Assessing sofware quality by micro patterns detection

One of the goals of Software Engineering is to reduce, or at least to try to control, the defectiveness of software systems during the development phase. Software engineers need to have empirical evidence that software metrics are related to software quality. Unfortunately, software quality is quite an elusive concept, software being an immaterial entity that cannot be physically measured in traditional ways. In general, software quality means many things. In software, the narowest sense of product quality is commonly recognized as absence or low incidence of bugs in the product. It is also the most basic meaning of confermance to requirements, because if the software contains too many functional defects, the basic requirement of providing the desired function is not met. To increase overall customer satisfaction as well as satisfaction toward various quality attributes, the quality attributes must be taken into account in the planning and design of software. To improve quality during development, we need models of the develompment process, and within the process we need to select and deploy specific methods and approaches, and employ proper tools and technologies. It is necessary to know measures of the characteristics and quality parameters of the development process and its stages, as well as metrics and models to help ensure that the development process is under control to meet the product’s quality objectives. Software quality metrics tend to measure whether software is well structured, not too simple and not too complex, with cohesive modules that minimize their coupling. Many quality metrics have been proposed for software, depending also on the paradigm and languages used there are metrics for structured programming, object-oriented programming, aspect-oriented programming, and so on. The use of traditional metrics as quality indicators is very dicult. The Lines of Code (LOC) metric (very related to faults), is dicult to use, you can not say to a team of developers to develop classes by imposing a predefined number of lines of code. The use of the micro patterns (introduced by Gil and Maman) metrics, that capture concepts of good or bad programming (like anti patterns) can help developers to focus on those classes that belong to categories of micro patterns prone to fault. The relationship between traditional metrics and micro patterns is useful for enabling these new metrics to evaluate software quality. Micro patterns are similar to design patterns, but their characteristic is that they can be identified automatically, and are at a lower level of abstraction with respect to design patterns. This thesis tackles the problem of measuring software quality in Object Oriented (OO) systems by using such novel approaches based on micro patterns that can be a useful metrics in order to measure the quality of software by showing that certain categories of micro patterns are more fault prone than others, and that the classes that do not correspond to any category of micro patterns are more likely to be faulty. Many empirical studies were performed to validate empirically CK suite under these two aspects, showing an acceptable correlation between CK metrics values and software fault-proneness and diculty of maintenance. In OO, micro patterns can help to identify the portions of code that should be improved (for example those where encapsulation is not respected), and highlight other portions that make up good design practices. The design patterns, defined in the early nineties were an important breakthrough at analysis and design level, but are dicult to be automatically supported at the coding level. There are tools claiming to help finding the usage of design patterns in code, but in practice they are used in a very limited way. On the contrary, micro patterns are defined at coding level, and it is relatively easy to recognize them automatically, thus being able to implement formal conditions on the structure of the class. Thesis overview The thesis is organized according to this scheme: • Chapter 2 provides an overview of the concept of software metrics; • Chapter 3 presents an overview of the design patterns catalogs; • Chapter 4 discusses the micro patterns catalog using the definitions made by Gil and Maman; • Chapter 5 discusses the interpretation of Micro Patterns given by Arcelli and Maggioni; • Chapter 6 present the study of the evolution of five particular micro patterns (anti patterns) in different releases of the Eclipse and NetBeans systems, and the correlations between anti patterns and faults. The analysis confirms previous findings regarding the high coverage of micro patterns onto the system classes, and show that anti patterns not only represent bad Object Oriented programming practices, but may also be associated to the production of worse quality software, since they present a significantly enhanced fault proneness. • Chapter 7 present a study that aims to show, through empirical studies of open source software systems, which categories of micro patterns are more correlated to faults. Gil and Maman demonstrated, and subsequent studies confirmed, that 75% of the classes of a software system are covered by micro patterns. In this chapter is also analyzed the relationship between faults and the remaining 25% of classes that do not match with any micro pattern. We found that these classes are more likely to be faultprone than the others. We also studied the correlation among all the micro patterns of the catalog, in order to verify the existence of relationships between them. • Chapter 8 present a study on micro patterns in different releases of two software systems developed with Object Oriented technologies and Agile process. In this chapter we present some empirical results on two case studies of systems devel- oped with Agile methodologies, and compare them to previous results obtained for non Agile systems. In particular we have verified that the distribution of micro patterns in a software system developed using Agile methodologies does not differ from the distribution studied in other systems, and that the micro patterns fault-proneness is about the same. We also analyzed how the distribution of micro patterns changes in different releases of the same software system. We demonstrate that there is a relationship between the number of faults and the classes that do not match with any micro patterns. We found that these classes are more likely to be fault-prone than the others even in software developed with Agile methodologies • Chapter 9 present the Java tool used in order to extract from the source code the informations about micro patterns distributions. • Chapter 10 discusses the related works in the field

