The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Background: Due to tight scheduling and limitedbudget, it may not be possible to resolve all the existing bugsin a current release of a software product. The accumulation ofthe deferred bugs in the issue tracking system are obligations (liabilities) of the software team similar to financial analogyof 'debt'. Defect debt is known as latent defects which arenot resolved in the current release. Aim:...
Contemporary software development processes involve finding reusable software components from online repositories and integrating them to the source code, both to reduce development time and to ensure that the final software project is of high quality. Although several systems have been designed to automate this procedure by recommending components that cover the desired functionality, the reusability...
The first step of the K-nearest neighbor classification is to find the K-nearest neighbors of the query. A basic operation in calculating Jaccard distance is to count the number of ones in a binary vector - population count. This article focuses on finding the K-nearest neighbors in a high-dimensional Jaccard space. There are two main contributions. First, software methods for population count are...
In this paper a new vulnerability detecting method is proposed to detect buffer boundary violations. The main idea is to use the metric of array index manipulation rather than using any heuristic method. We employ a SVM-based classifier to classify the vulnerable functions and innocent functions. Then the vulnerable functions are fed to function call graph guided symbolic execution to precisely determine...
This paper proposes a cost-effective index poisoning scheme for unstructured Peer-to-Peer (P2P) file sharing systems. Index poisoning is a technique which alters the index of illegal shared files so that they could not be reached by any peer which wishes to access them through the P2P. The proposed scheme is a combination of the following three periodical injections of the altered index: 1) injection...
At present, most of the software security assessment system can only evaluate the potential impact of a single vulnerability on the system which ignore the impact of the multiple vulnerabilities. Therefore, we introduce the concept of relevance vulnerability pattern and design a relevance vulnerability pattern library taking consider of the potential impact caused by multiple vulnerabilities. After...
Industrie 4.0 requires intelligent self-aware adaptive machines and plants that know their abilities. In this paper, we propose different qualitative and quantitative measures to evaluate reconfiguration abilities of automated production systems in the context of Industrie 4.0. This paper presents first measures to quantify different reconfiguration abilities of automated production systems, using...
Refactoring is a key activity for any software system, as it ensures that the system is easily maintainable and extensible. However, complex refactorings (restructurings) are largely performed by hand, as there are no automated means of chaining existent basic refactorings. In addition, developers cannot quickly and safely evaluate the effects of a restructuring solution over another. In this context,...
Evaluating the accuracy of vulnerability security risk metrics is important because incorrectly assessing a vulnerability to be more critical could lead to a waste of limited resources available and ignoring a vulnerability incorrectly assessed as not critical could lead to a breach with a high impact. In this paper, we compare and evaluate the performance of the CVSS Base metrics and Microsoft Rating...
In our work with industry partners as well as with students in seminars we noticed that many people often stick to "aged" metrics when they want to evaluate the maintainability of software. They consider these metrics for this purpose without second thoughts, because the metrics are so present that almost every developer has at least heard the name and has some kind of knowledge about it...
Stack Overflow is a popular questions and answers (Q&A) website among software developers. It counts more than two millions of users who actively contribute by asking and answering thousands of questions daily. Identifying and reviewing low quality posts preserves the quality of site's contents and it is crucial to maintain a good user experience. In Stack Overflow the identification of poor...
It has been generally accepted that not all trace links in a given requirements traceability matrix are equal - both human analysts and automated methods are good at spotting some links, but have blind spots for some other. One way to choose automated techniques for inclusion in assisted tracing processes (i.e., the tracing processes that combine the expertise of a human analyst and special-purpose...
We present the Maven Dependency Dataset (MDD), containing metrics, changes and dependencies of 148,253 jar files. Metrics and changes have been calculated at the level of individual methods, classes and packages of multiple library versions. A complete call graph is also presented which includes call, inheritance, containment and historical relationships between all units of the entire repository...
Agile software development and project management methodologies, such as Scrum and Extreme Programming, have become very popular in quickly delivering quality Functional Requirements (FRs). However, agile project management methodologies have not adequately captured planning and prioritization activities for crosscutting concerns and non-functional requirements in agile practices. This research proposes...
To provide rapid feedback to engineers, software quality analysis must be incremental. However, most existing analyses are either not incremental, or limited to isolated quality characteristics. In practice, this prevents their integration into a uniform quality control approach. In this paper, we present a framework for the incremental and distributed computation of quality characteristics. It is...
This paper describes a new approach to systems readiness by identifying quantitative hardware and software criteria to improve objective and effective decision-making at product shipment. The proposed method expands on previous work done in the software area by including and organizing hardware data. This streamlines various and diverse criteria obtained from existing quality and reliability data...
Feature selection has been applied in many domains, such as text mining and software engineering. Ideally a feature selection technique should produce consistent outputs regardless of minor variations in the input data. Researchers have recently begun to examine the stability (robustness) of feature selection techniques. The stability of a feature selection method is defined as the degree of agreement...
Recently, software functional size becomes larger, and consequently, not only a software developer but also a software purchaser suffers considerable losses by software project failure. So avoiding project failure is also important for purchasers. Project supervision (monitoring and control) is expected for the purchaser to suppress risk of project failure. It is performed by sharing software metrics...
Computing systems today have large number of security configuration settings that are designed to offer flexible and robust services. However, incorrect configuration increases the potential of vulnerability and attacks. Security Content Automation Protocol provides a unified mean to automate the process of checking the desktop system compliance using standard interfaces. However, misconfiguration...
With the aid of an integrated GIS/RS-based approach, authors chose the area within the second ring road of Kunming city, Yunnan province, PR China as study target on the basis of landscape ecology theory and method. Taking remote sensing images of 2000 and 2006 in Kunming city as data source and by means of a quantitative analysis method, the authors analyzed change of landscape pattern of Kunming...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.