Search

Your search keyword '"Tahir, Amjed"' showing total 157 results
Start Over Author "Tahir, Amjed"
157 results on '"Tahir, Amjed"'

1. On Applying Bandit Algorithm to Fault Localization Techniques

Author

Nakao, Masato, Hamamoto, Kensei, Tsunoda, Masateru, Tahir, Amjed, Toda, Koji, Monden, Akito, Nakasai, Keitaro, and Matsumoto, Kenichi

Subjects
Computer Science - Software Engineering
Abstract

Developers must select a high-performance fault localization (FL) technique from available ones. A conventional approach is to try to select only one FL technique that is expected to attain high performance before debugging activity. In contrast, we propose a new approach that dynamically selects better FL techniques during debugging activity., Comment: 2 pages, 2 figures, 1 table

Published
2024

2. An Empirical Study of the Impact of Test Strategies on Online Optimization for Ensemble-Learning Defect Prediction

Author

Hamamoto, Kensei, Tsunoda, Masateru, Tahir, Amjed, Bennin, Kwabena Ebo, Monden, Akito, Toda, Koji, Nakasai, Keitaro, and Matsumoto, Kenichi

Subjects
Computer Science - Software Engineering
Abstract

Ensemble learning methods have been used to enhance the reliability of defect prediction models. However, there is an inconclusive stability of a single method attaining the highest accuracy among various software projects. This work aims to improve the performance of ensemble-learning defect prediction among such projects by helping select the highest accuracy ensemble methods. We employ bandit algorithms (BA), an online optimization method, to select the highest-accuracy ensemble method. Each software module is tested sequentially, and bandit algorithms utilize the test outcomes of the modules to evaluate the performance of the ensemble learning methods. The test strategy followed might impact the testing effort and prediction accuracy when applying online optimization. Hence, we analyzed the test order's influence on BA's performance. In our experiment, we used six popular defect prediction datasets, four ensemble learning methods such as bagging, and three test strategies such as testing positive-prediction modules first (PF). Our results show that when BA is applied with PF, the prediction accuracy improved on average, and the number of found defects increased by 7% on a minimum of five out of six datasets (although with a slight increase in the testing effort by about 4% from ordinal ensemble learning). Hence, BA with PF strategy is the most effective to attain the highest prediction accuracy using ensemble methods on various projects., Comment: 6 pages, 6 figures, 6 tables

Published
2024

3. The Impact of Defect (Re) Prediction on Software Testing

Author

Murakami, Yukasa, Yamasaki, Yuta, Tsunoda, Masateru, Monden, Akito, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, and Nakasai, Keitaro

Subjects
Computer Science - Software Engineering
Abstract

Cross-project defect prediction (CPDP) aims to use data from external projects as historical data may not be available from the same project. In CPDP, deciding on a particular historical project to build a training model can be difficult. To help with this decision, a Bandit Algorithm (BA) based approach has been proposed in prior research to select the most suitable learning project. However, this BA method could lead to the selection of unsuitable data during the early iteration of BA (i.e., early stage of software testing). Selecting an unsuitable model can reduce the prediction accuracy, leading to potential defect overlooking. This study aims to improve the BA method to reduce defects overlooking, especially during the early testing stages. Once all modules have been tested, modules tested in the early stage are re-predicted, and some modules are retested based on the re-prediction. To assess the impact of re-prediction and retesting, we applied five kinds of BA methods, using 8, 16, and 32 OSS projects as learning data. The results show that the newly proposed approach steadily reduced the probability of defect overlooking without degradation of prediction accuracy., Comment: 5 pages, 3 figures, 2 table. The paper is published from IEICE

Published
2024

4. Building Defect Prediction Models by Online Learning Considering Defect Overlooking

Author

Fedorov, Nikolay, Yamasaki, Yuta, Tsunoda, Masateru, Monden, Akito, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, and Nakasai, Keitaro

Subjects
Computer Science - Software Engineering
Abstract

Building defect prediction models based on online learning can enhance prediction accuracy. It continuously rebuilds a new prediction model, when a new data point is added. However, a module predicted as "non-defective" can result in fewer test cases for such modules. Thus, a defective module can be overlooked during testing. The erroneous test results are used as learning data by online learning, which could negatively affect prediction accuracy. To suppress the negative influence, we propose to apply a method that fixes the prediction as positive during the initial stage of online learning. Additionally, we improved the method to consider the probability of the overlooking. In our experiment, we demonstrate this negative influence on prediction accuracy, and the effectiveness of our approach. The results show that our approach did not negatively affect AUC but significantly improved recall., Comment: 4 pages, 4 figures, 4 tables. The paper is currently under review in IEICE. arXiv admin note: text overlap with arXiv:2308.13582

Published
2024

5. Exploring Data Management Challenges and Solutions in Agile Software Development: A Literature Review and Practitioner Survey

Author

Fawzy, Ahmed, Tahir, Amjed, Galster, Matthias, and Liang, Peng

Subjects
Computer Science - Software Engineering
Abstract

Managing data related to a software product and its development poses significant challenges for software projects and agile development teams. Challenges include integrating data from diverse sources and ensuring data quality in light of continuous change and adaptation. To this end, we aimed to systematically explore data management challenges and potential solutions in agile projects. We employed a mixed-methods approach, utilizing a systematic literature review (SLR) to understand the state-of-research followed by a survey with practitioners to reflect on the state-of-practice. In the SLR, we reviewed 45 studies in which we identified and categorized data management aspects and the associated challenges and solutions. In the practitioner survey, we captured practical experiences and solutions from 32 industry experts to complement the findings from the SLR. Our findings reveal major data management challenges reported in both the SLR and practitioner survey, such as managing data integration processes, capturing diverse data, automating data collection, and meeting real-time analysis requirements. Based on our findings, we present implications for practitioners and researchers, which include the necessity of developing clear data management policies, training on data management tools, and adopting new data management strategies that enhance agility, improve product quality, and facilitate better project outcomes.

