SCRUB: a tool for code reviews

This paper describes a tool called Source Code Review User Browser (SCRUB) that was developed to support a more effective and tool-based code review process. The tool was designed to support a large team-based software development effort of mission critical software at JPL, but can also be used for individual software development on small projects. The tool combines classic peer code review with machine-generated analyses from a customizable range of source code analyzers. All reports, whether generated by humans or by background tools, are accessed through a single uniform interface provided by SCRUB.     

Cobra: a light-weight tool for static and dynamic program analysis

Static source code analysis tools have become indispensable for the development of reliable software applications. The best analyzers can reveal subtle flaws in a code base, but they can also be slow. In part this is due to the collection of detailed information about the possible data and control flow of an application to support the broadest possible range of analyses. For larger code bases it is not unusual that even the best of breed static analyzers can take an hour or more to complete an analysis. In this paper we describe a framework for a much faster, but more light-weight type of static analysis that can support interactive use for standard types of queries. The Cobra tool we designed for this purpose can scale to explore millions of lines of code interactively. The tool is mostly language agnostic, and can therefore easily be configured to resolve even dynamic program analysis queries.     

ACSmt: A plugin for eclipse papyrus to model systems of systems

While System of Systems (SoS) architectures for large and complex software projects are gaining momentum, the commonly used modeling and tooling approaches are still general-purpose or oriented towards single systems. Developers could benefit from methods and tools that avoid system-centric details in favor of native SoS modeling support. This paper presents a diagram-centric modeling tool with native SoS modeling support. The tool is implemented as a plugin for the Eclipse Papyrus modeling tool. The tool was showcased as a demo at MODELS'22. The code of the plugin is freely available via Github.     

The EMISQ method and its tool support-expert-based evaluation of internal software quality

There is empirical evidence that internal software quality, e.g., the quality of source code, has great impact on the overall quality of software. Besides well-known manual inspection and review techniques for source code, more recent approaches utilize tool-based static code analysis for the evaluation of internal software quality. Despite the high potential of code analyzers the application of tools alone cannot replace well-founded expert opinion. Knowledge, experience and fair judgment are indispensable for a valid, reliable quality assessment, which is accepted by software developers and managers. The EMISQ method (Evaluation Method for Internal Software Quality), guides the assessment process for all stakeholders of an evaluation project. The method is supported by the Software Product Quality Reporter (SPQR), a tool which assists evaluators with their analysis and rating tasks and provides support for generating code quality reports. The application of SPQR has already proved its usefulness in various code assessment projects around the world. This paper introduces the EMISQ method and describes the tool support needed for an efficient and effective evaluation of internal software quality.     

Oto,a generic and extensible tool for marking programming assignments

Marking programming assignments in programming courses involves a lot of work: each program must be tested, the source code must be read and evaluated, etc. With the large classes encountered nowadays, the feedback provided to students through marking is thus rather limited, and often late. Tools providing support for marking programming assignments do exist, ranging from support for administrative aspects through automation of program testing or support for source code evaluation based on metrics. In this paper, we introduce a tool, called Oto, that provides support for submission and marking of assignments. Oto aims at reducing the workload associated with the marking task. Oto also aims at providing timely feedback to the students, including feedback before the final submission. Furthermore, the tool has been designed to be generic and extensible, so that the marking process for a specific assignment can easily be customized and the tool can be extended with various marking components (modules) that allows it to deal with various aspects of marking (testing, style, structure, etc.) and with programs written in various programming languages. Copyright © 2007 John Wiley & Sons, Ltd.     

A compiler framework for the reduction of worst-case execution times

The current practice to design software for real-time systems is tedious. There is almost no tool support that assists the designer in automatically deriving safe bounds of the worst-case execution time (WCET) of a system during code generation and in systematically optimizing code to reduce WCET.     

Using Stack Overflow content to assist in code review

An essential goal for programmers is to minimize the cost of identifying and correcting defects in source code. Code review is commonly used for identifying programming defects. However, manual code review has some shortcomings: (1) it is time-consuming and (2) outcomes are subjective and depend on the skills of reviewers. An automated approach for assisting in code reviews is thus highly desirable. We present a tool for assisting in code review and results from our experiments evaluating the tool in different scenarios. The tool leveraged content available from professional programmer support forums (eg, StackOverflow.com) to determine potential defectiveness of a given piece of source code. The defectiveness is expressed on the scale of {Likely defective, neutral, unlikely to be defective}. The basic idea employed in the tool is (1) to identify a set P of discussion posts on Stack Overflow such that each p∈P contains source code fragment(s), which sufficiently resemble the input code C being reviewed, and (2) to determine the likelihood of C being defective by considering all p∈P. A novel aspect of our approach is to use document fingerprinting for comparing two pieces of source code. Our choice of document fingerprinting technique is inspired by source code plagiarism detection tools where it has proven to be very successful. In the experiments that we performed to verify the effectiveness of our approach, source code samples from more than 300 GitHub open-source repositories were taken as input. An F1 score of 0.94 has been achieved in identifying correct/relevant results.     

