Improving Software Quality by Synergizing Effective Code Inspection and Regression Testing

Software quality assurance is an essential practice in software development and maintenance. Evolving software systems consistently and safely is challenging. All changes to a system must be comprehensively tested and inspected to gain confidence that the modified system behaves as intended. To detect software defects, developers often conduct quality assurance activities, such as regression testing and code review, after implementing or changing required functionalities. They commonly evaluate a program based on two complementary techniques: dynamic program analysis and static program analysis. Using an automated testing framework, developers typically discover program faults by observing program execution with test cases that encode required program behavior as well as represent defects. Unlike dynamic analysis, developers make sure of the program correctness without executing a program by static analysis. They understand source code through manual inspection or identify potential program faults with an automated tool for statically analyzing a program. By removing the boundaries between static and dynamic analysis, complementary strengths and weaknesses of both techniques can create unified analyses. For example, dynamic analysis is efficient and precise but it requires selection of test cases without guarantee that the test cases cover all possible program executions, and static analysis is conservative and sound but it produces less precise results due to its approximation of all possible behaviors that may perform at run time. Many dynamic and static techniques have been proposed, but testing a program involves substantial cost and risks and inspecting code change is tedious and error-prone. Our research addresses two fundamental problems in dynamic and static techniques. (1) To evaluate a program, developers are typically required to implement test cases and reuse them. As they develop more test cases for verifying new implementations, the execution cost of test cases increases accordingly. After every modification, they periodically conduct regression test to see whether the program executes without introducing new faults in the presence of program evolution. To reduce the time required to perform regression testing, developers should select an appropriate subset of the test suite with a guarantee of revealing faults as running entire test cases. Such regression testing selection techniques are still challenging as these methods also have substantial costs and risks and discard test cases that could detect faults. (2) As a less formal and more lightweight method than running a test suite, developers often conduct code reviews based on tool support; however, understanding context and changes is the key challenge of code reviews. While reviewing code changes—addressing one single issue—might not be difficult, it is extremely difficult to understand complex changes—including multiple issues such as bug fixes, refactorings, and new feature additions. Developers need to understand intermingled changes addressing multiple development issues, finding which region of the code changes deals with a particular issue. Although such changes do not cause trouble in implementation, investigating these changes becomes time-consuming and error-prone since the intertwined changes are loosely related, leading to difficulty in code reviews. To address the limitations outlined above, our research makes the following contributions. First, we present a model-based approach to efficiently build a regression test suite that facilitates Extended Finite State Machines (EFSMs). Changes to the system are performed at transition level by adding, deleting or replacing transition. Tests are a sequence of input and expected output messages with concrete parameter values over the supported data types. Fully-observable tests are introduced whose descriptions contain all the information about the transitions executed by the tests. An invariant characterizing fully observable tests is formulated such that a test is fully-observable whenever the invariant is a satisfiable formula. Incremental procedures are developed to efficiently evaluate the invariant and to select tests from a test suite that are guaranteed to exercise a given change when the tests run on a modified EFSM. Tests rendered unusable due to a change are also identified. Overlaps among the test descriptions are exploited to extend the approach to simultaneously select and discard multiple tests to alleviate the test selection costs. Although test regression selection problem is NP-hard [78], the experimental results show the cost of our test selection procedure is still acceptable and economical. Second, to support code review and regression testing, we present a technique, called ChgCutter. It helps developers understand and validate composite changes as follows. It interactively decomposes these complex, composite changes into atomic changes, builds related change subsets using program dependence relationships without syntactic violation, and safely selects only related test cases from the test suite to reduce the time to conduct regression testing. When a code reviewer selects a change region from both original and changed versions of a program, ChgCutter automatically identifies similar change regions based on the dependence analysis and the tree-based code search technique. By automatically applying a change to the identified regions in an original program version, ChgCutter generates a program version which is a syntactically correct version of program. Given a generated program version, it leverages a testing selection technique to select and run a subset of the test suite affected by a change automatically separated from mixed changes. Based on the iterative change selection process, there can be each different program version that include its separated change. Therefore, ChgCutter helps code reviewers inspect large, complex changes by effectively focusing on decomposed change subsets. In addition to assisting understanding a substantial change, the regression testing selection technique effectively discovers defects by validating each program version that contains a separated change subset. In the evaluation, ChgCutter analyzes 28 composite changes in four open source projects. It identifies related change subsets with 95.7% accuracy, and it selects test cases affected by these changes with 89.0% accuracy. Our results show that ChgCutter should help developers effectively inspect changes and validate modified applications during development

Modeling network traffic on a global network-centric system with artificial neural networks