Published
2024

6. An Insight into Security Code Review with LLMs: Capabilities, Obstacles and Influential Factors

Author

Yu, Jiaxin, Liang, Peng, Fu, Yujia, Tahir, Amjed, Shahin, Mojtaba, Wang, Chong, and Cai, Yangxiao

Subjects
Computer Science - Software Engineering, Computer Science - Artificial Intelligence
Abstract

Security code review is a time-consuming and labor-intensive process typically requiring integration with automated security defect detection tools. However, existing security analysis tools struggle with poor generalization, high false positive rates, and coarse detection granularity. Large Language Models (LLMs) have been considered promising candidates for addressing those challenges. In this study, we conducted an empirical study to explore the potential of LLMs in detecting security defects during code review. Specifically, we evaluated the performance of six LLMs under five different prompts and compared them with state-of-theart static analysis tools. We also performed linguistic and regression analyses for the best-performing LLM to identify quality problems in its responses and factors influencing its performance. Our findings show that: (1) existing pre-trained LLMs have limited capability in security code review but? significantly outperform the state-of-the-art static analysis tools. (2) GPT-4 performs best among all LLMs when provided with a CWE list for reference. (3) GPT-4 frequently generates responses that are verbose or not compliant with the task requirements given in the prompts. (4) GPT-4 is more adept at identifying security defects in code files with fewer tokens, containing functional logic, or written by developers with less involvement in the project., Comment: 26 pages, 5 images, 7 tables, Manuscript submitted to a journal (2024)

Published
2024

7. Selecting Source Code Generation Tools Based on Bandit Algorithms

Author

Shima, Ryoto, Tsunoda, Masateru, Murakami, Yukasa, Monden, Akito, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, and Nakasai, Keitaro

Subjects
Computer Science - Software Engineering
Abstract

Background: Recently, code generation tools such as ChatGPT have drawn attention to their performance. Generally, a prior analysis of their performance is needed to select new code-generation tools from a list of candidates. Without such analysis, there is a higher risk of selecting an ineffective tool, negatively affecting software development productivity. Additionally, conducting prior analysis of new code generation tools takes time and effort. Aim: To use a new code generation tool without prior analysis but with low risk, we propose to evaluate the new tools during software development (i.e., online optimization). Method: We apply the bandit algorithm (BA) approach to help select the best code-generation tool among candidates. Developers evaluate whether the result of the tool is correct or not. When code generation and evaluation are repeated, the evaluation results are saved. We utilize the stored evaluation results to select the best tool based on the BA approach. Our preliminary analysis evaluated five code generation tools with 164 code generation cases using BA. Result: The BA approach selected ChatGPT as the best tool as the evaluation proceeded, and during the evaluation, the average accuracy by the BA approach outperformed the second-best performing tool. Our results reveal the feasibility and effectiveness of BA in assisting the selection of best-performing code generation tools.

Published
2023

8. Architecture Decisions in Quantum Software Systems: An Empirical Study on Stack Exchange and GitHub

Author

Aktar, Mst Shamima, Liang, Peng, Waseem, Muhammad, Tahir, Amjed, Ahmad, Aakash, Zhang, Beiqi, and Li, Zengyang

Subjects
Computer Science - Software Engineering
Abstract

Quantum computing provides a new dimension in computation, utilizing the principles of quantum mechanics to potentially solve complex problems that are currently intractable for classical computers. However, little research has been conducted about the architecture decisions made in quantum software development, which have a significant influence on the functionality, performance, scalability, and reliability of these systems. The study aims to empirically investigate and analyze architecture decisions made during the development of quantum software systems, identifying prevalent challenges and limitations by using the posts and issues from Stack Exchange and GitHub. We used a qualitative approach to analyze the obtained data from Stack Exchange Sites and GitHub projects. Specifically, we collected data from 385 issues (from 87 GitHub projects) and 70 posts (from three Stack Exchange sites) related to architecture decisions in quantum software development. The results show that in quantum software development (1) architecture decisions are articulated in six linguistic patterns, the most common of which are Solution Proposal and Information Giving, (2) the two major categories of architectural decisions are Implementation Decision and Technology Decision, (3) Softwar Development Tools are the most common application domain among the twenty application domains identified, (4) Maintainability is the most frequently considered quality attribute, and (5) Design Issues and High Error Rates are the major limitations and challenges that practitioners face when making architecture decisions in quantum software development. Our results show that the limitations and challenges encountered in architecture decision-making during the development of quantum software systems are strongly linked to the particular features (e.g., quantum entanglement, superposition, and decoherence) of those systems., Comment: Preprint accepted for publication in Information and Software Technology, 2024

Published
2023

9. Assessing the Security of GitHub Copilot Generated Code -- A Targeted Replication Study

Author

Majdinasab, Vahid, Bishop, Michael Joshua, Rasheed, Shawn, Moradidakhel, Arghavan, Tahir, Amjed, and Khomh, Foutse

Subjects
Computer Science - Software Engineering
Abstract

AI-powered code generation models have been developing rapidly, allowing developers to expedite code generation and thus improve their productivity. These models are trained on large corpora of code (primarily sourced from public repositories), which may contain bugs and vulnerabilities. Several concerns have been raised about the security of the code generated by these models. Recent studies have investigated security issues in AI-powered code generation tools such as GitHub Copilot and Amazon CodeWhisperer, revealing several security weaknesses in the code generated by these tools. As these tools evolve, it is expected that they will improve their security protocols to prevent the suggestion of insecure code to developers. This paper replicates the study of Pearce et al., which investigated security weaknesses in Copilot and uncovered several weaknesses in the code suggested by Copilot across diverse scenarios and languages (Python, C and Verilog). Our replication examines Copilot security weaknesses using newer versions of Copilot and CodeQL (the security analysis framework). The replication focused on the presence of security vulnerabilities in Python code. Our results indicate that, even with the improvements in newer versions of Copilot, the percentage of vulnerable code suggestions has reduced from 36.54% to 27.25%. Nonetheless, it remains evident that the model still suggests insecure code.

