Robyn R. Lutz

Mohammad Jamil Ahmad, Katerina Goseva-Popstojanova, Robyn R. Lutz

Software fault-proneness prediction is an active research area, with many factors affecting prediction performance extensively studied. However, the impact of the learning approach (i.e., the specifics of the data used for training and the target variable being predicted) on the prediction performance has not been studied, except for one initial work. This paper explores the effects of two learning approaches, useAllPredictAll and usePrePredictPost, on the performance of software fault-proneness prediction, both within-release and across-releases. The empirical results are based on data extracted from 64 releases of twelve open-source projects. Results show that the learning approach has a substantial, and typically unacknowledged, impact on the classification performance. Specifically, using useAllPredictAll leads to significantly better performance than using usePrePredictPost learning approach, both within-release and across-releases. Furthermore, this paper uncovers that, for within-release predictions, this difference in classification performance is due to different levels of class imbalance in the two learning approaches. When class imbalance is addressed, the performance difference between the learning approaches is eliminated. Our findings imply that the learning approach should always be explicitly identified and its impact on software fault-proneness prediction considered. The paper concludes with a discussion of potential consequences of our results for both research and practice.

Usman Gohar, Michael C. Hunter, Robyn R. Lutz et al.

Constructing assurance cases is a widely used, and sometimes required, process toward demonstrating that safety-critical systems will operate safely in their planned environment. To mitigate the risk of errors and missing edge cases, the concept of defeaters - arguments or evidence that challenge claims in an assurance case - has been introduced. Defeaters can provide timely detection of weaknesses in the arguments, prompting further investigation and timely mitigations. However, capturing defeaters relies on expert judgment, experience, and creativity and must be done iteratively due to evolving requirements and regulations. This paper proposes CoDefeater, an automated process to leverage large language models (LLMs) for finding defeaters. Initial results on two systems show that LLMs can efficiently find known and unforeseen feasible defeaters to support safety analysts in enhancing the completeness and confidence of assurance cases.

Usman Gohar, Michael C. Hunter, Agnieszka Marczak-Czajka et al.

Small Unmanned Aircraft Systems (sUAS) have gained widespread adoption across a diverse range of applications. This has introduced operational complexities within shared airspaces and an increase in reported incidents, raising safety concerns. In response, the U.S. Federal Aviation Administration (FAA) is developing a UAS Traffic Management (UTM) system to control access to airspace based on an sUAS's predicted ability to safely complete its mission. However, a fully automated system capable of swiftly approving or denying flight requests can be prone to bias and must consider safety, transparency, and fairness to diverse stakeholders. In this paper, we present an initial study that explores stakeholders' perspectives on factors that should be considered in an automated system. Results indicate flight characteristics and environmental conditions were perceived as most important but pilot and drone capabilities should also be considered. Further, several respondents indicated an aversion to any AI-supported automation, highlighting the need for full transparency in automated decision-making. Results provide a societal perspective on the challenges of automating UTM flight authorization decisions and help frame the ongoing design of a solution acceptable to the broader sUAS community.

Seyedehzahra Khoshmanesh, Tuba Yavuz, Robyn R. Lutz

Features in product lines and highly configurable systems can interact in ways that are contrary to developers' intent. Current methods to identify such unanticipated feature interactions are costly and inadequate. To address this problem we propose a new approach to learn feature interactions, both in those product lines where constraints on feature combinations are specified and in feature-rich configurable systems where such specifications often are not available. The contribution of the paper is to use program analysis to extract feature-relevant learning models from the source code in order to detect unwanted feature interactions. Where specifications of feature constraints are unavailable, our approach infers the constraints using feature-related data-flow dependency information. Evaluation in experiments on three software product line benchmarks and a highly configurable system shows that this approach is fast and effective. The contribution is to support developers by automatically detecting feature combinations in a new product or version that can interact in unwanted or unrecognized ways. This enables better understanding of latent interactions and identifies software components that should be tested together because their features interact in some configurations.

Jack H. Lutz, Neil Lutz, Robyn R. Lutz et al.

Matter, especially DNA, is now programmed to carry out useful processes at the nanoscale. As these programs and processes become more complex and their envisioned safety-critical applications approach deployment, it is essential to develop methods for engineering trustworthiness into molecular programs. Some of this can be achieved by adapting existing software engineering methods, but molecular programming also presents new challenges that will require new methods. This paper presents a method for dealing with one such challenge, namely, the difficulty of ascertaining how robust a molecular program is to perturbations of the relative "clock speeds" of its various reactions. The method proposed here is game-theoretic. The robustness of a molecular program is quantified in terms of its ability to win (achieve its original objective) in games against other molecular programs that manipulate its relative clock speeds. This game-theoretic approach is general enough to quantify the security of a molecular program against malicious manipulations of its relative clock speeds. However, this preliminary report focuses on games against nature, games in which the molecular program's opponent perturbs clock speeds randomly (indifferently) according to the probabilities inherent in chemical kinetics.