What is Software Engineering Research Good For?

What IsSoftwareEngineeringResearchGood For?Andrzej Wasowski

@AndrzejWasowski

PROCESS AND SYSTEM MODELS GROUP

pyrrhocoris apterus (firebug)

c© Andrzej Wasowski, IT University of Copenhagen 1

AB

ETT

ER

QU

ES

TIO

N


AB

ETT

ER

QU

ES

TIO

NWhat is interesting SE

research accordingto Andrzej?


AB

ETT

ER

QU

ES

TIO



a h

a

mmer lurk

ing b

eh

ind

the question

*modelinglanguagessemanticsanalysis


AB

ETT

ER

QU

ES

TIO



a h

a

mmer lurk

ing b

eh

ind

the question

*modelinglanguagessemanticsanalysis

What relevant SEquestions can be

addressed by defininglanguages & analyzing

models/programs?c© Andrzej Wasowski, IT University of Copenhagen 2

AGENDA

Correctness of Software (bug finding)

Software Engineering is Codified Knowledge (online privacy)Legacy Systems (Software Modernization)


AGENDA

Correctness of Software (bug finding)Software Engineering is Codified Knowledge (online privacy)

Legacy Systems (Software Modernization)


AGENDA

Correctness of Software (bug finding)Software Engineering is Codified Knowledge (online privacy)Legacy Systems (Software Modernization)


What is Linux Kernel ?Incredibly versatile operating system

Sources: Gartner and https://en.wikipedia.org/wiki/Usage_share_of_operating_systemshttps://techcrunch.com/2016/11/16/microsoft-joins-the-linux-foundation/


https://en.wikipedia.org/wiki/Usage_share_of_operating_systems

https://techcrunch.com/2016/11/16/microsoft-joins-the-linux-foundation/


GNU/Linux runssupercomputers andinternet servers







AndroidphonestabletssmartTVsetc.








Routers, storage servers,entertainment systems,robots, IoT devices, ...








Routers, storage servers,entertainment systems,robots, IoT devices, ...Cloud infrastructure

















68-98% webserversrun on Linux




























$0.5M/Y platinum membership fee










$0.5M/Y platinum membership fee

The most popular OS kernel on the planet!Sources: Gartner and https://en.wikipedia.org/wiki/Usage_share_of_operating_systemshttps://techcrunch.com/2016/11/16/microsoft-joins-the-linux-foundation/




Linux Kernel is very large

The source code has 700 million characters, 21 million lines of code(quick measurements on the Raspberry Pi version of Linux)

Boeing 747 has 6 million mechanical parts, half of them simple fastenersAre humans able to understand the entire kernel?




Boeing 747 has 6 million mechanical parts, half of them simple fasteners

Are humans able to understand the entire kernel?




Boeing 747 has 6 million mechanical parts, half of them simple fastenersAre humans able to understand the entire kernel?


Linux Kernel Moves Fast

� 4000 programmers from 440 companies contributed to the kernel(approximate numbers from 2015 only)

� 10,800 lines of code added, 5,300 removed, 1,875 modifiedEvery. Single. Day. (on average)

� Over 8 changes per second

� Is any human able to comprehend this evolution speed?

� Incidentally, this makes it impossible to verify with current state of the art� Nobody access to hardware on which others work� Each of them potentially breaks things for others




























� Incidentally, this makes it impossible to verify with current state of the art

� Nobody access to hardware on which others work� Each of them potentially breaks things for others







� Incidentally, this makes it impossible to verify with current state of the art� Nobody access to hardware on which others work

� Each of them potentially breaks things for others










Linus has power to say no.And not much more...

� Linus Thorvalds� Creator of a free kernel project in 1991� Today a benevolent dictator� Coordinates the kernel with a handful of lieutenants

� Can block developments� Hardly has power to give the project a consistent direction� Project is not managed in the usual sense


Linus has power to say no.And not much more...

