Please use this identifier to cite or link to this item: https://hdl.handle.net/11147/12135
Full metadata record
DC FieldValueLanguage
dc.contributor.authorUfuktepe, Ekincanen_US
dc.contributor.authorTuğlular, Tuğkanen_US
dc.contributor.authorPalaniappan, Kanappanen_US
dc.date.accessioned2022-07-05T13:42:18Z-
dc.date.available2022-07-05T13:42:18Z-
dc.date.issued2022-06-
dc.identifier.urihttps://doi.org/10.1109/TR.2022.3167943-
dc.identifier.urihttps://hdl.handle.net/11147/12135-
dc.description.abstractChange impact analysis evaluates the changes that are made in the software and finds the ripple effects, in other words, finds the affected software components. Code changes and bug fixes can have a high impact on code quality by introducing new vulnerabilities or increasing their severity. A recent high-visibility example of this is the code changes in the log4j web software CVE-2021-45105 to fix known vulnerabilities by removing and adding method called change types. This bug fix process exposed further code security concerns. In this article, we analyze the most common set of bug fix change patterns to have a better understanding of the distribution of software changes and their impact on code quality. To achieve this, we implemented a tool that compares two versions of the code and extracts the changes that have been made. Then, we investigated how these changes are related to change impact analysis. In our case study, we identified the change types for bug-inducing and bug fix changes using the Quixbugs dataset. Furthermore, we used 13 of the projects and 621 bugs from Defects4J to identify the common change types in bug fixes. Then, to find the change types that cause an impact on the software, we performed an impact analysis on a subset of projects and bugs of Defects4J. The results have shown that, on average, 90% of the bug fix change types are adding a new method declaration and changing the method body. Then, we investigated if these changes cause an impact or a ripple effect in the software by performing a Markov chain-based change impact analysis. The results show that the bug fix changes had only impact rates within a range of 0.4-5%. Furthermore, we performed a statistical correlation analysis to find if any of the bug fixes have a significant correlation with the impact of change. The results have shown that there is a negative correlation between caused impact with the change types adding new method declaration and changing method body. On the other hand, we found that there is a positive correlation between caused impact and changing the field type.en_US
dc.language.isoenen_US
dc.publisherInstitute of Electrical and Electronics Engineers Inc.en_US
dc.relation.ispartofIEEE Transactions on Reliabilityen_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subjectBug fixen_US
dc.subjectChange detectionen_US
dc.subjectChange impact analysisen_US
dc.titleTracking code bug fix ripple effects based on change patterns using Markov chain modelsen_US
dc.typeArticleen_US
dc.authorid0000-0001-6797-3913en_US
dc.institutionauthorTuğlular, Tuğkanen_US
dc.departmentİzmir Institute of Technology. Computer Engineeringen_US
dc.identifier.wosWOS:000791712400001en_US
dc.identifier.scopus2-s2.0-85131632808en_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.identifier.doi10.1109/TR.2022.3167943-
dc.contributor.affiliationUniversity of Missouri - Columbiaen_US
dc.contributor.affiliation01. Izmir Institute of Technologyen_US
dc.contributor.affiliationUniversity of Missouri - Columbiaen_US
dc.relation.issn0018-9529en_US
dc.description.volume71en_US
dc.description.issue2en_US
dc.description.startpage1141-
dc.description.endpage1156-
dc.identifier.scopusqualityQ1-
item.openairetypeArticle-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.grantfulltextopen-
item.fulltextWith Fulltext-
item.languageiso639-1en-
item.cerifentitytypePublications-
crisitem.author.dept03.04. Department of Computer Engineering-
crisitem.author.dept03.04. Department of Computer Engineering-
Appears in Collections:Computer Engineering / Bilgisayar Mühendisliği
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection
Files in This Item:
File Description SizeFormat 
Tracking_Code_Bug_Fix_Ripple_Effect.pdfArticle8.64 MBAdobe PDFView/Open
Show simple item record



CORE Recommender

SCOPUSTM   
Citations

5
checked on Apr 5, 2024

WEB OF SCIENCETM
Citations

4
checked on Mar 23, 2024

Page view(s)

2,676
checked on Apr 8, 2024

Download(s)

682
checked on Apr 8, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.