SCAM 2022 will be held in Limassol, Cyprus, co-located with ICSME 2022.
The aim of the International Working Conference on Source Code Analysis & Manipulation (SCAM) is to bring together researchers and practitioners working on theory, techniques and applications which concern analysis and/or manipulation of the source code of computer systems. While much attention in the wider software engineering community is properly directed towards other aspects of systems development and evolution, such as specification, design and requirements engineering, it is the source code that contains the only precise description of the behaviour of the system. The analysis and manipulation of source code thus remains a pressing concern.
For the purpose of clarity ‘source code’ is taken to mean any fully executable description of a software system. It is therefore so-construed as to include machine code, very high level languages and executable graphical representations of systems. The term ‘analysis’ is taken to mean any automated or semi automated procedure which takes source code and yields insight into its meaning. The term ‘manipulation’ is taken to mean any automated or semi-automated procedure which takes and returns source code.
There are several different tracks in the SCAM 2021 program, this page contains an overview for those tracks, and additional information required to submit. Each track has its own submission page and deadlines, please consult the specific page of the track for all of the relevant details.
The below table contains an overview of the tracks, links to their pages, and papers accepted previously at the tracks:
| Track name | Description | Sample submission | Contact |
|---|---|---|---|
| Research | The research track welcomes practitioners and researchers who work on theory, techniques, and applications that concern analysis and/or manipulation of the source code of software systems. |
Sample. | Venera Arnaoudova, Ben Hermann |
| Engineering | The engineering track looks for papers that discuss the innovations and solutions to practical problems that researchers and practitioners face in source code analysis and manipulation of software systems. | Best paper 2020. | Behnaz Hassanshahi, Vadim Zaytsev |
| Replication and Negative Results (RENE) | The RENE track provides a venue for researchers to submit papers reporting (1) replications of previous empirical studies (including controlled experiments, case studies, and surveys) and (2) important and relevant negative or null results (i.e., results that failed to show an effect, but help to eliminate useless hypotheses. | Bonita Sharif, Heike Wehrheim | |
| New Ideas and Emerging Results (NIER) | The NIER track provides a place for researchers and practitioners to present, discuss, and polish early-stage research. This early-stage research should be innovative and have the potential to make a strong future impact on the research or practice of software engineering. | Sample. | Maleknaz Nayebi, Yannic Noller |
The sample submissions were selected from the distinghuished papers of SCAM 2020 by the PC chairs.
Papers must conform to the IEEE proceedings paper format guidelines. Templates in Latex and Word are available on IEEE's website. All submissions must be in English. All authors, reviewers, and organizers are expected to uphold the IEEE Code of Conduct. Failure to do so may lead to a (desk) rejection of the paper.
Papers can be submitted using EasyChair.
We follow a double-anonymous reviewing process. Submitted papers must adhere to the following rules:
Please see the Double-Anonymous Reviewing FAQ for more information and guidance. If the program chairs find that authors did not respect the rules of double-anonymous review they can decide to (desk) reject the paper.
SCAM encourages open science practices. Sharing data sets, replication packages, or preprints are not required, but we provide guidance for those wishing to do so.
If you decide to share data or scripts, we encourage you to use an online archival site such as zenodo.org, figshare.com, or archive.org. These sites ensure the content is archived and generate a DOI for the content, enabling it to be cited. To learn more about how to share data while maintaining double-anonymous, read the explanation provided by Daniel Graziotin available here https://ineed.coffee/5205/how-to-disclose-data-for-double-blind-review-and-make-it-archived-open-data-upon-acceptance/.
We also encourage you to submit such artifacts to the joint artifact evaluation track of ICSME, SCAM, and VISSOFT (see below).
We recognise that anonymising artifacts such as source code is more difficult than preserving anonymity in a paper. We ask authors to take a best effort approach to not reveal their identities. We will also ask reviewers to avoid trying to identify authors by looking at commit histories and other such information that is not easily anonymised. Authors wanting to share GitHub repositories may want to look into using https://anonymous.4open.science/ which is an open source tool that helps you to quickly Double-anonymous your repository.
