ICSME 2015
2015 IEEE 31st International Conference on Software Maintenance and Evolution (ICSME)
Powered by
Conference Publishing Consulting

2015 IEEE 31st International Conference on Software Maintenance and Evolution (ICSME), September 29 – October 1, 2015, Bremen, Germany

ICSME 2015 – Proceedings

Contents - Abstracts - Authors
Online Calendar - iCal File
Twitter: https://twitter.com/IEEEICSME

Industry Track

Industry Experience
Tue, Sep 29, 10:40 - 12:20, GW2 B2890 (Chair: Jochen Quante; David Shepherd)

An Empirical Study on the Handling of Crash Reports in a Large Software Company: An Experience Report
Abdou Maiga, Abdelwahab Hamou-Lhadj, Mathieu Nayrolles, Korosh Koochekian-Sabor, and Alf Larsson
(Concordia University, Canada; Ericsson, Sweden)
In this paper, we report on an empirical study we have conducted at Ericsson to understand the handling of crash reports (CRs). The study was performed on a dataset of CRs spanning over two years of activities on one of Ericsson’s largest systems (+4 Million LOC). CRs at Ericsson are divided into two types: Internal and External. Internal CRs are reported within the organization after the integration and system testing phase. External CRs are submitted by customers and caused mainly by field failures. We examine the proportion and severity of internal CRs and that of external CRs. A large number of external (and severe) CRs could indicate flaws in the testing phase. Failing to react quickly to external CRs, on the other hand, may expose Ericsson to fines and penalties due to the Working Level Agreements (WLA) that Ericsson has with its customers. Moreover, we contrast the time it takes to handle each type of CRs with the dual aim to understand the similarities and differences as well as the factors that impact the handling of each type of CRs. Our results show that (a) it takes more time to fix external CRs compared to internal CRs, (b) the severity attribute is used inconsistently through organizational units, (c) assignment time of internal CRs is less than that of external CRs, (d) More than 50% of CRs are not answered within the organization’s fixing time requirements defined in WLA.

How Developers Detect and Fix Performance Bottlenecks in Android Apps
Mario Linares-Vásquez, Christopher Vendome, Qi Luo, and Denys PoshyvanykORCID logo
(College of William and Mary, USA)
Performance of rapidly evolving mobile apps is one of the top concerns for users and developers nowadays. Despite the efforts of researchers and mobile API designers to provide developers with guidelines and best practices for improving the performance of mobile apps, performance bottlenecks are still a significant and frequent complaint that impacts the ratings and apps’ chances for success. However, little research has been done into understanding actual developers’ practices for detecting and fixing performance bottlenecks in mobile apps. In this paper, we present the results of an empirical study aimed at studying and understanding these practices by surveying 485 open source Android app and library developers, and manually analyzing performance bugs and fixes in their app repositories hosted on GitHub. The paper categorizes actual practices and tools used by real developers while dealing with performance issues. In general, our findings indicate that developers heavily rely on user reviews and manual execution of the apps for detecting performance bugs. While developers also use available tools to detect performance bottlenecks, these tools are mostly for profiling and do not help in detecting and fixing performance issues automatically

Info
Challenges for Maintenance of PLC-Software and Its Related Hardware for Automated Production Systems: Selected Industrial Case Studies
Birgit Vogel-Heuser, Juliane Fischer, Susanne Rösch, Stefan Feldmann, and Sebastian Ulewicz
(TU München, Germany)
The specific challenges for maintenance of software and its relat-ed hardware for the domain of automated Production Systems is discussed. Presenting four industrial case studies from renowned and world market leading German machine and plant manufac-turing companies, these challenges and different solution ap-proaches are introduced with a focus on software architectures to support modularity as a basis for maintaining long-living automated Production Systems. Additionally, most critical as-pects hindering classical approaches from software engineering to be successful, e.g., modes of operation and fault handling, are discussed. In the last decades, research in the field of software engineering for automated Production Systems (aPS) has been focusing on developing domain specific model-driven engineering approaches supporting the development process, but mostly neglecting the operation, maintenance and re-engineering as-pects. However, the success of model-driven engineering in aPS industry has been limited because the effort to introduce model-driven engineering and to change the entire existing legacy soft-ware is estimated as too high and the benefit as too low against the background of customer specific solutions expecting a low degree of reuse.