How Software Developers Use Tagging to Support Reminding and Refinding

Developers frequently add annotations to source code to help them remember pertinent information and mark locations of interest for future investigation. Finding and refinding these notes is a form of navigation that is integral to software maintenance. Although there is some tool support in modern development environments for authoring and navigating these comments, we have observed that these annotations often fail to remind and are sometimes difficult to find by the programmer. To address these shortcomings, we have designed a new approach for software navigation called Tags for Software Engineering Activities (TagSEA). TagSEA combines the notion of waypointing (a mechanism for marking locations in spatial navigation) with social tagging to support programmers in defining semantically rich annotations to source code comments. The tool provides support for creating, editing, navigating, and managing these annotations. We present the results from two empirical studies, where we observed and then analyzed how professional programmers used source code annotations to support their development activities over 24 months. Our findings indicate that the addition of semantic information to annotations can improve their value. We also provide suggestions on how annotation tools in general may be improved.     

Automatically identifying changes that impact code-to-design traceability during evolution

An approach is presented that automatically determines if a given source code change impacts the design (i.e., UML class diagram) of the system. This allows code-to-design traceability to be consistently maintained as the source code evolves. The approach uses lightweight analysis and syntactic differencing of the source code changes to determine if the change alters the class diagram in the context of abstract design. The intent is to support both the simultaneous updating of design documents with code changes and bringing old design documents up to date with current code given the change history. An efficient tool was developed to support the approach and is applied to an open source system. The results are evaluated and compared against manual inspection by human experts. The tool performs better than (error prone) manual inspection. The developed approach and tool were used to empirically investigate and understand how changes to source code (i.e., commits) break code-to-design traceability during evolution and the benefits from such understanding. Commits are categorized as design impact or no impact. The commits of four open source projects over 3-year time durations are extracted and analyzed. The results of the study show that most of the code changes do not impact the design and these commits have a smaller number of changed files and changed less lines compared to commits with design impact. The results also show that most bug fixes do not impact design.     

Computer-aided development of a real-time program

The refinement calculus is a well-established theory for formal development of imperative program code and is supported by a number of automated tools. Via a detailed case study, this article shows how refinement theory and tool support can be extended for a program with real-time constraints. The approach adapts a timed variant of the refinement calculus and makes corresponding enhancements to a theorem-prover based refinement tool.     

Constantine: configurable static analysis tool in Eclipse

Static code analysers help in exposing internal code quality problems. For higher effectiveness, they must be pressed into use early during the development of code. They must support the formulation of new coding constraints with relative ease to better cope with variations in coding standards. We present the design of a static analyser that addresses these twin objectives. Our system provides interactive feedback to programmers on the non‐conformances that occur in response to the changes made to the code. Its rule construction framework empowers programmers to define new conformance rules, which can come into effect immediately after creation. The tool has been realized as an Eclipse plug‐in for the analysis of C, C++ and Java sources. Central to its design is the concept of reusing a set of primitive checks by composing them to form new rules. This renders rule construction accessible to programmers, lowers dependence on tool smiths and accelerates the enforcement of custom checks. We also present our experience in defining rules drawn from an industry standard rule set based on this approach. Copyright © 2012 John Wiley & Sons, Ltd.     

安全关键异构软件混合建模及代码生成方法

随着系统复杂性的急剧增加,未来安全关键软件越来越多地采用异构构件组合架构,各种构件可能使用不同的计算模型或实现语言,使得整个软件系统呈现异构性.因此,设计此类系统需要使用复杂的建模方法.AADL(architecture analysis and design language)是一种安全关键系统体系结构多范式建模语言...     

