Jianlin Zhu,Jin Huang,Daicui Zhou,Guoping Zhang

DOI: https://doi.org/10.1088/1742-6596/396/5/052077

2012-01-01

Journal of Physics Conference Series

Abstract:In this paper, we present the Program Analysis Framework (PAF) to analyze the software architecture and software modularity of large software packages using techniques in Aspect Mining. The basic idea about PAF is to record the call relationships information among the important elements firstly and then use the different analysis algorithms to find the crosscutting concerns which could destroy the modularity of the software from this recording information. We evaluate our framework through analyzing DATE, the ALICE Data-Acquisition (DAQ) software which handles the data flow from the detector electronics to the permanent storage archiving. The analysis results prove the effectiveness and efficiency of our framework. PAF has pinpointed a number of possible optimizations which could be applied and help maximizing the software quality. PAF could also be used for the analysis of other projects written in C language.

Jianlin Zhu,Jin Huang,S. Chapeland,D. Zhou,Guoping Zhang

2012-01-01

Abstract:The ALICE Data-Acquisition System is to handle the data flow f rom the sub-detector electronics to the archiving on different kinds of storage. In this paper, i t is analyzed with the techniques in Aspect Mining. We implement Program Analysis Framework(PRF) to an alyze the software architecture and software modularity. The basic idea about PAF is to record th e call relationships information among the important elements firstly and then use the different analys is algorithms to find the crosscutting concerns which could destroy the modularity of the software from this recording information. Finally we evaluate our framework through analyzing the software system of DATE . he analysis result proves the effectiveness and efficiency of our framework. With the help of PAF, the soft ware quality of DATE could be improved from many aspects. Many optimization steps and suggestion c ould be applied to DATE. In addition, the PAF for DATE could also analysis the projects written in C lan guage.

Qianxiang Wang,Na Meng,Zhiyi Zhou,Jinhui Li,Hong Mei

DOI: https://doi.org/10.1109/sose.2008.47

2008-01-01

Abstract:Static code analysis is the analysis of software that is performed to acquire information concerning the dynamic behavior of programs built from that software, without actually executing the programs. Currently, most analysis techniques are implemented as independent tools, or plugins for integrate development environment (IDE, e.g., Eclipse). However, in this paper, we introduce a new way to release the analyzing ability: a Web Service based approach, which can integrate multiple analysis tools, and provides analyzing ability by way of standard Web Service interface. The user can benefit code analyzing ability by just submit the code to be analyzed to the service, without download any analyzing tools, and then get the merged result. The experiment shows that the proposed approach is feasible and efficient.

ZHANG Yao,BAI Xiao-ying,ZHANG Ren-wei,LU Hao

DOI: https://doi.org/10.3969/j.issn.1002-137x.2013.02.034

2013-01-01

Computer Science

Abstract:Test adequacy analysis usually uses coverage criteria to evaluate test design with respect to specific software characteristics.Conventional adequacy methods have following problems to address test evaluation of large software systems.First,code-based coverage cannot ensure sufficient verification and validation of software requirements.Se-condly,software testing adequacy needs to take into consideration the contribution of different features.Important features deserve more test effort.The paper proposed a model-based approach for test adequacy analysis.An interface modelwas defined,representing executable software requirements for software components.Coverage of test case design was analyzed at two levels including service and service-compositions.Adequacy was calculated as weighted sum of coverage on various software features.Experiments were exercised to illustrate the proposed approach.

K Cooper,LR Dai,Y Deng,J Dong

2003-01-01

Abstract:Much attention has recently been focused on the problem of effectively developing software systems that meet their non-functional requirements. Architectural frameworks have been proposed as a solution to support the design and analysis of non-functional requirements such as performance, security, adaptability, etc. A significant benefit of performing such analysis work is to detect and remove defects earlier in the design phase. However, the non-functional properties of a system are mostly addressed independently making it difficult for the design and analysis of a system with respect to a collection of these properties. This position paper presents an overview of our proposed solution to this problem called the Formal Design Analysis Framework (FDAF). More specifically we describe how our work, still in progress, provides support for one non-functional property, performance, using the unified modeling language (UML) and the formal architectural description language RAPIDE and how we plan to extend the framework to support two or more non-functional requirements.

