LASER (Laboratory for Software Engineering and Reliability) is a research lab of the Institute of Computing at UNICAMP. Involving both theoretical and applied research, the LASER is interested in topics having a high impact on the Software and Systems Engineering research communities, as well as their application and transference to Industry.

Areas of Interest
Software Architecture and Microservices
Continuous Software Engineering (Agile, DevOps, and Lean)
Experimental Software Engineering
Model-Driven Engineering (MDA/MDE)
Software Testing (Performance, Robustness, and Security)
Performance and Dependability Evaluation
Fault-tolerant/Resilient Systems

Here, we have a presentation about lab activities (Portuguese only).

Visit of Prof. Dr. José Alexandre D’Abruzzo Pereira

In August we received the visit of Prof. Dr. José Alexandre D’Abruzzo Pereira, from the University of Coimbra. His research interests include security and vulnerability detection, static code analysis, software project management, databases, software quality, cloud computing, and self-adaptive systems.

Lecture information:

Title: “Software Security Characterization through Static Data Analysis – Results and Future Research Direction”

Abstract:

Modern enterprises rely on software systems to run their business: financial, healthcare, government, and e-commerce, among many others. However, many systems are deployed with vulnerabilities caused by a design flaw or an implementation bug. The malicious exploitation of those security vulnerabilities may lead to various problems with financial or legal implications. Static Code Analysis (SCA) is a vulnerability detection technique that reports potential problems (alerts) without requiring the execution of the code. This is done through the use of Static Analysis Tools (SATs). However, such tools are frequently too expensive for most organizations, and they either report many false positives or false negatives. Consequently, developers are required to spend a considerable amount of time analyzing the reported cases without being sure that all vulnerabilities have been detected. 

In this talk, I will present techniques to characterize of software code units (e.g., functions) from a security vulnerability perspective, making use of static data from the source code. The used dataset contains vulnerabilities from five open-source C/C++ projects (Linux Kernel, Mozilla, Xen, Apache httpd, and glibc), and static data (Software Metrics (SMs) and alerts from SATs) extracted from the vulnerable and neutral versions of the code. Vulnerabilities are organized into categories, devised based on the improper or lack of use of the OWASP best practices. Additionally, I will present the future research direction using static data to characterize software code units.

Short Bio:

José D’Abruzzo Pereira holds a Ph.D. in Informatics Engineering from the University of Coimbra (UC), is currently an Invited Assistant Professor at the University of Coimbra, and a member of the Software and System Engineering (SSE) group at CISUC. His research interests include security and vulnerability detection, static code analysis, software project management, databases, software quality, cloud computing, and self-adaptive systems. He received a MSc in Information Technology and Software Engineering from the University of Coimbra and Carnegie Mellon University and a B.Sc. in Computer Science from the State University of Campinas – Brazil (Unicamp). He is also acting as a professor in the Specialization in Software Engineering at the State University of Campinas – Brazil (Unicamp).

LASER in SBQS – 2023

SBQS – XXII Simpósio Brasileiro de Qualidade de Software

Laser had the privilege of having two works accepted at the SBQS conference hosted by the University of Brasília (UNB) on November 23rd. 

Technical track 

Sara das Mercês, a doctoral student, present one paper entitled "A Case Study on Data Science Processes in an Academia-Industry Collaboration".


WTDQS - XXI WORKSHOP DE TESES E DISSERTAÇÕES EM QUALIDADE DE SOFTWARE

Milene Rigolin, a doctoral student, present online his work entitled "Ethical issues in continuous experimentation".



Sara das Mercês at conference

Visit of Profa. Anna Wiedemann

In September we received the visit of Professor Anna Wiedemann. She is a professor at the Institute of Business Information Technology at the University of Applied Sciences Zurich (ZHAW) and has worked mainly in ​​DevOps.

Lecture information:

Title: Achieving Product Orientation in DevOps Teams

Abstract: Changes in IT organization and technology environments make it necessary to adapt and review how mission-critical IT functions align with firm strategy. IT functions increasingly use cross-functional teams to manage the lifecycle of digital solutions. As cross-functional teams begin to alter how we develop and maintain software, they may also result in control–alignment misfits that diminish the efficacy of functional project and operations controls. With the help of qualitative research methods, we examine how the integration of product-oriented cross-functional teams challenges and transforms the IT function. We apply grounded theory and derive models that give insights into how alignment between development and operations can be achieved in DevOps teams within the IT function.

