-
Goanna: Resolving Haskell Type Errors With Minimal Correction Subsets
Authors:
Shuai Fu,
Tim Dwyer,
Peter J. Stuckey,
John Grundy
Abstract:
Statically typed languages offer significant advantages, such as bug prevention, enhanced code quality, and reduced maintenance costs. However, these benefits often come at the expense of a steep learning curve and a slower development pace. Haskell, known for its expressive and strict type system, poses challenges for inexperienced programmers in learning and using its type system, especially in…
▽ More
Statically typed languages offer significant advantages, such as bug prevention, enhanced code quality, and reduced maintenance costs. However, these benefits often come at the expense of a steep learning curve and a slower development pace. Haskell, known for its expressive and strict type system, poses challenges for inexperienced programmers in learning and using its type system, especially in debugging type errors. We introduce Goanna, a novel tool that serves as a type checker and an interactive type error debugging tool for Haskell. When encountering type errors, Goanna identifies a comprehensive list of potential causes and resolutions based on the minimum correction subsets (MCS) enumeration. We evaluated Goanna's effectiveness using 86 diverse Haskell programs from online discourse, demonstrating its ability to accurately identify and resolve type errors. Additionally, we present a collection of techniques and heuristics to enhance Goanna's suggestion-based error diagnosis and show their effectiveness from our evaluation.
△ Less
Submitted 21 May, 2024;
originally announced May 2024.
-
Designing Adaptive User Interfaces for mHealth applications targeting chronic disease: A User-Centric Approach
Authors:
Wei Wang,
John Grundy,
Hourieh Khalajzadeh,
Anuradha Madugalla,
Humphrey O. Obie
Abstract:
mHealth interventions show significant potential to help in the self-management of chronic diseases, but their under use remains a problem. Considering the substantial diversity among individuals dealing with chronic diseases, tailored strategies are essential. \emph{Adaptive User Interfaces} (AUIs) may help address the diverse and evolving needs of this demographic. To investigate this approach,…
▽ More
mHealth interventions show significant potential to help in the self-management of chronic diseases, but their under use remains a problem. Considering the substantial diversity among individuals dealing with chronic diseases, tailored strategies are essential. \emph{Adaptive User Interfaces} (AUIs) may help address the diverse and evolving needs of this demographic. To investigate this approach, we developed an AUI prototype informed by existing literature findings. We then used this prototype as the basis for focus group discussions and interview studies with 22 participants managing various chronic diseases, and follow-up surveys of all participants. Through these investigations, we pinpointed key challenges related to the use of AUIs, strategies to improve adaptation design, and potential trade-offs between these challenges and strategies. Concurrently, a quantitative survey was conducted to extract preferences for AUIs in chronic disease-related applications with 90 further participants. This uncovered participants' preferences for various adaptations, data types, collection methods, and involvement levels. Finally, we synthesised these insights and categories, aligning them with existing guidelines and design considerations for mHealth app adaptation design. This resulted in nine guidelines that we refined by a final feedback survey conducted with 20 participants.
△ Less
Submitted 13 May, 2024;
originally announced May 2024.
-
The Impact of Human Aspects on the Interactions Between Software Developers and End-Users in Software Engineering: A Systematic Literature Review
Authors:
Hashini Gunatilake,
John Grundy,
Rashina Hoda,
Ingo Mueller
Abstract:
Context: Research on human aspects within the field of software engineering (SE) has been steadily gaining prominence in recent years. These human aspects have a significant impact on SE due to the inherently interactive and collaborative nature of the discipline.
Objective: In this paper, we present a systematic literature review (SLR) on human aspects affecting developer-user interactions. The…
▽ More
Context: Research on human aspects within the field of software engineering (SE) has been steadily gaining prominence in recent years. These human aspects have a significant impact on SE due to the inherently interactive and collaborative nature of the discipline.
Objective: In this paper, we present a systematic literature review (SLR) on human aspects affecting developer-user interactions. The objective of this SLR is to plot the current landscape of primary studies by examining the human aspects that influence developer-user interactions, their implications, interrelationships, and how existing studies address these implications.
Method: We conducted this SLR following the guidelines proposed by Kitchenham et al. We performed a comprehensive search in six digital databases, and an exhaustive backward and forward snowballing process. We selected 46 primary studies for data extraction.
Results: We identified various human aspects affecting developer-user interactions in SE, assessed their interrelationships, identified their positive impacts and mitigation strategies for negative effects. We present specific recommendations derived from the identified research gaps.
Conclusion: Our findings suggest the importance of leveraging positive effects and addressing negative effects in developer-user interactions through the implementation of effective mitigation strategies. These insights may benefit software practitioners for effective user interactions, and the recommendations proposed by this SLR may aid the research community in further human aspects related studies.
△ Less
Submitted 7 May, 2024;
originally announced May 2024.
-
Unlocking Adaptive User Experience with Generative AI
Authors:
Yutan Huang,
Tanjila Kanij,
Anuradha Madugalla,
Shruti Mahajan,
Chetan Arora,
John Grundy
Abstract:
Develo** user-centred applications that address diverse user needs requires rigorous user research. This is time, effort and cost-consuming. With the recent rise of generative AI techniques based on Large Language Models (LLMs), there is a possibility that these powerful tools can be used to develop adaptive interfaces. This paper presents a novel approach to develop user personas and adaptive i…
▽ More
Develo** user-centred applications that address diverse user needs requires rigorous user research. This is time, effort and cost-consuming. With the recent rise of generative AI techniques based on Large Language Models (LLMs), there is a possibility that these powerful tools can be used to develop adaptive interfaces. This paper presents a novel approach to develop user personas and adaptive interface candidates for a specific domain using ChatGPT. We develop user personas and adaptive interfaces using both ChatGPT and a traditional manual process and compare these outcomes. To obtain data for the personas we collected data from 37 survey participants and 4 interviews in collaboration with a not-for-profit organisation. The comparison of ChatGPT generated content and manual content indicates promising results that encourage using LLMs in the adaptive interfaces design process.
△ Less
Submitted 8 April, 2024;
originally announced April 2024.
-
Towards Standards-Compliant Assistive Technology Product Specifications via LLMs
Authors:
Chetan Arora,
John Grundy,
Louise Puli,
Natasha Layton
Abstract:
In the rapidly evolving field of assistive technology (AT), ensuring that products meet national and international standards is essential for user safety, efficacy, and accessibility. In this vision paper, we introduce CompliAT, a pioneering framework designed to streamline the compliance process of AT product specifications with these standards through the innovative use of Large Language Models…
▽ More
In the rapidly evolving field of assistive technology (AT), ensuring that products meet national and international standards is essential for user safety, efficacy, and accessibility. In this vision paper, we introduce CompliAT, a pioneering framework designed to streamline the compliance process of AT product specifications with these standards through the innovative use of Large Language Models (LLMs). CompliAT addresses three critical tasks: checking terminology consistency, classifying products according to standards, and tracing key product specifications to standard requirements. We tackle the challenge of terminology consistency to ensure that the language used in product specifications aligns with relevant standards, reducing misunderstandings and non-compliance risks. We propose a novel approach for product classification, leveraging a retrieval-augmented generation model to accurately categorize AT products aligning to international standards, despite the sparse availability of training data. Finally, CompliAT implements a traceability and compliance mechanism from key product specifications to standard requirements, ensuring all aspects of an AT product are thoroughly vetted against the corresponding standards. By semi-automating these processes, CompliAT aims to significantly reduce the time and effort required for AT product standards compliance and uphold quality and safety standards. We outline our planned implementation and evaluation plan for CompliAT.
△ Less
Submitted 3 April, 2024;
originally announced April 2024.
-
Model-less Is the Best Model: Generating Pure Code Implementations to Replace On-Device DL Models
Authors:
Mingyi Zhou,
Xiang Gao,
Pei Liu,
John Grundy,
Chunyang Chen,
Xiao Chen,
Li Li
Abstract:
Recent studies show that deployed deep learning (DL) models such as those of Tensor Flow Lite (TFLite) can be easily extracted from real-world applications and devices by attackers to generate many kinds of attacks like adversarial attacks. Although securing deployed on-device DL models has gained increasing attention, no existing methods can fully prevent the aforementioned threats. Traditional s…
▽ More
Recent studies show that deployed deep learning (DL) models such as those of Tensor Flow Lite (TFLite) can be easily extracted from real-world applications and devices by attackers to generate many kinds of attacks like adversarial attacks. Although securing deployed on-device DL models has gained increasing attention, no existing methods can fully prevent the aforementioned threats. Traditional software protection techniques have been widely explored, if on-device models can be implemented using pure code, such as C++, it will open the possibility of reusing existing software protection techniques. However, due to the complexity of DL models, there is no automatic method that can translate the DL models to pure code. To fill this gap, we propose a novel method, CustomDLCoder, to automatically extract the on-device model information and synthesize a customized executable program for a wide range of DL models. CustomDLCoder first parses the DL model, extracts its backend computing units, configures the computing units to a graph, and then generates customized code to implement and deploy the ML solution without explicit model representation. The synthesized program hides model information for DL deployment environments since it does not need to retain explicit model representation, preventing many attacks on the DL model. In addition, it improves ML performance because the customized code removes model parsing and preprocessing steps and only retains the data computing process. Our experimental results show that CustomDLCoder improves model security by disabling on-device model sniffing. Compared with the original on-device platform (i.e., TFLite), our method can accelerate model inference by 21.8% and 24.3% on x86-64 and ARM64 platforms, respectively. Most importantly, it can significantly reduce memory consumption by 68.8% and 36.0% on x86-64 and ARM64 platforms, respectively.
△ Less
Submitted 31 March, 2024; v1 submitted 25 March, 2024;
originally announced March 2024.
