Dr Kelly Blincoe has been awarded a Marsden Fast-Start grant. These grants support early career researchers in New Zealand. This grant will enable Kelly to investigate methods to enable automated updates of software dependencies. She will be recruiting a PhD student to work with her on this project. A full abstract of the awarded proposal is below. Please contact Kelly if you are interested in joining this project.
Marsden grants are New Zealand’s most prestigious research awards, and they are very competitive. In 2020, the success rate was 13.3% for these awards. Congratulations, Kelly!
Research abstract: Most modern software systems are built on existing software components, such as packages, libraries, or modules. This results in a dependency on that component. When critical issues (e.g. security vulnerabilities) are discovered and fixed in a software component, the dependent software systems should include these fixes by updating to the latest version. However, changes in a software component can cause critical failures in the dependent software if the new version includes breaking changes. Each software system that depends on the component will need to update their code to accommodate these breaking changes, making it difficult to automate the update process.
We will perform a detailed study of the fixes made in response to these breaking changes. We will create a comprehensive taxonomy of the types of breaking changes and identify the types of fixes needed for each breaking change type through detailed manual analysis and by applying pattern mining techniques to the code changes. Using this knowledge, we will develop methods to automatically fix these software failures to allow automated updates, enabling secure and optimised software. Nearly all software depends on out-dated components with known vulnerabilities, so this research has wide impact for the software industry and for software users.