On Provably Correct Decision-Making for Automated Driving

The introduction of driving automation in road vehicles can potentially reduce road traffic crashes and significantly improve road safety. Automation in road vehicles also brings several other benefits such as the possibility to provide independent mobility for people who cannot and/or should not drive. Many different hardware and software components (e.g. sensing, decision-making, actuation, and control) interact to solve the autonomous driving task. Correctness of such automated driving systems is crucial as incorrect behaviour may have catastrophic consequences. Autonomous vehicles operate in complex and dynamic environments, which requires decision-making and planning at different levels. The aim of such decision-making components in these systems is to make safe decisions at all times. The challenge of safety verification of these systems is crucial for the commercial deployment of full autonomy in vehicles. Testing for safety is expensive, impractical, and can never guarantee the absence of errors. In contrast, formal methods, which are techniques that use rigorous mathematical models to build hardware and software systems can provide a mathematical proof of the correctness of the system. The focus of this thesis is to address some of the challenges in the safety verification of decision-making in automated driving systems. A central question here is how to establish formal verification as an efficient tool for automated driving software development.A key finding is the need for an integrated formal approach to prove correctness and to provide a complete safety argument. This thesis provides insights into how three different formal verification approaches, namely supervisory control theory, model checking, and deductive verification differ in their application to automated driving and identifies the challenges associated with each method. It identifies the need for the introduction of more rigour in the requirement refinement process and presents one possible solution by using a formal model-based safety analysis approach. To address challenges in the manual modelling process, a possible solution by automatically learning formal models directly from code is proposed

Applying and Extending the Delta Debugging Algorithm for Elevator Dispatching Algorithms (Experience Paper)

Elevator systems are one kind of Cyber-Physical Systems (CPSs), and as such, test cases are usually complex and long in time. This is mainly because realistic test scenarios are employed (e.g., for testing elevator dispatching algorithms, typically a full day of passengers traveling through a system of elevators is used). However, in such a context, when needing to reproduce a failure, it is of high benefit to provide the minimal test input to the software developers. This way, analyzing and trying to localize the root-cause of the failure is easier and more agile. Delta debugging has been found to be an efficient technique to reduce failure-inducing test inputs. In this paper, we enhance this technique by first monitoring the environment at which the CPS operates as well as its physical states. With the monitored information, we search for stable states of the CPS during the execution of the simulation. In a second step, we use such identified stable states to help the delta debugging algorithm isolate the failure-inducing test inputs more efficiently. We report our experience of applying our approach into an industrial elevator dispatching algorithm. An empirical evaluation carried out with real operational data from a real installation of elevators suggests that the proposed environment-wise delta debugging algorithm is between 1.3 to 1.8 times faster than the traditional delta debugging, while producing a larger reduction in the failure-inducing test inputs. The results provided by the different implemented delta debugging algorithm versions are qualitatively assessed with domain experts. This assessment provides new insights and lessons learned, such as, potential applications of the delta debugging algorithm beyond debugging