-
Who Uses Personas in Requirements Engineering: The Practitioners' Perspective
Authors:
Yi Wang,
Chetan Arora,
Xiao Liu,
Thuong Hoang,
Vasudha Malhotra,
Ben Cheng,
John Grundy
Abstract:
Personas are commonly used in software projects to gain a better understanding of end-users' needs. However, there is a limited understanding of their usage and effectiveness in practice. This paper presents the results of a two-step investigation, comprising interviews with 26 software developers, UI/UX designers, business analysts and product managers and a survey of 203 practitioners, aimed at…
▽ More
Personas are commonly used in software projects to gain a better understanding of end-users' needs. However, there is a limited understanding of their usage and effectiveness in practice. This paper presents the results of a two-step investigation, comprising interviews with 26 software developers, UI/UX designers, business analysts and product managers and a survey of 203 practitioners, aimed at shedding light on the current practices, methods and challenges of using personas in software development. Our findings reveal variations in the frequency and effectiveness of personas across different software projects and IT companies, the challenges practitioners face when using personas and the reasons for not using them at all. Furthermore, we investigate the coverage of human aspects in personas, often assumed to be a key feature of persona descriptions. Contrary to the general perception, our study shows that human aspects are often ignored for various reasons in personas or requirements engineering in general. Our study provides actionable insights for practitioners to overcome challenges in using personas during requirements engineering stages, and we identify areas for future research.
△ Less
Submitted 23 March, 2024;
originally announced March 2024.
-
GustosonicSense: Towards understanding the design of playful gustosonic eating experiences
Authors:
Yan Wang,
Humphrey O. Obie,
Zhuying Li,
Flora D. Salim,
John Grundy,
Florian 'Floyd' Mueller
Abstract:
The pleasure that often comes with eating can be further enhanced with intelligent technology, as the field of human-food interaction suggests. However, knowledge on how to design such pleasure-supporting eating systems is limited. To begin filling this knowledge gap, we designed "GustosonicSense", a novel gustosonic eating system that utilizes wireless earbuds for sensing different eating and dri…
▽ More
The pleasure that often comes with eating can be further enhanced with intelligent technology, as the field of human-food interaction suggests. However, knowledge on how to design such pleasure-supporting eating systems is limited. To begin filling this knowledge gap, we designed "GustosonicSense", a novel gustosonic eating system that utilizes wireless earbuds for sensing different eating and drinking actions with a machine learning algorithm and trigger playful sounds as a way to facilitate pleasurable eating experiences. We present the findings from our design and a study that revealed how we can support the "stimulation", "hedonism", and "reflexivity" for playful human-food interactions. Ultimately, with our work, we aim to support interaction designers in facilitating playful experiences with food.
△ Less
Submitted 16 March, 2024;
originally announced March 2024.
-
How do software practitioners perceive human-centric defects?
Authors:
Vedant Chauhan,
Chetan Arora,
Hourieh Khalajzadeh,
John Grundy
Abstract:
Context: Human-centric software design and development focuses on how users want to carry out their tasks rather than making users accommodate their software. Software users can have different genders, ages, cultures, languages, disabilities, socioeconomic statuses, and educational backgrounds, among many other differences. Due to the inherently varied nature of these differences and their impact…
▽ More
Context: Human-centric software design and development focuses on how users want to carry out their tasks rather than making users accommodate their software. Software users can have different genders, ages, cultures, languages, disabilities, socioeconomic statuses, and educational backgrounds, among many other differences. Due to the inherently varied nature of these differences and their impact on software usage, preferences and issues of users can vary, resulting in user-specific defects that we term as `human-centric defects' (HCDs).
Objective: This research aims to understand the perception and current management practices of such human-centric defects by software practitioners, identify key challenges in reporting, understanding and fixing them, and provide recommendations to improve HCDs management in software engineering.
Method: We conducted a survey and interviews with software engineering practitioners to gauge their knowledge and experience on HCDs and the defect tracking process.
Results: We analysed fifty (50) survey- and ten (10) interview- responses from SE practitioners and identified that there are multiple gaps in the current management of HCDs in software engineering practice. There is a lack of awareness regarding human-centric aspects, causing them to be lost or under-appreciated during software development. Our results revealed that handling HCDs could be improved by following a better feedback process with end-users, a more descriptive taxonomy, and suitable automation.
Conclusion: HCDs present a major challenge to software practitioners, given their diverse end-user base. In the software engineering domain, research on HCDs has been limited and requires effort from the research and practice communities to create better awareness and support regarding human-centric aspects.
△ Less
Submitted 4 February, 2024;
originally announced February 2024.
-
An Empirical Study on Low Code Programming using Traditional vs Large Language Model Support
Authors:
Yongkun Liu,
Jiachi Chen,
Tingting Bi,
John Grundy,
Yanlin Wang,
Jianxing Yu,
Ting Chen,
Yutian Tang,
Zibin Zheng
Abstract:
Low-code programming (LCP) refers to programming using models at higher levels of abstraction, resulting in less manual and more efficient programming, and reduced learning effort for amateur developers. Many LCP tools have rapidly evolved and have benefited from the concepts of visual programming languages (VPLs) and programming by demonstration (PBD). With huge increase in interest in using larg…
▽ More
Low-code programming (LCP) refers to programming using models at higher levels of abstraction, resulting in less manual and more efficient programming, and reduced learning effort for amateur developers. Many LCP tools have rapidly evolved and have benefited from the concepts of visual programming languages (VPLs) and programming by demonstration (PBD). With huge increase in interest in using large language models (LLMs) in software engineering, LLM-based LCP has began to become increasingly important. However, the technical principles and application scenarios of traditional approaches to LCP and LLM-based LCP are significantly different. Understanding these key differences and characteristics in the application of the two approaches to LCP by users is crucial for LCP providers in improving existing and develo** new LCP tools, and in better assisting users in choosing the appropriate LCP technology. We conducted an empirical study of both traditional LCP and LLM-based LCP. We analyzed developers' discussions on Stack Overflow (SO) over the past three years and then explored the similarities and differences between traditional LCP and LLM-based LCP features and developer feedback. Our findings reveal that while traditional LCP and LLM-based LCP share common primary usage scenarios, they significantly differ in scope, limitations and usage throughout the software development lifecycle, particularly during the implementation phase. We also examine how LLMs impact and integrate with LCP, discussing the latest technological developments in LLM-based LCP, such as its integration with VPLs and the application of LLM Agents in software engineering.
△ Less
Submitted 6 June, 2024; v1 submitted 2 February, 2024;
originally announced February 2024.
-
Enablers and Barriers of Empathy in Software Developer and User Interaction: A Mixed Methods Case Study
Authors:
Hashini Gunatilake,
John Grundy,
Rashina Hoda,
Ingo Mueller
Abstract:
Software engineering (SE) requires developers to collaborate with stakeholders, and understanding their emotions and perspectives is often vital. Empathy is a concept characterising a person's ability to understand and share the feelings of another. However, empathy continues to be an under-researched human aspect in SE. We studied how empathy is practised between developers and end users using a…
▽ More
Software engineering (SE) requires developers to collaborate with stakeholders, and understanding their emotions and perspectives is often vital. Empathy is a concept characterising a person's ability to understand and share the feelings of another. However, empathy continues to be an under-researched human aspect in SE. We studied how empathy is practised between developers and end users using a mixed methods case study. We used an empathy test, observations and interviews to collect data, and socio technical grounded theory and descriptive statistics to analyse data. We identified the nature of awareness required to trigger empathy and enablers of empathy. We discovered barriers to empathy and a set of potential strategies to overcome these barriers. We report insights on emerging relationships and present a set of recommendations and potential future works on empathy and SE for software practitioners and SE researchers.
△ Less
Submitted 17 January, 2024;
originally announced January 2024.
-
Challenges, Adaptations, and Fringe Benefits of Conducting Software Engineering Research with Human Participants during the COVID-19 Pandemic
Authors:
Anuradha Madugalla,
Tanjila Kanij,
Rashina Hoda,
Dulaji Hidellaarachchi,
Aastha Pant,
Samia Ferdousi,
John Grundy
Abstract:
The COVID-19 pandemic changed the way we live, work and the way we conduct research. With the restrictions of lockdowns and social distancing, various impacts were experienced by many software engineering researchers, especially whose studies depend on human participants. We conducted a mixed methods study to understand the extent of this impact. Through a detailed survey with 89 software engineer…
▽ More
The COVID-19 pandemic changed the way we live, work and the way we conduct research. With the restrictions of lockdowns and social distancing, various impacts were experienced by many software engineering researchers, especially whose studies depend on human participants. We conducted a mixed methods study to understand the extent of this impact. Through a detailed survey with 89 software engineering researchers working with human participants around the world and a further nine follow-up interviews, we identified the key challenges faced, the adaptations made, and the surprising fringe benefits of conducting research involving human participants during the pandemic. Our findings also revealed that in retrospect, many researchers did not wish to revert to the old ways of conducting human-oriented research. Based on our analysis and insights, we share recommendations on how to conduct remote studies with human participants effectively in an increasingly hybrid world when face-to-face engagement is not possible or where remote participation is preferred.
△ Less
Submitted 11 January, 2024;
originally announced January 2024.
-
Engineering Adaptive Information Graphics for Disabled Communities: A Case Study with Public Space Indoor Maps
Authors:
Anuradha Madugalla,
Yutan Huang,
John Grundy,
Min Hee Cho,
Lasith Koswatta Gamage,
Tristan Leao,
Sam Thiele
Abstract:
Most software applications contain graphics such as charts, diagrams and maps. Currently, these graphics are designed with a ``one size fits all" approach and do not cater to the needs of people with disabilities. Therefore, when using software with graphics, a colour-impaired user may struggle to interpret graphics with certain colours, and a person with dyslexia may struggle to read the text lab…
▽ More
Most software applications contain graphics such as charts, diagrams and maps. Currently, these graphics are designed with a ``one size fits all" approach and do not cater to the needs of people with disabilities. Therefore, when using software with graphics, a colour-impaired user may struggle to interpret graphics with certain colours, and a person with dyslexia may struggle to read the text labels in the graphic. Our research addresses this issue by develo** a framework that generates adaptive and accessible information graphics for multiple disabilities. Uniquely, the approach also serves people with multiple simultaneous disabilities. To achieve these, we used a case study of public space floorplans presented via a web tool and worked with four disability groups: people with low vision, colour blindness, dyslexia and mobility impairment. Our research involved gathering requirements from 3 accessibility experts and 80 participants with disabilities, develo** a system to generate adaptive graphics that address the identified requirements, and conducting an evaluation with 7 participants with disabilities. The evaluation showed that users found our solution easy to use and suitable for most of their requirements. The study also provides recommendations for front-end developers on engineering accessible graphics for their software and discusses the implications of our work on society from the perspective of public space owners and end users.
