Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- ArticleJuly 2024
Fuzzing for Stateful Protocol Implementations: Are We There Yet?
Theoretical Aspects of Software EngineeringJul 2024, Pages 186–204https://doi.org/10.1007/978-3-031-64626-3_11AbstractStateful protocols, such as FTP, SIP, and RTSP, play a significant role in computer systems. However, their implementation is prone to security vulnerabilities, which have drawn attention from both industry and academia. Various fuzzing techniques,...
- research-articleJuly 2024
CLUE: Customizing clustering techniques using machine learning for software modularization
Internetware '24: Proceedings of the 15th Asia-Pacific Symposium on InternetwareJuly 2024, Pages 189–198https://doi.org/10.1145/3671016.3674816Software clustering is often used as a remodularization and architecture recovery technique to help developers simplify software maintenance tasks and ease the burden of software comprehension. While the choice of clustering technique can significantly ...
- research-articleJuly 2024
Does using Bazel help speed up continuous integration builds?
Empirical Software Engineering (KLU-EMSE), Volume 29, Issue 5Sep 2024https://doi.org/10.1007/s10664-024-10497-xAbstractA long continuous integration (CI) build forces developers to wait for CI feedback before starting subsequent development activities, leading to time wasted. In addition to a variety of build scheduling and test selection heuristics studied in the ...
- research-articleJuly 2024
Evaluating the effectiveness of size-limited execution trace with near-omniscient debugging
Science of Computer Programming (SCPR), Volume 236, Issue CSep 2024https://doi.org/10.1016/j.scico.2024.103117AbstractDebugging is an important task to identify the defects in the software. Especially, logging is an important feature of a software system to record runtime information. Detailed logging allows developers to collect run-time information when they ...
Highlights- Effectiveness evaluation of near-omniscient debugging with 831 actual bugs.
- Keeping the majority of infected states.
- Predictable trace size from the number of methods.
- Reducing execution time significantly when all tests are ...
- research-articleJuly 2024
Revisiting Code Smell Severity Prioritization using learning to rank techniques
Expert Systems with Applications: An International Journal (EXWA), Volume 249, Issue PASep 2024https://doi.org/10.1016/j.eswa.2024.123483AbstractCode Smell Severity Prioritization (CSSP) is crucial in helping software developers minimize software maintenance costs and enhance software quality, particularly when faced with limited refactoring resources. Traditional code smell ...
-
- research-articleJuly 2024Distinguished Paper
Static Application Security Testing (SAST) Tools for Smart Contracts: How Far Are We?
Proceedings of the ACM on Software Engineering (PACMSE), Volume 1, Issue FSEArticle No.: 65, Pages 1447–1470https://doi.org/10.1145/3660772In recent years, the importance of smart contract security has been heightened by the increasing number of attacks against them. To address this issue, a multitude of static application security testing (SAST) tools have been proposed for detecting ...
- research-articleJuly 2024
The never-ending story–How companies transition to and sustain continuous software engineering practices
Journal of Systems and Software (JSSO), Volume 213, Issue CJul 2024https://doi.org/10.1016/j.jss.2024.112056Highlights- Software organizations follow unique paths to Continuous Software Engineering (CSE).
- The CSE infrastructure is not stable but continuously evolves.
- Infrastructure and infrastructuring helps understand and address CSE dynamics.
- ...
– There is increasing interest in Continuous Software Engineering (CSE) among practitioners and researchers. CSE addresses the need to increase flexibility and short release cycles, especially when augmenting software as a ...
- research-articleJuly 2024
Research artifacts in software engineering publications: Status and trends
Journal of Systems and Software (JSSO), Volume 213, Issue CJul 2024https://doi.org/10.1016/j.jss.2024.112032AbstractThe Software Engineering (SE) community has been embracing the open science policy and encouraging researchers to disclose artifacts in their publications. However, the status and trends of artifact practice and quality remain unclear, lacking ...
Highlights- An empirical study on artifacts for software engineering publications.
- Uncover the status of 1,487 artifacts across 2,196 top-tier SE publications.
- Provide practical suggestions to different stakeholders based on findings.
- Open-...
- research-articleJuly 2024
A case study on the development of the German Corona-Warn-App
Journal of Systems and Software (JSSO), Volume 213, Issue CJul 2024https://doi.org/10.1016/j.jss.2024.112020AbstractThe COVID-19 pandemic has drastically changed daily life and required fast responses to new situations, such as restricted public life. A major means to limit infections have been contact-tracing apps that inform an individual about a potential ...
