W.K. Chan

• National Chung Cheng University

Sharpening deep learning models by training them with examples close to the decision boundary is a well-known best practice. Nonetheless, these models are still error-prone in producing predictions. In practice, the inference of the deep learning models in many application systems is guarded by a rejector, such as a confidence-based rejector, to fi...

Patch robustness certification ensures no patch within a given bound on a sample can manipulate a deep learning model to predict a different label. However, existing techniques cannot certify samples that cannot meet their strict bars at the classifier or patch region levels. This paper proposes MajorCert. MajorCert firstly finds all possible label...

Atomicity is a desirable property for multithreaded programs. In such programs, a transaction is an execution of an atomic code region that may contain memory accesses on an arbitrary number of shared variables. When transactions are not conflicting with one another in a trace, they greatly simplify the reasoning of the program correctness. If a tr...

Spark programs typically codify to reuse some of their generated datasets, called partition instances, to make their subsequent computations complete in a reasonable time. At runtime, however, the underlying Spark platform may independently delete such instances or accidentally cause these instances inaccessible to the program executions. Those ins...

Ethereum is a kind of blockchain platform where developers may develop and run programs called smart contracts. It inherently relies on gas consumption within a specified allowance to constrain code execution, making every instruction along an execution path to be a location for raising an exception. In this paper, we present GasFuzzer, the first w...

Service oriented architecture (SOA) provides a flexible platform to build collaborative Internet applications by composing existing self-contained and autonomous services. However, the implicit interactions among the concurrently provisioned services may introduce interference to Internet applications and cause them behave abnormally. It is thus de...

Decentralized cryptocurrencies feature the use of blockchain technology to transfer value among peers on the network without central agency. Smart contracts are programs running on top of the blockchain consensus protocol to enable people make agreement via blockchain while minimizing trust. While millions of smart contracts exists to help build de...

Dynamic hybrid data race detectors alleviate the detection imprecision problem incurred by pure lockset-based race detectors and the thread interleaving sensitive problem incurred by pure happens-before race detectors. Nonetheless, to ensure at least one data race on every memory location to be detected, keeping all historical memory access events...

Being able to predict software quality is essential, but also it pose significant challenges in software engineering. Historical software project datasets are often being utilized together with various machine learning algorithms for fault-proneness classification. Unfortunately, the missing values in datasets have negative impacts on the estimatio...

The effectiveness of spectrum-based fault localization techniques primarily relies on the accuracy of their fault localization formulas. Theoretical studies prove the relative accuracy orders of selected formulas under certain assumptions, forming a graph of their theoretical accuracy relations. However, it is unclear whether in such a graph the re...

Fault localization is the activity to locate faults in programs. Spectrum-based fault localization (SBFL) is a class of techniques for it. It contrasts the code coverage achieved by passed runs and that by failed runs, and estimates program entities responsible for the latter. Although previous work has empirically shown that the effectiveness of t...

Complete dynamic control flow is a fundamental kind of execution profile about program executions with a wide range of applications. Tracing the dynamic control flow of program executions for a brief period easily generates a trace consisting of billions of control flow events. The number of events in such a trace is large, making both path tracing...

State-of-the-art hybrid data race detectors combine the happens-before relation and the locking discipline to alleviate the imprecision problem incurred by lockset-based detector and the thread interleaving problem incurred by happens-before detectors. However, they incur high runtime overheads. In this paper, we present HistLock, a novel and sound...

In engineering a service, software developers often construct and deploy a newer (forthcoming) version of the service to replace the current version. A forthcoming version is often placed online for users to consume and report feedback. In the case of observed failures, the forthcoming version should be debugged and further evolved. In this paper,...

A concrete service consists of a number of program components, each of which is integrated to the service at either design time or runtime. In testing a concrete service, testers should validate the correctness of each of its components under diverse service consumption scenarios. Analyzing the program executions of these components under different...

When figuring out the expected output for each test case is difficult, metamorphic testing can be applied to alleviate such situations. An involved key challenge is to derive metamorphic relations for the program under test. This paper proposes a datamutation directed metamorphic relation acquisition methodology called μMT. Experimental results on...