Code Smells in Spreadsheet Formulas Revisited on an Industrial Dataset
Bas Jansen and Felienne Hermans
(Delft University of Technology, Netherlands)
In previous work, code smells have been adapted to be applicable on spreadsheet formulas. The smell detection algorithm used in this earlier study was validated on a small dataset of industrial spreadsheets by interviewing the users of these spreadsheets and asking them about their opinion about the found smells. In this paper a more in depth validation of the algorithm is done by analyzing a set of spreadsheets of which users indicated whether or not they are smelly. This new dataset gives us the unique possibility to get more insight in how we can distinguish `bad' spreadsheets from `good' spreadsheets. We do that in two ways: For both the smelly and non smelly spreadsheets we 1) have calculated the metrics that detect the smells and 2) have calculated metrics with respect to size, level of coupling, and the use of functions. The results show that indeed the metrics for the smells decrease in spreadsheets that are not smelly. With respect to size we found to our surprise that the improved spreadsheets were not smaller, but bigger. With regard to coupling and the use of functions both datasets are similar. It indicates that it is difficult to use metrics with respect to size, degree of coupling or use of functions to draw conclusions on the complexity of a spreadsheet.

Info

Developer Studies
Tue, Sep 29, 13:50 - 15:30, GW2 B2890 (Chair: Jochen Quante; David Shepherd)

Web Usage Patterns of Developers
Christopher S. Corley, Federico Lois, and Sebastián Quezada
(ABB Corporate Research, USA; Corvalius, Argentina)
Developers often rely on the web-based tools for troubleshooting, collaboration, issue tracking, code reviewing, documentation viewing, and a myriad of other uses. Developers also use the web for non-development purposes, such as reading news or social media. In this paper we explore whether web usage is detriment to a developer's focus on work from a sample over 150 developers. Additionally, we investigate if highly-focused developers use the web differently than other developers. Our qualitative findings suggest highly-focused developers use the web differently, but we are unable to predict a developer's focused based on web usage alone. Further quantitative findings suggest that web usage does not have a negative impact on a developer's focus.

Identifying Wasted Effort in the Field via Developer Interaction Data
Gergő Balogh ORCID logo, Gábor Antal, Árpád BeszédesORCID logo, László Vidács, Tibor Gyimóthy, and Ádám Zoltán Végh
(University of Szeged, Hungary; AENSys Informatics, Hungary)
During software projects, several parts of the source code are usually re-written due to imperfect solutions before the code is released. This wasted effort is of central interest to the project management to assure on-time delivery. Although the amount of thrown-away code can be measured from version control systems, stakeholders are more interested in productivity dynamics that reflect the constant change in a software project. In this paper we present a field study of measuring the productivity of a medium-sized J2EE project. We propose a productivity analysis method where productivity is expressed through dynamic profiles -- the so-called Micro-Productivity Profiles (MPPs). They can be used to characterize various constituents of software projects such as components, phases and teams. We collected detailed traces of developers' actions using an Eclipse IDE plug-in for seven months of software development throughout two milestones. We present and evaluate profiles of two important axes of the development process: by milestone and by application layers. MPPs can be an aid to take project control actions and help in planning future projects. Based on the experiments, project stakeholders identified several points to improve the development process. It is also acknowledged, that profiles show additional information compared to a naive diff-based approach.

Is This Code Written in English? A Study of the Natural Language of Comments and Identifiers in Practice
Timo Pawelka and Elmar Juergens
(TU München, Germany; CQSE, Germany)
Comments and identifiers are the main source of documentation of source-code and are therefore an integral part of the development and the maintenance of a program. As English is the world language, most comments and identifiers are written in English. However, if they are in any other language, a developer without knowledge of this language will almost perceive the code to be undocumented or even obfuscated. In absence of industrial data, academia is not aware of the extent of the problem of non- English comments and identifiers in practice. In this paper, we propose an approach for the language identification of source- code comments and identifiers. With the approach, a large-scale study has been conducted of the natural language of source-code comments and identifiers, analyzing multiple open-source and industry systems. The results show that a significant amount of the industry projects contain comments and identifiers in more than one language, whereas none of the analyzed open-source systems has this problem.

Impact Assessment for Vulnerabilities in Open-Source Software Libraries
Henrik Plate, Serena Elisa Ponta, and Antonino Sabetta
(SAP Labs, France)
Software applications integrate more and more open-source software (OSS) to benefit from code reuse. As a drawback, each vulnerability discovered in bundled OSS may potentially affect the application that includes it. Upon the disclosure of every new vulnerability, the application vendor has to assess whether such vulnerability is exploitable in the particular usage context of the applications, and needs to determine whether customers require an urgent patch containing a non-vulnerable version of the OSS. Unfortunately, current decision making relies mostly on natural-language vulnerability descriptions and expert knowledge, and is therefore difficult, time-consuming, and error-prone. This paper proposes a novel approach to support the impact assessment based on the analysis of code changes introduced by security fixes. We describe our approach using an illustrative example and perform a comparison with both proprietary and open-source state-of-the-art solutions. Finally we report on our experience with a sample application and two industrial development projects.