Published
2023

10. Security Weaknesses of Copilot Generated Code in GitHub

Author

Fu, Yujia, Liang, Peng, Tahir, Amjed, Li, Zengyang, Shahin, Mojtaba, Yu, Jiaxin, and Chen, Jinfu

Subjects
Computer Science - Software Engineering, Computer Science - Cryptography and Security
Abstract

Modern code generation tools, utilizing AI models like Large Language Models (LLMs), have gained popularity for producing functional code. However, their usage presents security challenges, often resulting in insecure code merging into the code base. Evaluating the quality of generated code, especially its security, is crucial. While prior research explored various aspects of code generation, the focus on security has been limited, mostly examining code produced in controlled environments rather than real-world scenarios. To address this gap, we conducted an empirical study, analyzing code snippets generated by GitHub Copilot from GitHub projects. Our analysis identified 452 snippets generated by Copilot, revealing a high likelihood of security issues, with 32.8% of Python and 24.5% of JavaScript snippets affected. These issues span 38 different Common Weakness Enumeration (CWE) categories, including significant ones like CWE-330: Use of Insufficiently Random Values, CWE-78: OS Command Injection, and CWE-94: Improper Control of Generation of Code. Notably, eight CWEs are among the 2023 CWE Top-25, highlighting their severity. Our findings confirm that developers should be careful when adding code generated by Copilot and should also run appropriate security checks as they accept the suggested code. It also shows that practitioners should cultivate corresponding security awareness and skills.

Published
2023

11. Software Defect Prediction by Online Learning Considering Defect Overlooking

Author

Yamasaki, Yuta, Fedorov, Nikolay, Tsunoda, Masateru, Monden, Akito, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, and Nakasai, Keitaro

Subjects
Computer Science - Software Engineering
Abstract

Building defect prediction models based on online learning can enhance prediction accuracy. It continuously rebuilds a new prediction model when adding a new data point. However, predicting a module as "non-defective" (i.e., negative prediction) can result in fewer test cases for such modules. Therefore, defects can be overlooked during testing, even when the module is defective. The erroneous test results are used as learning data by online learning, which could negatively affect prediction accuracy. In our experiment, we demonstrate this negative influence on prediction accuracy., Comment: 2 pages

Published
2023

12. Security Defect Detection via Code Review: A Study of the OpenStack and Qt Communities

Author

Yu, Jiaxin, Fu, Liming, Liang, Peng, Tahir, Amjed, and Shahin, Mojtaba

Subjects
Computer Science - Software Engineering
Abstract

Background: Despite the widespread use of automated security defect detection tools, software projects still contain many security defects that could result in serious damage. Such tools are largely context-insensitive and may not cover all possible scenarios in testing potential issues, which makes them susceptible to missing complex security defects. Hence, thorough detection entails a synergistic cooperation between these tools and human-intensive detection techniques, including code review. Code review is widely recognized as a crucial and effective practice for identifying security defects. Aim: This work aims to empirically investigate security defect detection through code review. Method: To this end, we conducted an empirical study by analyzing code review comments derived from four projects in the OpenStack and Qt communities. Through manually checking 20,995 review comments obtained by keyword-based search, we identified 614 comments as security-related. Results: Our results show that (1) security defects are not prevalently discussed in code review, (2) more than half of the reviewers provided explicit fixing strategies/solutions to help developers fix security defects, (3) developers tend to follow reviewers' suggestions and action the changes, (4) Not worth fixing the defect now and Disagreement between the developer and the reviewer are the main causes for not resolving security defects. Conclusions: Our research results demonstrate that (1) software security practices should combine manual code review with automated detection tools, achieving a more comprehensive coverage to identifying and addressing security defects, and (2) promoting appropriate standardization of practitioners' behaviors during code review remains necessary for enhancing software security., Comment: The 17th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)

Published
2023

13. On the Effect of Instrumentation on Test Flakiness

Author

Rasheed, Shawn, Dietrich, Jens, and Tahir, Amjed

Subjects
Computer Science - Software Engineering
Abstract

Test flakiness is a problem that affects testing and processes that rely on it. Several factors cause or influence the flakiness of test outcomes. Test execution order, randomness and concurrency are some of the more common and well-studied causes. Some studies mention code instrumentation as a factor that causes or affects test flakiness. However, evidence for this issue is scarce. In this study, we attempt to systematically collect evidence for the effects of instrumentation on test flakiness. We experiment with common types of instrumentation for Java programs - namely, application performance monitoring, coverage and profiling instrumentation. We then study the effects of instrumentation on a set of nine programs obtained from an existing dataset used to study test flakiness, consisting of popular GitHub projects written in Java. We observe cases where real-world instrumentation causes flakiness in a program. However, this effect is rare. We also discuss a related issue - how instrumentation may interfere with flakiness detection and prevention., Comment: To appear: In Proceedings of the 2023 ACM/IEEE International Conference on Automation of Software Test (AST)

Published
2023

14. Test Flakiness' Causes, Detection, Impact and Responses: A Multivocal Review

Author

Rasheed, Shawn, Tahir, Amjed, Dietrich, Jens, Hashemi, Negar, and Zhang, Lu

Subjects
Computer Science - Software Engineering
Abstract

Flaky tests (tests with non-deterministic outcomes) pose a major challenge for software testing. They are known to cause significant issues such as reducing the effectiveness and efficiency of testing and delaying software releases. In recent years, there has been an increased interest in flaky tests, with research focusing on different aspects of flakiness, such as identifying causes, detection methods and mitigation strategies. Test flakiness has also become a key discussion point for practitioners (in blog posts, technical magazines, etc.) as the impact of flaky tests is felt across the industry. This paper presents a multivocal review that investigates how flaky tests, as a topic, have been addressed in both research and practice. We cover a total of 651 articles (560 academic articles and 91 grey literature articles/posts), and structure the body of relevant research and knowledge using four different dimensions: causes, detection, impact and responses. For each of those dimensions we provide a categorisation, and classify existing research, discussions, methods and tools. With this, we provide a comprehensive and current snapshot of existing thinking on test flakiness, covering both academic views and industrial practices, and identify limitations and opportunities for future research., Comment: Under review at Journal of Systems and Software

Published
2022

15. Flaky Test Sanitisation via On-the-Fly Assumption Inference for Tests with Network Dependencies

Author

Dietrich, Jens, Rasheed, Shawn, and Tahir, Amjed

Subjects
Computer Science - Software Engineering
Abstract

Flaky tests cause significant problems as they can interrupt automated build processes that rely on all tests succeeding and undermine the trustworthiness of tests. Numerous causes of test flakiness have been identified, and program analyses exist to detect such tests. Typically, these methods produce advice to developers on how to refactor tests in order to make test outcomes deterministic. We argue that one source of flakiness is the lack of assumptions that precisely describe under which circumstances a test is meaningful. We devise a sanitisation technique that can isolate f laky tests quickly by inferring such assumptions on-the-fly, allowing automated builds to proceed as flaky tests are ignored. We demonstrate this approach for Java and Groovy programs by implementing it as extensions for three popular testing frameworks (JUnit4, JUnit5 and Spock) that can transparently inject the inferred assumptions. If JUnit5 is used, those extensions can be deployed without refactoring project source code. We demonstrate and evaluate the utility of our approach using a set of six popular real-world programs, addressing known test flakiness issues in these programs caused by dependencies of tests on network availability. We find that our method effectively sanitises failures induced by network connectivity problems with high precision and recall., Comment: to appear at IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)

