Considering path coverage as the test adequacy criterion, a modified multiple paths test data generator based on particle swarm optimisation (MMPPSO) algorithm is proposed. During the particle swarm optimisation process, each particle tracks the individual best position and the global best position. For the multiple paths coverage problem, different fitness functions are applied to assess the individual best position and the global best position in MMPPSO. The weighted summation of those branch distance functions is designed as the single path fitness function. The fitness function for the individual best position is the minimum of those single path fitness functions, which guides particles converge to a specific path. The fitness function for the global best position is the summation of those single path fitness functions, which guides the population achieve multiple paths coverage and avoid the premature convergence. The experiments implemented on some benchmarks show that the authors’ approach is more effective and more efficient than other methods, especially for complicated programs and large target path sets.

In software system, there are some functions of great importance in controlling the whole process of software execution. When they are damaged, the software will suffer from catastrophic consequences caused by cascading failures. To accurately identify and protect these influential functions has become a necessary method in software security. Thus, in this study a new approach to efficiently mine influential functions based on software execution sequence is proposed. First, the authors design a novel modelling strategy by which software execution traces are modelled as sequential patterns. Owing to loops, patterns can occur multiple times in a trace, which leads to high cost of time and extreme complexity of the research. Then, an algorithm is designed to remove repetitive patterns in software and software influential nodes mining algorithm is put forward to mine influential functions in software and to rank them by the rank-index. Finally, by comparatively analysing the top-ten functions got from PageRank and those from Degree-Based algorithm, the approach is proved to be an effective and accurate one which combines advantages of the two classic algorithms.

Android provides a permission declaration and a certification mechanism to detect and report potential security threats of applications. Normally, an application is certified based on its declared permissions, but declared permissions are often coarse-grained or inconsistent with those actually used in the program code. The authors propose application programming interface (API)-level security certification of android applications (ASCAA), a cloud-based framework, which employs a systematic method to identify and analyse security threats at API level. To certify an application, ASCAA examines all permission labels in its manifest and API invocations extracted from its decompiled code based on a set of requirement-dependent security rules. In addition, the authors provide ASCAA Security Language to formalise security rules and the certification process, which makes ASCAA general and scalable. Since it is a cloud-based framework, any potential user could easily make ASCAA work for them, and ASCAA has also been proved to gain high performance. Hitherto, they have analysed over 200 applications with an automated tool based on ASCAA, and discovered that about one-eighth failed to pass part of our sample rules. We find evidence that ASCAA can identify risk factors in a fine-grained way, for example, applications’ being over privileged or the use of some dangerous APIs require no permission declaration.

With all the recent advancements in the electronic world, hardware is becoming smaller, cheaper and more powerful; while the software industry is moving towards service-oriented integration technologies. Hence, service oriented architecture is becoming a popular platform for the development of applications for distributed embedded real-time system (DERTS). With rapidly increasing diversity of services on the internet, new demands have been raised concerning the efficient discovery of heterogeneous device services in the dynamic environment of DERTS. Context-awareness principles have been widely studied for DERTS; hence, it can be used as an additional set of service selection criteria. However, in order to use context information effectively, it should be presented in an unambiguous way and the dynamic nature of the embedded and real-time systems should be considered. To address these challenges, the authors present a service discovery framework for DERTS which uses context-aware ontology of embedded and real-time systems and a semantic matching algorithm to facilitate the discovery of device services in embedded and real-time system environments. The proposed service discovery framework also considers the associated priorities with the requirements posed by the requester during the service discovery process.