Software Engineering

New submissions

• New submissions
• Cross-lists
• Replacements

New submissions for Mon, 29 Apr 24

[1]  arXiv:2404.16915 [pdf, other]

Title: Servicifying zk-SNARKs Execution for Verifiable Off-chain Computations

Authors: Alvaro Alonso Domenech, Jonathan Heiss, Stefan Tai

Comments: 2 pages, 3 figures

Subjects: Software Engineering (cs.SE); Cryptography and Security (cs.CR)

Zk-SNARKs help scale blockchains with Verifiable Off-chain Computations (VOC). zk-SNARK DSL toolkits are key when designing arithmetic circuits but fall short of automating the subsequent proof-generation step in an automated manner. We emphasize the need for portability, interoperability, and manageability in VOC-based solutions and introduce a Proving Service that is designed to provide a scalable and reusable solution for generating zk-SNARK proofs leveraging clouds.

[2]  arXiv:2404.16947 [pdf, other]

Title: Fuzzing MLIR by Synthesizing Custom Mutations

Authors: Ben Limpanukorn, Jiyuan Wang, Hong Jin Kang, Eric Zitong Zhou, Miryung Kim

Subjects: Software Engineering (cs.SE)

Multi-Level Intermediate Representation (MLIR) is an effort to enable faster compiler development by providing an extensible framework for downstream developers to define custom IRs with MLIR dialects. MLIR dialects define new IRs that are tailored for specific domains. The diversity and rapid evolution of these IRs make it impractical to pre-define custom generator logic for every available dialect. We design a new approach called SynthFuzz that automatically infers and applies custom mutations from existing tests. Inferred custom mutations are parameterized and context-dependent such that they can be concretized depending on the target context. By doing this, we obviate the need to manually write custom mutations for newly introduced MLIR dialects. Further, SynthFuzz increases the chance of finding effective edit locations and reduces the chance of inserting invalid edit content by performing k-ancestor-prefix and l-sibling-postfix matching. We compare SynthFuzz to three baselines: Grammarinator -- a grammar-based fuzzer without custom mutators, MLIRSmith -- a custom test generator for MLIR, and NeuRI -- a custom test generator with support for parameterized generation. We conduct this comparison on 4 different MLIR projects where each project defines a new set of MLIR dialects that would take months of effort to manually write custom input generation and mutation logic. We show that SynthFuzz on average improves input diversity by 1.51$\times$, which increases branch coverage by 1.16$\times$. Further, we show that our context dependent custom mutation increases the proportion of valid tests by up to 1.11$\times$, indicating that SynthFuzz correctly concretizes its parameterized mutations with respect to the target context. Mutation parameterization reduces the fraction of tests violating general MLIR constraints by 0.57$\times$, increasing the time spent fuzzing dialect-specific code.

[3]  arXiv:2404.16992 [pdf, other]

Title: A Catalog of Transformations to Remove Smells From Natural Language Tests

Authors: Manoel Aranda, Naelson Oliveira, Elvys Soares, Márcio Ribeiro, Davi Romão, Ullyanne Patriota, Rohit Gheyi, Emerson Souza, Ivan Machado

Comments: Distinguished Paper Award at International Conference on Evaluation and Assessment in Software Engineering (EASE), 2024 edition

Subjects: Software Engineering (cs.SE)

Test smells can pose difficulties during testing activities, such as poor maintainability, non-deterministic behavior, and incomplete verification. Existing research has extensively addressed test smells in automated software tests but little attention has been given to smells in natural language tests. While some research has identified and catalogued such smells, there is a lack of systematic approaches for their removal. Consequently, there is also a lack of tools to automatically identify and remove natural language test smells. This paper introduces a catalog of transformations designed to remove seven natural language test smells and a companion tool implemented using Natural Language Processing (NLP) techniques. Our work aims to enhance the quality and reliability of natural language tests during software development. The research employs a two-fold empirical strategy to evaluate its contributions. First, a survey involving 15 software testing professionals assesses the acceptance and usefulness of the catalog's transformations. Second, an empirical study evaluates our tool to remove natural language test smells by analyzing a sample of real-practice tests from the Ubuntu OS. The results indicate that software testing professionals find the transformations valuable. Additionally, the automated tool demonstrates a good level of precision, as evidenced by a F-Measure rate of 83.70%