Published
2022

16. An Empirical Study of Flaky Tests in JavaScript

Author

Hashemi, Negar, Tahir, Amjed, and Rasheed, Shawn

Subjects
Computer Science - Software Engineering
Abstract

Flaky tests (tests with non-deterministic outcomes) can be problematic for testing efficiency and software reliability. Flaky tests in test suites can also significantly delay software releases. There have been several studies that attempt to quantify the impact of test flakiness in different programming languages (e.g., Java and Python) and application domains (e.g., mobile and GUI-based). In this paper, we conduct an empirical study of the state of flaky tests in JavaScript. We investigate two aspects of flaky tests in JavaScript projects: the main causes of flaky tests in these projects and common fixing strategies. By analysing 452 commits from large, top-scoring JavaScript projects from GitHub, we found that flakiness caused by concurrency-related issues (e.g., async wait, race conditions or deadlocks) is the most dominant reason for test flakiness. The other top causes of flaky tests are operating system-specific (e.g., features that work on specific OS or OS versions) and network stability (e.g., internet availability or bad socket management). In terms of how flaky tests are dealt with, the majority of those flaky tests (>80%) are fixed to eliminate flaky behaviour and developers sometimes skip, quarantine or remove flaky tests.

Published
2022

17. Potential Technical Debt and Its Resolution in Code Reviews: An Exploratory Study of the OpenStack and Qt Communities

Author

Fu, Liming, Liang, Peng, Rasheed, Zeeshan, Li, Zengyang, Tahir, Amjed, and Han, Xiaofeng

Subjects
Computer Science - Software Engineering
Abstract

Technical Debt (TD) refers to the situation where developers make trade-offs to achieve short-term goals at the expense of long-term code quality, which can have a negative impact on the quality of software systems. In the context of code review, such sub-optimal implementations have chances to be timely resolved during the review process before the code is merged. Therefore, we could consider them as Potential Technical Debt (PTD) since PTD will evolve into TD when it is injected into software systems without being resolved. To date, little is known about the extent to which PTD is identified in code reviews. To this end, we conducted an exploratory study in an attempt to understand the nature of PTD in code reviews and track down the resolution of PTD after being identified. We randomly collected 2,030 review comments from the Nova project of OpenStack and the Qt Base project of Qt. We then manually checked these review comments, and obtained 163 PTD-related review comments for further analysis. Our results show that: (1) PTD can be identified in code reviews but is not prevalent. (2) Design, defect, documentation, requirement, test, and code PTD are identified in code reviews, in which code and documentation PTD are the dominant. (3) 81.0% of the PTD identified in code reviews has been resolved by developers, and 78.0% of the resolved TD was resolved by developers within a week. (4) Code refactoring is the main practice used by developers to resolve the PTD identified in code reviews. Our findings indicate that: (1) review-based detection of PTD is seen as one of the trustworthy mechanisms in development, and (2) there is still a significant proportion of PTD (19.0%) remaining unresolved when injected into the software systems. Practitioners and researchers should establish effective strategies to manage and resolve PTD in development., Comment: The 16th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)

Published
2022

18. An Empirical Study on the Effectiveness of Data Resampling Approaches for Cross-Project Software Defect Prediction

Author

Bennin, Kwabena Ebo, Tahir, Amjed, MacDonell, Stephen G., and Börstler, Jürgen

Subjects
Computer Science - Software Engineering
Abstract

Crossp-roject defect prediction (CPDP), where data from different software projects are used to predict defects, has been proposed as a way to provide data for software projects that lack historical data. Evaluations of CPDP models using the Nearest Neighbour (NN) Filter approach have shown promising results in recent studies. A key challenge with defect-prediction datasets is class imbalance, that is highly skewed datasets where non buggy modules dominate the buggy modules. In the past, data resampling approaches have been applied to within-projects defect prediction models to help alleviate the negative effects of class imbalance in the datasets. To address the class imbalance issue in CPDP, the authors assess the impact of data resampling approaches on CPDP models after the NN Filter is applied. The impact on prediction performance of five oversampling approaches (MAHAKIL, SMOTE, Borderline-SMOTE, Random Oversampling, and ADASYN) and three undersampling approaches (Random Undersampling, Tomek Links, and Onesided selection) is investigated and results are compared to approaches without data resampling. The authors' examined six defect prediction models on 34 datasets extracted from the PROMISE repository. The authors results show that there is a significant positive effect of data resampling on CPDP performance, suggesting that software quality teams and researchers should consider applying data resampling approaches for improved recall (pd) and g-measure prediction performance. However if the goal is to improve precision and reduce false alarm (pf) then data resampling approaches should be avoided., Comment: Journal article, 14 pages, 5 tables, 4 figures

Published
2022
Full Text
View/download PDF

19. Code Smells Detection via Modern Code Review: A Study of the OpenStack and Qt Communities

Author

Han, Xiaofeng, Tahir, Amjed, Liang, Peng, Counsell, Steve, Blincoe, Kelly, Li, Bing, and Luo, Yajing

