Wiley: Software: Practice and Experience: Table of Contents

Issue Information

Fri, 05 Jun 2026 00:32:58 -0700

Software: Practice and Experience, Volume 56, Issue 7, Page 821-822, July 2026.

Research on Blockchain for Adapting to Node Dynamics in Internet of Things

Sibo Zhao, Yanran Wu, Zhizhe Xiong, Daquan Yang, Konglin Zhu — Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Background

Blockchain, as a decentralized and distributed ledger, shows significant application potential and commercial value in the Internet of Things (IoT). However, the dynamicity of IoT nodes introduces significant challenges to traditional blockchain systems. Specifically, in dynamic environments involving node joins/leaves, mobility, and state changes, traditional solutions often suffer from poor security, significant consensus latency, and severe storage overhead. Although blockchain for IoT has been extensively surveyed, prior reviews fail to provide a comprehensive evaluation because the existing literature considers security, consensus, and scalability only as separate issues, while overlooking node dynamics as a fundamental dimension.

Objective

This paper aims to provide a systematic investigation of blockchain adaptation to node dynamics in IoT and to establish a comprehensive evaluation perspective for analyzing the impacts of node dynamics on security, consensus, and scalability.

Methods

To this end, this paper systematically investigates these challenges through three contributions. Firstly, a unified taxonomy of node dynamics is proposed to analyze the impacts on security, consensus, and scalability. Secondly, it synthesizes representative solutions across trust evaluation, consensus algorithms, and scalability techniques. Thirdly, it introduces a three-dimensional evaluation approach to comprehensively analyze these solutions in terms of performance, security, and adaptability.

Results

The evaluation results illuminate a clear trade-off among these three dimensions, demonstrating that improving only one aspect often degrades the overall system balance in dynamic environments.

Conclusion

Finally, this paper introduces critical research limitations and future research directions to provide practical suggestions for effectively deploying blockchain in highly dynamic IoT environments.

A Systematic Review on Code Smell Detection Approaches in Open Source Projects

Sawsan Alodibat, Mohammad Azzeh — Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Background

Code smells are an indicator that something is misplaced in software systems, which can reduce maintainability and quality of software applications. In the literature, there is much research about code smells where numerous strategies for automating code smell detection have been developed to improve software quality.

Objective

The purpose of this work is to provide a review of search-based, heuristic-based, machine learning-based, deep learning-based, and hybrid-based code smell detection algorithms.

Method

Concerning the main goals of this research, we have found 38 primary studies. We gathered relevant studies published on this topic between 2017 and 2024. These articles' data were extracted according to some criteria, including code smells, machine learning methods, programming languages, dataset size, evaluation strategy, and statistical tests.

Results

Machine learning-based code smell detection methods have been suggested in most empirical investigations. We found that machine learning and deep learning are the most popular approaches for predicting code smells. Researchers typically employ support vector machine and decision tree algorithms. The Arcelli Fontana and Zanoni benchmark dataset was the most frequently investigated dataset. Most of the research community's attention has been focused on a small number of smells, including blob, feature envy, long method, and data class. Researchers also pay more attention to code smells like Long Method and Feature Envy. Deep learning techniques are increasingly used, and most scientists utilize source code metrics as indicators. The standard performance measurements mostly used are F-measure, recall, and precision.

Conclusions

The study provides an overview of existing approaches and highlights current research trends in code smell detection, particularly the increasing use of machine learning and deep learning techniques.

Visualisation and Automated Formal Verification of TOSCA Workflows

Ouadie Khebbeb, Philippe Merle, Gwen Salaün — Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Background

Topology and Orchestration Specification for Cloud Applications (TOSCA) is a specification language used for modelling topology and orchestration of cloud applications. This language particularly allows the description of workflows that can be used for specifying management tasks such as (un)deployment plans.

Motivations

This textual language for describing TOSCA workflows does not provide any visual notation for graphically designing or observing the corresponding workflows. Moreover, this specification language is error-prone and can be source of mistakes during the writing of the management plans.

