By Topic

2008 ACM/IEEE 30th International Conference on Software Engineering

10-18 May 2008

Filter Results

Displaying Results 1 - 25 of 104
  • Topes

    Publication Year: 2008, Page(s):1 - 10
    Cited by:  Papers (5)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (201 KB) | HTML iconHTML

    Programmers often omit input validation when inputs can appear in many different formats or when validation criteria cannot be precisely specified. To enable validation in these situations, we present a new technique that puts valid inputs into a consistent format and that identifies "questionable" inputs which might be valid or invalid, so that these values can be double-checked by a person or a ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Tracking source locations

    Publication Year: 2008, Page(s):11 - 20
    Cited by:  Papers (10)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (119 KB) | HTML iconHTML

    Many programming tools require information to be associated with source locations. Current tools do this in different ways with different degrees of effectiveness. This paper is an investigation into the various approaches to maintaining source locations. It is based on an experiment that attempts to track a variety of locations over the evolution of a source file. The results demonstrate that rel... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Answering conceptual queries with Ferret

    Publication Year: 2008, Page(s):21 - 30
    Cited by:  Papers (13)  |  Patents (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (226 KB) | HTML iconHTML

    Programmers seek to answer questions as they investigate the functioning of a software system, such as "which execution path is being taken in this case?" Programmers attempt to answer these questions, which we call conceptual queries, using a variety of tools. Each type of tool typically highlights one kind of information about the system, such as static structural information or control-flow inf... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specification patterns for probabilistic quality properties

    Publication Year: 2008, Page(s):31 - 40
    Cited by:  Papers (23)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (360 KB) | HTML iconHTML

    Probabilistic verification techniques are a powerful means to ensure that a software-intensive system fulfills its quality requirements. To apply these techniques an accurate specification of the required properties in a probabilistic temporal logic is necessary. To help practitioners formulate these properties correctly, this paper presents a specification pattern system of common probabilistic p... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Existential live sequence charts revisited

    Publication Year: 2008, Page(s):41 - 50
    Cited by:  Papers (12)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (432 KB) | HTML iconHTML

    Scenario-based specifications are a popular means for describing intended system behaviour. We aim to facilitate early analysis of system behaviour and the development of behaviour models in conjunction with scenarios. In this paper we define a novel scenario-based specification language with an existential semantics and that supports conditional specification of behaviour in the form of prechart ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Symbolic mining of temporal specifications

    Publication Year: 2008, Page(s):51 - 60
    Cited by:  Papers (15)  |  Patents (2)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (414 KB) | HTML iconHTML

    Program specifications are important in many phases of the software development process, but they are often omitted or incomplete. An important class of specifications takes the form of temporal properties that prescribe proper usage of components of a software system. Recent work has focused on the automated inference of temporal specifications from the static or runtime behavior of programs. Man... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Testing pervasive software in the presence of context inconsistency resolution services

    Publication Year: 2008, Page(s):61 - 70
    Cited by:  Papers (12)  |  Patents (2)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (200 KB) | HTML iconHTML

    Pervasive computing software adapts its behavior according to the changing contexts. Nevertheless, contexts are often noisy. Context inconsistency resolution provides a cleaner pervasive computing environment to context-aware applications. A faulty context-aware application may, however, mistakenly mix up inconsistent contexts and resolved ones, causing incorrect results. This paper studies how su... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • ARTOO

    Publication Year: 2008, Page(s):71 - 80
    Cited by:  Papers (49)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (365 KB) | HTML iconHTML

    Intuition is often not a good guide to know which testing strategies will work best. There is no substitute for experimental analysis based on objective criteria: how many faults a strategy finds, and how fast. "Random" testing is an example of an idea that intuitively seems simplistic or even dumb, but when assessed through such criteria can yield better results than seemingly smarter strategies.... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Time will tell

    Publication Year: 2008, Page(s):81 - 90
    Cited by:  Papers (17)  |  Patents (2)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (185 KB) | HTML iconHTML

