Computer Engineering / Bilgisayar Mühendisliği

Permanent URI for this collectionhttps://hdl.handle.net/11147/10

Browse

Filters

2015 - 201942020 - 20233

Settings

Author: search.filters.author.Ufuktepe, EkincanInstitution Author: search.filters.institutionAuthor.Tuğlular, Tuğkan

Search Results

Now showing 1 - 7 of 7
  • Article
    Citation - WoS: 3
    Citation - Scopus: 4
    Application of the Law of Minimum and Dissimilarity Analysis To Regression Test Case Prioritization
    (IEEE, 2023) Ufuktepe, Ekincan; Tuğlular, Tuğkan
    Regression testing is one of the most expensive processes in testing. Prioritizing test cases in regression testing is critical for the goal of detecting the faults sooner within a large set of test cases. We propose a test case prioritization (TCP) technique for regression testing called LoM-Score inspired by the Law of Minimum (LoM) from biology. This technique calculates the impact probabilities of methods calculated by change impact analysis with forward slicing and orders test cases according to LoM. However, this ordering doesn't consider the possibility that consecutive test cases may be covering the same methods repeatedly. Thereby, such ordering can delay the time of revealing faults that exist in other methods. To solve this problem, we enhance the LoM-Score TCP technique with an adaptive approach, namely with a dissimilarity-based coordinate analysis approach. The dissimilarity-based coordinate analysis uses Jaccard Similarity for calculating the similarity coefficients between test cases in terms of covered methods and the enhanced technique called Dissimilarity-LoM-Score (Dis-LoM-Score) applies a penalty with respective on the ordered test cases. We performed our case study on 10 open-source Java projects from Defects4J, which is a dataset of real bugs and an infrastructure for controlled experiments provided for software engineering researchers. Then, we hand-seeded multiple mutants generated by Major, which is a mutation testing tool. Then we compared our TCP techniques LoM-Score and Dis-LoM-Score with the four traditional TCP techniques based on their Average Percentage of Faults Detected (APFD) results.
  • Conference Object
    Citation - WoS: 3
    Citation - Scopus: 2
    Heterogeneous Modeling and Testing of Software Product Lines
    (IEEE, 2021) Belli, Fevzi; Tuğlular, Tuğkan; Ufuktepe, Ekincan
    Software product line (SPL) engineering is a widely accepted approach to systematically realizing software reuse in an industrial environment. Feature models, a centerpiece of most SPL engineering techniques, are appropriate to model the variability and the structure of SPLs, but not their behavior. This paper uses the idea to link feature modeling to model-based behavior modeling and to determine the test direction (top-down or bottom-up) based on the variability binding. This heterogeneous modeling enables a holistic system testing for validating both desirable (positive) and undesirable (negative) properties of the SPL and variants. The proposed approach is validated by a non-trivial example and evaluated by comparison.
  • Article
    Citation - WoS: 7
    Citation - Scopus: 8
    Tracking Code Bug Fix Ripple Effects Based on Change Patterns Using Markov Chain Models
    (Institute of Electrical and Electronics Engineers Inc., 2022) Ufuktepe, Ekincan; Tuğlular, Tuğkan; Palaniappan, Kanappan
    Change impact analysis evaluates the changes that are made in the software and finds the ripple effects, in other words, finds the affected software components. Code changes and bug fixes can have a high impact on code quality by introducing new vulnerabilities or increasing their severity. A recent high-visibility example of this is the code changes in the log4j web software CVE-2021-45105 to fix known vulnerabilities by removing and adding method called change types. This bug fix process exposed further code security concerns. In this article, we analyze the most common set of bug fix change patterns to have a better understanding of the distribution of software changes and their impact on code quality. To achieve this, we implemented a tool that compares two versions of the code and extracts the changes that have been made. Then, we investigated how these changes are related to change impact analysis. In our case study, we identified the change types for bug-inducing and bug fix changes using the Quixbugs dataset. Furthermore, we used 13 of the projects and 621 bugs from Defects4J to identify the common change types in bug fixes. Then, to find the change types that cause an impact on the software, we performed an impact analysis on a subset of projects and bugs of Defects4J. The results have shown that, on average, 90% of the bug fix change types are adding a new method declaration and changing the method body. Then, we investigated if these changes cause an impact or a ripple effect in the software by performing a Markov chain-based change impact analysis. The results show that the bug fix changes had only impact rates within a range of 0.4-5%. Furthermore, we performed a statistical correlation analysis to find if any of the bug fixes have a significant correlation with the impact of change. The results have shown that there is a negative correlation between caused impact with the change types adding new method declaration and changing method body. On the other hand, we found that there is a positive correlation between caused impact and changing the field type.
