SlideShare uma empresa Scribd logo

My life as a cyborg

Alexander Serebrenik
Alexander Serebrenik

Research seminar slides at URJC June 6. Briefly: social analysis; more detailed: static analysis and co-evolution (joint w Landman, Vinju, Muske; Businge).

Ciências
1 de 67
Baixar para ler offline
My life as a cyborg Alexander Serebrenik Eindhoven University of Technology The Netherlands
Social aspects of software development
Story 1: Women, men and software Bastiaan Heemskerck, Men and women, some carrying baskets, ca. 1700, KMSKB, Brussel
Bogdan Vasilescu, Daryl Posnett, Baishakhi Ray, Mark G. J. van den Brand, Alexander Serebrenik, Premkumar T. Devanbu, Vladimir Filkov: Gender and Tenure Diversity in GitHub Teams. CHI 2015: 3789-3798
Bogdan Vasilescu, Vladimir Filkov, Alexander Serebrenik: Perceptions of Diversity on Git Hub: A User Survey. CHASE@ICSE 2015: 50-56
Parastou Tourani, Bram Adams, Alexander Serebrenik: Code of Conduct in Open Source Projects. SANER 2017, pp. 24-33.
Story 2: How do they communicate? Jos Manders. Communication. ca. 1965. SMAK - Stedelijk Museum voor Actuele Kunst. Ghent
Bogdan Vasilescu, Alexander Serebrenik, Premkumar T. Devanbu, Vladimir Filkov: How social Q&A sites are changing knowledge sharing in open source software communities. CSCW 2014: 342-354 Bin Lin, Alexey Zagalsky, Margaret-Anne D. Storey, Alexander Serebrenik: Why Developers Are Slacking Off: Understanding How Software Teams Use Slack. CSCW Companion 2016: 333-336
Nicole Novielli, Fabio Calefato, Filippo Lanubile: The challenges of sentiment detection in the social programmer ecosystem. SSE@SIGSOFT FSE 2015: 33-40 Robbert Jongeling, Proshanta Sarkar, Subhajit Datta, Alexander Serebrenik. On Negative Results when using Sentiment Analysis Tools for Software Engineering Research. Empirical Software Engineering (accepted)
Daviti Gachechiladze, Filippo Lanubile, Nicole Novielli, Alexander Serebrenik. Anger and Its Direction in Collaborative Software Development 39th International Conference on Software Engineering, New Ideas and Emerging Results 2017
Technical aspects of software development
weight movement
weight movement bugs evolution
weight bugs Program Here the magic happens Bugs
weight bugs Source code Static magic Bugs Exec files Dynamic magic Bugs
Static analysis (compile time) Dynamic analysis (runtime analysis) All possible behaviours Behaviours observed during the execution: • Results are incomplete • Generalisation is a problem Inherently imprecise. • Precision requires complex abstractions & postprocessing Precise Correctness guaranteed (under reasonable (?) assumptions) Correctness guaranteed for the behaviours observed Slow Fast Applicable to incomplete programs
Static analysis (compile time) Dynamic analysis (runtime analysis) All possible behaviours Behaviours observed during the execution: • Results are incomplete • Generalisation is a problem Inherently imprecise. • Precision requires complex abstractions & postprocessing Precise Correctness guaranteed (under reasonable (?) assumptions) Correctness guaranteed for the behaviours observed Slow Fast Applicable to incomplete programs
Source code Static analysis Predicted Bugs Real Bugs Oracle Are they the same?
Source code Static analysis Predicted Bugs Real Bugs Oracle Are they the same? completeness soundness
Source code Static analysis Predicted Bugs Real Bugs Oracle completeness soundness (Manual) postprocessing
<…> in practice, soundness is commonly eschewed: we are not aware of a single realistic whole-program analysis tool <…> that does not purposely make unsound choices. Similarly, virtually all published whole- program analyses are unsound and omit conservative handling of common language features when applied to real programming languages. Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, Dimitrios Vardoulakis: In defense of soundiness: a manifesto. Commun. ACM 58(2): 44-46 (2015)
Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, Dimitrios Vardoulakis: In defense of soundiness: a manifesto. Commun. ACM 58(2): 44-46 (2015) Language Example of commonly ignored features Consequences of not modelling these features C/C++ setjmp/longjmp ignored ignores arbitrary side-effects to the heap effects of pointer arithmetic “manufactured” pointers Java reflection can render much of the codebase invisible for analysis JNI “invisible” code may create invisible side-effects in programs Javascript eval, dynamic code loading missing execution data flow through the DOM missing dataflow in programs
Source code Static analysis Predicted Bugs Real Bugs Oracle completeness soundness (Manual) postprocessing soundy assumptions
Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, Dimitrios Vardoulakis: In defense of soundiness: a manifesto. Commun. ACM 58(2): 44-46 (2015) Language Example of commonly ignored features Consequences of not modelling these features C/C++ setjmp/longjmp ignored ignores arbitrary side-effects to the heap effects of pointer arithmetic “manufactured” pointers Java reflection can render much of the codebase invisible for analysis JNI “invisible” code may create invisible side-effects in programs Javascript eval, dynamic code loading missing execution data flow through the DOM missing dataflow in programs
SWAT - Software Analysis And Transformation Davy Landman, Alexander Serebrenik, Jurgen J. Vinju: Challenges for static analysis of Java reflection: literature review and empirical study. ICSE 2017: 507-518. Distinguished paper award.
SWAT - SoftWare Analysis And Transformation Empirical evidence • Complex reflection is everywhere in Java • 462 Java projects in a representative and clean corpus • 78% of Java projects have hard reflective code • Known limitations have significant impact (4% - 54%) • Existing soundy assumptions validated, more assumptions motivated Actionable results • Researchers: high impact suggestions • Practisioners: adapt code for robustness Answers to research questions 1.What is Java reflection? 2.How often is Java reflection used, and how? 3.What do static analysis tools do to resolve reflection? 4.What are limitations of static analysis tools? 5.How often does real Java code challenge limitations of static analysis?
SWAT - SoftWare Analysis And Transformation Q1: What is Java reflection?
