Vulnerabilities are a known problem in modern Open Source Software(OSS).Most developers often rely on third-party libraries to accelerate feature implementation.However,these libraries may contain vulnerabilities that...Vulnerabilities are a known problem in modern Open Source Software(OSS).Most developers often rely on third-party libraries to accelerate feature implementation.However,these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code,posing security risks to dependent projects.Existing research addresses these challenges through Software Composition Analysis(SCA)for vulnerability detection and remediation.Nevertheless,current solutions may introduce additional issues,such as incompatibilities,dependency conflicts,and additional vulnerabilities.To address this,we propose Vulnerability Scan and Protection(VulnScanPro),a robust solution for detection and remediation vulnerabilities in Java projects.Specifically,VulnScanPro builds a finegrained method graph to identify unreachable methods.The method graph is mapped to the project’s dependency tree,constructing a comprehensive vulnerability propagation graph that identifies unreachable vulnerable APIs and dependencies.Based on this analysis,we propose three solutions for vulnerability remediation:(1)Removing unreachable vulnerable dependencies,thereby resolving security risks and reducing maintenance overhead.(2)Upgrading vulnerable dependencies to the closest non-vulnerable versions,while pinning the versions of transitive dependencies introduced by the vulnerable dependency,in order to mitigate compatibility issues and prevent the introduction of new vulnerabilities.(3)Eliminating unreachable vulnerable APIs,particularly when security patches are either incompatible or absent.Experimental results show that these solutions effectively mitigate vulnerabilities and enhance the overall security of the project.展开更多
Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, ...Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, software testing and analysis are two of the critical methods, which significantly benefit from the advancements in deep learning technologies. Due to the successful use of deep learning in software security, recently,researchers have explored the potential of using large language models(LLMs) in this area. In this paper, we systematically review the results focusing on LLMs in software security. We analyze the topics of fuzzing, unit test, program repair, bug reproduction, data-driven bug detection, and bug triage. We deconstruct these techniques into several stages and analyze how LLMs can be used in the stages. We also discuss the future directions of using LLMs in software security, including the future directions for the existing use of LLMs and extensions from conventional deep learning research.展开更多
Spectrum-based fault localization (SBFL) generates a ranked list of suspicious elements by using the program execution spectrum, but the excessive number of elements ranked in parallel results in low localization accu...Spectrum-based fault localization (SBFL) generates a ranked list of suspicious elements by using the program execution spectrum, but the excessive number of elements ranked in parallel results in low localization accuracy. Most researchers consider intra-class dependencies to improve localization accuracy. However, some studies show that inter-class method call type faults account for more than 20%, which means such methods still have certain limitations. To solve the above problems, this paper proposes a two-phase software fault localization based on relational graph convolutional neural networks (Two-RGCNFL). Firstly, in Phase 1, the method call dependence graph (MCDG) of the program is constructed, the intra-class and inter-class dependencies in MCDG are extracted by using the relational graph convolutional neural network, and the classifier is used to identify the faulty methods. Then, the GraphSMOTE algorithm is improved to alleviate the impact of class imbalance on classification accuracy. Aiming at the problem of parallel ranking of element suspicious values in traditional SBFL technology, in Phase 2, Doc2Vec is used to learn static features, while spectrum information serves as dynamic features. A RankNet model based on siamese multi-layer perceptron is constructed to score and rank statements in the faulty method. This work conducts experiments on 5 real projects of Defects4J benchmark. Experimental results show that, compared with the traditional SBFL technique and two baseline methods, our approach improves the Top-1 accuracy by 262.86%, 29.59% and 53.01%, respectively, which verifies the effectiveness of Two-RGCNFL. Furthermore, this work verifies the importance of inter-class dependencies through ablation experiments.展开更多
Software-defined networking(SDN)is an innovative paradigm that separates the control and data planes,introducing centralized network control.SDN is increasingly being adopted by Carrier Grade networks,offering enhance...Software-defined networking(SDN)is an innovative paradigm that separates the control and data planes,introducing centralized network control.SDN is increasingly being adopted by Carrier Grade networks,offering enhanced networkmanagement capabilities than those of traditional networks.However,because SDN is designed to ensure high-level service availability,it faces additional challenges.One of themost critical challenges is ensuring efficient detection and recovery from link failures in the data plane.Such failures can significantly impact network performance and lead to service outages,making resiliency a key concern for the effective adoption of SDN.Since the recovery process is intrinsically dependent on timely failure detection,this research surveys and analyzes the current literature on both failure detection and recovery approaches in SDN.The survey provides a critical comparison of existing failure detection techniques,highlighting their advantages and disadvantages.Additionally,it examines the current failure recovery methods,categorized as either restoration-based or protection-based,and offers a comprehensive comparison of their strengths and limitations.Lastly,future research challenges and directions are discussed to address the shortcomings of existing failure recovery methods.展开更多
Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
