Computer Science - Software Engineering Publications (50)


Computer Science - Software Engineering Publications

Matlab/Simulink is a wide-spread tool for model-based design of embedded systems. Supporting hierarchy, domain specific building blocks, functional simulation and automatic code-generation, makes it well-suited for the design of control and signal processing systems. In this work, we propose an automated translation methodology for a subset of Simulink models to Synchronous dataflow Graphs (SDFGs) including the automatic code-generation of SDF-compatible embedded code. Read More

This paper presents some results of a platform for the modeling and visualization of complex systems. The platform has the capacity to represent different aspects of complex models at different observation scales simultaneously. This tool offers advantages in the sense of favoring the perception of the phenomenon of the emergence of information, associated with changes of scale. Read More

In an algorithmic complexity attack, a malicious party takes advantage of the worst-case behavior of an algorithm to cause denial-of-service. A prominent algorithmic complexity attack is regular expression denial-of-service (ReDoS), in which the attacker exploits a vulnerable regular expression by providing a carefully-crafted input string that triggers worst-case behavior of the matching algorithm. This paper proposes a technique for automatically finding ReDoS vulnerabilities in programs. Read More

We present methods for k-means clustering on a stream with a focus on providing fast responses to clustering queries. When compared with the current state-of-the-art, our methods provide a substantial improvement in the time to answer a query for cluster centers, while retaining the desirable properties of provably small approximation error, and low space usage. Our algorithms are based on a novel idea of "coreset caching" that reuses coresets (summaries of data) computed for recent queries in answering the current clustering query. Read More

Obtaining good performance when programming heterogeneous computing platforms poses significant challenges. We present a program transformation environment, implemented in Haskell, where architecture-agnostic scientific C code with semantic annotations is transformed into functionally equivalent code better suited for a given platform. The transformation steps are represented as rules that can be fired when certain syntactic and semantic conditions are fulfilled. Read More

Detecting anomalies of a cyber physical system (CPS), which is a complex system consisting of both physical and software parts, is important because a CPS often operates autonomously in an unpredictable environment. However, because of the ever-changing nature and lack of a precise model for a CPS, detecting anomalies is still a challenging task. To address this problem, we propose applying an outlier detection method to a CPS log. Read More

This volume contains a selection of the papers presented at the XVI Jornadas sobre Programaci\'on y Lenguajes (PROLE 2016), held at Salamanca, Spain, during September 14th-15th, 2016. Previous editions of the workshop were held in Santander (2015), C\'adiz (2014), Madrid (2013), Almer\'ia (2012), A Coru\~na (2011), Val\`encia (2010), San Sebasti\'an (2009), Gij\'on (2008), Zaragoza (2007), Sitges (2006), Granada (2005), M\'alaga (2004), Alicante (2003), El Escorial (2002), and Almagro (2001). Programming languages provide a conceptual framework which is necessary for the development, analysis, optimization and understanding of programs and programming tasks. Read More

Recent research in software engineering supports the "happy-productive" thesis, and the desire of flourishing happiness among programmers is often expressed by industry practitioners. Recent literature has suggested that a cost-effective way to foster happiness and productivity among workers could be to limit unhappiness of developers due to its negative impact. However, possible negative effects of unhappiness are still largely unknown in the software development context. Read More

A devil's advocate is one who argues against a claim, not as a committed opponent but in order to determine the validity of the claim. We are interested in a devil's advocate that argues against termination of a program. He does so by producing a maleficent program that can cause the non-termination of the original program. Read More

This paper is concerned with rule-based programs that go wrong. The unwanted behavior of rule applications is non-termination or failure of a computation. We propose a static program analysis of the non-termination problem for recursion in the Constraint Handling Rules (CHR) language. Read More

Context: Information Technology consumes up to 10\% of the world's electricity generation, contributing to CO2 emissions and high energy costs. Data centers, particularly databases, use up to 23% of this energy. Therefore, building an energy-efficient (green) database engine could reduce energy consumption and CO2 emissions. Read More

Scientific legacy code in MATLAB/Octave not compatible with modernization of research workflows is vastly abundant throughout academic community. Performance of non-vectorized code written in MATLAB/Octave represents a major burden. A new programming language for technical computing Julia, promises to address these issues. Read More

Separation kernels provide temporal/spatial separation and controlled information flow to their hosted applications. They are introduced to decouple the analysis of applications in partitions from the analysis of the kernel itself. More than 20 implementations of separation kernels have been developed and widely applied in critical domains, e. Read More

We propose an Event-B framework for modeling the underlying theoretical foundations of Event-B. The aim of this framework is to reuse, for Event-B itself, the refinement development process. This framework introduces first, a functional kernel through an Event-B context, then, it defines Event-B projects, their static and dynamic semantics through Event-B machines. Read More

