CSE Conference and Workshop Papers

A Hybrid Directed Test Suite Augmentation Technique

Zhihong Xu et al. — Tue, 29 Jan 2013 10:16:41 PST

Test suite augmentation techniques are used in regression testing to identify code elements affected by changes and to generate test cases to cover those elements. In previous work, we studied two approaches to augmentation, one using a concolic test case generation algorithm and one using a genetic test case generation algorithm. We found that these two approaches behaved quite differently in terms of their costs and their abilities to generate effective test cases for evolving programs. In this paper, we present a hybrid test suite augmentation technique that combines these two test case generation algorithms. We report the results of an empirical study that shows that this hybrid technique can be effective, but with varying degrees of costs, and we analyze our results further to provide suggestions for reducing costs.

A Reservation-based Smart Parking System

Hongwei Wang et al. — Tue, 29 Jan 2013 10:04:51 PST

Finding a parking space in most metropolitan areas, especially during the rush hours, is difficult for drivers. The difficulty arises from not knowing where the available spaces may be at that time; even if known, many vehicles may pursue very limited parking spaces to cause serious traffic congestion. In this paper, we design and implement a prototype of Reservation-based Smart Parking System (RSPS) that allows drivers to effectively find and reserve the vacant parking spaces. By periodically learning the parking status from the sensor networks deployed in parking lots, the reservation service is affected by the change of physical parking status. The drivers are allowed to access this cyber-physical system with their personal communication devices. Furthermore, we study state-of-the-art parking policies in smart parking systems and compare their performance. The experiment results show that the proposed reservation-based parking policy has the potential to simplify the operations of parking systems, as well as alleviate traffic congestion caused by parking searching.

Providing NPR-Style Time-Shifted Streaming in P2P Systems

Zhipeng Ouyang et al. — Tue, 29 Jan 2013 09:58:49 PST

Digital video recorder (DVR) style and nonprerecording (NPR) style are two possible implementations for P2P-based time-shifted streaming, but existing P2P streaming solutions are not suitable for implementing the NPR method. Since peers can view any arbitrary video segments which have been broadcasted, they might cause severe video quality problems and the server bandwidth consumption can become high. In this paper, we focus on minimizing the server bandwidth consumption to maintain smooth streaming service in NPR-style P2P-based time-shifted streaming. To reduce the server cost, peers prefetch segments which are not required for their current viewing. Hence even if they are viewing different parts of the video, they can exchange segments with one another. However, segment prefetching competes for bandwidth with ordinary segment fetching, and it might bring negative impact. A good prefetching solution should not affect a peer’s viewing experience. We formulate the problem of finding a prefetching solution as an optimization problem, with the objective to minimize the server bandwidth consumption. Then we propose a heuristic algorithm by decomposing the global optimization problem into a set of smaller problems. Each peer runs this algorithm to determine which segments to prefetch and how to serve other peers. Simulation experiments demonstrate that our design provides P2P-based time-shifted streaming at low server bandwidth consumption.

Probabilistic Risk Assessment for Security Requirements: A Preliminary Study

Seok-Won Lee — Tue, 29 Jan 2013 09:54:05 PST

Risk assessment is a critical decision making process during the Security Certification and Accreditation (C&A) process. However, existing infrastructure-wide C&A processes in real world are challenged by the ever increasing complexity of information systems and their diverse socio-technical operational environments. The lack of an explicit model and the associated uncertainties of software behavior are two main reasons that directly impact the effectiveness of risk assessment as well as the subjective decisions made based on the different level of domain expertise. In this paper, we propose a method for a probabilistic model driven risk assessment on security requirements. The security requirements and their causal relationships are represented using MEBN (Multi-Entities Bayesian Networks) logic that constructs an explicit formal risk assessment model that supports evidence-driven arguments. The proposed approach is described by using real-world C&A scenarios to show not only its feasibility for security requirements risk assessment but also its effectiveness for the sensitivity analysis to identify critical influences among information entities in a complex and uncertain operational environment.

History Repeats Itself More Easily When You Log It: Versioning for Mashups

Sandeep Kaur Kuttal et al. — Tue, 29 Jan 2013 09:46:16 PST

Web mashup environments provide a way for users to combine data from web applications and services to create new content. Currently, these environments do not provide support for tracking the development histories of mashups. We have thus added configuration management support to the Yahoo! Pipes mashup environment. We describe this support, and provide results of an experiment studying the ability of programmers to create and debug mashups in its presence. Our results show that versioning support can help both groups of users do both tasks better.

