Старіння програмного забезпечення мобільних додатків: аналіз проблематики

Software aging is the process of errors accumulation in the state of system throughout the runtime that results in performance degradation and increase of failure rate. This paper carried out the review and analysis of literary sources devoted to the study of the software aging phenomenon in mobile operating systems, such as Android. Mobile devices run for a long time without restarting and users often switch applications. Therefore, mobile devices are vulnerable to the effects of aging, because conditions of use may result in accumulation of errors in the system, such as memory leaks. The study described a general algorithm for detecting and investigating the effects of aging in the Android mobile system. The main metrics and factors used in studies are identified. The paper highlighted main metrics that indicate the presence of software aging in Android operating system, namely memory indicators like PSS (Proportional Set Size), Garbage Collector metrics and Activity launch time. This work also described main factors that influence the effects of software aging: device configurations, application types and source code, application launch and input events rate, amount of usable and free RAM and data storage, memory leaks. Detection of software aging occurs by measuring system metrics taking into account external and internal factors and by applying statistical methods (alternatively, machine learning methods can be used). The purpose of aging effects detecting and factors and metrics investigation is to schedule and perform a rejuvenation procedure. Software rejuvenation is a technique to prevent and delay software aging. The paper analyzed approaches of software rejuvenation in the Android mobile operating system. The main approach to counteracting software aging phenomena is active rejuvenation, which consists in scheduling of reboots of system components at different levels under certain conditions and optimal time. For example, at the system level services such as Activity manager can be restarted, and at the level of individual process Java containers (ArrayList, HashMap) can be cleaned. As a result, the paper identified directions of future research, namely: identifying of effective factors and metrics for mobile systems, building software aging models, developing methods and tools for software rejuvenation in mobile operating system.Виконано огляд та аналіз літературних джерел, в яких досліджено явища старіння програмного забезпечення мобільних додатків. Визначено основні характеристики явища старіння програмного забезпечення. Встановлено, що мобільні системи та додатки є особливо вразливі до ефектів старіння і потребують детальних досліджень. Охарактеризовано основні методи та засоби дослідження явища старіння, що застосовуються для його вивчення в мобільній системі Android. Описано загальну схему дослідження явища старіння, яка дає змогу проводити експерименти та визначати наявність чи відсутність старіння в системі, а також вказує на вплив факторів на прояви старіння. Визначено використовувані індикатори старіння, а саме такі індикатори системи та додатків, як тривалість запуску Android Activity, оперативна пам'ять, файлове сховище, використання CPU, Garbage Collector. Виділено основні фактори, що впливають на прояви явища старіння: технічні характеристики пристрою, типи додатків та програмний код, інтенсивність запуску додатків, події введення, оперативна пам'ять та пам'ять файлового сховища. Встановлено, що згідно з результатами попередніх досліджень, ефективними алгоритмами машинного навчання для визначення наявності старіння є метод опорних векторів та дерева прийняття рішень. Проаналізовано наявні дослідження, методи та засоби виконання процедури омолодження програмного забезпечення для зменшення впливу старіння на надійність системи Android. З'ясовано, що для протидії старінню програмного забезпечення в мобільній системі Android пропонують засоби як на рівні розроблення архітектури та реалізації мобільного додатку, так і на системному рівні і рівні компонент. Встановлено, що ключовим засобом протидії старінню є перезавантаження компонент на рівні системи (наприклад, Activity manager) чи додатків (Java-контейнери), а також є необхідність розроблення таких засобів для планування виконання процедури омолодження. Обґрунтовано актуальність впливу явища старіння на забезпечення надійності сучасних мобільних та вбудованих систем. Визначено напрями майбутніх досліджень, а саме: визначення ефективних факторів і індикаторів для мобільних систем, побудова моделей старіння, розроблення методів і засобів омолодження програмного забезпечення мобільних систем

Dependability Assessment of Android OS

In this brave new world of smartphone-dependent society, dependability is a strong requirement and needs to be addressed properly. Assessing the dependability of these mobile system is still an open issue, and companies should have the tools to improve their devices and beat the competition against other vendors. The main objective of this dissertation is to provide the methods to assess the dependability of mobile OS, fundamental for further improvements. Mobile OS are threatened mainly by traditional residual faults (when errors spread across components as failures), aging-related faults (when errors accumulate over time), and misuses by users and applications. This thesis faces these three aspects. First, it presents a qualitative method to define the fault model of a mobile OS, and an exhaustive fault model for Android. I designed and developed AndroFIT, a novel fault injection tool for Android smartphone, and performed an extensive fault injection campaign on three Android devices from different vendors to analyze the impact of component failure on the mobile OS. Second, it presents an experimental methodology to analyze the software aging phenomenon in mobile OS. I performed a software aging analysis campaign on Android devices to identify the impacting factors on performance degradation and resource consumption. Third, it presents the design and implementation of a novel fuzzing tool, namely Chizpurfle, able to automatically test Android vendor customizations by leveraging code coverage information at run-time

