The Experts below are selected from a list of 1365 Experts worldwide ranked by ideXlab platform
Li Liao - One of the best experts on this subject based on the ideXlab platform.
-
evaluate how Cyclomatic Complexity changes in the context of software evolution
Computer Software and Applications Conference, 2018Co-Authors: Huihui Liu, Xufang Gong, Li LiaoAbstract:Cyclomatic Complexity (CC) is often used as a factor to evaluate the quality of source code. Many researchers have studied the relationships between CC and LOC, between CC and basic testing paths, and between CC and code maintainability etc. However, few researchers studied how software evolution affects CC. In this paper, we propose a methodology based on source code change analysis and develop a supporting tool, called CCEvaluator, to evaluate CC variation during software evolution. By empirical studies on six pieces of typical open source projects, a series of interesting findings including six commonness and five differences have been obtained. To explain why these commonness and differences are produced during software evolution, code change information among successive versions are captured and used in this paper.
Michael Whelan - One of the best experts on this subject based on the ideXlab platform.
-
Security of open source web applications
2009 3rd International Symposium on Empirical Software Engineering and Measurement ESEM 2009, 2009Co-Authors: James Walden, Grant A. Welch, Maureen Doyle, Michael WhelanAbstract:In an empirical study of fourteen widely used open source PHP Web applications, we found that the vulnerability density of the aggregate code base decreased from 8.88 vulnerabilities/KLOC to 3.30 from Summer 2006 to Summer 2008. Individual web applications varied widely, with vulnerability densities ranging from 0 to 121.4 at the beginning of the study. While the total number of security problems decreased, vulnerability density increased in eight of the fourteen applications over the analysis period. We developed a security resources indicator metric, which we found to be strongly correlated (rho = 0.67, p < 0.05) with change in vulnerability density over time. Traditional software metrics, such as code size, Cyclomatic Complexity, nesting Complexity, and churn, had significant (p < 0.05) but much smaller correlations (rho = 0.31 at best) with vulnerability density. Vulnerability density was measured using the fortify source code analyzer static analysis tool.
Angelo Perkusich - One of the best experts on this subject based on the ideXlab platform.
-
impact of unanticipated software evolution on development cost and quality an empirical evaluation
International Conference on Software Engineering, 2015Co-Authors: Rodrigo A Vilar, Anderson A Lima, Hyggo Almeida, Angelo PerkusichAbstract:Most techniques to aid maintenance and evolution of software require to define extension points. Generally, developers try to anticipate the parts that are more likely to evolve, but they can make mistakes and spend money in vain. With Unanticipated Software Evolution, developers can easily change any element of the software, even those that are not related with an extension point. However, we have not found empirical validations of Unanticipated Software Evolution impact on development cost and quality. In this work, we design and execute an experiment for Unanticipated Software Evolution (specifically, using the COMPOR platform), in order to compare its results metrics -- time, lines of code, test coverage and Complexity -- using OO systems as baseline. 30 undergraduate students were subjects in this experiment. We concluded that COMPOR have significant impact on the Lines of code and Complexity metrics, reducing the amount of lines changed and the McCabe Cyclomatic Complexity on evolution of a small system. Keywords-Unanticipated Software Evolution, Cost, Quality, Empirical software engineering, Software Evolution.
Huihui Liu - One of the best experts on this subject based on the ideXlab platform.
-
evaluate how Cyclomatic Complexity changes in the context of software evolution
Computer Software and Applications Conference, 2018Co-Authors: Huihui Liu, Xufang Gong, Li LiaoAbstract:Cyclomatic Complexity (CC) is often used as a factor to evaluate the quality of source code. Many researchers have studied the relationships between CC and LOC, between CC and basic testing paths, and between CC and code maintainability etc. However, few researchers studied how software evolution affects CC. In this paper, we propose a methodology based on source code change analysis and develop a supporting tool, called CCEvaluator, to evaluate CC variation during software evolution. By empirical studies on six pieces of typical open source projects, a series of interesting findings including six commonness and five differences have been obtained. To explain why these commonness and differences are produced during software evolution, code change information among successive versions are captured and used in this paper.
James Walden - One of the best experts on this subject based on the ideXlab platform.
-
Security of open source web applications
2009 3rd International Symposium on Empirical Software Engineering and Measurement ESEM 2009, 2009Co-Authors: James Walden, Grant A. Welch, Maureen Doyle, Michael WhelanAbstract:In an empirical study of fourteen widely used open source PHP Web applications, we found that the vulnerability density of the aggregate code base decreased from 8.88 vulnerabilities/KLOC to 3.30 from Summer 2006 to Summer 2008. Individual web applications varied widely, with vulnerability densities ranging from 0 to 121.4 at the beginning of the study. While the total number of security problems decreased, vulnerability density increased in eight of the fourteen applications over the analysis period. We developed a security resources indicator metric, which we found to be strongly correlated (rho = 0.67, p < 0.05) with change in vulnerability density over time. Traditional software metrics, such as code size, Cyclomatic Complexity, nesting Complexity, and churn, had significant (p < 0.05) but much smaller correlations (rho = 0.31 at best) with vulnerability density. Vulnerability density was measured using the fortify source code analyzer static analysis tool.