Assessing sofware quality by micro patterns detection

One of the goals of Software Engineering is to reduce, or at least to try to control, the defectiveness of software systems during the development phase. Software engineers need to have empirical evidence that software metrics are related to software quality. Unfortunately, software quality is quite an elusive concept, software being an immaterial entity that cannot be physically measured in traditional ways. In general, software quality means many things. In software, the narowest sense of product quality is commonly recognized as absence or low incidence of bugs in the product. It is also the most basic meaning of confermance to requirements, because if the software contains too many functional defects, the basic requirement of providing the desired function is not met. To increase overall customer satisfaction as well as satisfaction toward various quality attributes, the quality attributes must be taken into account in the planning and design of software. To improve quality during development, we need models of the develompment process, and within the process we need to select and deploy specific methods and approaches, and employ proper tools and technologies. It is necessary to know measures of the characteristics and quality parameters of the development process and its stages, as well as metrics and models to help ensure that the development process is under control to meet the product’s quality objectives. Software quality metrics tend to measure whether software is well structured, not too simple and not too complex, with cohesive modules that minimize their coupling. Many quality metrics have been proposed for software, depending also on the paradigm and languages used there are metrics for structured programming, object-oriented programming, aspect-oriented programming, and so on. The use of traditional metrics as quality indicators is very dicult. The Lines of Code (LOC) metric (very related to faults), is dicult to use, you can not say to a team of developers to develop classes by imposing a predefined number of lines of code. The use of the micro patterns (introduced by Gil and Maman) metrics, that capture concepts of good or bad programming (like anti patterns) can help developers to focus on those classes that belong to categories of micro patterns prone to fault. The relationship between traditional metrics and micro patterns is useful for enabling these new metrics to evaluate software quality. Micro patterns are similar to design patterns, but their characteristic is that they can be identified automatically, and are at a lower level of abstraction with respect to design patterns. This thesis tackles the problem of measuring software quality in Object Oriented (OO) systems by using such novel approaches based on micro patterns that can be a useful metrics in order to measure the quality of software by showing that certain categories of micro patterns are more fault prone than others, and that the classes that do not correspond to any category of micro patterns are more likely to be faulty. Many empirical studies were performed to validate empirically CK suite under these two aspects, showing an acceptable correlation between CK metrics values and software fault-proneness and diculty of maintenance. In OO, micro patterns can help to identify the portions of code that should be improved (for example those where encapsulation is not respected), and highlight other portions that make up good design practices. The design patterns, defined in the early nineties were an important breakthrough at analysis and design level, but are dicult to be automatically supported at the coding level. There are tools claiming to help finding the usage of design patterns in code, but in practice they are used in a very limited way. On the contrary, micro patterns are defined at coding level, and it is relatively easy to recognize them automatically, thus being able to implement formal conditions on the structure of the class. Thesis overview The thesis is organized according to this scheme: • Chapter 2 provides an overview of the concept of software metrics; • Chapter 3 presents an overview of the design patterns catalogs; • Chapter 4 discusses the micro patterns catalog using the definitions made by Gil and Maman; • Chapter 5 discusses the interpretation of Micro Patterns given by Arcelli and Maggioni; • Chapter 6 present the study of the evolution of five particular micro patterns (anti patterns) in different releases of the Eclipse and NetBeans systems, and the correlations between anti patterns and faults. The analysis confirms previous findings regarding the high coverage of micro patterns onto the system classes, and show that anti patterns not only represent bad Object Oriented programming practices, but may also be associated to the production of worse quality software, since they present a significantly enhanced fault proneness. • Chapter 7 present a study that aims to show, through empirical studies of open source software systems, which categories of micro patterns are more correlated to faults. Gil and Maman demonstrated, and subsequent studies confirmed, that 75% of the classes of a software system are covered by micro patterns. In this chapter is also analyzed the relationship between faults and the remaining 25% of classes that do not match with any micro pattern. We found that these classes are more likely to be faultprone than the others. We also studied the correlation among all the micro patterns of the catalog, in order to verify the existence of relationships between them. • Chapter 8 present a study on micro patterns in different releases of two software systems developed with Object Oriented technologies and Agile process. In this chapter we present some empirical results on two case studies of systems devel- oped with Agile methodologies, and compare them to previous results obtained for non Agile systems. In particular we have verified that the distribution of micro patterns in a software system developed using Agile methodologies does not differ from the distribution studied in other systems, and that the micro patterns fault-proneness is about the same. We also analyzed how the distribution of micro patterns changes in different releases of the same software system. We demonstrate that there is a relationship between the number of faults and the classes that do not match with any micro patterns. We found that these classes are more likely to be fault-prone than the others even in software developed with Agile methodologies • Chapter 9 present the Java tool used in order to extract from the source code the informations about micro patterns distributions. • Chapter 10 discusses the related works in the field

