KeynotesAPSEC 2024

Efficient and Green Code LLMs: Happier Software Engineers, Happier Planet

Abstract: For decades, researchers have explored methods to automate software engineering (ASE) tasks. Recently, many are excited about the potential of code Large Language Models (code LLMs) for ASE tasks. However, code LLMs are large, slow, and energy-hungry compared to traditional ASE solutions, which raises usability and sustainability concerns. This is especially true when we want to deploy them in IDEs on local devices, which is often the preferred setting. This talk will highlight a three-pronged approach to improve the efficiency and energy consumption of code LLMs. It will first discuss 'Avatar,' which combines constraint solving, metaheuristic search, and knowledge distillation to create a much smaller, more efficient, and energy-saving model. The talk then will present 'SimPy,' the first code LLM-oriented programming language grammar; its simple structure captures pertinent semantics succinctly, allowing code LLM to be more efficient while retaining similar efficacy. Finally, the talk will present `FrugalCoder,' the first solution that efficiently "appraises" the potential outcome before running code LLMs, preventing costly but unfruitful code LLM executions. The talk will conclude with a call for action for more research on non-functional properties of code LLM, which have received less attention in the literature but, in this speaker's opinion, are as important as functional properties.

David Lo is the OUB Chair Professor of Computer Science and Director of the Center for Research in Intelligent Software Engineering (RISE) at Singapore Management University. Championing the area of AI for Software Engineering (AI4SE) since the mid-2000s, he has demonstrated how AI — encompassing data mining, machine learning, information retrieval, natural language processing, and search-based algorithms — can transform software engineering data into actionable insights and automation. Through empirical studies, he has also identified practitioners' pain points, characterized the limitations of AI4SE solutions, and explored practitioners' acceptance thresholds for AI-powered tools. His contributions have led to over 20 awards, including two Test-of-Time awards and eleven ACM SIGSOFT/IEEE TCSE Distinguished Paper awards, and his work has garnered over 35,000 citations. An ACM Fellow, IEEE Fellow, ASE Fellow, and National Research Foundation Investigator (Senior Fellow), Lo has also served as a PC Co-Chair for ASE'20, FSE'24, and ICSE'25.

For more information, visit: http://www.mysmu.edu/faculty/davidlo/

AI for Software Vulnerabilities and Android Malware Detection

Abstract: Users can today download a wide variety of apps or programs ranging from simple toy games to sophisticated business-critical software. They rely on these software programs daily to perform diverse tasks, some of them related to sensitive information such as their finance or health. Ensuring high-quality, reliable, and secure software is thus key. In the TruX research group of the interdisciplinary center for Security, Reliability, and Trust (SnT) of the University of Luxembourg, we are working to deliver practical techniques, tools, and other artifacts (such as repositories), making the analysis of software possible. In this talk, I will explain how we leverage AI techniques to address two concrete problems: the detection of malicious apps in the Android ecosystem and the detection of software vulnerabilities. In particular, I will highlight our key contributions to code representation, making possible to embed Android apps and code snippets efficiently.

Dr. Jacques Klein is a full professor in software engineering and software security within the Interdisciplinary Centre for Security, Reliability and Trust (SnT) at the University of Luxembourg. Prof. Klein co-leads a team named TruX of about 25 researchers developing innovative approaches and tools for helping the research and practice communities build trustworthy and secure software. Prof. Klein received a Ph.D. degree in Computer Science from the University of Rennes, France, in 2006. His main areas of expertise are threefold: (1) Software Security, (2) Software Reliability, and (3) Data Analytics. Prof. Klein received multiple most influential papers and has published over 200 papers, often in top venues such as ICSE, FSE, ASE, ISSTA, PLDI, etc. In addition to academic achievements, Prof. Klein also has long-standing experience and expertise in successfully running industrial projects with several industrial partners in various domains by applying AI, software engineering, information retrieval, etc., to their research problems.

Keynotes