Journal-First

 

Wednesday, October 14th, 16:15 - 16:45 UTC, J1C2: Journal-first Paper Presentations, Session Chair: Peter Popov 

Add to Calendar

 

ISSRE continues to enrich the program of the conference, we are enriching the program with journal-first presentations. Journal-first papers report completely new contributions that have not been previously presented at any other conference or journal, and that do not extend any previous paper. The journal-first papers were selected among the ones recently published in the journal (2019 and mid-2020) and that intersect with the topics of interest of the ISSRE conference.

An Empirical Study of Regression Bug Chains in Linux Guanping Xiao (Nanjing University of Aeronautics and Astronautics, China), Zheng Zheng (Beihang University, China), Bo Jiang (Beihang University, China), Yulei Sui (University of Technology Sydney, Australia)

Dependability Assessment of the Android OS Through Fault Injection  Domenico Cotroneo (Università degli Studi di Napoli Federico II, Italy), Antonio Ken Iannillo (SnT, University of Luxembourg, Luxembourg), Roberto Natella (Università degli Studi di Napoli Federico II, Italy), Stefano Rosiello (Università degli Studi di Napoli Federico II, Italy)

Optimal Test Activity Allocation for Covariate Software Reliability and Security Models Vidhyashree Nagaraju (University of Tulsa, OK, USA), Chathuri Jayasinghe (University of Sri Jayewardenepura), Lance Fiondella (University of Massachusetts Dartmouth, MA, USA) 

An Empirical Study of Regression Bug Chains in Linux Guanping Xiao (Nanjing University of Aeronautics and Astronautics, China), Zheng Zheng (Beihang University, China), Bo Jiang (Beihang University, China), Yulei Sui (University of Technology Sydney, Australia)​

https://ieeexplore.ieee.org/document/8673578

Abstract 

ContextRegression bugs are a type of bugs which cause a feature of software that worked correctly but stop working after a certain software commit. Due to the complexity of software systems, a commit c1, which fixes a regression bug b1 may accidentally introduce another regression bug b2. Likewise, commit c2 repairing b2 may cause another regression bug b3, resulting in a regression bug chain, i.e., b1 → c1 → b2 → c2 → b3.

Objective: In this paper, we present a systematic study to formulate, summarize and understand the regression bug chains, thereby we can provide more useful insights for programmers to reduce the maintenance cost by fixing this type of bugs.

Method: We have conducted a large-scale study by collecting 1579 regression bugs and 2630 commits from 57 Linux versions (2.6.12 - 4.9). The relationships between regression bugs and commits are modeled as a directed bipartite network. The analysis was performed on three aspects: the prevalence of regression bug chains in Linux, the characteristics of regression bug chains and the patterns of the bug-commit relationships.

Results: Our major contributions and findings are fourfold. (1) A novel concept of regression bug chains and their formulation. (2) Compared to an isolated regression bug, a bug on a regression bug chain is much more difficult to repair, costing 2.4X more fixing time, involving 1.3X more developers and 2.8X more com- ments. (3) 85.8% of bugs on the chains in Linux reside in Drivers, ACPI, Platform Specific/Hardware and Power Management. (4) 83% of the chains affect only a single Linux subsystem, while 68% of the chains propagate across Linux versions.

Conclusion: Along with eight findings and their implications, our results provide useful insights into the software maintenance process for large-scale real-world software systems. The charac- teristics of regression bug chains remain to be explored in other software projects. The proposed methodology is applicable for any project with version control and bug tracking systems.

Dependability Assessment of the Android OS Through Fault Injection Domenico Cotroneo (Università degli Studi di Napoli Federico II, Italy), Antonio Ken Iannillo (SnT, University of Luxembourg, Luxembourg), Roberto Natella (Università degli Studi di Napoli Federico II, Italy), Stefano Rosiello (Università degli Studi di Napoli Federico II, Italy)​ 

https://doi.org/10.1109/TR.2019.2954384

Abstract

Context:The reliability of mobile devices is a challenge for vendors, since the mobile software stack has significantly grown in complexity. In this article, we study how to assess the impact of faults on the quality of user experi- ence in the Android mobile OS through fault injection. In particular, we address the challenge of defining what faults to inject (fault model), due to the large number and heterogeneity of hardware and software components in a modern mobile device.