� Linus Thorvalds� Creator of a free kernel project in 1991� Today a benevolent dictator� Coordinates the kernel with a handful of lieutenants� Can block developments� Hardly has power to give the project a consistent direction� Project is not managed in the usual sense


Success from The IutsideSoftware engineering challenge from the inside

Very LargeVery Large

Very ComplexVery Complex





Moving VeryMoving VeryFASTFAST






EssentiallyEssentiallyNOT MANAGEDNOT MANAGED






EssentiallyEssentiallyNOT MANAGEDNOT MANAGED

A fascinating object forsoftware engineering studies

Jewels bound to be found ...

Problems bound to appear ...


Warning!You may get dirty


Let’s look closely at a bug

Iago Abal, Claus Brabrand, Andrzej Wasowski. Effective Bug Finding in C Programs with Shape and Effect Abstractions VMCAI’17c© Andrzej Wasowski, IT University of Copenhagen 10

Let’s look closely at a bug1 void ath10k_htt_rx_msdu_buff_replenish (struct ath10k_htt *htt) {2 spin_lock_bh(&htt->rx_ring.lock); // 6. DEADLOCK3 // ...4 spin_unlock_bh(&htt->rx_ring.lock);5 }6 void ath10k_htt_rx_in_ord_ind (struct ath10k *ar, struct sk_buff *skb) {7 // ...8 ath10k_htt_rx_msdu_buff_replenish(&ar->htt); // 5. CALL9 }

10 void ath10k_htt_txrx_compl_task (unsigned long ptr) { // 1. ENTRY POINT11 struct ath10k *ar = (struct ath10k *)ptr; // 2. CAST12 // ...13 while ((skb = __skb_dequeue(&rx_ind_q))) {14 spin_lock_bh(&ar->htt->rx_ring.lock); // 3. LOCK15 ath10k_htt_rx_in_ord_ind(ar, skb); // 4. CALL16 spin_unlock_bh(&ar->htt->rx_ring.lock);17 dev_kfree_skb_any(skb);18 }19 // ...




Domain knowledge(tasklets, bottom halves,locks)Inter-procedural flowPointers nested incomplex structscasts, function pointersno specifications, notests




Domain knowledge(tasklets, bottom halves,locks)

Inter-procedural flowPointers nested incomplex structscasts, function pointersno specifications, notests




Domain knowledge(tasklets, bottom halves,locks)Inter-procedural flow

Pointers nested incomplex structscasts, function pointersno specifications, notests




Domain knowledge(tasklets, bottom halves,locks)Inter-procedural flowPointers nested incomplex structs

casts, function pointersno specifications, notests




Domain knowledge(tasklets, bottom halves,locks)Inter-procedural flowPointers nested incomplex structscasts, function pointers

no specifications, notests









while(*)

lockρ

unlockρ

lockρunlockρ

lockρunlockρ





lockρ

unlockρ

lockρunlockρ

lockρunlockρ

while(*)





lockρ

unlockρ

lockρunlockρ

while(*)

lockρ

unlockρ


Inference of Shapes & Effects

Formalized and implemented for the entire C languageIncluding spec. of selected kernel functions, e.g:


Inference of Shapes & Effects

Formalized and implemented for the entire C languageIncluding spec. of selected kernel functions, e.g:


Does this work?Software engineering research method strikes back

We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias

http://eba.wikit.itu.dk/Iago Abal, Claus Brabrand, Andrzej Wasowski. Effective Bug Finding in C Programs with Shape and Effect Abstractions VMCAI’17


http://eba.wikit.itu.dk/


We have proven no theorems

Nine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)

Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noise

Still a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)

You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)

Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)

[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





We have proven no theoremsNine thousand files in drivers analyzed (you do get dirty!)Dozen reports for 9K lines, not a lot of noiseStill a lot of work to filter out false positives (you get dirty!)You talk to devs: they want you to fix bugs! (you may get dirty!)Dozen new bugs confirmed and 5 fixed in the Linux kernel projects (somein the main tree already)[recall] On 26 random historical double lock bugs, EBA finds 22; much morethan competing tools (≤ 12), despite negative bias





Ariane V (1996)


Ariane V (1996)

A floating point cast bug,A decade of development,$7B development budget,$0.5B lost rocket & cargo,but ...