Methods

In this article, we propose a transformation from TOSCA to the graphical Business Process Model and Notation (BPMN), which allows the visualisation of TOSCA workflows. We also provide automated verification techniques for analysing TOSCA (un)deployment workflows in terms of functional and architectural properties as well as execution times. The transformation and verification steps are achieved in a fully automated way.

Results

This approach computes BPMN models and verification results within a reasonable time on realistic applications.

QSFedMA: Quantum‐Secured Authentication Protocol for Privacy‐Preserving Federated IoMT

Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Objective

To design a secure Federated Learning (FL) framework for Internet of Medical Things (IoMT) that protects sensitive patient data from both classical and quantum attacks.

Methods

Proposed the QSFedMA-IoMT protocol integrating quantum and classical security techniques. Utilized entanglement-based E91 protocol for generating a highly secure root key to establish trust. Applied BB84 protocol for efficient generation of per-round session keys during FL updates. Incorporated classical cryptographic scheme AES-GCM for secure communication. Employed privacy-enhancing techniques such as norm-clipping and Gaussian noise to mitigate information leakage during model training.

Results

Our work demonstrates robust resistance against both classical and quantum adversaries, while enhancing data privacy through secure key distribution and differential privacy mechanisms. It ensures the integrity of model updates within the federated learning process and achieves an effective balance between strong security guarantees and computational efficiency, making it well-suited for IoMT environments.

Conclusion

The QSFedMA-IoMT protocol delivers a robust and practical hybrid framework for securing federated learning in healthcare systems. By integrating E91 and BB84 protocols, it strengthens key management and trust establishment. The combination of quantum security with classical privacy-preserving techniques ensures resilience, scalability, and efficiency. Overall, this work provides a promising direction for secure and privacy-aware federated learning in next-generation IoMT applications.

ML‐Driven DevOps: An Empirical Framework for Predictive Optimization and Intelligent Automation in CI/CD Pipelines

S. R. Dileep Kumar, Juby Mathew — Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Traditional DevOps pipelines often struggle with scalability, adaptability, and intelligence, particularly in distributed microservices and hybrid cloud environments, where reactive monitoring, static resource allocation, and manual interventions contribute to frequent failures, longer recovery times, and inefficient resource utilization. This study proposes an adaptive ML-Driven DevOps (ML-DevOps) framework designed to transform reactive CI/CD pipelines into proactive, self-optimizing systems through predictive analytics, anomaly detection, reinforcement learning, and intelligent resource optimization. The framework integrates five core components: a predictive analytics engine, hybrid anomaly detection system, reinforcement learning agent, resource optimizer, and orchestration layer for compatibility with mainstream DevOps tools. A 21-month evaluation was conducted across 25 organizations representing five industries, with over 78,000 deployment events analyzed. The framework demonstrated substantial improvements in deployment reliability, recovery efficiency, and resource management, consistently reducing failures, accelerating recovery, and optimizing infrastructure use across diverse industries and organizational scales. By embedding machine learning intelligence throughout the software delivery lifecycle, the ML-DevOps framework advances DevOps from reactive automation to intelligent, autonomous operation. Its modular, plug-and-play design ensures practical integration into existing toolchains, making it a scalable and domain-agnostic solution. Future work will explore explainability, federated learning, and lightweight edge deployment to enhance transparency and adaptability.

An Adaptive Hybrid Recommender System for Requirements Reuse

Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Introduction

Requirements engineering plays a crucial role in the software development lifecycle, encompassing the elicitation, analysis, specification, and validation of requirements. Inefficiencies in any of these processes can lead to delays, budget overruns, and even project failure. This paper explores the integration of requirements reuse and recommender systems to enhance the elicitation process by leveraging historical project data and stakeholder interaction patterns.

Methods

The proposed methodology incorporates a hybrid approach that combines collaborative filtering and content-based filtering to recommend relevant requirements to stakeholders. A dynamic weighting framework adjusts the contributions of these two approaches based on the availability of data. In situations with insufficient qualified data, the approach relies more heavily on content-based filtering to address challenges such as data sparsity and the cold-start problem. To enhance the semantic similarity between requirements, the method aggregates GloVe word vectors with domain-specific TF-IDF scores to identify software engineering-specific vocabulary.