Link failure is a critical issue in large networks and must be effectively addressed.In software-defined networks(SDN),link failure recovery schemes can be categorized into proactive and reactive approaches.Reactive s...Link failure is a critical issue in large networks and must be effectively addressed.In software-defined networks(SDN),link failure recovery schemes can be categorized into proactive and reactive approaches.Reactive schemes have longer recovery times while proactive schemes provide faster recovery but overwhelm the memory of switches by flow entries.As SDN adoption grows,ensuring efficient recovery from link failures in the data plane becomes crucial.In particular,data center networks(DCNs)demand rapid recovery times and efficient resource utilization to meet carrier-grade requirements.This paper proposes an efficient Decentralized Failure Recovery(DFR)model for SDNs,meeting recovery time requirements and optimizing switch memory resource consumption.The DFR model enables switches to autonomously reroute traffic upon link failures without involving the controller,achieving fast recovery times while minimizing memory usage.DFR employs the Fast Failover Group in the OpenFlow standard for local recovery without requiring controller communication and utilizes the k-shortest path algorithm to proactively install backup paths,allowing immediate local recovery without controller intervention and enhancing overall network stability and scalability.DFR employs flow entry aggregation techniques to reduce switch memory usage.Instead of matching flow entries to the destination host’s MAC address,DFR matches packets to the destination switch’s MAC address.This reduces the switches’Ternary Content-Addressable Memory(TCAM)consumption.Additionally,DFR modifies Address Resolution Protocol(ARP)replies to provide source hosts with the destination switch’s MAC address,facilitating flow entry aggregation without affecting normal network operations.The performance of DFR is evaluated through the network emulator Mininet 2.3.1 and Ryu 3.1 as SDN controller.For different number of active flows,number of hosts per edge switch,and different network sizes,the proposed model outperformed various failure recovery models:restoration-based,protection by flow entries,protection by group entries and protection by Vlan-tagging model in terms of recovery time,switch memory consumption and controller overhead which represented the number of flow entry updates to recover from the failure.Experimental results demonstrate that DFR achieves recovery times under 20 milliseconds,satisfying carrier-grade requirements for rapid failure recovery.Additionally,DFR reduces switch memory usage by up to 95%compared to traditional protection methods and minimizes controller load by eliminating the need for controller intervention during failure recovery.Theresults underscore the efficiency and scalability of the DFR model,making it a practical solution for enhancing network resilience in SDN environments.展开更多
In recent years,with the rapid development of software systems,the continuous expansion of software scale and the increasing complexity of systems have led to the emergence of a growing number of software metrics.Defe...In recent years,with the rapid development of software systems,the continuous expansion of software scale and the increasing complexity of systems have led to the emergence of a growing number of software metrics.Defect prediction methods based on software metric elements highly rely on software metric data.However,redundant software metric data is not conducive to efficient defect prediction,posing severe challenges to current software defect prediction tasks.To address these issues,this paper focuses on the rational clustering of software metric data.Firstly,multiple software projects are evaluated to determine the preset number of clusters for software metrics,and various clustering methods are employed to cluster the metric elements.Subsequently,a co-occurrence matrix is designed to comprehensively quantify the number of times that metrics appear in the same category.Based on the comprehensive results,the software metric data are divided into two semantic views containing different metrics,thereby analyzing the semantic information behind the software metrics.On this basis,this paper also conducts an in-depth analysis of the impact of different semantic view of metrics on defect prediction results,as well as the performance of various classification models under these semantic views.Experiments show that the joint use of the two semantic views can significantly improve the performance of models in software defect prediction,providing a new understanding and approach at the semantic view level for defect prediction research based on software metrics.展开更多
This paper presents our endeavors in developing the large-scale, ultra-high-resolution E3SM Land Model (uELM), specifically designed for exascale computers furnished with accelerators such as Nvidia GPUs. The uELM is ...This paper presents our endeavors in developing the large-scale, ultra-high-resolution E3SM Land Model (uELM), specifically designed for exascale computers furnished with accelerators such as Nvidia GPUs. The uELM is a sophisticated code that substantially relies on High-Performance Computing (HPC) environments, necessitating particular machine and software configurations. To facilitate community-based uELM developments employing GPUs, we have created a portable, standalone software environment preconfigured with uELM input datasets, simulation cases, and source code. This environment, utilizing Docker, encompasses all essential code, libraries, and system software for uELM development on GPUs. It also features a functional unit test framework and an offline model testbed for comprehensive numerical experiments. From a technical perspective, the paper discusses GPU-ready container generations, uELM code management, and input data distribution across computational platforms. Lastly, the paper demonstrates the use of environment for functional unit testing, end-to-end simulation on CPUs and GPUs, and collaborative code development.展开更多
Ensuring software quality in open⁃source environments requires adaptive mechanisms to enhance scalability,optimize service provisioning,and improve reliability.This study presents the dynamic correlation analysis tech...Ensuring software quality in open⁃source environments requires adaptive mechanisms to enhance scalability,optimize service provisioning,and improve reliability.This study presents the dynamic correlation analysis technique to enhance software quality management in open⁃source environments by addressing dynamic scalability,adaptive service provisioning,and software reliability.The proposed methodology integrates a scalability metric,an optimized service provisioning model,and a weighted entropy⁃based reliability assessment to systematically improve key performance parameters.Experimental evaluation conducted on multiple open⁃source software(OSS)versions demonstrates significant improvements:scalability increased by 27.5%,service provisioning time reduced by 18.3%,and software reliability improved by 22.1%compared to baseline methods.A comparative analysis with prior works further highlights the effectiveness of this approach in ensuring adaptability,efficiency,and resilience in dynamic software ecosystems.Future work will focus on real⁃time monitoring and AI⁃driven adaptive provisioning to further enhance software quality management.展开更多
