An exponential regression-based model with stochastic intensity is developed to describe the software reliability growth phenomena, where the software testing metrics depend on the intensity process. For such a generalized modeling framework, the common maximum likelihood method cannot be applied any more to the parameter estimation. In this paper, we propose to use the pseudo maximum likelihood method for the parameter estimation and to seek not only the model parameters but also the software reliability measures approximately. It is shown in numerical experiments with real software fault data that the resulting software reliability models based on four parametric approximations provide the better goodness-of-fit performance than the common non-homogeneous Poisson process models without testing metric information.

This paper customizes Goal/Question/Metric (GQM) project monitoring models for various projects and organizations to take advantage of the data from the software tool EPM and to allow the tailoring of the interpretation models based upon the context and success criteria for each project and organization. The basic idea is to build less concrete models that do not include explicit baseline values to interpret metrics values. Instead, we add hypothesis and interpretation layers to the models to help people of different projects make decisions in their own context. We applied the models to two industrial projects, and found that our less concrete models could successfully identify typical problems in software projects.

At the stage of software debugging, the effective interaction between software debugging engineers and fault localization techniques can greatly improve fault localization performance. However, most fault localization approaches usually ignore this interaction and merely utilize the information from testing. Due to different goals of testing and fault localization, the lack of interaction may lead to the issue of information inadequacy, which can substantially degrade fault localization performance. In addition, human work is costly and error-prone. It is vital to study and simulate the pattern of debugging engineers as they apply their knowledge and experience to this interaction to promote fault localization effectiveness and reduce their workload. Thus this paper proposes an effective fault localization approach to simulate this interaction via feedback. Based on results obtained from fault localization techniques, this approach utilizes test data generation techniques to automatically produce feedback for interacting with these fault localization techniques, and then iterate this process to improve fault localization performance until a specific stopping condition is satisfied. Experiments on two standard benchmarks demonstrate the significant improvement of our approach over a promising fault localization technique, namely the spectrum-based fault localization technique.

Nowadays, software development societies have given more precedence to Open Source Software (OSS). There is much research aimed at understanding the OSS society to sustain the OSS product. To lead an OSS project to a successful conclusion, researchers study how developers change source codes called patches in project repositories. In existing studies, we found an argument in the conventional patch acceptance detection procedure. It was so simplified that it omitted important cases from the analysis, and would lead researchers to wrong conclusions. In this research, we propose an algorithm to overcome the problem. To prove out our algorithm, we constructed a framework and conducted two case studies. As a result, we came to a new and interesting understanding of patch activities.

Non-homogeneous Poisson processes (NHPPs) have gained much popularity in actual software testing phases to estimate the software reliability, the number of remaining faults in software and the software release timing. In this paper, we propose a new modeling approach for the NHPP-based software reliability models (SRMs) to describe the stochastic behavior of software fault-detection processes. The fundamental idea is to apply the equilibrium distribution to the fault-detection time distribution in NHPP-based modeling. We also develop efficient parameter estimation procedures for the proposed NHPP-based SRMs. Through numerical experiments, it can be concluded that the proposed NHPP-based SRMs outperform the existing ones in many data sets from the perspective of goodness-of-fit and prediction performance.

This paper presents fundamental concepts, overall process and recent research issues of Mining Software Repositories. The data sources such as source control systems, bug tracking systems or archived communications, data types and techniques used for general MSR problems are also presented. Finally, evaluation approaches, opportunities and challenge issues are given.

In this letter, we apply dynamic software updating to long-lived applications on the DDS middleware while minimizing service interruption and satisfying Quality of Service (QoS) requirements. We dynamically updated applications which run on a commercial DDS implementation to demonstrate the applicability of our approach to dynamic updating. The results show that our update system does not impose an undue performance overhead–all patches could be injected in less than 350 ms and the maximum CPU usage is less than 17%. In addition, the overhead on application throughput due to dynamic updates ranged from 0 to at most 8% and the deadline QoS of the application was satisfied while updating.

Software Defined Radio (SDR) techniques are expected to be among the key technologies of heterogeneous cognitive radio networks for realizing efficient and convenient wireless communications by providing multiple radio services to users and decreasing development costs. In this paper, in order to evaluate the feasibility of SDR modems, we study the amount of computing throughput of a recent wireless system and determine a suitable modem architecture. Firstly, the functions for which SDR techniques provide significant benefits are clarified. Secondly, the computing throughputs are measured under the assumption that a dynamically reconfigurable processor, FlexSwordTM, is employed. Finally, based on a consideration of timing charts, we propose the architecture of an SDR-based modem with FlexSword. The possibility of implementing several wireless systems is also considered.

This paper presents a method for comparing and detecting clones of Java programs by analyzing program stack flows. A stack flow denotes an operational behavior of a program by describing individual instructions and stack movements for performing specific operations. We analyze stack flows by simulating the operand stack movements during execution of a Java program. Two programs for detection of clones of Java programs are compared by matching similar pairs of stack flows in the programs. Experiments were performed on the proposed method and compared with the earlier approaches of comparing Java programs, the Tamada, k-gram, and stack pattern based methods. Their performance was evaluated with real-world Java programs in several categories collected from the Internet. The experimental results show that the proposed method is more effective than earlier methods of comparing and detecting clones of Java programs.

