JSSO), Volume 206, Issue Chttps://doi.org/10.1016/j.jss.2023.111837AbstractFlaky tests (tests with non-deterministic outcomes) pose a major challenge for software testing. They are known to cause significant issues, such as reducing the effectiveness and efficiency of testing and delaying software releases. In recent ...
Highlights- A detailed multivocal review of flaky tests in research and practice.
- Most studies covering test flakiness have focused more on Java.
- Flakiness due to test order dependency and concurrency are widely studied.
- Dynamic rerun-...
- research-articleNovember 2024
On the Security Blind Spots of Software Composition Analysis
SCORED '24: Proceedings of the 2024 Workshop on Software Supply Chain Offensive Research and Ecosystem DefensesPages 77–87https://doi.org/10.1145/3689944.3696165Modern software heavily relies on the use of components. Those components are usually published in central repositories, and managed by build systems via dependencies. Due to issues around vulnerabilities, licenses, and the propagation of bugs, the study ...
- short-paperOctober 2022
A study of single statement bugs involving dynamic language features
ICPC '22: Proceedings of the 30th IEEE/ACM International Conference on Program ComprehensionPages 494–498https://doi.org/10.1145/3524610.3527883Dynamic language features are widely available in programming languages to implement functionality that can adapt to multiple usage contexts, enabling reuse. Functionality such as data binding, object-relational mapping and user interface builders can ...
- ArticleOctober 2021
Caught in the Web: DoS Vulnerabilities in Parsers for Structured Data
AbstractWe study a class of denial-of-service (DoS) vulnerabilities that occur in parsing structured data. These vulnerabilities enable low bandwidth DoS attacks with input that causes algorithms to execute in disproportionately large time and/or space. ...
- research-articleJanuary 2021
A hybrid analysis to detect Java serialisation vulnerabilities
ASE '20: Proceedings of the 35th IEEE/ACM International Conference on Automated Software EngineeringPages 1209–1213https://doi.org/10.1145/3324884.3418931Serialisation related security vulnerabilities have recently been reported for numerous Java applications. Since serialisation presents both soundness and precision challenges for static analysis, it can be difficult for analyses to precisely pinpoint ...
- research-articleJune 2017
On the construction of soundness oracles
SOAP 2017: Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program AnalysisPages 37–42https://doi.org/10.1145/3088515.3088520One of the inherent advantages of static analysis is that it can create and reason about models of an entire program. However, mainstream languages such as Java use numerous dynamic language features designed to boost programmer productivity, but these ...
