research-article

Automatic Workarounds: Exploiting the Intrinsic Redundancy of Web Applications

Authors:
Antonio Carzaniga

University of Lugano, Switzerland

University of Lugano, Switzerland
View Profile

,
Alessandra Gorla

IMDEA Software Institute, Spain

IMDEA Software Institute, Spain
View Profile

,
Nicolò Perino

University of Lugano, Switzerland

University of Lugano, Switzerland
View Profile

,
Mauro Pezzè

University of Lugano, Switzerland and University of Milano-bicocca, italy

University of Lugano, Switzerland and University of Milano-bicocca, italy
View Profile

ACM Transactions on Software Engineering and Methodology Volume 24 Issue 3Article No.: 16pp 1–42https://doi.org/10.1145/2755970

Published:13 May 2015Publication History

ACM Transactions on Software Engineering and Methodology

Abstract

Despite the best intentions, the competence, and the rigorous methods of designers and developers, software is often delivered and deployed with faults. To cope with imperfect software, researchers have proposed the concept of self-healing for software systems. The ambitious goal is to create software systems capable of detecting and responding “autonomically” to functional failures, or perhaps even preempting such failures, to maintain a correct functionality, possibly with acceptable degradation. We believe that self-healing can only be an expression of some form of redundancy, meaning that, to automatically fix a faulty behavior, the correct behavior must be already present somewhere, in some form, within the software system either explicitly or implicitly. One approach is to deliberately design and develop redundant systems, and in fact this kind of deliberate redundancy is the essential ingredient of many fault tolerance techniques. However, this type of redundancy is also generally expensive and does not always satisfy the time and cost constraints of many software projects.

With this article we take a different approach. We observe that modern software systems naturally acquire another type of redundancy that is not introduced deliberately but rather arises intrinsically as a by-product of modern modular software design. We formulate this notion of intrinsic redundancy and we propose a technique to exploit it to achieve some level of self-healing. We first demonstrate that software systems are indeed intrinsically redundant. Then we develop a way to express and exploit this redundancy to tolerate faults with automatic workarounds. In essence, a workaround amounts to replacing some failing operations with alternative operations that are semantically equivalent in their intended effect, but that execute different code and ultimately avoid the failure. The technique we propose finds such workarounds automatically. We develop this technique in the context of Web applications. In particular, we implement this technique within a browser extension, which we then use in an evaluation with several known faults and failures of three popular Web libraries. The evaluation demonstrates that automatic workarounds are effective: out of the nearly 150 real faults we analyzed, 100 could be overcome with automatic workarounds, and half of these workarounds found automatically were not publicly known before.