Subjects
Computer Science - Software Engineering
Abstract

Code review that detects and locates defects and other quality issues plays an important role in software quality control. One type of issue that may impact the quality of software is code smells. Yet, little is known about the extent to which code smells are identified during modern code review. To investigate the concept behind code smells identified in modern code review and what actions reviewers suggest and developers take in response to the identified smells, we conducted a study of code smells in code reviews by analyzing reviews from four large open source projects from the OpenStack (Nova and Neutron) and Qt (Qt Base and Qt Creator) communities. We manually checked a total of 25,415 code review comments obtained by keywords search and random selection, and identified 1,539 smell-related reviews. Our analysis found that 1) code smells were not commonly identified in code reviews, 2) smells were usually caused by violation of coding conventions, 3) reviewers usually provided constructive feedback, including fixing (refactoring) recommendations to help developers remove smells, 4) developers generally followed those recommendations and actioned the changes, 5) once identified by reviewers, it usually takes developers less than one week to fix the smells, and 6) the main reason why developers chose to ignore the identified smells is not worth fixing the smell. Our results suggest that: 1) developers should closely follow coding conventions in their projects to avoid introducing code smells, 2) review-based detection of code smells is perceived to be a trustworthy approach by developers, mainly because reviews are context-sensitive (as reviewers are more aware of the context of the code given that they are part of the project's development team), and 3) program context needs to be fully considered in order to make a decision of whether to fix the identified code smell immediately., Comment: Preprint accepted for publication in Empirical Software Engineering, 2022. arXiv admin note: substantial text overlap with arXiv:2103.11446

Published
2022

20. A Study of Single Statement Bugs Involving Dynamic Language Features

Author

Sui, Li, Rasheed, Shawn, Tahir, Amjed, and Dietrich, Jens

Subjects
Computer Science - Software Engineering
Abstract

Dynamic language features are widely available in programming languages to implement functionality that can adapt to multiple usage contexts, enabling reuse. Functionality such as data binding , object-relational mapping and user interface builders can be heavily dependent on these features. However, their use has risks and downsides as they affect the soundness of static analyses and techniques that rely on such analyses (such as bug detection and automated program repair). They can also make software more error-prone due to potential difficulties in understanding reflective code, loss of compile-time safety and incorrect API usage. In this paper, we set out to quantify some of the effects of using dynamic language features in Java programs-that is, the error-proneness of using those features with respect to a particular type of bug known as single statement bugs. By mining 2,024 GitHub projects, we found 139 single statement bug instances (falling under 10 different bug patterns), with the highest number of bugs belonging to three specific patterns: Wrong Function Name, Same Function More Args and Change Identifier Used. These results can help practitioners to quantify the risk of using dynamic techniques over alternatives (such as code generation). We hope this classification raises attention on choosing dynamic APIs that are likely to be error-prone, and provides developers a better understanding when designing bug detection tools for such feature., Comment: Accepted at the 30th IEEE/ACM International Conference on Program Comprehension (ICPC 2022) - ERA track

Published
2022
Full Text
View/download PDF

22. Does class size matter? An in-depth assessment of the effect of class size in software defect prediction

Author

Tahir, Amjed, Bennin, Kwabena E., Xiao, Xun, and MacDonell, Stephen G.

Subjects
Computer Science - Software Engineering
Abstract

In the past 20 years, defect prediction studies have generally acknowledged the effect of class size on software prediction performance. To quantify the relationship between object-oriented (OO) metrics and defects, modelling has to take into account the direct, and potentially indirect, effects of class size on defects. However, some studies have shown that size cannot be simply controlled or ignored, when building prediction models. As such, there remains a question whether, and when, to control for class size. This study provides a new in-depth examination of the impact of class size on the relationship between OO metrics and software defects or defect-proneness. We assess the impact of class size on the number of defects and defect-proneness in software systems by employing a regression-based mediation (with bootstrapping) and moderation analysis to investigate the direct and indirect effect of class size in count and binary defect prediction. Our results show that the size effect is not always significant for all metrics. Of the seven OO metrics we investigated, size consistently has significant mediation impact only on the relationship between Coupling Between Objects (CBO) and defects/defect-proneness, and a potential moderation impact on the relationship between Fan-out and defects/defect-proneness. Based on our results we make three recommendations. One, we encourage researchers and practitioners to examine the impact of class size for the specific data they have in hand and through the use of the proposed statistical mediation/moderation procedures. Two, we encourage empirical studies to investigate the indirect effect of possible additional variables in their models when relevant. Three, the statistical procedures adopted in this study could be used in other empirical software engineering research to investigate the influence of potential mediators/moderators., Comment: Accepted to Empirical Software Engineering (to appear). arXiv admin note: text overlap with arXiv:2104.12349

Published
2021

23. Revisiting the size effect in software fault prediction models

Author

Tahir, Amjed, Bennin, Kwabena E., MacDonell, Stephen G., and Marsland, Stephen

Subjects
Computer Science - Software Engineering
Abstract

BACKGROUND: In object oriented (OO) software systems, class size has been acknowledged as having an indirect effect on the relationship between certain artifact characteristics, captured via metrics, and faultproneness, and therefore it is recommended to control for size when designing fault prediction models. AIM: To use robust statistical methods to assess whether there is evidence of any true effect of class size on fault prediction models. METHOD: We examine the potential mediation and moderation effects of class size on the relationships between OO metrics and number of faults. We employ regression analysis and bootstrapping-based methods to investigate the mediation and moderation effects in two widely-used datasets comprising seventeen systems. RESULTS: We find no strong evidence of a significant mediation or moderation effect of class size on the relationships between OO metrics and faults. In particular, size appears to have a more significant mediation effect on CBO and Fan-out than other metrics, although the evidence is not consistent in all examined systems. On the other hand, size does appear to have a significant moderation effect on WMC and CBO in most of the systems examined. Again, the evidence provided is not consistent across all examined systems CONCLUSION: We are unable to confirm if class size has a significant mediation or moderation effect on the relationships between OO metrics and the number of faults. We contend that class size does not fully explain the relationships between OO metrics and the number of faults, and it does not always affect the strength/magnitude of these relationships. We recommend that researchers consider the potential mediation and moderation effect of class size when building their prediction models, but this should be examined independently for each system., Comment: Conference paper, 11 pages, 8 figures, 7 tables

Published
2021
Full Text
View/download PDF

24. Assert Use and Defectiveness in Industrial Code

Author

Counsell, Steve, Hall, Tracy, Shippey, Thomas, Bowes, David, Tahir, Amjed, and MacDonell, Stephen

Subjects
Computer Science - Software Engineering
Abstract

The use of asserts in code has received increasing attention in the software engineering community in the past few years, even though it has been a recognized programming construct for many decades. A previous empirical study by Casalnuovo showed that methods containing asserts had fewer defects than those that did not. In this paper, we analyze the test classes of two industrial telecom Java systems to lend support to, or refute that finding. We also analyze the physical position of asserts in methods to determine if there is a relationship between assert placement and method defect-proneness. Finally, we explore the role of test method size and the relationship it has with asserts. In terms of the previous study by Casalnuovo, we found only limited evidence to support the earlier results. We did however find that defective methods with one assert tended to be located at significantly lower levels of the class position-wise than non-defective methods. Finally, method size seemed to correlate strongly with asserts, but surprisingly less so when we excluded methods with just one assert. The work described highlights the need for more studies into this aspect of code, one which has strong links with code comprehension., Comment: Conference paper, 5 pages, 2 figures, 3 tables

Published
2021
Full Text
View/download PDF

25. Feature Evolution and Reuse -- An Exploratory Study of Eclipse

Author

Tahir, Amjed, Licorish, Sherlock A., and MacDonell, Stephen G.

