No Arabic abstract
Software architecture refers to the high-level abstraction of a system including the configuration of the involved elements and the interactions and relationships that exist between them. Source codes can be easily built by referring to the software architectures. However, the reverse process i.e. derivation of the software architecture from the source code is a challenging task. Further, such an architecture consists of multiple layers, and distributing the existing elements into these layers should be done accurately and efficiently. In this paper, a novel approach is presented for the recovery of layered architectures from Java-based software systems using the concept of ego networks. Ego networks have traditionally been used for social network analysis, but in this paper, they are modified in a particular way and tuned to suit the mentioned task. Specifically, a dependency network is extracted from the source code to create an ego network. The ego network is processed to create and optimize ego layers in a particular structure. These ego layers when integrated and optimized together give the final layered architecture. The proposed approach is evaluated in two ways: on stat
Layered architecture represents the software structure in the form of layers. Every element in the software is assigned to one of the layers such that the relationship amongst the elements is maintained. A set of design principles rules the process of construction of the layered architecture. Various statistical measures have been defined to check whether the layered architecture of a given software is following these design principles or not. In this paper, we redefine the measures of layered architecture based on the relationship between the software components. The measures check for the violations committed regarding the back calls, skip calls, and cyclic structures. Further, we also introduce a new measure to verify the logical separation amongst the layers. The systems current architecture is extracted from the source code and represented using a three-tier layered structure, which is the defacto standard architecture of Java applications. The redefined measures are applied to determine the conformance of layering principles in the system. We evaluate five different software systems for their architecture consistency. The results obtained on our redefined measures are compared to those obtained by applying the standard set of measures. A quantitative analysis of the proposed measures is performed, and we conclude that they can determine the consideration of layering principles followed during the development of a software system.
We explore the applicability of Graph Neural Networks in learning the nuances of source code from a security perspective. Specifically, whether signatures of vulnerabilities in source code can be learned from its graph representation, in terms of relationships between nodes and edges. We create a pipeline we call AI4VA, which first encodes a sample source code into a Code Property Graph. The extracted graph is then vectorized in a manner which preserves its semantic information. A Gated Graph Neural Network is then trained using several such graphs to automatically extract templates differentiating the graph of a vulnerable sample from a healthy one. Our model outperforms static analyzers, classic machine learning, as well as CNN and RNN-based deep learning models on two of the three datasets we experiment with. We thus show that a code-as-graph encoding is more meaningful for vulnerability detection than existing code-as-photo and linear sequence encoding approaches. (Submitted Oct 2019, Paper #28, ICST)
Although a number of models have been developed to investigate the emergence of culture and evolutionary phases in social systems, one important aspect has not yet been sufficiently emphasized. This is the structure of the underlaying network of social relations serving as channels in transmitting cultural traits, which is expected to play a crucial role in the evolutionary processes in social systems. In this paper we contribute to the understanding of the role of the network structure by developing a layered ego-centric network structure based model, inspired by the social brain hypothesis, to study transmission of cultural traits and their evolution in social network. For this model we first find analytical results in the spirit of mean-field approximation and then to validate the results we compare them with the results of extensive numerical simulations.
Context: Software Architecture (SA) and Source Code (SC) are two intertwined artefacts that represent the interdependent design decisions made at different levels of abstractions - High-Level (HL) and Low-Level (LL). An understanding of the relationships between SA and SC is expected to bridge the gap between SA and SC for supporting maintenance and evolution of software systems. Objective: We aimed at exploring practitioners understanding about the relationships between SA and SC. Method: We used a mixed-method that combines an online survey with 87 respondents and an interview with 8 participants to collect the views of practitioners from 37 countries about the relationships between SA and SC. Results: Our results reveal that: practitioners mainly discuss five features of relationships between SA and SC; a few practitioners have adopted dedicated approaches and tools in the literature for identifying and analyzing the relationships between SA and SC despite recognizing the importance of such information for improving a systems quality attributes, especially maintainability and reliability. It is felt that cost and effort are the major impediments that prevent practitioners from identifying, analyzing, and using the relationships between SA and SC. Conclusions: The results have empirically identified five features of relationships between SA and SC reported in the literature from the perspective of practitioners and a systematic framework to manage the five features of relationships should be developed with dedicated approaches and tools considering the cost and benefit of maintaining the relationships.
Implementing large software, as software analyzers which aim to be used in industrial settings, requires a well-engineered software architecture in order to ease its daily development and its maintenance process during its lifecycle. If the analyzer is not only a single tool, but an open extensible collaborative framework in which external developers may develop plug-ins collaborating with each other, such a well designed architecture even becomes more important. In this experience report, we explain difficulties of developing and maintaining open extensible collaborative analysis frameworks, through the example of Frama-C, a platform dedicated to the analysis of code written in C. We also present the new upcoming software architecture of Frama-C and how it aims to solve some of these issues.