Giuseppe ScannielloUniversità degli Studi di Salerno | UNISA · Department of Computer Science DI
Giuseppe Scanniello
Computer Science
About
263
Publications
50,146
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
3,274
Citations
Introduction
Additional affiliations
May 2015 - present
July 2006 - May 2015
January 2002 - December 2006
Publications
Publications (263)
As our lives, our businesses, and indeed our world economy become increasingly reliant on the secure operation of many interconnected software systems, the software engineering research community is faced with unprecedented research challenges, but also with exciting new opportunities. In this roadmap paper, we outline our vision of Software Securi...
We conducted a preliminary qualitative investigation into the Bachelor’s students’ perception of the usefulness of a Static Analysis Tool (i.e., SonarCloud) in assessing software security. The results revealed that the students considered SonarCloud user-friendly, simple to set up, and easy to learn. Additionally, the students recognized an improve...
In a previous publication, we presented the results of an assessment aimed at understanding whether bachelor students in Computer Science (CS) enrolled in a Software Technologies for the Web (STW) course were equipped to manage security concerns in the development of (e-commerce) web apps. The gathered evidence highlighted that students enrolled in...
This paper presents a Rapid Review (RR) conducted to identify and characterize existing approaches and methods that discover, fix, and manage vulnerabilities in Embedded, Cyber-Physical, and Internet-of-Things systems and software (ESs hereafter). In the last years, a growing interest concerned the adoption of ESs in different domains (e.g., automo...
A deprecated Application Programming Interface (API) is one that is no longer recommended to use by its original developers. While deprecated APIs (i.e., deprecated fields, methods, and classes) are still implemented, they can be removed in future implementations. Therefore, developers should not use deprecated APIs in newly written code and should...
We present the results of a prospective observational study aimed to understand whether there is a relationship between personality traits (i.e., agreeableness, conscientiousness, extroversion, neuroticism, and openness) and the performance of undergraduates in Computer Science while accomplishing bug fixing. We involved 62 undergraduates, who took...
Background: Software vulnerabilities are flaws in application source code that can be exploited to cause harm, hence companies must devise strategies to manage them.Aim: We want to understand how software vulnerabilities are managed in a big IT (Information Technology) service and consulting company like NTT Data.Method: We conducted a focus group...
We conducted a large-scale fine-grained empirical study in which we quantitatively analyzed the commit histories of 200 Open-Source (OS) Python software systems, whose software repositories were publicly available on GitHub, for a total of 164,980 commits analyzed. We focused on commits—this is why our study is considered fine-grained—to investigat...
Web apps are built by using a combination of HTML, CSS, and JavaScript. While building modern web apps, it is common practice to make use of third-party libraries and frameworks, as to improve developers' productivity and code quality. Alongside these benefits, the adoption of such libraries results in the introduction of JavaScript dead code, i.e....
Web apps are built by using a combination of HTML, CSS, and JavaScript. While building modern web apps, it is common practice to make use of third-party libraries and frameworks, as to improve developers' productivity and code quality. Alongside these benefits, the adoption of such libraries results in the introduction of
JavaScript dead code
, i...
Background. Dead code is a code smell. It can refer to code blocks, fields, methods, etc. that are unused and/or unreachable—e.g., if a method is unused and/or unreachable, it is a dead method. Past research has shown that the presence of dead code in source code harms its comprehensibility and maintainability. Nevertheless, there is still little e...
Regression testing ensures a System Under Test (SUT) still works as expected after changes to it. The simplest approach for regression testing consists of re-running the entire test suite against the changed version of the SUT. However, this might result in a time- and resource-consuming process; \eg when dealing with large and/or complex SUTs and...
Regression testing is a practice that ensures a System Under Test (SUT) still works as expected after changes have been implemented. The simplest approach for regression testing is Retest-all, which consists of re-executing the entire Test Suite (TS) on the changed version of the SUT. Retest-all could be expensive in case a SUT and its TS grow in s...
