3,617 research outputs found
Policy Enforcement with Proactive Libraries
Software libraries implement APIs that deliver reusable functionalities. To
correctly use these functionalities, software applications must satisfy certain
correctness policies, for instance policies about the order some API methods
can be invoked and about the values that can be used for the parameters. If
these policies are violated, applications may produce misbehaviors and failures
at runtime. Although this problem is general, applications that incorrectly use
API methods are more frequent in certain contexts. For instance, Android
provides a rich and rapidly evolving set of APIs that might be used incorrectly
by app developers who often implement and publish faulty apps in the
marketplaces. To mitigate this problem, we introduce the novel notion of
proactive library, which augments classic libraries with the capability of
proactively detecting and healing misuses at run- time. Proactive libraries
blend libraries with multiple proactive modules that collect data, check the
correctness policies of the libraries, and heal executions as soon as the
violation of a correctness policy is detected. The proactive modules can be
activated or deactivated at runtime by the users and can be implemented without
requiring any change to the original library and any knowledge about the
applications that may use the library. We evaluated proactive libraries in the
context of the Android ecosystem. Results show that proactive libraries can
automati- cally overcome several problems related to bad resource usage at the
cost of a small overhead.Comment: O. Riganelli, D. Micucci and L. Mariani, "Policy Enforcement with
Proactive Libraries" 2017 IEEE/ACM 12th International Symposium on Software
Engineering for Adaptive and Self-Managing Systems (SEAMS), Buenos Aires,
Argentina, 2017, pp. 182-19
A Fault Taxonomy for Component-Based Software
AbstractComponent technology is increasingly used to develop modular, configurable, and reusable systems. The problem of design and implement component-based systems is addressed by many models, methodologies, tools, and frameworks. On the contrary, analysis and test are not adequately supported yet. In general, a coherent fault taxonomy is a key starting point for providing techniques and methods for assessing the quality of software and in particular of component-based systems. This paper proposes a fault taxonomy to be used to develop and evaluate testing and analysis techniques for component-based software
An Exploratory Study of Field Failures
Field failures, that is, failures caused by faults that escape the testing
phase leading to failures in the field, are unavoidable. Improving verification
and validation activities before deployment can identify and timely remove many
but not all faults, and users may still experience a number of annoying
problems while using their software systems. This paper investigates the nature
of field failures, to understand to what extent further improving in-house
verification and validation activities can reduce the number of failures in the
field, and frames the need of new approaches that operate in the field. We
report the results of the analysis of the bug reports of five applications
belonging to three different ecosystems, propose a taxonomy of field failures,
and discuss the reasons why failures belonging to the identified classes cannot
be detected at design time but shall be addressed at runtime. We observe that
many faults (70%) are intrinsically hard to detect at design-time
Towards Testing and Analysis of Systems that Use Serialization
AbstractObject serialization facilitates the flattening of structured objects into byte streams and is therefore important for all component-based applications that strongly rely on data-exchange among components. Unfortunately, implementing and controlling the serialization mechanisms may expose the software to subtle faults. This paper paves the way towards testing and analysis techniques specifically tailored to the assessment of software that uses serialization. In particular, we introduce a taxonomy of abstractions and terms to semantically characterize and classify the main data-exchange cases, which serialization can be involved with. The resulting conceptual framework provides a means to forecast how erroneous implementations of serialization would look like in different cases, thus enabling the focusing of testing and analysis techniques to address serialization-related faults
- …