△ Less
Submitted 10 January, 2024;
originally announced January 2024.
-
Using Enriched Category Theory to Construct the Nearest Neighbour Classification Algorithm
Authors:
Matthew Pugh,
Jo Grundy,
Corina Cirstea,
Nick Harris
Abstract:
Exploring whether Enriched Category Theory could provide the foundation of an alternative approach to Machine Learning. This paper is the first to construct and motivate a Machine Learning algorithm solely with Enriched Category Theory. In order to supplement evidence that Category Theory can be used to motivate robust and explainable algorithms, it is shown that a series of reasonable assumptions…
▽ More
Exploring whether Enriched Category Theory could provide the foundation of an alternative approach to Machine Learning. This paper is the first to construct and motivate a Machine Learning algorithm solely with Enriched Category Theory. In order to supplement evidence that Category Theory can be used to motivate robust and explainable algorithms, it is shown that a series of reasonable assumptions about a dataset lead to the construction of the Nearest Neighbours Algorithm. In particular, as an extension of the original dataset using profunctors in the category of Lawvere metric spaces. This leads to a definition of an Enriched Nearest Neighbours Algorithm, which consequently also produces an enriched form of the Voronoi diagram. This paper is intended to be accessible without any knowledge of Category Theory
△ Less
Submitted 27 December, 2023;
originally announced December 2023.
-
Software Engineering for OpenHarmony: A Research Roadmap
Authors:
Li Li,
Xiang Gao,
Hailong Sun,
Chunming Hu,
Xiaoyu Sun,
Haoyu Wang,
Haipeng Cai,
Ting Su,
Xiapu Luo,
Tegawendé F. Bissyandé,
Jacques Klein,
John Grundy,
Tao Xie,
Haibo Chen,
Huaimin Wang
Abstract:
Mobile software engineering has been a hot research topic for decades. Our fellow researchers have proposed various approaches (with over 7,000 publications for Android alone) in this field that essentially contributed to the great success of the current mobile ecosystem. Existing research efforts mainly focus on popular mobile platforms, namely Android and iOS. OpenHarmony, a newly open-sourced m…
▽ More
Mobile software engineering has been a hot research topic for decades. Our fellow researchers have proposed various approaches (with over 7,000 publications for Android alone) in this field that essentially contributed to the great success of the current mobile ecosystem. Existing research efforts mainly focus on popular mobile platforms, namely Android and iOS. OpenHarmony, a newly open-sourced mobile platform, has rarely been considered, although it is the one requiring the most attention as OpenHarmony is expected to occupy one-third of the market in China (if not in the world). To fill the gap, we present to the mobile software engineering community a research roadmap for encouraging our fellow researchers to contribute promising approaches to OpenHarmony. Specifically, we start by presenting a literature review of mobile software engineering, attempting to understand what problems have been targeted by the mobile community and how they have been resolved. We then summarize the existing (limited) achievements of OpenHarmony and subsequently highlight the research gap between Android/iOS and OpenHarmony. This research gap eventually helps in forming the roadmap for conducting software engineering research for OpenHarmony.
△ Less
Submitted 21 November, 2023; v1 submitted 2 November, 2023;
originally announced November 2023.
-
Model-driven Engineering for Machine Learning Components: A Systematic Literature Review
Authors:
Hira Naveed,
Chetan Arora,
Hourieh Khalajzadeh,
John Grundy,
Omar Haggag
Abstract:
Context: Machine Learning (ML) has become widely adopted as a component in many modern software applications. Due to the large volumes of data available, organizations want to increasingly leverage their data to extract meaningful insights and enhance business profitability. ML components enable predictive capabilities, anomaly detection, recommendation, accurate image and text processing, and inf…
▽ More
Context: Machine Learning (ML) has become widely adopted as a component in many modern software applications. Due to the large volumes of data available, organizations want to increasingly leverage their data to extract meaningful insights and enhance business profitability. ML components enable predictive capabilities, anomaly detection, recommendation, accurate image and text processing, and informed decision-making. However, develo** systems with ML components is not trivial; it requires time, effort, knowledge, and expertise in ML, data processing, and software engineering. There have been several studies on the use of model-driven engineering (MDE) techniques to address these challenges when develo** traditional software and cyber-physical systems. Recently, there has been a growing interest in applying MDE for systems with ML components. Objective: The goal of this study is to further explore the promising intersection of MDE with ML (MDE4ML) through a systematic literature review (SLR). Through this SLR, we wanted to analyze existing studies, including their motivations, MDE solutions, evaluation techniques, key benefits and limitations. Results: We analyzed selected studies with respect to several areas of interest and identified the following: 1) the key motivations behind using MDE4ML; 2) a variety of MDE solutions applied, such as modeling languages, model transformations, tool support, targeted ML aspects, contributions and more; 3) the evaluation techniques and metrics used; and 4) the limitations and directions for future work. We also discuss the gaps in existing literature and provide recommendations for future research. Conclusion: This SLR highlights current trends, gaps and future research directions in the field of MDE4ML, benefiting both researchers and practitioners
△ Less
Submitted 1 November, 2023;
originally announced November 2023.
-
Advancing Requirements Engineering through Generative AI: Assessing the Role of LLMs
Authors:
Chetan Arora,
John Grundy,
Mohamed Abdelrazek
Abstract:
Requirements Engineering (RE) is a critical phase in software development including the elicitation, analysis, specification, and validation of software requirements. Despite the importance of RE, it remains a challenging process due to the complexities of communication, uncertainty in the early stages and inadequate automation support. In recent years, large-language models (LLMs) have shown sign…
▽ More
Requirements Engineering (RE) is a critical phase in software development including the elicitation, analysis, specification, and validation of software requirements. Despite the importance of RE, it remains a challenging process due to the complexities of communication, uncertainty in the early stages and inadequate automation support. In recent years, large-language models (LLMs) have shown significant promise in diverse domains, including natural language processing, code generation, and program understanding. This chapter explores the potential of LLMs in driving RE processes, aiming to improve the efficiency and accuracy of requirements-related tasks. We propose key directions and SWOT analysis for research and development in using LLMs for RE, focusing on the potential for requirements elicitation, analysis, specification, and validation. We further present the results from a preliminary evaluation, in this context.
△ Less
Submitted 1 November, 2023; v1 submitted 21 October, 2023;
originally announced October 2023.
-
Towards an Understanding of Developers' Perceptions of Transparency in Software Development: A Preliminary Study
Authors:
Humphrey O. Obie,
Juliet Ukwella,
Kashumi Madampe,
John Grundy,
Mojtaba Shahin
Abstract:
Software applications play an increasingly critical role in various aspects of our lives, from communication and entertainment to business and healthcare. As these applications become more pervasive, the importance of considering human values in software development has gained significant attention. In this preliminary study, we investigate developers's perceptions and experiences related to human…
▽ More
Software applications play an increasingly critical role in various aspects of our lives, from communication and entertainment to business and healthcare. As these applications become more pervasive, the importance of considering human values in software development has gained significant attention. In this preliminary study, we investigate developers's perceptions and experiences related to human values, with a focus on the human value of transparency. We interviewed five experienced developers and conducted thematic analysis to explore how developers perceive transparency, violations of transparency, and the process of fixing reported violations of transparency. Our findings reveal the significance of transparency as a fundamental value in software development, with developers recognising its importance for building trust, promoting accountability, and fostering ethical practices. Developers recognise the negative consequences of the violation of the human value of transparency and follow a systematic process to fix reported violations. This includes investigation, root cause analysis, corrective action planning, collaborative problem-solving, and testing and verification. These preliminary findings contribute to the understanding of transparency in software development and provide insights for promoting ethical practices.
△ Less
Submitted 12 September, 2023;
originally announced September 2023.
-
ReuNify: A Step Towards Whole Program Analysis for React Native Android Apps
Authors:
Yonghui Liu,
Xiao Chen,
Pei Liu,
John Grundy,
Chunyang Chen,
Li Li
Abstract:
React Native is a widely-used open-source framework that facilitates the development of cross-platform mobile apps. The framework enables JavaScript code to interact with native-side code, such as Objective-C/Swift for iOS and Java/Kotlin for Android, via a communication mechanism provided by React Native. However, previous research and tools have overlooked this mechanism, resulting in incomplete…
▽ More
React Native is a widely-used open-source framework that facilitates the development of cross-platform mobile apps. The framework enables JavaScript code to interact with native-side code, such as Objective-C/Swift for iOS and Java/Kotlin for Android, via a communication mechanism provided by React Native. However, previous research and tools have overlooked this mechanism, resulting in incomplete analysis of React Native app code. To address this limitation, we have developed REUNIFY, a prototype tool that integrates the JavaScript and native-side code of React Native apps into an intermediate language that can be processed by the Soot static analysis framework. By doing so, REUNIFY enables the generation of a comprehensive model of the app's behavior. Our evaluation indicates that, by leveraging REUNIFY, the Soot-based framework can improve its coverage of static analysis for the 1,007 most popular React Native Android apps, augmenting the number of lines of Jimple code by 70%. Additionally, we observed an average increase of 84% in new nodes reached in the callgraph for these apps, after integrating REUNIFY. When REUNIFY is used for taint flow analysis, an average of two additional privacy leaks were identified. Overall, our results demonstrate that REUNIFY significantly enhances the Soot-based framework's capability to analyze React Native Android apps.
△ Less
Submitted 7 September, 2023;
originally announced September 2023.