Measuring the Use of the Active and Assisted Living Prototype CARIMO for Home Care Service Users: Evaluation Framework and Results

To address the challenges of aging societies, various information and communication technology (ICT)-based systems for older people have been developed in recent years. Currently, the evaluation of these so-called active and assisted living (AAL) systems usually focuses on the analyses of usability and acceptance, while some also assess their impact. Little is known about the actual take-up of these assistive technologies. This paper presents a framework for measuring the take-up by analyzing the actual usage of AAL systems. This evaluation framework covers detailed information regarding the entire process including usage data logging, data preparation, and usage data analysis. We applied the framework on the AAL prototype CARIMO for measuring its take-up during an eight-month field trial in Austria and Italy. The framework was designed to guide systematic, comparable, and reproducible usage data evaluation in the AAL field; however, the general applicability of the framework has yet to be validated

Multi-contrast imaging and digital refocusing on a mobile microscope with a domed LED array

We demonstrate the design and application of an add-on device for improving the diagnostic and research capabilities of CellScope--a low-cost, smartphone-based point-of-care microscope. We replace the single LED illumination of the original CellScope with a programmable domed LED array. By leveraging recent advances in computational illumination, this new device enables simultaneous multi-contrast imaging with brightfield, darkfield, and phase imaging modes. Further, we scan through illumination angles to capture lightfield datasets, which can be used to recover 3D intensity and phase images without any hardware changes. This digital refocusing procedure can be used for either 3D imaging or software-only focus correction, reducing the need for precise mechanical focusing during field experiments. All acquisition and processing is performed on the mobile phone and controlled through a smartphone application, making the computational microscope compact and portable. Using multiple samples and different objective magnifications, we demonstrate that the performance of our device is comparable to that of a commercial microscope. This unique device platform extends the field imaging capabilities of CellScope, opening up new clinical and research possibilities

StoryDroid: Automated Generation of Storyboard for Android Apps

Mobile apps are now ubiquitous. Before developing a new app, the development team usually endeavors painstaking efforts to review many existing apps with similar purposes. The review process is crucial in the sense that it reduces market risks and provides inspiration for app development. However, manual exploration of hundreds of existing apps by different roles (e.g., product manager, UI/UX designer, developer) in a development team can be ineffective. For example, it is difficult to completely explore all the functionalities of the app in a short period of time. Inspired by the conception of storyboard in movie production, we propose a system, StoryDroid, to automatically generate the storyboard for Android apps, and assist different roles to review apps efficiently. Specifically, StoryDroid extracts the activity transition graph and leverages static analysis techniques to render UI pages to visualize the storyboard with the rendered pages. The mapping relations between UI pages and the corresponding implementation code (e.g., layout code, activity code, and method hierarchy) are also provided to users. Our comprehensive experiments unveil that StoryDroid is effective and indeed useful to assist app development. The outputs of StoryDroid enable several potential applications, such as the recommendation of UI design and layout code

Longitudinal performance analysis of machine learning based Android malware detectors

This paper presents a longitudinal study of the performance of machine learning classifiers for Android malware detection. The study is undertaken using features extracted from Android applications first seen between 2012 and 2016. The aim is to investigate the extent of performance decay over time for various machine learning classifiers trained with static features extracted from date-labelled benign and malware application sets. Using date-labelled apps allows for true mimicking of zero-day testing, thus providing a more realistic view of performance than the conventional methods of evaluation that do not take date of appearance into account. In this study, all the investigated machine learning classifiers showed progressive diminishing performance when tested on sets of samples from a later time period. Overall, it was found that false positive rate (misclassifying benign samples as malicious) increased more substantially compared to the fall in True Positive rate (correct classification of malicious apps) when older models were tested on newer app samples

Security Code Smells in Android ICC

Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand. As a consequence, ICC is a common source of security vulnerability in Android apps. To promote secure programming practices, we have reviewed related research, and identified avoidable ICC vulnerabilities in Android-run devices and the security code smells that indicate their presence. We explain the vulnerabilities and their corresponding smells, and we discuss how they can be eliminated or mitigated during development. We present a lightweight static analysis tool on top of Android Lint that analyzes the code under development and provides just-in-time feedback within the IDE about the presence of such smells in the code. Moreover, with the help of this tool we study the prevalence of security code smells in more than 700 open-source apps, and manually inspect around 15% of the apps to assess the extent to which identifying such smells uncovers ICC security vulnerabilities.Comment: Accepted on 28 Nov 2018, Empirical Software Engineering Journal (EMSE), 201