Dario Di Nucci

Dario Di Nucci
Università degli Studi di Salerno | UNISA · Department of Computer Science DI

Ph.D.

About

58
Publications
16,554
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,007
Citations
Introduction
I am an assistant professor at the University of Salerno. My research is within empirical software engineering, particularly, software maintenance and evolution and software testing, where I apply machine learning, search-based algorithms, and mining of software repositories.
Additional affiliations
January 2020 - December 2021
Tilburg University
Position
  • Professor (Assistant)
Description
  • Course Coordinator of Introduction to Machine Learning (Pre-MSc) - Lecturer of Data Engineering (MSc) - MSc Thesis Coordinator
January 2018 - December 2019
Vrije Universiteit Brussel
Position
  • PostDoc Position
Description
  • I was involved in INTiMALS and SECO-ASSIST, two projects funded by FWO-Vlaanderen. Furthermore, I was an adjunct professor of Capita Selecta of Software Engineering (MSc).
December 2014 - November 2017
Università degli Studi di Salerno
Position
  • Research Assistant
Description
  • Teaching assistant of Management and Evolution (MSc), Software Engineering: Maintenance and Testing (MSc), Software Engineering (BSc), Web Development (BSc), and Programming (BSc).
Education
December 2014 - March 2018
Università degli Studi di Salerno
Field of study
  • Software Engineering
October 2011 - September 2014
Università degli Studi di Salerno
Field of study
  • Computer Science
October 2007 - May 2011
Università degli Studi del Molise
Field of study
  • Computer Science