The research on the claimed effects of Test-Driven Development (TDD) on software quality and developers’ productivity has shown inconclusive results. Some researchers have ascribed such results to the negative affective reactions that TDD would provoke when developers apply it. In this paper, we studied whether and in which phases TDD influences th...
In our past research, we presented an approach to migrate apps implemented by cross-platform technology (i.e., Ionic-Cordova-Angular) toward a native platform (i.e., Android). We also conducted a study to assess if there was a difference in the user experience and in the affective reactions of end-users when they use the original version of an app...
Researcher bias occurs when researchers influence the results of an empirical study based on their expectations, either consciously or unconsciously. Researcher bias might be due to the use of Questionable Research Practices (QRPs). In research fields like medicine, blinding techniques have been applied to counteract researcher bias. In this paper,...
In this paper, we investigate the effect of TDD, as compared to a non-TDD approach, as well as its retainment (or retention) over a time span of (about) six months. To pursue these objectives, we conducted a (quantitative) longitudinal cohort study with 30 novice developers (i.e., third-year undergraduate students in Computer Science). We observed...
Context
Test-driven development (TDD) is an agile software development approach that has been widely claimed to improve software quality. However, the extent to which TDD improves quality appears to be largely dependent upon the characteristics of the study in which it is evaluated (e.g., the research method, participant type, programming environme...
In this paper, we conduct an empirical study aiming at investigating how personality traits can affect the productivity of software
developers in the context of the distributed development of multi-platform apps within a software project stored in GitHub. Participants
were 31 master’s students in Computer Science grouped in 13 teams. Data were gath...
Context: In empirical software engineering, crossover designs are popular for experiments comparing software engineering techniques that must be undertaken by human participants. However, their value depends on the correlation (r) between the outcome measures on the same participants. Software engineering theory emphasizes the importance of individ...
In this paper, we investigate the effect of TDD, as compared to a non-TDD approach, as well as its retainment (or retention) over a time span of (about) six months. To pursue these objectives, we conducted a (quantitative) longitudinal cohort study with 30 novice developers (i.e., third-year undergraduate students in Computer Science). We observed...
GitHub currently hosts more than 100 million public
repositories. This has made it very popular to conduct Mining
Software Repositories (MSR) studies. Researchers have been
exploiting the information stored in GitHub (e.g., commits, pull
requests, or issues) to investigate both developer- and projectrelated
aspects. GitHub provides the REST API to...
In our past research, we presented an approach to migrate apps implemented by a cross-platform technology (i.e., Ionic-Cordova-Angular) toward a native platform (i.e., Android). We also conducted a study to assess if there was a difference in the user experience and in the affective reactions of end-users when they used the original version of an a...
Developers collaborating with collective efforts in large-scale distributed software typically have different personalities that might play a central role in software development and in team climate. In this paper, we have investigated if personality traits are related to the perceived team climate of software developers (Computer Science master st...
GitHub currently hosts more than 100 million public repositories. This has made it very popular to conduct Mining Software Repositories (MSR) studies. Researchers have been exploiting the information stored in GitHub (e.g., commits, pull requests, or issues) to investigate both developer-and project-related aspects. GitHub provides the REST API to...
Context: Test-driven development (TDD) is an agile software development approach that has been widely claimed to improve software quality. However, the extent to which TDD improves quality appears to be largely dependent upon the characteristics of the study in which it is evaluated (e.g., the research method, participant type, programming environm...
Researchers have shown a growing interest in the affective states (i.e., emotions and moods) of developers while performing software engineering tasks. We investigate the association between developers’ sentiment polarity—i.e., negativity and positivity—and bug introduction. To pursue our research objective, we executed a case-control study in the...
Context: Several studies investigated the impact of anti-patterns (i.e., "poor" solutions to recurring design problems) during maintenance activities and reported that anti-patterns significantly affect the developers' effort required to edit files. However, before developers edit files, they must understand the source code of the systems. This sou...