SCAM supports and encourages Green Open Access also called self-archiving. We encourage authors to self-archive a preprint of your accepted manuscript in an e-print server such as arXiv.org. Open access increases the availability of your work and increases citation impact (https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0013636). To learn more about open access, please read the Green Open Access FAQ (https://avandeursen.com/2016/11/06/green-open-access-faq/) by Arie van Deursen. Note that if your research includes scraped GitHub data, the GitHub Terms of Service require that “publications resulting from that research are open access” (https://help.github.com/articles/github-terms-of-service/). If possible, we recommend that you archive your paper (e.g., on arXiv or on your website) only after the SCAM reviewing process is completed, to avoid undermining the double-anonymous reviewing process in place.
The combined AE track will introduce the artifact evaluation for the first time to SCAM! Authors of (short and long) papers accepted in the ICSME, SCAM, or VISSOFT 2021 are invited to submit their artifacts for evaluation to the ICSME 2021 Joint Artifact Evaluation Track here.
All accepted papers will appear in the proceedings which will be available through the IEEE Digital Library.
Extended versions of papers accepted at one of the SCAM 2021 tracks will be invited for submission in one of the software engineering research journals.
T.B.A.
T.B.A.
T.B.A.
T.B.A.
T.B.A.
The International Working Conference on Source Code Analysis & Manipulation (SCAM) is governed by the steering committee following a community ratified steering committee charter (v1.2, adopted in 2012).
T.B.A.
To register for SCAM 2022 please see the Registration page at the ICSME site here.
We are proud to announce the following two keynotes for SCAM 2021:
 |
Title: Collaborative Code Intelligence Abstract: Like artificial intelligence moved from its first wave relying on handcrafted knowledge to its second wave that emphasizes statistical approaches, code intelligence has in the last two decades embraced statistical approaches, most recently with a strong focus on deep learning, especially transformer models, hoping to adopt to code what these architectures have achieved in the area of NLP. Just like AI is expected to embark the third wave bringing together knowledge-based and statistical reasoning, the next generation of code intelligence systems will probably intertwine rule-based and statistical reasoning and will become multi-modal to include in the set of their analysis subjects non-code artefacts such as documents, developer forums, knowledge bases, and more - hence, the term collaborative code intelligence. This potential development raises research questions, on which the keynote will touch upon. Special focus will be put on architectural models for collaborative code intelligence. To this end, I will briefly present the architecture for collaborative classical code analyses of the OPAL framework and generalize from there to consider questions regarding the interplay between classical and learning-based code analysis methods. (How) can classical analyses approaches be used to improve the quality and robustness of learning-based code processing, or to automate data generation and/or curation? Is there a role for them as part of the optimization engine driving the adjustments of model parameters? Etc. Mira Mezini is a professor for computer science at the Technical University of Darmstadt, Germany. Her research is at the intersection of two fundamental computer science methods. First, she and her group design and implement new programming models and frameworks with the goal of maximizing the automation of technical (non-functional) concerns, so that developers creativity and engineering efforts are focussed on solutions for application domain concerns. Second, they design new methods and techniques for reasoning about software properties. There are obvious synergies between these two areas. One can design programming models dedicated to writing program analyses, so as to facilitate their design and implementation. On the other way around, program intelligence methods can be instrumental for ensuring the efficiency and safety of language concepts. |
