A5064074691- Software Testing and Debugging Techniques
- Software Reliability and Analysis Research
- Software Engineering Research
- Software System Performance and Reliability
- Advanced Software Engineering Methodologies
- Model-Driven Software Engineering Techniques
- Service-Oriented Architecture and Web Services
- Formal Methods in Verification
- Web Application Security Vulnerabilities
- Advanced Malware Detection Techniques
- Business Process Modeling and Analysis
- Data Mining Algorithms and Applications
- AI in Service Interactions
- Topic Modeling
- Software Engineering Techniques and Practices
- Access Control and Trust
- Natural Language Processing Techniques
- Entrepreneurship Studies and Influences
- Security and Verification in Computing
- Anomaly Detection Techniques and Applications
- Network Security and Intrusion Detection
- Big Data and Business Intelligence
- Data Quality and Management
- Data Stream Mining Techniques
- Sentiment Analysis and Opinion Mining
IBM (United States)
2005-2021
IBM Research - India
2021
Università di Camerino
2019
IBM Research - Thomas J. Watson Research Center
1996-2018
University of Otago
2008-2015
North Carolina State University
1993-2011
Alliance for Safe Kids
2007
A.S. Watson (Netherlands)
2005
Web script crashes and malformed dynamically-generated pages are common errors, they seriously impact usability of applications. Current tools for Web-page validation cannot handle the that ubiquitous on today's Internet. In this work, we apply a dynamic test generation technique, based combined concrete symbolic execution, to domain The technique generates tests automatically, uses detect failures, minimizes conditions inputs exposing each failure, so resulting bug reports small useful in...
Web script crashes and malformed dynamically generated webpages are common errors, they seriously impact the usability of applications. Current tools for webpage validation cannot handle pages that ubiquitous on today's Internet. We present a dynamic test generation technique domain The utilizes both combined concrete symbolic execution explicit-state model checking. generates tests automatically, runs capturing logical constraints inputs, minimizes conditions inputs to failing so resulting...
Access Control Policies (ACP) specify which principals such as users have access to resources. Ensuring the correctness and consistency of ACPs is crucial prevent security vulnerabilities. However, in practice, are commonly written Natural Language (NL) buried large documents requirements documents, not amenable for automated techniques check consistency. It tedious manually extract from these NL validate functional use cases against detecting inconsistencies. To address issues, we propose...
Application Programming Interface (API) documents are a typical way of describing legal usage reusable software libraries, thus facilitating reuse. However, even with such documents, developers often overlook some and build systems that inconsistent the those libraries. Existing verification tools require formal specifications (such as code contracts), therefore cannot directly verify described in natural language text API against using library. practice, most libraries do not come...
Application Programming Interface (API) documents are a typical way of describing legal usage reusable software libraries, thus facilitating reuse. However, even with such documents, developers often overlook some and build systems that inconsistent the those libraries. Existing verification tools require formal specifications (such as code contracts), therefore cannot directly verify described in natural language text API against using library. practice, most libraries do not come...
The modularity and customer centric approach of use cases make them the preferred methods for requirement elicitation, especially in iterative software development processes as agile programming. Numerous guidelines exist case style content, but enforcing compliance to such industry currently requires specialized training a strongly managed elicitation process. However, often due aggressive schedules, organizations shy away from extensive end up capturing an ad-hoc fashion with little...
We present 1) a novel linguistic engine made of configurable components for understanding natural language use case specification; and 2) results the first kind large scale experiment application techniques to industrial cases. Requirement defects are well known have adverse effects on dependability software systems. While formal often cited as remedy specification errors, remains predominant mode specifying requirements. Therefore, dependable system development, processing technique is...
Although proposals were made three decades ago to build static analysis tools either assist software security evaluations or find flaws, it is only recently that and model checking technology has reached the point where such tooling become feasible. In order target their on a rational basis, would be useful for tool-builders have available taxonomy of flaws organizing problem space. Unfortunately, existing suitable taxonomies are sadly out-of-date, do not adequately represent found in modern...
We present an automatic fault localization technique which leverages time spectra as abstractions for program executions. Time have been traditionally used performance debugging. By contrast, we use them functional correctness debugging by identifying pieces of code that take a "suspicious" amount to execute. The approach can be summarized follows: are collected from passing and failing runs, observed behavior models created using the deviations these in runs identified scored potential...
