Export Citations
2022 Proceeding- General Chair:
- Matthew B Dwyer,
- Program Chairs:
- Daniela Damian,
- Andreas Zeller
After 44 years, ICSE continues to be the premier software-engineering conference, where researchers, practitioners, and educators come together to present, discuss, and debate the most recent research results, innovations, trends, and concerns in the field of software engineering.
μAFL: non-intrusive feedback-driven fuzzing for microcontroller firmware
Fuzzing is one of the most effective approaches to finding software flaws. However, applying it to microcontroller firmware incurs many challenges. For example, rehosting-based solutions cannot accurately model peripheral behaviors and thus cannot be ...
A grounded theory based approach to characterize software attack surfaces
The notion of Attack Surface refers to the critical points on the boundary of a software system which are accessible from outside or contain valuable content for attackers. The ability to identify attack surface components of software system has a ...
A grounded theory of coordination in remote-first and hybrid software teams
While the long-term effects of the COVID-19 pandemic on software professionals and organizations are difficult to predict, it seems likely that working from home, remote-first teams, distributed teams, and hybrid (part-remote/part-office) teams will be ...
A scalable t-wise coverage estimator
Owing to the pervasiveness of software in our modern lives, software systems have evolved to be highly configurable. Combinatorial testing has emerged as a dominant paradigm for testing highly configurable systems. Often constraints are employed to ...
A universal data augmentation approach for fault localization
Data is the fuel to models, and it is still applicable in fault localization (FL). Many existing elaborate FL techniques take the code coverage matrix and failure vector as inputs, expecting the techniques could find the correlation between program ...
Adaptive performance anomaly detection for online service systems via pattern sketching
To ensure the performance of online service systems, their status is closely monitored with various software and system metrics. Performance anomalies represent the performance degradation issues (e.g., slow response) of the service systems. When ...
Adaptive test selection for deep neural networks
Deep neural networks (DNN) have achieved tremendous development in the past decade. While many DNN-driven software applications have been deployed to solve various tasks, they could also produce incorrect behaviors and result in massive losses. To reveal ...
An exploratory study of deep learning supply chain
Deep learning becomes the driving force behind many contemporary technologies and has been successfully applied in many fields. Through software dependencies, a multi-layer supply chain (SC) with a deep learning framework as the core and substantial down-...
An exploratory study of productivity perceptions in software teams
Software development is a collaborative process requiring a careful balance of focused individual effort and team coordination. Though questions of individual productivity have been widely examined in past literature, less is known about the interplay ...
Analyzing user perspectives on mobile app privacy at scale
In this paper we present a methodology to analyze users' concerns and perspectives about privacy at scale. We leverage NLP techniques to process millions of mobile app reviews and extract privacy concerns. Our methodology is composed of a binary ...
Aper: evolution-aware runtime permission misuse detection for Android apps
The Android platform introduces the runtime permission model in version 6.0. The new model greatly improves data privacy and user experience, but brings new challenges for app developers. First, it allows users to freely revoke granted permissions. Hence,...
ARCLIN: automated API mention resolution for unformatted texts
Online technical forums (e.g., StackOverflow) are popular platforms for developers to discuss technical problems such as how to use a specific Application Programming Interface (API), how to solve the programming tasks, or how to fix bugs in their code. ...
AST-trans: code summarization with efficient tree-structured attention
Code summarization aims to generate brief natural language descriptions for source codes. The state-of-the-art approaches follow a transformer-based encoder-decoder architecture. As the source code is highly structured and follows strict grammars, its ...
Automated assertion generation via information retrieval and its integration with deep learning
Unit testing could be used to validate the correctness of basic units of the software system under test. To reduce manual efforts in conducting unit testing, the research community has contributed with tools that automatically generate unit test cases, ...
Automated detection of password leakage from public GitHub repositories
The prosperity of the GitHub community has raised new concerns about data security in public repositories. Practitioners who manage authentication secrets such as textual passwords and API keys in the source code may accidentally leave these texts in the ...
Automated handling of anaphoric ambiguity in requirements: a multi-solution study
Ambiguity is a pervasive issue in natural-language requirements. A common source of ambiguity in requirements is when a pronoun is anaphoric. In requirements engineering, anaphoric ambiguity occurs when a pronoun can plausibly refer to different entities ...