|
 |
Title: The inevitable emergence of write-only software Abstract: From the NATO conferences held 50 years ago that blessed its usage, the term "software engineering" has been used by the industry as shorthand for "keeping code easy to understand and evolve by teams." We often use the term in contrast with "computer science," generally understood as "the science (and art) of efficiently solving abstract computational problems." This goal has ultimately become the kingmaker of paradigms, programming languages, design patterns, architectures, and even code editors. Object-Orientation, Test-Driven Development, Agile Methods, refactoring, Continuous Integration, Domain-Driven Design are examples of what the industry has produced and consumed over decades, focused on building and maintaining increasingly larger codebases that can stand the test of time. In the last decade, I have seen a subtle yet increasingly more evident shift in priorities. Over the last decade, small companies with just a few engineers need to build systems that support hundreds of millions of users before it even has a working business model. After a long trial-and-error period, we have established things like microservices, serverless computing, and crash-only software as the most practical way to build this type of software. In this new mindset, the rules have changed. We don't build software to last—we don't know if our companies will last! So instead, we make software focusing on time-to-market and the ability to quickly adapt to new requirements as our businesses pivot, searching for the holy grail of product/market fit. In this session, I will walk you through how I perceive the changes that this industry has been through since I first started my career twenty years ago and what implications and new open questions this new reality brings to the field of software engineering. Phil Calçado is Senior Director of Engineering at SeatGeek, where he leads the team that builds the live events platform used by 44 million people worldwide. Before SeatGeek, he has led the platform team at Meetup/WeWork, worked on Linkerd—the pioneering Service Mesh, and headed product engineering for DigitalOcean and SoundCloud, both pioneers in the adoption of Microservices architectures. |
|
SCAM 2021 is happy to announce that the most influencial paper award goes to "Lightweight Transformation and Fact Extraction with the srcML Toolkit" by Michael Collard, Michael Decker, and Jonathan Maletic originally published in SCAM 2011. The srcML toolkit is a widely-used fact extraction and source-code transformation toolkit, which continues to have a large impact on the software engineering research community because it is easy to use and continues to be maintained and updated. The first paper on the tool was published at SCAM 2011 and since then it has fostered a wide range of research innovations throughout software engineering and been awarded the Mining Software Repositories 2020 Foundational Contribution Award. Many SCAMers have used the tool in their own research, making this paper well deserving of the MIP award.
The Most Influential Paper Co-chairs are Arpad Beszedes and Dawn Lawrie.
The below table contains the program of SCAM 2021. Please use the selection element to pick your own timezone. Note that by default UTC+0 is selected.
The link to the virtualization platform will be sent Saturday evening at the latest. For the program elements that take place on Zoom Ben Hermann has kindly prepared a background image. It can be downloaded here.
| Monday, September 27, 2021 | |||
|
Opening: Alexander Serebrenik, Ben Hermann, Venera Arnaoudova |
|||
| Testing (Session chair: Vadim Zaytsev) | |||
| Research |
Empirical Comparison of Black-box Test Case Generation Tools for RESTful APIs
Davide Corradini, Amedeo Zampieri, Michele Pasqua and Mariano Ceccato |
||
| NIER |
Naming Amplified Tests based on Improved Coverage 
Nienke Nijkamp, Carolin Brandt and Andy Zaidman |
||
| NIER |
Removing Redundant Statements in Amplified Test Cases 
Wessel Oosterbroek, Carolin Brandt and Andy Zaidman |
||
| NIER |
Linkage of Similar Code Snippets Assessed in the Micro Benchmark Service jsPerf
