Issue No.05 - Sept.-Oct. (2008 vol.34)
Andy Podgurski , Case Western Reserve University, Cleveland
Ray-Yaung Chang , Case Western Reserve University, Cleveland
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TSE.2008.24
Neglected conditions are an important but difficult-to-find class of software defects. This paper presents a novel approach to revealing neglected conditions that integrates static program analysis and advanced data mining techniques to discover implicit conditional rules in a code base and to discover rule violations that indicate neglected conditions. The approach requires the user to indicate minimal constraints on the context of the rules to be sought, rather than specific rule templates. To permit this generality, rules are modeled as graph minors of enhanced procedure dependence graphs (EPDGs), in which control and data dependence edges are augmented by edges representing shared data dependences. A heuristic maximal frequent subgraph mining algorithm is used to extract candidate rules from EPDGs, and a heuristic graph matching algorithm is used to identify rule violations. We also report the results of an empirical study in which the approach was applied to four open source projects (openssl, make, procmail, amaya). These results indicate that the approach is effective and reasonably efficient.
Methods for SQA and V&V, Pre- and post-conditions
Andy Podgurski, Ray-Yaung Chang, "Discovering Neglected Conditions in Software by Mining Dependence Graphs", IEEE Transactions on Software Engineering, vol.34, no. 5, pp. 579-596, Sept.-Oct. 2008, doi:10.1109/TSE.2008.24