Software Engineering and Analytics Group

We are the Software Engineering and Analytics Group (SEAG) at Massey University.

Peking University, China-2019
APSEC, Hamilton, New Zealand-2016
Ruahine forest park, New Zealand-2017
APSEC, NanJing, China-2017

news

  • 2021

    • We received two recent early career MURF research funds! Shawn received funds for work on parsers' security. Amjed received funds to study the nature of simple statement bugs. More on those projects to come!
    • Another Award! Amjed received the IEEE MSR Distinguished Reviewer Award at MSR'21 read more
    • Shawn Rasheed has successfully defended his PhD thesis "Security analyses for detecting deserialization vulnerabilities"
    • Award! Received the IEEE/TCSE Distinguished Paper Award at ICPC'21 for the paper "Understanding Code Smell Detection via Code Review: A Study of the OpenStack Community" (a collaborator with researchers from Wuhan University and Brunel University London) read more

      Read the paper here

    • Li Sui has successfully defended his PhD thesis "An investigation into the soundness of static program analysis"
  • 2020

    Two successful grants in the recent SfTI NSC funding round!! read more
  • 2019

    Dr. Amjed Tahir was awarded the NZ at Peking University fellowship in 2019, visiting Prof Zhang Lu (Institute of Software, School of Electronics Engineering and Computer Science) together with Shawn Rasheed and Li Sui. read more
  • An Article that discussed our SfTI NSC collaborative project that featured PhD student Li Sui. read more

people

Dr. Amjed Tahir

Senior Lecturer in Software Engieering (group leader) - a.tahir@massey.ac.nz - (+64) 69519358

Amjed is undertaking researches in Empirical Software Engineering including: software testing, software maintenance, reengineering and evolution, data analytics (through mining software repertories), and other software quality topics.

Shawn Rasheed

Research Associate/Lecturer in Software Engeering - s.rasheed@massey.ac.nz -

My research interests are in program analysis and software security.

Li Sui

Research assistant- l.sui@massey.ac.nz -

My research interests are program analysis(static/dynamic analysis) and programming language (Java).

Joshua Bishop

Summer Intern

Grants

A Novel approach to detect and predict tests with non-deterministic behaviour

This project aims to understand the causes of test flakiness, provide empirical evidence of new patterns of flaky tests and their classifications, and develop a novel technique that is able to identify and predict flaky tests with a high-level of accuracy and scalable to large programs.

Proofing code reuse: detecting errors in publicly available software

This project aims to understand the causes of test flakiness, provide empirical evidence of new patterns of flaky tests and their classifications, and develop a novel technique that is able to identify and predict flaky tests with a high-level of accuracy and scalable to large programs.

  • Date Range: 2021 - 2023
  • Funding Body: Callaghan Innovation
  • Project Team: Sherlock Licorish (PI, University of Otago), Amjed Tahir and Stephen MacDonell (University of Otago)

Towards better and more reliable software bugs prediction

  • Date Range: 2018 - 2018
  • Funding Body: MURF funding (internal)
  • Project Team: Amjed Tahir , Kwabena Ebo Bennin (Wageningen) and Stephen MacDonell (University of Otago)

Closing the gaps in Static Program Analysis

This project aims at addressing the following questions: (1) Can we quantify the unsoundness of existing static analyses? (2) Which features in modern programs cause unsoundness, and to what extent? (3) Which methods exist or can be invented to precisely model features causing unsoundness?

  • Date Range: 2017 - 2019 (completed)
  • Funding Body: Callaghan Innovation
  • Project Team: Jens Dietrich , Amjed Tahir and Li Sui

Other Projects

A study of DoS Vulnerabilities in Parsers for Structured Data

TBA

  • Date: TBA
  • Project Team: Shawn Rasheed, Jens Dietrich (VUW) and Amjed Tahir

Understanding code smells detection and removal from formal code reviews

TBA

  • Date: TBA
  • Project Team: Peng Ling team (Wuhan) and Steve Counsell (Burnel)

software

A Micro-Benchmark for Dynamic Program Behaviour in Java

This micro-benchmark consists of small Java programs that use certain dynamic language features that are difficult to model by static analysis tools.

  • code repository:
  • paper:
  • 
        @inproceedings{sui2018soundness,
          title={On the soundness of call graph construction in the presence of
                 dynamic language features-a benchmark and tool evaluation},
          author={Sui, Li and Dietrich, Jens and Emery, Michael and Rasheed, Shawn and Tahir, Amjed},
          booktitle={Asian Symposium on Programming Languages and Systems},
          pages={69--88},
          year={2018},
          organization={Springer}
        }
    
    

Dynamic call graph construction

A tool for constructing sound oracle which can be used to asses statically build call graph. It uses Java instrumentation to record method stack at the run time

  • code repository:
  • paper:
  • 
        @inproceedings{sui2020recall,
          title={On the recall of static call graph construction in practice},
          author={Sui, Li and Dietrich, Jens and Tahir, Amjed and Fourtounis, George},
          booktitle={2020 IEEE/ACM 42nd International Conference
                    on Software Engineering (ICSE)},
          pages={1049--1060},
          year={2020},
          organization={IEEE}
        }
    