To address the severe challenges posed by the international situation and meet the needs of the national major development strategies,the traditional software engineering talent cultivation model lacks interdisciplina...To address the severe challenges posed by the international situation and meet the needs of the national major development strategies,the traditional software engineering talent cultivation model lacks interdisciplinary education focused on specific fields,making it difficult to cultivate engineering leaders with multidisciplinary backgrounds who are capable of solving complex real-world problems.To solve this problem,based on the decade-long interdisciplinary talent cultivation achievements of the College of Software Engineering at Sichuan University,this article proposes the“Software Engineering+”innovative talent cultivation paradigm.It provides an analysis through professional construction of interdisciplinary talents,the design of talent cultivation frameworks,the formulation of cultivation plans,the establishment of interdisciplinary curriculum systems,the reform of teaching modes,and the improvement of institutional systems.Scientific solutions are proposed,and five project models implemented and operated by the College of Software Engineering at Sichuan University are listed as practical examples,offering significant reference value.展开更多
Software defect prediction is a critical component in maintaining software quality,enabling early identification and resolution of issues that could lead to system failures and significant financial losses.With the in...Software defect prediction is a critical component in maintaining software quality,enabling early identification and resolution of issues that could lead to system failures and significant financial losses.With the increasing reliance on user-generated content,social media reviews have emerged as a valuable source of real-time feedback,offering insights into potential software defects that traditional testing methods may overlook.However,existing models face challenges like handling imbalanced data,high computational complexity,and insufficient inte-gration of contextual information from these reviews.To overcome these limitations,this paper introduces the SESDP(Sentiment Analysis-Based Early Software Defect Prediction)model.SESDP employs a Transformer-Based Multi-Task Learning approach using Robustly Optimized Bidirectional Encoder Representations from Transformers Approach(RoBERTa)to simultaneously perform sentiment analysis and defect prediction.By integrating text embedding extraction,sentiment score computation,and feature fusion,the model effectively captures both the contextual nuances and sentiment expressed in user reviews.Experimental results show that SESDP achieves superior performance with an accuracy of 96.37%,precision of 94.7%,and recall of 95.4%,particularly excelling in handling imbalanced datasets compared to baseline models.This approach offers a scalable and efficient solution for early software defect detection,enhancing proactive software quality assurance.展开更多
This paper delves into the visual teaching of analytic geometry facilitated by GeoGebra software.Through a meticulous analysis of the current landscape of analytic geometry instruction and the distinct advantages of G...This paper delves into the visual teaching of analytic geometry facilitated by GeoGebra software.Through a meticulous analysis of the current landscape of analytic geometry instruction and the distinct advantages of GeoGebra software,it expounds upon the imperative and feasibility of its application within the realm of analytic geometry teaching.Furthermore,it presents a detailed account of the teaching practice process grounded in this software,encompassing teaching design and the demonstration of teaching cases,and conducts an in-depth investigation and analysis of the teaching outcomes.The research findings indicate that the GeoGebra software can effectively elevate the level of visualization in analytic geometry teaching,thereby augmenting students’learning enthusiasm and comprehension capabilities.It thus offers novel perspectives and methodologies for the pedagogical reform of analytic geometry.展开更多
Starting with the goal and significance of software security testing,this paper introduces the main methods of software security testing in the open network environment,including formal security testing,white box test...Starting with the goal and significance of software security testing,this paper introduces the main methods of software security testing in the open network environment,including formal security testing,white box testing,fuzzy testing,model testing,and fault injection testing.A software security testing method based on a security target model is proposed.This paper provides new ideas for software security testing,better adapts to the open network environment,improves the efficiency and quality of testing,and builds a good software application environment.展开更多
This paper presents a case study of the collaborative integration between the School of Information and Software Engineering at the University of Electronic Science and Technology of China(UESTC)and SI-TECH,highlighti...This paper presents a case study of the collaborative integration between the School of Information and Software Engineering at the University of Electronic Science and Technology of China(UESTC)and SI-TECH,highlighting the complementary advantages of both the University and the enterprise.By jointly establishing research institutes and engaging in diversified collaborative initiatives,the University and the enterprise have embarked on a pathway of School-enterprise Integration.Through a virtuous cycle of cooperation and continuous advancement,they have explored a comprehensive talent cultivation model in“5G”software engineering innovation practices based on this integration.Furthermore,this endeavor aims to facilitate the transformation of technological achievements and provides valuable insights for fostering innovative talents in the field of electronic information through enhanced integration between the University and the enterprise.展开更多
