On the Code Quality of Android Apps: Studying and improving their internal quality

Decanato - Facoltà di scienze informatiche

Data: 7 Giugno 2022 / 14:30 - 17:00

USI East Campus, Room C1.03 & Online

You are cordially invited to attend the PhD Dissertation Defence of Alejandro Mazuera Rozo on Tuesday 7 June 2022 at 14:30 in room C1.03 (East Campus, Sector D) & Online.

Android is nowadays the most popular operating system in the world, not only in the realm of mobile devices, but also when considering desktop and laptop computers. The wide and rapid adoption of Android-based devices has motivated the usage of Android apps to support a broad range of daily activities. This also resulted in a highly competitive market for developers, who must meet time-to-market constraints while still pursuing internal (e.g., high-quality code) and external (e.g., compelling features) quality for their apps. This translates in the need for improving developers’ productivity, supporting them in development and maintenance activities. In our research, we aim at designing techniques and tools supporting Android developers in identifying code quality issues. First, we run empirical studies aimed at analyzing quality issues affecting the Android ecosystem (i.e., operating system and apps) by focusing on: (i) software vulnerabilities, meaning flaws in the software that could be exploited to violate its security policy, thus eventually causing a disruption of the confidentiality, integrity, or availability of the system in question; (ii) performance bugs, namely issues concerning suboptimal implementation choices that can negatively impact indicators such as resource utilization; and (iii) connectivity issues, particularly in contexts in which the quality of a mobile app, as perceived by users, can be negatively impacted in case of unreliable connections, and offline-first practices are not properly implemented. The empirical knowledge acquired in these investigations can be exploited to build tools able to identify code quality issues widely spread in the Android ecosystem. This led us to the building of two tools named OPIA and CONAN. The former exploits dynamic analysis to identify leaks of sensitive information in mobile apps. The latter is the first approach in the literature able to automatically identify connectivity issues affecting mobile apps. 

Dissertation Committee:

  • Prof. Gabriele Bavota, Università della Svizzera italiana, Switzerland (Research Advisor)
  • Prof. Mario Linares Vásquez, Universidad de los Andes, Colombia (Research co-Advisor)
  • Prof. Matthias Hauswirth, Università della Svizzera italiana, Switzerland (Internal Member)
  • Prof. Cesare Pautasso, Università della Svizzera italiana, Switzerland (Internal Member)
  • Prof. Nicolás Cardozo Álvarez, Universidad de los Andes, Colombia (External Member)
  • Prof. Rocco Oliveto, University of Molise, Italy (External Member)