TU Darmstadt / ULB / TUbiblio

Getting to Know You: Towards a Capability Model for Java

Hermann, Ben and Reif, Michael and Eichberg, Michael and Mezini, Mira (2015):
Getting to Know You: Towards a Capability Model for Java.
New York, NY, USA, ACM, In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA, In: ESEC/FSE 2015, ISBN 978-1-4503-3675-8,
[Online-Edition: http://doi.acm.org/10.1145/2786805.2786829],
[Conference or Workshop Item]

Abstract

Developing software from reusable libraries lets developers face a security dilemma: Either be efficient and reuse libraries as they are or inspect them, know about their resource usage, but possibly miss deadlines as reviews are a time consuming process. In this paper, we propose a novel capability inference mechanism for libraries written in Java. It uses a coarse-grained capability model for system resources that can be presented to developers. We found that the capability inference agrees by 86.81% on expectations towards capabilities that can be derived from project documentation. Moreover, our approach can find capabilities that cannot be discovered using project documentation. It is thus a helpful tool for developers mitigating the aforementioned dilemma.

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Hermann, Ben and Reif, Michael and Eichberg, Michael and Mezini, Mira
Title: Getting to Know You: Towards a Capability Model for Java
Language: English
Abstract:

Developing software from reusable libraries lets developers face a security dilemma: Either be efficient and reuse libraries as they are or inspect them, know about their resource usage, but possibly miss deadlines as reviews are a time consuming process. In this paper, we propose a novel capability inference mechanism for libraries written in Java. It uses a coarse-grained capability model for system resources that can be presented to developers. We found that the capability inference agrees by 86.81% on expectations towards capabilities that can be derived from project documentation. Moreover, our approach can find capabilities that cannot be discovered using project documentation. It is thus a helpful tool for developers mitigating the aforementioned dilemma.

Series Name: ESEC/FSE 2015
Place of Publication: New York, NY, USA
Publisher: ACM
ISBN: 978-1-4503-3675-8
Uncontrolled Keywords: analysis, capability, library, reuse, security
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Software Technology
Zentrale Einrichtungen
20 Department of Computer Science > EC SPRIDE
Event Title: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering
Event Location: New York, NY, USA
Date Deposited: 10 Sep 2015 14:10
Official URL: http://doi.acm.org/10.1145/2786805.2786829
Export:

Optionen (nur für Redakteure)

View Item View Item