Building a collaborative education mechanism,improving students’engineering practice and innovation abilities,and cultivating software engineering innovation talents that meet industry needs are of great significance...Building a collaborative education mechanism,improving students’engineering practice and innovation abilities,and cultivating software engineering innovation talents that meet industry needs are of great significance for fully implementing the“Excellent Engineer Education and Training Program”of the Ministry of Education and achieving the goal of building a strong engineering education country.The School of Information and Software Engineering of the University of Electronic Science and Technology of China(UESTC)has been thoroughly studying and implementing Xi Jinping Thought on Socialism with Chinese Characteristics for a New Era and the spirit of the 20th CPC National Congress.The school has steadfastly promoted the Project of Nurturing the Soul of the New Era.The school has taken moral education as its core,deeply explored the resources of“all staff,throughout the process,in all aspects”,and constructed and implemented the collaborative education mechanism.These efforts have laid a solid foundation for cultivating excellent talents in software engineering in the new era.展开更多
Quality engineers play a key role in software product development,covering various stages such as requirements analysis,design,coding,testing,and delivery.Its responsibilities include formulating quality standards,wri...Quality engineers play a key role in software product development,covering various stages such as requirements analysis,design,coding,testing,and delivery.Its responsibilities include formulating quality standards,writing test cases,conducting functional and performance tests,and optimizing the product based on feedback.In government procurement projects,quality evaluation focuses on process compliance,security,and functional compatibility.KPI evaluation trees are commonly used for quantitative assessment,and a dynamic adjustment mechanism for indicators needs to be established to cope with complex demands.In addition,risk-driven testing and agile development should be combined to set up quality access control to ensure that each iteration version meets expectations.The multi-dimensional quality assurance and verification scoring mechanism can effectively enhance product reliability and reduce project risks.展开更多
This paper proposes a multivariate data fusion based quality evaluation model for software talent cultivation.The model constructs a comprehensive ability and quality evaluation index system for college students from ...This paper proposes a multivariate data fusion based quality evaluation model for software talent cultivation.The model constructs a comprehensive ability and quality evaluation index system for college students from a perspective of engineering course,especially of software engineering.As for evaluation method,relying on the behavioral data of students during their school years,we aim to construct the evaluation model as objective as possible,effectively weakening the negative impact of personal subjective assumptions on the evaluation results.展开更多
In the dynamic landscape of software technologies,the demand for sophisticated applications across diverse industries is ever⁃increasing.However,predicting software defects remains a crucial challenge for ensuring the...In the dynamic landscape of software technologies,the demand for sophisticated applications across diverse industries is ever⁃increasing.However,predicting software defects remains a crucial challenge for ensuring the resilience and dependability of software systems.This study presents a novel software defect prediction technique that significantly enhances performance through a hybrid machine learning approach.The innovative methodology integrates a Genetic Algorithm(GA)for precise feature selection,a Decision Tree(DT)for robust classification,and leverages the capabilities of Particle Swarm Optimization(PSO)and Ant Colony Optimization(ACO)algorithms for precision⁃driven optimization.The utilization of datasets from varied sources enriches the predictive prowess of our model.Of particular significance in our pursuit is the unwavering focus on enhancing the prediction process through a highly refined PSO⁃ACO algorithm,thereby optimizing the efficiency and effectiveness of the GA⁃DT hybrid model.The thorough evaluation of our proposed approach unfolds across seven software projects,unveiling a paradigm shift in performance metrics.Results unequivocally demonstrate that the GA⁃DT with PSO⁃ACO algorithm surpasses its counterparts,showcasing unparalleled accuracy and reliability.Furthermore,our hybrid approach demonstrates outstanding performance in terms of F⁃measure,with an impressive increase rate of 78%.展开更多
Under the background of training practical compound talents in software engineering,this paper analyzes the problems existing in the current teaching of software engineering courses represented by software project man...Under the background of training practical compound talents in software engineering,this paper analyzes the problems existing in the current teaching of software engineering courses represented by software project management,puts forward the team task mechanism of software engineering courses with AI empowerment and cooperation and competition,develops a unified project management platform to support the implementation of team tasks,and proves the effectiveness of the scheme through the results obtained.展开更多
This article focuses on the teaching of circuit foundation courses in vocational colleges and explores in depth the application of MWorks simulation software.By analyzing the limitations of traditional circuit foundat...This article focuses on the teaching of circuit foundation courses in vocational colleges and explores in depth the application of MWorks simulation software.By analyzing the limitations of traditional circuit foundation course teaching,this article elaborates on the advantages of MWorks software in teaching,including intuitive presentation of circuit principles,provision of rich component libraries,and powerful analysis functions.Detailed teaching practice cases based on the software were introduced,such as simple circuit construction and analysis,complex circuit fault troubleshooting,etc.,and the application effect was demonstrated by comparing actual teaching data.The results show that MWorks simulation software effectively enhances students’learning interest,practical ability,and theoretical knowledge mastery,providing strong support for the improvement of the teaching quality of circuit foundation courses in vocational colleges.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.62141210)the Fundamental Research Funds for the Central Universities(Grant No.N2217005)+1 种基金Open Fund of State Key Lab.for Novel Software Technology,Nanjing University(KFKT2021B01)111 Project(B16009).
