351 research outputs found
Test adequacy assessment using test-defect coverage analytic model
Software testing is an essential activity in software development process that has been widely used as a means of achieving software reliability and quality. The emergence of incremental development in its various forms required a different approach to determining the readiness of the software for release. This approach needs to determine how reliable the software is likely to be based on planned tests, not defect growth and decline as typically shown in reliability growth models. A combination of information from a number of sources into an easily understood dashboard is expected to provide both qualitative and quantitative analyses of test and defect coverage properties. Hence, Test-Defect Coverage Analytic Model (TDCAM) is proposed which combines test and defect coverage information presented in a dashboard to help deciding whether there are enough tests planned. A case study has been conducted to demonstrate the usage of the proposed model. The visual representations and results gained from the case study show the benefits of TDCAM in assisting practitioners making informed test adequacy-related decisions
Predictive Analytics and Software Defect Severity: A Systematic Review and Future Directions
Software testing identifies defects in software products with varying multiplying effects based on their severity levels and sequel to instant rectifications, hence the rate of a research study in the software engineering domain. In this paper, a systematic literature review (SLR) on machine learning-based software defect severity prediction was conducted in the last decade. The SLR was aimed at detecting germane areas central to efficient predictive analytics, which are seldom captured in existing software defect severity prediction reviews. The germane areas include the analysis of techniques or approaches which have a significant influence on the threats to the validity of proposed models, and the bias-variance tradeoff considerations techniques in data science-based approaches. A population, intervention, and outcome model is adopted for better search terms during the literature selection process, and subsequent quality assurance scrutiny yielded fifty-two primary studies. A subsequent thoroughbred systematic review was conducted on the final selected studies to answer eleven main research questions, which uncovers approaches that speak to the aforementioned germane areas of interest. The results indicate that while the machine learning approach is ubiquitous for predicting software defect severity, germane techniques central to better predictive analytics are infrequent in literature. This study is concluded by summarizing prominent study trends in a mind map to stimulate future research in the software engineering industry.publishedVersio
Studying the Characteristics of AIOps Projects on GitHub
Artificial Intelligence for IT Operations (AIOps) leverages AI approaches to
handle the massive data generated during the operations of software systems.
Prior works have proposed various AIOps solutions to support different tasks in
system operations and maintenance (e.g., anomaly detection). In this work, we
investigate open-source AIOps projects in-depth to understand the
characteristics of AIOps in practice. We first carefully identify a set of
AIOps projects from GitHub and analyze their repository metrics (e.g., the used
programming languages). Then, we qualitatively study the projects to understand
their input data, analysis techniques, and goals. Finally, we analyze the
quality of these projects using different quality metrics, such as the number
of bugs. We also sample two sets of baseline projects from GitHub: a random
sample of machine learning projects, and a random sample of general purpose
projects. We compare different metrics of our identified AIOps projects with
these baselines. Our results show a recent and growing interest in AIOps
solutions. However, the quality metrics indicate that AIOps projects suffer
from more issues than our baseline projects. We also pinpoint the most common
issues in AIOps approaches and discuss the possible solutions to overcome them.
Our findings help practitioners and researchers understand the current state of
AIOps practices and sheds light to different ways to improve AIOps weak
aspects. To the best of our knowledge, this work is the first to characterize
open source AIOps projects.Comment: 31 pages, 6 pages of references, 8 figures, 12 table
Avatud lähtekoodiga tarkvaraprojektide vearaportite ja tehniliste sõltuvuste haldamise analüüsimine
Nüüdisaegses tarkvaraarenduses kasutatakse avatud lähtekoodiga tarkvara komponente, et vähendada korratava töö hulka. Tarkvaraarendajad lisavad vaba lähtekoodiga komponente oma projektidesse, omamata ülevaadet kasutatud komponentide arendamisest ja hooldamisest. Selle töö eesmärk on analüüsida tarkvaraprojektide vearaporteid ja sõltuvuste haldamist ning arendada välja kohased meetodid. Tarkvaraprojektides kasutatakse töö organiseerimiseks veahaldussüsteeme, mille abil hallatakse tööülesandeid, vearaporteid ja uusi kasutajanõudeid. Enamat kui 4000 avatud lähtekoodiga projekti analüüsides selgus, et paljud vearaportid jäävad pikaks ajaks lahendamata. Muu hulgas võib nii ka mõni kriitiline turvaviga parandamata jääda. Doktoritöös arendatakse välja meetod, mis võimaldab automaatselt hinnata vearaporti lahendamiseks kuluvat aega. Meetod põhineb veahaldussüsteemi talletunud andmete analüüsil. Vearaporti eluaja hindamine aitab projektiosalistel prioriseerida tööülesandeid ja planeerida ressursse. Töö teises osas uuritakse, kuidas avatud lähtekoodiga projektide koodis kolmanda poole komponente kasutatakse. Tarkvaraarendajad kasutavad varem väljaarendatud komponente, et kiirendada arendust ja vähendada korratava töö hulka. Samamoodi kasutavad spetsiifilised komponendid veel omakorda teisi komponente, misläbi moodustub komponentide vaheliste seoste kaudu sõltuvuslik võrgustik. Selles doktoritöös analüüsitakse sõltuvuste võrgustikku populaarsete programmeerimiskeelte näidetel. Töö käigus arendatud meetod on rakendatav sõltuvuste võrgustiku struktuuri ja kasvu analüüsimiseks. Töös demonstreeritakse, kuidas võrgustiku struktuuri analüüsi abil saab hinnata tarkvaraprojektide riski hõlmata sõltuvusahela kaudu mõni turvaviga. Doktoritöös arendatud meetodid ja tulemused aitavad avatud lähtekoodiga projektide vearaportite ja tehniliste sõltuvuste haldamise praktikat läbipaistvamaks muuta.Modern software development relies on open-source software to facilitate reuse and reduce redundant work. Software developers use open-source packages in their projects without having insights into how these components are being developed and maintained. The aim of this thesis is to develop approaches for analyzing issue and dependency management in