Publications

Publications (58)
Article
Quantum computing is no longer only a scientific interest but is rapidly becoming an industrially available technology that can potentially overcome the limits of classical computation. Over the last years, all major companies have provided frameworks and programming languages that allow developers to create their quantum applications. This shift h...
Preprint
Full-text available
Quantum computing is no longer only a scientific interest but is rapidly becoming an industrially available technology that can potentially overcome the limits of classical computation. Over the last years, all major companies have provided frameworks and programming languages that allow developers to create their quantum applications. This shift h...
Preprint
Full-text available
Data originating from open-source software projects provide valuable information to enhance software quality. In the scope of Software Defect Prediction, one of the most challenging parts is extracting valid data about failure-prone software components from these repositories, which can help develop more robust software. In particular, collecting d...
Preprint
Full-text available
The sources of reliable, code-level information about vulnerabilities that affect open-source software (OSS) are scarce, which hinders a broad adoption of advanced tools that provide code-level detection and assessment of vulnerable OSS dependencies. In this paper, we study the extent to which the output of off-the-shelf static code analyzers can b...
Article
Full-text available
Context Infrastructure-as-code (IaC) is the DevOps tactic of managing and provisioning software infrastructures through machine-readable definition files, rather than manual hardware configuration or interactive configuration tools. Objective From a maintenance and evolution perspective, the topic has picked the interest of practitioners and acade...
Chapter
Full-text available
The onset of microservices and serverless computer solutions has forced an ever-increasing demand for tools and techniques to establish and maintain the quality of infrastructure code, the blueprint that drives the operationalization of large-scale software systems. In the EU H2020 project RADON, we propose a machine-learning approach to elaborate...
Preprint
Full-text available
Blockchain and smart contract technology are novel approaches to data and code management, that facilitate trusted computing by allowing for development in a distributed and decentralized manner. Testing smart contracts comes with its own set of challenges which have not yet been fully identified and explored. Although existing tools can identify a...
Article
Full-text available
Bug prediction aims at locating defective source code components relying on machine learning models. Although some previous work showed that selecting the machine-learning classifier is crucial, the results are contrasting. Therefore, several ensemble techniques, i.e., approaches able to mix the output of different classifiers, have been proposed....
Article
Full-text available
Infrastructure-as-code (IaC) is the DevOps practice enabling management and provisioning of infrastructure through the definition of machine-readable files, hereinafter referred to as IaC scripts. Similarly to other source code artefacts, these files may contain defects that can preclude their correct functioning. In this paper, we aim at assessing...
Conference Paper
Full-text available
Linguistic anti-patterns are recurring poor practices concerning inconsistencies among the naming, documentation, and implementation of an entity. They impede readability, understandability, and maintainability of source code. This paper attempts to detect linguistic anti-patterns in infrastructure as code (IaC) scripts used to provision and manage...
Conference Paper
Full-text available
Infrastructure-as-Code (IaC) is increasingly adopted. However, little is known about how to best maintain and evolve it. Previous studies focused on defining Machine-Learning models to predict defect-prone blueprints using supervised binary classification. This class of techniques uses both defective and non-defective instances in the training phas...
Preprint
Full-text available
Existing approaches to automated white-box testing usually consider the client side and the server side of a web application in isolation from each other. Such testers thus lack a whole-program perspective on the web application under test. However, such a perspective may provide multiple benefits. For one, it would allow the tester to automaticall...
Article
Full-text available
Context: Most approaches to automated white-box testing consider the client side and the server side of a web application in isolation from each other. Such testers lack a whole-program perspective on the web application under test. Inquiry: We hypothesise that an additional whole-program perspective would enable the tester to discover which serve...
Preprint
Full-text available
Infrastructure-as-code (IaC) is a practice to implement continuous deployment by allowing management and provisioning of infrastructure through the definition of machine-readable files and automation around them, rather than physical hardware configuration or interactive configuration tools. On the one hand, although IaC represents an ever-increasi...
Conference Paper
Simulating terrorist scenarios in cyber-physical spaces-that is, urban open or (semi-) closed spaces combined with cyber-physical systems counterparts-is challenging given the context and variables therein. This paper addresses the aforementioned issue with AL a framework featuring computer vision and Generative Adversarial Neural Networks (GANs) o...
Article
Full-text available
Infrastructure-as-Code (IaC) has recently received increasing attention in the research community, mainly due to the paradigm shift it brings in software design, development, and operations management. However, while IaC represents an ever-increasing and widely adopted practice, concerns arise about the need for instruments that help DevOps enginee...
Article
Full-text available
Code smells can compromise software quality in the long term by inducing technical debt. For this reason, many approaches aimed at identifying these design flaws have been proposed in the last decade. Most of them are based on heuristics in which a set of metrics is used to detect smelly code components. However, these techniques suffer from subjec...
Conference Paper
Full-text available
In an ongoing industry-university collaboration we are developing a language-parametric framework for mining code idioms in legacy systems. This modular framework has a pipeline architecture and a language-parametric meta representation of the artefacts used by each of its 5 components: source code importer, mining preprocessor, pattern miner, patt...
Conference Paper
Full-text available
Discovering regularities in source code is of great interest to software engineers, both in academia and in industry, as regularities can provide useful information to help in a variety of tasks such as code comprehension, code refactoring, and fault localisation. However, traditional pattern mining algorithms often find too many patterns of little...
Conference Paper
Full-text available
Code smells can compromise software quality in the long term by inducing technical debt. For this reason, many approaches aimed at identifying these design flaws have been proposed in the last decade. Most of them are based on heuristics in which a set of metrics (e.g., code metrics, process metrics) is used to detect smelly code components. Howeve...
Article
When developing new software, third-party libraries are commonly used to reduce implementation efforts. However, even these libraries undergo evolution activities to offer new functionalities and fix bugs or security issues. The research community has mainly investigated third-party libraries in the context of desktop applications, while only littl...
Conference Paper
Full-text available
Test smells are indications of poorly designed unit tests. Previous studies have demonstrated their negative impact on test understanding and maintenance. Moreover, surveys show that developers are not able to identify test smells, hindering optimal software quality. Automated tools can aid developers to handle these issues and detect test smells i...
Article
Full-text available
Software testing represents a key software engineering practice to ensure source code quality and reliability. To support developers in this activity and reduce testing effort, several automated unit test generation tools have been proposed. Most of these approaches have the main goal of covering as more branches as possible. While these approaches...
Conference Paper
Full-text available
Code smells represent poor implementation choices performed by developers when enhancing source code. Their negative impact on source code maintainability and comprehen-sibility has been widely shown in the past and several techniques to automatically detect them have been devised. Most of these techniques are based on heuristics, namely they compu...
Conference Paper
Full-text available
Test smells are, analogously to code smells, defined as the characteristics exhibited by poorly designed unit tests. Their negative impact on test effectiveness, understanding, and maintenance has been demonstrated by several empirical studies. However, the scope of these studies has been limited mostly to JAVA in combination with the JUNIT testin...
Conference Paper
Full-text available
Bug Prediction is an activity aimed at identifying defect-prone source code entities that allows developers to focus testing efforts on specific areas of software systems. Recently, the research community proposed Just-in-Time (JIT) Bug Prediction with the goal of detecting bugs at commit-level. While this topic has been extensively investigated in...