Software Quality
Wed, Sep 30, 10:40 - 12:20, GW2 B2890 (Chair: Jochen Quante; David Shepherd)

Experiences from Performing Software Quality Evaluations via Combining Benchmark-Based Metrics Analysis, Software Visualization, and Expert Assessment
Aiko Yamashita
(Oslo and Akershus University College of Applied Sciences, Norway)
Software quality assessments are critical in organizations where the software has been produced by external vendors, or when the development and maintenance of a software product has been outsourced to external parties. These assessments are typically challenging because is not always possible to access the original developers (or sometimes is not even allowed), and in rare cases suppliers keep an account of the costs associated to code changes or defect fixes. In those situations, one is left with the artifacts (e.g., database, source code, and documentation) as the only sources of evidence for performing such evaluations. A major challenge is also to provide fact-based conclusions for supporting decision-making, instead of subjective interpretations based on expert assessments (an approach still very predominant in mainstream industrial practice). This paper describes an instance of a software quality evaluation process performed for an international logistics company, which combined: benchmark-based metrics threshold analysis, software visualization, and expert assessment. An interview was carried out afterwards with a member from the business division of the company, to assess the usefulness of the methodology and corresponding findings, and to explore avenues for future improvement.

Do Automatic Refactorings Improve Maintainability? An Industrial Case Study
Gábor Szőke, Csaba Nagy, Péter Hegedűs, Rudolf Ferenc, and Tibor Gyimóthy
(University of Szeged, Hungary)
Refactoring is often treated as the main remedy against the unavoidable code erosion happening during software evolution. Studies show that refactoring is indeed an elemental part of the developers' arsenal. However, empirical studies about the impact of refactorings on software maintainability still did not reach a consensus. Moreover, most of these empirical investigations are carried out on open-source projects where distinguishing refactoring operations from other development activities is a challenge in itself.
We had a chance to work together with several software development companies in a project where they got extra budget to improve their source code by performing refactoring operations. Taking advantage of this controlled environment, we collected a large amount of data during a refactoring phase where the developers used a (semi)automatic refactoring tool. By measuring the maintainability of the involved subject systems before and after the refactorings, we got valuable insights into the effect of these refactorings on large-scale industrial projects. All but one company, who applied a special refactoring strategy, achieved a maintainability improvement at the end of the refactoring phase, but even that one company suffered from the negative impact of only one type of refactoring.

An Empirical Evaluation of the Effectiveness of Inspection Scenarios Developed from a Defect Repository
Kiyotaka Kasubuchi, Shuji Morisaki, Akiko Yoshida, and Chikako Ogawa
(SCREEN Holdings, Japan; Nagoya University, Japan; Shizuoka University, Japan)
Abstracting and summarizing high-severity defects detected dur-ing inspections of previous software versions could lead to effec-tive inspection scenarios in a subsequent version in software maintenance and evolution. We conducted an empirical evalua-tion of 456 defects detected from the requirement specification inspections conducted during the development of industrial soft-ware. The defects were collected from an earlier version, which included 59 high-severity defects, and from a later version, which included 48 high-severity defects. The results of the evaluation showed that nine defect types and their corresponding inspection scenarios were obtained by abstracting and summarizing 45 de-fects in the earlier version. The results of the evaluation also showed that 46 of the high-severity defects in the later version could be potentially detected using the obtained inspection sce-narios. The study also investigated which inspection scenarios can be obtained by the checklist proposed in the value-based review (VBR). It was difficult to obtain five of the inspection sce-narios using the VBR checklist. Furthermore, to investigate the effectiveness of cluster analysis for inspection scenario develop-ment, the 59 high-severity defects in the earlier version were clus-tered into similar defect groups by a clustering algorithm. The results indicated that cluster analysis can be a guide for selecting similar defects and help in the tasks of abstracting and summa-rizing defects.

Efficient Regression Testing Based on Test History: An Industrial Evaluation
Edward Dunn Ekelund and Emelie Engström
(Axis Communication, Sweden; Lund University, Sweden)
Due to changes in the development practices at Axis Communications, towards continuous integration, faster regression testing feedback is needed. The current automated regression test suite takes approximately seven hours to run which prevents developers from integrating code changes several times a day as preferred. Therefore we want to implement a highly selective yet accurate regression testing strategy. Traditional code coverage based techniques are not applicable due to the size and complexity of the software under test. Instead we decided to select tests based on regression test history. We developed a tool, the Difference Engine, which parses and analyzes results from previous test runs and outputs regression test recommendations. The Difference Engine correlates code and test cases at package level and recommends test cases that are strongly correlated to recently changed packages. We evaluated the technique with respect to correctness, precision, recall and efficiency. Our results are promising. On average the tool manages to identify 80% of the relevant tests while recommending only 4% of the test cases in the full regression test suite.