References

P. E. Ammann and J. C. Knight. 1988. Data diversity: An approach to software fault tolerance. IEEE Trans. Comput. 37, 4, 418--425. Google ScholarDigital Library
A. Arcuri and X. Yao. 2008. A novel co-evolutionary approach to automatic software bug fixing. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC'08).Google Scholar
A. Avizienis. 1985. The N-version approach to fault-tolerant software. IEEE Trans. Software Eng. 11, 12, 1491--1501. Google ScholarDigital Library
L. Baresi and S. Guinea. 2011. Self-supervising BPEL processes. IEEE Trans. Software Eng. 37, 2, 247--263. Google ScholarDigital Library
I. Baxter, A. Yahin, L. Moura, M. Sant'anna, and L. Bier. 1998. Clone detection using abstract syntax trees. In Proceedings of the International Conference on Software Maintenance. 368--377. Google ScholarDigital Library
S. S. Brilliant, J. C. Knight, and N. G. Leveson. 1990. Analysis of faults in an N-version software experiment. IEEE Trans. Software Eng. 16, 2, 238--247. Google ScholarDigital Library
B. Cabral and P. Marques. 2011. A transactional model for automatic exception handling. Computer Lang. Syst. Structures 37, 43--61. Google ScholarDigital Library
G. Candea, E. Kiciman, S. Zhang, P. Keyani, and A. Fox. 2003. JAGR: An autonomous selfrecovering application server. In Active Middleware Services, IEEE, 168--178.Google Scholar
A. Carzaniga, A. Gorla, A. Mattavelli, N. Perino, and M. Pezzè. 2013. Automatic recovery from runtime failures. In Proceedings of the 2013 International Conference on Software Engineering. IEEE 782--791. Google ScholarDigital Library
A. Carzaniga, A. Gorla, N. Perino, and M. Pezzè. 2010a. Automatic workarounds for web applications. In Proceedings of the Foundations of Software Engineering Conference (FSE'10). ACM, New York, 237--246. Google ScholarDigital Library
A. Carzaniga, A. Gorla, N. Perino, and M. Pezzè. 2010b. RAW: runtime automatic workarounds. In Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering (ICSE'10). ACM, New York, 321--322. Google ScholarDigital Library
A. Carzaniga, A. Gorla, and M. Pezzè. 2008. Healing Web applications through automatic workarounds. Int. J. Softw. Tools Technol. Transfer 10, 6, 493--502. Google ScholarDigital Library
A. Carzaniga, A. Gorla, and M. Pezzè. 2009. Handling software faults with redundancy. In Architecting Dependable Systems VI, R. de Lemos, J.-C. Fabre, C. Gacek, F. Gadducci, and M. H. ter Beek, Eds., Springer, 148--171. Google ScholarDigital Library
H. Chang, L. Mariani, and M. Pezzè. 2013. Exception handlers for healing component-based systems. ACM Trans. Softw. Engin. Methodol. 22, 4, 30:1--30:40. Google ScholarDigital Library
F. Cristian. 1982. Exception handling and software fault tolerance. IEEE Trans. Comput. 31, 531--540. Google ScholarDigital Library
V. Dallmeier, C. Lindig, A. Wasylkowski, and A. Zeller. 2006. Mining object behavior with adabu. In Proceedings of the International Workshop on Dynamic Systems Analysis (WODA'06). ACM, New York, 17--24. Google ScholarDigital Library
V. Dallmeier, A. Zeller, and B. Meyer. 2009. Generating fixes from object behavior anomalies. In Proceedings of the 24th IEEE/ACM International Conference on Automated Software Engineering. Google ScholarDigital Library
V. Debroy and W. E. Wong. 2010. Using mutation to automatically suggest fixes for faulty programs. In Proceedings of the Third International Conference on Software Testing, Verification and Validation (ICST'10). IEEE, 65--74. Google ScholarDigital Library
G. Denaro, M. Pezzè, and D. Tosi. 2013. Test-and-adapt: An approach for improving service interchangeability. ACM Trans. Softw. Engin. Methodol. 22, 4, 28:1--28:43. Google ScholarDigital Library
G. Dobson. 2006. Using WS-BPEL to implement software fault tolerance for Web services. In Proceedings of the 32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06). IEEE, 126--133. Google ScholarDigital Library
A. El Abbadi, D. Skeen, and F. Cristian. 1985. An efficient, fault-tolerant protocol for replicated data management. In Proceedings of the 4th ACM SIGACT-SIGMOD Symposium on Principles of Database Systems (PODS'85). ACM, New York, 215--229. Google ScholarDigital Library
M. Elnozahy, L. Alvisi, Y.-M. Wang, and D. B. Johnson. 2002. A survey of rollback-recovery protocols in message-passing systems. ACM Comput. Surv. 34, 3, 375--408. Google ScholarDigital Library
G. Friedrich, M. Fugini, E. Mussi, B. Pernici, and G. Tagni. 2010. Exception handling for repair in service-based processes. IEEE Trans. Software Eng. 36, 2, 198--215. Google ScholarDigital Library