-
Large Language Models for Software Engineering: A Systematic Literature Review
Authors:
Xinyi Hou,
Yanjie Zhao,
Yue Liu,
Zhou Yang,
Kailong Wang,
Li Li,
Xiapu Luo,
David Lo,
John Grundy,
Haoyu Wang
Abstract:
Large Language Models (LLMs) have significantly impacted numerous domains, including Software Engineering (SE). Many recent publications have explored LLMs applied to various SE tasks. Nevertheless, a comprehensive understanding of the application, effects, and possible limitations of LLMs on SE is still in its early stages. To bridge this gap, we conducted a systematic literature review (SLR) on…
▽ More
Large Language Models (LLMs) have significantly impacted numerous domains, including Software Engineering (SE). Many recent publications have explored LLMs applied to various SE tasks. Nevertheless, a comprehensive understanding of the application, effects, and possible limitations of LLMs on SE is still in its early stages. To bridge this gap, we conducted a systematic literature review (SLR) on LLM4SE, with a particular focus on understanding how LLMs can be exploited to optimize processes and outcomes. We select and analyze 395 research papers from January 2017 to January 2024 to answer four key research questions (RQs). In RQ1, we categorize different LLMs that have been employed in SE tasks, characterizing their distinctive features and uses. In RQ2, we analyze the methods used in data collection, preprocessing, and application, highlighting the role of well-curated datasets for successful LLM for SE implementation. RQ3 investigates the strategies employed to optimize and evaluate the performance of LLMs in SE. Finally, RQ4 examines the specific SE tasks where LLMs have shown success to date, illustrating their practical contributions to the field. From the answers to these RQs, we discuss the current state-of-the-art and trends, identifying gaps in existing research, and flagging promising areas for future study. Our artifacts are publicly available at https://github.com/xinyi-hou/LLM4SE_SLR.
△ Less
Submitted 10 April, 2024; v1 submitted 21 August, 2023;
originally announced August 2023.
-
Automated Map** of Adaptive App GUIs from Phones to TVs
Authors:
Han Hu,
Ruiqi Dong,
John Grundy,
Thai Minh Nguyen,
Huaxiao Liu,
Chunyang Chen
Abstract:
With the increasing interconnection of smart devices, users often desire to adopt the same app on quite different devices for identical tasks, such as watching the same movies on both their smartphones and TVs. However, the significant differences in screen size, aspect ratio, and interaction styles make it challenging to adapt Graphical User Interfaces (GUIs) across these devices. Although there…
▽ More
With the increasing interconnection of smart devices, users often desire to adopt the same app on quite different devices for identical tasks, such as watching the same movies on both their smartphones and TVs. However, the significant differences in screen size, aspect ratio, and interaction styles make it challenging to adapt Graphical User Interfaces (GUIs) across these devices. Although there are millions of apps available on Google Play, only a few thousand are designed to support smart TV displays. Existing techniques to map a mobile app GUI to a TV either adopt a responsive design, which struggles to bridge the substantial gap between phone and TV or use mirror apps for improved video display, which requires hardware support and extra engineering efforts. Instead of develo** another app for supporting TVs, we propose a semi-automated approach to generate corresponding adaptive TV GUIs, given the phone GUIs as the input. Based on our empirical study of GUI pairs for TVs and phones in existing apps, we synthesize a list of rules for grou** and classifying phone GUIs, converting them to TV GUIs, and generating dynamic TV layouts and source code for the TV display. Our tool is not only beneficial to developers but also to GUI designers, who can further customize the generated GUIs for their TV app development. An evaluation and user study demonstrate the accuracy of our generated GUIs and the usefulness of our tool.
△ Less
Submitted 5 November, 2023; v1 submitted 24 July, 2023;
originally announced July 2023.
-
ModelObfuscator: Obfuscating Model Information to Protect Deployed ML-based Systems
Authors:
Mingyi Zhou,
Xiang Gao,
**g Wu,
John Grundy,
Xiao Chen,
Chunyang Chen,
Li Li
Abstract:
More and more edge devices and mobile apps are leveraging deep learning (DL) capabilities. Deploying such models on devices -- referred to as on-device models -- rather than as remote cloud-hosted services, has gained popularity because it avoids transmitting user data off of the device and achieves high response time. However, on-device models can be easily attacked, as they can be accessed by un…
▽ More
More and more edge devices and mobile apps are leveraging deep learning (DL) capabilities. Deploying such models on devices -- referred to as on-device models -- rather than as remote cloud-hosted services, has gained popularity because it avoids transmitting user data off of the device and achieves high response time. However, on-device models can be easily attacked, as they can be accessed by unpacking corresponding apps and the model is fully exposed to attackers. Recent studies show that attackers can easily generate white-box-like attacks for an on-device model or even inverse its training data. To protect on-device models from white-box attacks, we propose a novel technique called model obfuscation. Specifically, model obfuscation hides and obfuscates the key information -- structure, parameters and attributes -- of models by renaming, parameter encapsulation, neural structure obfuscation obfuscation, shortcut injection, and extra layer injection. We have developed a prototype tool ModelObfuscator to automatically obfuscate on-device TFLite models. Our experiments show that this proposed approach can dramatically improve model security by significantly increasing the difficulty of parsing models inner information, without increasing the latency of DL models. Our proposed on-device model obfuscation has the potential to be a fundamental technique for on-device model deployment. Our prototype tool is publicly available at: https://github.com/zhoumingyi/ModelObfuscator.
△ Less
Submitted 29 February, 2024; v1 submitted 1 June, 2023;
originally announced June 2023.
-
Multi-Modal Emotion Recognition for Enhanced Requirements Engineering: A Novel Approach
Authors:
Ben Cheng,
Chetan Arora,
Xiao Liu,
Thuong Hoang,
Yi Wang,
John Grundy
Abstract:
Requirements engineering (RE) plays a crucial role in develo** software systems by bridging the gap between stakeholders' needs and system specifications. However, effective communication and elicitation of stakeholder requirements can be challenging, as traditional RE methods often overlook emotional cues. This paper introduces a multi-modal emotion recognition platform (MEmoRE) to enhance the…
▽ More
Requirements engineering (RE) plays a crucial role in develo** software systems by bridging the gap between stakeholders' needs and system specifications. However, effective communication and elicitation of stakeholder requirements can be challenging, as traditional RE methods often overlook emotional cues. This paper introduces a multi-modal emotion recognition platform (MEmoRE) to enhance the requirements engineering process by capturing and analyzing the emotional cues of stakeholders in real-time. MEmoRE leverages state-of-the-art emotion recognition techniques, integrating facial expression, vocal intonation, and textual sentiment analysis to comprehensively understand stakeholder emotions. This multi-modal approach ensures the accurate and timely detection of emotional cues, enabling requirements engineers to tailor their elicitation strategies and improve overall communication with stakeholders. We further intend to employ our platform for later RE stages, such as requirements reviews and usability testing. By integrating multi-modal emotion recognition into requirements engineering, we aim to pave the way for more empathetic, effective, and successful software development processes. We performed a preliminary evaluation of our platform. This paper reports on the platform design, preliminary evaluation, and future development plan as an ongoing project.
△ Less
Submitted 2 June, 2023;
originally announced June 2023.
-
AIBugHunter: A Practical Tool for Predicting, Classifying and Repairing Software Vulnerabilities
Authors:
Michael Fu,
Chakkrit Tantithamthavorn,
Trung Le,
Yuki Kume,
Van Nguyen,
Dinh Phung,
John Grundy
Abstract:
Many ML-based approaches have been proposed to automatically detect, localize, and repair software vulnerabilities. While ML-based methods are more effective than program analysis-based vulnerability analysis tools, few have been integrated into modern IDEs, hindering practical adoption. To bridge this critical gap, we propose AIBugHunter, a novel ML-based software vulnerability analysis tool for…
▽ More
Many ML-based approaches have been proposed to automatically detect, localize, and repair software vulnerabilities. While ML-based methods are more effective than program analysis-based vulnerability analysis tools, few have been integrated into modern IDEs, hindering practical adoption. To bridge this critical gap, we propose AIBugHunter, a novel ML-based software vulnerability analysis tool for C/C++ languages that is integrated into Visual Studio Code. AIBugHunter helps software developers to achieve real-time vulnerability detection, explanation, and repairs during programming. In particular, AIBugHunter scans through developers' source code to (1) locate vulnerabilities, (2) identify vulnerability types, (3) estimate vulnerability severity, and (4) suggest vulnerability repairs. In this article, we propose a novel multi-objective optimization (MOO)-based vulnerability classification approach and a transformer-based estimation approach to help AIBugHunter accurately identify vulnerability types and estimate severity. Our empirical experiments on a large dataset consisting of 188K+ C/C++ functions confirm that our proposed approaches are more accurate than other state-of-the-art baseline methods for vulnerability classification and estimation. Furthermore, we conduct qualitative evaluations including a survey study and a user study to obtain software practitioners' perceptions of our AIBugHunter tool and assess the impact that AIBugHunter may have on developers' productivity in security aspects. Our survey study shows that our AIBugHunter is perceived as useful where 90% of the participants consider adopting our AIBugHunter. Last but not least, our user study shows that our AIBugHunter could possibly enhance developers' productivity in combating cybersecurity issues during software development.
△ Less
Submitted 26 May, 2023;
originally announced May 2023.
-
Empathy Models and Software Engineering -- A Preliminary Analysis and Taxonomy
Authors:
Hashini Gunatilake,
John Grundy,
Ingo Mueller,
Rashina Hoda
Abstract:
Empathy is widely used in many disciplines such as philosophy, sociology, psychology, health care. Ability to empathise with software end-users seems to be a vital skill software developers should possess. This is because engineering successful software systems involves not only interacting effectively with users but also understanding their true needs. Empathy has the potential to address this si…
▽ More
Empathy is widely used in many disciplines such as philosophy, sociology, psychology, health care. Ability to empathise with software end-users seems to be a vital skill software developers should possess. This is because engineering successful software systems involves not only interacting effectively with users but also understanding their true needs. Empathy has the potential to address this situation. Empathy is a predominant human aspect that can be used to comprehend decisions, feelings, emotions and actions of users. However, to date empathy has been under-researched in software engineering (SE) context. In this position paper, we present our exploration of key empathy models from different disciplines and our analysis of their adequacy for application in SE. While there is no evidence for empathy models that are readily applicable to SE, we believe these models can be adapted and applied in SE context with the aim of assisting software engineers to increase their empathy for diverse end-user needs. We present a preliminary taxonomy of empathy by carefully considering the most popular empathy models from different disciplines. We encourage future research on empathy in SE as we believe it is an important human aspect that can significantly influence the relationship between developers and end-users.
△ Less
Submitted 6 May, 2023;
originally announced May 2023.