Maßgeschneiderte Produktlinienextraktion

Industry faces an increasing number of challenges regarding the functionality, efficiency and reliability of software. A common approach to reduce the linked development effort and respective costs are model-based languages, such as Matlab/Simulink and statecharts. While these languages help companies during development of single systems, the high demand for customized software is an increasing challenge. As a result, variants with high similarity and only slight differences have to be developed in an efficient way. As reimplementation of complex functionality for each variant is no option, copies of existing solutions are often modified for new customers. In the short-run, this so-called clone-and-own approach allows to save costs as existing solutions can easily be reused. However, this approach also involves risks as the relations between the copied systems are rarely documented and errors have to be fixed for each variant in isolation. Thus, with a growing number of potentially large system copies, the resulting maintenance effort can become a problem. To overcome these problems, this thesis contributes an approach to semi-automatically migrate existing model variants to software product lines. These product lines allow to generate all variants from the identified reusable artifacts. As industry uses a variety of different modeling languages, the focus of the approach lies on an easy adaptation for different languages. Furthermore, the approach can be custom-tailored to include domain knowledge or language-specific details in the variability identification. The first step of the approach performs a high-level analysis of variants to identify outliers (e.g., variants that diverged too much from the rest) and clusters of strongly related variants. The second step executes variability mining to identify corresponding low-level variability relations (i.e. the common and varying parts) for these clusters. The third step uses these detailed variability relations for an automatic migration of the compared variants to a delta-oriented software product line. The approach is evaluated using publicly available case studies with industrial background as well as model variants provided by an industry partner.Die Industrie steht einer steigenden Anzahl an Herausforderungen bezüglich der Funktionalität, Effizienz und Zuverlässigkeit von Software gegenüber. Um den damit verbundenen Entwicklungsaufwand und entsprechende Kosten zu reduzieren, werden häufig modellbasierte Sprachen wie Matlab/Simulink oder Zustandsautomaten eingesetzt. Obwohl diese Sprachen die Unternehmen während der Entwicklung von Einzelsystemen unterstützen, führt die große Nachfrage nach maßgeschneiderter Software zu neuen Herausforderungen. Entsprechend müssen Varianten mit hoher Ähnlichkeit und nur geringfügigen Unterschieden effizient entwickelt werden. Da eine Neuimplementierung komplexer Funktionalität für jede Variante keine Option darstellt, werden häufig Kopien existierender Lösungen für Kunden angepasst. Auf kurze Sicht ermöglicht dieser sogenannte clone-and-own-Ansatz Kosten zu sparen, da existierende Lösungen leicht wiederverwendet werden können. Jedoch birgt der Ansatz auch Risiken, da Beziehungen zwischen den Systemkopien selten dokumentiert werden und Fehler für jede der Variante einzeln behoben werden müssen. Somit kann mit einer wachsenden Anzahl an möglicherweise umfangreichen Systemkopien der Wartungsaufwand zu einem Problem werden. Um diese Probleme zu lösen, bietet diese Arbeit einen Ansatz zur semi-automatischen Überführung existierender Modellvarianten in Softwareproduktlinien. Diese ermöglichen eine anschließende Generierung der Varianten aus den identifizierten wiederverwendbaren Artefakten. Da in der Industrie eine große Menge von Modellierungssprachen eingesetzt wird, liegt der Fokus auf der einfachen Adaption für unterschiedliche Sprachen. Zusätzlich kann durch Einbeziehung von Expertenwissen oder sprachspezifische Details die Variabilitätsidentifikation beeinflusst werden. Der erste Schritt des Ansatzes analysiert die Varianten auf hohem Abstraktionslevel, um Außenseiter (z.B. Varianten die stark von den restlichen Variaten abweichen) und Cluster von stark verwandten Varianten zu identifizieren. Der zweite Schritt analysiert diese Cluster auf niedrigem Abstraktionslevel, um entsprechende Variabilitätsrelationen (d.h. gemeinsame und unterschiedliche Teile) zu identifizieren. Der dritte Schritt nutzt diese detaillierten Variabilitätsrelationen für eine automatische Migration der verglichenen Varianten in eine delta-orientierte Softwareproduktlinie. Der Ansatz ist an Fallstudien mit industriellem Kontext sowie Modellvarianten eines Industriepartners evaluiert worden

Code smells detection and visualization: A systematic literature review

Context: Code smells (CS) tend to compromise software quality and also demand more effort by developers to maintain and evolve the application throughout its life-cycle. They have long been catalogued with corresponding mitigating solutions called refactoring operations. Objective: This SLR has a twofold goal: the first is to identify the main code smells detection techniques and tools discussed in the literature, and the second is to analyze to which extent visual techniques have been applied to support the former. Method: Over 83 primary studies indexed in major scientific repositories were identified by our search string in this SLR. Then, following existing best practices for secondary studies, we applied inclusion/exclusion criteria to select the most relevant works, extract their features and classify them. Results: We found that the most commonly used approaches to code smells detection are search-based (30.1%), and metric-based (24.1%). Most of the studies (83.1%) use open-source software, with the Java language occupying the first position (77.1%). In terms of code smells, God Class (51.8%), Feature Envy (33.7%), and Long Method (26.5%) are the most covered ones. Machine learning techniques are used in 35% of the studies. Around 80% of the studies only detect code smells, without providing visualization techniques. In visualization-based approaches several methods are used, such as: city metaphors, 3D visualization techniques. Conclusions: We confirm that the detection of CS is a non trivial task, and there is still a lot of work to be done in terms of: reducing the subjectivity associated with the definition and detection of CS; increasing the diversity of detected CS and of supported programming languages; constructing and sharing oracles and datasets to facilitate the replication of CS detection and visualization techniques validation experiments.Comment: submitted to ARC