Automated patching for unreproducible builds
Software reproducibility plays an essential role in establishing trust between source code and the built artifacts, by comparing compilation outputs acquired from independent users. Although the testing for unreproducible builds could be automated, ...
Automated testing of software that uses machine learning APIs
An increasing number of software applications incorporate machine learning (ML) solutions for cognitive tasks that statistically mimic human behaviors. To test such software, tremendous human effort is needed to design image/text/audio inputs that are ...
Automatic detection of performance bugs in database systems using equivalent queries
Because modern data-intensive applications rely heavily on database systems (DBMSs), developers extensively test these systems to eliminate bugs that negatively affect functionality. Besides functional bugs, however, there is another important class of ...
AutoTransform: automated code transformation to support modern code review process
Code review is effective, but human-intensive (e.g., developers need to manually modify source code until it is approved). Recently, prior work proposed a Neural Machine Translation (NMT) approach to automatically transform source code to the version ...
BeDivFuzz: integrating behavioral diversity into generator-based fuzzing
A popular metric to evaluate the performance of fuzzers is branch coverage. However, we argue that focusing solely on covering many different branches (i.e., the richness) is not sufficient since the majority of the covered branches may have been ...
Big data = big insights?: operationalising brooks' law in a massive GitHub data set
Massive data from software repositories and collaboration tools are widely used to study social aspects in software development. One question that several recent works have addressed is how a software project's size and structure influence team ...
Bots for pull requests: the good, the bad, and the promising
- Mairieli Wessel,
- Ahmad Abdellatif,
- Igor Wiese,
- Tayana Conte,
- Emad Shihab,
- Marco A. Gerosa,
- Igor Steinmacher
Software bots automate tasks within Open Source Software (OSS) projects' pull requests and save reviewing time and effort ("the good"). However, their interactions can be disruptive and noisy and lead to information overload ("the bad"). To identify ...
Bridging pre-trained models and downstream tasks for source code understanding
With the great success of pre-trained models, the pretrain-then-finetune paradigm has been widely adopted on downstream tasks for source code understanding. However, compared to costly training a large-scale model from scratch, how to effectively adapt ...
BugListener: identifying and synthesizing bug reports from collaborative live chats
In community-based software development, developers frequently rely on live-chatting to discuss emergent bugs/errors they encounter in daily development tasks. However, it remains a challenging task to accurately record such knowledge due to the noisy ...
BuildSheriff: change-aware test failure triage for continuous integration builds
Test failures are one of the most common reasons for broken builds in continuous integration. It is expensive to diagnose all test failures in a build. As test failures are usually caused by a few underlying faults, triaging test failures with respect to ...
Causality in configurable software systems
Detecting and understanding reasons for defects and inadvertent behavior in software is challenging due to their increasing complexity. In configurable software systems, the combinatorics that arises from the multitude of features a user might select ...
Causality-based neural network repair
Neural networks have had discernible achievements in a wide range of applications. The wide-spread adoption also raises the concern of their dependability and reliability. Similar to traditional decision-making programs, neural networks can have defects ...
Change is the only constant: dynamic updates for workflows
Software systems must be updated regularly to address changing requirements and urgent issues like security-related bugs. Traditionally, updates are performed by shutting down the system to replace certain components. In modern software organizations, ...
Characterizing and detecting bugs in WeChat mini-programs
- Tao Wang,
- Qingxin Xu,
- Xiaoning Chang,
- Wensheng Dou,
- Jiaxin Zhu,
- Jinhui Xie,
- Yuetang Deng,
- Jianbo Yang,
- Jiaheng Yang,
- Jun Wei,
- Tao Huang
Built on the WeChat social platform, WeChat Mini-Programs are widely used by more than 400 million users every day. Consequently, the reliability of Mini-Programs is particularly crucial. However, WeChat Mini-Programs suffer from various bugs related to ...
Cited By
-
Ma Z, Wu Z, Wei Q, Jabbar M and Lorenz P (2024). CWEInject: build fuzzer benchmark through bug templates 3rd International Conference on Electronic Information Engineering and Data Processing (EIEDP 2024), 10.1117/12.3032933, 9781510680531, (122)
- Charoenwet W, Thongtanunam P, Pham V and Treude C (2024). Toward effective secure code reviews: an empirical study of security-related coding weaknesses, Empirical Software Engineering, 29:4, Online publication date: 1-Jul-2024.