-
Understanding the Influence of Motivation on Requirements Engineering-related Activities
Authors:
Dulaji Hidellaarachchi,
John Grundy,
Rashina Hoda,
Ingo Mueller
Abstract:
Motivation has been identified as one of the key human aspects for software practitioners involved in Software Engineering (SE) activities to complete their tasks successfully. While prior research on motivation in SE exists, empirical studies on its influence specifically on RE are limited. As requirements engineering (RE)-related activities are a highly human-dependent phase of SE; it is importa…
▽ More
Motivation has been identified as one of the key human aspects for software practitioners involved in Software Engineering (SE) activities to complete their tasks successfully. While prior research on motivation in SE exists, empirical studies on its influence specifically on RE are limited. As requirements engineering (RE)-related activities are a highly human-dependent phase of SE; it is important to identify how motivation influences RE. This study aims to identify the influence of motivation on RE, provide a better understanding of its effects, and offer guidance on how to handle them. By conducting semi-structured interviews with 21 RE-involved software practitioners, we developed a preliminary theoretical framework using socio-technical grounded theory (STGT) to explain the influence of motivation on RE. Our framework attempts to explain the contextual, causal, and intervening conditions that can give rise to or mediate the influence of motivation on RE. Furthermore, we have discovered a set of strategies that can enhance motivating situations or mitigate demotivating ones and the consequences resulting from applying these strategies. Our findings will benefit software practitioners by offering guidance on managing the influence of motivation on RE and assist researchers in refining and exploring our theoretical framework for diverse SE contexts in the future.
△ Less
Submitted 17 April, 2023;
originally announced April 2023.
-
Taming Android Fragmentation through Lightweight Crowdsourced Testing
Authors:
Xiaoyu Sun,
Xiao Chen,
Yonghui Liu,
John Grundy,
Li Li
Abstract:
Android fragmentation refers to the overwhelming diversity of Android devices and OS versions. These lead to the impossibility of testing an app on every supported device, leaving a number of compatibility bugs scattered in the community and thereby resulting in poor user experiences. To mitigate this, our fellow researchers have designed various works to automatically detect such compatibility is…
▽ More
Android fragmentation refers to the overwhelming diversity of Android devices and OS versions. These lead to the impossibility of testing an app on every supported device, leaving a number of compatibility bugs scattered in the community and thereby resulting in poor user experiences. To mitigate this, our fellow researchers have designed various works to automatically detect such compatibility issues. However, the current state-of-the-art tools can only be used to detect specific kinds of compatibility issues (i.e., compatibility issues caused by API signature evolution), i.e., many other essential types of compatibility issues are still unrevealed. For example, customized OS versions on real devices and semantic changes of OS could lead to serious compatibility issues, which are non-trivial to be detected statically. To this end, we propose a novel, lightweight, crowdsourced testing approach, LAZYCOW, to fill this research gap and enable the possibility of taming Android fragmentation through crowdsourced efforts. Specifically, crowdsourced testing is an emerging alternative to conventional mobile testing mechanisms that allow developers to test their products on real devices to pinpoint platform-specific issues. Experimental results on thousands of test cases on real-world Android devices show that LAZYCOW is effective in automatically identifying and verifying API-induced compatibility issues. Also, after investigating the user experience through qualitative metrics, users' satisfaction provides strong evidence that LAZYCOW is useful and welcome in practice.
△ Less
Submitted 17 June, 2023; v1 submitted 9 April, 2023;
originally announced April 2023.
-
Requirements Engineering Framework for Human-centered Artificial Intelligence Software Systems
Authors:
Khlood Ahmad,
Mohamed Abdelrazek,
Chetan Arora,
Arbind Agrahari Baniya,
Muneera Bano,
John Grundy
Abstract:
[Context] Artificial intelligence (AI) components used in building software solutions have substantially increased in recent years. However, many of these solutions focus on technical aspects and ignore critical human-centered aspects. [Objective] Including human-centered aspects during requirements engineering (RE) when building AI-based software can help achieve more responsible, unbiased, and i…
▽ More
[Context] Artificial intelligence (AI) components used in building software solutions have substantially increased in recent years. However, many of these solutions focus on technical aspects and ignore critical human-centered aspects. [Objective] Including human-centered aspects during requirements engineering (RE) when building AI-based software can help achieve more responsible, unbiased, and inclusive AI-based software solutions. [Method] In this paper, we present a new framework developed based on human-centered AI guidelines and a user survey to aid in collecting requirements for human-centered AI-based software. We provide a catalog to elicit these requirements and a conceptual model to present them visually. [Results] The framework is applied to a case study to elicit and model requirements for enhancing the quality of 360 degree~videos intended for virtual reality (VR) users. [Conclusion] We found that our proposed approach helped the project team fully understand the human-centered needs of the project to deliver. Furthermore, the framework helped to understand what requirements need to be captured at the initial stages against later stages in the engineering process of AI-based software.
△ Less
Submitted 18 May, 2023; v1 submitted 6 March, 2023;
originally announced March 2023.
-
Requirements Elicitation and Modelling of Artificial Intelligence Systems: An Empirical Study
Authors:
Khlood Ahmad,
Mohamed Abdelrazek,
Chetan Arora,
John Grundy,
Muneera Bano
Abstract:
Artificial Intelligence (AI) systems have gained significant traction in the recent past, creating new challenges in requirements engineering (RE) when building AI software systems. RE for AI practices have not been studied much and have scarce empirical studies. Additionally, many AI software solutions tend to focus on the technical aspects and ignore human-centered values. In this paper, we repo…
▽ More
Artificial Intelligence (AI) systems have gained significant traction in the recent past, creating new challenges in requirements engineering (RE) when building AI software systems. RE for AI practices have not been studied much and have scarce empirical studies. Additionally, many AI software solutions tend to focus on the technical aspects and ignore human-centered values. In this paper, we report on a case study for eliciting and modeling requirements using our framework and a supporting tool for human-centred RE for AI systems. Our case study is a mobile health application for encouraging type-2 diabetic people to reduce their sedentary behavior. We conducted our study with three experts from the app team -- a software engineer, a project manager and a data scientist. We found in our study that most human-centered aspects were not originally considered when develo** the first version of the application. We also report on other insights and challenges faced in RE for the health application, e.g., frequently changing requirements.
△ Less
Submitted 12 February, 2023;
originally announced February 2023.
-
Requirements Practices and Gaps When Engineering Human-Centered Artificial Intelligence Systems
Authors:
Khlood Ahmad,
Mohamed Abdelrazek,
Chetan Arora,
Muneera Bano,
John Grundy
Abstract:
[Context] Engineering Artificial Intelligence (AI) software is a relatively new area with many challenges, unknowns, and limited proven best practices. Big companies such as Google, Microsoft, and Apple have provided a suite of recent guidelines to assist engineering teams in building human-centered AI systems. [Objective] The practices currently adopted by practitioners for develo** such system…
▽ More
[Context] Engineering Artificial Intelligence (AI) software is a relatively new area with many challenges, unknowns, and limited proven best practices. Big companies such as Google, Microsoft, and Apple have provided a suite of recent guidelines to assist engineering teams in building human-centered AI systems. [Objective] The practices currently adopted by practitioners for develo** such systems, especially during Requirements Engineering (RE), are little studied and reported to date. [Method] This paper presents the results of a survey conducted to understand current industry practices in RE for AI (RE4AI) and to determine which key human-centered AI guidelines should be followed. Our survey is based on map** existing industrial guidelines, best practices, and efforts in the literature. [Results] We surveyed 29 professionals and found most participants agreed that all the human-centered aspects we mapped should be addressed in RE. Further, we found that most participants were using UML or Microsoft Office to present requirements. [Conclusion] We identify that most of the tools currently used are not equipped to manage AI-based software, and the use of UML and Office may pose issues to the quality of requirements captured for AI. Also, all human-centered practices mapped from the guidelines should be included in RE.
△ Less
Submitted 24 January, 2023;
originally announced January 2023.
-
Requirements Engineering for Artificial Intelligence Systems: A Systematic Map** Study
Authors:
Khlood Ahmad,
Mohamed Abdelrazek,
Chetan Arora,
Muneera Bano,
John Grundy
Abstract:
[Context] In traditional software systems, Requirements Engineering (RE) activities are well-established and researched. However, building Artificial Intelligence (AI) based software with limited or no insight into the system's inner workings poses significant new challenges to RE. Existing literature has focused on using AI to manage RE activities, with limited research on RE for AI (RE4AI). [Obj…
▽ More
[Context] In traditional software systems, Requirements Engineering (RE) activities are well-established and researched. However, building Artificial Intelligence (AI) based software with limited or no insight into the system's inner workings poses significant new challenges to RE. Existing literature has focused on using AI to manage RE activities, with limited research on RE for AI (RE4AI). [Objective] This paper investigates current approaches for specifying requirements for AI systems, identifies available frameworks, methodologies, tools, and techniques used to model requirements, and finds existing challenges and limitations. [Method] We performed a systematic map** study to find papers on current RE4AI approaches. We identified 43 primary studies and analysed the existing methodologies, models, tools, and techniques used to specify and model requirements in real-world scenarios. [Results] We found several challenges and limitations of existing RE4AI practices. The findings highlighted that current RE applications were not adequately adaptable for building AI systems and emphasised the need to provide new techniques and tools to support RE4AI. [Conclusion] Our results showed that most of the empirical studies on RE4AI focused on autonomous, self-driving vehicles and managing data requirements, and areas such as ethics, trust, and explainability need further research.
△ Less
Submitted 20 December, 2022;
originally announced December 2022.
