CONTEXT: Automated static analysis (ASA) identifies potential source code anomalies early
in the software development lifecycle that could lead to field failures. Excessive alert …

The use of automatic static analysis has been a software engineering best practice for
decades. However, we still do not know a lot about its use in real-world software projects …

CONTEXT: Quality assurance effort, especially testing effort, is often a major cost factor
during software development, which sometimes consumes more than 50% of the overall …

This book has been a much longer process than I would have ever anticipated. The original
idea was to integrate and combine the research on software product quality control with my …

Benchmarks provide an experimental basis for evaluating software engineering processes
or techniques in an objective and repeatable manner. We present the FAULTBENCH v0. 1 …

Testing and fault localization are very expensive software engineering tasks that have been
tried to be automated. Although many successful techniques have been designed, the actual …

Static analysis tools such as bug pattern tools are useful to detect bugs early in software
development. However, existing tools sometimes yield so many warnings that developers …

In recent years, query-based static application security testing (Q-SAST) tools such as
CodeQL have gained popularity due to their ability to codify vulnerability knowledge into …

Over time, software systems suffer gradual quality decay and therefore costs can rise if
organizations fail to take proactive countermeasures. Quality control is the first step to …

In this paper, we propose a defect prediction approach centered on more robust evidences
towards causality between source code metrics (as predictors) and the occurrence of …