M. Gabel, L. Jiang, and Z. Su. 2008. Scalable detection of semantic clones. In Proceedings of the 30th International Conference on Software Engineering (ICSE'08). ACM, New York, 321--330. Google ScholarDigital Library
S. Garg, Y. Huang, C. Kintala, and K. S. Trivedi. 1996. Minimizing completion time of a program by checkpointing and rejuvenation. SIGMETRICS Performance Evaluation Rev. 24, 1, 252--261. Google ScholarDigital Library
B. J. Garvin, M. B. Cohen, and M. B. Dwyer. 2011. Using feature locality: Can we leverage history to avoid failures during reconfiguration&quest; In Proceedings of the 8th Workshop on Assurances for Self-Adaptive Systems (ASAS'11). ACM, New York, 24--33. Google ScholarDigital Library
I. Gashi, P. Popov, V. Stankovic, and L. Strigini. 2004. On designing dependable services with diverse off-the-shelf SQL servers. In Architecting Dependable Systems II. Lecture Notes in Computer Science Series, vol. 3069, Springer, 191--214.Google ScholarCross Ref
A. Goffi, A. Gorla, A. Mattavelli, M. Pezzè, and P. Tonella. 2014. Search-based synthesis of equivalent method sequences. In Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE'14). ACM, New York, 366--376. Google ScholarDigital Library
J. B. Goodenough. 1975. Exception handling: issues and a proposed notation. Commun. ACM 18, 12, 683--696. Google ScholarDigital Library
A. Guha, C. Saftoiu, and S. Krishnamurthi. 2010. The essence of javascript. In Proceedings of the 24th European Conference on Object-Oriented Programming (ECOOP'10). Springer, 126--150. Google ScholarDigital Library
D. Harmanci, V. Gramoli, and P. Felber. 2011. Atomic boxes: Coordinated exception handling with transactional memory. In Proceedings of the 25th European Conference on Object-oriented Programming (ECOOP'11). Springer, 634--657. Google ScholarDigital Library
L. Hatton. 1997. N-version design versus one good version. IEEE Softw. 14, 6, 71--76. Google ScholarDigital Library
P. Hosek and C. Cadar. 2013. Safe software updates via multi-version execution. In Proceedings of the 35th International Conference on Software Engineering (ICSE'13). 612--621. Google ScholarDigital Library
Y. Huang, C. Kintala, N. Kolettis, and N. D. Fulton. 1995. Software rejuvenation: Analysis, module and applications. In Proceedings of the 25th International Symposium on Fault-Tolerant Computing (FTCS'95). IEEE, 381. Google ScholarDigital Library
L. Jiang and Z. Su. 2009. Automatic mining of functionally equivalent code fragments via random testing. In Proceedings of the 18th International Symposium on Software Testing and Analysis. 81--92. Google ScholarDigital Library
D. Kim, J. Nam, J. Song, and S. Kim. 2013. Automatic patch generation learned from human-written patches. In Proceedings of the 2013 International Conference on Software Engineering (ICSE'13). IEEE, 802--811. Google ScholarDigital Library
J. C. Knight and N. G. Leveson. 1986. An experimental evaluation of the assumption of independence in multiversion programming. IEEE Trans. Software Eng. 12, 96--109. Google ScholarDigital Library
B. Křena, Z. Letko, Y. Nir-Buchbinder, R. Tzoref-Brill, S. Ur, and T. Vojnar. 2009. A concurrency testing tool and its plug-ins for dynamic analysis and runtime healing. In Runtime Verification, S. Bensalem and D. A. Peled, Eds., Springer, 101--114. Google ScholarDigital Library
C. Liu, J. Yang, L. Tan, and M. Hafiz. 2013. R2fix: Automatically generating bug fixes from bug reports. In Proceedings of the International Conference on Software Testing, Verification and Validation (ICST'13). IEEE, 282--291. Google ScholarDigital Library
F. Long, V. Ganesh, M. Carbin, S. Sidiroglou, and M. Rinard. 2012. Automatic input rectification. In Proceedings of the 34th International Conference on Software Engineering (ICSE'12). 80--90. Google ScholarDigital Library
N. Looker, M. Munro, and J. Xu. 2005. Increasing Web service dependability through consensus voting. In Proceedings of the 29th Annual International Computer Software and Applications Conference (COMPSAC'05). Vol. 2, IEEE, 66--69. Google ScholarDigital Library
D. Lorenzoli, L. Mariani, and M. Pezzè. 2008. Automatic generation of software behavioral models. In Proceedings of the 30th International Conference on Software Engineering (ICSE'08). ACM, New York, 501--510. Google ScholarDigital Library
S. Modafferi, E. Mussi, and B. Pernici. 2006. SH-BPEL: A self-healing plug-in for WS-BPEL engines. In Proceedings of the 1st Workshop on Middleware for Service Oriented Computing (MW4SOC'06). ACM, New York, 48--53. Google ScholarDigital Library