[4]  arXiv:2404.17009 [pdf, other]

Title: What You Use is What You Get: Unforced Errors in Studying Cultural Aspects in Agile Software Development

Authors: Michael Neumann, Klaus Schmid, Lars Baumann

Subjects: Software Engineering (cs.SE)

Context: Cultural aspects are of high importance as they guide people's behaviour and thus, influence how people apply methods and act in projects. In recent years, software engineering research emphasized the need to analyze the challenges of specific cultural characteristics. Investigating the influence of cultural characteristics is challenging due to the multi-faceted concept of culture. People's behaviour, their beliefs and underlying values are shaped by different layers of culture, e.g., regions, organizations, or groups. In this study, we focus on agile methods, which are agile approaches that focus on underlying values, collaboration and communication. Thus, cultural and social aspects are of high importance for their successful use in practice. Objective: In this paper, we address challenges that arise when using the model of cultural dimensions by Hofstede to characterize specific cultural values. This model is often used when discussing cultural influences in software engineering. Method: As a basis, we conducted an exploratory, multiple case study, consisting of two cases in Japan and two in Germany. Contributions: In this study, we observed that cultural characteristics of the participants differed significantly from cultural characteristics that would typically be expected for people from the respective country. This drives our conclusion that for studies in empirical software engineering that address cultural factors, a case-specific analysis of the characteristics is needed.

[5]  arXiv:2404.17020 [pdf, other]

Title: Generating Minimalist Adversarial Perturbations to Test Object-Detection Models: An Adaptive Multi-Metric Evolutionary Search Approach

Authors: Cristopher McIntyre-Garcia, Adrien Heymans, Beril Borali, Won-Sook Lee, Shiva Nejati

Subjects: Software Engineering (cs.SE); Artificial Intelligence (cs.AI)

Deep Learning (DL) models excel in computer vision tasks but can be susceptible to adversarial examples. This paper introduces Triple-Metric EvoAttack (TM-EVO), an efficient algorithm for evaluating the robustness of object-detection DL models against adversarial attacks. TM-EVO utilizes a multi-metric fitness function to guide an evolutionary search efficiently in creating effective adversarial test inputs with minimal perturbations. We evaluate TM-EVO on widely-used object-detection DL models, DETR and Faster R-CNN, and open-source datasets, COCO and KITTI. Our findings reveal that TM-EVO outperforms the state-of-the-art EvoAttack baseline, leading to adversarial tests with less noise while maintaining efficiency.

[6]  arXiv:2404.17036 [pdf, other]

Title: Understanding the Career Mobility of Blind and Low Vision Software Professionals

Authors: Yoonha Cha, Victoria Jackson, Isabela Figueira, Stacy M. Branham, André van der Hoek

Comments: 12 pages, 1 table, conference paper, 2024 ACM / IEEE 17th International Conference on Cooperative and Human Aspects of Software Engineering

Subjects: Software Engineering (cs.SE); Human-Computer Interaction (cs.HC)

Context: Scholars in the software engineering (SE) research community have investigated career advancement in the software industry. Research topics have included how individual and external factors can impact career mobility of software professionals, and how gender affects career advancement. However, the community has yet to look at career mobility from the lens of accessibility. Specifically, there is a pressing need to illuminate the factors that hinder the career mobility of blind and low vision software professionals (BLVSPs). Objective: This study aims to understand aspects of the workplace that impact career mobility for BLVSPs. Methods: We interviewed 26 BLVSPs with different roles, years of experience, and industry sectors. Thematic analysis was used to identify common factors related to career mobility. Results: We found four factors that impacted the career mobility of BLVSPs: (1) technical challenges, (2) colleagues' perceptions of BLVSPs, (3) BLVSPs' own perceptions on managerial progression, and (4) BLVSPs' investment in accessibility at the workplace. Conclusion: We suggest implications for tool designers, organizations, and researchers towards fostering more accessible workplaces to support the career mobility of BLVSPs.