Scheduling Design and Analysis for End-to-End Heterogeneous Flows in an Avionics Network

Yu Hua et al. — Tue, 29 Jan 2013 09:42:08 PST

Avionics Full DupleX (AFDX) Switched Ethernet technology provides a deterministic network with guaranteed service to support real-time data transmission in real-world avionics applications. The determinism provides a worst-case upper bound of end-to-end transmission delays of virtual links (VLs) that are often assumed to be homogeneous and have similar transmission requirements. However, performing the analysis of end-to-end delays of heterogeneous flows remains an open problem. This paper derives end-to-end delay bounds of transmitting heterogeneous flows, including avionics, multimedia (video & audio) and best-effort data flows, in an AFDX network that uses Deficit Round Robin (DRR) scheduling policy on switch output ports. To this end, we transform scaled multitype flows to a single representation of utilization, i.e., DRR quanta, to efficiently handle heterogeneous flows in a unified way and comprehensively study their end-to-end delays. We further compare the DRR-based scheduling policy with current avionics standards, i.e., FIFO and a static priority policy, in terms of transmission delays and fairness. Extensive experiments based on periodical and sporadic flows in an AFDX prototype show the efficacy and efficiency of our proposed schemes. To the best of our knowledge, this is the first work that analyzes end-to-end delays based on the DRR policy for heterogeneous flows in an AFDX network.

Matchmaking: A New MapReduce Scheduling Technique

Chen He et al. — Tue, 29 Jan 2013 09:37:01 PST

MapReduce is a powerful platform for large-scale data processing. To achieve good performance, a MapReduce scheduler must avoid unnecessary data transmission by enhancing the data locality (placing tasks on nodes that contain their input data). This paper develops a new MapReduce scheduling technique to enhance map task’s data locality. We have integrated this technique into Hadoop default FIFO scheduler and Hadoop fair scheduler. To evaluate our technique, we compare not only MapReduce scheduling algorithms with and without our technique but also with an existing data locality enhancement technique (i.e., the delay algorithm developed by Facebook). Experimental results show that our technique often leads to the highest data locality rate and the lowest response time for map tasks. Furthermore, unlike the delay algorithm, it does not require an intricate parameter tuning process.

Cost and Reliability Considerations in Designing the Next-Generation IP over WDM Backbone Networks

Byrav Ramamurthy et al. — Tue, 16 Oct 2012 10:39:20 PDT

To accommodate the increasing demands for bandwidth, Internet Service Providers (ISPs) have deployed higher speed links and reconfigurable optical add drop multiplexers (ROADMs) in their backbone networks. To address the reliability challenges due to failures and planned outages, ISPs typically use two backbone routers at each central office in a dual home configuration. Thus at the IP layer, redundant backbone routers as well as redundant transport equipment to interconnect them are deployed to provide reliability through node and path diversity. However, adding such redundant resources increases the overall cost of the network. Hence, a fundamental redesign of the backbone network which avoids such redundant resources by leveraging the capabilities of an intelligent optical transport network is a highly desirable objective. It is clear that such a redesign must lower costs without compromising on the reliability achieved by today’s backbone networks. Modeling the costs and reliability of the network at all layers is an important step in achieving this objective. In this paper, we undertake an in-depth investigation of the cost and reliability considerations involved in designing the next-generation backbone network. Our work includes a detailed analysis of the operation, cost and reliability of the network at the IP layer and the multiple layers below it. We discuss alternative backbone network designs which use only a single router at each central office but use the optical transport layer to carry traffic to routers at other offices in order to survive failures or outages of the single local router. We discuss trade-offs involved in using these designs.