This dissertation proposes a new methodology for modeling and predicting network traffic. It features an adaptive architecture based on artificial neural networks and is especially suited for large-scale, global, network-centric systems. Accurate characterization and prediction of network traffic is essential for network resource sizing and real-time network traffic management. As networks continue to increase in size and complexity, the task has become increasingly difficult and current methodology is not sufficiently adaptable or scaleable. Current methods model network traffic with express mathematical equations which are not easily maintained or adjusted. The accuracy of these models is based on detailed characterization of the traffic stream which is measured at points along the network where the data is often subject to constant variation and rapid evolution. The main contribution of this dissertation is development of a methodology that allows utilization of artificial neural networks with increased capability for adaptation and scalability. Application on an operating global, broadband network, the Connexion by Boeingʼ network, was evaluated to establish feasibility. A simulation model was constructed and testing was conducted with operational scenarios to demonstrate applicability on the case study network and to evaluate improvements in accuracy over existing methods --Abstract, page iii

Evolution of security engineering artifacts: a state of the art survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research

Working Notes from the 1992 AAAI Workshop on Automating Software Design. Theme: Domain Specific Software Design

The goal of this workshop is to identify different architectural approaches to building domain-specific software design systems and to explore issues unique to domain-specific (vs. general-purpose) software design. Some general issues that cut across the particular software design domain include: (1) knowledge representation, acquisition, and maintenance; (2) specialized software design techniques; and (3) user interaction and user interface

Agile Project Dynamics: A System Dynamics Investigation of Agile Software Development Methods

While Agile software development has many advocates, acceptance in the government and defense sectors has been limited. To address questions of meanings to the term “Agile,” we examine a range of Agile methods practiced and develop a framework of seven characteristics, which we call the Agile Genome. We gain insight into the dynamics of how Agile development compares to classic “waterfall” approaches by constructing a System Dynamics model for software projects. The Agile Project Dynamics (APD) model captures each of the Agile genes as a separate component of the model and allows experimentation with combinations of practices and management policies. Experimentation with the APD model is used to explore how different genes work in combination with one another to produce both positive and negative effects. The extensible design of the APD model provides the basis for further study of Agile methods and management practices

Composite Monte Carlo decision making under high uncertainty of novel coronavirus epidemic using hybridized deep learning and fuzzy rule induction

In the advent of the novel coronavirus epidemic since December 2019, governments and authorities have been struggling to make critical decisions under high uncertainty at their best efforts. In computer science, this represents a typical problem of machine learning over incomplete or limited data in early epidemic Composite Monte-Carlo (CMC) simulation is a forecasting method which extrapolates available data which are broken down from multiple correlated/casual micro-data sources into many possible future outcomes by drawing random samples from some probability distributions. For instance, the overall trend and propagation of the infested cases in China are influenced by the temporal–spatial data of the nearby cities around the Wuhan city (where the virus is originated from), in terms of the population density, travel mobility, medical resources such as hospital beds and the timeliness of quarantine control in each city etc. Hence a CMC is reliable only up to the closeness of the underlying statistical distribution of a CMC, that is supposed to represent the behaviour of the future events, and the correctness of the composite data relationships. In this paper, a case study of using CMC that is enhanced by deep learning network and fuzzy rule induction for gaining better stochastic insights about the epidemic development is experimented. Instead of applying simplistic and uniform assumptions for a MC which is a common practice, a deep learning-based CMC is used in conjunction of fuzzy rule induction techniques. As a result, decision makers are benefited from a better fitted MC outputs complemented by min–max rules that foretell about the extreme ranges of future possibilities with respect to the epidemic.University of Macau MYRG2016-00069-FSTFDCT Macau FDCT/126/2014/A32018 Guangzhou Science and Technology Innovation and Development of Special Funds201907010001EF003/FST-FSJ/2019/GSTI

Detecting patterns in Time Series Data with applications in Official Statistics

This thesis examines the issue of detecting components or features within time series data in automatic procedures. We begin by introducing the concept of Wavelets and briefly show their usage as a tool for detection. This leads to our first contribution which is a novel method using wavelets for identifying correlation structures in time series data which are often ambiguous with very different contexts. Using the properties of the wavelet transform we show the ability to distinguish between short memory models with changepoints and long memory models. The next two Chapters consider seasonality within data, which is often present in time series used in Offical Statistics. We first describe the historical evolution of identification of seasonality, comparing and contrasting methodology as it has expanded throughout time. Following this, motivated by the increased use of high-frequency time series in Official Statistics and a lack of methods for identifying low-frequency seasonal components within high-frequency data, we present a method for identifying periodicity in a series with the use of a simple wavelet decomposition. Presented with theoretical results and simulations, we show how the seasonality of a series is uniquely represented within a wavelet transform and use this to identify low frequency components which are often overlooked in favour of a trend, with very different interpretations. Finally, beginning with the motivation of forecasting European Area GDP at the current time point, we show the effectiveness of an algorithm which detects the most useful data and structures for a Dynamic Factor Model. We show its effectiveness in reducing forecasting errors but show that under large scale simulation that the recovery of the true structure over two dimensions is a difficult task. All the chapters of this thesis are motivated by, and give applications to, time series from different areas of Official Statistics