Subjects
Computer Science - Software Engineering
Abstract

One of the purported ways to increase productivity and reduce development time is to reuse existing features and modules. If reuse is adopted, logically then, it will have a direct impact on a system's evolution. However, the evidence in the literature is not clear on the extent to which reuse is practiced in real-world projects, nor how it is practiced. In this paper we report the results of an investigation of reuse and evolution of software features in one of the largest open-source ecosystems - Eclipse. Eclipse provides a leading example of how a system can grow dramatically in size and number of features while maintaining its quality. Our results demonstrate the extent of feature reuse and evolution and also patterns of reuse across ten different Eclipse releases (from Europa to Neon)., Comment: Conference paper, 6 pages, 5 figures, 2 tables

Published
2021
Full Text
View/download PDF

26. An empirical study into the relationship between class features and test smells

Author

Tahir, Amjed, Counsell, Steve, and MacDonell, Stephen G.

Subjects
Computer Science - Software Engineering
Abstract

While a substantial body of prior research has investigated the form and nature of production code, comparatively little attention has examined characteristics of test code, and, in particular, test smells in that code. In this paper, we explore the relationship between production code properties (at the class level) and a set of test smells, in five open source systems. Specifically, we examine whether complexity properties of a production class can be used as predictors of the presence of test smells in the associated unit test. Our results, derived from the analysis of 975 production class-unit test pairs, show that the Cyclomatic Complexity (CC) and Weighted Methods per Class (WMC) of production classes are strong indicators of the presence of smells in their associated unit tests. The Lack of Cohesion of Methods in a production class (LCOM) also appears to be a good indicator of the presence of test smells. Perhaps more importantly, all three metrics appear to be good indicators of particular test smells, especially Eager Test and Duplicated Code. The Depth of the Inheritance Tree (DIT), on the other hand, was not found to be significantly related to the incidence of test smells. The results have important implications for large-scale software development, particularly in a context where organizations are increasingly using, adopting or adapting open source code as part of their development strategy and need to ensure that classes and methods are kept as simple as possible., Comment: Conference paper, 9 pages, 4 figures, 6 tables

Published
2021
Full Text
View/download PDF

27. Understanding Code Smell Detection via Code Review: A Study of the OpenStack Community

Author

Han, Xiaofeng, Tahir, Amjed, Liang, Peng, Counsell, Steve, and Luo, Yajing

Subjects
Computer Science - Software Engineering
Abstract

Code review plays an important role in software quality control. A typical review process would involve a careful check of a piece of code in an attempt to find defects and other quality issues/violations. One type of issues that may impact the quality of the software is code smells - i.e., bad programming practices that may lead to defects or maintenance issues. Yet, little is known about the extent to which code smells are identified during code reviews. To investigate the concept behind code smells identified in code reviews and what actions reviewers suggest and developers take in response to the identified smells, we conducted an empirical study of code smells in code reviews using the two most active OpenStack projects (Nova and Neutron). We manually checked 19,146 review comments obtained by keywords search and random selection, and got 1,190 smell-related reviews to study the causes of code smells and actions taken against the identified smells. Our analysis found that 1) code smells were not commonly identified in code reviews, 2) smells were usually caused by violation of coding conventions, 3) reviewers usually provided constructive feedback, including fixing (refactoring) recommendations to help developers remove smells, and 4) developers generally followed those recommendations and actioned the changes. Our results suggest that 1) developers should closely follow coding conventions in their projects to avoid introducing code smells, and 2) review-based detection of code smells is perceived to be a trustworthy approach by developers, mainly because reviews are context-sensitive (as reviewers are more aware of the context of the code given that they are part of the project's development team)., Comment: The 29th IEEE/ACM International Conference on Program Comprehension (ICPC)

Published
2021

28. On Satisfying the Android OS Community: User Feedback Still Central to Developers' Portfolios

Author

Licorish, Sherlock A., Tahir, Amjed, Bosu, Michael Franklin, and MacDonell, Stephen G.

Subjects
Computer Science - Software Engineering
Abstract

End-users play an integral role in identifying requirements, validating software features' usefulness, locating defects, and in software product evolution in general. Their role in these activities is especially prominent in online application distribution platforms (OADPs), where software is developed for many potential users, and for which the traditional processes of requirements gathering and negotiation with a single group of end-users do not apply. With such vast access to end-users, however, comes the challenge of how to prioritize competing requirements in order to satisfy previously unknown user groups, especially with early releases of a product. One highly successful product that has managed to overcome this challenge is the Android Operating System (OS). While the requirements of early versions of the Android OS likely benefited from market research, new features in subsequent releases appear to have benefitted extensively from user reviews. Thus, lessons learned about how Android developers have managed to satisfy the user community over time could usefully inform other software products. We have used data mining and natural language processing (NLP) techniques to investigate the issues that were logged by the Android community, and how Google's remedial efforts correlated with users' requests. We found very strong alignment between end-users' top feature requests and Android developers' responses, particularly for the more recent Android releases. Our findings suggest that effort spent responding to end-users' loudest calls may be integral to software systems' survival, and a product's overall success., Comment: Conference paper, 11 pages, 5 figures, 3 tables

Published
2021
Full Text
View/download PDF

29. Combining Dynamic Analysis and Visualization to Explore the Distribution of Unit Test Suites

Author

Tahir, Amjed and MacDonell, Stephen G.