Researcher Bias (RB) occurs when researchers influence the results of an empirical study based on their expectations.RB might be due to the use of Questionable Research Practices(QRPs). In research fields like medicine, blinding techniques have been applied to counteract RB. We conducted an explorative qualitative survey to investigate RB in Softwa...
Knowledge transfer is one of the main goals of modern code review, as shown by several studies that surveyed and interviewed developers. While knowledge transfer is a clear expectation of the code review process, there are no analytical studies using data mined from software repositories to assess the effectiveness of code review in "training" deve...
Test-Driven Development (TDD) is an incremental approach to software development. Despite it is claimed to improve both quality of software and developers’ productivity, the research on the claimed effects of TDD has so far shown inconclusive results. Some researchers have ascribed these inconclusive results to the negative affective states that TD...
Test-driven Development (TDD) is an incremental approach to software development. Despite it is claimed to improve both quality of software and developers' productivity, the research on the claimed effects of TDD has so far shown inconclusive results. Some researchers have ascribed these inconclusive results to the negative affective states that TD...
Context
Several studies investigated the impact of anti-patterns (i.e., “poor” solutions to recurring design problems) during maintenance activities and reported that anti-patterns significantly affect the developers’ effort required to edit files. However, before developers edit files, they must understand the source code of the systems. This sour...
Software visualization is a program comprehension technique used in the context of software maintenance, reverse engineering, and software evolution analysis. In the last decade, researchers have been exploring 3D representations for visualizing programs. Among these representations, one of the most popular is the city metaphor, which represents a...
We study whether and in which phase Test-Driven Development (TDD) influences affective states of novice developers in terms of pleasure, arousal, dominance, and liking. We performed a controlled experiment with 29 novice developers. Developers in the treatment group performed a development task using TDD, whereas those in the control group used a n...
In this paper, we present the results of a controlled experiment aimed to investigate whether there is a difference when comprehending apps implemented with either cross-platform (Ionic-Cordova-Angular) and native (Android) technologies. We divided participants into two groups. The participants in each group were asked to comprehend the source code...
We present an approach to migrate cross-platform apps toward a native platform (i.e., Android). The approach is tailored to Ionic, i.e., an open-source framework providing a mobile UI (User Interface) toolkit for developing high-quality cross-platform apps. The validity of our approach has been validated on an open-source app developed by means of...
Context: Regression testing is an important activity that allows ensuring the correct behavior of a system after changes. As the system grows, the time and resources to perform regression testing increase. Test Suite Reduction (TSR) approaches aim to speed up regression testing by removing obsolete or redundant test cases. These approaches can be c...
When committing source code in a Version Control System (VCS) as a consequence of a bug fixing task, a good practice should consist in writing a message that shortly explains how the bug has been fixed. In this paper, we empirically assess a heuristic based on the presence of keywords in developers' commit messages, while uploading their changes to...
We study whether and in which phase Test-Driven Development (TDD) influences affective states of novice developers in terms of pleasure, arousal, dominance, and liking. We performed a controlled experiment with 29 novice developers. Developers in the treatment group performed a development task using TDD, whereas those in the control group used a n...
Background: Researchers have been exploring 3D representations for visualizing software. Among these representations, one of the most popular is the city metaphor, which represents a target object-oriented system as a virtual city. Recently, this metaphor has been also implemented in interactive software visualization tools that use virtual reality...
Background: Noise, defined as an unwanted sound, is one of the commonest factors that could affect people's performance in their daily work activities. The software engineering research community has marginally investigated the effects of noise on software engineers' performance.
Aims: We studied if noise affects software engineers' performance in:...
Background: Test-Driven Development (TDD) is an agile software development practice, which is claimed to boost both external quality of software products and developers' productivity.
Aims: We want to study: (i) the TDD effects on the external quality of software products as well as the developers' productivity; and (ii) the retainment of TDD over...
