Evaluating the Graph-based Visualization Technique: A Controlled Experiment

Many researchers have highlighted the scarcity of empirical studies that systematically examine the advantages and disadvantages of the use of visualization techniques for software understanding activities. Such studies are crucial for gathering and analyzing objective and quantifiable evidence about the usefulness of proposed visualization techniques and tools, and ultimately, for guiding the research in software visualization. This paper presents a controlled experiment aimed at assessing the impact of a graph-based visualization technique on comprehension tasks. Six common comprehension tasks were performed by 20 undergraduate software engineering students. The completion time and the accuracy of the participants’ responses were measured. The results indicate that on one hand the use of the graph-based visualization increases the correctness (by 21.45% in average) but on the other hand it does not reduce the completion time in program comprehension tasks

On the Influence of Latent Semantic Analysis Parameterization for Bug Localization

The bug localization problem has benefited from modern information retrieval techniques, such as Latent Semantic Analysis. There are many factors that influence the quality of results of this approach, such as, stop-words, term-documentmatrix transformations, dimensionality reduction and filtering criteria of the corpus. In this paper, we study the effect of different combinations for these factors on the impact of the accuracy of the query results in the proposed technique for bug localization. Bugs of three real-world software systems were analyzed with different combinations of input parameters for the LSA technique. Our results suggest that the term-document matrix transformations and filtering criteria of the corpus have major influence in the quality of the result and that the combination of adequate individual parameter values does not necessarily produce the best combination. Furthermore, some general guidance for parameterization of the LSA technique for bug localization could also besuggested from the observed results

Empirical Evaluation of the Usefulness of Graph-based Visualization Techniques to Support Software Understanding

Many researchers have highlighted the scarcity of empirical studies that systematically examine the advantages and disadvantages of the use of visualization techniques for software understanding activities. Such studies are crucial for gathering and analyzing objective and quantifiable evidence about the usefulness of proposed visualization techniques and tools, and ultimately, for guiding the research in software visualization. This paper presents a controlled experiment aimed at assessing the impact of a graph-based visualization technique on comprehension tasks. Six common comprehension tasks were performed by 20 undergraduate software engineering students. The completion time and the accuracy of the participants’ responses were measured. The results indicate that on one hand the use of the graph-based visualization increases the correctness (by 21.45% in average) but on the other hand it does not reduce the completion time in program comprehension tasks.Resumen: Muchos investigadores han señalado la falta de estudios empíricos que sistemáticamente examinen las ventajas y desventajas del uso de técnicas de visualiza ción para soportar la comprensión del software. Estos estudios son indispensables para recolectar y analizar evidencia objetiva y cuantificable acerca de la utilidad de las técnicas de visualización y herramientas propuestas, y más aún, para servir como gu ía de la investigación en visualización de software. En este estudio, 6 tareas típicas de comprensión de software fueron realizadas por 20 estudiantes de ingeniería de software. Se midió el tiempo de respuesta y se calificó la exactitud en las respuestas d e los participantes. Los resultados indican que, por una parte, el uso de la técnica de visualización basada en grafos mejoró la exactitud en las respuestas de los estudiantes (21.45% en promedio), por otra parte, no se encontró evidencia de reducción en e l tiempo gastado por los estudiantes para resolver las tareas de comprensión de software.Maestrí

Do Dynamic Object Process Graphs Support Program Understanding? - A Controlled Experiment.

Using automatic program analysis techniques for ex-tracting architectural information and its visualization is widely considered useful for program understanding. However, it has to be empirically validated if a given technique is beneficial in practice. This is usually done by performing a set of case studies. To find out for sure whether a technique really has any effect, controlled ex-periments have to be conducted. Dynamic object process graphs are one such tech-nique. These graphs describe the control flow of an application from the perspective of a single object. In previous research, we conducted case studies which in-dicated that they may be useful for program understand-ing, but this assumption has not been validated so far. We report on a controlled experiment which investi-gated this question: Does the availability of such graphs support program understanding or not? We describe the research questions that were investigated, the hy-potheses, experimental setup, conduction, and discuss the results and lessons learned.

Change-centric improvement of team collaboration

In software development, teamwork is essential to the successful delivery of a final product. The software industry has historically built software utilizing development teams that share the workplace. Process models, tools, and methodologies have been enhanced to support the development of software in a collocated setting. However, since the dawn of the 21st century, this scenario has begun to change: an increasing number of software companies are adopting global software development to cut costs and speed up the development process. Global software development introduces several challenges for the creation of quality software, from the adaptation of current methods, tools, techniques, etc., to new challenges imposed by the distributed setting, including physical and cultural distance between teams, communication problems, and coordination breakdowns. A particular challenge for distributed teams is the maintenance of a level of collaboration naturally present in collocated teams. Collaboration in this situation naturally d r ops due to low awareness of the activity of the team. Awareness is intrinsic to a collocated team, being obtained through human interaction such as informal conversation or meetings. For a distributed team, however, geographical distance and a subsequent lack of human interaction negatively impact this awareness. This dissertation focuses on the improvement of collaboration, especially within geographically dispersed teams. Our thesis is that by modeling the evolution of a software system in terms of fine-grained changes, we can produce a detailed history that may be leveraged to help developers collaborate. To validate this claim, we first c r eate a model to accurately represent the evolution of a system as sequences of fine- grained changes. We proceed to build a tool infrastructure able to capture and store fine-grained changes for both immediate and later use. Upon this foundation, we devise and evaluate a number of applications for our work with two distinct goals: 1. To assist developers with real-time information about the activity of the team. These applications aim to improve developers’ awareness of team member activity that can impact their work. We propose visualizations to notify developers of ongoing change activity, as well as a new technique for detecting and informing developers about potential emerging conflicts. 2. To help developers satisfy their needs for information related to the evolution of the software system. These applications aim to exploit the detailed change history generated by our approach in order to help developers find answers to questions arising during their work. To this end, we present two new measurements of code expertise, and a novel approach to replaying past changes according to user-defined criteria. We evaluate the approach and applications by adopting appropriate empirical methods for each case. A total of two case studies – one controlled experiment, and one qualitative user study – are reported. The results provide evidence that applications leveraging a fine-grained change history of a software system can effectively help developers collaborate in a distributed setting

