Contributions published at Software Evolution and Architecture Lab (Harald Gall)

Continuous Delivery (CD) enables mobile developers to release small, high quality chunks of working software in a rapid manner. However, faster delivery and a higher software quality do neither guarantee user satisfaction nor positive business outcomes. Previous work demonstrates that app reviews may contain crucial information that can guide developer’s software maintenance efforts to obtain higher customer satisfaction. However, previous work also proves the difficulties encountered by developers in manually analyzing this rich source of data, namely (i) the huge amount of reviews an app may receive on a daily basis and (ii) the unstructured nature of their content. In this paper, we propose SURF (Summarizer of User Reviews Feedback), a tool able to (i) analyze and classify the information contained in app reviews and (ii) distill actionable change tasks for improving mobile applications. Specifically, SURF performs a systematic summarization of thousands of user reviews through the generation of an interactive, structured and condensed agenda of recommended software changes. An end-to-end evaluation of SURF, involving 2622 reviews related to 12 different mobile applications, demonstrates the high accuracy of SURF in summarizing user reviews content. In evaluating our approach we also involve the original developers of some apps, who confirm the practical usefulness of the software change recommendations made by SURF. Demo URL: https://youtu.be/Yf-U5ylJXvo Demo webpage: http://www.ifi.uzh.ch/en/seal/people/panichella/tools/SURFTool.html

null

Performance changes of software systems, and especially performance regressions, have a tremendous impact on users of that system. Historical data can help developers to rea- son about how performance has changed over the course of a software’s lifetime. In this demo paper we present two tools: hopper to mine historical performance metrics based on benchmarks and unit tests, and gopper to analyse the data with respect to performance changes.

Docker is a leading software container platform which has become increasingly popular in recent years. It allows to package an application with its dependencies into a standardized, self-contained unit called a container. Containers thus simplify the provision of applications because they contain all the necessary packages and are easy to transport and install. They can be used in software development to automate repetitive tasks, such as deploying and configuring development environments, or simply launching software on any system. Docker provides his own declarative scripting language (written in Dockerfiles) to create images for such containers. It consists of declarative definitions and refers to the practice of scripting the provisioning of hardware and operating system requirements concurrently with the development of the software itself. With a Dockerfile, a container image can be created repetitively without manual installation or configuration steps. Therefore, they can often be found in respective source code repositories. This Bachelor thesis presents an exploratory empirical study with the goal to characterize the Docker ecosystem, analyze the evolution of Dockerfiles, and lastly identify prevalent quality issues. It is based on a data set of 97í571 Dockerfiles, which are divided into three different categories to contrast them: the entire data set, the top 100 and the top 1000 most popular Docker-using projects. Most of the quality issues (28.6\%) arise from missing version pinning (i.e., specifying a concrete version for dependencies). The most popular projects change more often than the rest of the Docker population, with 4.95 revisions per year and 5 lines of code changed on average. Most changes deal with dependencies which are currently stored in a rather unstructured manner. Furthermore, a rising trend of using lightweight images, for instance Alpine, has been observed.

Software engineering research often requires analyzing multiple revisions of several software projects, be it to make and test predictions or to observe and identify patterns in how software evolves. However, code analysis tools are almost exclusively designed for the analysis of one specific version of the code, and the time and resources requirements grow linearly with each additional revision to be analyzed. Thus, code studies often observe a relatively small number of revisions and projects. Furthermore, each programming ecosystem provides dedicated tools, hence researchers typically only analyze code of one language, even when researching topics that should generalize to other ecosystems. To alleviate these issues, frameworks and models have been developed to combine analysis tools or automate the analysis of multiple revisions, but little research has gone into actually removing redundancies in multi-revision, multi-language code analysis. We present a novel end-to-end approach that systematically avoids redundancies every step of the way: when reading sources from version control, during parsing, in the internal code representation, and during the actual analysis. We evaluate our open-source implementation, LISA, on the full history of 300 projects, written in 3 different programming languages, computing basic code metrics for over 1.1 million program revisions. When analyzing many revisions, LISA requires less than a second on average to compute basic code metrics for all files in a single revision, even for projects consisting of millions of lines of code.

Driven by developments such as mobile computing, cloud computing infrastructure, DevOps and elastic computing, the microservice architectural style has emerged as a new alternative to the monolithic style for designing large software systems. Monolithic legacy applications in industry undergo a migration to microservice-oriented architectures. A key challenge in this context is the extraction of microservices from existing monolithic code bases. While informal migration patterns and techniques exist, there is a lack of formal models and automated support tools in that area. This thesis tackles that challenge by presenting a formal microservice extraction model to allow algorithmic recommendation of microservice candidates in a refactoring and migration scenario. A set of three coupling strategies is defined to mine structure information from monolithic code bases. A graph-based clustering algorithm is designed to extract microservice candidates from the model. The formal model is implemented in a web-based prototype. A performance evaluation demonstrates that the presented approach provides adequate performance. The rec- ommendation quality is evaluated quantitatively by custom microservice-specific metrics. The evaluation results exhibit satisfactory scores in all of the considered metrics. The results show that the produced microservice candidates lower the average development team size down to half of the original size or lower. Furthermore, the size of recommended microservice conforms with microservice sizing reported by empirical surveys and the domain-specific redundancy among different microservices is kept at a low rate.

null

Live testing is used in the context of continuous delivery and deployment to test changes or new features in the production environment. This includes canary releases, dark launches, A/B tests, and gradual rollouts. Oftentimes, multiple of these live testing practices need to be combined (e.g., running an A/B test after a dark launch). Manually administering such multi-phase live testing strategies is a daunting task for developers or release engineers. In this paper, we introduce a formal model for multi-phase live testing, and present Bifrost as a prototypical Node.js based middleware that allows developers to define and automatically enact complex live testing strategies. We extensively evaluate the runtime behavior of Bifrost in three rollout scenarios of a microservice-based case study application, and conclude that the performance overhead of our prototype is at or below 8 ms for most scenarios. Further, we show that more than 100 parallel strategies can be enacted even on cheap public cloud instances.