SWAT - SoftWare Analysis And Transformation Q1: What is Java reflection? “Hard” “Easy”
SWAT - SoftWare Analysis And Transformation
SWAT - SoftWare Analysis And Transformation Q2: How often is reflection used? • Corpus of 461 (cleaned) Java projects • Maximize representativeness [55] • Clean [clone detection] • Parse & resolve [Rascal, Eclipse JDT] • Categorize [see Q1]
SWAT - SoftWare Analysis And Transformation of projects using reflection
SWAT - SoftWare Analysis And Transformation Q3: What do analysis tools do? • Extended structured literature review • 4K pdf’s • Semi-automatic full text analysis • Filtering from 4k via 514 and 50 to 33 pdf’s • Annotating • Categorizing
October 2015: 4K
October 2015: 4K pdf2text 36 documents fail
October 2015: 4K pdf2text 36 documents fail 478 documents match at least one rule 514 = 478 + 36 documents to be read
514 documents Not relevant: • not about Java • not about static analysis • reflection is only recognised as a limitation • reflection is handled with an external tool • … 50 documents • thesis conference paper • conference paper journal article • no publication remove 39 documents • Read + check citations • 4 new papers missing from 4K • 10 irrelevant 33 documents
SWAT - SoftWare Analysis And Transformation
SWAT - SoftWare Analysis And Transformation
SWAT - SoftWare Analysis And Transformation • Collect and categorize analysis papers self-reported: • Optimistic ‘soundy’ assumptions about code • Known limitations of the algorithms • What is their damage in the corpus? • Method: • Recognize and count counter examples • Applying AST patterns to the entire corpus • Rascal metaprogramming language Q4: What are the limitations? and Q5: how do these relate to real code?
SWAT - SoftWare Analysis And Transformation
SWAT - SoftWare Analysis And Transformation Advice for software engineers; make your code more robust now 1.Do not factor reflection into type polymorphic methods 2.Never use dynamic proxies 3.Use local variables/fields for meta object storage 4.Avoid loops over collections of meta objects 5.Test for preconditions instead of waiting for exceptions Suggestions for static analysis researchers and Java language designers 1.Reflection API improvements to restrict arbitrary interactions (i.e. using lambdas) 2.Infer information from downcasts more aggressively 3.Make soundy assumptions about dynamic proxies: the “oblivious wrapper proxy” 4.Model common “goto patterns” with exceptions around reflection 5.Soundily assume boundedness and unorderedness of meta object collections 6.Apply dynamic language analysis techniques to methods which have reflection
SWAT - Software Analysis And Transformation This work has been supported by the NWO TOPGO grant #612.001.011 “Domain-Specific Languages: A Big Future for Small Programs” @jurgenvinju@davylandman @aserebrenik Please use these artefacts for yourselves, or contact us for discussion about: - the new soundy assumptions are a prioritized work list (*) - the corpus is a way to validate relevance for new ideas in static analysis [3] - tell us why we were wrong (replicate it) [63] To the anonymous reviewers and to the members of IFIP WG 2.4 Software Implementation Technology, including Anders Møller, …
Rascal: parsing and analysis technology Tools: for literature reviews and corpus analysis Data: corpus
Source code Static analysis Predicted Bugs Real Bugs Oracle completeness soundness (Manual) postprocessing soundy assumptions
Source code Static analysis Predicted Bugs Real Bugs Oracle completeness soundness (Manual) postprocessing soundy assumptions Bad news: 1 true: 50 false alarms J. Kamperman, “Automated software inspection: A new approach to increased software quality and productivity,” Reasoning Inc., White paper, 2002
What are possible approaches for handling the static analysis alarms? J. Kamperman, “Automated software inspection: A new approach to increased software quality and productivity,” Reasoning Inc., White paper, 2002
84 = 7 x 4 x 3 different search strings. 150 top results (total 12600 papers) 49 relevant papers Tukaram Muske, Alexander Serebrenik: Survey of Approaches for Handling Static Analysis Alarms. SCAM 2016: 157-166
49 5800 studied cites cited by 30 relevant
Tukaram Muske, Alexander Serebrenik: Survey of Approaches for Handling Static Analysis Alarms. SCAM 2016: 157-166
Tukaram Muske, Alexander Serebrenik: Survey of Approaches for Handling Static Analysis Alarms. SCAM 2016: 157-166 guaranteed not to miss bugs (do not introduce false negatives)
weight bugs Static analysis often soundy practical consequences should be assessed result in many false alarms many techniques are available w shortcomings…
weight movement bugs evolution
11 releases: 1.0 - 3.7 Numerous Eclipse third-party plug-ins Will my plugin survive the next Eclipse release? movement evolution
Eclipse SDK 3rd party plugin API • documented • stable [in non- breaking releases] • use encouraged non-API • internal in the name • undocumented • unstable • use discouraged
Eclipse SDK 3rd party plugin 44% of 512 plugins use non- APIs (at least in one version) Plugins depending on non- APIs are larger and use more SDK functionality J. Businge, A. Serebrenik, M.G.J. van den Brand. Eclipse API usage: The Good and The Bad, SQM 2012,pages 54–62. J. Businge, A. Serebrenik, M.G.J. van den Brand: Analyzing the Eclipse API Usage: Putting the Developer in the Loop. CSMR 2013: 37-46
Eclipse SDK 3rd party plugin Main reason for compatibility breakage Especially: recent non-APIs J. Businge, A. Serebrenik, M.G.J. van den Brand: Survival of Eclipse third-party plug-ins. ICSM 2012: 368-377 J. Businge, A. Serebrenik, M.G.J. van den Brand: Compatibility Prediction of Eclipse Third-Party Plug-ins in New Eclipse Releases. SCAM 2012: 164-173
Eclipse SDK 3rd party plugin J. Businge, A. Serebrenik, M.G.J. van den Brand: Survival of Eclipse third-party plug-ins. ICSM 2012: 368-377 J. Businge, A. Serebrenik, M.G.J. van den Brand: Compatibility Prediction of Eclipse Third-Party Plug-ins in New Eclipse Releases. SCAM 2012: 164-173 Do not use recent non-APIs! Let them “stabilise”!
movement evolution API vs non-API let them “mature”
Titian Vecellio, Sisyphus 1548-49 Oil on canvas, 237 x 216 cm Museo del Prado, Madrid Wolfgang Mattheuer, Cocky Sisyphus 1973 Print, Private collection, Leipzig © Deutsche Fotothek