文摘Vulnerabilities are a known problem in modern Open Source Software(OSS).Most developers often rely on third-party libraries to accelerate feature implementation.However,these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code,posing security risks to dependent projects.Existing research addresses these challenges through Software Composition Analysis(SCA)for vulnerability detection and remediation.Nevertheless,current solutions may introduce additional issues,such as incompatibilities,dependency conflicts,and additional vulnerabilities.To address this,we propose Vulnerability Scan and Protection(VulnScanPro),a robust solution for detection and remediation vulnerabilities in Java projects.Specifically,VulnScanPro builds a finegrained method graph to identify unreachable methods.The method graph is mapped to the project’s dependency tree,constructing a comprehensive vulnerability propagation graph that identifies unreachable vulnerable APIs and dependencies.Based on this analysis,we propose three solutions for vulnerability remediation:(1)Removing unreachable vulnerable dependencies,thereby resolving security risks and reducing maintenance overhead.(2)Upgrading vulnerable dependencies to the closest non-vulnerable versions,while pinning the versions of transitive dependencies introduced by the vulnerable dependency,in order to mitigate compatibility issues and prevent the introduction of new vulnerabilities.(3)Eliminating unreachable vulnerable APIs,particularly when security patches are either incompatible or absent.Experimental results show that these solutions effectively mitigate vulnerabilities and enhance the overall security of the project.
文摘Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, software testing and analysis are two of the critical methods, which significantly benefit from the advancements in deep learning technologies. Due to the successful use of deep learning in software security, recently,researchers have explored the potential of using large language models(LLMs) in this area. In this paper, we systematically review the results focusing on LLMs in software security. We analyze the topics of fuzzing, unit test, program repair, bug reproduction, data-driven bug detection, and bug triage. We deconstruct these techniques into several stages and analyze how LLMs can be used in the stages. We also discuss the future directions of using LLMs in software security, including the future directions for the existing use of LLMs and extensions from conventional deep learning research.
基金funded by the Youth Fund of the National Natural Science Foundation of China(Grant No.42261070).
文摘Spectrum-based fault localization (SBFL) generates a ranked list of suspicious elements by using the program execution spectrum, but the excessive number of elements ranked in parallel results in low localization accuracy. Most researchers consider intra-class dependencies to improve localization accuracy. However, some studies show that inter-class method call type faults account for more than 20%, which means such methods still have certain limitations. To solve the above problems, this paper proposes a two-phase software fault localization based on relational graph convolutional neural networks (Two-RGCNFL). Firstly, in Phase 1, the method call dependence graph (MCDG) of the program is constructed, the intra-class and inter-class dependencies in MCDG are extracted by using the relational graph convolutional neural network, and the classifier is used to identify the faulty methods. Then, the GraphSMOTE algorithm is improved to alleviate the impact of class imbalance on classification accuracy. Aiming at the problem of parallel ranking of element suspicious values in traditional SBFL technology, in Phase 2, Doc2Vec is used to learn static features, while spectrum information serves as dynamic features. A RankNet model based on siamese multi-layer perceptron is constructed to score and rank statements in the faulty method. This work conducts experiments on 5 real projects of Defects4J benchmark. Experimental results show that, compared with the traditional SBFL technique and two baseline methods, our approach improves the Top-1 accuracy by 262.86%, 29.59% and 53.01%, respectively, which verifies the effectiveness of Two-RGCNFL. Furthermore, this work verifies the importance of inter-class dependencies through ablation experiments.
文摘Software-defined networking(SDN)is an innovative paradigm that separates the control and data planes,introducing centralized network control.SDN is increasingly being adopted by Carrier Grade networks,offering enhanced networkmanagement capabilities than those of traditional networks.However,because SDN is designed to ensure high-level service availability,it faces additional challenges.One of themost critical challenges is ensuring efficient detection and recovery from link failures in the data plane.Such failures can significantly impact network performance and lead to service outages,making resiliency a key concern for the effective adoption of SDN.Since the recovery process is intrinsically dependent on timely failure detection,this research surveys and analyzes the current literature on both failure detection and recovery approaches in SDN.The survey provides a critical comparison of existing failure detection techniques,highlighting their advantages and disadvantages.Additionally,it examines the current failure recovery methods,categorized as either restoration-based or protection-based,and offers a comprehensive comparison of their strengths and limitations.Lastly,future research challenges and directions are discussed to address the shortcomings of existing failure recovery methods.