Ariane V (1996)A floating point cast bug,

A decade of development,$7B development budget,$0.5B lost rocket & cargo,but ...


Ariane V (1996)A floating point cast bug,A decade of development,

$7B development budget,$0.5B lost rocket & cargo,but ...


Ariane V (1996)A floating point cast bug,A decade of development,$7B development budget,

$0.5B lost rocket & cargo,but ...


Ariane V (1996)A floating point cast bug,A decade of development,$7B development budget,$0.5B lost rocket & cargo,

but ...


Ariane V (1996)A floating point cast bug,A decade of development,$7B development budget,$0.5B lost rocket & cargo,but ...


Ariane V (2013)


Ariane V (2013)

� 89 launches since 1996� 3 crashes since 1996� Only the first linked to a software bug

(so is HW really more reliable?)� Last 75 launches with no incidents� Most recent launch: Nov 17, 2016

Have you heard about it?� They never show you this slide ...


Ariane V (2013)

� 89 launches since 1996

� 3 crashes since 1996� Only the first linked to a software bug




Ariane V (2013)

� 89 launches since 1996� 3 crashes since 1996

� Only the first linked to a software bug(so is HW really more reliable?)

� Last 75 launches with no incidents� Most recent launch: Nov 17, 2016



Ariane V (2013)


(so is HW really more reliable?)

� Last 75 launches with no incidents� Most recent launch: Nov 17, 2016



Ariane V (2013)


(so is HW really more reliable?)� Last 75 launches with no incidents

� Most recent launch: Nov 17, 2016Have you heard about it?

� They never show you this slide ...


Ariane V (2013)



Have you heard about it?

� They never show you this slide ...


Ariane V (2013)








1.27 fatality per 100 million miles

including human failures




0.76 fatality per 100 million milesc© Andrzej Wasowski, IT University of Copenhagen 16




0.03 fatalities per 100 million milesincluding human errors






If we areDoing so well,

Why are we stillSO OBSESSED

with correctness ?c© Andrzej Wasowski, IT University of Copenhagen 16


performance


security







diversity of domains:consumer electronicsautomotiveindustry automationbusiness softdata analytics



Let’s look into one domain

Online Privacy and Data Analyticsc© Andrzej Wasowski, IT University of Copenhagen 17

smartphone ownerc© Andrzej Wasowski, IT University of Copenhagen 18



smartphone owner

� I cannot do muchabout this, as a SEresearcher

� My hammer — notgood enough

� Others work witheducation,awareness,regulation, politics,alternative businessmodels


smartphone owner




software developerc© Andrzej Wasowski, IT University of Copenhagen 18

smartphone owner





smartphone owner





smartphone owner




software developer

� Architecturalprinciples protectingpersonal data

� Detect libraries used� Detect information

flow to the libraryvendor

� Warn the developerof bad practice (likethe security scannersdo for security)

� Help programmersand companiesconform to GDPR


smartphone owner




software developer

� Architecturalprinciples protectingpersonal data

� Detect libraries used� Detect information

flow to the libraryvendor

� Warn the developerof bad practice (likethe security scannersdo for security)

� Help programmersand companiesconform to GDPRLots of potentially interesting work

Seeking thesis studentsc© Andrzej Wasowski, IT University of Copenhagen 18

caring parentc© Andrzej Wasowski, IT University of Copenhagen 19




caring parent

� 3000+ schools inPoland uses thesystem (data from 2014)

� The database trackseasily over halfmilion data subjects

� Not only grades� Communication with

parents, conduct,illness, etc.

