8 research outputs found
Are architectural smells independent from code smells? An empirical study
Background. Architectural smells and code smells are symptoms of bad code or design that can cause different quality problems, such as faults, technical debt, or difficulties with maintenance and evolution. Some studies show that code smells and architectural smells often appear together in the same file. The correlation between code smells and architectural smells, however, is not clear yet; some studies on a limited set of projects have claimed that architectural smells can be derived from code smells, while other studies claim the opposite. Objective. The goal of this work is to understand whether architectural smells are independent from code smells or can be derived from a code smell or from one category of them. Method. We conducted a case study analyzing the correlations among 19 code smells, six categories of code smells, and four architectural smells. Results. The results show that architectural smells are correlated with code smells only in a very low number of occurrences and therefore cannot be derived from code smells. Conclusion. Architectural smells are independent from code smells, and therefore deserve special attention by researchers, who should investigate their actual harmfulness, and practitioners, who should consider whether and when to remove them.acceptedVersionPeer reviewe
Study of Code Smells: A Review and Research Agenda
Code Smells have been detected, predicted and studied by researchers from several perspectives. This literature review is conducted to understand tools and algorithms used to detect and analyze code smells to summarize research agenda. 114 studies have been selected from 2009 to 2022 to conduct this review. The studies are deeply analyzed under the categorization of machine learning and non-machine learning, which are found to be 25 and 89 respectively. The studies are analyzed to gain insight into algorithms, tools and limitations of the techniques. Long Method, Feature Envy, and Duplicate Code are reported to be the most popular smells. 38% of the studies focused their research on the enhancement of tools and methods. Random Forest and JRip algorithms are found to give the best results under machine learning techniques. We extended the previous studies on code smell detection tools, reporting a total 87 tools during the review. Java is found to be the dominant programming language during the study of smells
Detection of microservice smells through static analysis
A arquitetura de microsserviços é um modelo arquitetural promissor na área de software,
atraindo desenvolvedores e empresas para os seus princÃpios convincentes. As suas vantagens
residem no potencial para melhorar a escalabilidade, a flexibilidade e a agilidade, alinhando se com as exigências em constante evolução da era digital. No entanto, navegar entre as
complexidades dos microsserviços pode ser uma tarefa desafiante, especialmente à medida
que este campo continua a evoluir.
Um dos principais desafios advém da complexidade inerente aos microsserviços, em que o seu
grande número e interdependências podem introduzir novas camadas de complexidade. Além
disso, a rápida expansão dos microsserviços, juntamente com a necessidade de aproveitar as
suas vantagens de forma eficaz, exige uma compreensão mais profunda das potenciais
ameaças e problemas que podem surgir. Para tirar verdadeiramente partido das vantagens
dos microsserviços, é essencial enfrentar estes desafios e garantir que o desenvolvimento e a
adoção de microsserviços sejam bem-sucedidos.
O presente documento pretende explorar a área dos smells da arquitetura de microsserviços
que desempenham um papel tão importante na dÃvida técnica dirigida à área dos
microsserviços.
Embarca numa exploração de investigação abrangente, explorando o domÃnio dos smells de
microsserviços. Esta investigação serve como base para melhorar um catálogo de smells de
microsserviços. Esta investigação abrangente obtém dados de duas fontes primárias:
systematic mapping study e um questionário a profissionais da área. Este último envolveu 31
profissionais experientes com uma experiência substancial no domÃnio dos microsserviços.
Além disso, são descritos o desenvolvimento e o aperfeiçoamento de uma ferramenta
especificamente concebida para identificar e resolver problemas relacionados com os
microsserviços. Esta ferramenta destina-se a melhorar o desempenho dos programadores
durante o desenvolvimento e a implementação da arquitetura de microsserviços.
Por último, o documento inclui uma avaliação do desempenho da ferramenta. Trata-se de
uma análise comparativa efetuada antes e depois das melhorias introduzidas na ferramenta.
A eficácia da ferramenta será avaliada utilizando o mesmo benchmarking de microsserviços
utilizado anteriormente, para além de outro benchmarking para garantir uma avaliação
abrangente.The microservices architecture stands as a beacon of promise in the software landscape,
drawing developers and companies towards its compelling principles. Its appeal lies in the
potential for improved scalability, flexibility, and agility, aligning with the ever-evolving
demands of the digital age. However, navigating the intricacies of microservices can be a
challenging task, especially as this field continues to evolve.
A key challenge arises from the inherent complexity of microservices, where their sheer
number and interdependencies can introduce new layers of intricacy. Furthermore, the rapid
expansion of microservices, coupled with the need to harness their advantages effectively,
demands a deeper understanding of the potential pitfalls and issues that may emerge. To
truly unlock the benefits of microservices, it is essential to address these challenges head-on
and ensure a successful journey in the world of microservices development and adoption.
The present document intends to explore the area of microservice architecture smells that
play such an important role in the technical debt directed to the area of microservices.
It embarks on a comprehensive research exploration, delving into the realm of microservice
smells. This research serves as the cornerstone for enhancing a microservice smell catalogue.
This comprehensive research draws data from two primary sources: a systematic mapping
research and an industry survey. The latter involves 31 seasoned professionals with
substantial experience in the field of microservices.
Moreover, the development and enhancement of a tool specifically designed to identify and
address issues related to microservices is described. This tool is aimed at improving
developers' performance throughout the development and implementation of microservices
architecture.
Finally, the document includes an evaluation of the tool's performance. This involves a
comparative analysis conducted before and after the tool's enhancements. The tool's
effectiveness will be assessed using the same microservice benchmarking as previously
employed, in addition to another benchmark to ensure a comprehensive evaluation
Raw Data: Are Architectural Smells independent from Code Smells? An empirical study
Raw data for the paper "Are Architectural Smells independent from Code Smells? An empirical study"
The csv files include the analysis of the 111 projects included in the Qualitas Corpus reporting architectural smells and code smells
Advanced Security Analysis for Emergent Software Platforms
Emergent software ecosystems, boomed by the advent of smartphones and the Internet of Things (IoT) platforms, are perpetually sophisticated, deployed into highly dynamic environments, and facilitating interactions across heterogeneous domains. Accordingly, assessing the security thereof is a pressing need, yet requires high levels of scalability and reliability to handle the dynamism involved in such volatile ecosystems.
This dissertation seeks to enhance conventional security detection methods to cope with the emergent features of contemporary software ecosystems. In particular, it analyzes the security of Android and IoT ecosystems by developing rigorous vulnerability detection methods. A critical aspect of this work is the focus on detecting vulnerable and unsafe interactions between applications that share common components and devices. Contributions of this work include novel insights and methods for: (1) detecting vulnerable interactions between Android applications that leverage dynamic loading features for concealing the interactions; (2) identifying unsafe interactions between smart home applications by considering physical and cyber channels; (3) detecting malicious IoT applications that are developed to target numerous IoT devices; (4) detecting insecure patterns of emergent security APIs that are reused from open-source software. In all of the four research thrusts, we present thorough security analysis and extensive evaluations based on real-world applications. Our results demonstrate that the proposed detection mechanisms can efficiently and effectively detect vulnerabilities in contemporary software platforms.
Advisers: Hamid Bagheri and Qiben Ya