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘Link failure is a critical issue in large networks and must be effectively addressed.In software-defined networks(SDN),link failure recovery schemes can be categorized into proactive and reactive approaches.Reactive schemes have longer recovery times while proactive schemes provide faster recovery but overwhelm the memory of switches by flow entries.As SDN adoption grows,ensuring efficient recovery from link failures in the data plane becomes crucial.In particular,data center networks(DCNs)demand rapid recovery times and efficient resource utilization to meet carrier-grade requirements.This paper proposes an efficient Decentralized Failure Recovery(DFR)model for SDNs,meeting recovery time requirements and optimizing switch memory resource consumption.The DFR model enables switches to autonomously reroute traffic upon link failures without involving the controller,achieving fast recovery times while minimizing memory usage.DFR employs the Fast Failover Group in the OpenFlow standard for local recovery without requiring controller communication and utilizes the k-shortest path algorithm to proactively install backup paths,allowing immediate local recovery without controller intervention and enhancing overall network stability and scalability.DFR employs flow entry aggregation techniques to reduce switch memory usage.Instead of matching flow entries to the destination host’s MAC address,DFR matches packets to the destination switch’s MAC address.This reduces the switches’Ternary Content-Addressable Memory(TCAM)consumption.Additionally,DFR modifies Address Resolution Protocol(ARP)replies to provide source hosts with the destination switch’s MAC address,facilitating flow entry aggregation without affecting normal network operations.The performance of DFR is evaluated through the network emulator Mininet 2.3.1 and Ryu 3.1 as SDN controller.For different number of active flows,number of hosts per edge switch,and different network sizes,the proposed model outperformed various failure recovery models:restoration-based,protection by flow entries,protection by group entries and protection by Vlan-tagging model in terms of recovery time,switch memory consumption and controller overhead which represented the number of flow entry updates to recover from the failure.Experimental results demonstrate that DFR achieves recovery times under 20 milliseconds,satisfying carrier-grade requirements for rapid failure recovery.Additionally,DFR reduces switch memory usage by up to 95%compared to traditional protection methods and minimizes controller load by eliminating the need for controller intervention during failure recovery.Theresults underscore the efficiency and scalability of the DFR model,making it a practical solution for enhancing network resilience in SDN environments.
基金supported by the CCF-NSFOCUS‘Kunpeng’Research Fund(CCF-NSFOCUS2024012).
文摘In recent years,with the rapid development of software systems,the continuous expansion of software scale and the increasing complexity of systems have led to the emergence of a growing number of software metrics.Defect prediction methods based on software metric elements highly rely on software metric data.However,redundant software metric data is not conducive to efficient defect prediction,posing severe challenges to current software defect prediction tasks.To address these issues,this paper focuses on the rational clustering of software metric data.Firstly,multiple software projects are evaluated to determine the preset number of clusters for software metrics,and various clustering methods are employed to cluster the metric elements.Subsequently,a co-occurrence matrix is designed to comprehensively quantify the number of times that metrics appear in the same category.Based on the comprehensive results,the software metric data are divided into two semantic views containing different metrics,thereby analyzing the semantic information behind the software metrics.On this basis,this paper also conducts an in-depth analysis of the impact of different semantic view of metrics on defect prediction results,as well as the performance of various classification models under these semantic views.Experiments show that the joint use of the two semantic views can significantly improve the performance of models in software defect prediction,providing a new understanding and approach at the semantic view level for defect prediction research based on software metrics.
文摘This paper presents our endeavors in developing the large-scale, ultra-high-resolution E3SM Land Model (uELM), specifically designed for exascale computers furnished with accelerators such as Nvidia GPUs. The uELM is a sophisticated code that substantially relies on High-Performance Computing (HPC) environments, necessitating particular machine and software configurations. To facilitate community-based uELM developments employing GPUs, we have created a portable, standalone software environment preconfigured with uELM input datasets, simulation cases, and source code. This environment, utilizing Docker, encompasses all essential code, libraries, and system software for uELM development on GPUs. It also features a functional unit test framework and an offline model testbed for comprehensive numerical experiments. From a technical perspective, the paper discusses GPU-ready container generations, uELM code management, and input data distribution across computational platforms. Lastly, the paper demonstrates the use of environment for functional unit testing, end-to-end simulation on CPUs and GPUs, and collaborative code development.
