Evaluation of validation tools of Java Agata Gruza and Ramya - - PowerPoint PPT Presentation

evaluation of validation tools of java
SMART_READER_LITE
LIVE PREVIEW

Evaluation of validation tools of Java Agata Gruza and Ramya - - PowerPoint PPT Presentation

Apr 16, 2023 249 likes •483 views

Evaluation of validation tools of Java Agata Gruza and Ramya Krishna Koricherla Department of Computer Science Introduction 1. Related Work 2. Hypothesis 3. Case Study 4. Validation tools Data collection Results 5. Threats

slide-1
SLIDE 1

Agata Gruza and Ramya Krishna Koricherla Department of Computer Science

Evaluation of validation tools of Java

slide-2
SLIDE 2

1.

Introduction

2.

Related Work

3.

Hypothesis

4.

Case Study

Validation tools

Data collection

5.

Results

6.

Threats to validity

7.

Conclusion

8.

Questions

slide-3
SLIDE 3

What is a validation tool?

 Validation tool – used to detect bugs in code  Bugs -- coding standards, multithreaded, security and

performance issues.

slide-4
SLIDE 4
  • 1. Introduction

Why validation tool is important?

 Mars Polar Lander deployed its landing legs at low altitude

and crashed.

 DART 1 collided into the satellite and turned off itself.(new GPS system

was used)

 Ariane 5 had to self destruct because of exceptional handling was

disabled. http://www.cs.sjsu.edu/~pearce/summer09/javaVV .pdf

slide-5
SLIDE 5

Why Java?

 Used in safety critical applications.  Used where software quality and reliability matters.

Validation tools:

1.

FindBugs

2.

PMD

3.

Checkstyle

4.

UCDetector

slide-6
SLIDE 6
  • 2. Related work

1.

In the paper “A Comparison of Bug Finding Tools for Java” Rutar at al. compared FindBugs, PMD, Jlint, Bandera, and ESC/Java.

2.

In the paper “Finding Bugs is Easy” Hovemeyer et al. described bug pattern detectors of FindBugs.

3.

In the paper “Duplicated Code with Linked Editing ”Toomin et al. were talking about pattern duplication.

4.

In the paper “Analysis Tool Evaluation : PMD” , authors described the rule sets of PMD validation tool.

slide-7
SLIDE 7
  • 3. Hypothesis

 Null Hypotheses:

There is no difference in the number of bugs between validation tools.

 Alternative hypotheses:

There is a significant difference between the validation tools.

slide-8
SLIDE 8
  • 4. Case study

 19 Java programs are checked against four tools on

Eclipse 4.2.0

 Findbugs:

Version used: Findbugs 2.0; Uses Bug Pattern Detectors

 Class structure and inheritance hierarchy  Linear code scan  Control sensitive  Data flow

slide-9
SLIDE 9
  • 4. Case study

PMD = Project Mess Detector

Version used PMD 5.0.2; Uses Abstract Syntax Tree concept Major areas:

 Coding standards  Coding anti-patterns  Duplication

Rule sets – naming conventions, braces, strict exceptions, import statements, Java Bean, clone, etc.,

slide-10
SLIDE 10
  • 4. Case study

Checkstyle

Version used Checkstyle 5.6 Used to improve code quality, readability, re-usability Supports writing custom Checkstyle rule

UCDetector

Version used UCDetector1.10.1

 Dead code  Visibility of code  Final declarations

slide-11
SLIDE 11
  • 4. Case study

Data collection

 19 programs between 50 to 100 lines of code each.  Generated report of each program for all tools

slide-12
SLIDE 12
slide-13
SLIDE 13
  • 4. Case study

 Important bugs - bugs generated by analyzing code in details.

Examples: Cyclomatic complexity, switch, Boolean, data flow

 Unimportant bugs- bugs related to style of program.

Examples: comments and naming conventions.

slide-14
SLIDE 14
  • 5. Results

ANOVA test –

Normal distribution

slide-15
SLIDE 15
  • 5. Results

 SSA = 18398.17  SSB = 2300  SSE= = 1658.833  SST =SSA+SSB+SSE= 22357  %of variance by alternatives= * 100=82.29  %of variance by blocking variable= * 100=10.287  %of variance by errors= * 100= 7.41  4) Statistical significance  MSA = = 6132.72, where a = number of alternatives  MSE= 153.33  MSB= = 331.766 where b= number of blocks= 6  Fcomputed= 39.99  For α=0.01 F0= 5.417. Fcomputed > F0, we reject null hypotheses.  That is there is significant difference in the number of errors detected by each validation

tool.

slide-16
SLIDE 16

% of unimportant and important bugs Name of the Tool % of important bugs detected % unimportant bugs detected Findbugs 100% 0% PMD 50% 50% Checkstyle 13% 87%

slide-17
SLIDE 17
  • 6. Threats to validity

 1) CONCLUSION VALIDITY

Specimen size- In our project we considered 19 modest size Java programs (between 50 to 100 lines of code each).

 2) INTERNAL VALIDITY

Knowledge of Java- Performance monitoring (Human errors) Analysis Method(Important and Unimportant bugs) Time

slide-18
SLIDE 18

3) CONSTRUCT VALIDITY

Many measure the same occurrence 4) EXTERNAL VALIDITY Cannot generalize

slide-19
SLIDE 19

 CONCLUSION:

Findbugs is efficient tool as it recognizes 100% of important Errors.

Useful to check multithreaded correctness, malicious code vulnerability, security

issues, performance issues.

PMD detects 50% of important bugs.

Useful to check for clone implementation, controversial (Boolean), J2EE, JavaBeans, Exceptions and also good programming practice

Checkstyle detects only 13% of important bugs. Most are related to

programming style ( coding standards).

slide-20
SLIDE 20

 UCDetector:

 Useful to check for dead code, to check for appropriate access specifiers.

FUTURE WORK: Can evaluate more tools and compare with already compared tools.

slide-21
SLIDE 21

THANK YOU ! QUESTIONS?