Adaptive Neighborhood Inverse Consistence as Lookahead for Non-Binary CSPs

Robert J. Woodward et al. — Tue, 16 Oct 2012 10:35:45 PDT

Contributions

1.The property Relational Neighborhood Inverse Consistency (RNIC)
2.Characterization of RNIC in relation to previously known properties
3.An efficient algorithm for enforcing RNIC, bounded by degree of the dual graph
4.Three reformulations of the dual graph to address topological limitations of the dual graph
5.An adaptive, automatic selection policy for choosing the appropriate dual graph
6.Empirical evidence on difficult CSP benchmarks

Definition

A Constraint Satisfaction Problem (CSP) is a combinatorial decision problem defined by a set of variables {A,B,C,…}, a set of domain values for these variables, and a set of constraints {R₁,R₂,R₃,…} restricting the allowable combinations of values for variables. The task is to find a solution (i.e., an assignment of a value to each variable satisfying all constraints), or to find all such solutions.

Local Consistency

Local consistency is at the heart of Constraint Processing. It guarantees that all values (or tuples) participate in at least one solution in a given combination of variables (or constraints).

Neighborhood Inverse Consistency (NIC) ensures that every value in the domain of a variable can be extended to a solution in the sub-problem induced by the variable and its neighborhood [1].

Adaptive Neighborhood Inverse Consistency as Lookahead for Non-Binary CSPs

Robert J. Woodward et al. — Tue, 16 Oct 2012 10:26:15 PDT

Freuder and Elfe (1996) introduced Neighborhood Inverse Consistency (NIC) for binary CSPs. In this paper, we introduce RNIC, the extension of NIC to nonbinary CSPs, and describe a practical algorithm for enforcing it. We propose an adaptive strategy to weaken or strengthen this property based on the connectivity of the network. We demonstrate the effectiveness of RNIC as a full lookahead strategy during search for solving difficult benchmark problems.

Analysis of Event Detection Delay in Wireless Sensor Networks

Yunbo Wang et al. — Mon, 08 Oct 2012 10:02:56 PDT

Emerging applications of wireless sensor networks (WSNs) require real-time event detection to be provided by the network. In a typical event monitoring WSN, multiple reports are generated by several nodes when a physical event occurs, and are then forwarded through multi-hop communication to a sink that detects the event. To improve the event detection reliability, usually timely delivery of a certain number of packets is required. Traditional timing analysis of WSNs are, however, either focused on individual packets or traffic flows from individual nodes. In this paper, a spatio-temporal fluid model is developed to capture the delay characteristics of event detection in large-scale WSNs. More specifically, the distribution of delay in event detection from multiple reports is modeled. Accordingly, metrics such as mean delay and soft delay bounds are analyzed for different network parameters. Motivated by the fact that queue build up in WSNs with low-rate traffic is negligible, a lower-complexity model is also developed. Testbed experiments and simulations are used to validate the accuracy of both approaches. The resulting framework can be utilized to analyze the effects of network and protocol parameters on event detection delay to realize real-time operation in WSNs. To the best of our knowledge, this is the first approach that provides a transient analysis of event detection delay when multiple reports via multi-hop communication are needed.

End-User Programmers and their Communities: An Artifact-based Analysis

Kathryn T. Stolee et al. — Mon, 08 Oct 2012 09:58:53 PDT

End-user programmers outnumber professionals programmers, write software that matters to an increasingly large number of users, and face software engineering challenges that are similar to their professionals counterparts. Yet, we know little about how these end-user programmers create and share artifacts as part of a community. To gain a better understanding of these issues, we perform an artifact-based community analysis of 32,000 mashups from the Yahoo! Pipes repository. We observed that, like with other online communities, there is great deal of attrition but authors that persevere tend to improve over time, creating pipes that are more configurable, diverse, complex, and popular. We also discovered, however, that end-user programmers employ the repository in different ways than professionals, do not effectively reuse existing programs, and in most cases do not have an awareness of the community. We discuss the implications of these findings.

Unifying Testing and Analysis through Behavioral Coverage

Matthew B. Dwyer — Mon, 08 Oct 2012 09:53:21 PDT

The past decades have produced a wide-variety of automated techniques for assessing the correctness of software systems. In practice, when applied to large modern software systems all existing automated program analysis and verification techniques come up short. They might produce false error reports, exhaust available human or computational resources, or be incapable of reasoning about some set of important properties. Whatever their shortcoming, the goal of proving a system correct remains elusive.

Many people believe that, after an initial period of development, software systems are "mostly" correct — systems have much more correct behavior than incorrect behavior. Following this line of thinking, we explore what it means to re-orient program analysis and verification techniques away from focusing on proving properties. Rather, we explore how to develop and leverage techniques that characterize the subset of system behaviors that can be shown to be consistent with property specifications.