Can we teach computers how to program? Recent advances in neural network research reveal that certain neural networks are able not only to learn the syntax, grammar and semantics of arbitrary character sequences, but also synthesize new samples `in the style of' the original training data. We explore the adaptation of these techniques to code classification, comprehension and completion.

Google Play, Apple App Store and Windows Phone Store are well known distribution platforms where users can download mobile apps, rate them and write review comments about the apps they are using. Previous research studies demonstrated that these reviews contain important information to help developers improve their apps. However, analyzing reviews is challenging due to the large amount of reviews posted every day, the unstructured nature of reviews and its varying quality. In this demo we present ARdoc, a tool which combines three techniques: (1) Natural Language Parsing (NLP), (2) Text Analysis (TA) and (3) Sentiment Analysis (SA) to automatically classify useful feedback contained in app reviews important for performing software maintenance and evolution tasks. Our quantitative and qualitative analysis (involving mobile professional developers) demonstrate that ARdoc correctly classi�es feedback useful for maintenance perspectives in user reviews with high precision (ranging between 84% and 89%), recall (ranging between 84% and 89%), and an F-Measure (ranging between 84% and 89%). While evaluating our tool we also found that ARdoc substantially helps to extract important maintenance tasks for real world applications. Demo URL: https://youtu.be/Baf18V6sN8E Demo Web Page: http://www.ifi.uzh.ch/seal/people/panichella/tools/ARdoc.html

Continuous Delivery is an agile software development practice in which developers frequently integrate changes into the main development line and produce releases of their software. An automated Continuous Integration infrastructure builds and tests these changes. Claimed advantages of CD include early discovery of (integration) errors, reduced cycle time, and better adoption of coding standards and guidelines. This paper reports on a study in which we surveyed 152 developers of a large financial organization (ING Nederland), and investigated how they adopt a Continuous Integration and delivery pipeline during their development activities. In our study, we focus on topics related to managing technical debt, as well as test automation practices. The survey results shed light on the adoption of some agile methods in practice, and sometimes confirm, while in other cases, confute common wisdom and results obtained in other studies. For example, we found that refactoring tends to be performed together with other development activities, technical debt is almost always "self-admitted", developers timely document source code, and assure the quality of their product through extensive automated testing, with a third of respondents dedicating more than 50% of their time to do testing activities.

We present an adaptive binary transformation system for reducing the energy impact of advertisements and analytics in mobile applications. Our approach accommodates both the needs of mobile app developers to obtain income from advertisements and the desire of mobile device users for longer battery life. Our technique automatically identifies recurrent advertisement and analytics requests and throttles these requests based on a mobile device's battery status. Of the Android applications we analyzed, 75% have at least one connection that exhibits such recurrent requests. Our automated detection scheme classifies these requests with 100% precision and 80.5% recall. Applying the proposed battery-aware transformations to a representative mobile application reduces the power consumption of the mobile device by 5.8%, without the negative effect of completely removing advertisements.

Today’s rapidly evolving software systems continuously introduce new changes that can potentially degrade performance. Large-scale load testing prior to deployment is supposed to avoid performance regressions in production. However, due to the large input space in parameterized load testing, not all performance regressions can be prevented in practice. To support developers in identifying the change sets that had an impact on performance, we present TemPerf, a tool that correlates performance regressions with change sets by exploiting temporal constraints. It is implemented as an Eclipse IDE plugin that allows developers to visualize performance developments over time and display temporally correlated change sets retrieved from version control and continuous integration platforms.

Cloud computing offers compared dedicated in-house infrastructure unprecedented advantages in terms of performance, reliability and cost. Not surprisingly, is cloud computing in 2016 still an on-going trend in internet computing. Today, the most important service model is infrastructure-as-a-service and an ever-growing number of commercial vendors edge into the market. While all vendors provide similar functionality, differences in the non-functional properties such as performance, reliability, and cost are significant. Although all IaaS providers provide performance indicators for these non-functional properties, studies show that the effectively delivered service performance varies. In consequence, is the selection of the most relevant cloud service for a given application not straight forward. Cloud benchmarking (i.e., the process of thoroughly evaluating the performance of these services) is therefore a common contemporary research topic in the cloud domain. In this work, we propose a generic application-benchmark to support practitioners in collecting performance data across different cloud providers. In a second step, we use the benchmark to collect performance data on the performance of several instance types at Amazon EC2 and Google Compute Engine. Our results show, that compute-specialized instance types deliver a better performance-cost ratio than general purpose instance types and larger instances are less cost efficient than smaller ones. Additionally, while instances from Amazon EC2 provide both, better predictability and stability, instances from Google Compute Engine provide the better performance. Finally, we outline a performance-cost index, which allows to compare several instance types across several benchmarks.