-
Automated Detection, Categorisation and Developers' Experience with the Violations of Honesty in Mobile Apps
Authors:
Humphrey O. Obie,
Hung Du,
Kashumi Madampe,
Mojtaba Shahin,
Idowu Ilekura,
John Grundy,
Li Li,
Jon Whittle,
Burak Turhan,
Hourieh Khalajzadeh
Abstract:
Human values such as honesty, social responsibility, fairness, privacy, and the like are things considered important by individuals and society. Software systems, including mobile software applications (apps), may ignore or violate such values, leading to negative effects in various ways for individuals and society. While some works have investigated different aspects of human values in software e…
▽ More
Human values such as honesty, social responsibility, fairness, privacy, and the like are things considered important by individuals and society. Software systems, including mobile software applications (apps), may ignore or violate such values, leading to negative effects in various ways for individuals and society. While some works have investigated different aspects of human values in software engineering, this mixed-methods study focuses on honesty as a critical human value. In particular, we studied (i) how to detect honesty violations in mobile apps, (ii) the types of honesty violations in mobile apps, and (iii) the perspectives of app developers on these detected honesty violations. We first develop and evaluate 7 machine learning (ML) models to automatically detect violations of the value of honesty in app reviews from an end user perspective. The most promising was a Deep Neural Network model with F1 score of 0.921. We then conducted a manual analysis of 401 reviews containing honesty violations and characterised honest violations in mobile apps into 10 categories: unfair cancellation and refund policies; false advertisements; delusive subscriptions; cheating systems; inaccurate information; unfair fees; no service; deletion of reviews; impersonation; and fraudulent looking apps. A developer survey and interview study with mobile developers then identified 7 key causes behind honesty violations in mobile apps and 8 strategies to avoid or fix such violations. The findings of our developer study also articulate the negative consequences that honesty violations might bring for businesses, developers, and users. Finally, the app developers' feedback shows that our prototype ML-based models can have promising benefits in practice.
△ Less
Submitted 14 November, 2022;
originally announced November 2022.
-
A Comparative Study of Smartphone and Smart TV Apps
Authors:
Yonghui Liu,
Xiao Chen,
Yue Liu,
**fan Kong,
Tegawendé F. Bissyande,
Jacques Klein,
Xiaoyu Sun,
Chunyang Chen,
John Grundy
Abstract:
Context: Smart TVs have become one of the most popular television types. Many app developers and service providers have designed TV versions for their smartphone applications. Despite the extensive studies on mobile app analysis, its TV equivalents receive far too little attention. The relationship between phone and TV has not been the subject of research works. Objective: In this paper, we aim to…
▽ More
Context: Smart TVs have become one of the most popular television types. Many app developers and service providers have designed TV versions for their smartphone applications. Despite the extensive studies on mobile app analysis, its TV equivalents receive far too little attention. The relationship between phone and TV has not been the subject of research works. Objective: In this paper, we aim to characterize the relationship between smartphone and smart TV apps. To fill this gap, we conduct a comparative study on smartphone and smart TV apps in this work, which is the starting and fundamental step to uncover the domain-specific challenges. Method: We gather a large-scale phone/TV app pairs from Google Play Store. We then analyzed the app pairs quantitatively and qualitatively from a variety of perspectives, including non-code (e.g., metadata, resources, permissions, etc.), code (e.g., components, methods, user interactions, etc.), security and privacy (e.g., reports of AndroBugs and FlowDroid). Results: Our experimental results indicate that (1) the code of the smartphone and TV apps can be released in the same app package or in separate app packages with the same package name; (2) 43% of resource files and 50% of code methods are reused between phone/TV app pairs; (3) TV and phone versions of the same app often encounter different kinds of security vulnerabilities; and (4) TV apps encounter fewer user interactions than their phone versions, but the type of user interaction events, surprisingly, are similar between phone/TV apps. Conclution: Our findings are valuable for developers and academics in comprehending the TV app ecosystem by providing additional insight into the migration of phone apps to TVs and the design mechanism of analysis tools for TV apps.
△ Less
Submitted 3 November, 2022;
originally announced November 2022.
-
Technical Q&A Site Answer Recommendation via Question Boosting
Authors:
Zhipeng Gao,
Xin Xia,
David Lo,
John Grundy
Abstract:
Software developers have heavily used online question and answer platforms to seek help to solve their technical problems. However, a major problem with these technical Q&A sites is "answer hungriness" i.e., a large number of questions remain unanswered or unresolved, and users have to wait for a long time or painstakingly go through the provided answers with various levels of quality. To alleviat…
▽ More
Software developers have heavily used online question and answer platforms to seek help to solve their technical problems. However, a major problem with these technical Q&A sites is "answer hungriness" i.e., a large number of questions remain unanswered or unresolved, and users have to wait for a long time or painstakingly go through the provided answers with various levels of quality. To alleviate this time-consuming problem, we propose a novel DeepAns neural network-based approach to identify the most relevant answer among a set of answer candidates. Our approach follows a three-stage process: question boosting, label establishment, and answer recommendation. Given a post, we first generate a clarifying question as a way of question boosting. We automatically establish the positive, neutral+, neutral- and negative training samples via label establishment. When it comes to answer recommendation, we sort answer candidates by the matching scores calculated by our neural network-based model. To evaluate the performance of our proposed model, we conducted a large scale evaluation on four datasets, collected from the real world technical Q&A sites (i.e., Ask Ubuntu, Super User, Stack Overflow Python and Stack Overflow Java). Our experimental results show that our approach significantly outperforms several state-of-the-art baselines in automatic evaluation. We also conducted a user study with 50 solved/unanswered/unresolved questions. The user study results demonstrate that our approach is effective in solving the answer hungry problem by recommending the most relevant answers from historical archives.
△ Less
Submitted 27 October, 2022;
originally announced October 2022.
-
I Know What You Are Searching For: Code Snippet Recommendation from Stack Overflow Posts
Authors:
Zhipeng Gao,
Xin Xia,
David Lo,
John Grundy,
Xindong Zhang,
Zhenchang Xing
Abstract:
Stack Overflow has been heavily used by software developers to seek programming-related information. More and more developers use Community Question and Answer forums, such as Stack Overflow, to search for code examples of how to accomplish a certain coding task. This is often considered to be more efficient than working from source documentation, tutorials or full worked examples. However, due to…
▽ More
Stack Overflow has been heavily used by software developers to seek programming-related information. More and more developers use Community Question and Answer forums, such as Stack Overflow, to search for code examples of how to accomplish a certain coding task. This is often considered to be more efficient than working from source documentation, tutorials or full worked examples. However, due to the complexity of these online Question and Answer forums and the very large volume of information they contain, developers can be overwhelmed by the sheer volume of available information. This makes it hard to find and/or even be aware of the most relevant code examples to meet their needs. To alleviate this issue, in this work we present a query-driven code recommendation tool, named Que2Code, that identifies the best code snippets for a user query from Stack Overflow posts. Our approach has two main stages: (i) semantically-equivalent question retrieval and (ii) best code snippet recommendation. To evaluate the performance of our proposed model, we conduct a large scale experiment to evaluate the effectiveness of the semantically-equivalent question retrieval task and best code snippet recommendation task separately on Python and Java datasets in Stack Overflow. We also perform a human study to measure how real-world developers perceive the results generated by our model. Both the automatic and human evaluation results demonstrate the promising performance of our model, and we have released our code and data to assist other researchers.
△ Less
Submitted 27 October, 2022;
originally announced October 2022.
-
A First Look at CI/CD Adoptions in Open-Source Android Apps
Authors:
Pei Liu,
Xiaoyu Sun,
Yanjie Zhao,
Yonghui Liu,
John Grundy,
Li Li
Abstract:
Continuous Integration (CI) and Continuous Delivery (CD) have been demonstrated to be effective in facilitating software building, testing, and deployment. Many research studies have investigated and subsequently improved their working processes. Unfortunately, such research efforts have largely not touched on the usage of CI/CD in the development of Android apps. We fill this gap by conducting an…
▽ More
Continuous Integration (CI) and Continuous Delivery (CD) have been demonstrated to be effective in facilitating software building, testing, and deployment. Many research studies have investigated and subsequently improved their working processes. Unfortunately, such research efforts have largely not touched on the usage of CI/CD in the development of Android apps. We fill this gap by conducting an exploratory study of CI/CD adoption in open-source Android apps. We start by collecting a set of 84,475 open-source Android apps from the most popular three online code hosting sites, namely Github, GitLab, and Bitbucket. We then look into those apps and find that (1) only around 10\% of apps have leveraged CI/CD services, i.e., the majority of open-source Android apps are developed without accessing CI/CD services, (2) a small number of apps (291) has even adopted multiple CI/CD services, (3) nearly half of the apps adopted CI/CD services have not really used them, and (4) CI/CD services are useful to improve the popularity of projects.
△ Less
Submitted 22 October, 2022;
originally announced October 2022.
-
Demystifying Hidden Sensitive Operations in Android apps
Authors:
Xiaoyu Sun,
Xiao Chen,
Li Li,
Haipeng Cai,
John Grundy,
Jordan Samhi,
Tegawendé F. Bissyandé,
Jacques Klein
Abstract:
Security of Android devices is now paramount, given their wide adoption among consumers. As researchers develop tools for statically or dynamically detecting suspicious apps, malware writers regularly update their attack mechanisms to hide malicious behavior implementation. This poses two problems to current research techniques: static analysis approaches, given their over-approximations, can repo…
▽ More
Security of Android devices is now paramount, given their wide adoption among consumers. As researchers develop tools for statically or dynamically detecting suspicious apps, malware writers regularly update their attack mechanisms to hide malicious behavior implementation. This poses two problems to current research techniques: static analysis approaches, given their over-approximations, can report an overwhelming number of false alarms, while dynamic approaches will miss those behaviors that are hidden through evasion techniques. We propose in this work a static approach specifically targeted at highlighting hidden sensitive operations, mainly sensitive data flows. The prototype version of HiSenDroid has been evaluated on a large-scale dataset of thousands of malware and goodware samples on which it successfully revealed anti-analysis code snippets aiming at evading detection by dynamic analysis. We further experimentally show that, with FlowDroid, some of the hidden sensitive behaviors would eventually lead to private data leaks. Those leaks would have been hard to spot either manually among the large number of false positives reported by the state of the art static analyzers, or by dynamic tools. Overall, by putting the light on hidden sensitive operations, HiSenDroid helps security analysts in validating potential sensitive data operations, which would be previously unnoticed.
△ Less
Submitted 19 October, 2022;
originally announced October 2022.