Test case prioritization assigns the execution priorities of the test cases in a given test suite. Many existing test case prioritization techniques assume the full-fledged availability of code coverage data, fault history, or test specification, which are seldom well-maintained in real-world software development projects. This paper proposes a nov...

Dynamic concurrency bug detectors predict and then examine suspicious instances of atomicity violations from executions of multithreaded programs. Only few predicted instances are real bugs. Prioritizing such instances can make the examinations cost-effective, but is there any design factor exhibiting significant influence? This work presents the f...

Many multithreaded programs incur concurrency bugs. A modified version of such a program, which the exposed concurrency bug is deemed fixed, should be subject to further testing to validate whether the concurrency bug may only be partially fixed. In this paper, we present a similarity-based regression testing methodology to address this problem. It...

Many predictive deadlock detection techniques analyze multithreaded programs to suggest potential deadlocks (referred to as cycles or deadlock warnings). Nonetheless, many of such cycles are false positives. On checking these cycles, existing dynamic deadlock confirmation techniques may frequently encounter thrashing or result in a low confirmation...

We present Magiclock, a novel potential deadlock detection technique by analyzing execution traces (containing no deadlock occurrence) of large-scale multithreaded programs. Magiclock iteratively eliminates removable lock dependencies before potential deadlock localization. It divides lock dependencies into thread specific partitions, consolidates...

Location-based services (LBS) are widely deployed. When the implementation of an LBS-enabled service has evolved, regression testing can be employed to assure the previously established behaviors not having been adversely affected. Proper test case prioritization helps reveal service anomalies efficiently so that fixes can be scheduled earlier to m...

Many happened-before-based detectors for debugging multithreaded programs implement vector clocks to incrementally track the casual relations among synchronization events produced by concurrent threads and generate trace logs. They update the vector clocks via vector-based comparison and content assignment in every case. We observe that many such t...

This paper presents the aim of TeamWork, our ongoing effort to develop a comprehensive dynamic deadlock confirmation tool for multithreaded programs. It also presents a refined object abstraction algorithm that refines the existing stack hash abstraction.

Many researchers employ various statistical methods to locate faults in faulty programs. Like other researchers, we sometimes have made mistakes in the quest of making statistical fault localization both practical and scientific. In this experience report, we reflect on our work conducted on this topic, organize our isolated experiences in the form...

Test case prioritization assigns the execution priorities of the test cases in a given test suite with the aim of achieving certain goals. Many existing test case prioritization techniques however assume the full-fledged availability of code coverage data, fault history, or test specification, which are seldom well-maintained in many software devel...

Many real-world multithreaded programs contain deadlock bugs. These bugs should be detected and corrected. Many existing detection strategies are not consistently scalable to handle large-scale applications. Many existing dynamic confirmation strategies may not reveal detectable deadlocks with high probability. And many existing runtime deadlock-to...

Dynamically detecting data races in multithreaded programs incurs significant slowdown and memory overheads. Many existing techniques have been put forward to improve the performance slowdown through different dimensions such as sampling, detection precision, and data structures to track the happened-before relations among events in execution trace...

Many web services represent their artifacts in the semi-structural format. Such artifacts may or may not be structurally complex. Many existing test case prioritization techniques however treat test cases of different complexity generically. In this paper, we exploit the insights on the structural similarity of XML-based artifacts between test case...

Different compiler optimization options may produce different versions of object code. To the best of our knowledge, existing studies on concurrency bug detection in the public literature have not reported the effects of different compiler optimization options on detection effectiveness. This paper reports a preliminary but the first study in the e...

This paper presents the aim of TeamWork, our ongoing effort to develop a comprehensive dynamic deadlock confirmation tool for multithreaded programs. It also presents a refined object abstraction algorithm that refines the existing stack hash abstraction.

Many web services not only communicate through XML-based messages, but also may dynamically modify their behaviors by applying different interpretations on XML messages through updating the associated XML Schemas or XML-based interface specifications. Such artifacts are usually complex, allowing XML-based messages conforming to these specifications...