Results

Experimental evaluation using a benchmark dataset demonstrates that the proposed hybrid approach significantly improves the prediction accuracy of relevant requirements recommendations, compared to traditional methods.

Conclusion

The integration of requirements reuse with a recommender system that combines collaborative and content-based filtering offers an effective solution to streamline the elicitation process, mitigate risks of overlooking critical requirements, and save time during the evaluation and selection of requirements. The proposed method improves the efficiency and accuracy of requirements engineering, especially in contexts with limited data availability.

A Unified Meta Model for Converting Architecture Decisions Into DevOps Pipelines

Mamdouh Alenezi, Mohammed Akour — Fri, 05 Jun 2026 00:32:58 -0700

ABSTRACT

Background

DevOps pipelines have become the primary vehicle for operationalizing software architecture decisions; however, their design and evolution remain largely ad hoc and tool-specific. This disconnect weakens traceability from architectural intent to runtime automation, complicates change impact analysis, and increases the risk of configuration errors. Although model-driven engineering (MDE) has been proposed to support CI/CD adoption, existing approaches typically focus on individual tools or isolated pipeline fragments and lack a unified, reusable foundation for systematic transformation.

Aims

This paper aims to introduce a unified DevOps Pipeline Meta-Model (DP2M) and an architecture-to-pipeline transformation framework that enables the derivation of executable DevOps pipelines directly from software architecture models, while ensuring traceability and supporting systematic reuse.

Materials and Methods

A mixed-methods approach is employed, combining: (i) a systematic mapping of MDE-for-DevOps literature; (ii) a cross-vendor analysis of industrial pipeline specification languages across Jenkins (Declarative and Scripted), GitHub Actions, GitLab CI, Azure Pipelines, CircleCI, Travis CI, Google Cloud Build, and AWS CodePipeline; and (iii) semi-structured interviews with practitioners. From this, a taxonomy of pipeline artifacts and concerns—covering build, test, deployment, security, compliance, and observability—is derived, along with quality-driven requirements for pipeline modeling. These are formalized into the DP2M meta-model and a catalog of reusable transformation patterns with defined rules and constraints.

Results

The proposed DP2M captures a technology-agnostic representation of DevOps pipelines with explicit traceability links to architectural elements and decisions. A prototype toolchain implements the framework and generates executable pipelines across multiple CI/CD platforms. Evaluation through realistic case studies demonstrates expressiveness across heterogeneous toolchains, preservation of architectural intent, reduction of duplication, and improved handling of DevSecOps concerns as first-class modeling constructs.

Discussions

The findings highlight the limitations of existing tool-centric approaches and demonstrate how a unified meta-model combined with formal transformation patterns can bridge the gap between architecture and pipeline implementation. The approach supports traceability, facilitates change impact analysis, and enables controlled co-evolution of architecture and pipeline models across diverse environments.

Conclusions

This work presents a practical and scalable path toward architecture-centric, model-driven DevOps pipelines. By enabling analyzable, evolvable, and reusable pipelines across projects and platforms, the proposed framework advances the integration of software architecture and DevOps practices while addressing key challenges in traceability, consistency, and automation.

QRAP: A Quantum Resource Allocation Platform for Adaptive Scheduling Under Topology Constraints

