Pattern-Driven Maintenance: A Method to Prevent Unhandled Latent Exceptions in Web Applications
Abstract
Background: Unhandled exceptions affect the reliability, usability, and security of web applications. Detecting automatically unhandled latent exceptions is difficult and application-specific. Hence, general approaches to deal with defects in web applications do not treat unhandled exceptions appropriately. Aims: To design and evaluate a method that can support finding, correcting, and preventing unhandled exceptions in web applications. Method: We designed a method called Pattern-Driven Maintenance (PDM), which relies on identifying defect patterns from failures and producing custom static analysis rules that can be used for prevention. We applied PDM to two industrial web applications measuring the reliability improvement, evaluated reuse of static analysis rules produced on within- and cross-company software, and studied the effectiveness, challenges faced, and acceptance of novice maintainers on applying PDM. Results: In both industry cases, we eliminated pattern-related failures improving the application reliability. Some of the static analysis rules produced by applying PDM were reused on within- and cross-company software. We identified knowledge and experiences that influence effectively applying the steps of the PDM method. Conclusions: PDM can help maintainers to improve the reliability of existing applications. We provide guidance on how to apply PDM, reuse the produced static analysis rules, and the knowledge and experiences needed to apply the PDM method effectively.
Keywords:
Pattern-Driven Maintenance, Latent Exceptions, Web Applications
References
Bourque, Pierre, Richard E Fairley, and others. 2014. Guide to the Software Engineering Body of Knowledge (SWEBOK (R)): Version 3.0. IEEE Computer Society Press.
Dogan, Serdar, Aysu Betin-Can, and Vahid Garousi. 2014. “Web Application Testing: A Systematic Literature Review.” Journal of Systems and Software 91: 174–201.
Ersoy, Ersin, and Hasan Sözer. 2016. “Extending Static Code Analysis with Application-Specific Rules by Analyzing Runtime Execution Traces.” In International Symposium on Computer and Information Sciences, 30–38.
Garousi, Vahid, Ali Mesbah, Aysu Betin-Can, and Shabnam Mirshokraie. 2013. “A Systematic Mapping Study of Web Application Testing.” Information and Software Technology 55 (8): 1374–96.
Heckman, Sarah, and Laurie Williams. 2011. “A Systematic Literature Review of Actionable Alert Identification Techniques for Automated Static Code Analysis.” Information and Software Technology 53 (4): 363–87.
ISO, I E C. 2010. “IEEE, Systems and Software Engineering--Vocabulary.” ISO/IEC/IEEE 24765: 2010 (E)) Piscataway, NJ: IEEE Computer Society, Tech. Rep.
Jones, Capers, and Olivier Bonsignour. 2011. The Economics of Software Quality. Addison-Wesley Professional.
Li, Yuan-Fang, Paramjit K Das, and David L Dowe. 2014. “Two Decades of Web Application Testing-A Survey of Recent Advances.” Information Systems 43: 20–54.
Mendonça, D.S., T.G. Da Silva, D.F. De Oliveira, J.S. Brando, H. Lopes, S.D.J. Barbosa, M. Kalinowski, and A. Von Staa. 2018. “Applying Pattern-Driven Maintenance: A Method to Prevent Latent Unhandled Exceptions in Web Applications.” In International Symposium on Empirical Software Engineering and Measurement. https://doi.org/10.1145/3239235.3268924.
Mendonça, Diogo, and Marcos Kalinowski. 2020a. “Towards Practical Reuse of Custom Static Analysis Rules for Defect Localization.” In Proceedings of Simpósio Brasileiro de Qualidade de Software (SBQS’20), 10. Natal: ACM.
Mendonça, Diogo Silveira. 2019. “Pattern-Driven Maintenance: A Method to Prevent Unhandled Latent Exceptions in Web Applications.” PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO - PUC-RIO. https://doi.org/10.17771/pucrio.acad.45455.
Mendonça, Diogo Silveira, and Marcos Kalinowski. 2020b. “An Empirical Investigation on the Challenges of Creating Custom Static Analysis Rules for Defect Localization.” ArXiv, November. http://arxiv.org/abs/2011.12886.
Muske, Tukaram, and Alexander Serebrenik. 2016. “Survey of Approaches for Handling Static Analysis Alarms.” In Source Code Analysis and Manipulation (SCAM), 2016 IEEE 16th International Working Conference On, 157–66.
