Overcoming Language Dichotomies: Toward Effective Program Comprehension for Mobile App Development

Mobile devices and platforms have become an established target for modern software developers due to performant hardware and a large and growing user base numbering in the billions. Despite their popularity, the software development process for mobile apps comes with a set of unique, domain-specific challenges rooted in program comprehension. Many of these challenges stem from developer difficulties in reasoning about different representations of a program, a phenomenon we define as a "language dichotomy". In this paper, we reflect upon the various language dichotomies that contribute to open problems in program comprehension and development for mobile apps. Furthermore, to help guide the research community towards effective solutions for these problems, we provide a roadmap of directions for future work.Comment: Invited Keynote Paper for the 26th IEEE/ACM International Conference on Program Comprehension (ICPC'18

Automatically Discovering, Reporting and Reproducing Android Application Crashes

Mobile developers face unique challenges when detecting and reporting crashes in apps due to their prevailing GUI event-driven nature and additional sources of inputs (e.g., sensor readings). To support developers in these tasks, we introduce a novel, automated approach called CRASHSCOPE. This tool explores a given Android app using systematic input generation, according to several strategies informed by static and dynamic analyses, with the intrinsic goal of triggering crashes. When a crash is detected, CRASHSCOPE generates an augmented crash report containing screenshots, detailed crash reproduction steps, the captured exception stack trace, and a fully replayable script that automatically reproduces the crash on a target device(s). We evaluated CRASHSCOPE's effectiveness in discovering crashes as compared to five state-of-the-art Android input generation tools on 61 applications. The results demonstrate that CRASHSCOPE performs about as well as current tools for detecting crashes and provides more detailed fault information. Additionally, in a study analyzing eight real-world Android app crashes, we found that CRASHSCOPE's reports are easily readable and allow for reliable reproduction of crashes by presenting more explicit information than human written reports.Comment: 12 pages, in Proceedings of 9th IEEE International Conference on Software Testing, Verification and Validation (ICST'16), Chicago, IL, April 10-15, 2016, pp. 33-4

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India

Discovering, quantifying, and displaying attacks

In the design of software and cyber-physical systems, security is often perceived as a qualitative need, but can only be attained quantitatively. Especially when distributed components are involved, it is hard to predict and confront all possible attacks. A main challenge in the development of complex systems is therefore to discover attacks, quantify them to comprehend their likelihood, and communicate them to non-experts for facilitating the decision process. To address this three-sided challenge we propose a protection analysis over the Quality Calculus that (i) computes all the sets of data required by an attacker to reach a given location in a system, (ii) determines the cheapest set of such attacks for a given notion of cost, and (iii) derives an attack tree that displays the attacks graphically. The protection analysis is first developed in a qualitative setting, and then extended to quantitative settings following an approach applicable to a great many contexts. The quantitative formulation is implemented as an optimisation problem encoded into Satisfiability Modulo Theories, allowing us to deal with complex cost structures. The usefulness of the framework is demonstrated on a national-scale authentication system, studied through a Java implementation of the framework.Comment: LMCS SPECIAL ISSUE FORTE 201

Infrastructure and economic growth in East Asia

This paper examines whether infrastructure investment has contributed to East Asia's economic growth using both a growth accounting framework and cross-country regressions. For most of the variables used, both the growth accounting exercise and cross-country regressions fail to find a significant link between infrastructure, productivity and growth. These conclusions contrast strongly with previous studies finding positive and significant effect for all infrastructure variables in the context of a production function study. This leads us to conclude that results from studies using macro-level data should be considered with extreme caution. The Authors suggest that infrastructure investment may have had the primary function of relieving constraints and bottlenecks as they arose, as opposed to directly encouraging growth.Transport Economics Policy&Planning,Banks&Banking Reform,Achieving Shared Growth,Economic Theory&Research,Non Bank Financial Institutions

Strategic Niche Management (SNM) beyond sustainability. An exploration of key findings of SNM through the lens of ICT and privacy

Recently the governance of socio-technical transitions to sustainability is gaining attention in the field of innovation studies. One particular approach is that of Strategic Niche Management (SNM), which advocates the creation of protected space to experiment with radically new sustainable socio-technical practices. This paper contributes by asking whether this approach is also useful for analysis and governance of other types of socially desirable change. This question is addressed through a review of six key-findings of Strategic Niche Management and an original case study in the field of Near Field Communication (NFC) technologies for mobile payment. The social value at stake in this case is not sustainability but privacy. We draw three main conclusions. First, we find that the key-findings and concepts in SNM for sustainability are helpful to understand and interpret much of the data collected for the NFC case and privacy. However, there are notable differences in each of the key-findings, i.e findings related to a) the local-global distinction in SNM, b) expectations, c) social networks, d) learning, e) protection, and f) niche-regime interactions. Second, in relation to governance, the role of sustainability values (being a promising value to pursue) and privacy values (being a bottom-line value to defend) are notably different. Third, these differences result in different roles of public bodies in niche development. The paper ends with discussing the consequences for SNM for sustainability research and future research topics.Strategic Niche Management, sustainability, NFC, mobile payment, privacy