  • Article
    Citation - WoS: 6
    Citation - Scopus: 6
    Estimating Software Robustness in Relation To Input Validation Vulnerabilities Using Bayesian Networks
    (Springer Verlag, 2018) Ufuktepe, Ekincan; Tuğlular, Tuğkan
    Estimating the robustness of software in the presence of invalid inputs has long been a challenging task owing to the fact that developers usually fail to take the necessary action to validate inputs during the design and implementation of software. We propose a method for estimating the robustness of software in relation to input validation vulnerabilities using Bayesian networks. The proposed method runs on all program functions and/or methods. It calculates a robustness value using information on the existence of input validation code in the functions and utilizing common weakness scores of known input validation vulnerabilities. In the case study, ten well-known software libraries implemented in the JavaScript language, which are chosen because of their increasing popularity among software developers, are evaluated. Using our method, software development teams can track changes made to software to deal with invalid inputs.
  • Conference Object
    Citation - WoS: 8
    Citation - Scopus: 9
    A Program Slicing-Based Bayesian Network Model for Change Impact Analysis
    (Institute of Electrical and Electronics Engineers Inc., 2018) Ufuktepe, Ekincan; Tuğlular, Tuğkan
    Change impact analysis plays an important role in identifying potential affected areas that are caused by changes that are made in a software. Most of the existing change impact analysis techniques are based on architectural design and change history. However, source code-based change impact analysis studies are very few and they have shown higher precision in their results. In this study, a static method-granularity level change impact analysis, that uses program slicing and Bayesian Network technique has been proposed. The technique proposes a directed graph model that also represents the call dependencies between methods. In this study, an open source Java project with 8999 to 9445 lines of code and from 505 to 528 methods have been analyzed through 32 commits it went. Recall and f-measure metrics have been used for evaluation of the precision of the proposed method, where each software commit has been analyzed separately.
  • Conference Object
    Citation - WoS: 1
    Citation - Scopus: 5
    Automation Architecture for Bayesian Network Based Test Case Prioritization and Execution
    (Institute of Electrical and Electronics Engineers Inc., 2016) Ufuktepe, Ekincan; Tuğlular, Tuğkan
    An automation architecture for Bayesian Network based test case prioritization is designed for software written in Java programming language following the approach proposed by Mirarab and Tahvildari [2]. The architecture is implemented as an integration of a series of tools and called Bayesian Network based test case prioritization and execution platform. The platform is triggered by a change in the source code, then it collects necessary information to be supplied to Bayesian Network and uses Bayesian Network evaluation results to run high priority unit tests.
  • Conference Object
    Javascript Kütüphaneleri için Girdi Doğrulama Analizi
    (CEUR Workshop Proceedings, 2015) Ufuktepe, Ekincan; Tuğlular, Tuğkan
    Bugün artık mobil ve web temelli yazılımlar günlük hayatın bir parçası olmuştur. Bu yazılımlar içinde JavaScript kütüphanelerinin kullanımı da son yıllarda önemli artış göstermiştir. Bu kütüphaneler sağladıkları uygulama programlama arayüzleri ile daha ziyade söz verdikleri işlevleri yerine getirmekte ancak beklenmeyen girdilere karşı dayanıklı bir yapı sunamamak-tadır. Bu çalışmada mobil ve web temelli yazılımlarda yoğun olarak kullanılmakta olan beş JavaScript kütüphanesine ait işlevlerin aldığı para-metreler ile kullandıkları global değişkenler üzerinde doğrulama yapıp yap-madıkları analiz edilmiştir. Bunun için bir girdi doğrulama modeli ortaya konmuştur. Bu model üzerinde geliştirilen algoritma ile JavaScript programları için tip analiz yapan TAJS yazılımı genişletilmiş ve beş JavaScript kütüphane-sine uygulanmış ve elde edilen sonuçlar paylaşılmıştır.