Use cases are a key technique to elicit software requirements from the point of view user system. Their prevalence is noticeable ever since onset agile programming techniques. Within SOA projects however, business process models used for capability analysis and gap detection. Business present global system hence more suited Therefore, in practice both these forms continue be useful coexist. Often big distributed development environment such coexisting requirement specifications can grow out...
We propose a new strategy for generating test cases Boolean expressions. In the past, we reported BOR (Boolean Operator) predicates which are singular: contain only one occurrence of each constituent variable. also results empirical studies that were carried out to study effectiveness strategy, but algorithm did not work well with non-singularities: multiple occurrences variables. The solution problem is combination original and MI (Meaning Impact) elsewhere. Our approach divide expression...
Realizing the vision of using AI agents to automate critical IT tasks depends on ability measure and understand effectiveness proposed solutions. We introduce ITBench, a framework that offers systematic methodology for benchmarking address real-world automation tasks. Our initial release targets three key areas: Site Reliability Engineering (SRE), Compliance Security Operations (CISO), Financial (FinOps). The design enables researchers challenges opportunities with push-button workflows...
We propose a model based approach to functional conformance test generation for web services which operate in the presence of persistent data. Typically, are described standard notation called Web Services Description Language (WSDL). Unfortunately, WSDL does not allow behavioral specification (such as pre- and postconditions)of New standards remedy this situation being proposed WSDL-S). In paper, we use existing techniques on Extended Finite State Machine (EFSM) address testes The novel...
We present an automated approach to generate functional conformance tests for semantic Web services. The semantics of the services are defined using inputs, outputs, preconditions, effects (IOPEs) paradigm. For each service, our produces testing goals which refinements service preconditions a set fault models. A novel planner component accepts these goals, along with initial state world and definitions sequence invocations as test case. Another salient feature is generation verification...
As IT environments evolve in both size and complexity, observability tools are needed to monitor their health. the anomalous events detected, alerts generated, leading alert notifications Site Reliability Engineers(SREs). However, most of these turn out be false alarms, fatigue, inefficiencies. Existing approaches for reducing noise rely on static policies that can quickly become outdated dynamic therefore difficult maintain. In this work, we propose a novel unsupervised approach,...
We propose a new technique for automatic generation of test cases predicates. Earlier we proposed an efficient and effective strategy Boolean expressions. now extend this to Our addresses number issues, including: analysis dependencies between relational expressions in predicate P; constraints P based on the detection operator faults actual tests according generated P. use constraint logic programming (CLP) automate data predicate. Furthermore, incremental approach apply CLP techniques solve...
We report the results of three empirical studies fault detection and stability performance predicate-based BOR (Boolean Operator) testing strategy. is used to develop test cases based on formal software specification, or implementation code. evaluated strategy with respect some other strategies by using Boolean expressions actual software. applied it specification cause-effect graphs a safety-related real-time control system, set N-version programs. found that very effective at detecting...
We explore common problems that exist in the practice of use case modeling: lack consistency defining cases, misalignment between UML metamodel and textual representations cases expounded literature, a semantics allows to be executable analyzable.We propose an engineering approach issues can provide precise foundation for development.We next discuss four potential uses such identify research must addressed support these applications.
Purpose Consumer and public policy resistance to genetically modified (GM) foods in rich countries has caused governments many poor withhold official permission for planting GM food crops fear of damaging export markets conventional crops. A total 15 are already producing If China India, the world's two most populous nations, authorise production, then this will account a large majority production coming from GM‐adopting countries. This study sets out determine perceptions gatekeepers...
Model-based test generation (MBTG) is becoming an area of active research. These techniques differ in terms (1) modeling notations used, and (2) the adequacy criteria used for generation. This paper reviews different classes MBTG at a conceptual level, reports results two case studies comparing various their fault detection effectiveness. Our indicate that technique which employs mutation explicitly generates state verification sequences has better effectiveness than those based on boundary...
We present a minimalist approach to model-based test generation. Our leverages the information provided in domain and behavioral models of an application under produce small yet effective set cases without additional user input. The model consists UML class diagram with invariants, while use cases. Each case flow has associated guard condition updates (to object output parameters). treat invariants enable novel specify once, everywhere paradigm. frees modeler from responsibility specifying...