� This dataset is boundto grow fast

� Cannot help much.We need education,regulation, andgovernance, etc.


caring parent








caring parent







� High value in thebig (personal) data

� Companies want toextract the value

� But how to store andprocess these datarespectfully?

� How to anonymizethe data?

� Which anonymizationmethod to use? Howto configure it? Howto test whether weuse it correctly?

� Help programmersand companies toconform to GDPR


Differential PrivacyAn example from software engineering perspective

Cynthia Dwork. Differential privacy. ICALP 2006c© Andrzej Wasowski, IT University of Copenhagen 20


D1



D1 D2



D1 D2

K K



D1 D2

K K

R1 R2



D1 D2

K K



D1 D2

K K

S



D1 D2

K K

S

P1Ꞓ



D1 D2

K K

S

P1Ꞓ P2

ꞒCynthia Dwork. Differential privacy. ICALP 2006



D1 D2

K K

S

P1Ꞓ P2

Ꞓ

P1

P2≤ eε

For any such set of results S and for anyneighbouring sets D1 and D2

Can we expect an average programmerto implement this?If so then how to test this ?Can we implement reusable differentialprivacy components, similar toencryption libraries?



D1 D2

K K

S

P1Ꞓ P2

Ꞓ

P1

P2≤ eε





D1 D2

K K

S

P1Ꞓ P2

Ꞓ

P1

P2≤ eε


Can we expect an average programmerto implement this?

If so then how to test this ?Can we implement reusable differentialprivacy components, similar toencryption libraries?



D1 D2

K K

S

P1Ꞓ P2

Ꞓ

P1

P2≤ eε


Can we expect an average programmerto implement this?If so then how to test this ?

Can we implement reusable differentialprivacy components, similar toencryption libraries?



D1 D2

K K

S

P1Ꞓ P2

Ꞓ

P1

P2≤ eε




Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation data

How do we select the value of epsilon ?Does this notion of privacy at all capture what data subjects would expect ?This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: studentsRQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?Ultimately a handbook/blueprint for selection and use of anonymization technology

Joint work with Mark Berthelsen, Gediminas Kucas, Tina Cecilie Schultz, Irina Shklovskic© Andrzej Wasowski, IT University of Copenhagen 21

Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation data

How do we select the value of epsilon ?Does this notion of privacy at all capture what data subjects would expect ?This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: studentsRQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?Ultimately a handbook/blueprint for selection and use of anonymization technology

maximum anonymity maximum utility

Joint work with Mark Berthelsen, Gediminas Kucas, Tina Cecilie Schultz, Irina Shklovskic© Andrzej Wasowski, IT University of Copenhagen 21

Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation dataHow do we select the value of epsilon ?

Does this notion of privacy at all capture what data subjects would expect ?This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: studentsRQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?Ultimately a handbook/blueprint for selection and use of anonymization technology


ε = 0 ε = +∞Pr[K(D1) ∈ S] ≤ eεPr[K(D2) ∈ S]

?Joint work with Mark Berthelsen, Gediminas Kucas, Tina Cecilie Schultz, Irina Shklovski


Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation dataHow do we select the value of epsilon ?Does this notion of privacy at all capture what data subjects would expect ?

This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: studentsRQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?Ultimately a handbook/blueprint for selection and use of anonymization technology


ε = 0 ε = +∞Pr[K(D1) ∈ S] ≤ eεPr[K(D2) ∈ S]



Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation dataHow do we select the value of epsilon ?Does this notion of privacy at all capture what data subjects would expect ?This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: students

RQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?Ultimately a handbook/blueprint for selection and use of anonymization technology


ε = 0 ε = +∞Pr[K(D1) ∈ S] ≤ eεPr[K(D2) ∈ S]



Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation dataHow do we select the value of epsilon ?Does this notion of privacy at all capture what data subjects would expect ?This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: studentsRQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?