Song Guo, Zihan Liu, Zhongle Qu — Fri, 29 May 2026 07:30:21 -0700

ABSTRACT

Quantum computing has entered the noisy intermediate-scale quantum (NISQ) era, where limited qubit numbers, short coherence times, and high error rates pose significant challenges to reliable large-scale execution. Efficient scheduling and resource allocation across heterogeneous quantum hardware are therefore crucial for maximizing system throughput, fidelity, and fairness. In this work, we propose a hardware-aware reinforcement learning framework for quantum task scheduling in distributed NISQ systems. Our design explicitly models qubit-level variability, including connectivity degree, coherence times, error rates, and throughput, while integrating task-level constraints such as deadlines, priorities, and concurrency requirements. We formulate the scheduling problem as a constrained optimization task and instantiate it as a Markov decision process (MDP), enabling reinforcement learning agents to learn adaptive strategies. Specifically, we implement deep Q-network (DQN) and proximal policy optimization (PPO) agents, and compare them against heuristic and random baselines. Experimental results demonstrate that PPO consistently outperforms DQN and heuristic methods, achieving higher task completion rates, fewer deadline violations, and more robust adaptation across different reward configurations. This work bridges quantum hardware modeling with reinforcement learning-based scheduling, providing a practical pathway for resource optimization in distributed quantum computing environments.

A Context‐Aware Decision Support Framework for Scientific Experiment Configuration

Pouriya Miri, Vlado Stankovski, Kristina Veljković, Petar Kochovski — Wed, 27 May 2026 00:50:57 -0700

ABSTRACT

Introduction

Defining an experimental configuration is a complex decision problem for early-stage researchers, who must map goals, constraints, and requirements onto datasets, algorithms, and parameter settings that directly affect experimental outcomes. Existing scientific workflow engines improve execution and reproducibility; however, they rarely capture the decision rationale behind configuration choices, which is needed to inform future selections.

Method

We propose a context-aware decision-support framework that formalises experiment configuration as a structured and sequential decision problem. The framework combines three components: a semantic Knowledge Graph (KG) storing historical configurations, contextual attributes, and decision rationale; an MDP-based Option Explorer that filters the KG under user-defined constraints and ranks feasible configurations by expected cumulative reward; and a Graphical User Interface for specifying constraints, inspecting ranked alternatives, and providing structured feedback. Unlike existing workflow systems, the framework explicitly separates user-defined context from automated reasoning, producing an interpretable ranked list rather than a single opaque recommendation. We evaluated the framework in a user study with 90 MSc- and PhD-level researchers performing a model-selection task, using a synthetic dataset of one million experimental configurations under three levels of contextual detail.

Results

Compared with manual search, the framework reduced decision time (up to 68%), reduced perceived difficulty (up to 36%), and increased user satisfaction (up to 43%) under the constrained condition.

Conclusion

By formalising the link between experimental context and probabilistic decision ranking, the framework improves reproducibility and scalability of decision support in scientific experimentation.

Identifying Conflicting Requirements in Problem‐Oriented Requirements Engineering: A Case Study Based Approach Using Enhanced Pairwise Comparison Method (E‐PCM)

Waqas Junaid, Yulong Li, Hongbin Xiao, Zhi Li — Fri, 22 May 2026 00:26:31 -0700

ABSTRACT

Purpose

In the fields of requirements engineering and problem-oriented requirements analysis, successful conflict identification and resolution are essential to the development and deployment of software systems. The purpose of this paper is to identify conflicting requirements using the Enhanced Pairwise Comparison Method (E-PCM) applied to a real-world mobile phone case study within the Jackson problem frame framework.

Method

This paper enhances the traditional PCM by incorporating a full Natural Language Processing (NLP) pipeline comprising entity extraction, parsing rules, and conflict identification using the spaCy library. The methodology further introduces a modified contribution table to represent identified conflicts, and employs empirical evaluation with a structured conflict scaling system (0–5) in place of fuzzy logic for attribute weighting.

Results

The results indicate potential conflicts between requirements, categorized as no, minimal, moderate, substantial, high, and extreme conflict, each assigned a corresponding level from 0 to 5. The E-PCM model achieves a precision of 1.0 (100%) across all nine requirements, with recall ranging from 0.5 to 1.0 and an F1-Score ranging from 0.66 to 1.0. The overall accuracy of E-PCM is 87%, outperforming the cluster-based approach (85.71%). Inter-rater agreement among 78 undergraduate participants was substantial (k = 0.769), and Fisher's Exact Test validated the NLP-based conflict predictions (p ≤ 0.05 for 13 out of 15 sub-RQs). These findings provide stakeholders with actionable insights to inform decision-making and requirement prioritization.

