International Summer School on Software Engineering @ Free University of Bozen-Bolzano

Alessandra Gorla

Title Understanding the Behavior of Android apps by Means of Static and Dynamic Analyses
Abstract Software engineering researchers suddenly have access to a huge software ecosystem that can be analyzed: Millions of mobile apps on public stores such as the Google Play. How can we analyze such a large amount of information and get something meaningful out of it? This course will give an overview of the most useful static and dynamic analysis techniques for Android apps. Such techniques will help you understand the behavior of an app, and identify, for instance, whether an app may hide some malicious behavior, or whether it fails under specific circumstances. The course will also include hands-on material.

Speaker's Bio Alessandra Gorla received her Bachelor's and Master's degrees in computer science from the University of Milano-Bicocca in Italy. She completed her Ph.D. in informatics at the Universita' della Svizzera Italiana in Lugano, Switzerland in 2011. In her Ph.D. thesis she defined and developed the notion of Automatic Workarounds, a self-healing technique to recover Web applications from field failures, a work for which she received the Fritz Kutter Award for the best industry related Ph.D. thesis in computer science in Switzerland. Before joining IMDEA Software Institute in December 2014 as Assistant Research Professor, she has been a postdoctoral researcher in the software engineering group at Saarland University in Germany. During her postdoc, she has also been a visiting researcher at Google in Mountain View. Alessandra's research interests are in software engineering, and in particular on testing and analysis techniques to improve the reliability and security of software systems. She is also interested in malware detection for mobile applications. See more at her website

Niels Henze

Title Mobile Human Computer Interaction
Abstract The objective of this course is to provide newcomers to Mobile Human-Computer Interaction (Mobile HCI) with an overview of the field. The course will introduce the four grand challenges of Mobile HCI that set this field apart from others and will discuss seven current Mobile HCI research areas that address those challenges.

Speaker's Bio Niels Henze is assistant professor for Socio-Cognitive Systems in the Institute for Visualization and Interactive Systems and the SimTech Cluster for Simulation Technology at the University of Stuttgart. Beforehand he was postdoctoral researcher in the Human-Computer Interaction group at the University of Stuttgart. After receiving a diploma in computer science in 2006, he worked for European research projects at the OFFIS Institute for Information Technology. In 2008, he became a researcher and doctoral student in the Media Informatics and Multimedia Systems group at the University of Oldenburg. He worked for international projects and was responsible for teaching and tutoring. Niels finished his PhD in 2012 with his thesis about Camera-based Mobile Interaction with Physical Objects under the supervision of Prof. Dr. Susanne Boll. Niels’ research interests are mobile human-computer interaction and pervasive computing. Particularly, he is interested in large-scale studies using mobile application stores as a research tool, interlinking physical objects and digital information, and multimodal interfaces. Niels published in scientific journals and competitive conferences. He received awards from CHI, MobileHCI, and Mensch & Computer. He organized several scientific workshops, served as a guest editor for the International Journal on Mobile Human Computer Interaction, and has been a reviewer for the leading conferences and journals in his field. Niels lectures human-computer interaction for several years. He developed and supervised the development of mobile applications to conduct large-scale studies that have been installed more than a million times.

David Lo

Title Protecting Android Apps: Methodologies and Opportunities
Abstract This 3-hours tutorial introduces automated methods to help developers better protect their Android applications against attacks. First, this tutorial presents methods that can automatically detect and repair vulnerabilities by leveraging specially-crafted templates and mining software repositories. The second part of the tutorial introduces methods that can automatically infer permissions for Android apps. Apps often declare more permissions than those that are needed, and malware can leverage these unnecessary permissions to perform malicious actions. The last part describes the line of work of sandbox mining where application behaviours are confined to behaviours observed during automatic testing. Most of this tutorial would be lecture based, but a hands-on session would be included for the second part.

Speaker's Bio David Lo is an Associate Professor in School of Information Systems, Singapore Management University. His research interest lies in the intersection of software engineering, data science, and cybersecurity. Heis serving (or has served) in the steering committee of IEEE/ACM International Conference on Automated Software Engineering (ASE), IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), and IEEE Working Conference on Source Code Analysis and Manipulation (SCAM). He is also in the editorial board of Empirical Software Engineering, Journal of Software: Evolution and Process, Information and Software Technology, Information Systems, and Neurocomputing. For more information, please visit: http://www.mysmu.edu/faculty/davidlo/

Mei Nagappan

Title Trends and Challenges in Software Engineering Research for Mobile Apps
Abstract We have seen tremendous growth in the use of mobile devices over the last few years. This has fueled the development of millions of software applications for these mobile devices often called as ‘apps’. Current estimates indicate that there are hundreds of thousands of mobile app developers. As a result, in recent years, there has been a increasing amount of software engineering research being conducted on mobile apps to help such mobile app developers. In this first half of the day, I will discuss current and future trends within the framework of the various stages in the software development life cycle. I will first present the recent advances done in requirements, design, development, testing, maintenance, and release engineering stages of mobile apps. Then on the second half of the day, I will present the challenges present in current work, followed by the future opportunities and the risks present in pursing such research.

