IEEE Transactions on Software Engineering

The rising of the Android market demands higher quality assurance of Android applications (apps) to sharpen the competitive edge, and techniques for traditional software have problems adapting for mobile apps. Android apps often require testing on a large-...

Software clone detection identifies similar or identical code snippets. It has been an active research topic that attracts extensive attention over the last two decades. In recent years, machine learning (ML) based detectors, especially deep learning-...

The microservice architecture has been commonly adopted by large scale software systems exemplified by a wide range of online services. Service monitoring through anomaly detection and root cause analysis (RCA) is crucial for these microservice systems to ...

JNI programs are widely used thanks to the combined benefits of C and Java programs. However, because understanding the interaction behaviors between two different programming languages is challenging, JNI program development is difficult to get right and ...

A constant influx of newcomers is essential for the sustainability and success of open source software (OSS) projects. However, successful onboarding is always challenging because newcomers face various initial contributing barriers. To support newcomer ...

Trace checking is a verification technique widely used in Cyber-physical system (CPS) development, to verify whether execution traces satisfy or violate properties expressing system requirements. Often these properties characterize complex signal ...

Vulnerabilities are known reported security threats that affect a large amount of packages in the <italic>npm</italic> ecosystem. To mitigate these security threats, the open-source community strongly suggests vulnerable packages to timely publish ...

Deep Neural Networks (DNNs) have been extensively used in many areas including image processing, medical diagnostics and autonomous driving. However, DNNs can exhibit erroneous behaviours that may lead to critical errors, especially when used in safety-...

Code reuse is an important part of software development. The adoption of code reuse practices is especially common among Node.js developers. The Node.js package manager, NPM, indexes over 1 Million packages and developers often seek out packages to solve ...

When reusing or modifying code, developers need to understand the implicit knowledge behind a piece of code in addition to the literal meaning of code. Such implicit knowledge involves related concepts and their explanations. Uncovering and understanding ...

Prior research has shown that public vulnerability systems such as US National Vulnerability Database (NVD) rely on a manual, time-consuming, and error-prone process which has led to inconsistencies and delays in releasing final vulnerability results. ...

Modelling the behaviour of state-based systems can be challenging, especially when the modeller is not entirely certain about its intended interactions with the user or the environment. Currently, it is possible to associate a stated level of uncertainty ...

In recent years, there have been major strides in the safety verification of machine learning models such as neural networks and tree ensembles. However, fuzzy decision trees (FDT), also called soft or differentiable decision trees, are yet unstudied in ...

Developers often need to decide which APIs to use for the functions being implemented. With the ever-growing number of APIs and libraries, it becomes increasingly difficult for developers to find appropriate APIs, indicating the necessity of automatic API ...

The <italic>AAA</italic> pattern (i.e., <italic>Arrange-Act-Assert</italic>) is a common and natural layout to create a test case. Following this pattern in test cases may benefit comprehension, debugging, and maintenance. The <italic>AAA</italic> ...

<bold>Background:</bold> Requirements Changes (RCs) &#x2013; the additions/modifications/deletions of functional/non-functional requirements in software products &#x2013; are challenging for software practitioners to handle. Handling some changes may ...