Conclusion

This paper addresses a significant gap in requirements engineering by introducing the first NLP-augmented pairwise comparison method natively aligned with the Jackson problem frame. Unlike existing approaches, E-PCM combines entity extraction, semantic parsing rules, and empirical conflict scaling to provide a domain-independent, scalable, and data-driven conflict identification framework acknowledged both in the literature and by practitioners.

Fine‐Grained Software Rejuvenation Using an Extended Power‐Law NHPP Degradation Modeling

Subhashis Chatterjee, Nripendra Nath Saren, Lalit Kumar Singh — Fri, 15 May 2026 21:50:50 -0700

ABSTRACT

Objective

Long-running software systems suffer from aging, characterized by rising performance degradation, resource depletion, and elevated failure rates. Conventional rejuvenation techniques, which often depend on predetermined restart intervals, model the system as simply healthy, deteriorated, or failed. However, practical evidence from a variety of fields indicates that wear and defect buildup frequently accelerate nonlinearly, necessitating more adaptable mathematical explanations.

Method

Compared to simpler two-parameter or linear models, an extended three-parameter power-law model which consists of a scaling factor, exponent, and offset is employed here to more accurately depict this behavior. The proposed framework enables adaptive rejuvenation policies triggered by observed conditions rather than rigid schedules by continuously monitoring a degradation metric tuned to this model. Renewal theory with rewards can be used to enhance rejuvenation timing and analytically evaluate steady-state unavailability.

Results

By accurately simulating real-world dynamics, numerical results show that these degradation-aware, threshold-based policies outperform fixed interval approaches by accurately modelling real-world dynamics, particularly in scenarios with increasing aging.

Conclusions

Together, the extended degradation model and the proposed rejuvenation policies provide a unified analytical framework that improves system availability and reduces long-run operational costs. This study shows that alert-based strategies consistently outperform risk-based policies because they allow for early, data-driven maintenance across various software aging conditions.

Data Schema Evolution for the Self‐Adaptive Software Domain: A Systematic Mapping Study

Fri, 15 May 2026 20:45:18 -0700

ABSTRACT

Context

Self-adaptive Software (SaS) is a special category of software systems that enables adaptation at runtime to address new user requirements or changes in its execution environment. This article focuses on a specific category of SaS named SaS2DB, which encompasses systems that require the storage of data in a database. In short, a SaS2DB must understand the changing needs and implement a strategy to execute the evolution of its data schema. The evolution of data schema is a complex issue that encompasses data schema migration, data migration, and other non-functional requirements.

Motivation

Despite the importance of this research topic, there is a lack of understanding of how the design of data schema evolution for the SaS domain has been conducted.

Objective

The main purpose of this article is to provide an overview of data schema evolution for the SaS domain based on 19 relevant studies.

Methods

To do so, a Systematic Mapping Study (SMS) was conducted, following the guidelines proposed by Petersen et al.

Results

This SMS offers a comprehensive overview of the aforementioned research area, presenting key evidence on the main non-functional attributes, data models, application domains, and migration strategies adopted in the design of data schema evolution for SaS.

Conclusion

Moreover, this SMS presents the main findings and several open challenges, highlighting a deep relationship between the design of a SaS and the choice of a suitable solution to support the evolution of its data schema.

A Unified Deep Learning Based Feature Representation Approach for Effective Software Defect Prediction

Ruchika Malhotra, Priya Singh — Sat, 09 May 2026 02:01:15 -0700

ABSTRACT

Purpose

Accurate software defect prediction (SDP) is critical to the success of any software project. Earlier studies have largely used static, semantic or structural features either in isolation or in pairs, offering a partial view of the source code. In reality, static features depict the statistical characteristics, semantic features depict the context and structural features depict data and control dependencies of the code. We propose a strong SDP model that integrates three types of features, achieving a holistic view of the source code, ultimately thereby enabling more robust and generalizable predictions.