Conference Paper
Full-text available
To use a framework, developers often need to hook into and customise some of its functionality. For example, a common way of customising a framework is to subclass a framework type and to override some of its methods. Recently, Asaduzzaman et al. defined these customisations as extension points and proposed a new approach to mine large amounts of J...
Chapter
Full-text available
DevOps predicates the continuity between Development and Operations teams at an unprecedented scale. Also, the continuity does not stop at tools, or processes but goes beyond into organizational practices, collaboration, co-located and coordinated effort. We conjecture that this unprecedented scale of continuity requires predictive analytics which...
Article
Full-text available
Context. The demand for green software design is steadily growing higher especially in the context of mobile devices, where the computation is often limited by battery life. Previous studies found how wrong programming solutions have a strong impact on the energy consumption. Objective. Despite the efforts spent so far, only a little knowledge on t...
Conference Paper
Full-text available
Automatically generating test cases plays an important role to reduce the time spent by developers during the testing phase. In last years, several approaches have been proposed to tackle such a problem: amongst others, search-based techniques have been shown to be particularly promising. In this paper we describe Ocelot, a search-based tool for th...
Article
Full-text available
Regression testing is performed during maintenance activities to assess whether the unchanged parts of a software behave as intended. To reduce its cost, test case prioritization techniques can be used to schedule the execution of the available test cases to increase their ability to reveal regression faults earlier. Optimal test ordering can be de...
Conference Paper
Full-text available
Obtaining a good dataset to conduct empirical studies on the engineering of Android apps is an open challenge. To start tackling this challenge, we present AndroidTimeMachine, the first, self-contained, publicly available dataset weaving spread-out data sources about real-world, open-source Android apps. Encoded as a graph-based database, AndroidTi...
Conference Paper
Full-text available
To gain a deeper empirical understanding of how developers work on Android apps, we investigate self-reported activities of Android developers and to what extent these activities can be classified with machine learning techniques. To this aim, we firstly create a taxonomy of self-reported activities coming from the manual analysis of 5,000 commit m...
Conference Paper
Full-text available
One of the most common strategies to develop new software is to take advantage of existing source code, which is available in com- prehensive packages called third-party libraries. As for all software systems, even these libraries change to offer new functionalities and fix bugs or security issues. The way the changes are propagated has been studie...
Conference Paper
Full-text available
Bug prediction models are used to locate source code elements more likely to be defective. One of the key factors influencing their performances is related to the selection of a machine learning method (a.k.a., classifier) to use when discriminating buggy and non-buggy classes. Given the high complementarity of stand-alone classifiers, a recent tre...
Conference Paper
Full-text available
The use of machine learning techniques able to classify source code components in defective or not received a lot of attention by the research community in the last decades. Previous studies indicated that no machine learning classifier is capable of providing the best accuracy in any context, highlighting interesting complementarity among them. Fo...
Conference Paper
Full-text available
Code smells are symptoms of poor design and implementation choices weighing heavily on the quality of produced source code. During the last decades several code smell detection tools have been proposed. However, the literature shows that the results of these tools can be subjective and are intrinsically tied to the nature and approach of the detect...
Thesis
Full-text available
Software testing is widely recognized as an essential part of any software development process, representing however an extremely expensive activity. The overall cost of testing has been estimated at being at least half of the entire development cost, if not more. Despite its importance, however, recent studies showed that developers rarely test th...
Conference Paper
Full-text available
DevOps predicates the continuity between Development and Operations teams at an unprecedented scale. Also, the continuity does not stop at tools, or processes but goes beyond into organisational practices , collaboration, co-located and coordinated effort. We conjecture that this unprecedented scale of continuity requires predictive analytics which...
Article
Full-text available
In the last decades, the research community has devoted a lot of effort in the definition of approaches able to predict the defect proneness of source code files. Such approaches exploit several predictors (e.g., product or process metrics) and use machine learning classifiers to predict classes into buggy or not buggy, or provide the likelihood th...
Conference Paper
Full-text available
Energy efficiency is a vital characteristic of any mobile application, and indeed is becoming an important factor for user satisfaction. For this reason, in recent years several approaches and tools for measuring the energy consumption of mobile devices have been proposed. Hardware-based solutions are highly precise, but at the same time they requi...
Conference Paper
Full-text available
Modeling the power profile of mobile applications is a crucial activity to identify the causes behind energy leaks. To this aim, researchers have proposed hardware-based tools as well as model-based and software-based techniques to approximate the actual energy profile. However, all these solutions present their own advantages and disadvantages. Ha...
Conference Paper
Full-text available
Code smells are symptoms of poor design solutions applied by programmers during the development of software systems. While the research community devoted a lot of effort to studying and devising approaches for detecting the traditional code smells defined by Fowler, little knowledge and support is available for an emerging category of Mobile app co...
Article
Full-text available
Several techniques have been proposed to accurately predict software defects. These techniques generally exploit characteristics of the code artefacts (e.g., size, complexity, etc.) and/or of the process adopted during their development and maintenance (e.g., the number of developers working on a component) to spot out components likely containing...
Conference Paper
Full-text available
In the context of testing of Object-Oriented (OO) software systems, researchers have recently proposed search based approaches to automatically generate whole test suites by considering simultaneously all targets (e.g., branches) defined by the coverage criterion (multi-target approach). The goal of whole suite approaches is to overcome the problem...
Conference Paper
Full-text available
The role of software testing in the software development process is widely recognized as a key activity for successful projects. This is the reason why in the last decade several automatic unit test generation tools have been proposed, focusing particularly on high code coverage. Despite the effort spent by the research community, there is still a...
Conference Paper
Full-text available
Test case prioritization (TCP) is aimed at finding an ideal ordering for executing the available test cases to reveal faults earlier. To solve this problem greedy algorithms and meta-heuristics have been widely investigated, but in most cases there is no statistically significant difference between them in terms of effectiveness. The fitness functi...
Conference Paper
Full-text available
The importance of human-related factors in the introduction of bugs has recently been the subject of a number of empirical studies. However, such factors have not been captured yet in bug prediction models which simply exploit product metrics or process metrics based on the number and type of changes or on the number of developers working on a soft...
Article
Full-text available
ICSE 2015 has been my first conference and in my opinion it has been amazing! My agenda in the period 16 th-22 th of May has been full of very interesting talks and keynotes. For my PhD studies, I am working on Search Based Software Testing and Mining Software Repositories. Thus, the formula MSR + SBST + ICSE was perfect for quickly approaching pro...
Poster
Full-text available
Code smells are symptoms of poor design and implementation choices that may hinder code comprehension and possibly increase change-and fault-proneness of source code. Several techniques have been proposed in the literature for detecting code smells. These techniques are generally evaluated by comparing their accuracy on a set of detected candidate...
Conference Paper
Full-text available
Code smells are symptoms of poor design and implementation choices that may hinder code comprehension and possibly increase change-and fault-proneness of source code. Several techniques have been proposed in the literature for detecting code smells. These techniques are generally evaluated by comparing their accuracy on a set of detected candidate...