Recomendados

Do Bugs Reside in Complex Code?
Do Bugs Reside in Complex Code?Do Bugs Reside in Complex Code?
Do Bugs Reside in Complex Code?
CISPA Helmholtz Center for Information Security
 
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckHotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
Tao Xie
 
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Raffi Khatchadourian
 
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Raffi Khatchadourian
 
Software Analytics: Data Analytics for Software Engineering
Software Analytics: Data Analytics for Software EngineeringSoftware Analytics: Data Analytics for Software Engineering
Software Analytics: Data Analytics for Software Engineering
Tao Xie
 
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Sung Kim
 
DRONE: A Tool to Detect and Repair Directive Defects in Java APIs Documentation
DRONE: A Tool to Detect and Repair Directive Defects in Java APIs DocumentationDRONE: A Tool to Detect and Repair Directive Defects in Java APIs Documentation
DRONE: A Tool to Detect and Repair Directive Defects in Java APIs Documentation
Sebastiano Panichella
 
Software Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesSoftware Analytics - Achievements and Challenges
Software Analytics - Achievements and Challenges
Tao Xie
 

Recomendados

Do Bugs Reside in Complex Code?
Do Bugs Reside in Complex Code?Do Bugs Reside in Complex Code?
Do Bugs Reside in Complex Code?
CISPA Helmholtz Center for Information Security
 
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckHotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
Tao Xie
 
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Raffi Khatchadourian
 
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Raffi Khatchadourian
 
Software Analytics: Data Analytics for Software Engineering
Software Analytics: Data Analytics for Software EngineeringSoftware Analytics: Data Analytics for Software Engineering
Software Analytics: Data Analytics for Software Engineering
Tao Xie
 
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)
Sung Kim
 
DRONE: A Tool to Detect and Repair Directive Defects in Java APIs Documentation
DRONE: A Tool to Detect and Repair Directive Defects in Java APIs DocumentationDRONE: A Tool to Detect and Repair Directive Defects in Java APIs Documentation
DRONE: A Tool to Detect and Repair Directive Defects in Java APIs Documentation
Sebastiano Panichella
 
Software Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesSoftware Analytics - Achievements and Challenges
Software Analytics - Achievements and Challenges
Tao Xie
 
User Expectations in Mobile App Security
User Expectations in Mobile App SecurityUser Expectations in Mobile App Security
User Expectations in Mobile App Security
Tao Xie
 
Msr17a.ppt
Msr17a.pptMsr17a.ppt
Msr17a.ppt
Yann-Gaël Guéhéneuc
 
Transferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTransferring Software Testing Tools to Practice
Transferring Software Testing Tools to Practice
Tao Xie
 
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Theo Jungeblut
 
Software Analytics: Towards Software Mining that Matters
Software Analytics: Towards Software Mining that MattersSoftware Analytics: Towards Software Mining that Matters
Software Analytics: Towards Software Mining that Matters
Tao Xie
 
Put Your Hands in the Mud: What Technique, Why, and How
Put Your Hands in the Mud: What Technique, Why, and HowPut Your Hands in the Mud: What Technique, Why, and How
Put Your Hands in the Mud: What Technique, Why, and How
Massimiliano Di Penta
 
Opinion Mining for Software Engineering
Opinion Mining for Software EngineeringOpinion Mining for Software Engineering
Opinion Mining for Software Engineering
Alexander Serebrenik
 
Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)
CISPA Helmholtz Center for Information Security
 
Summarization Techniques for Code, Change, Testing and User Feedback
Summarization Techniques for Code, Change, Testing and User FeedbackSummarization Techniques for Code, Change, Testing and User Feedback
Summarization Techniques for Code, Change, Testing and User Feedback
Sebastiano Panichella
 
Professional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringProfessional Code of Ethics in Software Engineering
Professional Code of Ethics in Software Engineering
Lemi Orhan Ergin
 
Clean Code III - Software Craftsmanship
Clean Code III - Software CraftsmanshipClean Code III - Software Craftsmanship
Clean Code III - Software Craftsmanship
Theo Jungeblut
 
Software Mining and Software Datasets
Software Mining and Software DatasetsSoftware Mining and Software Datasets
Software Mining and Software Datasets
Tao Xie
 
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Preetha Chatterjee
 
Who Should Review My Code?
Who Should Review My Code? Who Should Review My Code?
Who Should Review My Code?
The University of Adelaide
 