Software Reengineering
Tue, Sep 29, 16:00 - 17:40, GW2 B2890 (Chair: Jochen Quante; David Shepherd)

Migrating Legacy Control Software to Multi-core Hardware
Michael Wahler, Raphael Eidenbenz, Carsten Franke, and Yvonne-Anne Pignolet
(ABB Corporate Research, Switzerland)
This paper reports on a case study on analyzing, structuring and re-using real-time control algorithms which represent a significant amount of intellectual property. As a starting point, legacy code written in ADA together with a Windows-based testing framework is available. The goal is to migrate the code onto a real-time multi-core platform taking advantage of technological progress.
We present a tool-supported three-step approach for such legacy control software: identifying and isolating the control algorithms, preparing these algorithms and their information exchange for execution within a modern execution framework for Linux written in C++, and validating the solution by a) performing regression testing to ensure partial correctness and b) validating its real-time properties.

Query by Example in Large-Scale Code Repositories
Vipin Balachandran
(VMware, India)
Searching code samples in a code repository is an important part of program comprehension. Most of the existing tools for code search support syntactic element search and regular expression pattern search. However, they are text-based and hence cannot handle queries which are syntactic patterns. The proposed solutions for querying syntactic patterns using specialized query languages present a steep learning curve for users. The querying would be more user-friendly if the syntactic pattern can be formulated in the underlying programming language (as a sample code snippet) instead of a specialized query language. In this paper, we propose a solution for the query by example problem using Abstract Syntax Tree (AST) structural similarity match. The query snippet is converted to an AST, then its subtrees are compared against AST subtrees of source files in the repository and the similarity values of matching subtrees are aggregated to arrive at a relevance score for each of the source files. To scale this approach to large code repositories, we use locality-sensitive hash functions and numerical vector approximation of trees. Our experimental evaluation involves running control queries against a real project. The results show that our algorithm can achieve high precision (0.73) and recall (0.81) and scale to large code repositories without compromising quality.

Does Software Modernization Deliver What It Aimed for? A Post Modernization Analysis of Five Software Modernization Case Studies
Ravi Khadka, Prajan Shrestha, Bart Klein, Amir Saeidi, Jurriaan Hage, Slinger Jansen, Edwin van Dis, and Magiel Bruntink
(Utrecht University, Netherlands; University of Amsterdam, Netherlands; CGI, Netherlands)
Software modernization has been extensively researched, primarily focusing on observing the associated phenomena, and providing technical solutions to facilitate the modernization process. Software modernization is claimed to be successful when the modernization is completed using those technical solutions. Very limited research, if any, is reported with an aim at documenting the post-modernization impacts, i.e., whether any of the pre-modernization business goals are in fact achieved after modernization. In this research, we attempt to address this relative absence of empirical study through five retrospective software modernization case studies. We use an explanatory case study approach to document the pre-modernization business goals, and to decide whether those goals have been achieved. The intended benefits for each of the five cases we considered were all (partially) met, and in most cases fully. Moreover, many cases exhibited a number of unintended benefits, and some reported detrimental effects of modernization.

Info
Reverse Engineering a Visual Age Application
Harry M. Sneed and Chris Verhoef
(SoRing, Hungary; TU Dresden, Germany; VU University Amsterdam, Netherlands)
This paper is an industrial case study of how a VisualAge application system on an IBM mainframe was reverse engineered into a system reference repository. The starting point was the code fragments generated by the VisualAge interactive development tool. The results of the reverse engineering process were a use case documentation, a module documentation and a system reference repository. In these documents, the names of the data and functions were extended to be more understandable. The process was in the end fully automated and took three months to implement. The resulting documentation is now being used as a basis for re-implementing the system in Java.

Using Static Analysis for Knowledge Extraction from Industrial User Interfaces
Bernhard Dorninger, Josef Pichler, and Albin Kern
(Software Competence Center Hagenberg, Austria; Engel Austria, Austria)
Graphical User Interfaces (GUI) play an essential role in operating industrial facilities and machines. Depending on the range and variability of a manufacturer's product portfolio a huge library of GUI software may exist. This poses quite a challenge when it comes to testing or re-engineering. Static analysis helps to unveil valuable, inherent knowledge and prepare it for further analysis and processing. In our case at ENGEL Austria GmbH, we extract the internal structure of the GUI screens, their variants and the control system context they are used in, i.e. which PLC variables they access. In another step, we analyze the usage pattern of method calls to certain UI widgets. In this paper we show our approach to gain these information based on static analysis of existing GUI source code for injection molding machines.

proc time: 0.28