[7]  arXiv:2404.17046 [pdf, other]

Title: Unraveling Code Clone Dynamics in Deep Learning Frameworks

Authors: Maram Assi, Safwat Hassan, Ying Zou

Comments: 37 pages

Subjects: Software Engineering (cs.SE); Artificial Intelligence (cs.AI)

Deep Learning (DL) frameworks play a critical role in advancing artificial intelligence, and their rapid growth underscores the need for a comprehensive understanding of software quality and maintainability. DL frameworks, like other systems, are prone to code clones. Code clones refer to identical or highly similar source code fragments within the same project or even across different projects. Code cloning can have positive and negative implications for software development, influencing maintenance, readability, and bug propagation. In this paper, we aim to address the knowledge gap concerning the evolutionary dimension of code clones in DL frameworks and the extent of code reuse across these frameworks. We empirically analyze code clones in nine popular DL frameworks, i.e., TensorFlow, Paddle, PyTorch, Aesara, Ray, MXNet, Keras, Jax and BentoML, to investigate (1) the characteristics of the long-term code cloning evolution over releases in each framework, (2) the short-term, i.e., within-release, code cloning patterns and their influence on the long-term trends, and (3) the file-level code clones within the DL frameworks. Our findings reveal that DL frameworks adopt four distinct cloning trends and that these trends present some common and distinct characteristics. For instance, bug-fixing activities persistently happen in clones irrespective of the clone evolutionary trend but occur more in the "Serpentine" trend. Moreover, the within release level investigation demonstrates that short-term code cloning practices impact long-term cloning trends. The cross-framework code clone investigation reveals the presence of functional and architectural adaptation file-level cross-framework code clones across the nine studied frameworks. We provide insights that foster robust clone practices and collaborative maintenance in the development of DL frameworks.

[8]  arXiv:2404.17110 [pdf, other]

Title: Software Vulnerability Prediction in Low-Resource Languages: An Empirical Study of CodeBERT and ChatGPT

Authors: Triet H. M. Le, M. Ali Babar, Tung Hoang Thai

Comments: Accepted in the 4th International Workshop on Software Security co-located with the 28th International Conference on Evaluation and Assessment in Software Engineering (EASE) 2024

Subjects: Software Engineering (cs.SE); Cryptography and Security (cs.CR); Machine Learning (cs.LG)

Background: Software Vulnerability (SV) prediction in emerging languages is increasingly important to ensure software security in modern systems. However, these languages usually have limited SV data for developing high-performing prediction models. Aims: We conduct an empirical study to evaluate the impact of SV data scarcity in emerging languages on the state-of-the-art SV prediction model and investigate potential solutions to enhance the performance. Method: We train and test the state-of-the-art model based on CodeBERT with and without data sampling techniques for function-level and line-level SV prediction in three low-resource languages - Kotlin, Swift, and Rust. We also assess the effectiveness of ChatGPT for low-resource SV prediction given its recent success in other domains. Results: Compared to the original work in C/C++ with large data, CodeBERT's performance of function-level and line-level SV prediction significantly declines in low-resource languages, signifying the negative impact of data scarcity. Regarding remediation, data sampling techniques fail to improve CodeBERT; whereas, ChatGPT showcases promising results, substantially enhancing predictive performance by up to 34.4% for the function level and up to 53.5% for the line level. Conclusion: We have highlighted the challenge and made the first promising step for low-resource SV prediction, paving the way for future research in this direction.

[9]  arXiv:2404.17153 [pdf, other]

Title: A Unified Debugging Approach via LLM-Based Multi-Agent Synergy

Authors: Cheryl Lee, Chunqiu Steven Xia, Jen-tse Huang, Zhouruixin Zhu, Lingming Zhang, Michael R. Lyu

Subjects: Software Engineering (cs.SE)