Development Emails Content Analyzer: Intention Mining in Developer Discussions
Development Emails Content Analyzer: Intention Mining in Developer DiscussionsDevelopment Emails Content Analyzer: Intention Mining in Developer Discussions
Development Emails Content Analyzer: Intention Mining in Developer Discussions
Sebastiano Panichella
 
Investigating Code Review Practices in Defective Files
Investigating Code Review Practices in Defective FilesInvestigating Code Review Practices in Defective Files
Investigating Code Review Practices in Defective Files
The University of Adelaide
 
About Dewey Hong
About Dewey HongAbout Dewey Hong
About Dewey Hong
Dewey Hong
 
Using HPC Resources to Exploit Big Data for Code Review Analytics
Using HPC Resources to Exploit Big Data for Code Review AnalyticsUsing HPC Resources to Exploit Big Data for Code Review Analytics
Using HPC Resources to Exploit Big Data for Code Review Analytics
The University of Adelaide
 
Runtime Behavior of JavaScript Programs
Runtime Behavior of JavaScript ProgramsRuntime Behavior of JavaScript Programs
Runtime Behavior of JavaScript Programs
IRJET Journal
 
Revisiting Code Ownership and Its Relationship with Software Quality in the S...
Revisiting Code Ownership and Its Relationship with Software Quality in the S...Revisiting Code Ownership and Its Relationship with Software Quality in the S...
Revisiting Code Ownership and Its Relationship with Software Quality in the S...
The University of Adelaide
 
Software Analytics: Data Analytics for Software Engineering and Security
Software Analytics: Data Analytics for Software Engineering and SecuritySoftware Analytics: Data Analytics for Software Engineering and Security
Software Analytics: Data Analytics for Software Engineering and Security
Tao Xie
 
Keynote at-icpc-2020
Keynote at-icpc-2020Keynote at-icpc-2020
Keynote at-icpc-2020
Ralf Laemmel
 

Mais conteúdo relacionado

Mais procurados

Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Theo Jungeblut
 
Opinion Mining for Software Engineering
Opinion Mining for Software EngineeringOpinion Mining for Software Engineering
Opinion Mining for Software Engineering
Alexander Serebrenik
 
Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)
CISPA Helmholtz Center for Information Security
 
Professional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringProfessional Code of Ethics in Software Engineering
Professional Code of Ethics in Software Engineering
Lemi Orhan Ergin
 
Clean Code III - Software Craftsmanship
Clean Code III - Software CraftsmanshipClean Code III - Software Craftsmanship
Clean Code III - Software Craftsmanship
Theo Jungeblut
 
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Preetha Chatterjee
 
Development Emails Content Analyzer: Intention Mining in Developer Discussions
Development Emails Content Analyzer: Intention Mining in Developer DiscussionsDevelopment Emails Content Analyzer: Intention Mining in Developer Discussions
Development Emails Content Analyzer: Intention Mining in Developer Discussions
Sebastiano Panichella
 
Investigating Code Review Practices in Defective Files
Investigating Code Review Practices in Defective FilesInvestigating Code Review Practices in Defective Files
Investigating Code Review Practices in Defective Files
The University of Adelaide
 
Using HPC Resources to Exploit Big Data for Code Review Analytics
Using HPC Resources to Exploit Big Data for Code Review AnalyticsUsing HPC Resources to Exploit Big Data for Code Review Analytics
Using HPC Resources to Exploit Big Data for Code Review Analytics
The University of Adelaide
 
Revisiting Code Ownership and Its Relationship with Software Quality in the S...
Revisiting Code Ownership and Its Relationship with Software Quality in the S...Revisiting Code Ownership and Its Relationship with Software Quality in the S...
Revisiting Code Ownership and Its Relationship with Software Quality in the S...
The University of Adelaide
 

Mais procurados (20)

User Expectations in Mobile App Security
User Expectations in Mobile App SecurityUser Expectations in Mobile App Security
User Expectations in Mobile App Security
 
Msr17a.ppt
Msr17a.pptMsr17a.ppt
Msr17a.ppt
 
Transferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTransferring Software Testing Tools to Practice
Transferring Software Testing Tools to Practice
 
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
Clean Code I - Design Patterns and Best Practices at SoCal Code Camp San Dieg...
 
Software Analytics: Towards Software Mining that Matters
Software Analytics: Towards Software Mining that MattersSoftware Analytics: Towards Software Mining that Matters
Software Analytics: Towards Software Mining that Matters
 
Put Your Hands in the Mud: What Technique, Why, and How
Put Your Hands in the Mud: What Technique, Why, and HowPut Your Hands in the Mud: What Technique, Why, and How
Put Your Hands in the Mud: What Technique, Why, and How
 
Opinion Mining for Software Engineering
Opinion Mining for Software EngineeringOpinion Mining for Software Engineering
Opinion Mining for Software Engineering
 
Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)
 
Summarization Techniques for Code, Change, Testing and User Feedback
Summarization Techniques for Code, Change, Testing and User FeedbackSummarization Techniques for Code, Change, Testing and User Feedback
Summarization Techniques for Code, Change, Testing and User Feedback
 
Professional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringProfessional Code of Ethics in Software Engineering
Professional Code of Ethics in Software Engineering
 
Clean Code III - Software Craftsmanship
Clean Code III - Software CraftsmanshipClean Code III - Software Craftsmanship
Clean Code III - Software Craftsmanship
 
Software Mining and Software Datasets
Software Mining and Software DatasetsSoftware Mining and Software Datasets
Software Mining and Software Datasets
 
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
Exploratory Study of Slack Q&A Chats as a Mining Source for Software Engineer...
 