Uma abordagem híbrida para construção de documentação para apoio à instanciação de frameworks

Software reuse is one of the major goals in Software Engineering. Frameworks promote the reuse of individual building blocks, but also of system design. Framework instantiation is the construction of an application reusing a framework. This process requires a substantial understanding effort of the framework. So, high quality documentation may be a useful resource to minimize this effort. However, in most cases, appropriate documentation neither exists nor is up-to-date. A hypothesis is that the framework code itself and existing instantiations could provide useful information for new instantiations. However, in this case developers still would have to read large portions of code. The goal of this thesis is to demonstrate the feasibility of constructing relevant documentation for framework instantiation with static and dynamic analysis of the framework itself and pre-existing instantiations. The proposal is presenting the documentation in a cookbook style, where recipes are composed of programming tasks and information about framework elements related to a desired feature. Initially, two preliminary experiments were conducted to evaluate coverage and practical usefulness of the recipe information for developers. Results pointed out the need for some adjustments, but also indicated sufficient and relevant information in recipes. Finally, we performed a robust study, consisting of three experiments with 44 human subjects, and 88 executions of real framework instantiations. We compared the use of cookbooks with the use of traditional framework documentation. The generated cookbooks presented results better or as good as traditional framework documentation, in terms of correctness, time spent and the satisfaction perception of document uses.Tese (Doutorado)Reuso de software é um dos principais objetivos em Engenharia de Software. Frameworks de aplicação promovem a reutilização de blocos de construção, mas também da solução arquitetural para um determinado domínio de aplicação. A criação de uma aplicação reutilizando um framework denomina-se instanciação do framework e requer um esforço substancial de compreensão do mesmo. Uma documentação de alta qualidade pode ser um instrumento útil para minimizar esse esforço. No entanto, na maioria dos casos, a documentação adequada não existe ou não é atualizada. Uma hipótese é que o próprio código fonte do framework e de instâncias existentes poderiam oferecer informação útil para novas instanciações. Contudo, haveria o desafio dos desenvolvedores entenderem quantidade substancial de código fonte. Neste contexto, o objetivo desta tese é demonstrar a viabilidade de construção de documentação relevante para a instanciação de frameworks utilizando análise estática e dinâmica do código fonte do framework e de suas instanciações pré-existentes. A proposta é apresentar tal documentação como um livro de receitas, onde as receitas são compostas de tarefas de programação e informações sobre os elementos do framework associados a uma característica de interesse. Inicialmente, dois estudos preliminares foram realizados para avaliar a cobertura e a utilidade prática das informações contidas nas receitas, os quais mostraram a necessidade de alguns ajustes, mas também indicaram receitas com informações relevantes e cobertura adequada. Por fim, foi conduzido um estudo robusto composto de 3 experimentos envolvendo ao todo 44 sujeitos humanos, com 88 execuções de atividades reais de instanciação de frameworks, onde o uso de livros de receitas foi comparado ao uso de documentações tradicionais dos frameworks. Os livros de receitas gerados semi-automaticamente apresentaram resultados de uso iguais ou melhores, em termos de taxa de acerto, tempo de execução e percepção da satisfação dos usuários, cumprindo os objetivos de pesquisa

Security-Pattern Recognition and Validation

The increasing and diverse number of technologies that are connected to the Internet, such as distributed enterprise systems or small electronic devices like smartphones, brings the topic IT security to the foreground. We interact daily with these technologies and spend much trust on a well-established software development process. However, security vulnerabilities appear in software on all kinds of PC(-like) platforms, and more and more vulnerabilities are published, which compromise systems and their users. Thus, software has also to be modified due to changing requirements, bugs, and security flaws and software engineers must more and more face security issues during the software design; especially maintenance programmers must deal with such use cases after a software has been released. In the domain of software development, design patterns have been proposed as the best-known solutions for recurring problems in software design. Analogously, security patterns are best practices aiming at ensuring security. This thesis develops a deeper understanding of the nature of security patterns. It focuses on their validation and detection regarding the support of reviews and maintenance activities. The landscape of security patterns is diverse. Thus, published security patterns are collected and organized to identify software-related security patterns. The description of the selected software-security patterns is assessed, and they are compared against the common design patterns described by Gamma et al. to identify differences and issues that may influence the detection of security patterns. Based on these insights and a manual detection approach, we illustrate an automatic detection method for security patterns. The approach is implemented in a tool and evaluated in a case study with 25 real-world Android applications from Google Play