Tremendous efforts have been devoted to automating software debugging, a time-consuming process involving fault localization and repair generation. Recently, Large Language Models (LLMs) have shown great potential in automated debugging. However, we identified three challenges posed to traditional and LLM-based debugging tools: 1) the upstream imperfection of fault localization affects the downstream repair, 2) the deficiency in handling complex logic errors, and 3) the ignorance of program contexts. In this context, we propose the first automated, unified debugging framework, FixAgent, via LLM agent synergy. FixAgent can perform end-to-end localization, repair, and analysis of bugs. Our insight is that LLMs can benefit from general software engineering principles recognized by human developers in debugging, such as rubber duck debugging, enabling a better understanding of program functionality and logic bugs. Hence, we create three designs inspired by rubber ducking to address these challenges. They are agent specialization and synergy, key variable tracking, and program context comprehension, which request LLMs to provide explicit explanations and force them to focus on crucial program logic information. Experiments on the widely used dataset QuixBugs show that FixAgent correctly fixes 79 out of 80 bugs, 9 of which have never been fixed. It also plausibly patches 1.9X more defects than the best-performing repair tool on CodeFlaws, even with no bug location information and fewer than 0.6% sampling times. On average, FixAgent increases about 20% plausible and correct fixes compared to its base model using different LLMs, showing the effectiveness of our designs. Moreover, the correctness rate of FixAgent reaches remarkably 97.26%, indicating that FixAgent can potentially overcome the overfitting issue of the existing approaches.

[10]  arXiv:2404.17244 [pdf, other]

Title: Automated Configuration Synthesis for Machine Learning Models: A git-Based Requirement and Architecture Management System

Authors: Abdullatif AlShriaf, Hans-Martin Heyn, Eric Knauss

Comments: Accepted at 32nd IEEE International Requirements Engineering Conference (RE24), Posters and Tool Demos Track, Reykjavik, Iceland, 2024

Subjects: Software Engineering (cs.SE)

This work introduces a tool for generating runtime configurations automatically from textual requirements stored as artifacts in git repositories (a.k.a. T-Reqs) alongside the software code. The tool leverages T-Reqs-modelled architectural description to identify relevant configuration properties for the deployment of artificial intelligence (AI)-enabled software systems. This enables traceable configuration generation, taking into account both functional and non-functional requirements. The resulting configuration specification also includes the dynamic properties that need to be adjusted and the rationale behind their adjustment. We show that this intermediary format can be directly used by the system or adapted for specific targets, for example in order to achieve runtime optimisations in term of ML model size before deployment.

[11]  arXiv:2404.17332 [pdf, other]

Title: Managing Security Evidence in Safety-Critical Organizations

Authors: Mazen Mohamad, Jan-Philipp Steghöfer, Eric Knauss, Riccardo Scandariato

Subjects: Software Engineering (cs.SE); Cryptography and Security (cs.CR)

With the increasing prevalence of open and connected products, cybersecurity has become a serious issue in safety-critical domains such as the automotive industry. As a result, regulatory bodies have become more stringent in their requirements for cybersecurity, necessitating security assurance for products developed in these domains. In response, companies have implemented new or modified processes to incorporate security into their product development lifecycle, resulting in a large amount of evidence being created to support claims about the achievement of a certain level of security. However, managing evidence is not a trivial task, particularly for complex products and systems. This paper presents a qualitative interview study conducted in six companies on the maturity of managing security evidence in safety-critical organizations. We find that the current maturity of managing security evidence is insufficient for the increasing requirements set by certification authorities and standardization bodies. Organisations currently fail to identify relevant artifacts as security evidence and manage this evidence on an organizational level. One part of the reason are educational gaps, the other a lack of processes. The impact of AI on the management of security evidence is still an open question

[12]  arXiv:2404.17338 [pdf, other]

Title: Towards an Approach to Pattern-based Domain-Specific Requirements Engineering

Authors: T.Chuprina, D.Méndez (1,2), V.Nigam, M.Reich (3,4), A.Schweiger (3) ((1) fortiss GmbH, (2) Blekinge Institute of Technology, (3) Airbus Defence and Space GmbH, (4) Technische University of Chemnitz)

Comments: 6 pages with 3 figures

Subjects: Software Engineering (cs.SE)

