Works (32)
Updated: July 5th, 2023 15:53
2020 article
Database-Access Performance Antipatterns in Database-Backed Web Applications
2020 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION (ICSME 2020), pp. 58–69.
author keywords: performance antipatterns; performance bugs; database-backed web applications; characteristic study
TL;DR:
This study collects database-access performance bugs from web applications that access databases through language-provided SQL interfaces, which have been largely ignored by recent work, to check how extensively the known antipatterns can cover these bugs.
(via Semantic Scholar)
Source: Web Of Science
Added: March 1, 2021
2018 journal article
A Combinatorial Testing-Based Approach to Fault Localization
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 46(6), 616–645.
author keywords: Testing; Fault diagnosis; Flexible printed circuits; Software; Task analysis; Debugging; Computer science; Combinatorial testing; fault localization; debugging
TL;DR:
A fault localization approach, called BEN, which produces a ranking of statements in terms of their likelihood of being faulty by leveraging the result of combinatorial testing.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure
(OpenAlex)
Source: Web Of Science
Added: July 13, 2020
2013 conference paper
A characteristic study on failures of production distributed data-parallel programs
Proceedings of the 35th International Conference on software engineering (ICSE 2013), 963–972.
TL;DR:
The study results provide valuable guidelines for future development of data-parallel programs, and it is believed that these guidelines are not limited to SCOPE, but can also be generalized to other similar data- parallel platforms.
(via Semantic Scholar)
open access via citeseerx.ist.psu.edu (repository)
Source: NC State University Libraries
Added: August 6, 2018
2013 conference paper
Educational software engineering: Where software engineering, education, and gaming meet
2013 3rd International Workshop on Games and Software Engineering: Engineering Computer Games to Enable Positive, Progressive Change (GAS), 36–39.
TL;DR:
The subfield of educational software engineering is defined and Pex for Fun is illustrated, one of the recent examples on leveraging software engineering and gaming technologies to address educational tasks on teaching and learning programming and software engineering skills.
(via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018
2013 conference paper
The synergy of human and artificial intelligence in software engineering
International workshop on realizing artificial intelligence synergies in, 4–6.
TL;DR:
This paper presents example software-engineering problems with solutions that leverage the synergy of human and artificial intelligence, and illustrates how cooperative testing and analysis can help realize such synergy.
(via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018
2012 conference paper
Inferring method specifications from natural language API descriptions
2012 34th international conference on software engineering (icse), 815–825.
TL;DR:
This work proposes a novel approach to infer formal specifications from natural language text of API documents and shows that this approach has an average 83% accuracy in inferring specifications from over 1600 sentences describing code contracts.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: NC State University Libraries
Added: August 6, 2018
2012 journal article
Locating Need-to-Externalize Constant Strings for Software Internationalization with Generalized String-Taint Analysis
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 39(4), 516–536.
author keywords: Software internationalization; need-to-externalize constant strings; string-taint analysis
TL;DR:
An automatic approach to locate need-to-externalize constant strings in the source code of a software product using generalized string-taint analysis is proposed and visual representation of the string dependencies related to the need- to-externalized strings is provided.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2012 conference paper
Selection of regression system tests for security policy evolution
2012 proceedings of the 27th ieee/acm international conference on automated software engineering (ase), 266–269.
TL;DR:
A regression-test-selection approach is developed, which selects every system test case that may reveal regression faults caused by policy changes, and shows that this approach reduces a substantial number of system test cases efficiently.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: NC State University Libraries
Added: August 6, 2018
2011 journal article
Alattin: mining alternative patterns for defect detection
AUTOMATED SOFTWARE ENGINEERING, 18(3-4), 293–323.
author keywords: Alternative patterns; Static defect detection; Mining software engineering data; Code search engine
TL;DR:
A novel approach to reduce false positives produced by existing mining approaches is developed, called Alattin, that includes new mining algorithms and a technique for detecting neglected conditions based on the authors' mining algorithm.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2011 conference paper
Covana: Precise identification of problems in Pex
2011 33rd International Conference on Software Engineering (ICSE), 1004–1006.
TL;DR:
This work presents Covana, a tool that precisely identifies and reports problems that prevent Pex from achieving high structural coverage, and proposes cooperative developer testing, where developers provide guidance to help tools achieve higher structural coverage.