A Longitudinal Study of Anti Micro Patterns in 113 Versions of Tomcat

Background: Micro patterns represent design decisions in code. They are similar to design patterns and can be detected automatically. These micro structures can be helpful in identifying portions of code which should be improved (anti-micro patterns), or other well-designed parts which need to be preserved. The concepts expressed in these design decisions are defined at class-level; therefore the primary goal is to detect and provide information related to a specific granularity level. Aim: this paper aims to present preliminary results about a longitudinal study performed on anti-micro pattern distributions over 113 versions of Tomcat. Method: we first extracted the micro patterns from the 113 versions of Tomcat, then found the percentage of classes matching each of the six anti-micro pattern considered for this analysis, and studied correlations among the obtained time series after testing for stationarity, randomness and seasonality. Results: results show that the time series are stationary, not random (except for Function Pointer), and that additional studied are needed for studying seasonality. Regarding correlations, only the Pool and Record time series presented a correlation of 0.69, while moderate correlation has been found between Function Pointer and Function Object (0.58) and between Cobol Like and Pool (0.44)

Smart Contracts Software Metrics: a First Study

© 2018 The Author(s).Smart contracts (SC) are software codes which reside and run over a blockchain. The code can be written in different languages with the common purpose of implementing various kinds of transactions onto the hosting blockchain, They are ruled by the blockchain infrastructure and work in order to satisfy conditions typical of traditional contracts. The software code must satisfy constrains strongly context dependent which are quite different from traditional software code. In particular, since the bytecode is uploaded in the hosting blockchain, size, computational resources, interaction between different parts of software are all limited and even if the specific software languages implement more or less the same constructs of traditional languages there is not the same freedom as in normal software development. SC software is expected to reflect these constrains on SC software metrics which should display metric values characteristic of the domain and different from more traditional software metrics. We tested this hypothesis on the code of more than twelve thousands SC written in Solidity and uploaded on the Ethereum blockchain. We downloaded the SC from a public repository and computed the statistics of a set of software metrics related to SC and compared them to the metrics extracted from more traditional software projects. Our results show that generally Smart Contracts metrics have ranges more restricted than the corresponding metrics in traditional software systems. Some of the stylized facts, like power law in the tail of the distribution of some metrics, are only approximate but the lines of code follow a log normal distribution which reminds of the same behavior already found in traditional software systems.Submitted Versio

Smart Contracts Vulnerabilities: A Call for Blockchain Software Engineering?

Smart Contracts have gained tremendous popularity in the past few years, to the point that billions of US Dollars are currently exchanged every day through such technology. However, since the release of the Frontier network of Ethereum in 2015, there have been many cases in which the execution of Smart Contracts managing Ether coins has led to problems or conflicts. Compared to traditional Software Engineering, a discipline of Smart Contract and Blockchain programming, with standardized best practices that can help solve the mentioned problems and conflicts, is not yet sufficiently developed. Furthermore, Smart Contracts rely on a non-standard software life-cycle, according to which, for instance, delivered applications can hardly be updated or bugs resolved by releasing a new version of the software. In this paper we advocate the need for a discipline of Blockchain Software Engineering, addressing the issues posed by smart contract programming and other applications running on blockchains. We analyse a case of study where a bug discovered in a Smart Contract library, and perhaps “unsafe” programming, allowed an attack on Parity, a wallet application, causing the freezing of about 500K Ethers (about 150M USD, in November 2017). In this study we analyze the source code of Parity and the library, and discuss how recognised best practices could mitigate, if adopted and adapted, such detrimental software misbehavior. We also reflect on the specificity of Smart Contract software development, which makes some of the existing approaches insufficient, and call for the definition of a specific Blockchain Software Engineering

Achieving Quality through Software Maintenance and Evolution: on the role of Agile Methodologies and Open Source Software