Network

Cited By

Projects

Projects (4)
Project
The RADON project team will work on proposing a DevOps framework for creating and managing microservices-based applications that can optimally exploit serverless computing technologies. This framework will be “crash-tested” in the development of 3 different applications, which will include fine-grained and independently deployable microservices that can efficiently exploit FaaS and container technologies. The end goal is to broaden the adoption of serverless computing technologies within the European software industry. The methodology will strive to tackle complexity, harmonize the abstraction and actuation of action-trigger rules, avoid FaaS lock-in, and optimize decomposition and reuse through model-based FaaS-enabled development and orchestration.
Archived project
Software testing is essential for any software development process, representing an extremely expensive activity. Despite its importance recent studies showed that developers rarely test their application and most programming sessions end without any test execution. Indeed, new methods and tools able to better allocating the developers effort are needed to increment the system reliability and to reduce the testing costs. In this project we focus on three activities able to optimize testing activities, specifically, bug prediction, test case prioritization, and energy leaks detection. Indeed, despite the effort devoted in the last decades by the research community led to interesting results, we highlight some aspects that might be improved and propose empirical investigations and novel approaches. Finally, we provide a set of open issues that should be addressed by the research community in the future.
Project
Software ecosystems are the most promising avenue for organzing the software needs of the digital era. Jointly funded by F.R.S.-FNRS and FWO-Vlaanderen, the Excellence of Science Project SECO-ASSIST aims to realize a scientific breakthrough to nurture the ecosystems of the future, by providing novel software recommendation techniques that address the resilience, evolvability, heterogeneity, and social interaction. To achieve this the project partners will combine their expertise in social networks (UMONS), software testing (UAntwerpen), software reuse (VUB), and database evolution (UNamur).