On the code quality of Android apps
Android is nowadays the most popular operating system in the world, not only in the realm of mobile devices, but also when considering desktop and laptop computers. The wide and rapid adoption of Android-based devices has motivated the usage of Android apps to support a broad range of daily activiti...
- Autores:
-
Mazuera Rozo, Alejandro
- Tipo de recurso:
- Doctoral thesis
- Fecha de publicación:
- 2022
- Institución:
- Universidad de los Andes
- Repositorio:
- Séneca: repositorio Uniandes
- Idioma:
- eng
- OAI Identifier:
- oai:repositorio.uniandes.edu.co:1992/60121
- Acceso en línea:
- http://hdl.handle.net/1992/60121
- Palabra clave:
- Android
Code quality
Software quality
Empirical software engineering
Ingeniería
- Rights
- openAccess
- License
- Attribution-NonCommercial-NoDerivatives 4.0 Internacional
Summary: | Android is nowadays the most popular operating system in the world, not only in the realm of mobile devices, but also when considering desktop and laptop computers. The wide and rapid adoption of Android-based devices has motivated the usage of Android apps to support a broad range of daily activities. This also resulted in a highly competitive market for developers, who must meet time-to-market constraints while still pursuing internal (e.g., high-quality code) and external (e.g., compelling features) quality for their apps. This translates in the need for improving developers' productivity, supporting them in development and maintenance activities. In our research, we aim at designing techniques and tools supporting Android developers in identifying code quality issues. First, we run empirical studies aimed at analyzing quality issues affecting the Android ecosystem (i.e., operating system and apps) by focusing on: (i) software vulnerabilities, meaning flaws in the software that could be exploited to violate its security policy, thus eventually causing a disruption of the confidentiality, integrity, or availability of the system in question; (ii) performance bugs, namely issues concerning suboptimal implementation choices that can negatively impact indicators such as resource utilization; and (iii) connectivity issues, particularly in contexts in which the quality of a mobile app, as perceived by users, can be negatively impacted in case of unreliable connections, and offline-first practices are not properly implemented. The empirical knowledge acquired in these investigations can be exploited to build tools able to identify code quality issues widely spread in the Android ecosystem. This led us to the building of two tools named OPIA and CONAN. The former exploits dynamic analysis to identify leaks of sensitive information in mobile apps. The latter is the first approach in the literature able to automatically identify connectivity issues affecting mobile apps. |
---|