{"id":"https://openalex.org/W7155410701","doi":"https://doi.org/10.48550/arxiv.2604.20015","title":"FIKA: Expanding Dependency Reachability with Executability Guarantees","display_name":"FIKA: Expanding Dependency Reachability with Executability Guarantees","publication_year":2026,"publication_date":"2026-04-21","ids":{"openalex":"https://openalex.org/W7155410701","doi":"https://doi.org/10.48550/arxiv.2604.20015"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.20015","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.20015","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.20015","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093751323","display_name":"Yogya Gamage","orcid":"https://orcid.org/0009-0000-7537-4961"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Gamage, Yogya","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074874017","display_name":"Meriem Ben Chaaben","orcid":"https://orcid.org/0000-0001-8133-0199"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chaaben, Meriem Ben","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5134442906","display_name":"Martin Monperrus","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Monperrus, Martin","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5134452867","display_name":"Benoit Baudry","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Baudry, Benoit","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5093751323"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.5809999704360962,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.5809999704360962,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.18000000715255737,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.044199999421834946,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/reachability","display_name":"Reachability","score":0.9527000188827515},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.879800021648407},{"id":"https://openalex.org/keywords/dependency-graph","display_name":"Dependency graph","score":0.661899983882904},{"id":"https://openalex.org/keywords/trace","display_name":"TRACE (psycholinguistics)","score":0.5291000008583069},{"id":"https://openalex.org/keywords/reachability-problem","display_name":"Reachability problem","score":0.5008999705314636},{"id":"https://openalex.org/keywords/pipeline","display_name":"Pipeline (software)","score":0.4993000030517578},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.45660001039505005},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.41679999232292175}],"concepts":[{"id":"https://openalex.org/C136643341","wikidata":"https://www.wikidata.org/wiki/Q1361526","display_name":"Reachability","level":2,"score":0.9527000188827515},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.879800021648407},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8565000295639038},{"id":"https://openalex.org/C16311509","wikidata":"https://www.wikidata.org/wiki/Q4148050","display_name":"Dependency graph","level":3,"score":0.661899983882904},{"id":"https://openalex.org/C75291252","wikidata":"https://www.wikidata.org/wiki/Q1315756","display_name":"TRACE (psycholinguistics)","level":2,"score":0.5291000008583069},{"id":"https://openalex.org/C2777669093","wikidata":"https://www.wikidata.org/wiki/Q17141570","display_name":"Reachability problem","level":3,"score":0.5008999705314636},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.4993000030517578},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.45660001039505005},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.45329999923706055},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.44440001249313354},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.41679999232292175},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.39579999446868896},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.364300012588501},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.3610000014305115},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.3483999967575073},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3418000042438507},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.33469998836517334},{"id":"https://openalex.org/C98183937","wikidata":"https://www.wikidata.org/wiki/Q2112188","display_name":"Program analysis","level":2,"score":0.311599999666214},{"id":"https://openalex.org/C2780586882","wikidata":"https://www.wikidata.org/wiki/Q7520643","display_name":"Simple (philosophy)","level":2,"score":0.29760000109672546},{"id":"https://openalex.org/C40683218","wikidata":"https://www.wikidata.org/wiki/Q5260625","display_name":"Dependency theory (database theory)","level":4,"score":0.2782000005245209},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.27799999713897705},{"id":"https://openalex.org/C102379954","wikidata":"https://www.wikidata.org/wiki/Q2589940","display_name":"Call graph","level":2,"score":0.2745000123977661},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.2615000009536743}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.20015","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.20015","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.20015","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.20015","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Automated":[0],"third-party":[1,78,96],"library":[2,79,97],"analysis":[3,26,53,197],"tools":[4,49],"help":[5,204],"developers":[6],"by":[7,35,59,130,147,190],"addressing":[8],"key":[9],"dependency":[10,33,40,51,157],"management":[11],"challenges,":[12],"such":[13],"as":[14],"automating":[15],"version":[16],"updates,":[17],"detecting":[18,21],"vulnerabilities,":[19],"and":[20,56,88,135,149],"breaking":[22],"updates.":[23],"Dependency":[24],"reachability":[25,52,196,220],"aims":[27],"at":[28],"improving":[29,186],"the":[30,37,43,60,117,131,187,206],"precision":[31],"of":[32,39,62,75,110,119,124,162,173,185,212],"management,":[34],"reducing":[36],"space":[38],"issues":[41],"to":[42,107,114,152],"ones":[44],"that":[45,85,94,169,181,201],"actually":[46,101],"matter.":[47],"Most":[48],"for":[50,72,77,139,155],"are":[54,128,176],"static":[55,194],"fundamentally":[57],"limited":[58],"absence":[61],"execution.":[63],"In":[64,159],"this":[65,145],"paper,":[66],"we":[67],"propose":[68],"FIKA,":[69],"a":[70,95,108,192],"pipeline":[71],"providing":[73],"guarantees":[74,93,168,211],"executability":[76,154,213],"call":[80,98,126,174],"sites.":[81],"FIKA":[82,142,165,182,202],"generates":[83],"code":[84],"is":[86,100,150,183],"executed,":[87],"whose":[89],"execution":[90],"trace":[91],"provides":[92,166],"site":[99],"reachable.":[102],"We":[103,178,199],"apply":[104],"our":[105],"approach":[106],"dataset":[109],"eight":[111,163],"Java":[112],"projects":[113],"empirically":[115],"evaluate":[116],"effectiveness":[118],"FIKA.":[120],"On":[121],"average,":[122],"54%":[123],"these":[125],"sites":[127,175],"covered":[129],"existing":[132],"test":[133],"suites,":[134],"therefore,":[136],"have":[137],"evidence":[138],"their":[140],"executability.":[141],"further":[143,179],"improves":[144],"coverage":[146],"20%":[148],"able":[151],"demonstrate":[153,180],"2363":[156],"methods.":[158],"six":[160],"out":[161],"projects,":[164],"strong":[167],"more":[170],"than":[171],"75%":[172],"executable.":[177],"capable":[184],"results":[188],"provided":[189],"Semgrep,":[191],"state-of-the-art":[193],"vulnerability":[195,207],"tool.":[198],"show":[200],"can":[203],"prioritize":[205],"updates":[208],"with":[209],"stronger":[210],"in":[214],"cases":[215],"where":[216],"Semgrep":[217],"yields":[218],"inconclusive":[219],"results.":[221]},"counts_by_year":[],"updated_date":"2026-04-24T06:07:52.864757","created_date":"2026-04-24T00:00:00"}