We describe the challenges in producing a rich suite of evidence-producing automated verification and validation techniques and suggest one approach to overcoming those challenges. We then describe the promise that combining such techniques offers — the weaknesses of one technique can be masked by the strengths of another, the results of one technique can be used to target the application of another, and evidence from multiple techniques can be combined to produce an explicit characterization of what is known about system correctness.

BIOGRAPHY

Matthew B. Dwyer is the Henson Professor of Software Engineering in the Department of Computer Science and Engineering at the University of Nebraska – Lincoln. He received the BS in Electrical Engineering in 1985 from the University of Rochester and worked for six years as a Senior Engineer with Intermetrics Inc. developing compilers and software for safety-critical embedded systems. His interests in verification and validation of embedded systems software led him to pursue the PhD at the University of Massachusetts at Amherst which he earned in 1995.

Dr. Dwyer is an active member of the software engineering, computer-aided verification and program analysis research communities, and has chaired program committees of top meetings in those areas (FSE, ICSE, OOPSLA). He has served as Associate Editor of ACM Transactions on Programming Languages and Systems and of IEEE Transactions on Software Engineering. His interests in software specification, dataflow analysis, symbolic execution, software testing, and run time monitoring have resulted in more than 100 published research articles. That work has been recognized with an NSF CAREER award, distinguished paper awards, and, most recently, the ICSE “Most Influential Paper” and SIGSOFT “Impact Paper” awards in 2010.

Experiences with Dynamic Circuit Creation in a Regional Network Testbed

Pragatheeswaran Angu et al. — Mon, 08 Oct 2012 09:50:14 PDT

In this paper we share our experiences of enabling dynamic circuit creation in the GpENI network. GpENI is a network research testbed in the mid-west USA involving several educational institutions. University of Nebraska-Lincoln is involved in provisioning dynamic circuits across the GpENI network among its participating universities. We discuss several options investigated for deploying dynamic circuits over the GpENI network as well as our demonstration experiments at the GENI engineering conferences. UNL has also collaborated with ProtoGENI project of University of Utah and Mid-Atlantic Crossroads (MAX) facility of Washington DC to create interdomain dynamic circuits.

Response Time Analysis of Hierarchical Scheduling: the Synchronized Deferrable Servers Approach

Haitao Zhu et al. — Thu, 04 Oct 2012 14:18:16 PDT

Hierarchical scheduling allows reservation of processor bandwidth and the use of different schedulers for different applications on a single platform. We propose a hierarchical scheduling interface called synchronized deferrable servers that can reserve different processor bandwidth on each core, and can combine global and partitioned scheduling on a multicore platform. Significant challenges will arise in the response time analysis of a task set if the tasks are globally scheduled on a multiprocessor platform and the processor bandwidth reserved for the tasks on each processor is different; as a result, existing works on response time analysis for dedicated scheduling on identical multiprocessor platforms are no longer applicable. A new response time analysis that overcomes these challenges is presented and evaluated by simulations. Based on this new analysis, we show that evenly allocating bandwidth across cores is “better” than other allocation schemes in terms of schedulability, and that the threshold between lightweight and heavyweight tasks under hierarchical scheduling may be different from the threshold under dedicated scheduling.

Amplifying Tests to Validate Exception Handling Code

Pingyu Zhang et al. — Thu, 04 Oct 2012 14:16:51 PDT

Validating code handling exceptional behavior is difficult, particularly when dealing with external resources that may be noisy and unreliable, as it requires: 1) the systematic exploration of the space of exceptions that may be thrown by the external resources, and 2) the setup of the context to trigger specific patterns of exceptions. In this work we present an approach that addresses those difficulties by performing an exhaustive amplification of the space of exceptional behavior associated with an external resource that is exercised by a test suite. Each amplification attempts to expose a program exception handling construct to new behavior by mocking an external resource so that it returns normally or throws an exception following a predefined pattern. Our assessment of the approach indicates that it can be fully automated, is powerful enough to detect 65% of the faults reported in the bug reports of this kind, and is precise enough that 77% of the detected anomalies correspond to faults fixed by the developers.