Affiliations: 1Portland State University, 2CAU Kiel, 3Portland State University

We investigate proving properties of Curry programs using Agda. First, we address the functional correctness of Curry functions that, apart from some syntactic and semantic differences, are in the intersection of the two languages. Second, we use Agda to model non-deterministic functions with two distinct and competitive approaches incorporating the non-determinism. Read More

Affiliations: 1Universidad de Málaga, 2Universidad de Málaga, 3Universidad de Málaga

The Timed Concurrent Constraint Language tccp is a declarative synchronous concurrent language, particularly suitable for modelling reactive systems. In tccp, agents communicate and synchronise through a global constraint store. It supports a notion of discrete time that allows all non-blocked agents to proceed with their execution simultaneously. Read More

System relevant embedded software needs to be reliable and, therefore, well tested, especially for aerospace systems. A common technique to verify programs is the analysis of their abstract syntax tree (AST). Tree structures can be elegantly analyzed with the logic programming language Prolog. Read More

This article presents an empirical study of how the use of relational database access technologies in open source Java projects evolves over time. Our observations may be useful to project managers to make more informed decisions on which technologies to introduce into an existing project and when. We selected 2,457 Java projects on GitHub using the low-level JDBC technology and higher-level object relational mappings such as Hibernate XML configuration files and JPA annotations. Read More

We demonstrate a modularity bug in the interface system of Java 8 on the practical example of a textbook design of a modular interface for vector spaces. Our example originates in our teaching of modular object-oriented design in Java 8 to undergraduate students, simply following standard programming practices and mathematical definitions. The bug shows up as a compilation error and should be fixed with a language extension due to the importance of best practices (design fidelity). Read More

Allocation of software components on a heterogeneous computing platform involves hard decisions; handling different types of computing units with specific processing paradigms and a number of software components which require specific resources. An allocation method which explores the design space to provide a system architect with deployment alternatives in an early design phase can have a significant impact on the utilization of underlying platform. In this paper we present SCALL, an early prototype tool which uses heuristics and AHP for weighted multi-objective design space exploration to support systems architects in complex allocation decisions in early design phases. Read More

The design of embedded systems is a complex activity that involves a lot of decisions. With high performance demands of present day usage scenarios and software, they often involve energy hungry state-of-the-art computing units. While focusing on power consumption of computing units, the physical properties of software are often ignored. Read More

Anti-patterns and code-smells are signs in the source code which are not defects (does not prevent the program from functioning and does not cause compile errors) and are rather indicators of deeper and bigger problems. Exception handling is a programming construct de- signed to handle the occurrence of anomalous or exceptional conditions (that changes the normal flow of program execution). In this paper, we present an Eclipse plug-in (called as Parichayana) for detecting exception handling anti-patterns and code smells in Java programs. Read More

In this paper we present the FolksoDriven Cloud (FDC) built on Cloud and on Semantic technologies. Cloud computing has emerged in these recent years as the new paradigm for the provision of on-demand distributed computing resources. Semantic Web can be used for relationship between different data and descriptions of services to annotate provenance of repositories on ontologies. Read More

Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined, fully-implemented framework for specification, analysis and enforcement of attribute-based access control policies. Read More

In recent years, cross-project defect prediction (CPDP) attracted much attention and has been validated as a feasible way to address the problem of local data sparsity in newly created or inactive software projects. Unfortunately, the performance of CPDP is usually poor, and low quality training data selection has been regarded as a major obstacle to achieving better prediction results. To the best of our knowledge, most of existing approaches related to this topic are only based on instance similarity. Read More

The cloud computing model is rapidly transforming the IT landscape. Cloud computing is a new computing paradigm that delivers computing resources as a set of reliable and scalable internet-based services allowing customers to remotely run and manage these services. Infrastructure-as-a-service (IaaS) is one of the popular cloud computing services. Read More

Testing provides means pertaining to assuring software performance. The total aim of software industry is actually to make a certain start associated with high quality software for the end user. However, associated with software testing has quite a few underlying concerns, which are very important and need to pay attention on these issues. Read More

Know a days Computer system become essential and it is most commonly used in every field of life. The computer saves time and use to solve complex and extensive problem quickly in an efficient way. For this purpose software programs are develop to facilitate the works for administrator, offices, banks etc. Read More

The number of works addressing the role of energy efficiency in the software development has been increasing recently. But, designers and programmers still complain about the lack of tools that help them to make energy-efficiency decisions. Some works show that energy-aware design decisions tend to have a larger impact in the power consumed by applications, than code optimizations. Read More

With the advent of the Internet of Things (IoT), the percentage of global emissions attributable to Information Systems is expected to further increase in the coming years, due to a proliferation of Internet-connected devices omnipresent in our daily lives (e.g., electric meters, wearable devices, etc. Read More

In this fast developing world of information, the amount of medical knowledge is rising at an exponential level. The UMLS (Unified Medical Language Systems), is rich knowledge base consisting files and software that provides many health and biomedical vocabularies and standards. A Web service is a web solution to facilitate machine-to-machine interaction over a network. Read More