Empirical Standards for Software Engineering Research

As a great collaborative effort involving several software engineering researchers, Prof. Paul Ralph (Dalhousie University) organized this ACM SIGSOFT Paper and Peer Review Quality Initiative to define empirical standards for research methods commonly used in software engineering.

The idea is to have the empirical standards as living documents, which should be continuously revised to reflect evolving consensus around research best practices, promoting research quality, and making peer review more effective, reliable, transparent, and fair.

Prof. Breno de França (LASER/IC-UNICAMP) contributed with the standards on quantitative simulation together with Prof. Nauman Bin Ali (BTH/Sweden) and Prof. Dietmar Pfahl (University of Tartu/Estonia).

Other contributions include standards for controlled experiments, case studies, surveys, and others.

Link for the report explaining the motivation and methodology for generating the standards: https://arxiv.org/abs/2010.03525

Github repo with the standards: https://github.com/acmsigsoft/EmpiricalStandards

Virtual Café

While all the research and teaching activities at the Institute of Computing will continue to happen in remote for the first half of 2021, we started to feel the need to have an informal meeting space for our lab, where we can just meet and have a talk. Also, because new students are being admitted in the Postgraduate Program, but they don’t have the opportunity to meet the other people of the lab.

Starting from last month we will have a periodic “Virtual Café”, a kind of extended coffee break in which we can keep updated on what other people are doing, or simply end the Friday afternoon together.

Continue reading Virtual Café

LASER at ISSRE 2020

We are happy to mention that this year LASER had a paper accepted at the 31st International Symposium on Software Reliability Engineering (ISSRE 2020), one of the most important conferences on software reliability.

The conference was held completely in remote format, with a huge organization effort by the people from Coimbra that resulted in pleasant experience. The presentation followed a “flipped conference” model: attendees watched pre-recorded presentations before the conference and then had some time to ask questions to authors during the live event.

Continue reading LASER at ISSRE 2020

New book on Empirical Software Engineering Research

We are glad to announce the most complete book on Empirical Software Engineering has been recently launched in printed and electronic formats.

So far, it has received very positive feedback on the book from the software engineering community. And, it will be presented in this year’s International Software Engineering Research Network (ISERN) meeting.

The book includes several chapters on topics like design science, research synthesis, open science, experiments, and gray literature. These are contributions of international researchers dedicated to investigating how to improve research in software engineering.

Breno (LASER member) contributes with a chapter on the role of simulation-based studies in software engineering research, in collaboration with Nauman Bin Ali from the Blekinge Institute of Technology (Sweden).

Take a look and enjoy!

We are happy to inform you! CBSoft 2020

This year, LASER members have four papers accepted in CBSoft 2020!

CBSoft is the greatest Brazilian conference on software engineering and will be entirely virtual this year due to the coronavirus pandemic.

Accepted works focus on three areas of interest in the laboratory: software architecture, continuous software engineering, and adaptive systems.

SBCARS 2020:

  • Jorge Luiz Machado da Silva, Breno de França, Cecilia Rubira. Generating Trustworthiness Adaptation Plans Based on Quality Models for Cloud Platforms
  • Daniel Apolinário, Breno de França. Towards a method for monitoring the coupling evolution of microservice-based architectures

SBES 2020 – Innovative Ideas and Emerging Results:

  • Jorge Luiz Machado da Silva, Breno de França, Cecilia Rubira. Generating Adaptation Plans Based on QualityModels for Cloud Platforms

SBES 2020 – Tools:

  • Gabriel Augusto Destro, Breno de França. Mining Software Repositories for the Characterization of Continuous Integration and Delivery

Congratulations for the authors!

Master’s Defense – Elder

Some days ago we celebrated the Master’s defense of Elder Rodrigues Jr., under the supervision of Prof. Leonardo. During his Master’s, Elder worked on a methodology and framework to manage coding conventions as structured models, and to automatically derive checkers by model transformation.

The defense was in remote format, due to the pandemic. Despite that, it originated a rich and interesting discussion with the members of the committee. The methodology proposed in his dissertation also generated two international publications, which confirm the quality of the work. Congratulations!

[matomo_opt_out]