A. Mosincat and W. Binder. 2008. Transparent runtime adaptability for BPEL processes. In Proceedings of the 6th International Conference on Service Oriented Computing (ICSOC'08). A. Bouguettaya, I. Krüger, and T. Margaria, Eds., Lecture Notes in Computer Science Series, vol. 5364, 241--255. Google ScholarDigital Library
A. S. Nascimento, C. M. F. Rubira, R. Burrows, and F. Castor. 2013. A systematic review of design diversity-based solutions for fault-tolerant soas. In Proceedings of the 17th International Conference on Evaluation and Assessment in Software Engineering (EASE'13). ACM, New York, 107--118. Google ScholarDigital Library
H. D. T. Nguyen, D. Qi, houdhury, A. Roy, and S. Chandra. 2013. Semfix: Program repair via semantic analysis. In Proceedings of the International Conference on Software Engineering (ICSE'13). IEEE, 772--781. Google ScholarDigital Library
A. Nguyen-Tuong, D. Evans, J. C. Knight, B. Cox, and J. W. Davidson. 2008. Security through redundant data diversity. In Proceedings of the IEEE International Conference on Dependable Systems and Networks (DSN'08). 187--196.Google Scholar
Y. Nir-Buchbinder, R. Tzoref, and S. Ur. 2008. Deadlocks: From exhibiting to healing. In Runtime Verification, M. Leucker, Ed., Springer, 104--118. Google ScholarDigital Library
M. Nita and D. Notkin. 2010. Using twinning to adapt programs to alternative apis. In Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering (ICSE'10). 205--214. Google ScholarDigital Library
D. A. Patterson, G. Gibson, and R. H. Katz. 1988. A case for redundant arrays of inexpensive disks (RAID). SIGMOD Record 17, 3, 109--116. Google ScholarDigital Library
J. H. Perkins, S. Kim, S. Larsen, et al. 2009. Automatically patching errors in deployed software. In Proceedings of the 22nd Symposium on Operating Systems Principles. 87--102. Google ScholarDigital Library
P. Popov, S. Riddle, A. Romanovsky, and L. Strigini. 2001. On systematic design of protectors for employing OTS items. In Proceedings of the 27th Euromicro Conference (Euromicro'01). 22--29.Google Scholar
F. Qin, J. Tucek, Y. Zhou, and J. Sundaresan. 2007. Rx: Treating bugs as allergies—a safe method to survive software failures. ACM Trans. Comput. Syst. 25, 3, 7. Google ScholarDigital Library
B. Randell. 1975. System structure for software fault tolerance. In Proceedings of the International Conference on Reliable Software. ACM, New York, 437--449. Google ScholarDigital Library
S. M. Sadjadi and P. K. Mckinley. 2005. Using transparent shaping and Web services to support self-management of composite systems. In Proceedings of the 2nd International Conference on Automatic Computing (ICAC'05). IEEE, 76--87. Google ScholarDigital Library
H. Samimi, E. D. Aung, and T. Millstein. 2010. Falling back on executable specifications. In Proceedings of the 24th European Conference on Object-Oriented Programming (ECOOP'10). 552--576. Google ScholarDigital Library
S. Subramanian, P. Thiran, N. C. Narendra, G. K. Mostefaoui, and Z. Maamar. 2008. On the enhancement of BPEL engines for self-healing composite Web services. In Proceedings of the International Symposium on Applications and the Internet (SAINT'08). IEEE, 33--39. Google ScholarDigital Library
Y. Taher, D. Benslimane, M.-C. Fauvet, and Z. Maamar. 2006. Towards an approach for Web services substitution. In Proceedings of the 10th International Database Engineering and Applications Symposium (IDEAS'06). IEEE, 166--173. Google ScholarDigital Library
Y. Wei, Y. Pei, C. A. Furia, L. S. Silva, S. Buchholz, B. Meyer, and A. Zeller. 2010. Automated fixing of programs with contracts. In Proceedings of the 19th International Symposium on Software Testing and Analysis (ISSTA'10). ACM, New York, 61--72. Google ScholarDigital Library
W. Weimer, T. Nguyen, C. L. Goues, and S. Forrest. 2009. Automatically finding patches using genetic programming. In Proceedings of the 31st International Conference on Software Engineering (ICSE'09). 364--374. Google ScholarDigital Library
S. S. Yau and R. C. Cheung. 1975. Design of self-checking software. In Proceedings of the International Conference on Reliable Software. ACM, New York, 450--455. Google ScholarDigital Library
R. Zhang. 2007. Modeling autonomic recovery in Web services with multi-tier reboots. In Proceedings of the IEEE International Conference on Web Services (ICWS'07).Google ScholarCross Ref
S. Zhang, D. Saff, Y. Bu, and M. D. Ernst. 2011. Combined static and dynamic automated test generation. In Proceedings of the International Symposium on Software Testing and Analysis (ISSTA'11). ACM, New York, 353--363. Google ScholarDigital Library