Kazuya Saiki and Akinori Ihara |
||
|
Social Event: SCAM Trivia |
|||
| Smells & Refactoring (Session chair: Ritu Kapur) | |||
| Research |
Improving Readability of Scratch Programs with Search-based Refactoring
Felix Adler, Gordon Fraser, Eva Gründinger, Nina Körber, Simon Labrenz, Jonas Lerchenberger, Stephan Lukasczyk and Sebastian Schweikl |
||
| NIER |
Towards a Taxonomy of Inline Code Comment Smells
Elgun Jabrayilzade, Olcaytu Gürkan and Eray Tüzün |
||
| Engineering |
PyRef: Refactoring Detection in Python Projects
Hassan Atwi, Bin Lin, Nikolaos Tsantalis, Yutaro Kashiwa, Yasutaka Kamei, Naoyasu Ubayashi, Gabriele Bavota and Michele Lanza |
||
| Bug Localization I (Session chair: Abu Naser Masud) | |||
| Research |
BoostNSift: A Query Boosting and Code Sifting Technique for Method Level Bug Localization
Abdul Razzaq, Jim Buckley, James Patten, Muslim Chochlov and Ashish Rajendra Sai |
||
| Research |
Formal Definition and Automatic Generation of Semantic Metrics: An Empirical Study on Bug Prediction
Ting Hu, Ran Mo, Pu Xiong, Zengyang Li and Qiong Feng |
||
|
Cooking and Eating with the PC Chair (Ben Hermann) If you are interested in participating please use the following link to prepare. |
|||
|
Keynote (Phil Calçado) |
|||
| Bug Localization II (Session chair: Marie-Christine Jakobs) | |||
| Research |
Method Calls Frequency-Based Tie-Breaking Strategy For Software Fault Localization
Qusay Idrees Sarhan, Béla Vancsics and Árpád Beszédes |
||
| Engineering |
CharmFL: A Fault Localization Tool for Python
Qusay Idrees Sarhan, Attila Szatmári, Rajmond Toth and Árpád Beszédes |
||
|
Social: Ask Me Anything (Görel Hedin, Coen de Roover and Dave Binkley) |
|||
| Feature Extraction (Session chair: Ben Hermann) | |||
| Research |
Fex: Assisted Extraction of Domain Features from C Programs
Patrick Müller, Krishna Narasimhan and Mira Mezini |
||
| Engineering |
SootFX: A Static Code Feature Extraction Tool for Java and Android
Kadiray Karakaya and Eric Bodden |
||
| Open Steering Committee Meeting | |||
| Tuesday, September 28, 2021 | |||
|
Keynote (Mira Mezini) |
|||
| PL Studies (Session chair: Vadim Zaytsev) | |||
| Research |
How does Migrating to Kotlin Impact the Run-time Efficiency of Android Apps?
Michael Peters, Gian Luca Scoccia and Ivano Malavolta |
||
| Engineering |
Unambiguity of Python Language Elements for Static Analysis
Bence Nagy, Tibor Brunner and Zoltan Porkolab |
||
| NIER |
Towards a taxonomy for annotation of data science experiment repositories
Shangeetha Sivasothy, Scott Barnett, Niroshinie Fernando, Rajesh Vasa, Roopak Sinha and Andrew Simmons |
||
| Engineering Static Analyzers I (Session chair: Ralf Huuck) | |||
| Research |
A Precise Framework for Source-Level Control-Flow Analysis
Idriss Riouak, Christoph Reichenbach, Görel Hedin, and Niklas Fors |
||
| Engineering |
Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++
Philipp Dominik Schubert, Ben Hermann, Eric Bodden and Richard Leer |
||
|
Social: Mental Health in Academia |
|||
| PL Studies II (Session chair: Heike Wehrheim) | |||
| Research |
Measuring source code conciseness across programming languages using compression
Lodewijk Bergmans, Xander Schrijen, Edwin Ouwehand and Magiel Bruntink |
||
| Research |
Towards Understanding Developers’ Machine-Learning Challenges: A Multi-Language Study on Stack Overflow
Alaleh Hamidi, Giuliano Antoniol, Foutse Khomh, Massimiliano Di Penta and Mohammad Hamidi |
||
| Engineering Static Analyzers II (Session chair: Behnaz Hassanshahi) | |||
| Engineering |
eNYPD---Entry Point Detector
Rodrigue Wete Nguempnang, Bernhard J. Berger and Karsten Sohr |
||
| Engineering |
Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++
Philipp Dominik Schubert, Florian Sattler, Fabian Schiebel, Ben Hermann and Eric Bodden |
||
| Engineering |
SecuCheck: Engineering configurable taint analysis for software developers
Goran Piskachev, Ranjith Krishnamurthy and Eric Bodden |
||
|
Social: Bring your Pet(s) |
|||
| Documentation (Session chair: Gias Uddin) | |||
| Research |
Leveraging Unsupervised Learning to Summarize APIs Discussed in Stack Overflow
Amirhossein Naghshzan, Latifa Guerrouj and Olga Baysal |
||
| Research |
What do Developers Discuss about Code Comments?