文摘Ensuring software quality in open⁃source environments requires adaptive mechanisms to enhance scalability,optimize service provisioning,and improve reliability.This study presents the dynamic correlation analysis technique to enhance software quality management in open⁃source environments by addressing dynamic scalability,adaptive service provisioning,and software reliability.The proposed methodology integrates a scalability metric,an optimized service provisioning model,and a weighted entropy⁃based reliability assessment to systematically improve key performance parameters.Experimental evaluation conducted on multiple open⁃source software(OSS)versions demonstrates significant improvements:scalability increased by 27.5%,service provisioning time reduced by 18.3%,and software reliability improved by 22.1%compared to baseline methods.A comparative analysis with prior works further highlights the effectiveness of this approach in ensuring adaptability,efficiency,and resilience in dynamic software ecosystems.Future work will focus on real⁃time monitoring and AI⁃driven adaptive provisioning to further enhance software quality management.
基金supported by the 2023 Sichuan Province Higher Education Talent Cultivation and Teaching Reform Major Project“Exploration and Practice of Interdisciplinary and Integrated Industrial Software Talent Cultivation Model”(JG2023-14)the Sichuan University Higher Education Teaching Reform Project(10th Phase)Research and Exploration of Practical Teaching Mode under the New Major Background of“Cross Disciplinary and Integration”(SCU10128)。
文摘To address the severe challenges posed by the international situation and meet the needs of the national major development strategies,the traditional software engineering talent cultivation model lacks interdisciplinary education focused on specific fields,making it difficult to cultivate engineering leaders with multidisciplinary backgrounds who are capable of solving complex real-world problems.To solve this problem,based on the decade-long interdisciplinary talent cultivation achievements of the College of Software Engineering at Sichuan University,this article proposes the“Software Engineering+”innovative talent cultivation paradigm.It provides an analysis through professional construction of interdisciplinary talents,the design of talent cultivation frameworks,the formulation of cultivation plans,the establishment of interdisciplinary curriculum systems,the reform of teaching modes,and the improvement of institutional systems.Scientific solutions are proposed,and five project models implemented and operated by the College of Software Engineering at Sichuan University are listed as practical examples,offering significant reference value.
基金funded by a grant from the Center of Excellence in Information Assurance(CoEIA),King Saud University(KSU).
文摘Software defect prediction is a critical component in maintaining software quality,enabling early identification and resolution of issues that could lead to system failures and significant financial losses.With the increasing reliance on user-generated content,social media reviews have emerged as a valuable source of real-time feedback,offering insights into potential software defects that traditional testing methods may overlook.However,existing models face challenges like handling imbalanced data,high computational complexity,and insufficient inte-gration of contextual information from these reviews.To overcome these limitations,this paper introduces the SESDP(Sentiment Analysis-Based Early Software Defect Prediction)model.SESDP employs a Transformer-Based Multi-Task Learning approach using Robustly Optimized Bidirectional Encoder Representations from Transformers Approach(RoBERTa)to simultaneously perform sentiment analysis and defect prediction.By integrating text embedding extraction,sentiment score computation,and feature fusion,the model effectively captures both the contextual nuances and sentiment expressed in user reviews.Experimental results show that SESDP achieves superior performance with an accuracy of 96.37%,precision of 94.7%,and recall of 95.4%,particularly excelling in handling imbalanced datasets compared to baseline models.This approach offers a scalable and efficient solution for early software defect detection,enhancing proactive software quality assurance.
基金The 2024 Undergraduate Education Teaching Research and Reform Project of Colleges and Universities in the Autonomous Region“Construction of School-based Digital Resources for Ideological and Political Education in the Course of Analytic Geometry”(XJGXJGPTB-2024104)。
文摘This paper delves into the visual teaching of analytic geometry facilitated by GeoGebra software.Through a meticulous analysis of the current landscape of analytic geometry instruction and the distinct advantages of GeoGebra software,it expounds upon the imperative and feasibility of its application within the realm of analytic geometry teaching.Furthermore,it presents a detailed account of the teaching practice process grounded in this software,encompassing teaching design and the demonstration of teaching cases,and conducts an in-depth investigation and analysis of the teaching outcomes.The research findings indicate that the GeoGebra software can effectively elevate the level of visualization in analytic geometry teaching,thereby augmenting students’learning enthusiasm and comprehension capabilities.It thus offers novel perspectives and methodologies for the pedagogical reform of analytic geometry.
文摘Starting with the goal and significance of software security testing,this paper introduces the main methods of software security testing in the open network environment,including formal security testing,white box testing,fuzzy testing,model testing,and fault injection testing.A software security testing method based on a security target model is proposed.This paper provides new ideas for software security testing,better adapts to the open network environment,improves the efficiency and quality of testing,and builds a good software application environment.