    We present an automatic fault localization technique which leverages time spectra as abstractions for program executions. Time spectra have been traditionally used for performance debugging. By contrast, we use them for functional correctness debugging by identifying pieces of program code that take a "suspicious" amount of time to execute. The approach can be summarized as follows: time spectra a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards reusable components with aspects

    Publication Year: 2008, Page(s):91 - 100
    Cited by:  Papers (8)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (648 KB) | HTML iconHTML

    The potential of aspect-oriented programming to represent cross-cutting concerns as reusable components has yet to be fully realized. Indeed, authors have detailed significant challenges in creating reusable aspect component libraries. Proposed solutions include restricting the power of aspects upfront, inferring concern interaction, and shaping base code to conform to abstract design rules. Anoth... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using components for architecture-based management

    Publication Year: 2008, Page(s):101 - 110
    Cited by:  Papers (22)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (439 KB) | HTML iconHTML

    Components are widely used for managing distributed applications because they not only capture the software architecture of managed applications as an assembly of components but also permit to dynamically adapt these applications to changing environments. Following this approach, our practical experience in the JADE environment about developing an autonomic repair management service with a self-he... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Early prediction of software component reliability

    Publication Year: 2008, Page(s):111 - 120
    Cited by:  Papers (49)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (301 KB) | HTML iconHTML

    The ability to predict the reliability of a software system early in its development, e.g., during architectural design, can help to improve the system's quality in a cost-effective manner. Existing architecture-level reliability prediction approaches focus on system-level reliability and assume that the reliabilities of individual components are known. In general, this assumption is unreasonable,... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Executable misuse cases for modeling security concerns

    Publication Year: 2008, Page(s):121 - 130
    Cited by:  Papers (7)  |  Patents (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (342 KB) | HTML iconHTML

    Misuse cases are a way of modeling negative requirements, that is, behaviors that should not occur in a system. In particular, they can be used to model attacks on a system as well as the security mechanisms needed to avoid them. However, like use cases, misuse cases describe requirements in a high-level and informal manner. This means that, whilst they are easy to understand, they do not lend the... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Mining library specifications using inductive logic programming

    Publication Year: 2008, Page(s):131 - 140
    Cited by:  Papers (8)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (338 KB) | HTML iconHTML

    Software libraries organize useful functionalities in order to promote modularity and code reuse. A typical library is used by client programs through an application programming interface (API) that hides its internals from the client. Typically, the rules governing the correct usage of the API are documented informally. In many cases, libraries may have complex API usage rules and unclear documen... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Temporal dependency based checkpoint selection for dynamic verification of fixed-time constraints in grid workflow systems

    Publication Year: 2008, Page(s):141 - 150
    Cited by:  Papers (13)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (571 KB) | HTML iconHTML

    In grid workflow systems, temporal correctness is critical to assure the timely completion of grid workflow execution. To monitor and control the temporal correctness, fixed-time constraints are often assigned to a grid workflow and then verified. A checkpoint selection strategy is used to select checkpoints along grid workflow execution for verifying fixed-time constraints. The problem of existin... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Precise memory leak detection for java software using container profiling

    Publication Year: 2008, Page(s):151 - 160
    Cited by:  Papers (25)  |  Patents (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (402 KB) | HTML iconHTML

    A memory leak in a Java program occurs when object references that are no longer needed are unnecessarily maintained. Such leaks are difficult to understand because static analyses typically cannot precisely identify these redundant references, and existing dynamic analyses for leak detection track and report fine-grained information about individual objects, producing results that are usually har... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The effect of program and model structure on mc/dc test adequacy coverage

    Publication Year: 2008, Page(s):161 - 170
    Cited by:  Papers (20)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (168 KB) | HTML iconHTML

