The document proposes novel "Micro Interaction Metrics" (MIMs) that capture developers' interactions by analyzing Mylyn task log data to improve defect prediction. MIMs are extracted from Mylyn data at the file and task levels. An experiment applies MIMs and existing metrics to defect prediction using machine learning on Eclipse project data, finding MIMs improve prediction accuracy over baselines for different projects, algorithms and training periods, as shown by statistical tests.
Software Measurement: Lecture 1. Measures and MetricsProgrameter
Materials of the lecture on metrics and measures held by Programeter leadership during the Software Economics course at Tartu University: courses.cs.ut.ee/2010/se
Quality, quality concepts
Software Quality Assurance
Software Reviews
Formal Technical Reviews
SQA Group Plan
ISO 9000, 9001
Example
Internal and external attributes
Developers often wonder how to implement a certain functionality
(e.g., how to parse XML files) using APIs. Obtaining
an API usage sequence based on an API-related natural
language query is very helpful in this regard. Given a query,
existing approaches utilize information retrieval models to
search for matching API sequences. These approaches treat
queries and APIs as bags-of-words and lack a deep understanding
of the semantics of the query.
We propose DeepAPI, a deep learning based approach to
generate API usage sequences for a given natural language
query. Instead of a bag-of-words assumption, it learns the
sequence of words in a query and the sequence of associated
APIs. DeepAPI adapts a neural language model named
RNN Encoder-Decoder. It encodes a word sequence (user
query) into a fixed-length context vector, and generates an
API sequence based on the context vector. We also augment
the RNN Encoder-Decoder by considering the importance
of individual APIs. We empirically evaluate our approach
with more than 7 million annotated code snippets collected
from GitHub. The results show that our approach generates
largely accurate API sequences and outperforms the related
approaches.
Software Measurement: Lecture 1. Measures and MetricsProgrameter
Materials of the lecture on metrics and measures held by Programeter leadership during the Software Economics course at Tartu University: courses.cs.ut.ee/2010/se
Quality, quality concepts
Software Quality Assurance
Software Reviews
Formal Technical Reviews
SQA Group Plan
ISO 9000, 9001
Example
Internal and external attributes
Developers often wonder how to implement a certain functionality
(e.g., how to parse XML files) using APIs. Obtaining
an API usage sequence based on an API-related natural
language query is very helpful in this regard. Given a query,
existing approaches utilize information retrieval models to
search for matching API sequences. These approaches treat
queries and APIs as bags-of-words and lack a deep understanding
of the semantics of the query.
We propose DeepAPI, a deep learning based approach to
generate API usage sequences for a given natural language
query. Instead of a bag-of-words assumption, it learns the
sequence of words in a query and the sequence of associated
APIs. DeepAPI adapts a neural language model named
RNN Encoder-Decoder. It encodes a word sequence (user
query) into a fixed-length context vector, and generates an
API sequence based on the context vector. We also augment
the RNN Encoder-Decoder by considering the importance
of individual APIs. We empirically evaluate our approach
with more than 7 million annotated code snippets collected
from GitHub. The results show that our approach generates
largely accurate API sequences and outperforms the related
approaches.
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Sung Kim
Yida's presentation at MSR 2015!
Abstract—Developers expend significant effort on reviewing source code changes, hence the comprehensibility of code changes directly affects development productivity. Our prior study has suggested that composite code changes, which mix multiple development issues together, are typically difficult to review. Unfortunately, our manual inspection of 453 open source code changes reveals a non-trivial occurrence (up to 29%) of such composite changes.
In this paper, we propose a heuristic-based approach to automatically partition composite changes, such that each sub-change in the partition is more cohesive and self-contained. Our quantitative and qualitative evaluation results are promising in demonstrating the potential benefits of our approach for facilitating code review of composite code changes.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Sung Kim
Yida's presentation at MSR 2015!
Abstract—Developers expend significant effort on reviewing source code changes, hence the comprehensibility of code changes directly affects development productivity. Our prior study has suggested that composite code changes, which mix multiple development issues together, are typically difficult to review. Unfortunately, our manual inspection of 453 open source code changes reveals a non-trivial occurrence (up to 29%) of such composite changes.
In this paper, we propose a heuristic-based approach to automatically partition composite changes, such that each sub-change in the partition is more cohesive and self-contained. Our quantitative and qualitative evaluation results are promising in demonstrating the potential benefits of our approach for facilitating code review of composite code changes.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
10. Programmer Interaction
and Software Quality
“Errors are from cognitive breakdown
while understanding and implementing
requirements”
- Ko et al. 2005
11. Programmer Interaction
and Software Quality
“Errors are from cognitive breakdown
while understanding and implementing
requirements”
- Ko et al. 2005
“Work interruptions or task switching
may affect programmer productivity”
- DeLine et al. 2006
12. Don’t we need to also consider
developers’ interactions
as defect indicators?