Speaker's Bio Meiyappan (Mei) Nagappan is an Assistant Professor David R. Cheriton School of Computer Science at the University of Waterloo. Previously he was an Assistant Professor at the Software Engineering department of Rochester Institute of Technology and a postdoctoral fellow in the Software Analysis and Intelligence Lab (SAIL) at Queen’s University, Canada. His research is centered around the use of large-scale Software Engineering (SE) data to address the concerns of the various stakeholders (e.g., developers, operators, and managers). He received a Ph.D. in computer science from North Carolina State University. Dr. Nagappan has published in various top SE venues such as TSE, FSE, EMSE, JSS and IEEE Software. He has also received best paper awards at the International Working Conference on Mining Software Repositories (MSR ’12, ’15). He is currently the editor of the IEEE Software Blog, Information Director of the TSE journal, and a member of the MSR steering committee. He continues to collaborate with both industrial and academic researchers from the US, Canada, Japan, Germany, Chile, and India. You can find more at mei-nagappan.com.

Michael Mairegger

Title Platform Development for Mobile Devices with Xamarin.Forms
Abstract To ensure a wide-spread use, companies often want to provide their app on as many platforms as possible. Unfortunately, developing and maintaining an app on many platforms can be very costly: one has to design, program, and maintain each app separately. Moreover, programmers often specialize on a specific platform so that often more programmers are needed to cover more platforms. The aim of Xamarin is to tackle this problem: the idea of Xamarin.Forms is to provide a platform where .NET programmers can write apps in C# and the final app is then ported to Android, iOS, Mac, UWP, and WPF. With such a platform the developer is able to write code once and run it almost everywhere. In this tutorial, we will create a small sample app running on each of the above listed devices and see how to use some platform dependent features.

Speaker's Bio Michael Mairegger is a freelance Software Engineer and Research Assistant at the Free University of Bolzano. He received a M.Sc. degree in Computer Science at the Free University of Bolzano in 2016. He is developing software mainly on the .NET platform. In his spare time he is a very passionate sports climber and hiker.

Fabio Palomba

Title Managing Source Code Quality in Mobile Apps
Abstract In recent years, software development and release planning activities shifted from a traditional paradigm, in which a software system is periodically released following a road map, towards a paradigm in which continuous releases become available for upgrade with a cadence of few weeks, if not days. The distribution of updates through app online stores (e.g., Google Play) is accompanied by a mechanism that allows users to rate releases using scores (i.e., star ratings) and text reviews. The way an app is rated can tremeudously affect the commercial success of an app and, for this reason, developers are somehow enforced to deliver high quality apps to users.
This three-hours tutorial will introduce mining software repository-based automated methods to support developers when (i) monitoring the users' reactions so that they can take informed decisions on how to improve the quality of their apps and (ii) detecting portions of source code more likely to contain issues (e.g., performance-related problems) that might negatively affect end-user rates. Most of this tutorial will be lecture-based, but a hands-on session will be included for the second part.

Speaker's Bio Fabio is a Senior Research Associate at the University of Zurich, Switzerland. He received the European PhD degree in Management & Information Technology from the University of Salerno, Italy, in 2017. His research interests include software maintenance and evolution, empirical software engineering, source code quality, change and defect prediction, green mining and mining software repositories. On these topics, he has published 45+ papers appeared in international software engineering conferences and journals.
He was also the recipient of two ACM/SIGSOFT and one IEEE/TCSE Distinguished Paper Awards at ASE'13, ICSE'15, and ICSME'17, respectively. He serves and has served as a program committee member of various international conferences (e.g., MSR, ICPC, ICSME), and as referee for various international journals (e.g., TSE, TOSEM, JSS) in the fields of software engineering. Since 2016 he is Review Board Member for EMSE, and he was the recipient of a Distinguished Reviewer Award for his reviewing activities conducted for the journal in 2017.
He co-organized the 2nd International Workshop on Machine Learning Techniques for Software Quality Evaluation (MaLTeSQuE 2018), and he is currently organizing the International Workshop on Architecture-Based Continuity in DevOps (ABCD 2018). He is also Guest Editor of special issues related to his research interests that will appear in EMSE and JSEP.