Who Should Review My Code?
Who Should Review My Code? Who Should Review My Code?
Who Should Review My Code?
 
Development Emails Content Analyzer: Intention Mining in Developer Discussions
Development Emails Content Analyzer: Intention Mining in Developer DiscussionsDevelopment Emails Content Analyzer: Intention Mining in Developer Discussions
Development Emails Content Analyzer: Intention Mining in Developer Discussions
 
Investigating Code Review Practices in Defective Files
Investigating Code Review Practices in Defective FilesInvestigating Code Review Practices in Defective Files
Investigating Code Review Practices in Defective Files
 
About Dewey Hong
About Dewey HongAbout Dewey Hong
About Dewey Hong
 
Using HPC Resources to Exploit Big Data for Code Review Analytics
Using HPC Resources to Exploit Big Data for Code Review AnalyticsUsing HPC Resources to Exploit Big Data for Code Review Analytics
Using HPC Resources to Exploit Big Data for Code Review Analytics
 
Runtime Behavior of JavaScript Programs
Runtime Behavior of JavaScript ProgramsRuntime Behavior of JavaScript Programs
Runtime Behavior of JavaScript Programs
 
Revisiting Code Ownership and Its Relationship with Software Quality in the S...
Revisiting Code Ownership and Its Relationship with Software Quality in the S...Revisiting Code Ownership and Its Relationship with Software Quality in the S...
Revisiting Code Ownership and Its Relationship with Software Quality in the S...
 

Semelhante a My life as a cyborg

Threat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 Presentation
Threat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 PresentationThreat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 Presentation
Threat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 Presentation
Abhay Bhargav
 
Enhancing Developer Productivity with Code Forensics
Enhancing Developer Productivity with Code ForensicsEnhancing Developer Productivity with Code Forensics
Enhancing Developer Productivity with Code Forensics
TechWell
 
The Semantic Knowledge Graph
The Semantic Knowledge GraphThe Semantic Knowledge Graph
The Semantic Knowledge Graph
Trey Grainger
 
The Final Frontier
The Final FrontierThe Final Frontier
The Final Frontier
jClarity
 

Semelhante a My life as a cyborg (20)

Software Analytics: Data Analytics for Software Engineering and Security
Software Analytics: Data Analytics for Software Engineering and SecuritySoftware Analytics: Data Analytics for Software Engineering and Security
Software Analytics: Data Analytics for Software Engineering and Security
 
Keynote at-icpc-2020
Keynote at-icpc-2020Keynote at-icpc-2020
Keynote at-icpc-2020
 
SCA in an Agile World | June 2010
SCA in an Agile World | June 2010SCA in an Agile World | June 2010
SCA in an Agile World | June 2010
 
Agile and Agile methods: what is the most important to understand to succeed
Agile and Agile methods: what is the most important to understand to succeedAgile and Agile methods: what is the most important to understand to succeed
Agile and Agile methods: what is the most important to understand to succeed
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
Reaktive Programmierung mit den Reactive Extensions (Rx)
Reaktive Programmierung mit den Reactive Extensions (Rx)Reaktive Programmierung mit den Reactive Extensions (Rx)
Reaktive Programmierung mit den Reactive Extensions (Rx)
 
Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)
 
Raising the Bar
Raising the BarRaising the Bar
Raising the Bar
 
Threat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 Presentation
Threat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 PresentationThreat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 Presentation
Threat-Modeling-as-Code: ThreatPlaybook AppSecUSA 2018 Presentation
 
第1回バイオインフォマティクスデータ可視化セミナー@Riken
第1回バイオインフォマティクスデータ可視化セミナー@Riken第1回バイオインフォマティクスデータ可視化セミナー@Riken
第1回バイオインフォマティクスデータ可視化セミナー@Riken
 
SCAM 2012 Keynote Slides on Cooperative Testing and Analysis by Tao Xie
SCAM 2012 Keynote Slides on Cooperative Testing and Analysis by Tao XieSCAM 2012 Keynote Slides on Cooperative Testing and Analysis by Tao Xie
SCAM 2012 Keynote Slides on Cooperative Testing and Analysis by Tao Xie
 
Enhancing Developer Productivity with Code Forensics
Enhancing Developer Productivity with Code ForensicsEnhancing Developer Productivity with Code Forensics
Enhancing Developer Productivity with Code Forensics
 
Visualization for Software Analytics
Visualization for Software AnalyticsVisualization for Software Analytics
Visualization for Software Analytics
 
The Semantic Knowledge Graph
The Semantic Knowledge GraphThe Semantic Knowledge Graph
The Semantic Knowledge Graph
 
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - TrivadisTechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
TechEvent 2019: Artificial Intelligence in Dev & Ops; Martin Luckow - Trivadis
 
Walter api
Walter apiWalter api
Walter api
 
The Hacking Games - Operation System Vulnerabilities Meetup 29112022
The Hacking Games - Operation System Vulnerabilities Meetup 29112022The Hacking Games - Operation System Vulnerabilities Meetup 29112022
The Hacking Games - Operation System Vulnerabilities Meetup 29112022
 
Measuring Your Code
Measuring Your CodeMeasuring Your Code
Measuring Your Code
 
Konstantin Knizhnik: static analysis, a view from aside
Konstantin Knizhnik: static analysis, a view from asideKonstantin Knizhnik: static analysis, a view from aside
Konstantin Knizhnik: static analysis, a view from aside
 
The Final Frontier
The Final FrontierThe Final Frontier
The Final Frontier
 

Mais de Alexander Serebrenik

Towards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBotTowards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBot
Alexander Serebrenik
 
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
Alexander Serebrenik
 
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
Alexander Serebrenik
 
Emotion Analysis in Software Ecosystems
Emotion Analysis in Software EcosystemsEmotion Analysis in Software Ecosystems
Emotion Analysis in Software Ecosystems
Alexander Serebrenik
 
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Alexander Serebrenik
 
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis AlarmsAn Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
Alexander Serebrenik
 
Classification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis AlarmsClassification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis Alarms
Alexander Serebrenik
 
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The NetherlandsWhat Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
Alexander Serebrenik
 
Gender and Community Smells
Gender and Community SmellsGender and Community Smells
Gender and Community Smells
Alexander Serebrenik
 

Mais de Alexander Serebrenik (20)

Software development is a human activity: understanding software requires und...
Software development is a human activity: understanding software requires und...Software development is a human activity: understanding software requires und...
Software development is a human activity: understanding software requires und...
 