(via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018
2011 conference paper
DyTa: Dynamic symbolic execution guided with static verification results
2011 33rd International Conference on Software Engineering (ICSE), 992–994.
TL;DR:
This work presents an automated defect-detection tool, called DyTa, that combines both static verification and dynamic test generation and reduces the number of false positives compared to static verification, and performs more efficiently compared to dynamic testgeneration.
(via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018
2011 journal article
Environmental Modeling for Automated Cloud Application Testing
IEEE SOFTWARE, 29(2), 30–35.
TL;DR:
A proposed approach models the cloud environment and applies dynamic symbolic execution to generate test inputs and cloud states and shows that it can achieve high structural coverage in open-source Azure cloud applications.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2011 journal article
Inferring specifications for resources from natural language API documentation
AUTOMATED SOFTWARE ENGINEERING, 18(3-4), 227–261.
author keywords: Inferring specifications; API documentation
TL;DR:
This work proposes an approach, called Doc2Spec, that infers resource specifications from API documentation in natural languages, and shows that specifications inferred by this approach are useful to detect real defects in existing projects.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2011 journal article
MODEL CHECKING FOR VERIFICATION OF MANDATORY ACCESS CONTROL MODELS AND PROPERTIES
INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, 21(1), 103–127.
author keywords: Access control; policy; model; testing
TL;DR:
This paper defines a standardized structure for MAC models, providing for both property verification and automated generation of test cases, and uses the model checker to verify the integrity, coverage, and confinement of these properties for the MAC models.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2011 conference paper
Precise identification of problems for structural test generation
2011 33rd International Conference on Software Engineering (ICSE), 611–620.
TL;DR:
A novel approach, called Covana, is proposed, which precisely identifies and reports problems that prevent the tools from achieving high structural coverage primarily by determining whether branch statements containing notcovered branches have data dependencies on problem candidates.
(via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018
2011 journal article
Retrofitting unit tests for parameterized unit testing
Fundamental Approaches to Software Engineering, 6603, 294–309.
Source: NC State University Libraries
Added: August 6, 2018
2011 article
Synthesizing Method Sequences for High-Coverage Testing
Thummalapenta, S., Xie, T., Tillmann, N., Halleux, J., & Su, Z. (2011, October). ACM SIGPLAN NOTICES, Vol. 46, pp. 189–206.
author keywords: Languages; Experimentation; Object-oriented testing; Symbolic execution
Source: Web Of Science
Added: August 6, 2018
2010 journal article
Designing Fast and Scalable XACML Policy Evaluation Engines
IEEE TRANSACTIONS ON COMPUTERS, 60(12), 1802–1817.
author keywords: Web servers; XACML; policy evaluation; policy-based computing; access control; policy decision point
TL;DR:
This paper proposes fast policy evaluation algorithms that can be adapted to support various policy languages and focuses on XACML, which has become the de facto standard for specifying access control policies, has been widely used on web servers, and is most complex among existing policy languages.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2010 conference paper
Guided test generation for coverage criteria
2010 ieee international conference on software maintenance.
TL;DR:
This work proposes a general approach that uses instrumentation to guide existing test-generation approaches to generate test inputs that achieve boundary-value and logical coverage for the program under test.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: NC State University Libraries
Added: August 6, 2018
2010 journal article
Perturbation-based user-input-validation testing of web applications
JOURNAL OF SYSTEMS AND SOFTWARE, 83(11), 2263–2274.
author keywords: Software testing; Web-application testing; User-input-validation testing
TL;DR:
The empirical result shows that the proposed approach to generate test inputs for UIV based on the analysis of client-side information is more effective than existing vulnerability scanners in finding semantics-related vulnerabilities of UIV for web applications.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: Web Of Science
Added: August 6, 2018
2009 article
Alattin: Mining Alternative Patterns for Detecting Neglected Conditions
2009 IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING, PROCEEDINGS, pp. 283–294.
author keywords: code search; frequent itemset mining; alternative patterns
TL;DR:
This work develops a novel approach, called Alattin, that includes a new mining algorithm and a technique for detecting neglected conditions based on the authors' mining algorithm, which helps reduce nearly 28% of false positives among detected violations.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2009 journal article
DATA MINING FOR SOFTWARE ENGINEERING
COMPUTER, 42(8), 55–62.