Agile methodologies, open source software development, and emerging new technologies are at the base of disruptive changes in software engineering. Being effort estimation pivotal for effective project management in the agile context, in the first part of the thesis we contribute to improve effort estimation by devising a real-time story point classifier, designed with the collaboration of an industrial partner and by exploiting publicly available data on open source projects. We demonstrate that, after an initial training on at least 300 issue reports, the classifier estimates a new issue in less than 15 seconds with a mean magnitude of relative error between 0.16 and 0.61. In addition, issue type, summary, description, and related components prove to be project-dependent features pivotal for story point estimation. Since story points are the most popular effort estimation metric in the agile context, in the second study presented in the thesis we investigate the role of agile methodologies in software maintenance and evolution, and prove its undoubted influence on the refactoring research field over the last 15 years. In the later part of the thesis, we focus on recent technologies to understand their impact on software engineering. We start by proposing a specialized blockchain-oriented software engineering, on the basis of the peculiar challenges the blockchain sector must confront with and statistical data retrieved from a corpus of open source blockchain-oriented software repositories, identified relying upon the 2016 Moody’s Blockchain Report. We advocate the need for new professional roles, enhanced security and reliability, novel modeling languages, and specialized metrics, along with new research directions focusing on collaboration among large teams, testing, and specialized tools for the creation of smart contracts. Along with the blockchain, in the later part of this work we also study the growing mobile sector. More specifically, we focus on the relationships between software defects and the use of the underlying system API, proving that our findings are aligned with those in the literature, namely, that the applications which are more connected to API classes are also more defect-prone. Finally, in the last work presented in the dissertation, we conducted a statistical analysis of 20 open source object-oriented systems, 10 written in the highly popular language Java and 10 in the rising language Python. We leveraged two statistical distribution functions–the log-normal and the double Pareto distributions–to provide good fits, both in Java and Python, for three metrics, namely, the NOLM, NOM, and NOS metrics. The study, among other findings, revealed that the variability of the number of methods used in Python classes is lower than in Java classes, and that Java classes, on average, feature fewer lines of code than Python classes

Study of metrics and practices for improving object oriented software quality

Modern software systems are large and complex products, consisting in thousands lines of code, developed, often in a distributed environment, by dozens of developers and produced through an industrial process, usu- ally with short time to market. To manage such kind of complexity and to keep the development process under control measurements and metrics are required. The present thesis collects the outcomes of the research the author carried on in the field of software metrics during the three years of the Ph.D. studies. Software metrics are used to measure various aspects of software development, including software features, processes execution, developers' efforts, software quality, just to name a few. The first part of the present thesis reports the results of the studies performed on product metrics, with the final goal of helping software engineers better manage the programmers efforts and particularly to assess software quality dur- ing software development. The second part of this dissertation presents the outcomes of the research aimed at shedding some light on the effec- tiveness and impact of some development practices on software systems. To perform these studies I used a novel approach, based on the concept of complex network. Complex networks are in fact one of the best can- didates to represent software systems, enabling researchers to obtain a deeper knowledge of the structure and evolution of a software system. We found some meaningful statistical correlations between network metrics and software properties. Both the theoretical framework and the reported findings might, in principle, have a practical application to assist software engineers dealing with specific development tasks, like bug discovery or refactoring

Study of metrics and practices for improving object oriented software quality

Modern software systems are large and complex products, consisting in thousands lines of code, developed, often in a distributed environment, by dozens of developers and produced through an industrial process, usu- ally with short time to market. To manage such kind of complexity and to keep the development process under control measurements and metrics are required. The present thesis collects the outcomes of the research the author carried on in the field of software metrics during the three years of the Ph.D. studies. Software metrics are used to measure various aspects of software development, including software features, processes execution, developers' efforts, software quality, just to name a few. The first part of the present thesis reports the results of the studies performed on product metrics, with the final goal of helping software engineers better manage the programmers efforts and particularly to assess software quality dur- ing software development. The second part of this dissertation presents the outcomes of the research aimed at shedding some light on the effec- tiveness and impact of some development practices on software systems. To perform these studies I used a novel approach, based on the concept of complex network. Complex networks are in fact one of the best can- didates to represent software systems, enabling researchers to obtain a deeper knowledge of the structure and evolution of a software system. We found some meaningful statistical correlations between network metrics and software properties. Both the theoretical framework and the reported findings might, in principle, have a practical application to assist software engineers dealing with specific development tasks, like bug discovery or refactoring

Micro pattern fault-proneness

One of the goals of Software Engineering is to reduce, or at least to try to control, the defectiveness of software systems during the development phase. The aim of our study is to analyze the relationship between micro patterns (introduced by Gil and Maman) and faults in a software system. Micro patterns are similar to design patterns, but their characteristic is that they can be identified automatically, and are at a lower level of abstraction with respect to design patterns. Our study aims to show, through empirical studies of open source software systems, which categories of micro patterns are more correlated to faults. Gil and Maman demonstrated, and subsequent studies confirmed, that 75% of the classes of a software system are covered by micro patterns. In our study we also analyze the relationship between faults and the remaining 25% of classes that do not match with any micro pattern. We found that these classes are more likely to be fault-prone than the others. We also studied the correlation among all the micro patterns of the catalog, in order to verify the existence of relationships between them. © 2012 IEEE