Index Terms

Automatic Workarounds: Exploiting the Intrinsic Redundancy of Web Applications
1. Software and its engineering
  1. Software creation and management
    1. Software development techniques
      1. Error handling and recovery
  2. Software notations and tools
    1. Software libraries and repositories

Recommendations

Automatic workarounds for web applications
FSE '10: Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering

We present a technique that finds and executes workarounds for faulty Web applications automatically and at runtime. Automatic workarounds exploit the inherent redundancy of Web applications, whereby a functionality of the application can be obtained ...
Read More
SpyREST in action: an automated RESTful API documentation tool
ASE '15: Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering

RESTful APIs are often manually documented. As a result, the process of maintaining the documentation of RESTful APIs is both expensive and error-prone. In this demonstration paper, we present SpyREST as an automated software as a service tool that can ...
Read More
SpyREST: automated RESTful API documentation using an HTTP proxy server
ASE '15: Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering

RESTful API documentation is expensive to produce and maintain due to the lack of reusable tools and automated solutions. Most RESTful APIs are documented manually and the API developers are responsible for keeping the documentation up to date as the ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Software Engineering and Methodology Volume 24, Issue 3
May 2015
293 pages
ISSN:1049-331X
EISSN:1557-7392
DOI:10.1145/2776776
Editor:
David S. Rosenblum
National University of Singapore, Singapore
Issue’s Table of Contents
Copyright © 2015 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 May 2015
- Accepted: 1 January 2015
- Revised: 1 July 2014
- Received: 1 December 2013
Published in tosem Volume 24, Issue 3

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Automatic workarounds
Web API
Web applications
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 16
  Total Citations
  View Citations
- 494
  Total Downloads
- Downloads (Last 12 months)12
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Automatic Workarounds: Exploiting the Intrinsic Redundancy of Web Applications

ACM Transactions on Software Engineering and Methodology

Abstract

References

Cited By

Index Terms

Recommendations

Automatic workarounds for web applications

SpyREST in action: an automated RESTful API documentation tool

SpyREST: automated RESTful API documentation using an HTTP proxy server