TL;DR:
Various algorithms are presented to effectively mine sequences, graphs, and text from such data to improve software productivity and quality.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2009 article
Detection of Multiple-Duty-Related Security Leakage in Access Control Policies
2009 THIRD IEEE INTERNATIONAL CONFERENCE ON SECURE SOFTWARE INTEGRATION AND RELIABILITY IMPROVEMENT, PROCEEDINGS, pp. 65–74.
author keywords: Validation; Policy Verification; Access Control Policies
TL;DR:
This work develops a novel framework that analyzes policies and detects cases that potentially cause multiple-duty-related security leakage in XACML, and shows that this framework effectively pinpoints potential multiple- Duty- related security leakage for policy authors to inspect.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: Web Of Science
Added: August 6, 2018
2009 article
Fault Localization for Firewall Policies
2009 28TH IEEE INTERNATIONAL SYMPOSIUM ON RELIABLE DISTRIBUTED SYSTEMS, PROCEEDINGS, pp. 100-+.
TL;DR:
This work proposes an approach to reduce the number of rules for inspection based on information collected during evaluating failed tests, and shows that this approach can reduce 56% of rules that are required for inspection in fault localization.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2009 article
Fitness-Guided Path Exploration in Dynamic Symbolic Execution
2009 IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS & NETWORKS (DSN 2009), pp. 359-+.
TL;DR:
This work proposes a novel approach called Fitnex, a search strategy that uses state-dependent fitness values (computed through a fitness function) to guide path exploration, and shows that this approach consistently achieves high code coverage faster than existing search strategies.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2009 journal article
Interactive Fault Localization Using Test Information
JOURNAL OF COMPUTER SCIENCE AND TECHNOLOGY, 24(5), 962–974.
author keywords: debugging; fault localization; interactive approach
TL;DR:
This work proposes an interactive fault-localization framework, combining the benefits of automated approaches and manual debugging, and proposes a naive approach and a robust approach, which can help developers find faults when they make wrong estimation at some checking points.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2009 conference paper
MAPO: mining and recommending API usage patterns
Ecoop 2009 - object-oriented programming, 5653, 318–343.
Source: NC State University Libraries
Added: August 6, 2018
2009 article
Reggae: Automated Test Generation for Programs using Complex Regular Expressions
2009 IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING, PROCEEDINGS, pp. 515–519.
author keywords: test generation; dynamic symbolic execution; string generation
TL;DR:
An approach is proposed, named Reggae, to reduce the exploration space of DSE in test generation for programs using complex regular expressions due to large exploration space, which helps a test-generation tool generate test inputs to achieve 79% branch coverage of validators.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2009 journal article
Test input reduction for result inspection to facilitate fault localization
AUTOMATED SOFTWARE ENGINEERING, 17(1), 5–31.
author keywords: Test suite reduction; Testing; Debugging; Fault localization
TL;DR:
This work proposes three strategies to reduce the test inputs in an existing test collection for result inspection and shows that this approach can help developers inspect a smaller subset of test inputs, whose fault-localization effectiveness is close to that of the whole test collection.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2008 article
DSD-Crasher: A hybrid analysis tool for bug finding
ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY, Vol. 17.
author keywords: reliability; verification; automatic testing; bug finding; dynamic analysis; dynamic invariant detection; extended static checking; false positives; static analysis; test case generation; usability
TL;DR:
DSD-Crasher is a bug finding tool that follows a three-step approach to program analysis that yields benefits compared to past two-step combinations in the literature, and in the evaluation with third-party applications, demonstrates higher precision over tools that lack a dynamic step and higher efficiency over tools That lack a static step.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2008 journal article
On automated prepared statement generation to remove SQL injection vulnerabilities
INFORMATION AND SOFTWARE TECHNOLOGY, 51(3), 589–598.
author keywords: SQL injection; Prepared statement; Fix automation
TL;DR:
An algorithm of prepared statement replacement for removing SQLIVs by replacing SQL statements with prepared statements is presented and a corresponding tool for automated fix generation is created.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2006 journal article
Augmenting automatically generated unit-test suites with regression oracle checking
Lecture Notes in Computer Science, (4067), 380–403.
Source: NC State University Libraries
Added: August 6, 2018
Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.
Certain data included herein are derived from the Web of Science© and InCites© (2024) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.