Hui He,Dongyan Zhang,Min Liu,Weizhe Zhang,Dongmin Gao

DOI: https://doi.org/10.1155/2014/463912

2014-01-01

Abstract:Software security defects have a serious impact on the software quality and reliability. It is a major hidden danger for the operation of a system that a software system has some security flaws. When the scale of the software increases, its vulnerability has becoming much more difficult to find out. Once these vulnerabilities are exploited, it may lead to great loss. In this situation, the concept of Software Assurance is carried out by some experts. And the automated fault localization technique is a part of the research of Software Assurance. Currently, automated fault localization method includes coverage based fault localization (CBFL) and program slicing. Both of the methods have their own location advantages and defects. In this paper, we have put forward a new method, named Reverse Data Dependence Analysis Model, which integrates the two methods by analyzing the program structure. On this basis, we finally proposed a new automated fault localization method. This method not only is automation lossless but also changes the basic location unit into single sentence, which makes the location effect more accurate. Through several experiments, we proved that our method is more effective. Furthermore, we analyzed the effectiveness among these existing methods and different faults.

Bailin Lu,Wei Dong,Liangze Yin,Li Zhang

DOI: https://doi.org/10.1007/978-3-030-04272-1_4

2018-01-01

Abstract:Many static analysis methods and tools have been developed for program bug detection. They are based on diverse theoretical principles, such as pattern matching, abstract interpretation, model checking and symbolic execution. Unfortunately, none of them can meet most requirements for bug finding. Individual tool always faces high false negatives and/or false positives, which is the main obstacle for using them in practice. A direct and promising way to improve the capability of static analysis is to integrate diverse bug finders. In this paper, we first selected five state-of-the-art C/C++ static analysis tools implemented with different theories. We then evaluated them over different defect types and code structures in detail. To increase the precision and recall for tool integration, we studied how to properly employ machine learning algorithms based on features of programs and tools. Evaluation results show that: (1) the abilities of diverse tools are quite different for defect types and code structures, and their overlaps are quite small; (2) the integration based on machine learning can obviously improve the overall performance of static analysis. Finally, we investigated the defect types and code structures which are still challenging for existing tools. They should be addressed in future research on static analysis.

Shukun Liu,Xiaohua Yang,Jifeng Chen

2011-01-01

Abstract:The base and core of software application is software quality. The software quality assurance is a basic method to solve the problem of software. During the process of program running, if all the relations in the program are satisfied, the state of program running is well. The main skills which based on the dynamic program running trace, the theory of relational database and technology of stored procedure are showed. These technologies which can be used to detect the hiding properties among variants, methods and classes and so on are effective, only when they are used on the SQL server 2005 platform. The main hiding properties in the java program are analyzed and the typical methods detecting typical properties are explained in this paper. The result demonstrates that the detecting method for testing the close relationships among variables in java programs is feasible, and these methods can be widely used for analyzing other programs that can be used in software quality assurance. © 2011 Praise Worthy Prize S.r.l. - All rights reserved.

CHEN Xiang-Ping,HUANG Gang,SONG Hui,SUN Yan-Chun,MEI Hong

DOI: https://doi.org/10.3724/sp.j.1001.2012.04043

2012-01-01

Abstract:In software adaptation, multiple analysis methods are used for analyzing system, planning adaptation strategy, and decision-making.Because the analysis results are interpreted and understood with SA (software architecture) model as context, synthesizing analysis results and the SA model become important.However, current researches on integration of analysis methods do not pay enough attention to the integrating analysis result with the SA model.Considering integration challenges existing in meta-model, model, and view levels, this study proposes an MOF (meta-object facility)-based framework for integration of analysis results.The framework provides the following: An ADL (architectural description language) extension mechanism with support for upward compatibility; automatic generation of model transformation for model synthesis, and code generation to extend modeling tool for view of synthesized model.In the case study, this study uses the framework to integrate three analysis methods for reliability evaluations and fault tolerant reconfiguration, and applies these analysis methods to analyze SA model of J2EE system Ecperf.

LIU Chun,ZHANG Wei,ZHAO Hai-Yan,JIN Zhi

DOI: https://doi.org/10.3724/sp.j.1001.2013.04275

2013-01-01

Journal of Software

Abstract:As software systems and their operational environments become more and more complex, the topic of software dependability has attracted more and more attention. The software analysis and design are both required to focus on the functionality and the dependability. However, there still lacks an effective approach to consider the functionality and the dependability simultaneously during software analysis and design. Based on cybernetics, this paper proposes a case+control driven approach for software analysis and design, which aims to address the software functionality and dependability under a unified framework. During requirements analysis, the case+control model supports the co-modeling of the functional requirements and the dependability requirements. During system design, the design techniques proposed by ICONIX approach are extended to identify the functionality objects that realize the use cases, and the dependability objects that realize the control cases. A case is also used to illustrate the feasibility of the proposed approach.