Subjects
Computer Science - Software Engineering
Abstract

As software systems have grown in scale and complexity the test suites built alongside those systems have also become increasingly complex. Understanding key aspects of test suites, such as their coverage of production code, is important when maintaining or reengineering systems. This work investigates the distribution of unit tests in Open Source Software (OSS) systems through the visualization of data obtained from both dynamic and static analysis. Our long-term aim is to support developers in their understanding of test distribution and the relationship of tests to production code. We first obtain dynamic coupling information from five selected OSS systems and we then map the test and production code results. The mapping is shown in graphs that depict both the dependencies between classes and static test information. We analyze these graphs using Centrality metrics derived from graph theory and SNA. Our findings suggest that, for these five systems at least, unit test and dynamic coupling information 'do not match', in that unit tests do not appear to be distributed in line with the systems' dynamic coupling. We contend that, by mapping dynamic coupling data onto unit test information, and through the use of software metrics and visualization, we can locate central system classes and identify to which classes unit testing effort has (or has not) been dedicated., Comment: Conference paper, 10 pages, 5 figures, 6 tables

Published
2021
Full Text
View/download PDF

30. A Systematic Mapping Study on Dynamic Metrics and Software Quality

Author

Tahir, Amjed and MacDonell, Stephen G.

Subjects
Computer Science - Software Engineering
Abstract

Several important aspects of software product quality can be evaluated using dynamic metrics that effectively capture and reflect the software's true runtime behavior. While the extent of research in this field is still relatively limited, particularly when compared to research on static metrics, the field is growing, given the inherent advantages of dynamic metrics. The aim of this work is to systematically investigate the body of research on dynamic software metrics to identify issues associated with their selection, design and implementation. Mapping studies are being increasingly used in software engineering to characterize an emerging body of research and to identify gaps in the field under investigation. In this study we identified and evaluated 60 works based on a set of defined selection criteria. These studies were further classified and analyzed to identify their relativity to future dynamic metrics research. The classification was based on three different facets: research focus, research type and contribution type. We found a strong body of research related to dynamic coupling and cohesion metrics, with most works also addressing the abstract notion of software complexity. Specific opportunities for future work relate to a much broader range of quality dimensions., Comment: Conference, 11 pages, 8 figures, 3 tables

Published
2021
Full Text
View/download PDF

32. Appsent A Tool That Analyzes App Reviews

Author

Malgaonkar, Saurabh, Lee, Chan Won, Licorish, Sherlock A., Savarimuthu, Bastin Tony Roy, and Tahir, Amjed

Subjects
Computer Science - Software Engineering
Abstract

Enterprises are always on the lookout for tools that analyze end-users perspectives on their products. In particular, app reviews have been assessed as useful for guiding improvement efforts and software evolution, however, developers find reading app reviews to be a labor intensive exercise. If such a barrier is eliminated, however, evidence shows that responding to reviews enhances end-users satisfaction and contributes towards the success of products. In this paper, we present Appsent, a mobile analytics tool as an app, to facilitate the analysis of app reviews. This development was led by a literature review on the problem and subsequent evaluation of current available solutions to this challenge. Our investigation found that there was scope to extend currently available tools that analyze app reviews. These gaps thus informed the design and development of Appsent. We subsequently performed an empirical evaluation to validate Appsent usability and the helpfulness of analytics features from users perspective. Outcomes of this evaluation reveal that Appsent provides user-friendly interfaces, helpful functionalities and meaningful analytics. Appsent extracts and visualizes important perceptions from end-users feedback, identifying insights into end-users opinions about various aspects of software features. Although Appsent was developed as a prototype for analyzing app reviews, this tool may be of utility for analyzing product reviews more generally.

Published
2019

33. Caught in the Web: DoS Vulnerabilities in Parsers for Structured Data

Author

Rasheed, Shawn, Dietrich, Jens, Tahir, Amjed, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Shulman, Haya, editor, and Waidner, Michael, editor

Published
2021
Full Text
View/download PDF

35. Data Management Challenges in Agile Software Projects: A Systematic Literature Review

Author

Fawzy, Ahmed, Tahir, Amjed, Galster, Matthias, Liang, Peng, Fawzy, Ahmed, Tahir, Amjed, Galster, Matthias, and Liang, Peng

Abstract

Agile software development follows an adaptive and iterative approach. However, the management of data (e.g., development data or product data) can pose significant challenges for projects and agile teams. We aim to identify and characterize key challenges faced in data management within agile projects and to examine potential solutions proposed in the literature. We used a Systematic Literature Review (SLR) to collect and analyse relevant studies. We identified 45 studies related to data management in agile software development. We then manually analysed and mapped data from these studies to categorise different data management aspects and identify challenges and solutions as identified in those studies. Our findings reveal major challenges such as data integration and quality assurance. We found implications of challenges on team members and the product delivery process. We found that teams frequently struggle to integrate heterogeneous data sources, ensuring data reliability and real-time analytics. Additionally, fragmented data collection and a lack of standardized practices can impede team collaboration and project transparency. The studies have also proposed various solutions to address those challenges, including the use of ontologies, diverse data management strategies, automated tools, and the adoption of quality-focused development methods. Solutions also include training to enhance data quality and analysis. This SLR provides in-depth insights and recommendations for practitioners, emphasizing the importance of robust data management strategies. It suggests integrating advanced data management techniques into agile frameworks to enhance decision-making and improve software project outcomes. The study highlights the need for a more focused approach to data management in agile environments, advocating tailored solutions to meet the unique demands of agile software development., Comment: 32 pages, 3 images, 6 tables, Manuscript submitted to a Journal (2024)

Published
2024

36. Security Code Review by LLMs: A Deep Dive into Responses

Author

Yu, Jiaxin, Liang, Peng, Fu, Yujia, Tahir, Amjed, Shahin, Mojtaba, Wang, Chong, Cai, Yangxiao, Yu, Jiaxin, Liang, Peng, Fu, Yujia, Tahir, Amjed, Shahin, Mojtaba, Wang, Chong, and Cai, Yangxiao

Abstract

Security code review aims to combine automated tools and manual efforts to detect security defects during development. The rapid development of Large Language Models (LLMs) has shown promising potential in software development, as well as opening up new possibilities in automated security code review. To explore the challenges of applying LLMs in practical code review for security defect detection, this study compared the detection performance of three state-of-the-art LLMs (Gemini Pro, GPT-4, and GPT-3.5) under five prompts on 549 code files that contain security defects from real-world code reviews. Through analyzing 82 responses generated by the best-performing LLM-prompt combination based on 100 randomly selected code files, we extracted and categorized quality problems present in these responses into 5 themes and 16 categories. Our results indicate that the responses produced by LLMs often suffer from verbosity, vagueness, and incompleteness, highlighting the necessity to enhance their conciseness, understandability, and compliance to security defect detection. This work reveals the deficiencies of LLM-generated responses in security code review and paves the way for future optimization of LLMs towards this task.