Requirements specification patterns have received much attention as they promise to guide the structured specification of natural language requirements. By using them, the intention is to reduce quality problems related to requirements artifacts. Patterns may need to vary in their syntax (e.g. domain details/ parameter incorporation) and semantics according to the particularities of the application domain. However, pattern-based approaches, such as EARS, are designed domain-independently to facilitate their wide adoption across several domains. Little is yet known about how to adopt the principle idea of pattern-based requirements engineering to cover domain-specificity in requirements engineering and, ideally, integrate requirements engineering activities into quality assurance tasks. In this paper, we propose the Pattern-based Domain-specific Requirements Engineering Approach for the specification of functional and performance requirements in a holistic manner. This approach emerges from an academia-industry collaboration and is our first attempt to frame an approach which allows for analyzing domain knowledge and incorporating it into the requirements engineering process enabling automated checks for requirements quality assurance and computer-aided support for system verification. Our contribution is two-fold: First, we present a solution to pattern-based domain-specific requirements engineering and its exemplary integration into quality assurance techniques. Second, we showcase a proof of concept using a tool implementation for the domain of flight controllers for Unmanned Aerial Vehicles. Both shall allow us to outline next steps in our research agenda and foster discussions in this direction.

[13]  arXiv:2404.17347 [pdf, other]

Title: InspectorRAGet: An Introspection Platform for RAG Evaluation

Authors: Kshitij Fadnis, Siva Sankalp Patel, Odellia Boni, Yannis Katsis, Sara Rosenthal, Benjamin Sznajder, Marina Danilevsky

Subjects: Software Engineering (cs.SE); Human-Computer Interaction (cs.HC)

Large Language Models (LLM) have become a popular approach for implementing Retrieval Augmented Generation (RAG) systems, and a significant amount of effort has been spent on building good models and metrics. In spite of increased recognition of the need for rigorous evaluation of RAG systems, few tools exist that go beyond the creation of model output and automatic calculation. We present InspectorRAGet, an introspection platform for RAG evaluation. InspectorRAGet allows the user to analyze aggregate and instance-level performance of RAG systems, using both human and algorithmic metrics as well as annotator quality. InspectorRAGet is suitable for multiple use cases and is available publicly to the community. The demo video is available at https://youtu.be/MJhe8QIXcEc

[14]  arXiv:2404.17403 [pdf, other]

Title: Analyzing the Accessibility of GitHub Repositories for PyPI and NPM Libraries

Authors: Alexandros Tsakpinis, Alexander Pretschner

Comments: 6 pages, 3 figures, accepted at 28th edition of International Conference on Evaluation and Assessment in Software Engineering (EASE 2024)

Subjects: Software Engineering (cs.SE)

Industrial applications heavily rely on open-source software (OSS) libraries, which provide various benefits. But, they can also present a substantial risk if a vulnerability or attack arises and the community fails to promptly address the issue and release a fix due to inactivity. To be able to monitor the activities of such communities, a comprehensive list of repositories for the libraries of an ecosystem must be accessible. Based on these repositories, integrated libraries of an application can be monitored to observe whether they are adequately maintained. In this descriptive study, we analyze the accessibility of GitHub repositories for PyPI and NPM libraries. For all available libraries, we extract assigned repository URLs, direct dependencies and use the page rank algorithm to comprehensively analyze the ecosystems from a library and dependency chain perspective. For invalid repository URLs, we derive potential reasons. Both ecosystems show varying accessibility to GitHub repository URLs, depending on the page rank score of the analyzed libraries. For individual libraries, up to 73.8% of PyPI and up to 69.4% of NPM libraries have repository URLs. Within dependency chains, up to 80.1% of PyPI libraries have URLs, while up to 81.1% for NPM. That means, most libraries, especially the ones of increasing importance, can be monitored on GitHub. Among the most common reasons for invalid repository URLs is no URLs being assigned at all, which amounts up to 17.9% for PyPI and up to 39.6% for NPM. Package maintainers should address this issue and update the repository information to enable monitoring of their libraries.

[15]  arXiv:2404.17417 [pdf, other]

Title: How do annotations affect Java code readability?