Methods

First, the model extracts the static features from the open source PROMISE repository, semantic features from the Abstract Syntax Tree via CodeBERT followed by BiGRU and structural features from the Program Dependency Graph via Graph Convolutional Network. Second, feature alignment is performed for the fixed-set representation of the three types of features using global attention pooling. Third, feature fusion is done for joint feature representation, followed by the application of additive attention to select the most suitable features. To handle the class imbalance scenario, cost-sensitive gradient boosting is applied to penalize misclassifications more heavily. At last, the final feature set is fed to a classifier for defect prediction.

Results

Experiments conducted on eleven open source datasets reveal that the proposed unified feature representation approach achieves substantial performance improvements over the state-of-the-art models. Moreover, the Wilcoxon signed-rank test offers statistical validation for the relevance of these enhancements.

Conclusion

The integration of static, semantic and structural information results in a more holistic representation of source code, which substantially enhances defect prediction performance. The proposed approach addresses the partial view constraints of earlier approaches and offers strong potential for establishing a more reliable and robust SDP across various application domains.

Firefighting Pump Anomaly Analysis in AIoT Maintenance Framework Based on IPSO and BiLSTM‐CNN Deep Learning Approaches

Thanh‐Phuong Nguyen — Fri, 08 May 2026 05:49:59 -0700

ABSTRACT

Background

The integration of Artificial Intelligence of Things (AIoT) has significantly advanced anomaly detection and predictive maintenance in industrial systems.

Objective

This study proposes an AIoT-based framework for firefighting pump anomaly analysis using an Improved Particle Swarm Optimization (IPSO) and hybrid Bidirectional Long Short-Term Memory–Convolutional Neural Network (BiLSTM-CNN) model.

Method

IPSO is employed to optimize hyperparameters, enhancing the model's accuracy and convergence efficiency in detecting diverse failure modes. To evaluate robustness, the framework is tested under multi-frequency sampling schemes with 30 s, 1 min, 5 min, and 10 min, analyzing the trade-off between data granularity and computational cost. The proposed system is further validated through deployment in a real pump manufacturing company in Taiwan, demonstrating its practical applicability in industrial environments. The main contributions include: (i) an IPSO-optimized BiLSTM-CNN model for improved anomaly detection, (ii) a systematic multi-frequency evaluation framework, and (iii) a real-world AIoT deployment for predictive maintenance.

Results

Experimental results show that the proposed approach outperforms conventional models (RNN, CNN, GRU, LSTM, BiRNN, BiLSTM, and CNN-BiLSTM), achieving up to 95.32% improvement in validation loss, 97.29% reduction in MSE, and over 6% gains in prediction and recall indices.

Conclusions

These results demonstrate the robustness and effectiveness of the proposed framework for reliable firefighting pump maintenance.

Converting an Integer to a Decimal String in Under Two Nanoseconds

Jaël Champagne Gareau, Daniel Lemire — Wed, 06 May 2026 08:05:54 -0700

ABSTRACT

Objective

Converting binary integers to variable-length decimal strings is a fundamental operation in computing. Conventional fast approaches rely on recursive division and small lookup tables. The goal of this work is to develop a significantly faster method for this task.

Methods

We propose a SIMD-based algorithm that leverages integer multiply-add instructions available on recent AMD and Intel processors. Our method eliminates lookup tables entirely and computes multiple quotients and remainders in parallel. Additionally, we introduce a dual-variant design with dynamic selection that adapts to input characteristics: a branch-heavy variant optimized for homogeneous digit-length distributions and a branch-light variant for heterogeneous datasets.

Results

Our single-core algorithm consistently outperforms all competing methods across the full range of integer sizes. It runs 1.4–2× faster than the closest competitor and 2–4× faster than the C++ standard library function ‘std::to_chars’ across tested workloads.

Conclusion

The proposed SIMD-based approach with dual-variant dynamic selection provides a substantial performance improvement for integer-to-decimal conversion, delivering superior speed without relying on traditional lookup tables.