Automatic Generation of Load Tests

Pingyu Zhang et al. — Thu, 04 Oct 2012 14:15:54 PDT

Load tests aim to validate whether system performance is acceptable under peak conditions. Existing test generation techniques induce load by increasing the size or rate of the input. Ignoring the particular input values, however, may lead to test suites that grossly mischaracterize a system’s performance. To address this limitation we introduce a mixed symbolic execution based approach that is unique in how it 1) favors program paths associated with a performance measure of interest, 2) operates in an iterative-deepening beam-search fashion to discard paths that are unlikely to lead to high-load tests, and 3) generates a test suite of a given size and level of diversity. An assessment of the approach shows it generates test suites that induce program response times and memory consumption several times worse than the compared alternatives, it scales to large and complex inputs, and it exposes a diversity of resource consuming program behavior.

Using Property-Based Oracles when Testing Embedded System Applications

Tingting Yu et al. — Thu, 04 Oct 2012 14:13:49 PDT

Embedded systems are becoming increasingly ubiquitous, controlling a wide variety of popular and safety critical devices. Effective testing techniques could improve the dependability of these systems. In prior work we presented an approach for testing embedded systems, focusing on embedded system applications and the tasks that comprise them. In this work we focus on a second but equally important aspect of testing embedded systems; namely, the need to provide observability of system behavior sufficient to allow engineers to detect failures. We present several property-based oracles that can be instantiated in embedded systems through program analysis and instrumentation, and can detect failures for which simple output-based oracles are inadequate. An empirical study of our approach shows that it can be effective.

TCP Congestion Avoidance Algorithm Identification

Peng Yang et al. — Thu, 04 Oct 2012 14:12:34 PDT

The Internet has recently been evolving from homogeneous congestion control to heterogeneous congestion control. Several years ago, Internet traffic was mainly controlled by the traditional AIMD algorithm, whereas Internet traffic is now controlled by many different TCP algorithms, such as AIMD, BIC, CUBIC, and CTCP. However, there is very little work on the performance and stability study of the Internet with heterogeneous congestion control. One fundamental reason is the lack of the deployment information of different TCP algorithms. In this paper, we first propose a tool called TCP Congestion Avoidance Algorithm Identification (CAAI) for actively identifying the TCP algorithm of a remote web server. CAAI can identify all default TCP algorithms (i.e., AIMD, BIC, CUBIC, and CTCP) and most non-default TCP algorithms of major operating system families. We then present, for the first time, the CAAI measurement result of the 5000 most popular web servers. Among the web servers with valid traces, we found that only 16.85~25.58% of web servers still use the traditional AIMD, 44.51% of web servers use BIC or CUBIC, and 10.27~19% of web servers use CTCP. In addition, we found that, for the first time, some web servers use non-default TCP algorithms, some web servers use some unknown TCP algorithms which are not available in any major operating system family, and some web servers use abnormal slow start algorithms. Our CAAI measurement results show a strong sign that the majority of TCP flows are not controlled by AIMD anymore, and a strong sign that the Internet congestion control has already changed from homogeneous to highly heterogeneous.

A Survey of Deployment Information of Delay-based TCP Congestion Avoidance Algorithm for Transmitting Multimedia Data

Peng Yang et al. — Thu, 04 Oct 2012 14:08:29 PDT

Multimedia traffic comprises a significant part of the total Internet traffic. Due to the real-time nature of the multimedia traffic, low queuing delay is critical to many multimedia applications. This requirement makes delay-based TCP congestion avoidance algorithms (or delay-based TCP algorithms for short) a good choice to transmit multimedia data, since they can help keep a low queuing delay in the Internet. However, the Internet traffic is controlled by heterogeneous TCP algorithms and many of them are non-delay-based. Thus, the effort made by the delay-based TCP algorithms to reduce the queuing delay is often offset by the non-delay-based TCP algorithms. Indeed, unless a significant part of the total Internet traffic is controlled by the delay-based TCP algorithms, we probably won’t see a big improvement in terms of the queuing delay. This observation motivates us to develop a method to differentiate between the delay-based and the non-delay-based TCP algorithms and use it to investigate the deployment information of the delay-based TCP algorithms on the web servers in the Internet. Our purpose is to gain a preliminary understanding about the amount of the Internet traffic controlled by the delay-based TCP algorithms, and hence the impact of the delay-based TCP algorithms on the Internet queuing delay. Such information is valuable for those people who plan to use the delay-based TCP algorithms to transmit their multimedia data.