A survey on software defect prediction using deep learning

Defect prediction is one of the key challenges in software development and programming language research for improving software quality and reliability. The problem in this area is to properly identify the defective source code with high accuracy. Developing a fault prediction model is a challenging problem, and many approaches have been proposed throughout history. The recent breakthrough in machine learning technologies, especially the development of deep learning techniques, has led to many problems being solved by these methods. Our survey focuses on the deep learning techniques for defect prediction. We analyse the recent works on the topic, study the methods for automatic learning of the semantic and structural features from the code, discuss the open problems and present the recent trends in the field. © 2021 by the authors. Licensee MDPI, Basel, Switzerland

Beyond Fidelity: Explaining Vulnerability Localization of Learning-based Detectors

Vulnerability detectors based on deep learning (DL) models have proven their effectiveness in recent years. However, the shroud of opacity surrounding the decision-making process of these detectors makes it difficult for security analysts to comprehend. To address this, various explanation approaches have been proposed to explain the predictions by highlighting important features, which have been demonstrated effective in other domains such as computer vision and natural language processing. Unfortunately, an in-depth evaluation of vulnerability-critical features, such as fine-grained vulnerability-related code lines, learned and understood by these explanation approaches remains lacking. In this study, we first evaluate the performance of ten explanation approaches for vulnerability detectors based on graph and sequence representations, measured by two quantitative metrics including fidelity and vulnerability line coverage rate. Our results show that fidelity alone is not sufficient for evaluating these approaches, as fidelity incurs significant fluctuations across different datasets and detectors. We subsequently check the precision of the vulnerability-related code lines reported by the explanation approaches, and find poor accuracy in this task among all of them. This can be attributed to the inefficiency of explainers in selecting important features and the presence of irrelevant artifacts learned by DL-based detectors.Comment: Accepted by Tose

An explainable deep model for defect prediction

Self attention transformer encoders represent an effective method for sequence to class prediction tasks as they can disentangle long distance dependencies and have many regularising effects. We achieve results substantially better than state of the art in one such task, namely, defect prediction and with many added benefits. Existing techniques do not normalise for correlations that are inversely proportional to the usefulness of the prediction but do, in fact, go further, specifically exploiting these features which is tantamount to data leakage. Our model is end-to-end trainable and has the potential capability to explain its prediction. This explainability provides insights and potential causes of a model\u27s decisions, the absence of which has stopped defect prediction from gaining any traction in industry

An explainable deep model for defect prediction

Self attention transformer encoders represent an effective method for sequence to class prediction tasks as they can disentangle long distance dependencies and have many regularising effects. We achieve results substantially better than state of the art in one such task, namely, defect prediction and with many added benefits. Existing techniques do not normalise for correlations that are inversely proportional to the usefulness of the prediction but do, in fact, go further, specifically exploiting these features which is tantamount to data leakage. Our model is end-to-end trainable and has the potential capability to explain its prediction. This explainability provides insights and potential causes of a model\u27s decisions, the absence of which has stopped defect prediction from gaining any traction in industry