Authors: Eduardo Guerra, Everaldo Gomes, Jeferson Ferreira, Igor Wiese, Phyllipe Lima, Marco Gerosa, Paulo Meirelles

Comments: Accepted to Empirical Software Engineering (EMSE) Journal

Subjects: Software Engineering (cs.SE)

Context: Code annotations have gained widespread popularity in programming languages, offering developers the ability to attach metadata to code elements to define custom behaviors. Many modern frameworks and APIs use annotations to keep integration less verbose and located nearer to the corresponding code element. Despite these advantages, practitioners' anecdotal evidence suggests that annotations might negatively affect code readability. Objective: To better understand this effect, this paper systematically investigates the relationship between code annotations and code readability. Method: In a survey with software developers (n=332), we present 15 pairs of Java code snippets with and without code annotations. These pairs were designed considering five categories of annotation used in real-world Java frameworks and APIs. Survey participants selected the code snippet they considered more readable for each pair and answered an open question about how annotations affect the code's readability. Results: Preferences were scattered for all categories of annotation usage, revealing no consensus among participants. The answers were spread even when segregated by participants' programming or annotation-related experience. Nevertheless, some participants showed a consistent preference in favor or against annotations across all categories, which may indicate a personal preference. Our qualitative analysis of the open-ended questions revealed that participants often praise annotation impacts on design, maintainability, and productivity but expressed contrasting views on understandability and code clarity. Conclusions: Software developers and API designers can consider our results when deciding whether to use annotations, equipped with the insight that developers express contrasting views of the annotations' impact on code readability.

[16]  arXiv:2404.17465 [pdf, ps, other]

Title: Fast Abstracts and Student Forum Proceedings -- EDCC 2024 -- 19th European Dependable Computing Conference

Authors: Simona Bernardi, Tommaso Zoppi

Subjects: Software Engineering (cs.SE); Computers and Society (cs.CY); Distributed, Parallel, and Cluster Computing (cs.DC); Machine Learning (cs.LG); Robotics (cs.RO)

The goal of the Fast Abstracts track is to bring together researchers and practitioners working on dependable computing to discuss work in progress or opinion pieces. Contributions are welcome from academia and industry. Fast Abstracts aim to serve as a rapid and flexible mechanism to: (i) Report on current work that may or may not be complete; (ii) Introduce new ideas to the community; (iii) State positions on controversial issues or open problems; (iv) Share lessons learnt from real-word dependability engineering; and (v) Debunk or question results from other papers based on contra-indications. The Student Forum aims at creating a vibrant and friendly environment where students can present and discuss their work, and exchange ideas and experiences with other students, researchers and industry. One of the key goals of the Forum is to provide students with feedback on their preliminary results that might help with their future research directions.

[17]  arXiv:2404.17522 [pdf, other]

Title: Enhancing Legal Compliance and Regulation Analysis with Large Language Models

Authors: Shabnam Hassani

Comments: to be published in 32nd IEEE International Requirements Engineering 2024 Conference (RE'24) - Doctoral Symposium. arXiv admin note: text overlap with arXiv:2404.14356

Subjects: Software Engineering (cs.SE); Artificial Intelligence (cs.AI)

This research explores the application of Large Language Models (LLMs) for automating the extraction of requirement-related legal content in the food safety domain and checking legal compliance of regulatory artifacts. With Industry 4.0 revolutionizing the food industry and with the General Data Protection Regulation (GDPR) reshaping privacy policies and data processing agreements, there is a growing gap between regulatory analysis and recent technological advancements. This study aims to bridge this gap by leveraging LLMs, namely BERT and GPT models, to accurately classify legal provisions and automate compliance checks. Our findings demonstrate promising results, indicating LLMs' significant potential to enhance legal compliance and regulatory analysis efficiency, notably by reducing manual workload and improving accuracy within reasonable time and financial constraints.

Cross-lists for Mon, 29 Apr 24

[18]  arXiv:2404.16837 (cross-list from cs.CR) [pdf, ps, other]

Title: The Security Performance Analysis of Blockchain System Based on Post-Quantum Cryptography -- A Case Study of Cryptocurrency Exchanges

Authors: Abel C. H. Chen

Comments: in Chinese language

Subjects: Cryptography and Security (cs.CR); Computers and Society (cs.CY); Software Engineering (cs.SE)