Ultimately a handbook/blueprint for selection and use of anonymization technology


ε = 0 ε = +∞Pr[K(D1) ∈ S] ≤ eεPr[K(D2) ∈ S]



Anonymization is difficult, e.g. we are able to re-identify a good number ofstudents in the "anonymized" course evaluation dataHow do we select the value of epsilon ?Does this notion of privacy at all capture what data subjects would expect ?This week running an experiment trying to understand this problem at ITUData: collected by WiFi access points at ITU, data subjects: studentsRQ1: How to relate the noise (ε) to privacy concerns of the data subjects?RQ2: Can data-subjects inform design of data protection in a system?Ultimately a handbook/blueprint for selection and use of anonymization technology


ε = 0 ε = +∞Pr[K(D1) ∈ S] ≤ eεPr[K(D2) ∈ S]




Many more other issues than correctness

Let’s look into: Aging Systemsc© Andrzej Wasowski, IT University of Copenhagen 24



(ancient religions and philosophies)


(ancient religions and philosophies) (Nocturne E flat major, op. 55 no. 2)

(Gustav Klimt, Adele Bloch-Bauer)



(Gustav Klimt, Adele Bloch-Bauer)(Søren Kierkegaard)







Is LEGACY a MISNOMERIs LEGACY a MISNOMERfor SOFTWARE?for SOFTWARE?


An output of complex intellectual activitySoftware is legacy like art, perhaps not a misnomer after all

https://www.technologyreview.com/s/508231/many-cars-have-a-hundred-million-lines-of-code | Juergen Dingel. Complexity is theOnly Constant: Trends in Computing and Their Relevance to MDE. ICGT’16 | Michael Feathers. Working with Legacy Code


https://www.technologyreview.com/s/508231/many-cars-have-a-hundred-million-lines-of-code


In Search of Lost Time by Marcel ProustProust actually died before finishing14 years of Proust’s work9.6 million characters

Many readers suffered long after





In Search of Lost Time by Marcel ProustProust actually died before finishing14 years of Proust’s work9.6 million charactersMany readers suffered long after





The Linux Kernel by Thousands of Engineers25 years since 1991700 million characters

An important intellectual contributionbenefiting largely the entire societyIs Linux kernel an outlier?





The Linux Kernel by Thousands of Engineers25 years since 1991700 million charactersAn important intellectual contributionbenefiting largely the entire society

Is Linux kernel an outlier?





The Linux Kernel by Thousands of Engineers25 years since 1991700 million charactersAn important intellectual contributionbenefiting largely the entire societyIs Linux kernel an outlier?









1977 Oldsmobile Toronado by General Motors(Likely) the first car with control softwareAn ECU controls the spark timingWe guess 1-3 K lines of code

By 1981 each GM car had 50 KLOCA modern car has about 100 MLOCIncidentally more than a Dreamliner (7MLOC)Still less than our brain (1015 synapses not 106)Software systems are not only key for our lifestyle, butalso likely most complex human creations ever





1977 Oldsmobile Toronado by General Motors(Likely) the first car with control softwareAn ECU controls the spark timingWe guess 1-3 K lines of codeBy 1981 each GM car had 50 KLOCA modern car has about 100 MLOC

Incidentally more than a Dreamliner (7MLOC)Still less than our brain (1015 synapses not 106)Software systems are not only key for our lifestyle, butalso likely most complex human creations ever





1977 Oldsmobile Toronado by General Motors(Likely) the first car with control softwareAn ECU controls the spark timingWe guess 1-3 K lines of codeBy 1981 each GM car had 50 KLOCA modern car has about 100 MLOCIncidentally more than a Dreamliner (7MLOC)

Still less than our brain (1015 synapses not 106)Software systems are not only key for our lifestyle, butalso likely most complex human creations ever