Code smells detection and visualization: A systematic literature review

Context: Code smells (CS) tend to compromise software quality and also demand more effort by developers to maintain and evolve the application throughout its life-cycle. They have long been cataloged with corresponding mitigating solutions called refactoring operations. Objective: This SLR has a twofold goal: the first is to identify the main code smells detection techniques and tools discussed in the literature, and the second is to analyze to which extent visual techniques have been applied to support the former. Method: Over 83 primary studies indexed in major scientific repositories were identified by our search string in this SLR. Then, following existing best practices for secondary studies, we applied inclusion/exclusion criteria to select the most relevant works, extract their features and classify them. Results: We found that the most commonly used approaches to code smells detection are search-based (30.1%), and metric-based (24.1%). Most of the studies (83.1%) use open-source software, with the Java language occupying the first position (77.1%). In terms of code smells, God Class (51.8%), Feature Envy (33.7%), and Long Method (26.5%) are the most covered ones. Machine learning techniques are used in 35% of the studies. Around 80% of the studies only detect code smells, without providing visualization techniques. In visualization-based approaches, several methods are used, such as city metaphors, 3D visualization techniques. Conclusions: We confirm that the detection of CS is a non-trivial task, and there is still a lot of work to be done in terms of: reducing the subjectivity associated with the definition and detection of CS; increasing the diversity of detected CS and of supported programming languages; constructing and sharing oracles and datasets to facilitate the replication of CS detection and visualization techniques validation experiments.info:eu-repo/semantics/acceptedVersio

Ernst Denert Award for Software Engineering 2020

This open access book provides an overview of the dissertations of the eleven nominees for the Ernst Denert Award for Software Engineering in 2020. The prize, kindly sponsored by the Gerlind & Ernst Denert Stiftung, is awarded for excellent work within the discipline of Software Engineering, which includes methods, tools and procedures for better and efficient development of high quality software. An essential requirement for the nominated work is its applicability and usability in industrial practice. The book contains eleven papers that describe the works by Jonathan Brachthäuser (EPFL Lausanne) entitled What You See Is What You Get: Practical Effect Handlers in Capability-Passing Style, Mojdeh Golagha’s (Fortiss, Munich) thesis How to Effectively Reduce Failure Analysis Time?, Nikolay Harutyunyan’s (FAU Erlangen-Nürnberg) work on Open Source Software Governance, Dominic Henze’s (TU Munich) research about Dynamically Scalable Fog Architectures, Anne Hess’s (Fraunhofer IESE, Kaiserslautern) work on Crossing Disciplinary Borders to Improve Requirements Communication, Istvan Koren’s (RWTH Aachen U) thesis DevOpsUse: A Community-Oriented Methodology for Societal Software Engineering, Yannic Noller’s (NU Singapore) work on Hybrid Differential Software Testing, Dominic Steinhofel’s (TU Darmstadt) thesis entitled Ever Change a Running System: Structured Software Reengineering Using Automatically Proven-Correct Transformation Rules, Peter Wägemann’s (FAU Erlangen-Nürnberg) work Static Worst-Case Analyses and Their Validation Techniques for Safety-Critical Systems, Michael von Wenckstern’s (RWTH Aachen U) research on Improving the Model-Based Systems Engineering Process, and Franz Zieris’s (FU Berlin) thesis on Understanding How Pair Programming Actually Works in Industry: Mechanisms, Patterns, and Dynamics – which actually won the award. The chapters describe key findings of the respective works, show their relevance and applicability to practice and industrial software engineering projects, and provide additional information and findings that have only been discovered afterwards, e.g. when applying the results in industry. This way, the book is not only interesting to other researchers, but also to industrial software professionals who would like to learn about the application of state-of-the-art methods in their daily work