文摘This paper presents a case study of the collaborative integration between the School of Information and Software Engineering at the University of Electronic Science and Technology of China(UESTC)and SI-TECH,highlighting the complementary advantages of both the University and the enterprise.By jointly establishing research institutes and engaging in diversified collaborative initiatives,the University and the enterprise have embarked on a pathway of School-enterprise Integration.Through a virtuous cycle of cooperation and continuous advancement,they have explored a comprehensive talent cultivation model in“5G”software engineering innovation practices based on this integration.Furthermore,this endeavor aims to facilitate the transformation of technological achievements and provides valuable insights for fostering innovative talents in the field of electronic information through enhanced integration between the University and the enterprise.
文摘Building a collaborative education mechanism,improving students’engineering practice and innovation abilities,and cultivating software engineering innovation talents that meet industry needs are of great significance for fully implementing the“Excellent Engineer Education and Training Program”of the Ministry of Education and achieving the goal of building a strong engineering education country.The School of Information and Software Engineering of the University of Electronic Science and Technology of China(UESTC)has been thoroughly studying and implementing Xi Jinping Thought on Socialism with Chinese Characteristics for a New Era and the spirit of the 20th CPC National Congress.The school has steadfastly promoted the Project of Nurturing the Soul of the New Era.The school has taken moral education as its core,deeply explored the resources of“all staff,throughout the process,in all aspects”,and constructed and implemented the collaborative education mechanism.These efforts have laid a solid foundation for cultivating excellent talents in software engineering in the new era.
文摘Quality engineers play a key role in software product development,covering various stages such as requirements analysis,design,coding,testing,and delivery.Its responsibilities include formulating quality standards,writing test cases,conducting functional and performance tests,and optimizing the product based on feedback.In government procurement projects,quality evaluation focuses on process compliance,security,and functional compatibility.KPI evaluation trees are commonly used for quantitative assessment,and a dynamic adjustment mechanism for indicators needs to be established to cope with complex demands.In addition,risk-driven testing and agile development should be combined to set up quality access control to ensure that each iteration version meets expectations.The multi-dimensional quality assurance and verification scoring mechanism can effectively enhance product reliability and reduce project risks.
基金supported in part by the Education Reform Key Projects of Heilongjiang Province(Grant No.SJGZ20220011,SJGZ20220012)the Excellent Project of Ministry of Education and China Higher Education Association on Digital Ideological and Political Education in Universities(Grant No.GXSZSZJPXM001)。
文摘This paper proposes a multivariate data fusion based quality evaluation model for software talent cultivation.The model constructs a comprehensive ability and quality evaluation index system for college students from a perspective of engineering course,especially of software engineering.As for evaluation method,relying on the behavioral data of students during their school years,we aim to construct the evaluation model as objective as possible,effectively weakening the negative impact of personal subjective assumptions on the evaluation results.
文摘In the dynamic landscape of software technologies,the demand for sophisticated applications across diverse industries is ever⁃increasing.However,predicting software defects remains a crucial challenge for ensuring the resilience and dependability of software systems.This study presents a novel software defect prediction technique that significantly enhances performance through a hybrid machine learning approach.The innovative methodology integrates a Genetic Algorithm(GA)for precise feature selection,a Decision Tree(DT)for robust classification,and leverages the capabilities of Particle Swarm Optimization(PSO)and Ant Colony Optimization(ACO)algorithms for precision⁃driven optimization.The utilization of datasets from varied sources enriches the predictive prowess of our model.Of particular significance in our pursuit is the unwavering focus on enhancing the prediction process through a highly refined PSO⁃ACO algorithm,thereby optimizing the efficiency and effectiveness of the GA⁃DT hybrid model.The thorough evaluation of our proposed approach unfolds across seven software projects,unveiling a paradigm shift in performance metrics.Results unequivocally demonstrate that the GA⁃DT with PSO⁃ACO algorithm surpasses its counterparts,showcasing unparalleled accuracy and reliability.Furthermore,our hybrid approach demonstrates outstanding performance in terms of F⁃measure,with an impressive increase rate of 78%.
文摘Under the background of training practical compound talents in software engineering,this paper analyzes the problems existing in the current teaching of software engineering courses represented by software project management,puts forward the team task mechanism of software engineering courses with AI empowerment and cooperation and competition,develops a unified project management platform to support the implementation of team tasks,and proves the effectiveness of the scheme through the results obtained.
基金MWorks University Application Verification Project(BX2024C081)。
文摘This article focuses on the teaching of circuit foundation courses in vocational colleges and explores in depth the application of MWorks simulation software.By analyzing the limitations of traditional circuit foundation course teaching,this article elaborates on the advantages of MWorks software in teaching,including intuitive presentation of circuit principles,provision of rich component libraries,and powerful analysis functions.Detailed teaching practice cases based on the software were introduced,such as simple circuit construction and analysis,complex circuit fault troubleshooting,etc.,and the application effect was demonstrated by comparing actual teaching data.The results show that MWorks simulation software effectively enhances students’learning interest,practical ability,and theoretical knowledge mastery,providing strong support for the improvement of the teaching quality of circuit foundation courses in vocational colleges.
