A comprehensive study on quality assurance tools for Java
Quality assurance (QA) tools are receiving more and more attention and are widely used by developers. Given the wide range of solutions for QA technology, it is still a question of evaluating QA tools. Most existing research is limited in the following ways: (i) They compare tools without considerin...
Saved in:
| Main Authors: | , , , , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2023
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/8975 https://ink.library.smu.edu.sg/context/sis_research/article/9978/viewcontent/issta23_Java_pv.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-9978 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-99782024-07-25T08:35:10Z A comprehensive study on quality assurance tools for Java LIU, Han CHEN, Sen FENG, Ruitao LIU, Chengwei LI, Kaixuan XU, Zhengzi NIE, Liming LIU, Yang CHEN, Yixiang Quality assurance (QA) tools are receiving more and more attention and are widely used by developers. Given the wide range of solutions for QA technology, it is still a question of evaluating QA tools. Most existing research is limited in the following ways: (i) They compare tools without considering scanning rules analysis. (ii) They disagree on the effectiveness of tools due to the study methodology and benchmark dataset. (iii) They do not separately analyze the role of the warnings. (iv) There is no large-scale study on the analysis of time performance. To address these problems, in the paper, we systematically select 6 free or open-source tools for a comprehensive study from a list of 148 existing Java QA tools. To carry out a comprehensive study and evaluate tools in multi-level dimensions, we first mapped the scanning rules to the CWE and analyze the coverage and granularity of the scanning rules. Then we conducted an experiment on 5 benchmarks, including 1,425 bugs, to investigate the effectiveness of these tools. Furthermore, we took substantial effort to investigate the effectiveness of warnings by comparing the real labeled bugs with the warnings and investigating their role in bug detection. Finally, we assessed these tools’ time performance on 1,049 projects. The useful findings based on our comprehensive study can help developers improve their tools and provide users with suggestions for selecting QA tools. 2023-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/8975 info:doi/10.1145/3597926.3598056 https://ink.library.smu.edu.sg/context/sis_research/article/9978/viewcontent/issta23_Java_pv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Bug finding CWE Quality assurance tools Scanning rules Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Bug finding CWE Quality assurance tools Scanning rules Information Security |
| spellingShingle |
Bug finding CWE Quality assurance tools Scanning rules Information Security LIU, Han CHEN, Sen FENG, Ruitao LIU, Chengwei LI, Kaixuan XU, Zhengzi NIE, Liming LIU, Yang CHEN, Yixiang A comprehensive study on quality assurance tools for Java |
| description |
Quality assurance (QA) tools are receiving more and more attention and are widely used by developers. Given the wide range of solutions for QA technology, it is still a question of evaluating QA tools. Most existing research is limited in the following ways: (i) They compare tools without considering scanning rules analysis. (ii) They disagree on the effectiveness of tools due to the study methodology and benchmark dataset. (iii) They do not separately analyze the role of the warnings. (iv) There is no large-scale study on the analysis of time performance. To address these problems, in the paper, we systematically select 6 free or open-source tools for a comprehensive study from a list of 148 existing Java QA tools. To carry out a comprehensive study and evaluate tools in multi-level dimensions, we first mapped the scanning rules to the CWE and analyze the coverage and granularity of the scanning rules. Then we conducted an experiment on 5 benchmarks, including 1,425 bugs, to investigate the effectiveness of these tools. Furthermore, we took substantial effort to investigate the effectiveness of warnings by comparing the real labeled bugs with the warnings and investigating their role in bug detection. Finally, we assessed these tools’ time performance on 1,049 projects. The useful findings based on our comprehensive study can help developers improve their tools and provide users with suggestions for selecting QA tools. |
| format |
text |
| author |
LIU, Han CHEN, Sen FENG, Ruitao LIU, Chengwei LI, Kaixuan XU, Zhengzi NIE, Liming LIU, Yang CHEN, Yixiang |
| author_facet |
LIU, Han CHEN, Sen FENG, Ruitao LIU, Chengwei LI, Kaixuan XU, Zhengzi NIE, Liming LIU, Yang CHEN, Yixiang |
| author_sort |
LIU, Han |
| title |
A comprehensive study on quality assurance tools for Java |
| title_short |
A comprehensive study on quality assurance tools for Java |
| title_full |
A comprehensive study on quality assurance tools for Java |
| title_fullStr |
A comprehensive study on quality assurance tools for Java |
| title_full_unstemmed |
A comprehensive study on quality assurance tools for Java |
| title_sort |
comprehensive study on quality assurance tools for java |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2023 |
| url |
https://ink.library.smu.edu.sg/sis_research/8975 https://ink.library.smu.edu.sg/context/sis_research/article/9978/viewcontent/issta23_Java_pv.pdf |
| _version_ |
1814047698389565440 |