Petroski, Henry, and Anthony J. Baratta. 1988. “To Engineer Is Humam—The Role of Failure in Successful Design.” The Physics Teacher.
SonarSource. 2008. “SonarQube.” 2008. https://www.sonarqube.org/.
Wieringa, Roel. 2014. Design Science Methodology for Information Systems and Software Engineering. Springer Berlin Heidelberg. https://doi.org/10.1145/1810295.1810446.
Dogan, Serdar, Aysu Betin-Can, and Vahid Garousi. 2014. “Web Application Testing: A Systematic Literature Review.” Journal of Systems and Software 91: 174–201.
Ersoy, Ersin, and Hasan Sözer. 2016. “Extending Static Code Analysis with Application-Specific Rules by Analyzing Runtime Execution Traces.” In International Symposium on Computer and Information Sciences, 30–38.
Garousi, Vahid, Ali Mesbah, Aysu Betin-Can, and Shabnam Mirshokraie. 2013. “A Systematic Mapping Study of Web Application Testing.” Information and Software Technology 55 (8): 1374–96.
Heckman, Sarah, and Laurie Williams. 2011. “A Systematic Literature Review of Actionable Alert Identification Techniques for Automated Static Code Analysis.” Information and Software Technology 53 (4): 363–87.
ISO, I E C. 2010. “IEEE, Systems and Software Engineering--Vocabulary.” ISO/IEC/IEEE 24765: 2010 (E)) Piscataway, NJ: IEEE Computer Society, Tech. Rep.
Jones, Capers, and Olivier Bonsignour. 2011. The Economics of Software Quality. Addison-Wesley Professional.
Li, Yuan-Fang, Paramjit K Das, and David L Dowe. 2014. “Two Decades of Web Application Testing-A Survey of Recent Advances.” Information Systems 43: 20–54.
Mendonça, D.S., T.G. Da Silva, D.F. De Oliveira, J.S. Brando, H. Lopes, S.D.J. Barbosa, M. Kalinowski, and A. Von Staa. 2018. “Applying Pattern-Driven Maintenance: A Method to Prevent Latent Unhandled Exceptions in Web Applications.” In International Symposium on Empirical Software Engineering and Measurement. https://doi.org/10.1145/3239235.3268924.
Mendonça, Diogo, and Marcos Kalinowski. 2020a. “Towards Practical Reuse of Custom Static Analysis Rules for Defect Localization.” In Proceedings of Simpósio Brasileiro de Qualidade de Software (SBQS’20), 10. Natal: ACM.
Mendonça, Diogo Silveira. 2019. “Pattern-Driven Maintenance: A Method to Prevent Unhandled Latent Exceptions in Web Applications.” PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO - PUC-RIO. https://doi.org/10.17771/pucrio.acad.45455.
Mendonça, Diogo Silveira, and Marcos Kalinowski. 2020b. “An Empirical Investigation on the Challenges of Creating Custom Static Analysis Rules for Defect Localization.” ArXiv, November. http://arxiv.org/abs/2011.12886.
Muske, Tukaram, and Alexander Serebrenik. 2016. “Survey of Approaches for Handling Static Analysis Alarms.” In Source Code Analysis and Manipulation (SCAM), 2016 IEEE 16th International Working Conference On, 157–66.
Petroski, Henry, and Anthony J. Baratta. 1988. “To Engineer Is Humam—The Role of Failure in Successful Design.” The Physics Teacher.
SonarSource. 2008. “SonarQube.” 2008. https://www.sonarqube.org/.
Wieringa, Roel. 2014. Design Science Methodology for Information Systems and Software Engineering. Springer Berlin Heidelberg. https://doi.org/10.1145/1810295.1810446.
Published
2020-12-01
How to Cite
MENDONÇA, Diogo; VON STAA, Arndt; KALINOWSKI, Marcos .
Pattern-Driven Maintenance: A Method to Prevent Unhandled Latent Exceptions in Web Applications. In: SOFTWARE QUALITY DOCTORAL AND MASTER THESIS CONTEST - BRAZILIAN SOFTWARE QUALITY SYMPOSIUM (SBQS), 19. , 2020, Evento Online.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 1-10.