Establishment of a practical software protection method is a major issue in software distribution. There are several approaches to the issue; however, no practical, secure method for mobile phone applications has been proposed. In this paper, we propose a new software protection scheme combined with a tamper-proof device (TPD) in order to achieve computational security against illegal analysis and copying of the target program. Our scheme achieves a reasonable level of security for encoding the data and variables in a program. The program on a mobile phone deals only with encoded data that is difficult to compromise, and the TPD plays a role of decoding execution results. We implemented the proposed scheme on a 3G mobile phone and a user identification module (UIM). An analysis and copying of the protected program impose exponential computation complexities under our attack model.

A Linux operating system release is composed of a large number of software packages, with complex dependencies. The management of dependency relationship is the foundation of building and maintaining a Linux operating system release, and checking the integrity of the dependencies is the key of the dependency management. The widespread adoption of Linux operating systems in many areas of the information technology society has drawn the attention on the issues regarding how to check the integrity of complexity dependencies of Linux packages and how to manage a huge number of packages in a consistent and effective way. Linux distributions have already provided the tools for managing the tasks of installing, removing and upgrading the packages they were made of. A number of tools have been provided to handle these tasks on the client side. However, there is a lack of tools that could help the distribution editors to maintain the integrity of Linux package dependencies on the server side. In this paper we present a method based on conflict to check the integrity of Linux package dependencies. From the perspective of conflict, this method achieves the goal to check the integrity of package dependencies on the server side by removing the conflict associating with the packages. Our contribution provides an effective and automatic way to support distribution editors in handling those issues. Experiments using this method are very successful in checking the integrity of package dependencies in Linux software distributions.

Test coverage is an important indicator of whether software has been sufficiently tested. However, there are several problems with the existing measurement tools for test coverage, such as their cost of development and maintenance, inconsistency, and inflexibility in measurement. We propose a consistent and flexible measurement framework for test coverage that we call the Open Code Coverage Framework (OCCF). It supports multiple programming languages by extracting the commonalities from multiple programming languages using an abstract syntax tree to help in the development of the measurement tools for the test coverage of new programming languages. OCCF allows users to add programming language support independently of the test-coverage-criteria and also to add test-coverage-criteria support independently of programming languages in order to take consistent measurements in each programming language. Moreover, OCCF provides two methods for changin the measurement range and elements using XPath and adding user code in order to make more flexible measurements. We implemented a sample tool for C, Java, and Python using OCCF. OCCF can measure four test-coverage-criteria. We also confirmed that OCCF can support C#, Ruby, JavaScript, and Lua. Moreover, we reduced the lines of code (LOCs) required to implement measurement tools for test coverage by approximately 90% and the time to implement a new test-coverage-criterion by over 80% in an experiment that compared OCCF with the conventional non-framework-based tools.

A buffer overflow attack occurs when a program writes data outside the allocated memory in an attempt to invade a system. Approximately forty percent of all software vulnerabilities over the past several years are attributed to buffer overflow. Taint tracking is a novel technique to prevent buffer overflow. Previous studies on taint tracking ran a victim's program on an emulator to dynamically instrument the code for tracking the propagation of taint data in memory and checking whether malicious code is executed. However, the critical problem of this approach is its heavy performance overhead. Analysis of this overhead shows that 60% of the overhead is from the emulator, and the remaining 40% is from dynamic instrumentation and taint information maintenance. This article proposes a new taint-style system called Embedded TaintTracker to eliminate the overhead in the emulator and dynamic instrumentation by compressing a checking mechanism into the operating system (OS) kernel and moving the instrumentation from runtime to compilation time. Results show that the proposed system outperforms the previous work, TaintCheck, by at least 8 times on throughput degradation, and is about 17.5 times faster than TaintCheck when browsing 1 KB web pages.

Many malicious programs we encounter these days are armed with their own custom encoding methods (i.e., they are packed) to deter static binary analysis. Thus, the initial step to deal with unknown (possibly malicious) binary samples obtained from malware collecting systems ordinarily involves the unpacking step. In this paper, we focus on empirical experimental evaluations on a generic unpacking method built on a dynamic binary instrumentation (DBI) framework to figure out the applicability of the DBI-based approach. First, we present yet another method of generic binary unpacking extending a conventional unpacking heuristic. Our architecture includes managing shadow states to measure code exposure according to a simple byte state model. Among available platforms, we built an unpacking implementation on PIN DBI framework. Second, we describe evaluation experiments, conducted on wild malware collections, to discuss workability as well as limitations of our tool. Without the prior knowledge of 6029 samples in the collections, we have identified at around 64% of those were analyzable with our DBI-based generic unpacking tool which is configured to operate in fully automatic batch processing. Purging corrupted and unworkable samples in native systems, it was 72%.

