On the code quality of Android apps

Android is nowadays the most popular operating system in the world, not only in the realm of mobile devices, but also when considering desktop and laptop computers. The wide and rapid adoption of Android-based devices has motivated the usage of Android apps to support a broad range of daily activiti...

Full description

Autores:
Mazuera Rozo, Alejandro
Tipo de recurso:
Doctoral thesis
Fecha de publicación:
2022
Institución:
Universidad de los Andes
Repositorio:
Séneca: repositorio Uniandes
Idioma:
eng
OAI Identifier:
oai:repositorio.uniandes.edu.co:1992/60121
Acceso en línea:
http://hdl.handle.net/1992/60121
Palabra clave:
Android
Code quality
Software quality
Empirical software engineering
Ingeniería
Rights
openAccess
License
Attribution-NonCommercial-NoDerivatives 4.0 Internacional
Description
Summary:Android is nowadays the most popular operating system in the world, not only in the realm of mobile devices, but also when considering desktop and laptop computers. The wide and rapid adoption of Android-based devices has motivated the usage of Android apps to support a broad range of daily activities. This also resulted in a highly competitive market for developers, who must meet time-to-market constraints while still pursuing internal (e.g., high-quality code) and external (e.g., compelling features) quality for their apps. This translates in the need for improving developers' productivity, supporting them in development and maintenance activities. In our research, we aim at designing techniques and tools supporting Android developers in identifying code quality issues. First, we run empirical studies aimed at analyzing quality issues affecting the Android ecosystem (i.e., operating system and apps) by focusing on: (i) software vulnerabilities, meaning flaws in the software that could be exploited to violate its security policy, thus eventually causing a disruption of the confidentiality, integrity, or availability of the system in question; (ii) performance bugs, namely issues concerning suboptimal implementation choices that can negatively impact indicators such as resource utilization; and (iii) connectivity issues, particularly in contexts in which the quality of a mobile app, as perceived by users, can be negatively impacted in case of unreliable connections, and offline-first practices are not properly implemented. The empirical knowledge acquired in these investigations can be exploited to build tools able to identify code quality issues widely spread in the Android ecosystem. This led us to the building of two tools named OPIA and CONAN. The former exploits dynamic analysis to identify leaks of sensitive information in mobile apps. The latter is the first approach in the literature able to automatically identify connectivity issues affecting mobile apps.