基于LePUS的设计模式CASE工具的设计与实现

设计模式是软件工程界的热点，在面向对象软件设计中扮演着重要角色，自动化支持设计模式非常必要。为此，以LePUS语言为基础，提出了一个支持设计模式的CASE工具原型模型，该工具支持设计模式代码框架的自动生成，更重要的是该工具可以通过加入新的设计模式而得以扩展。此外，详细分析了实现中的源程序内部表示、设计模式实例化、动态模板生成技术等关键技术。     

Method and implementation for investigating code clones in a software system

Maintaining software systems is becoming more difficult as the size and complexity of software increase. One factor that complicates software maintenance is the presence of code clones. A code clone is a code fragment that has identical or similar code fragments to it in the source code. Code clones are introduced for various reasons such as reusing code by ‘copy and paste’. If modifying a code clone with many similar code fragments, we must consider whether to modify each of them. Especially for large-scale software, such a process is very complicated and expensive. In this paper, we propose methods of visualizing and featuring code clones to support their understanding in large-scale software. The methods have been implemented as a tool called Gemini, which has applied to an open source software system. Application results show the usefulness and capability of our system.     

Support of automatic parallelization with concept comprehension

Current approaches to parallelizing compilation perform a purely structural analysis of the sequential code. Conversely, a semantic analysis performing concept assignment for code sections, can support the recognition of the algorithms that the code implements. This can considerably help the parallelization process, by allowing the introduction of heuristics and an extensive pruning of the search space, and thus enabling the application of more aggressive code transformations. It can play an important role in overcoming the current limitations to Automatic Parallelization. In this paper we discuss the applicability of concept comprehension to the parallelization process, and we present a novel technique for automatic algorithmic recognition we have designed and implemented. We are currently developing a reverse engineering tool supporting the translation of sequential Fortran code into HPF, which is based on the recognition technique we have developed. Its working criteria are illustrated and discussed.     

渐进式智能回溯向量化代码调优方法

为了充分发挥高性能计算机的计算能力,缓解程序员设计和编写并行程序的压力,扩充可用软件集合,设计并实现了利用交互界面深入挖掘程序中的可向量化语句,优化生成代码中的向量化语句,提高生成代码的执行效率.该方法对充分发挥高性能计算机的计算能力,增强系统可用性和扩展应用范围具有重要的意义,同时能够提供有效的辅助手段和工具支持.渐进式智能回溯向量化代码调优架构通过对用户提交的串行程序进行程序分析和变换,采用串行程序分析、数据依赖分析、向量化分析等技术手段,根据分析结果对程序进行变换和优化,自动生成最终的向量化代码.该方法通过分析串行程序中潜在的并行性,将其自动变换为等价的向量化代码形式,大大简化了程序员的工作.     

开发基于Matlab的Stand-Alone软件

Matlab语言是国际上使用最为广泛的科学与工程计算软件工具,但是由Matlab生成的代码不能脱离Matlab环境运行.如何令Matlab代码能够完全脱离Matlab环境独立运行,对于各专业人员借助Matlab语言快速开发出具备强大计算功能的专业应用软件具有重要的意义.本文在分析了Matlab软件的优缺点的基础上,给出了使包含Matlab代码的应用软件能够脱离Matlab环境运行的具体步骤和方法.     

CScout: A refactoring browser for C

Despite its maturity and popularity, the C programming language still lacks tool support for reliably performing even simple refactoring, browsing, or analysis operations. This is primarily due to identifier scope complications introduced by the C preprocessor. The CScout refactoring browser analyses complete program families by tagging the original identifiers with their precise location and classifying them into equivalence classes orthogonal to the C language’s namespace and scope extents. A web-based user interface provides programmers with an intuitive source code analysis and navigation front-end, while an sql-based back-end allows more complex source code analysis and manipulation. CScout has been successfully applied to many medium and large-sized proprietary and open-source projects identifying thousands of modest refactoring opportunities.     

Generation and validation of traces between requirements and architecture based on formal trace semantics

The size and complexity of software systems make integration of the new/modified requirements to the software system costly and time consuming. The impact of requirements changes on other requirements, design elements and source code should be traced to determine parts of the software to be changed. Considerable research has been devoted to relating requirements and design artifacts with source code. Less attention has been paid to relating requirements (R) with architecture (A) by using well-defined semantics of traces. Traces between R&A might be manually assigned. This is time-consuming, and error prone. Traces might be incomplete and invalid. In this paper, we present an approach for automatic trace generation and validation of traces between requirements (R) and architecture (A). Requirements relations and architecture verification techniques are used. A trace metamodel is defined with commonly used trace types between R&A. We use the semantics of traces and requirements relations for generating and validating traces with a tool support. The tool provides the following: (1) generation and validation of traces by using requirements relations and/or verification of architecture, (2) generation and validation of requirements relations by using traces. The tool is based on model transformation in ATL and term-rewriting logic in Maude.