1977 Oldsmobile Toronado by General Motors(Likely) the first car with control softwareAn ECU controls the spark timingWe guess 1-3 K lines of codeBy 1981 each GM car had 50 KLOCA modern car has about 100 MLOCIncidentally more than a Dreamliner (7MLOC)Still less than our brain (1015 synapses not 106)

Software systems are not only key for our lifestyle, butalso likely most complex human creations ever





1977 Oldsmobile Toronado by General Motors(Likely) the first car with control softwareAn ECU controls the spark timingWe guess 1-3 K lines of codeBy 1981 each GM car had 50 KLOCA modern car has about 100 MLOCIncidentally more than a Dreamliner (7MLOC)Still less than our brain (1015 synapses not 106)Software systems are not only key for our lifestyle, butalso likely most complex human creations ever





100K commits in Facebook. Every. Week. Size of Facebook: 60 MLOCSize of Google 2 000 MLOCExamples start to get boring

Software is important for us, a bit like art.Imagine life without legacy systems (no banking, no credit cards, no railways, noairlines, no tax office)But software is also different. Why is art aging well, and software ages badly?Software does not change a single bitWe change, our needs change, our engineers change

Complexity is the Only Constant (Jürgen Dingel)






Software is important for us, a bit like art.Imagine life without legacy systems (no banking, no credit cards, no railways, noairlines, no tax office)

But software is also different. Why is art aging well, and software ages badly?Software does not change a single bitWe change, our needs change, our engineers change







Software is important for us, a bit like art.Imagine life without legacy systems (no banking, no credit cards, no railways, noairlines, no tax office)But software is also different. Why is art aging well, and software ages badly?

Software does not change a single bitWe change, our needs change, our engineers change















Complexity is the Only Constant (Jürgen Dingel)https://www.technologyreview.com/s/508231/many-cars-have-a-hundred-million-lines-of-code | Juergen Dingel. Complexity is theOnly Constant: Trends in Computing and Their Relevance to MDE. ICGT’16 | Michael Feathers. Working with Legacy Code



Legacy Code iscode we’re afraid to change

[James Shore]


Legacy Code iscode without tests

[Michael Feathers]


Legacy Code iscode without a caretaker

[yours truly]


Some Solutions for Software ModernizationSome methods for taming legacy code

Doing nothingDoing nothing



Doing nothingDoing nothing ReplatformingReplatforming




VirtualizationVirtualization




VirtualizationVirtualization Re-architectingRe-architecting




VirtualizationVirtualization Re-architectingRe-architecting


An Example of a Modernization ProjectAn Example of a Modernization Project


An Example of a Modernization ProjectAn Example of a Modernization Project

Slide elements by Alexandru F. Iosif-Lazar


Can we trust a complex transformation?Can we trust a complex transformation?



Luckily the program was finite stateVerify that the input and output are functionally equivalent

automatic and fast modernizing

transformation

symbolic execution

equivalence check

using an SMT solver

symbolic execution

modernized code

behavior ofmodernized

code

legacycode

legacycode

Impossible without others turning theory into engineering componentsSemantics → symbolic executorsGrammar theory → transformation languagesDeductive systems → SMT solvers






transformation

symbolic execution

equivalence check

using an SMT solver

symbolic execution

modernized code


code

legacycode

legacycode







transformation

symbolic execution

equivalence check

using an SMT solver

symbolic execution

modernized code


code

legacycode

legacycode



100% correctness not a goalIt does not pay offIdentifying errors key





transformation

symbolic execution

equivalence check

using an SMT solver

symbolic execution

modernized code


code

legacycode

legacycode



100% correctness not a goalIt does not pay offIdentifying errors key


What is interesting in SE research according to AW?What is interesting in SE research according to AW?








































Is LEGACY a MISNOMERIs LEGACY a MISNOMERfor SOFTWARE?for SOFTWARE?



Date post:	16-Apr-2017
Category:	Software
Upload:	andrzej-wasowski
View:	378 times
Download:	0 times