By Topic

Software Engineering, IEEE Transactions on

Issue 4 • Date April 2006

Filter Results

Displaying Results 1 - 9 of 9
  • [Front cover]

    Publication Year: 2006 , Page(s): c1
    Save to Project icon | Request Permissions | PDF file iconPDF (136 KB)  
    Freely Available from IEEE
  • [Inside front cover]

    Publication Year: 2006 , Page(s): c2
    Save to Project icon | Request Permissions | PDF file iconPDF (92 KB)  
    Freely Available from IEEE
  • Interactive fault localization techniques in a spreadsheet environment

    Publication Year: 2006 , Page(s): 213 - 239
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (7744 KB) |  | HTML iconHTML  

    End-user programmers develop more software than any other group of programmers, using software authoring devices such as multimedia simulation builders, e-mail filtering editors, by-demonstration macro builders, and spreadsheet environments. Despite this, there has been only a little research on finding ways to help these programmers with the dependability of the software they create. We have been working to address this problem in several ways, one of which includes supporting end-user debugging activities through interactive fault localization techniques. This paper investigates fault localization techniques in the spreadsheet domain, the most common type of end-user programming environment. We investigate a technique previously described in the research literature and two new techniques. We present the results of an empirical study to examine the impact of two individual factors on the effectiveness of fault localization techniques. Our results reveal several insights into the contributions such techniques can make to the end-user debugging process and highlight key issues of interest to researchers and practitioners who may design and evaluate future fault localization techniques. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the value of static analysis for fault detection in software

    Publication Year: 2006 , Page(s): 240 - 253
    Cited by:  Papers (37)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (3728 KB) |  | HTML iconHTML  

    No single software fault-detection technique is capable of addressing all fault-detection concerns. Similarly to software reviews and testing, static analysis tools (or automated static analysis) can be used to remove defects prior to release of a software product. To determine to what extent automated static analysis can help in the economic production of a high-quality product, we have analyzed static analysis faults and test and customer-reported failures for three large-scale industrial software systems developed at Nortel Networks. The data indicate that automated static analysis is an affordable means of software fault detection. Using the orthogonal defect classification scheme, we found that automated static analysis is effective at identifying assignment and checking faults, allowing the later software production phases to focus on more complex, functional, and algorithmic faults. A majority of the defects found by automated static analysis appear to be produced by a few key types of programmer errors and some of these types have the potential to cause security vulnerabilities. Statistical analysis results indicate the number of automated static analysis faults can be effective for identifying problem modules. Our results indicate static analysis tools are complementary to other fault-detection techniques for the economic production of a high-quality software product. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Task construction for model-based design of embedded control software

    Publication Year: 2006 , Page(s): 254 - 264
    Cited by:  Papers (14)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (920 KB) |  | HTML iconHTML  

    Constructing runtime tasks, or operating system-level processes/threads, from the components of software design models is crucial to the model-based development of embedded control software. A better method should explore more design choices and reduce the overheads of the runtime system to meet the timing and resource constraints of embedded control software. This paper presents a novel, two-step method for systematic and automatic construction of runtime tasks from software design models. It uses graph transformation to construct a task set meeting system-level end-to-end (e2e) timing constraints. Its first step decomposes the system-level e2e timing constraints into the components' timing constraints, which form a necessary condition for any valid and feasible schedule. The second step iteratively merges the components into tasks and sequences their executions. A thus-constructed task set is proven to meet both intercomponent precedence and system-level e2e timing constraints and to minimize runtime overheads by minimizing the total number of resultant tasks. Our evaluation results based on randomly generated software models have shown that the proposed method outperforms commonly used methods and is also scalable. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Threat-driven modeling and verification of secure software using aspect-oriented Petri nets

    Publication Year: 2006 , Page(s): 265 - 278
    Cited by:  Papers (36)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1576 KB) |  | HTML iconHTML  

    Design-level vulnerabilities are a major source of security risks in software. To improve trustworthiness of software design, this paper presents a formal threat-driven approach, which explores explicit behaviors of security threats as the mediator between security goals and applications of security features. Security threats are potential attacks, i.e., misuses and anomalies that violate the security goals of systems' intended functions. Security threats suggest what, where, and how security features for threat mitigation should be applied. To specify the intended functions, security threats, and threat mitigations of a security design as a whole, we exploit aspect-oriented Petri nets as a unified formalism. Intended functions and security threats are modeled by Petri nets, whereas threat mitigations are modeled by Petri net-based aspects due to the incremental and crosscutting nature of security features. The unified formalism facilitates verifying correctness of security threats against intended functions and verifying absence of security threats from integrated functions and threat mitigations. As a result, our approach can make software design provably secured from anticipated security threats and, thus, reduce significant design-level vulnerabilities. We demonstrate our approach through a systematic case study on the threat-driven modeling and verification of a real-world shopping cart application. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Comments on "Automatic analysis of consistency between requirements and designs"

    Publication Year: 2006 , Page(s): 279 - 280
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (587 KB) |  | HTML iconHTML  

    This article comments on "automatic analysis of consistency between requirements and designs". View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • TSE Information for authors

    Publication Year: 2006 , Page(s): c3
    Save to Project icon | Request Permissions | PDF file iconPDF (92 KB)  
    Freely Available from IEEE
  • [Back cover]

    Publication Year: 2006 , Page(s): c4
    Save to Project icon | Request Permissions | PDF file iconPDF (136 KB)  
    Freely Available from IEEE

Aims & Scope

The IEEE Transactions on Software Engineering is interested in well-defined theoretical results and empirical studies that have potential impact on the construction, analysis, or management of software. The scope of this Transactions ranges from the mechanisms through the development of principles to the application of those principles to specific environments. Specific topic areas include: a) development and maintenance methods and models, e.g., techniques and principles for the specification, design, and implementation of software systems, including notations and process models; b) assessment methods, e.g., software tests and validation, reliability models, test and diagnosis procedures, software redundancy and design for error control, and the measurements and evaluation of various aspects of the process and product; c) software project management, e.g., productivity factors, cost models, schedule and organizational issues, standards; d) tools and environments, e.g., specific tools, integrated tool environments including the associated architectures, databases, and parallel and distributed processing issues; e) system issues, e.g., hardware-software trade-off; and f) state-of-the-art surveys that provide a synthesis and comprehensive review of the historical development of one particular area of interest.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Matthew B. Dwyer
Dept. Computer Science and Engineering
256 Avery Hall
University of Nebraska-Lincoln
Lincoln, NE 68588-0115 USA
tseeicdwyer@computer.org