    In avionics and other critical systems domains, adequacy of test suites is currently measured using the MC/DC metric on source code (or on a model in model-based development). We believe that the rigor of the MC/DC metric is highly sensitive to the structure of the implementation and can therefore be misleading as a test adequacy criterion. We investigate this hypothesis by empirically studying th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Static detection of cross-site scripting vulnerabilities

    Publication Year: 2008, Page(s):171 - 180
    Cited by:  Papers (54)  |  Patents (15)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (185 KB) | HTML iconHTML

    Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. In cross-site scripting (XSS), an attacker exploits the trust a Web client (browser) has for a trusted server and executes injected script on the browser with the server's privileges. In 2006, XSS constituted the largest class of newly reported vulnerabi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A comparative analysis of the efficiency of change metrics and static code attributes for defect prediction

    Publication Year: 2008, Page(s):181 - 190
    Cited by:  Papers (114)  |  Patents (3)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (267 KB) | HTML iconHTML

    In this paper we present a comparative analysis of the predictive power of two different sets of metrics for defect prediction. We choose one set of product related and one set of process related software metrics and use them for classifying Java files of the Eclipse project as defective respective defect-free. Classification models are built using three common machine learners: logistic regressio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the difficulty of replicating human subjects studies in software engineering

    Publication Year: 2008, Page(s):191 - 200
    Cited by:  Papers (6)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (175 KB) | HTML iconHTML

    Replications play an important role in verifying empirical results. In this paper, we discuss our experiences performing a literal replication of a human subjects experiment that examined the relationship between a simple test for consistent use of mental models, and success in an introductory programming course. We encountered many difficulties in achieving comparability with the original experim... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An empirical study of the effects of test-suite reduction on fault localization

    Publication Year: 2008, Page(s):201 - 210
    Cited by:  Papers (58)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (225 KB) | HTML iconHTML

    Fault-localization techniques that utilize information about all test cases in a test suite have been presented. These techniques use various approaches to identify the likely faulty part(s) of a program, based on information about the execution of the program with the test suite. Researchers have begun to investigate the impact that the composition of the test suite has on the effectiveness of th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Calysto

    Publication Year: 2008, Page(s):211 - 220
    Cited by:  Papers (24)  |  Patents (2)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (221 KB) | HTML iconHTML

    Automatically detecting bugs in programs has been a long-held goal in software engineering. Many techniques exist, trading-off varying levels of automation, thoroughness of coverage of program behavior, precision of analysis, and scalability to large code bases. This paper presents the Calysto static checker, which achieves an unprecedented combination of precision and scalability in a completely ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • jPredictor

    Publication Year: 2008, Page(s):221 - 230
    Cited by:  Papers (20)  |  Patents (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (214 KB) | HTML iconHTML

    jPredictor is a tool for detecting concurrency errors in Java programs. The Java program is instrumented to emit property-relevant events at runtime and then executed. The resulting execution trace is collected and analyzed by Predictor, which extracts a causality relation sliced using static analysis and refined with lock-atomicity information. The resulting abstract model, a hybrid of a partial ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Dynamic detection of atomic-set-serializability violations

    Publication Year: 2008, Page(s):231 - 240
    Cited by:  Papers (17)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (217 KB) | HTML iconHTML

    Previously we presented atomic sets, memory locations that share some consistency property, and units of work, code fragments that preserve consistency of atomic sets on which they are declared. We also proposed atomic-set serializability as a correctness criterion for concurrent programs, stating that units of work must be serializable for each atomic set. We showed that a set of problematic data... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An empirical study of software developers' management of dependencies and changes

    Publication Year: 2008, Page(s):241 - 250
    Cited by:  Papers (23)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (241 KB) | HTML iconHTML

    Different approaches and tools have been proposed to support change impact analysis, i.e., the identification of the potential consequences of a change, or the estimation of what needs to be modified to accomplish a change. However, just a few empirical studies of software developers' actual change impact analysis approaches have been reported in the literature. To minimize this gap, this paper de... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.