Background. Regression testing is conducted after changes are made to a system in order to ensure that these changes did not alter its expected behavior. The problem with regression testing is that it can require too much time and/or too many resources. This is why researchers have defined a number of regression testing approaches. Among these, Tes...
In this paper, we present the results of long-term research conducted in order to study the contribution made by software models based on the Unified Modeling Language (UML) to the comprehensibility of Java source-code deprived of comments. We have conducted 12 controlled experiments in different experimental contexts and on different sites with pa...
In this paper, we describe our experience with the design of an augmented reality dressing room in which 3D models of a dress are overlaid with a color image from a camera to provide the function of a sort of virtual mirror. In such a way, the customer can move around to understand if a dress suits and fits them well. The project is implemented in...
Concern localization refers to the process of locating code units that match a particular textual description. It takes as input textual documents such as bug reports and feature requests and outputs a list of candidate code units that are relevant to the bug reports or feature requests. Many information retrieval (IR) based concern localization te...
Background: Noise, defined as an unwanted sound, is one of the commonest factors that could affect people's performance in their daily work activities. The software engineering research community has marginally investigated the effects of noise on software engineers' performance. Aims: We studied if noise affects software engineers' performance in...
Background: Test-Driven Development (TDD) is an agile software development practice, which is claimed to boost both external quality of software products and developers' productivity. Aims: We want to study (i) the TDD effects on the external quality of software products as well as the developers' productivity, and (ii) the retainment of TDD over a...
In this paper, we present the results of a manual assessment on the coherence between the comments and the implementation of 3636 methods in three open source software applications (for one of these applications, we considered two different subsequent versions) implemented in Java. The results of this assessment have been collected in a dataset we...
Dead code is a bad smell and it appears to be widespread in open-source and commercial software systems. Surprisingly, dead code has received very little empirical attention from the software engineering research community. In this paper, we present a multi-study investigation with an overarching goal to study, from the perspective of researchers a...
We conducted a controlled experiment with 55 final-year undergraduate students in Computer Science. We asked them to comprehend functional requirements exposing them or not to noise. We did not observe any effect of noise on requirements comprehension.
Test Suite Reduction (TSR) approaches speed up regression testing by removing redundant test cases. TSR approaches can be classified as adequate or inadequate. Adequate approaches reduce test suites so that they completely preserve the test requirements (e.g., statement coverage) of the original test suites. Inadequate approaches produce reduced te...
We present a quasiexperiment to investigate whether, and to what extent, sleep deprivation impacts performance of novice developers using the agile practice of test-first development (TFD). We recruited 45 undergraduates, and asked them to tackle a programming task. Among participants, 23 agreed to stay awake the night before carrying out the task,...
We present a quasi-experiment to investigate whether, and to what extent, sleep deprivation impacts the performance of novice software developers using the agile practice of test-first development (TFD). We recruited 45 undergraduates and asked them to tackle a programming task. Among the participants, 23 agreed to stay awake the night before carry...
Context:Regression Test case Selection (RTS) approaches aim at selecting only those test cases of a test suite that exercise changed parts of the System Under Test (SUT) or parts affected by changes.
Objective:We present SPIRITuS (SimPle Information Retrieval regressIon Test Selection approach). It uses method code coverage information and a Vector...
Regression testing is an important activity that can
be expensive (e.g., for large test suites). Test suite reduction
approaches speed up regression testing by removing redundant
test cases. These approaches can be classified as adequate or
inadequate. Adequate approaches reduce test suites so that they
completely preserve the test requirements (e....
Test suites tend to become large and complex after software evolution iterations, thus increasing effort and cost to execute regression testing. In this context, test suite reduction approaches could be applied to identify subsets of original test suites that preserve the capability of satisfying testing requirements and revealing faults. In this p...
We carried out a family of controlled experiments to investigate whether the use of abbreviated identifier names, with respect to full-word identifier names, affects fault fixing in C and Java source code. This family consists of an original (or baseline) controlled experiment and three replications. We involved 100 participants with different back...