A class of research, which explores energy saving via the accuracy-performance tradeoff ability of applications with soft outputs, is emerging. Many such applications implement various notions of precision improvement in their iterative computations and output approximated results. Computing more precisely often requires greater computational effor...

Existing specification-based testing techniques often generate comprehensive test suites to cover diverse combinations of test-relevant aspects. Such a test suite can be prohibitively expensive to execute exhaustively because of its large size. A pragmatic strategy often adopted in practice, called test-once strategy, is to identify certain particu...

We present MagicFuzzer, a novel dynamic deadlock detection technique. Unlike existing techniques to locate potential deadlock cycles from an execution, it iteratively prunes lock dependencies that each has no incoming or outgoing edge. Combining with a novel thread-specific strategy, it dramatically shrinks the size of lock dependency set for cycle...

ContextPractitioners may use design patterns to organize program code. Various empirical studies have investigated the effects of pattern deployment and work experience on the effectiveness and efficiency of program maintenance. However, results from these studies are not all consistent. Moreover, these studies have not considered some interesting...

Variation is inherent to a process, and process management demands understanding the nature of variation in quantitative terms, for evaluation and prediction purposes. This understanding requires the identification of process indicators that build the ...

Many happens-before based techniques for multithreaded programs implement vector clocks to track incrementally the causal relations among the synchronization operations acting on threads and locks. In these detectors, every such operation results in a vector-based assignment to a vector clock, even though the assigned value is the same as the value...

In service-oriented computing, a recommender system can be wrapped as a web service with machine-readable interface. However, owing to the cross-organizational privacy issue, the internal dataset of an organization is seldom exposed to external services. In this paper, we propose a higher level recommender strategy INSERT that guides the underlying...

Mobile applications are becoming more and more popular with the prevalence of mobile operating system and mobile Internet. However, the bugs in the mobile application not only results from buggy code but also from unreliable context providers. In this paper, we proposed a statistical fault localization framework targeting at the bugs in the mobile...

Services discovery, selection, composition, verification, and adaptation are important in service-oriented computing. Existing researches often study techniques to maximize the benefits of individual services. However, following the power laws, a small fraction of quality services offers their executions to support a significant portion of all serv...

Location based services personalize their behaviors based on location data. When data kept by a service have evolved or the code has been modified, regression testing can be employed to assure the quality of services. Frequent data update however may lead to frequent regression testing and any faulty implementation of a service may affect many serv...

Testing and debugging account for at least 30% of the project effort. Scientific advancements in individual activities or their integration may bring significant impacts to the practice of software development. Fault localization is the foremost debugging sub-activity. Any effective integration between testing and debugging should address how well...

Pervasive computing environments typically change frequently in terms of available resources and their properties. Applications in pervasive computing use contexts to capture these changes and adapt their behaviors accordingly. However, contexts available to these applications may be abnormal or imprecise due to environmental noises. This may resul...

What is a cloud application precisely? In this paper, we formulate a computing cloud as a kind of graph, a computing resource such as services or intellectual property access rights as an attribute of a graph node, and the use of a resource as a predicate on an edge of the graph. We also propose to model cloud computation semantically as a set of p...

Testing the correctness of service integration is a step toward assurance of the quality of applications. These applications however may bind dynamically to their supportive services using the SOA pattern that share the same service interface, yet the latter services may behave differently. In addition, a service may implement a business strategy,...

Context-aware applications capture environmental changes as contexts and self-adapt their behaviors dynamically. Existing testing researches have not explored context evolutions or their patterns inherent to individual test cases when constructing test suites. We propose the notation of context diversity as a metric to measure how many changes in c...

Abstract—Cloud ,computing ,is an ,emerging ,computing paradigm. It aims to share data, calculations, and services transparently among ,users of a massive ,grid. Although the industry has started selling cloud-computing products, the software engineering infrastructure and application model are still unclear. In this paper, we compare cloud computin...

Testing the correctness of services assures the functional quality of service-oriented applications. A service-oriented application may bind dynamically to its supportive services. For the same service interface, the supportive services may behave differently. A service may also need to realize a business strategy, like best pricing, relative to th...