Contributions: Our assessment methodology aims to support de- velopers at defining, conducting, and analyzing fault injection tests in a systematic and efficient way. Towards this goal, the paper presents the following novel contributions:

  • A lightweight fault modeling approach. The ap- proach guides developers at defining fault models through an architectural review of the mobile OS, by combining systematic, lightweight guidelines with experts’ knowledge in order to be applicable in large software systems.
  • A comprehensive fault model for the Android OS. We derived a fault model including over 600 software and hardware-induced faults, and spanning across several areas of the Android OS, including connectivity management, telephony, multimedia, sensors, and basic OS components.
  • An Android fault injection tool (AndroFIT). The tool enables the implementation of the fault model through reusable fault injection plugins, and an extensible architecture for targeting re- sources and service interfaces in the Android OS. Moreover, the tool has been designed to run experiments on actual Android devices (i.e., not in an emulated environment) and does not rely on the availability of Android source code (i.e., it is applicable to proprietary, closed-source versions of the Android OS).
  • A large experimental fault injection campaign. We assessed three Android devices from major commercial vendors (Huawei, HTC, Samsung), pointing out several opportunities for improving reliability, including the lack of error handlers, weak protocol and format parsers, and UIs prone to stalls and performance degradation.

Optimal Test Activity Allocation for Covariate Software Reliability and Security Models Vidhyashree Nagaraju (University of Tulsa, OK, USA), Chathuri Jayasinghe (University of Sri Jayewardenepura), Lance Fiondella (University of Massachusetts Dartmouth, MA, USA)

https://www.sciencedirect.com/science/article/pii/S016412122030114X?via=ihub

Abstract

Context: Traditional software reliability growth models (SRGM) characterize the fault discovery process during testing as a non-homogeneous Poisson process (NHPP). These models predict future faults as a function of testing time or effort, enabling inferences such as the number of faults remaining, additional time required to achieve a specified reliability, and optimization problems such as optimal release and effort allocation. However, the vast majority of these NHPP SRGM do not identify the underlying software testing activities that lead to fault discovery. Thus, effort allocation based on these models can only provide general guidance on the amount of effort to invest and limited information regarding the effectiveness of specific testing activities.

Contributions: Covariate models exhibit substantially improved prediction capabilities over NHPP software reliability growth models. There- fore, to enhance the utility of covariate models and encourage their use in practice, this paper makes the following primary contributions.

  • A software reliability growth model possessing a discrete Cox proportional hazard rate to incorporate covariates. This approach is analogous to the model introduced in [1], which has been constructed based on a discrete time model devel- oped by Kalbfleisch and Prentice [2]. However, formulation and estimation of our model takes into account the fact that the counts of software faults in disjoint intervals of the point process are independent random variables possessing a Poisson distribution with non-homogeneous rates, which is an assumption of a NHPP by design.
  • Efficient expectation conditional maximization (ECM) [3] algorithms to estimate the numerical parameters of a model that best characterize the data.
  • A generalization of the testing effort allocation problem [4] to covariate models referred to as the optimal testing activity allocation problem to (i) maximize fault discovery within a budget constraint or (ii) minimize the budget required discover a specified number of additional faults

Conclusion: The illustrations apply the model to two data sets from the literature with the ECM algorithms and then solves the optimal testing activity allocation problem. The results indicate that periodic application of testing activity allocation could more effectively guide the type and amount of specific testing activities throughout the software testing process in order to discover more faults despite limited resources.

References:

[1] K. Shibata, K. Rinsaka, and T. Dohi, “Metrics-based software reliability models using non-homogeneous Poisson processes,” in IEEE Interna- tional Symposium on Software Reliability Engineering, 2006, pp. 52–61.

[2] J. Kalbfleisch and R. Prentice, “Marginal likelihoods based on Cox’s regression and life model,” Biometrika, vol. 60, no. 2, pp. 267–278, 1973.

[3] V. Nagaraju, L. Fiondella, P. Zeephongsekul, C. Jayasinghe, and T. Wandji, “Performance optimized expectation conditional maximization algorithms for nonhomogeneous Poisson process software reliability models,” IEEE Transactions on Reliability, vol. 66, no. 3, pp. 722–734, 2017.

[4] S. Yamada, J. Hishitani, and S. Osaki, “Software-reliability growth with a weibull test-effort: A model and application,” IEEE Transactions on Reliability, vol. 42, no. 1, pp. 100–106, 1993.