Towards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBotTowards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBot
 
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
 
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
 
Emotion Analysis in Software Ecosystems
Emotion Analysis in Software EcosystemsEmotion Analysis in Software Ecosystems
Emotion Analysis in Software Ecosystems
 
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
 
Gender and Age in Software Engineering
Gender and Age in Software EngineeringGender and Age in Software Engineering
Gender and Age in Software Engineering
 
Alexander - intro
Alexander - introAlexander - intro
Alexander - intro
 
Diversity and inclusion in a CS classroom
Diversity and inclusion in a CS classroomDiversity and inclusion in a CS classroom
Diversity and inclusion in a CS classroom
 
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis AlarmsAn Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
 
Classification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis AlarmsClassification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis Alarms
 
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The NetherlandsWhat Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
 
Gender and Community Smells
Gender and Community SmellsGender and Community Smells
Gender and Community Smells
 
Bias in MSR Research
Bias in MSR ResearchBias in MSR Research
Bias in MSR Research
 
From team organisation to software quality
From team organisation to software qualityFrom team organisation to software quality
From team organisation to software quality
 
Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...
Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...
Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...
 
My research story (presentation at ICSE 2021 New Faculty Symposium)
My research story (presentation at ICSE 2021 New Faculty Symposium)My research story (presentation at ICSE 2021 New Faculty Symposium)
My research story (presentation at ICSE 2021 New Faculty Symposium)
 
Removing Self Admitted Technical Debt
Removing Self Admitted Technical DebtRemoving Self Admitted Technical Debt
Removing Self Admitted Technical Debt
 
Gender Diversity and Inclusion and Software Engineering
Gender Diversity and Inclusion and Software EngineeringGender Diversity and Inclusion and Software Engineering
Gender Diversity and Inclusion and Software Engineering
 
Identifying Developers’ Gender: State of the Art
Identifying Developers’ Gender: State of the ArtIdentifying Developers’ Gender: State of the Art
Identifying Developers’ Gender: State of the Art
 

Último

Disentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOSTDisentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOST
Sérgio Sacani
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Sérgio Sacani
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Lokesh Kothari
 
Animal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxAnimal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptx
UmerFayaz5
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
RohitNehra6
 
Seismic Method Estimate velocity from seismic data.pptx
Seismic Method Estimate velocity from seismic data.pptxSeismic Method Estimate velocity from seismic data.pptx
Seismic Method Estimate velocity from seismic data.pptx
AlMamun560346
 
Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdf
Sumit Kumar yadav
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disks
Sérgio Sacani
 
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
Sérgio Sacani
 
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune WaterworldsBiogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Sérgio Sacani
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Sérgio Sacani
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
PirithiRaju
 
Bacterial Identification and Classifications
Bacterial Identification and ClassificationsBacterial Identification and Classifications
Bacterial Identification and Classifications
Areesha Ahmad
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
Sérgio Sacani
 

Último (20)

Disentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOSTDisentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOST
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
 
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
Labelling Requirements and Label Claims for Dietary Supplements and Recommend...
 
Animal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxAnimal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptx
 
Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )Recombination DNA Technology (Nucleic Acid Hybridization )
Recombination DNA Technology (Nucleic Acid Hybridization )
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
 
Botany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questionsBotany krishna series 2nd semester Only Mcq type questions
Botany krishna series 2nd semester Only Mcq type questions
 
Seismic Method Estimate velocity from seismic data.pptx
Seismic Method Estimate velocity from seismic data.pptxSeismic Method Estimate velocity from seismic data.pptx
Seismic Method Estimate velocity from seismic data.pptx
 
Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdf
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disks
 
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
 
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune WaterworldsBiogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
Discovery of an Accretion Streamer and a Slow Wide-angle Outflow around FUOri...
 
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdfPests of cotton_Sucking_Pests_Dr.UPR.pdf
Pests of cotton_Sucking_Pests_Dr.UPR.pdf
 
Bacterial Identification and Classifications
Bacterial Identification and ClassificationsBacterial Identification and Classifications
Bacterial Identification and Classifications
 
Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​Nanoparticles synthesis and characterization​ ​
Nanoparticles synthesis and characterization​ ​
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
 
GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)
 