Highlights- We report a case study on the development of the German COVID-19 contact-tracing app.
- We describe how the pandemic and public interest impacted the app’s development.
- We elicit insights on good practices the developers employed to ...
- research-articleJune 2024
A comprehensive analysis of challenges and strategies for software release notes on GitHub
Empirical Software Engineering (KLU-EMSE), Volume 29, Issue 5Sep 2024https://doi.org/10.1007/s10664-024-10486-0AbstractRelease notes (RNs) refer to the technical documentation that offers users, developers, and other stakeholders comprehensive information about the changes and updates of a new software version. Producing high-quality RNs can be challenging, and it ...
- research-articleJune 2024
Software Vulnerability Prediction in Low-Resource Languages: An Empirical Study of CodeBERT and ChatGPT
EASE '24: Proceedings of the 28th International Conference on Evaluation and Assessment in Software EngineeringJune 2024, Pages 679–685https://doi.org/10.1145/3661167.3661281Background: Software Vulnerability (SV) prediction in emerging languages is increasingly important to ensure software security in modern systems. However, these languages usually have limited SV data for developing high-performing prediction models. Aims:...
- research-articleJune 2024
On the Accuracy of GitHub's Dependency Graph
EASE '24: Proceedings of the 28th International Conference on Evaluation and Assessment in Software EngineeringJune 2024, Pages 242–251https://doi.org/10.1145/3661167.3661175GitHub’s dependency graph shows dependency relationships between repositories. This feature is leveraged by tools such as Dependabot, or GitHub’s feature to export SBOM (Software Bill of Materials) files. Also, it has been used in empirical studies. ...
- research-articleJune 2024
An empirical study of fault localization in Python programs
Empirical Software Engineering (KLU-EMSE), Volume 29, Issue 4Jul 2024https://doi.org/10.1007/s10664-024-10475-3AbstractDespite its massive popularity as a programming language, especially in novel domains like data science programs, there is comparatively little research about fault localization that targets Python. Even though it is plausible that several ...
- research-articleJune 2024
Adoption of automated software engineering tools and techniques in Thailand
Empirical Software Engineering (KLU-EMSE), Volume 29, Issue 4Jul 2024https://doi.org/10.1007/s10664-024-10472-6AbstractReadiness for the adoption of Automated Software Engineering (ASE) tools and techniques can vary according to the size and maturity of software companies. ASE tools and techniques have been adopted by large or ultra-large software companies. ...
- research-articleJune 2024
Demystifying code snippets in code reviews: a study of the OpenStack and Qt communities and a practitioner survey
Empirical Software Engineering (KLU-EMSE), Volume 29, Issue 4Jul 2024https://doi.org/10.1007/s10664-024-10484-2AbstractCode review is widely known as one of the best practices for software quality assurance in software development. In a typical code review process, reviewers check the code committed by developers to ensure the quality of the code, during which ...
- research-articleJuly 2024
Bug priority change: An empirical study on Apache projects
Journal of Systems and Software (JSSO), Volume 212, Issue CJun 2024https://doi.org/10.1016/j.jss.2024.112019AbstractIn issue tracking systems, each bug is assigned a priority level (e.g., Blocker, Critical, Major, Minor, or Trivial in JIRA from highest to lowest), which indicates the urgency level of the bug. In this sense, understanding bug priority changes ...
Highlights- An empirical study to explore the phenomenon of bug priority changes.
- Priority changes mostly occur before the bug begins to be processed.
- Twenty-four patterns of bug priority changes are identified.
- Relatively complex bugs are ...
- research-articleMay 2024
Understanding Documentation Use Through Log Analysis: A Case Study of Four Cloud Services
CHI '24: Proceedings of the CHI Conference on Human Factors in Computing SystemsMay 2024, Article No.: 937, Pages 1–17https://doi.org/10.1145/3613904.3642721Almost no modern software system is written from scratch, and developers are required to effectively learn to use third-party libraries and software services. Thus, many practitioners and researchers have looked for ways to create effective documentation ...
- research-articleMay 2024
The Illusion of Increased Customization: Framing Choices as a Creative Process Increases Perceived Customization
CHI '24: Proceedings of the CHI Conference on Human Factors in Computing SystemsMay 2024, Article No.: 495, Pages 1–12https://doi.org/10.1145/3613904.3642655People are increasingly able to receive customized options. Despite this abundance of options, people may not view products as customized to their wants and needs. Across five experiments, we provide evidence for a possible solution. We find evidence for ...