-
The Impact of Personality on Requirements Engineering Activities: A Mixed-Methods Study
Authors:
Dulaji Hidellaarachchi,
John Grundy,
Rashina Hoda,
Ingo Mueller
Abstract:
Context: Requirements engineering (RE) is an important part of Software Engineering (SE), consisting of various human-centric activities that require the frequent collaboration of a variety of roles. Prior research has shown that personality is one such human aspect that has a huge impact on the success of a software project. However, a limited number of empirical studies exist focusing on the imp…
▽ More
Context: Requirements engineering (RE) is an important part of Software Engineering (SE), consisting of various human-centric activities that require the frequent collaboration of a variety of roles. Prior research has shown that personality is one such human aspect that has a huge impact on the success of a software project. However, a limited number of empirical studies exist focusing on the impact of personality on RE activities. Objective: The objective of this study is to explore and identify the impact of personality on RE activities, provide a better understanding of these impacts, and provide guidance on how to better handle these impacts in RE. Method: We used a mixed-methods approach, including a personality test-based survey (50 participants) and an in-depth interview study (15 participants) with software practitioners from around the world involved in RE activities. Results: Through personality test analysis, we found a majority of the practitioners have a high score on agreeableness and conscientiousness traits and an average score on extraversion and neuroticism traits. Through analysis of the interviews, we found a range of impacts related to the personality traits of software practitioners, their team members, and external stakeholders. These impacts can be positive or negative, depending on the RE activities, the overall software development process, and the people involved in these activities. Moreover, we found a set of strategies that can be applied to mitigate the negative impact of personality on RE activities. Conclusion: Our identified impacts of personality on RE activities and mitigation strategies serve to provide guidance to software practitioners on handling such possible personality impacts on RE activities and for researchers to investigate these impacts in greater depth in future.
△ Less
Submitted 20 November, 2023; v1 submitted 12 October, 2022;
originally announced October 2022.
-
Diverse End User Requirements
Authors:
John Grundy,
Tanjila Kanij,
Jennifer McIntosh,
Hourieh Khalajzadeh,
Ingo Mueller
Abstract:
As part of our larger research effort to improve support for diverse end user human-centric aspects during software development, we wanted to better understand how developers currently go about addressing these challenging human-centric aspects of their end users in contemporary software development projects. We wanted to find out which are the key end user human-centric aspects that software deve…
▽ More
As part of our larger research effort to improve support for diverse end user human-centric aspects during software development, we wanted to better understand how developers currently go about addressing these challenging human-centric aspects of their end users in contemporary software development projects. We wanted to find out which are the key end user human-centric aspects that software developers currently find challenging to address, and how they currently go about trying to address diverse end user human-centric aspects. We wanted to find out what sorts of end user human-centric aspects they tend to encounter, which ones they view as more important and which more challenging to address, what techniques (if any) they currently use to address (some of) them, and where they perceive further research in this area could be done to provide them practical support. To this end we carried out a detailed online survey of developers and development team managers, receiving 60 usable responses. We interviewed 12 developers and managers from a range of different practice domains, role specialisations and experience levels to explore further details about issues.
△ Less
Submitted 5 October, 2022;
originally announced October 2022.
-
Dealing with Data Challenges when Delivering Data-Intensive Software Solutions
Authors:
Ulrike M. Graetsch,
Hourieh Khalajzadeh,
Mojtaba Shahin,
Rashina Hoda,
John Grundy
Abstract:
The predicted increase in demand for data-intensive solution development is driving the need for software, data, and domain experts to effectively collaborate in multi-disciplinary data-intensive software teams (MDSTs). We conducted a socio-technical grounded theory study through interviews with 24 practitioners in MDSTs to better understand the challenges these teams face when delivering data-int…
▽ More
The predicted increase in demand for data-intensive solution development is driving the need for software, data, and domain experts to effectively collaborate in multi-disciplinary data-intensive software teams (MDSTs). We conducted a socio-technical grounded theory study through interviews with 24 practitioners in MDSTs to better understand the challenges these teams face when delivering data-intensive software solutions. The interviews provided perspectives across different types of roles including domain, data and software experts, and covered different organisational levels from team members, team managers to executive leaders. We found that the key concern for these teams is dealing with data-related challenges. In this paper, we present the theory of dealing with data challenges that explains the challenges faced by MDSTs including gaining access to data, aligning data, understanding data, and resolving data quality issues; the context in and condition under which these challenges occur, the causes that lead to the challenges, and the related consequences such as having to conduct remediation activities, inability to achieve expected outcomes and lack of trust in the delivered solutions. We also identified contingencies or strategies applied to address the challenges including high-level strategic approaches such as implementing data governance, implementing new tools and techniques such as data quality visualisation and monitoring tools, as well as building stronger teams by focusing on people dynamics, communication skill development and cross-skilling. Our findings have direct implications for practitioners and researchers to better understand the landscape of data challenges and how to deal with them.
△ Less
Submitted 24 March, 2023; v1 submitted 27 September, 2022;
originally announced September 2022.
-
Statement-Level Vulnerability Detection: Learning Vulnerability Patterns Through Information Theory and Contrastive Learning
Authors:
Van Nguyen,
Trung Le,
Chakkrit Tantithamthavorn,
Michael Fu,
John Grundy,
Hung Nguyen,
Seyit Camtepe,
Paul Quirk,
Dinh Phung
Abstract:
Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most current approaches to vulnerability labelling are done on a function or program level by experts with the assistance of machine learning tools. Extending this ap…
▽ More
Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most current approaches to vulnerability labelling are done on a function or program level by experts with the assistance of machine learning tools. Extending this approach to the code statement level is much more costly and time-consuming and remains an open problem. In this paper, we propose a novel end-to-end deep learning-based approach to identify the vulnerability-relevant code statements of a specific function. Inspired by the specific structures observed in real-world vulnerable code, we first leverage mutual information for learning a set of latent variables representing the relevance of the source code statements to the corresponding function's vulnerability. We then propose novel clustered spatial contrastive learning in order to further improve the representation learning and the robust selection process of vulnerability-relevant code statements. Experimental results on real-world datasets of 200k+ C/C++ functions show the superiority of our method over other state-of-the-art baselines. In general, our method obtains a higher performance in VCP, VCA, and Top-10 ACC measures of between 3% to 14% over the baselines when running on real-world datasets in an unsupervised setting. Our released source code samples are publicly available at \href{https://github.com/vannguyennd/livuitcl}{https://github.com/vannguyennd/livuitcl.}
△ Less
Submitted 11 June, 2024; v1 submitted 19 September, 2022;
originally announced September 2022.
-
Cross Project Software Vulnerability Detection via Domain Adaptation and Max-Margin Principle
Authors:
Van Nguyen,
Trung Le,
Chakkrit Tantithamthavorn,
John Grundy,
Hung Nguyen,
Dinh Phung
Abstract:
Software vulnerabilities (SVs) have become a common, serious and crucial concern due to the ubiquity of computer software. Many machine learning-based approaches have been proposed to solve the software vulnerability detection (SVD) problem. However, there are still two open and significant issues for SVD in terms of i) learning automatic representations to improve the predictive performance of SV…
▽ More
Software vulnerabilities (SVs) have become a common, serious and crucial concern due to the ubiquity of computer software. Many machine learning-based approaches have been proposed to solve the software vulnerability detection (SVD) problem. However, there are still two open and significant issues for SVD in terms of i) learning automatic representations to improve the predictive performance of SVD, and ii) tackling the scarcity of labeled vulnerabilities datasets that conventionally need laborious labeling effort by experts. In this paper, we propose a novel end-to-end approach to tackle these two crucial issues. We first exploit the automatic representation learning with deep domain adaptation for software vulnerability detection. We then propose a novel cross-domain kernel classifier leveraging the max-margin principle to significantly improve the transfer learning process of software vulnerabilities from labeled projects into unlabeled ones. The experimental results on real-world software datasets show the superiority of our proposed method over state-of-the-art baselines. In short, our method obtains a higher performance on F1-measure, the most important measure in SVD, from 1.83% to 6.25% compared to the second highest method in the used datasets. Our released source code samples are publicly available at https://github.com/vannguyennd/dam2p
△ Less
Submitted 19 September, 2022;
originally announced September 2022.
-
Mining Android API Usage to Generate Unit Test Cases for Pinpointing Compatibility Issues
Authors:
Xiaoyu Sun,
Xiao Chen,
Yanjie Zhao,
Pei Liu,
John Grundy,
Li Li
Abstract:
Despite being one of the largest and most popular projects, the official Android framework has only provided test cases for less than 30% of its APIs. Such a poor test case coverage rate has led to many compatibility issues that can cause apps to crash at runtime on specific Android devices, resulting in poor user experiences for both apps and the Android ecosystem. To mitigate this impact, variou…
▽ More
Despite being one of the largest and most popular projects, the official Android framework has only provided test cases for less than 30% of its APIs. Such a poor test case coverage rate has led to many compatibility issues that can cause apps to crash at runtime on specific Android devices, resulting in poor user experiences for both apps and the Android ecosystem. To mitigate this impact, various approaches have been proposed to automatically detect such compatibility issues. Unfortunately, these approaches have only focused on detecting signature-induced compatibility issues (i.e., a certain API does not exist in certain Android versions), leaving other equally important types of compatibility issues unresolved. In this work, we propose a novel prototype tool, JUnitTestGen, to fill this gap by mining existing Android API usage to generate unit test cases. After locating Android API usage in given real-world Android apps, JUnitTestGen performs inter-procedural backward data-flow analysis to generate a minimal executable code snippet (i.e., test case). Experimental results on thousands of real-world Android apps show that JUnitTestGen is effective in generating valid unit test cases for Android APIs. We show that these generated test cases are indeed helpful for pinpointing compatibility issues, including ones involving semantic code changes.
△ Less
Submitted 29 August, 2022;
originally announced August 2022.
