| WATTANAKRIENGKRAI SUPATSARA | M, 1回目発表 | ソフトウェア工学 | 松本 健一, | 飯田 元, | 石尾 隆, | 畑 秀明, | Kula Raula Gaikovina |
|
title: Traceability of Linkage Between Academic Papers and Software
abstract: Traceability between published scientific breakthroughs and their implementation is essential, especially in the case of open source software that implements bleeding edge science into its code. However, aligning the links between GitHub repositories and academic papers can prove difficult, and the impact of such links remains unknown. In this study, I investigate the role of academic paper references contained in these repositories. I conducted a large-scale study of around 20 thousand GitHub repositories to establish prevalence of references to academic papers, and I use a mixed-methods approach to identify open access, traceability and evolutionary aspects of the links. Although referencing an academic paper is not typical, the study finds that a vast majority of academic papers that are referenced from repositories are open-access. In terms of traceability, my analysis of these links revealed that machine learning is the most prevalent topic of repositories linking to academic papers, and that these repositories tend to be affiliated with academic communities (i.e., universities). More than half of the papers do not link back to any repository. In a case study of referenced arXiv papers, I find that most of these papers do align with academia and are high-impact and influential papers, referenced by repositories written in different programming languages. From the evolutionary aspect, I found very few changes of the papers being referenced and the links to them.
language of the presentation: English | |||||||
| CHINTHANET BODIN | D, 中間発表 | ソフトウェア工学 | 松本 健一, | 飯田 元, | 石尾 隆, | Raula G. Kula | |
|
Title: Mitigate The Risk from Security Vulnerabilities in npm JavaScript Ecosystem
Abstract: Security vulnerabilities in third-party dependencies are a growing concern not only for developers of the affected software, but for the risks it poses to an entire software ecosystem e.g., Heartbleed vulnerability. Recent studies show that developers are slow to respond to the threat of vulnerability, sometimes taking four to eleven months to act. To help developers mitigate the risk from vulnerabilities faster and easier, I conducted these two studies: (1) empirical investigation to identify lags of vulnerability fixes and (2) code-based vulnerability detection. I focused on the packages available on npm JavaScript ecosystem since it is one of the most popular ecosystems in the world. In the first study, I conduct an empirical investigation to identify lags that may occur between the vulnerable release and its fixing release (fixing release update). Through a preliminary study of 131 fixing releases of npm projects on GitHub, I observe that a fixing release is rarely released on their own, with up to 92.86% of the bundled commits being unrelated to a fix. I then compare the fixing release update with changes on the client-side (client-side fixing release update). Through an empirical study of the adoption and propagation tendencies of 188 fixing releases that impact throughout a network of 882,222 npm packages, we find that stale clients require additional migration effort, even if the fixing release was quick (i.e., patch landing). Furthermore, I find that factors such as the branch that the fixing release lands on and the severity of the vulnerability influences its propagation. In the second study, I propose and implement the extension of the industry-graded code-based vulnerability detection tool in Node.js application. I also list the experience and challenges of this project. Language of the presentation: English | |||||||
| THONGLEK KUNDJANASITH | M, 2回目発表 | ソフトウェア設計学 | 飯田 元, | 藤川 和利, | 市川 昊平, | 高橋 慧智 | |
|
Title: A Long Short-Term Memory Model for Efficient Resource Utilization in Data Centers
Abstract: Data centers are centralized facilities where computing and networking hardware are aggregated to handle large amounts of data and computation. In a data center, computing resources such as CPU and memory are usually managed by a resource manager. The resource manager accepts resource requests from users and allocates resources to their applications. A commonly known problem in resource management is that users often request more resources than their applications actually use. This leads to the degradation of overall resource utilization in a data center. This paper aims to improve resource utilization in data centers by predicting the required resource for each application. We designed and implemented a neural network model based on Long Short-Term Memory (LSTM) to predict more efficient resource allocation for a job based on historical data. Our model has two LSTM layers each of which learns the relationship between: (1) allocation and usage, and (2) CPU and memory. We used Googles cluster-usage trace, which contains a trace of resource allocation and usage for each job executed on a Google data center, to train our neural network. Googles cluster scheduler simulator was used to evaluate our proposed method. Our simulation indicated that the proposed method improved the CPU utilization and memory utilization by 10.71% and 47.36%, respectively, compared to a conventional resource manager. Moreover, we discovered that increasing the memory cell size of our LSTM model improves the accuracy of the prediction in return for longer training time. Language of the presentation: English | |||||||
| KUO CHENG-YU | M, 2回目発表 | 知能システム制御 | 杉本 謙二☆, | 小笠原 司, | 松原 崇充 | ||
|
title: Contact-rich Manipulation Skill Acquisition. A Model-based Reinforcement Learning and Model Predictive Control Approach
abstract: The combination of model-based reinforcement learning (MBRL) and probabilistic model predictive control (MPC) presents a data-efficient scheme and allows robots to learn skills from trial and error. However, while applying these method on real robot, learning a contact-rich manipulation skill is challenging due to following concerns: 1) Despite data-efficient nature, probabilistic MPC is computation inefficient. Slow MPC planning may result impractical on real robot application. And 2) the learning process of exploring contacts may cause damage to the surroundings and robot itself. We had addressed the first concerns in Colloquium B1 and for this presentation we will mainly focus on improving the safety of the learning process with a proposed “model-uncertainty aware safe exploration” scheme. language of the presentation: English | |||||||