Published
2024

37. The Effect of Defect (Re) Prediction on Software Testing

Author

Murakami, Yukasa, Yamasaki, Yuta, Tsunoda, Masateru, Monden, Akito, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, Nakasai, Keitaro, Murakami, Yukasa, Yamasaki, Yuta, Tsunoda, Masateru, Monden, Akito, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, and Nakasai, Keitaro

Abstract

Background: Cross-project defect prediction (CPDP) aims to use data from external projects as historical data may not be available from the same project. In CPDP, deciding on a particular historical project to build a training model can be difficult. To help with this decision, a Bandit Algorithm (BA) based approach has been proposed in prior research to select the most suitable learning project. However, this BA method could lead to the selection of unsuitable data during the early iteration of BA (i.e., early stage of software testing). Selecting an unsuitable model can reduce the prediction accuracy, leading to potential defect overlooking. This study aims to improve the BA method to reduce defects overlooking, especially during the early stage of testing. Once all modules have been tested, modules tested in the early stage are re-predicted, and some modules are retested based on the re-prediction. To assess the impact of re-prediction and retesting, we applied five kinds of BA methods, using 8, 16, and 32 OSS projects as learning data. The results show that the newly proposed approach steadily reduced the probability of defect overlooking on 86.7% of the BA methods and projects combinations., Comment: 4 pages, 2 figures, 1 table. The paper is currently under review in IEICE

Published
2024

39. Understanding Class-level Testability Through Dynamic Analysis

Author

Tahir, Amjed, MacDonell, Stephen G., and Buchan, Jim

Subjects
Computer Science - Software Engineering
Abstract

It is generally acknowledged that software testing is both challenging and time-consuming. Understanding the factors that may positively or negatively affect testing effort will point to possibilities for reducing this effort. Consequently there is a significant body of research that has investigated relationships between static code properties and testability. The work reported in this paper complements this body of research by providing an empirical evaluation of the degree of association between runtime properties and class-level testability in object-oriented (OO) systems. The motivation for the use of dynamic code properties comes from the success of such metrics in providing a more complete insight into the multiple dimensions of software quality. In particular, we investigate the potential relationships between the runtime characteristics of production code, represented by Dynamic Coupling and Key Classes, and internal class-level testability. Testability of a class is considered here at the level of unit tests and two different measures are used to characterise those unit tests. The selected measures relate to test scope and structure: one is intended to measure the unit test size, represented by test lines of code, and the other is designed to reflect the intended design, represented by the number of test cases. In this research we found that Dynamic Coupling and Key Classes have significant correlations with class-level testability measures. We therefore suggest that these properties could be used as indicators of class-level testability. These results enhance our current knowledge and should help researchers in the area to build on previous results regarding factors believed to be related to testability and testing. Our results should also benefit practitioners in future class testability planning and maintenance activities., Comment: 10 pages, conference paper, 9th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE), 2014

Published
2014
Full Text
View/download PDF

40. On the Soundness of Call Graph Construction in the Presence of Dynamic Language Features - A Benchmark and Tool Evaluation

Author

Sui, Li, Dietrich, Jens, Emery, Michael, Rasheed, Shawn, Tahir, Amjed, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, and Ryu, Sukyoung, editor

Published
2018
Full Text
View/download PDF

44. A Study of the Relationship Between Class Testability and Runtime Properties

Author

Tahir, Amjed, MacDonell, Stephen, Buchan, Jim, Diniz Junqueira Barbosa, Simone, Series editor, Chen, Phoebe, Series editor, Du, Xiaoyong, Series editor, Filipe, Joaquim, Series editor, Kara, Orhun, Series editor, Kotenko, Igor, Series editor, Liu, Ting, Series editor, Sivalingam, Krishna M., Series editor, Washio, Takashi, Series editor, and Maciaszek, Leszek A., editor

Published
2015
Full Text
View/download PDF

48. Preliminary Analysis of Review Method Selection Based on Bandit Algorithms

Author

Kudo, Takuto, Tsunoda, Masateru, Tahir, Amjed, Bennin, Kwabena Ebo, Toda, Koji, Nakasai, Keitaro, Monden, Akito, and Matsumoto, Kenichi

Subjects
Multi-armed bandit problem, Toegepaste Informatiekunde, WASS, performance comparison, Information Technology, design document review, online optimization
Abstract

To enhance the reliability of software, it is important is to review all software artifacts (e.g., design documents) to remove defects as earlier as possible. There are various review methods available, and project managers face the challenge of choosing a suitable method for their current projects. One of approaches to support the selection of review methods is to evaluate review methods beforehand, to identify the most effective method on average. However, past studies have not evaluated review methods thoroughly as the process can be time-consuming. We propose a bandit-algorithm (BA) based method to evaluate and then dynamically select a suitable review method (from a list of candidates). In our experiments, we assume that the proposed method is applied to design document review on basic design phase. We performed experiments based on a simulation, instead of using an actual dataset. On our simulation, when a review method is selected by our BA method, productivity (i.e., total development time) was improved by about 1.25 times, and it was the second highest among candidates of review methods.

Published
2023

49. Data Extraction and Preprocessing of code snippets on Stack Overflow for Static Code Analysis

Author

Ndukwe, Ifeanyi G., Licorish, Sherlock A., MacDonell, Stephen G., and Tahir, Amjed

Subjects
Stack Overflow data, Code quality, Data extraction
Abstract

Stack Overflow is noteworthy in its value to software practitioners. However, few formal datasets exist to facilitate proper benchmarking research. Our study catalogues the data extraction process to collect massive amounts of Java code snippets from Stack Overflow. We also perform and document the process of static code analysis we carried out to encourage further community code quality investigations. A potential research agenda is then outlined. &nbsp

Published
2022
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results