-
The Role of Emotional Intelligence in Handling Requirements Changes in Software Engineering
Authors:
Kashumi Madampe,
Rashina Hoda,
John Grundy
Abstract:
Background: Requirements changes (RCs) are inevitable in Software Engineering. Research shows that emotional intelligence (EI) should be used alongside agility and cognitive intelligence during RC handling. Objective: We wanted to study the role of EI in-depth during RC handling. Method: We conducted a socio-technical grounded theory study with eighteen software practitioners from Australia, New Z…
▽ More
Background: Requirements changes (RCs) are inevitable in Software Engineering. Research shows that emotional intelligence (EI) should be used alongside agility and cognitive intelligence during RC handling. Objective: We wanted to study the role of EI in-depth during RC handling. Method: We conducted a socio-technical grounded theory study with eighteen software practitioners from Australia, New Zealand, Singapore, and Sri Lanka. Findings: We found causal condition (software practitioners handling RCs), intervening condition (mode of work), causes (being aware of own emotions, being aware of others' emotions), direct consequences (regulating own emotions, managing relationships), extended consequences (sustaining productivity, setting and sustaining team goals), and contingencies: strategies (open and regular communication, tracking commitments and issues, and ten other strategies) of using EI during RC handling. We also found the covariances where strategies co-vary with the causes and direct consequences, and ease/ difficulty in executing strategies co-vary with the intervening condition. Conclusion: Open and regular communication is key to EI during RC handling. To the best of our knowledge, the framework we present in this paper is the first theoretical framework on EI in Software Engineering research. We provide recommendations including a problem-solution chart in the form of causes, direct consequences, and mode of work against the contingencies: strategies for software practitioners to consider during RC handling, and future directions of research.
△ Less
Submitted 23 June, 2022;
originally announced June 2022.
-
Software Engineering in Australasia
Authors:
Sherlock A. Licorish,
Christoph Treude,
John Grundy,
Chakkrit Tantithamthavorn,
Kelly Blincoe,
Stephen MacDonell,
Li Li,
Jean-Guy Schneider
Abstract:
Six months ago an important call was made for researchers globally to provide insights into the way Software Engineering is done in their region. Heeding this call we hereby outline the position Software Engineering in Australasia (New Zealand and Australia). This article first considers the software development methods practices and tools that are popular in the Australasian software engineering…
▽ More
Six months ago an important call was made for researchers globally to provide insights into the way Software Engineering is done in their region. Heeding this call we hereby outline the position Software Engineering in Australasia (New Zealand and Australia). This article first considers the software development methods practices and tools that are popular in the Australasian software engineering community. We then briefly review the particular strengths of software engineering researchers in Australasia. Finally we make an open call for collaborators by reflecting on our current position and identifying future opportunities
△ Less
Submitted 10 June, 2022;
originally announced June 2022.
-
An Empirical Study on How Well Do COVID-19 Information Dashboards Service Users' Information Needs
Authors:
Xinyan Li,
Han Wang,
Chunyang Chen,
John Grundy
Abstract:
The ongoing COVID-19 pandemic highlights the importance of dashboards for providing critical real-time information. In order to enable people to obtain information in time and to understand complex statistical data, many developers have designed and implemented public-oriented COVID-19 "information dashboards" during the pandemic. However, development often takes a long time and developers are not…
▽ More
The ongoing COVID-19 pandemic highlights the importance of dashboards for providing critical real-time information. In order to enable people to obtain information in time and to understand complex statistical data, many developers have designed and implemented public-oriented COVID-19 "information dashboards" during the pandemic. However, development often takes a long time and developers are not clear about many people's information needs, resulting in gaps between information needs and supplies. According to our empirical study and observations with popular developed COVID-19 dashboards, this seriously impedes information acquirement. Our study compares people's needs on Twitter with existing information suppliers. We determine that despite the COVID-19 information that is currently on existing dashboards, people are also interested in the relationship between COVID-19 and other viruses, the origin of COVID-19, vaccine development, fake new about COVID-19, impact on women, impact on school/university, and impact on business. Most of these have not yet been well addressed. We also summarise the visualization and interaction patterns commonly applied in dashboards, finding key patterns between data and visualization as well as visualization and interaction. Our findings can help developers to better optimize their dashboard to meet people's needs and make improvements to future crisis management dashboard development.
△ Less
Submitted 29 May, 2022;
originally announced June 2022.
-
Automatically Detecting API-induced Compatibility Issues in Android Apps: A Comparative Analysis (Replicability Study)
Authors:
Pei Liu,
Yanjie Zhao,
Haipeng Cai,
Mattia Fazzini,
John Grundy,
Li Li
Abstract:
Fragmentation is a serious problem in the Android ecosystem. This problem is mainly caused by the fast evolution of the system itself and the various customizations independently maintained by different smartphone manufacturers. Many efforts have attempted to mitigate its impact via approaches to automatically pinpoint compatibility issues in Android apps. Unfortunately, at this stage, it is still…
▽ More
Fragmentation is a serious problem in the Android ecosystem. This problem is mainly caused by the fast evolution of the system itself and the various customizations independently maintained by different smartphone manufacturers. Many efforts have attempted to mitigate its impact via approaches to automatically pinpoint compatibility issues in Android apps. Unfortunately, at this stage, it is still unknown if this objective has been fulfilled, and the existing approaches can indeed be replicated and reliably leveraged to pinpoint compatibility issues in the wild. We, therefore, propose to fill this gap by first conducting a literature review within this topic to identify all the available approaches. Among the nine identified approaches, we then try our best to reproduce them based on their original datasets. After that, we go one step further to empirically compare those approaches against common datasets with real-world apps containing compatibility issues. Experimental results show that existing tools can indeed be reproduced, but their capabilities are quite distinct, as confirmed by the fact that there is only a small overlap of the results reported by the selected tools. This evidence suggests that more efforts should be spent by our community to achieve sound compatibility issues detection.
△ Less
Submitted 31 May, 2022;
originally announced May 2022.
-
Identifying and Characterizing Silently-Evolved Methods in the Android API
Authors:
Pei Liu,
Li Li,
Yichun Yan,
Mattia Fazzini,
John Grundy
Abstract:
With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop their Android apps. Unfortunately, because the Android platform and its API evolve at an extremely rapid pace, app developers need to continually monitor API cha…
▽ More
With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop their Android apps. Unfortunately, because the Android platform and its API evolve at an extremely rapid pace, app developers need to continually monitor API changes to avoid compatibility issues in their apps (\ie issues that prevent apps from working as expected when running on newer versions of the API). Despite a large number of studies on compatibility issues in the Android API, the research community has not yet investigated issues related to silently-evolved methods (SEMs). These methods are functions whose behavior might have changed but the corresponding documentation did not change accordingly. Because app developers rely on the provided documentation to evolve their apps, changes to methods that are not suitably documented may lead to unexpected failures in the apps using these methods.
To shed light on this type of issue, we conducted a large-scale empirical study in which we identified and characterized SEMs across ten versions of the Android API. In the study, we identified SEMs, characterized the nature of the changes, and analyzed the impact of SEMs on a set of 1,000 real-world Android apps. Our experimental results show that SEMs do exist in the Android API, and that 957 of the apps we considered use at least one SEM. Based on these results, we argue that the Android platform developers should take actions to avoid introducing SEMs, especially those involving semantic changes. This situation highlights the need for automated techniques and tools to help Android practitioners in this task.
△ Less
Submitted 31 May, 2022;
originally announced May 2022.
-
Do Customized Android Frameworks Keep Pace with Android?
Authors:
Pei Liu,
Mattia Fazzini,
John Grundy,
Li Li
Abstract:
To satisfy varying customer needs, device vendors and OS providers often rely on the open-source nature of the Android OS and offer customized versions of the Android OS. When a new version of the Android OS is released, device vendors and OS providers need to merge the changes from the Android OS into their customizations to account for its bug fixes, security patches, and new features. Because d…
▽ More
To satisfy varying customer needs, device vendors and OS providers often rely on the open-source nature of the Android OS and offer customized versions of the Android OS. When a new version of the Android OS is released, device vendors and OS providers need to merge the changes from the Android OS into their customizations to account for its bug fixes, security patches, and new features. Because developers of customized OSs might have made changes to code locations that were also modified by the developers of the Android OS, the merge task can be characterized by conflicts, which can be time-consuming and error-prone to resolve.
To provide more insight into this critical aspect of the Android ecosystem, we present an empirical study that investigates how eight open-source customizations of the Android OS merge the changes from the Android OS into their projects. The study analyzes how often the developers from the customized OSs merge changes from the Android OS, how often the developers experience textual merge conflicts, and the characteristics of these conflicts. Furthermore, to analyze the effect of the conflicts, the study also analyzes how the conflicts can affect a randomly selected sample of 1,000 apps. After analyzing 1,148 merge operations, we identified that developers perform these operations for 9.7\% of the released versions of the Android OS, developers will encounter at least one conflict in 41.3\% of the merge operations, 58.1\% of the conflicts required developers to change the customized OSs, and 64.4\% of the apps considered use at least one method affected by a conflict. In addition to detailing our results, the paper also discusses the implications of our findings and provides insights for researchers and practitioners working with Android and its customizations.
△ Less
Submitted 31 May, 2022;
originally announced May 2022.
-
Emotion-Centric Requirements Change Handling in Software Engineering
Authors:
Kashumi Madampe,
Rashina Hoda,
John Grundy
Abstract:
Background: Requirements Changes (RCs) -- the additions/modifications/deletions of functional/non-functional requirements in software products -- are challenging for software practitioners to handle. Handling some changes may significantly impact the emotions of the practitioners. Objective: We wanted to know the key challenges that make RC handling difficult, how these impact the emotions of soft…
▽ More
Background: Requirements Changes (RCs) -- the additions/modifications/deletions of functional/non-functional requirements in software products -- are challenging for software practitioners to handle. Handling some changes may significantly impact the emotions of the practitioners. Objective: We wanted to know the key challenges that make RC handling difficult, how these impact the emotions of software practitioners, what influences their RC handling, and how RC handling can be made less emotionally challenging. Method: We followed a mixed-methods approach. We conducted two survey studies, with 40 participants and 201 participants respectively. The presentation of key quantitative data was followed by descriptive statistical analysis, and the qualitative data was analysed using Strauss-Corbinian Grounded Theory, and Socio-Technical Grounded Theory analysis techniques. Findings:We found (1) several key factors that make RC handling an emotional challenge, (2) varying emotions that practitioners feel when it is challenging to handle RCs, (3) how stakeholders, including practitioners themselves, peers, managers and customers, influence the RC handling and how practitioners feel due to the stakeholder influence, and (4) practices that can be used to better handle RCs. Conclusion: Some challenges are technical and some are social which also belong to aspects of agile practice, emotional intelligence, and cognitive intelligence. Therefore, to better handle RCs with positive emotions in socio-technical environments, agility, emotional intelligence, and cognitive intelligence need to cooperate with each other.
△ Less
Submitted 11 May, 2022;
originally announced May 2022.