My life as a cyborg

  • 1. My life as a cyborg Alexander Serebrenik Eindhoven University of Technology The Netherlands
  • 2.
  • 4.
  • 5.
  • 6. Story 1: Women, men and software Bastiaan Heemskerck, Men and women, some carrying baskets, ca. 1700, KMSKB, Brussel
  • 7. Bogdan Vasilescu, Daryl Posnett, Baishakhi Ray, Mark G. J. van den Brand, Alexander Serebrenik, Premkumar T. Devanbu, Vladimir Filkov: Gender and Tenure Diversity in GitHub Teams. CHI 2015: 3789-3798
  • 8. Bogdan Vasilescu, Vladimir Filkov, Alexander Serebrenik: Perceptions of Diversity on Git Hub: A User Survey. CHASE@ICSE 2015: 50-56
  • 9. Parastou Tourani, Bram Adams, Alexander Serebrenik: Code of Conduct in Open Source Projects. SANER 2017, pp. 24-33.
  • 10. Story 2: How do they communicate? Jos Manders. Communication. ca. 1965. SMAK - Stedelijk Museum voor Actuele Kunst. Ghent
  • 11. Bogdan Vasilescu, Alexander Serebrenik, Premkumar T. Devanbu, Vladimir Filkov: How social Q&A sites are changing knowledge sharing in open source software communities. CSCW 2014: 342-354 Bin Lin, Alexey Zagalsky, Margaret-Anne D. Storey, Alexander Serebrenik: Why Developers Are Slacking Off: Understanding How Software Teams Use Slack. CSCW Companion 2016: 333-336
  • 12. Nicole Novielli, Fabio Calefato, Filippo Lanubile: The challenges of sentiment detection in the social programmer ecosystem. SSE@SIGSOFT FSE 2015: 33-40 Robbert Jongeling, Proshanta Sarkar, Subhajit Datta, Alexander Serebrenik. On Negative Results when using Sentiment Analysis Tools for Software Engineering Research. Empirical Software Engineering (accepted)
  • 13. Daviti Gachechiladze, Filippo Lanubile, Nicole Novielli, Alexander Serebrenik. Anger and Its Direction in Collaborative Software Development 39th International Conference on Software Engineering, New Ideas and Emerging Results 2017
  • 15.
  • 16.
  • 21. Static analysis (compile time) Dynamic analysis (runtime analysis) All possible behaviours Behaviours observed during the execution: • Results are incomplete • Generalisation is a problem Inherently imprecise. • Precision requires complex abstractions & postprocessing Precise Correctness guaranteed (under reasonable (?) assumptions) Correctness guaranteed for the behaviours observed Slow Fast Applicable to incomplete programs
  • 22. Static analysis (compile time) Dynamic analysis (runtime analysis) All possible behaviours Behaviours observed during the execution: • Results are incomplete • Generalisation is a problem Inherently imprecise. • Precision requires complex abstractions & postprocessing Precise Correctness guaranteed (under reasonable (?) assumptions) Correctness guaranteed for the behaviours observed Slow Fast Applicable to incomplete programs
  • 25.
  • 27. <…> in practice, soundness is commonly eschewed: we are not aware of a single realistic whole-program analysis tool <…> that does not purposely make unsound choices. Similarly, virtually all published whole- program analyses are unsound and omit conservative handling of common language features when applied to real programming languages. Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, Dimitrios Vardoulakis: In defense of soundiness: a manifesto. Commun. ACM 58(2): 44-46 (2015)
  • 28. Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, Dimitrios Vardoulakis: In defense of soundiness: a manifesto. Commun. ACM 58(2): 44-46 (2015) Language Example of commonly ignored features Consequences of not modelling these features C/C++ setjmp/longjmp ignored ignores arbitrary side-effects to the heap effects of pointer arithmetic “manufactured” pointers Java reflection can render much of the codebase invisible for analysis JNI “invisible” code may create invisible side-effects in programs Javascript eval, dynamic code loading missing execution data flow through the DOM missing dataflow in programs
  • 30. Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, Dimitrios Vardoulakis: In defense of soundiness: a manifesto. Commun. ACM 58(2): 44-46 (2015) Language Example of commonly ignored features Consequences of not modelling these features C/C++ setjmp/longjmp ignored ignores arbitrary side-effects to the heap effects of pointer arithmetic “manufactured” pointers Java reflection can render much of the codebase invisible for analysis JNI “invisible” code may create invisible side-effects in programs Javascript eval, dynamic code loading missing execution data flow through the DOM missing dataflow in programs
  • 31. SWAT - Software Analysis And Transformation Davy Landman, Alexander Serebrenik, Jurgen J. Vinju: Challenges for static analysis of Java reflection: literature review and empirical study. ICSE 2017: 507-518. Distinguished paper award.
  • 32. SWAT - SoftWare Analysis And Transformation Empirical evidence • Complex reflection is everywhere in Java • 462 Java projects in a representative and clean corpus • 78% of Java projects have hard reflective code • Known limitations have significant impact (4% - 54%) • Existing soundy assumptions validated, more assumptions motivated Actionable results • Researchers: high impact suggestions • Practisioners: adapt code for robustness Answers to research questions 1.What is Java reflection? 2.How often is Java reflection used, and how? 3.What do static analysis tools do to resolve reflection? 4.What are limitations of static analysis tools? 5.How often does real Java code challenge limitations of static analysis?
  • 33. SWAT - SoftWare Analysis And Transformation Q1: What is Java reflection?
  • 34. SWAT - SoftWare Analysis And Transformation Q1: What is Java reflection? “Hard” “Easy”
  • 35.
  • 36. SWAT - SoftWare Analysis And Transformation
  • 37. SWAT - SoftWare Analysis And Transformation Q2: How often is reflection used? • Corpus of 461 (cleaned) Java projects • Maximize representativeness [55] • Clean [clone detection] • Parse & resolve [Rascal, Eclipse JDT] • Categorize [see Q1]