In the face of constant malicious attacks to network-connected software systems, software vulnerabilities need to be discovered early in the development phase. In this paper, we present AspFuzz, a state-aware protocol fuzzer based on the specifications of application-layer protocols. AspFuzz automatically generates anomalous messages that exploit possible vulnerabilities. The key observation behind AspFuzz is that most attack messages violate the strict specifications of application-layer protocols. For example, they do not conform to the rigid format or syntax required of each message. In addition, some attack messages ignore the protocol states and have incorrect orders of messages. AspFuzz automatically generates a large number of anomalous messages that deliberately violate the specifications of application-layer protocols. To demonstrate the effectiveness of AspFuzz, we conducted experiments with POP3 and HTTP servers. With AspFuzz, we can discover 20 reported and 1 previously unknown vulnerabilities for POP3 servers and 25 reported vulnerabilities for HTTP servers. Two vulnerabilities among these can be discovered by the state-awareness of AspFuzz. It can also find a SIP state-related vulnerability.

In the field of software reengineering, many component identification approaches have been proposed for evolving legacy systems into component-based systems. Understanding the behaviors of various component identification approaches is the first important step to meaningfully employ them for legacy systems evolution, therefore we performed an empirical study on component identification technology with considerations of their similarity measures, clustering approaches and stopping criteria. We proposed a set of evaluation criteria and developed the tool CIETool to automate the process of component identification and evaluation. The experimental results revealed that many components of poor quality were produced by the employed component identification approaches; that is, many of the identified components were tightly coupled, weakly cohesive, or had inappropriate numbers of implementation classes and interface operations. Finally, we presented an analysis on the component identification approaches according to the proposed evaluation criteria, which suggested that the weaknesses of these clustering approaches were the major reasons that caused components of poor-quality.

This paper proposes approaches to perform HW/SW (Hardware/Software) partition and parallelization of computing-intensive tasks of the H.264 HiP (High Profile) decoding algorithm on an embedded coarse-grained reconfigurable multimedia system, called REMUS (REconfigurable MUltimedia System). Several techniques, such as MB (Macro-Block) based parallelization, unfixed sub-block operation etc., are utilized to speed up the decoding process, satisfying the requirements of real-time and high quality H.264 applications. Tests show that the execution performance of MC (Motion Compensation), deblocking, and IDCT-IQ (Inverse Discrete Cosine Transform-Inverse Quantization) on REMUS is improved by 60%, 73%, 88.5% in the typical case and 60%, 69%, 88.5% in the worst case, respectively compared with that on XPP PACT (a commercial reconfigurable processor). Compared with ASIC solutions, the performance of MC is improved by 70%, 74% in the typical and in the worst case, respectively, while those of Deblocking remain the same. As for IDCT_IQ, the performance is improved by 17% no matter in the typical or worst case. Relying on the proposed techniques, 1080p@30 fps of H.264 HiP@ Level 4 decoding could be achieved on REMUS when utilizing a 200 MHz working frequency.

The software reliability is the ability of the software to perform its required function under stated conditions for a stated period of time. In this paper, a hybrid methodology that combines both ARIMA and fractal models is proposed to take advantage of unique strength of ARIMA and fractal in linear and nonlinear modeling. Based on the experiments performed on the software reliability data obtained from literatures, it is observed that our method is effective through comparison with other methods and a new idea for the research of the software failure mechanism is presented.

Software processes and corresponding models are dynamic entities that are often changed and evolved by skillful knowledge workers such as the members of a software development team. Consequently, process flexibility has been identified as one of the most important features that should be supported by both Process Modelling Languages (PMLs) and software tools that manage the processes. However, in the everyday practice, most software team members do not want total flexibility. They rather prefer to have controlled flexibility, i.e., to learn and follow advices previously modelled by a process engineer on which and how they can change the elements that compose a software process. Since process models constitute a preferred vehicle for sharing and communicating knowledge on software processes, the process engineer needs a PML that can express this controlled flexibility, along with other process perspectives. To achieve this enhanced PML, we first need a sound core set of concepts and relationships that defines the knowledge domain associated with the modelling of controlled flexibility. In this paper we capture and represent this domain by using Concept Maps (Cmaps). These include diagrams and descriptions that elicit the relationships between the concepts involved. The proposed Cmaps can then be used as input to extend a PML with modelling constructs to express controlled flexibility within software processes. Process engineers can use these constructs to define, in a process model, advices on changes that can be made to the model itself or to related instances. Software team members can then consult this controlled flexibility information within the process models and perform changes accordingly.

Reflecting the rapid growth of information technology, the configuration of software applications such as word processors and spreadsheets is both sophisticated and complicated. It is often difficult for users to identify relevant functions in the online manual for a target application. In this paper, we propose a method for question answering that finds functions related to the user's request. To enhance our method, we addressed two "mismatch" problems. The first problem is associated with a mismatch in vocabulary, where the same concept is represented by different words in the manual and in the user's question. The second problem is associated with a mismatch in function. Although the user may have a hypothetical function for a purpose in mind, this purpose can sometimes be accomplished by other functions. To resolve these mismatch problems, we extract terms related to software functions from the Web, so that the user's question can be matched to the relevant function with high accuracy. We demonstrate the effectiveness of our method experimentally.