We present DroidGen a tool for automatic anti-malware policy inference. DroidGen employs a data-driven approach: it uses a training set of malware and benign applications and makes call to a constraint solver to generate a policy under which a maximum of malware is excluded and a maximum of benign applications is allowed. Preliminary results are encouraging. Read More

This paper addresses the monitoring of logic-independent linear-time user-provided properties in multi-threaded component-based systems. We consider intrinsically independent components that can be executed concurrently with a centralized coordination for multiparty interactions. In this context, the prob- lem that arises is that a global state of the system is not available to the monitor. Read More

In this work, we present a complete architecture for designing Internet of Things applications. While a main issue in this domain is the heterogeneity of Objects hardware, networks and protocols, we propose D-LITe, a solution to hide this wide range of low layer technologies. By abstracting the hardware, we focus on object's features and not on its real characteristics. Read More

The aim is to identify faulty predicates which have strong effect on program failure. Statistical debugging techniques are amongst best methods for pinpointing defects within the program source code. However, they have some drawbacks. Read More

Software deobfuscation is a crucial activity in security analysis and especially, in malware analysis. While standard static and dynamic approaches suffer from well-known shortcomings, Dynamic Symbolic Execution (DSE) has recently been proposed has an interesting alternative, more robust than static analysis and more complete than dynamic analysis. Yet, DSE addresses certain kinds of questions encountered by a reverser namely feasibility questions. Read More

Simulink is a de-facto industrial standard for the design of embedded systems. In previous work, we proposed a compositional analysis framework for Simulink. However, standard type checking was not considered in that work. Read More

Despite its widespread use in Android apps, reflection poses graving problems for static security analysis. Currently, string inference is applied to handle reflection, resulting in significantly missed security vulnerabilities. In this paper, we bring forward the ubiquity of incomplete information environments (IIEs) for Android apps, where some critical data-flows are missing during static analysis, and the need for resolving reflective calls under IIEs. Read More

This report gives an overview of our efforts towards a formalization for a food processing demonstrator plant. Our BeSpaceD framework is used for the formalization. The formalization comprises properties of components and relations between components. Read More

Synchronous programming is a paradigm of choice for the design of safety-critical reactive systems. Runtime enforcement is a technique to ensure that the output of a black-box system satisfies some desired properties. This paper deals with the problem of runtime enforcement in the context of synchronous programs. Read More

Verifying multi-threaded programs is becoming more and more important, because of the strong trend to increase the number of processing units per CPU socket. We introduce a new configurable program analysis for verifying multi-threaded programs with a bounded number of threads. We present a simple and yet efficient implementation as component of the existing program-verification framework CPAchecker. Read More

There is an increasing necessity to deploy autonomous systems in highly heterogeneous, dynamic environments, e.g. service robots in hospitals or autonomous cars on highways. Read More

Usability is a key quality attribute of successful software systems. Unfortunately, there is no common understanding of the factors influencing usability and their interrelations. Hence, the lack of a comprehensive basis for designing, analyzing, and improving user interfaces. Read More

Over the last decades, a considerable amount of empirical knowledge about the efficiency of defect-detection techniques has been accumulated. Also a few surveys have summarised those studies with different focuses, usually for a specific type of technique. This work reviews the results of empirical studies and associates them with a model of software quality economics. Read More

During the execution of a test plan, a test manager may decide to drop a test case if its result can be inferred from already executed test cases. We show that it is possible to automatically generate a test plan to exploit the potential to justifiably drop a test case and thus reduce the number of test cases. Our approach uses Boolean formulas to model the mutual dependencies between test results. Read More

Allowing swift release cycles, Continuous Delivery has become popular in application software development and is starting to be applied in safety-critical domains such as the automotive industry. These domains require thorough analysis regarding safety constraints, which can be achieved by formal verification and the execution of safety tests resulting from a safety analysis on the product. With continuous delivery in place, such tests need to be executed with every build to ensure the latest software still fulfills all safety requirements. Read More

Development cycles are getting shorter and Continuous Integration and Delivery are being established in the automotive industry. We give an overview of the peculiarities in an automotive deployment pipeline, introduce technologies used and analyze Tesla's deliveries as a state-of-the-art showcase. Read More

MEMICS provides a forum for doctoral students interested in applications of mathematical and engineering methods in computer science. Besides a rich technical programme (including invited talks, regular papers, and presentations), MEMICS also offers friendly social activities and exciting opportunities for meeting like-minded people. MEMICS submissions traditionally cover all areas of computer science (such as parallel and distributed computing, computer networks, modern hardware and its design, non-traditional computing architectures, information systems and databases, multimedia and graphics, verification and testing, computer security, as well as all related areas of theoretical computer science). Read More

Software reliability models are an important tool in quality management and release planning. There is a large number of different models that often exhibit strengths in different areas. This paper proposes a model that is based on a geometric sequence (or progression) of the failure rates of faults. Read More