Jianjun Zhao

DOI: https://doi.org/10.48550/arXiv.cs/0105009

2001-05-05

Software Engineering

Abstract:Software architecture is receiving increasingly attention as a critical design level for software systems. As software architecture design resources (in the form of architectural descriptions) are going to be accumulated, the development of techniques and tools to support architectural understanding, testing, reengineering, maintaining, and reusing will become an important issue. In this paper we introduce a new dependence analysis technique, named architectural dependence analysis to support software architecture development. In contrast to traditional dependence analysis, architectural dependence analysis is designed to operate on an architectural description of a software system, rather than the source code of a conventional program. Architectural dependence analysis provides knowledge of dependences for the high-level architecture of a software system, rather than the low-level implementation details of a conventional program.

Liu Lin,Jin Zhi

DOI: https://doi.org/10.1016/s1007-0214(07)70182-7

2007-01-01

Abstract:One of the difficulties that goal-oriented requirements analyses encounters is that the efficiency of the goal refinement is based on the analysts’ subjective knowledge and experience. To improve the efficiency of the requirements elicitation process, engineers need approaches with more systemized analysis techniques. This paper integrates the goal-oriented requirements language i* with concepts from a structured problem analysis notation, problem frames (PF). The PF approach analyzes software design as a contextualized problem which has to respond to constraints imposed by the environment. The proposed approach is illustrated using the meeting scheduler exemplar. Results show that integration of the goal and the problem analysis enables simultaneous consideration of the designer's subjective intentions and the physical environmental constraints.

Jiawei Han,Chao Liu

2008-01-01

Abstract:Recent years have seen great advances in software engineering and programming languages. Unfortunately, software is still far from bug-free, even for those deployed. Static analysis is a good approach to eliminating numerous bugs, but its conservative nature of analysis unavoidably constrains its capacity. Dynamic analysis, on the other hand, utilizes program runtime execution data, which complements static approaches. This thesis describes three dynamic techniques that leverage program runtime data to improve software quality.First, we present a statistical debugging algorithm, called S OBER, which automatically localizes software faults without any prior knowledge of the program semantics. This statistical debugging alleviates the high cost associated with manual debugging. Featuring a similar rationale to hypothesis testing, SOBER quantifies the fault relevance of each predicate in a principled way. We systematically evaluate S OBER under the same setting as previous studies, and compare S OBER with other seven algorithms. The result clearly demonstrates the advantages of SOBER over existing approaches.Second, we discuss automated program failure triage, which is a closely related problem with automated debugging. Recent software systems usually feature an automated failure reporting component, with which a huge number of failures are collected from software end-users. In order to effectively leverage the valuable program failure data, the collected failures need to be first triaged, i.e., to locate the most severe failures, and to assign them to appropriate developers. Lying in the center of failure triage is failure indexing, which tries to group failures due to the fault together. In this thesis, we propose a statistical debugging-based approach to program failure triage, called R-PROXIMITY, which better indexes failures and facilitates failure assignment than existing approaches. Finally, we describe a program dynamic slicing-based approach to failure indexing, which complements R-PROXIMITY. R-PROXIMITY is a quality failure indexing tool, but its effectiveness relies on a sufficient number of correct executions, which may or may not be available in practice. The proposed dynamic slicing-based approach does not require any correct executions, and hence perfectly complements R-PROXIMITY . All the three techniques are subject to three mid-sized programs grep, gzip, and flex, and the result validates their advancement of the state of the art.

Jung-Hua Lo,Chin-Yu Huang

DOI: https://doi.org/10.1016/j.jss.2005.12.006

IF: 3.5

2006-01-01

Journal of Systems and Software

Abstract:Software reliability is defined as the probability of failure-free software operation for a specified period of time in a specified environment and is widely recognized as one of the most significant aspects of software quality. Over the past 30 years, many software reliability growth models (SRGMs) have been proposed and they can greatly help us to estimate some important measures such as the mean time to failure, the number of remaining faults, defect levels, and the failure intensity, etc. Besides, SRGMs can also help to determine person power needed to support the desired reliability requirements. However, from our studies, most of SRGMs only focus on describing the behavior of fault detection process and assume that faults are fixed immediately upon detection. In fact, this assumption may not be realistic. Thus, in this paper, we will propose a general framework for modeling the software fault detection and correction processes. We will also show that the proposed approaches cover a number of well-known SRGMs. Two numerical examples based on two real software failure data sets are presented and discussed in detail.

XIONG Wei,Yoshimichi WATANABE,Hisakazu SHINDO

DOI: https://doi.org/10.1360/jos160008

2005-01-01

Journal of Software

Abstract:In order to improve the quality and productivity of software, the software structure which is deeply related to them, is observed in this paper. Firstly, the problems of software structure analysis and design of current methods are examined. Then, the HOQ (house of quality) concept of the QFD (quality function deployment) is extended as a tool for software description based on the similarity between HOQ in quality design and engineering drawing in product design. By applying Simon's idea of system's near decomposability, the quantitative structuralization method is proposed based on the QMT3 (quantification method of type 3). Furthermore, the features of this method are clarified by comparison with the current methods. Finally, the effectiveness of the method for software structure analysis and design is verified by an application. Therefore, the method can help successfully for assurance of software quality.