Testing the correctness of services assures the functional quality of service-oriented applications. A service-oriented application may bind dynamically to its supportive services. For the same service interface, the supportive services may behave differently. A service may also need to realize a business strategy, like best pricing, relative to th...

Context-awareness allows pervasive applications to adapt to changeable computing environments. Contexts, the pieces of information that capture the characteristics of environments, are often error-prone and inconsistent due to noises. Various strategies have been proposed to enable automatic context inconsistency resolution. They are formulated on...

Atomicity is a desirable property that safeguards a pplication con- sistency for service compositions. A service compos ition exhibit- ing this property could either complete or cancel i tself without any side effects. It is possible to achieve this pr operty for a service composition by selecting suitable web services to f orm an atomic- ity spher...

One claimed benefit of deploying design patterns is facilitating maintainers to perform anticipated changes. However, it is not at all obvious that the relevant design patterns deployed in software will invariably be utilized for the changes. Moreover, we observe that many well-known design patterns consist of three types of programming elements (c...

The processes enacting cross-organizational collaboration continually evolve to adapt to changing business environments. These processes may evolve at any time during collaboration when collaborative organizations should respond timely to critical environment changes. Atomicity is an important requirement for maintaining application consistency. Th...

Ubiquitous systems adaptive to their dynamic environments find their roles useful in many modern applications. Their adaptability, however, can be badly impaired if the environments are incorrectly perceived. Our earlier work has proposed a technique to evaluate the constraints that govern the consistency of perceived environmental information. Thi...

Testing the correctness of services assures the functional quality of service-oriented applications. A service-oriented application may bind dynamically to its supportive services. For the same service interface, the supportive services may behave differently. A service may also need to realize a business strategy, like best pricing, relative to th...

Adaptive random testing (ART) is an enhancement of ran- dom testing (RT). It can detect failures more effectively than RT when failure-causing inputs are clustered. Having test cases both randomly selected and evenly spread is the key to the success of ART. Recently, it has been found that the di- mensionality of the input domain could have an impa...

Atomicity is a desirable property for business processes to conduct transactions in Business-to-Business (B2B) collaboration. Although it is possible to reason about atomicity of B2B collaboration using the public views, yet such reasoning requires the presence of a trustworthy party who has complete knowledge of these views. It is inapplicable whe...

Program refactoring using design patterns is an attractive approach for facilitating anticipated changes. Its benefit depends on at least two factors, namely the effort involved in the refactoring and how effective it is. For example, the benefit would be small if too much effort is required to translate a program correctly into a refactorized form...

Applications in pervasive computing are typically required to interact seamlessly with their changing environments. To provide users with smart computational services, these applications must be aware of incessant context changes in their environments and adjust their behaviors accordingly. As these environments are highly dynamic and noisy, contex...

Exception handling resolves inconsistency by backward or forward error recovery methods or both in Business-to-Business (B2B) process collaboration. To avoid committing irrevocable tasks followed by exceptions, B2B processes, which guarantee the atomicity sphere property, are attractive. While atomicity sphere ensures its outcomes to be either all...

A design pattern documents a reference design for the solution to a recurring problem encountered in object-oriented software development. The fundamental theme of design patterns is to encapsulate the concepts that vary. Software practitioners generally take it for granted that achieving the pattern theme would lead to extensible software. Is such...

With recent advances in wireless technologies, RFID (Radio Frequency Identification) becomes an important enabling technology for logistics and supply chain management systems and beyond. Effective deployment of these systems requires careful selection and seamless integration of RFID components such as tags, readers, middleware and standards. The...

Mobile real-time video streaming for web-casting and video conferencing conforming to the ITU-T H.264 data compression recommendations format is emergent. However, the quality of the video services for typical applications is hard to foreseen and sustain. Qualities of Services (QoS) approaches, such as video frame skipping techniques, are thus attr...

Testing applications in service-oriented architecture (SOA) environments needs to deal with issues like the unknown communication partners until the service discovery, the imprecise black-box information of software components, and the potential existence of non-identical implementations of the same service. In this paper, we exploit the benefits o...