The current blockchain system for cryptocurrency exchanges primarily employs elliptic curve cryptography (ECC) for generating key pairs in wallets, and elliptic curve digital signature algorithms (ECDSA) for generating signatures in transactions. Consequently, with the maturation of quantum computing technology, the current blockchain system faces the risk of quantum computing attacks. Quantum computers may potentially counterfeit signatures produced by ECDSA. Therefore, this study analyzes the vulnerabilities of the current blockchain system to quantum computing attacks and proposes a post-quantum cryptography (PQC)-based blockchain system to enhance security by addressing and improving each identified weakness. Furthermore, this study proposes PQC-based wallets and PQC-based transactions, utilizing PQC digital signature algorithms to generate PQC-based signatures for the inputs in PQC-based transactions, thereby preventing signatures from being counterfeited by quantum computing. Experimental results demonstrate that the efficiency of the Dilithium algorithm, a PQC digital signature algorithm, in producing wallets, generating signatures, and verifying signatures surpasses that of ECDSA in the current blockchain system. Furthermore, the Dilithium algorithm also exhibits a higher security level.

Replacements for Mon, 29 Apr 24

[19]  arXiv:2302.07867 (replaced) [pdf, other]

Title: Learning Performance-Improving Code Edits

Authors: Alexander Shypula, Aman Madaan, Yimeng Zeng, Uri Alon, Jacob Gardner, Milad Hashemi, Graham Neubig, Parthasarathy Ranganathan, Osbert Bastani, Amir Yazdanbakhsh

Comments: Published as a conference paper at ICLR 2024 (Spotlight). Project website: this https URL

Subjects: Software Engineering (cs.SE); Artificial Intelligence (cs.AI); Machine Learning (cs.LG); Performance (cs.PF)

[20]  arXiv:2403.05728 (replaced) [pdf, other]

Title: Engineering Formality and Software Risk in Debian Python Packages

Authors: Matthew Gaughan, Kaylea Champion, Sohyeon Hwang

Comments: Preprint of archival paper accepted for IEEE SANER 2024

Subjects: Software Engineering (cs.SE); Computers and Society (cs.CY)

[21]  arXiv:2403.11281 (replaced) [pdf, other]

Title: Java JIT Testing with Template Extraction

Authors: Zhiqiang Zang, Fu-Yao Yu, Aditya Thimmaiah, August Shi, Milos Gligoric

Comments: 23 pages, 6 figures, 8 tables, accepted in FSE 2024 (Research Papers track)

Subjects: Software Engineering (cs.SE)

[22]  arXiv:2404.00566 (replaced) [pdf, other]

Title: CodeBenchGen: Creating Scalable Execution-based Code Generation Benchmarks

Authors: Yiqing Xie, Alex Xie, Divyanshu Sheth, Pengfei Liu, Daniel Fried, Carolyn Rose

Subjects: Software Engineering (cs.SE); Computation and Language (cs.CL)

[23]  arXiv:2404.02056 (replaced) [pdf, other]

Title: Multitask-based Evaluation of Open-Source LLM on Software Vulnerability

Authors: Xin Yin, Chao Ni, Shaohua Wang

Subjects: Software Engineering (cs.SE)

[24]  arXiv:2404.13295 (replaced) [pdf, other]

Title: Detecting Build Dependency Errors in Incremental Builds

Authors: Jun Lyu, Shanshan Li, He Zhang, Yang Zhang, Guoping Rong, Manuel Rigger

Subjects: Software Engineering (cs.SE)

[25]  arXiv:2401.01472 (replaced) [pdf, other]

Title: Studying and Recommending Information Highlighting in Stack Overflow Answers

Authors: Shahla Shaan Ahmed, Shaowei Wang, Yuan Tian, Tse-Hsun (Peter) Chen, Haoxiang Zhang

Comments: This work is submitted to Information and Software Technology Journal

Subjects: Computation and Language (cs.CL); Information Retrieval (cs.IR); Machine Learning (cs.LG); Software Engineering (cs.SE)

[26]  arXiv:2404.16663 (replaced) [pdf, other]

Title: Formal Specification, Assessment, and Enforcement of Fairness for Generative AIs

Authors: Chih-Hong Cheng, Changshun Wu, Harald Ruess, Xingyu Zhao, Saddek Bensalem

Subjects: Machine Learning (cs.LG); Artificial Intelligence (cs.AI); Computers and Society (cs.CY); Logic in Computer Science (cs.LO); Software Engineering (cs.SE)

• New submissions
• Cross-lists
• Replacements