13. …, but the existing indicators
can NOT directly capture
developers’ interactions
14. Using Mylyn data, we propose novel
“Micro Interaction Metrics (MIMs)”
capturing developers’ interactions
15. The Mylyn* data is stored
as an attachment to the
corresponding bug reports in
the XML format
* Eclipse plug-in storing and recovering task contexts
21. Two levels of MIMs Design
File-level MIMs
specific interactions for a
file in a task
(e.g., AvgTimeIntervalEditEdit)
22. Two levels of MIMs Design
File-level MIMs
specific interactions for a
file in a task
(e.g., AvgTimeIntervalEditEdit)
Task-level MIMs
property values shared
over the whole task
(e.g., TimeSpent)
23. Two levels of MIMs Design
File-level MIMs Mylyn Task Logs
specific interactions for a
file in a task 10:30 Selection file A
(e.g., AvgTimeIntervalEditEdit)
11:00 Edit file B
12:30 Edit file B
24. Two levels of MIMs Design
Mylyn Task Logs
10:30 Selection file A
Task-level MIMs 11:00 Edit file B
property values shared 12:30 Edit file B
over the whole task
(e.g., TimeSpent)
29. For example,
NumPatternSXEY is to capture
this interaction:
“How much times did a programmer
Select a file of group X
and then Edit a file of group Y
in a task activity?”
30. X if a file shows defect
locality* properties
group X or Y
Y otherwise
H if a file has
group H or L high** DOI value
L otherwise
* hinted by the paper [Kim et al. 2007]
** threshold: median of degree of interest (DOI) values in a task
51. Understand JAVA tool was used
for extracting 32 source Code
Metrics (CMs)*
* Chidamber and Kemerer, and OO metrics
52. Understand JAVA tool was used
for extracting 32 source Code
Metrics (CMs)*
List of selected source code metrics
CVS
last revision
…
Dec 2005 Time P Sep 2010
* Chidamber and Kemerer, and OO metrics
53. Fifteen History Metrics (HMs)* were
collected from the corresponding
CVS repository
* Moser et al.
54. Fifteen History Metrics (HMs)* were
collected from the corresponding
CVS repository
List of history metrics (HMs)
CVS revisions
…
Dec 2005 Time P Sep 2010
* Moser et al.
55. STEP3: Creating a training corpus
Instance
Extracted MIMs Label
Name
Training
… Classifier
Instance # of post
Extracted MIMs
Name defects
Training
… Regression
56. STEP4: Building prediction models
Classification and Regression
modeling with different machine
learning algorithms using the
WEKA* tool
* an open source data mining tool
58. STEP5: Prediction Evaluation
How many instances
are really buggy among
the buggy-predicted
outcomes?
Classification
Measures
59. STEP5: Prediction Evaluation
How many instances
are really buggy among
the buggy-predicted
outcomes?
How many instances
are correctly predicted as
‘buggy’ among the real
buggy ones
Classification
Measures
61. STEP5: Prediction Evaluation
Regression
between # of real buggy
instances and # of instances Measures
predicted as buggy
correlation coefficient (-1~1)
mean absolute error (0~1)
root square error (0~1)
62. T-test with 100 times of
10-fold cross validation
Reject H0* and accept H1*
if p-value < 0.05
(at the 95% confidence level)
* H0: no difference in average performance, H1: different (better!)
63. Result Summary
MIMs improve prediction accuracy for
1 different Eclipse project subjects
2 different machine learning algorithms
3 different model training periods
65. Prediction for different project subjects
MIM: the proposed metrics CM: source code metrics HM: history metrics
66. Prediction for different project subjects
BASELINE: Dummy Classifier
predicts in a purely random manner
e.g., for 12.5% of buggy instances
Precision(B)=12.5%, Recall(B)=50%
F-measure(B)=20%
MIM: the proposed metrics CM: source code metrics HM: history metrics
67. Prediction for different project subjects
MIM: the proposed metrics CM: source code metrics HM: history metrics
68. Prediction for different project subjects
T-test results (significant figures are in bold, p-value < 0.05)
78. Possible Insight
TOP 1: NumLowDOIEdit
TOP 2: NumPatternEXSX
TOP 3: TimeSpentOnEdit
Chances are that more defects might be generated
if a programmer TOP2 repeatedly edit and browse a
file especially related to the previous defects TOP3
with putting more weight on editing time, and
especially TOP1 when editing such the files less
frequently or less recently accessed ever …
84. We believe future defect prediction
models will use more developers’ direct and
micro level interaction information
MIMs are a first step towards it
85. Thank you! Any Question?
• Problem
– Developer’s interaction information can affect
software quality (defects)?
• Approach
– We proposed novel micro interaction metrics
(MIMs) overcoming the popular static metrics
• Result
– MIMs significantly improve prediction accuracy
compared to source code metrics (CMs) and
history metrics (HMs)
89. Error chance in counting post-defects
as a result getting biased labels
(i.e., incorrect % of buggy instances)
90. Repeated experiment using
same instances but with a
different heuristics of defect
counting, CVS-log-based
approach*
* with keywords: “fix”, “bug”, “bug report ID” in change logs
94. CVS-log-based approach reported more
additional post-defects
(more % of buggy-labeled instances)
MIMs failed to feature them due to
lack of the corresponding Mylyn data
95. Note that it is difficult to
100% guarantee the quality of
CVS change logs
(e.g., no explicit bug ID, missing logs)