Florian Lanzinger,Christian Martin,Frederik Reiche,Samuel Teuber,Robert Heinrich,Alexander Weigl

DOI: https://doi.org/10.1145/3605098.3636008

2024-01-26

Abstract:Most formal methods see the correctness of a software system as a binary decision. However, proving the correctness of complex systems completely is difficult because they are composed of multiple components, usage scenarios, and environments. We present QuAC, a modular approach for quantifying the correctness of service-oriented software systems by combining software architecture modeling with deductive verification. Our approach is based on a model of the service-oriented architecture and the probabilistic usage scenarios of the system. The correctness of a single service is approximated by a coverage region, which is a formula describing which inputs for that service are proven to not lead to an erroneous execution. The coverage regions can be determined by a combination of various analyses, e.g., formal verification, expert estimations, or testing. The coverage regions and the software model are then combined into a probabilistic program. From this, we can compute the probability that under a given usage profile no service is called outside its coverage region. If the coverage region is large enough, then instead of attempting to get 100% coverage, which may be prohibitively expensive, run-time verification or testing approaches may be used to deal with inputs outside the coverage region. We also present an implementation of QuAC for Java using the modeling tool Palladio and the deductive verification tool KeY. We demonstrate its usability by applying it to a software simulation of an energy system.

Software Engineering,Logic in Computer Science

Yuchen Xing,Hanfei Wang,Jianhua Zhao

DOI: https://doi.org/10.1007/978-3-642-35795-4_58

2013-01-01

Abstract:This paper describes a tool which integrates three different kinds of data flow analysis techniques: null pointer dereference analysis, integer variables differences analysis and single linked list analysis. Each one of them can share and exchange program information with the other two. And also users can add properties manually to enhance the processing capabilities. Through the demonstration in the case study section, we can see that our tool achieves the goal to connect these three analysis techniques and can explore more insightful program information with the artificial help. © Springer-Verlag Berlin Heidelberg 2013.

Stan Jarzabek,Bo Yang,S. Yoeun

DOI: https://doi.org/10.1049/ip-sen:20050008

2006-01-01

Abstract:Feature-oriented domain analysis (FODA) is a widely accepted domain analysis method for modelling common and variant requirements for product lines. Goal-oriented analysis, on the other hand, focuses on quality attribute (QA) analysis in single system development. To address QAs in the product line context, the authors extended FODA with concepts of goal-oriented analysis. Their integrated modelling framework improves the current state-of-the art of product line research and practice in two ways. Firstly, during the design of a product line architecture, the proposed framework allows developers to record design rationale in the form of interdependencies among variant features and QAs. Secondly, during system construction, the framework helps developers evaluate the impact of variant features selected for a target system on QAs of that system. In this way, developers and customers can come up with realistic overall requirements for the target system early, avoiding possible expensive rework in later stages of the software lifecycle. The proposed QA modelling framework is illustrated with examples from the computer aided dispatch domain.

何坚,贾晓琳,覃征,王向华

DOI: https://doi.org/10.3321/j.issn:0253-987X.2004.06.011

2004-01-01

Abstract:The techniques of software architecture were introduced, and the software analysis-and-design process was divided into three phases of requirement analysis, software architecture design and system design. Using these techniques, a model of software analysis and design process based on architecture (SAD-PBA) was proposed, which maps function design space to architecture design space, and maps architecture design space to system design space by iterative and incremental method. Meanwhile, with regard to the completeness, consistency and correctness between the software requirements and design results, the function theory and process control were applied to SADPBA, and the formal description of SADPBA was given. Finally, a model of integrated development environment for SADPBA was proposed. It is demonstrated that the model of SADPBA has a strictly theoretic basis and engineering principle, and can improve the quality and efficiency of software analysis and design.

Wang Xinpan,Wang Hong,Yang Shiyuan,Lü Zhengliang,Lin Zhiwen

2010-01-01

Journal of Computer Research and Development

Abstract:With the improvement of equipment's complexity,it is getting more and more difficult to diagnose and maintain.Therefore,automated testability analysis software must be introduced to ensure that complex equipment system can keep working reliably.In this field,we have long been dependent on foreign software,which could not co-operate with local process properly.In this project,we design and implement our own testability software,named TADS,basing on mature foreign ones.Meantime,fully taking account of the relative department's requirement,our software has great scalability and supports a lot of standard output formats,which makes it easy to use in conjunction with other software.This article briefly describes the top-level structure of our software,and gives a specific example of the software for modeling and analyzing.