Pooja Rani, Mathias Birrer, Sebastiano Panichella, Mohammad Ghafari and Oscar Nierstrasz |
||
| NIER |
Do Comments follow Commenting Conventions? A Case Study in Java and Python
Pooja Rani, Suada Abukar, Nataliia Stulova, Alexandre Bergel and Oscar Nierstrasz |
||
| Debugging (Session chair: Vadim Zaytsev) | |||
| Research |
Jicer: Simplifying Cooperative Android App Analysis Tasks
Felix Pauck and Heike Wehrheim |
||
| Research |
D-REX: Static Detection of Relevant Runtime Exceptions with Location Aware Transformer
Farima Farmahinifarahani, Yadong Lu, Vaibhav Saini, Pierre Baldi and Cristina Lopes |
||
| NIER |
QSES: Quasi-Static Executable Slices
Quentin Stievenart, Dave Binkley and Coen De Roover |
||
| RENE |
An Experimental Analysis of Graph-Distance Algorithms for Comparing API Usages
Sebastian Nielebock, Paul Blockhaus, Jacob Krüger and Frank Ortmeier |
||
|
Most Influential Paper Award |
|||
|
Closing: Alexander Serebrenik, Ben Hermann, Venera Arnaoudova |
|||
SCAM has always maintained the tradition of giving participants a special SCAM mug. You can see the mugs of some of the past editions in the slideshow below. This year, SCAM will be virtual and conference participants will receive a special gift designed by Rita Bártfai.
2001, Florence, Italy
2002, Montreal, Canada
2003, Amsterdam, The Netherlands
2004, Chicago, USA
2005, Budapest, Hungary
2006, Philadelphia, USA
2007, Paris, France
2008, Beijing, China
2009, Edmonton, Canada
2010, Timișoara, Romania
2011, Williamsburg, USA
2012, Riva del Garda, Italy
2013, Eindhoven, The Netherlands
2014, Victoria, Canada
2015, Bremen, Germany
2016, Raleigh, USA
2017, Shanghai, China
2018, Madrid, Spain
2019, Cleveland, USA
2020, Adelaide, Australia / Online
For SCAM 2021 we are proud to have the support of two leading companies in Software Engineering, GrammaTech and Facebook. We would like to thank both GrammaTech and Facebook for their support, as they make it possible to host SCAM!
GrammaTech is a small company that was originally founded in Ithaca New York in 1988 as a spin-off of Cornell University. We do both contract research and develop commercial products. Our team of researchers comprises 20 PhD-qualified scientists who conduct research projects that are mostly funded by various US government agencies. These are primarily oriented towards cybersecurity, and touch on software analysis, transformation, monitoring and autonomic functions. Our most successful commercial product to date is CodeSonar, an advanced static analysis tool for finding serious software defects that is sold mostly to customers in embedded safety-critical industries. A new product named CodeSentry is a SaaS product to find N-day security vulnerabilities in software binaries. GrammaTech welcomes inquiries from those interested in joining our team; see the following page.
At Facebook, our mission of giving people the power to build community and bring the world closer together requires constant innovation. That’s where research comes in.
We believe the most interesting research questions are derived from real-world problems. Our expert teams of scientists and engineers work quickly and collaboratively to build smarter, more meaningful experiences on a global scale by solving the most challenging technology problems, as well as look toward the future.
Thanks to generous support from Grammatech and Facebook, SCAM is pleased to offer scholarships for authors who are (a) undergraduate and graduate students, (b) participants from low- or lower-middle income countries, (c) first-time participants, and (d) members of groups traditionally underrepresented in the SCAM community.
Applications for the author scholarships are closed, and the notifications have been sent.
Thanks to generous support from Grammatech and Facebook, SCAM is pleased to offer scholarships for participants who are (a) undergraduate and graduate students, (b) participants from low- or lower-middle income countries, (c) first-time participants, and (d) members of groups traditionally underrepresented in the SCAM community.
Please apply for the scholarship on EasyChair. Deadline is September 20th and notifications will be sent by September 22nd.
