Please use this identifier to cite or link to this item:
https://hdl.handle.net/11147/12135Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Ufuktepe, Ekincan | en_US |
| dc.contributor.author | Tuğlular, Tuğkan | en_US |
| dc.contributor.author | Palaniappan, Kanappan | en_US |
| dc.date.accessioned | 2022-07-05T13:42:18Z | - |
| dc.date.available | 2022-07-05T13:42:18Z | - |
| dc.date.issued | 2022-06 | - |
| dc.identifier.uri | https://doi.org/10.1109/TR.2022.3167943 | - |
| dc.identifier.uri | https://hdl.handle.net/11147/12135 | - |
| dc.description.abstract | Change impact analysis evaluates the changes that are made in the software and finds the ripple effects, in other words, finds the affected software components. Code changes and bug fixes can have a high impact on code quality by introducing new vulnerabilities or increasing their severity. A recent high-visibility example of this is the code changes in the log4j web software CVE-2021-45105 to fix known vulnerabilities by removing and adding method called change types. This bug fix process exposed further code security concerns. In this article, we analyze the most common set of bug fix change patterns to have a better understanding of the distribution of software changes and their impact on code quality. To achieve this, we implemented a tool that compares two versions of the code and extracts the changes that have been made. Then, we investigated how these changes are related to change impact analysis. In our case study, we identified the change types for bug-inducing and bug fix changes using the Quixbugs dataset. Furthermore, we used 13 of the projects and 621 bugs from Defects4J to identify the common change types in bug fixes. Then, to find the change types that cause an impact on the software, we performed an impact analysis on a subset of projects and bugs of Defects4J. The results have shown that, on average, 90% of the bug fix change types are adding a new method declaration and changing the method body. Then, we investigated if these changes cause an impact or a ripple effect in the software by performing a Markov chain-based change impact analysis. The results show that the bug fix changes had only impact rates within a range of 0.4-5%. Furthermore, we performed a statistical correlation analysis to find if any of the bug fixes have a significant correlation with the impact of change. The results have shown that there is a negative correlation between caused impact with the change types adding new method declaration and changing method body. On the other hand, we found that there is a positive correlation between caused impact and changing the field type. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | en_US |
| dc.relation.ispartof | IEEE Transactions on Reliability | en_US |
| dc.rights | info:eu-repo/semantics/openAccess | en_US |
| dc.subject | Bug fix | en_US |
| dc.subject | Change detection | en_US |
| dc.subject | Change impact analysis | en_US |
| dc.title | Tracking code bug fix ripple effects based on change patterns using Markov chain models | en_US |
| dc.type | Article | en_US |
| dc.authorid | 0000-0001-6797-3913 | en_US |
| dc.institutionauthor | Tuğlular, Tuğkan | en_US |
| dc.department | İzmir Institute of Technology. Computer Engineering | en_US |
| dc.identifier.wos | WOS:000791712400001 | en_US |
| dc.identifier.scopus | 2-s2.0-85131632808 | en_US |
| dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
| dc.identifier.doi | 10.1109/TR.2022.3167943 | - |
| dc.contributor.affiliation | University of Missouri - Columbia | en_US |
| dc.contributor.affiliation | 01. Izmir Institute of Technology | en_US |
| dc.contributor.affiliation | University of Missouri - Columbia | en_US |
| dc.relation.issn | 0018-9529 | en_US |
| dc.description.volume | 71 | en_US |
| dc.description.issue | 2 | en_US |
| dc.description.startpage | 1141 | - |
| dc.description.endpage | 1156 | - |
| dc.identifier.scopusquality | Q1 | - |
| item.grantfulltext | open | - |
| item.openairecristype | http://purl.org/coar/resource_type/c_18cf | - |
| item.cerifentitytype | Publications | - |
| item.openairetype | Article | - |
| item.languageiso639-1 | en | - |
| item.fulltext | With Fulltext | - |
| crisitem.author.dept | 03.04. Department of Computer Engineering | - |
| crisitem.author.dept | 03.04. Department of Computer Engineering | - |
| Appears in Collections: | Computer Engineering / Bilgisayar Mühendisliği Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection | |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| Tracking_Code_Bug_Fix_Ripple_Effect.pdf | Article | 8.64 MB | Adobe PDF | View/Open |
CORE Recommender
SCOPUSTM
Citations
5
checked on Apr 5, 2024
WEB OF SCIENCETM
Citations
4
checked on Mar 23, 2024
Page view(s)
2,686
checked on Apr 22, 2024
Download(s)
692
checked on Apr 22, 2024
Google ScholarTM
Check
Altmetric
Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.