software projects. Software projects organize their work with issue trackers, tools for tracking issues such as development tasks, bug reports, and feature requests. By analyzing issue handling in more than 4,000 open-source projects, we found that many issues are left open for long periods of time, which can result in bugs and vulnerabilities not being fixed in a timely manner. This thesis proposes a method for predicting the amount of time it takes to resolve an issue by using the historical data available in issue trackers. Methods for predicting issue lifetime can help software project managers to prioritize issues and allocate resources accordingly. Another problem studied in this thesis is how software dependencies are used. Software developers often include third-party open-source software packages in their project code as a dependency. The included dependencies can also have their own dependencies. A complex network of dependency relationships exists among open-source software packages. This thesis analyzes the structure and the evolution of dependency networks of three popular programming languages. We propose an approach to measure the growth and the evolution of dependency networks. This thesis demonstrates that dependency network analysis can quantify what is the likelihood of acquiring vulnerabilities through software packages and how it changes over time. The approaches and findings developed here could help to bring transparency into open-source projects with respect to how issues are handled, or dependencies are updated
Software Development Analytics in Practice: A Systematic Literature Review
Context:Software Development Analytics is a research area concerned with
providing insights to improve product deliveries and processes. Many types of
studies, data sources and mining methods have been used for that purpose.
Objective:This systematic literature review aims at providing an aggregate view
of the relevant studies on Software Development Analytics in the past decade
(2010-2019), with an emphasis on its application in practical settings.
Method:Definition and execution of a search string upon several digital
libraries, followed by a quality assessment criteria to identify the most
relevant papers. On those, we extracted a set of characteristics (study type,
data source, study perspective, development life-cycle activities covered,
stakeholders, mining methods, and analytics scope) and classified their impact
against a taxonomy. Results:Source code repositories, experimental case
studies, and developers are the most common data sources, study types, and
stakeholders, respectively. Product and project managers are also often
present, but less than expected. Mining methods are evolving rapidly and that
is reflected in the long list identified. Descriptive statistics are the most
usual method followed by correlation analysis. Being software development an
important process in every organization, it was unexpected to find that process
mining was present in only one study. Most contributions to the software
development life cycle were given in the quality dimension. Time management and
costs control were lightly debated. The analysis of security aspects suggests
it is an increasing topic of concern for practitioners. Risk management
contributions are scarce. Conclusions:There is a wide improvement margin for
software development analytics in practice. For instance, mining and analyzing
the activities performed by software developers in their actual workbench, the
IDE
On the feasibility of automated prediction of bug and non-bug issues
Context
Issue tracking systems are used to track and describe tasks in the development process, e.g., requested feature improvements or reported bugs. However, past research has shown that the reported issue types often do not match the description of the issue.
Objective
We want to understand the overall maturity of the state of the art of issue type prediction with the goal to predict if issues are bugs and evaluate if we can improve existing models by incorporating manually specified knowledge about issues.
Method
We train different models for the title and description of the issue to account for the difference in structure between these fields, e.g., the length. Moreover, we manually detect issues whose description contains a null pointer exception, as these are strong indicators that issues are bugs.
Results
Our approach performs best overall, but not significantly different from an approach from the literature based on the fastText classifier from Facebook AI Research. The small improvements in prediction performance are due to structural information about the issues we used. We found that using information about the content of issues in form of null pointer exceptions is not useful. We demonstrate the usefulness of issue type prediction through the example of labelling bugfixing commits.
Conclusions
Issue type prediction can be a useful tool if the use case allows either for a certain amount of missed bug reports or the prediction of too many issues as bug is acceptable
A Microstructural Approach to Self-Organizing:The Emergence of Attention Networks
A recent line of inquiry investigates new forms of organizing as bundles of novel solutions to universal problems of resource allocation and coordination: how to allocate organizational problems to organizational participants and how to integrate participants' resulting efforts. We contribute to this line of inquiry by reframing organizational attention as the outcome of a concatenation of self-organizing, microstructural mechanisms linking multiple participants to multiple problems, thus giving rise to an emergent attention network. We argue that, when managerial hierarchies are absent and authority is decentralized, observable acts of attention allocation produce interpretable signals that help participants to direct their attention and share information on how to coordinate and integrate their individual efforts. We theorize that the observed structure of an organizational attention network is generated by the concatenation of four interdependent micromechanisms: focusing, reinforcing, mixing, and clustering. In a statistical analysis of organizational problem solving within a large opensource software project, we find support for our hypotheses about the self-organizing dynamics of the observed attention network connecting organizational problems (software bugs) to organizational participants (volunteer contributors). We discuss the implications of attention networks for theory and practice by emphasizing the self-organizing character of organizational problem solving. We discuss the generalizability of our theory to a wider set of organizations in which participants can freely allocate their attention to problems and the outcomes of their allocation are publicly observable without cost.</p
- …