  • 38. SWAT - SoftWare Analysis And Transformation of projects using reflection
  • 39. SWAT - SoftWare Analysis And Transformation Q3: What do analysis tools do? • Extended structured literature review • 4K pdf’s • Semi-automatic full text analysis • Filtering from 4k via 514 and 50 to 33 pdf’s • Annotating • Categorizing
  • 41. October 2015: 4K pdf2text 36 documents fail
  • 42. October 2015: 4K pdf2text 36 documents fail 478 documents match at least one rule 514 = 478 + 36 documents to be read
  • 43. 514 documents Not relevant: • not about Java • not about static analysis • reflection is only recognised as a limitation • reflection is handled with an external tool • … 50 documents • thesis conference paper • conference paper journal article • no publication remove 39 documents • Read + check citations • 4 new papers missing from 4K • 10 irrelevant 33 documents
  • 44. SWAT - SoftWare Analysis And Transformation
  • 45. SWAT - SoftWare Analysis And Transformation
  • 46. SWAT - SoftWare Analysis And Transformation • Collect and categorize analysis papers self-reported: • Optimistic ‘soundy’ assumptions about code • Known limitations of the algorithms • What is their damage in the corpus? • Method: • Recognize and count counter examples • Applying AST patterns to the entire corpus • Rascal metaprogramming language Q4: What are the limitations? and Q5: how do these relate to real code?
  • 47. SWAT - SoftWare Analysis And Transformation
  • 48. SWAT - SoftWare Analysis And Transformation Advice for software engineers; make your code more robust now 1.Do not factor reflection into type polymorphic methods 2.Never use dynamic proxies 3.Use local variables/fields for meta object storage 4.Avoid loops over collections of meta objects 5.Test for preconditions instead of waiting for exceptions Suggestions for static analysis researchers and Java language designers 1.Reflection API improvements to restrict arbitrary interactions (i.e. using lambdas) 2.Infer information from downcasts more aggressively 3.Make soundy assumptions about dynamic proxies: the “oblivious wrapper proxy” 4.Model common “goto patterns” with exceptions around reflection 5.Soundily assume boundedness and unorderedness of meta object collections 6.Apply dynamic language analysis techniques to methods which have reflection
  • 49. SWAT - Software Analysis And Transformation This work has been supported by the NWO TOPGO grant #612.001.011 “Domain-Specific Languages: A Big Future for Small Programs” @jurgenvinju@davylandman @aserebrenik Please use these artefacts for yourselves, or contact us for discussion about: - the new soundy assumptions are a prioritized work list (*) - the corpus is a way to validate relevance for new ideas in static analysis [3] - tell us why we were wrong (replicate it) [63] To the anonymous reviewers and to the members of IFIP WG 2.4 Software Implementation Technology, including Anders Møller, …
  • 50. Rascal: parsing and analysis technology Tools: for literature reviews and corpus analysis Data: corpus
  • 52. Source code Static analysis Predicted Bugs Real Bugs Oracle completeness soundness (Manual) postprocessing soundy assumptions Bad news: 1 true: 50 false alarms J. Kamperman, “Automated software inspection: A new approach to increased software quality and productivity,” Reasoning Inc., White paper, 2002
  • 53. What are possible approaches for handling the static analysis alarms? J. Kamperman, “Automated software inspection: A new approach to increased software quality and productivity,” Reasoning Inc., White paper, 2002
  • 54. 84 = 7 x 4 x 3 different search strings. 150 top results (total 12600 papers) 49 relevant papers Tukaram Muske, Alexander Serebrenik: Survey of Approaches for Handling Static Analysis Alarms. SCAM 2016: 157-166
  • 56. Tukaram Muske, Alexander Serebrenik: Survey of Approaches for Handling Static Analysis Alarms. SCAM 2016: 157-166
  • 57.
  • 58. Tukaram Muske, Alexander Serebrenik: Survey of Approaches for Handling Static Analysis Alarms. SCAM 2016: 157-166 guaranteed not to miss bugs (do not introduce false negatives)
  • 59. weight bugs Static analysis often soundy practical consequences should be assessed result in many false alarms many techniques are available w shortcomings…
  • 61. 11 releases: 1.0 - 3.7 Numerous Eclipse third-party plug-ins Will my plugin survive the next Eclipse release? movement evolution
  • 62. Eclipse SDK 3rd party plugin API • documented • stable [in non- breaking releases] • use encouraged non-API • internal in the name • undocumented • unstable • use discouraged
  • 63. Eclipse SDK 3rd party plugin 44% of 512 plugins use non- APIs (at least in one version) Plugins depending on non- APIs are larger and use more SDK functionality J. Businge, A. Serebrenik, M.G.J. van den Brand. Eclipse API usage: The Good and The Bad, SQM 2012,pages 54–62. J. Businge, A. Serebrenik, M.G.J. van den Brand: Analyzing the Eclipse API Usage: Putting the Developer in the Loop. CSMR 2013: 37-46
  • 64. Eclipse SDK 3rd party plugin Main reason for compatibility breakage Especially: recent non-APIs J. Businge, A. Serebrenik, M.G.J. van den Brand: Survival of Eclipse third-party plug-ins. ICSM 2012: 368-377 J. Businge, A. Serebrenik, M.G.J. van den Brand: Compatibility Prediction of Eclipse Third-Party Plug-ins in New Eclipse Releases. SCAM 2012: 164-173
  • 65. Eclipse SDK 3rd party plugin J. Businge, A. Serebrenik, M.G.J. van den Brand: Survival of Eclipse third-party plug-ins. ICSM 2012: 368-377 J. Businge, A. Serebrenik, M.G.J. van den Brand: Compatibility Prediction of Eclipse Third-Party Plug-ins in New Eclipse Releases. SCAM 2012: 164-173 Do not use recent non-APIs! Let them “stabilise”!
  • 67. Titian Vecellio, Sisyphus 1548-49 Oil on canvas, 237 x 216 cm Museo del Prado, Madrid Wolfgang Mattheuer, Cocky Sisyphus 1973 Print, Private collection, Leipzig © Deutsche Fotothek