    

publications

2021

  • Rasheed, S., Dietrich, J., & Tahir, A. (2021, August). Caught in the Web: DoS Vulnerabilities in Parsers for Structured Data. In 26th European Symposium on Research in Computer Security (ESORICS). Springer.
  • Tahir, A., , Bennin, K. E., Xiao, X. and S, MacDonell. (2021). Does Class Size Matter? An In-Depth Assessment of the Effect of Class Size in Software Defect Prediction , Empirical Software Engineering (Accepted), Springer.
  • Takuya Asano, Masateru Tsunoda, Koji Toda, Amjed Tahir, Kwabena Ebo Bennin, Keitaro Nakasai, Akito Monden, Kenichi Matsumoto (2021, October). Using Bandit Algorithms for Project Selection in Cross-Project Defect Prediction. In 37th International Conference on Software Maintenance and Evolution (ICSME). NIER-track. IEEE.
  • Han, X., Tahir, A., Liang, P., Counsell, S. and Luo, Y. (2021). Understanding Code Smell Detection via Code Review: A Study of the OpenStack Community. , The 29th IEEE/ACM International Conference on Program Comprehension (ICPC), IEEE. IEEE/TCSE Distinguished Paper Award!
  • Counsell, S., Tahir, A. and Swift, S. (2021). Where the Bugs Are: A Quasi-Replication Study of the Effect of Inheritance Depth and Width in Java Systems , 14th International Conference on the Quality of Information and Communications Technology (QUATIC) (Accepted), Springer.
  • Hayakawa, T., Tsunoda, M., Toda, K., Nakasai, K., Tahir, A., Bennin, K. E., Monden, A. and Matsumoto, K. (2021). A Novel Approach to Address External Validity Issues in Fault Prediction Using Bandit Algorithms. IEICE TRANSACTIONS on Information and Systems, 104(2), 327-331.

2020

  • Tahir, A., Dietrich, J., Counsell, S., Licorish, S., & Yamashita, A. (2020). A large scale study on how developers discuss code smells and anti-pattern in Stack Exchange sites. Information and Software Technology, 125, 106333.
  • Shcherban, S., Liang, P., Tahir, A., & Li, X. (2020, October). Automatic Identification of Code Smell Discussions on Stack Overflow: A Preliminary Investigation. In Proceedings of the 14th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM) (pp. 1-6).
  • Sui, L., Dietrich, J., Tahir, A., & Fourtounis, G. (2020, October). On the recall of static call graph construction in practice. In 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE) (pp. 1049-1060). IEEE.

2019

  • Malgaonkar, S., Lee, C. W., Licorish, S. A., Savarimuthu, B. T. R., & Tahir, A. (2019). Appsent A Tool That Analyzes App Reviews. arXiv preprint arXiv:1907.10191.
  • Rasheed, S., Dietrich, J., & Tahir, A. (2019, August). Laughter in the wild: A study into dos vulnerabilities in YAML libraries. In 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) (pp. 342-349). IEEE.
  • Dietrich, J., Pearce, D., Stringer, J., Tahir, A., & Blincoe, K. (2019, May). Dependency versioning in the wild. In 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR) (pp. 349-359). IEEE.
  • Yukizawa, U., Tsunoda, M., & Tahir, A. (2019, February). Please help! A preliminary study on the effect of social proof and legitimization of paltry contributions in donations to OSS. In 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER) (pp. 609-613). IEEE.

2018

  • Sui, L., Dietrich, J., Emery, M., Rasheed, S., & Tahir, A. (2018, December). On the soundness of call graph construction in the presence of dynamic language features-a benchmark and tool evaluation. In Asian Symposium on Programming Languages and Systems (pp. 69-88). Springer, Cham.
  • Tahir, A., Yamashita, A., Licorish, S., Dietrich, J., & Counsell, S. (2018, June). Can you tell me if it smells? A study on how developers discuss code smells and anti-patterns in Stack Overflow. In Proceedings of the 22nd International Conference on Evaluation and Assessment in Software Engineering 2018 (pp. 68-78).
  • Tahir, A., Bennin, K. E., MacDonell, S. G., & Marsland, S. (2018, October). Revisiting the size effect in software fault prediction models. In Proceedings of the 12th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (pp. 1-10).

2017

  • Meldrum, S., Savarimuthu, B. T., Licorish, S., Tahir, A., Bosu, M., & Jayakaran, P. (2017). Is knee pain information on YouTube videos perceived to be helpful? An analysis of user comments and implications for dissemination on social media. Digital health, 3, 2055207617698908.
  • Tahir, A., Licorish, S. A., & MacDonell, S. G. (2017, December). Feature Evolution and Reuse-An Exploratory Study of Eclipse. In 2017 24th Asia-Pacific Software Engineering Conference (APSEC) (pp. 582-587). IEEE.
  • Sui, L., Dietrich, J., & Tahir, A. (2017). On the use of mined stack traces to improve the soundness of statically constructed call graphs. In 2017 24th Asia-Pacific Software Engineering Conference (APSEC).
  • Counsell, S., Hall, T., Shippey, T., Bowes, D., Tahir, A., & MacDonell, S. (2017, October). Assert use and defectiveness in industrial code. In 2017 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) (pp. 20-23). IEEE.
  • Dietrich, J., Jezek, K., Rasheed, S., Tahir, A., & Potanin, A. (2017). Evil pickles: DoS attacks based on object-graph engineering. In 31st European Conference on Object-Oriented Programming (ECOOP 2017). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik.
  • Dietrich, J., Sui, L., Rasheed, S., & Tahir, A. (2017, June). On the construction of soundness oracles. In Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis (pp. 37-42).