Aspect-based approach to modeling access control policies, An

Department Head: L. Darrell Whitley.2007 Spring.Includes bibliographical references (pages 119-126).Access control policies determine how sensitive information and computing resources are to be protected. Enforcing these policies in a system design typically results in access control features that crosscut the dominant structure of the design (that is, features that are spread across and intertwined with other features in the design). The spreading and intertwining of access control features make it difficult to understand, analyze, and change them and thus complicate the task of ensuring that an evolving design continues to enforce access control policies. Researchers have advocated the use of aspect-oriented modeling (AOM) techniques for addressing the problem of evolving crosscutting features. This dissertation proposes an approach to modeling and analyzing crosscutting access control features. The approach utilizes AOM techniques to isolate crosscutting access control features as patterns described by aspect models. Incorporating an access control feature into a design involves embedding instantiated forms of the access control pattern into the design model. When composing instantiated access control patterns with a design model, one needs to ensure that the resulting composed model enforces access control policies. The approach includes a technique to verify that specified policies are enforced in the composed model. The approach is illustrated using two well-known access control models: the Role- Based Access Control (RBAC) model and the Bell-LaPadula (BLP) model. Features that enforce RBAC and BLP models are described by aspect models. We show how the aspect models can be composed to create a new hybrid access control aspect model. We also show how one can verify that composition of a base (primary) design model and an aspect model that enforces specified policies produces a composed model in which the policies are still enforced

Heavy meta: model-driven domain-specific generation of generative domain-specific modeling tools

Software is so prevalent in all areas of life that one could expect we have come up with more simple and intuitive ways for its creation by now. However, software development is still too complicated to easily and efficiently cope with individual demands, customizations, and changes. Model-based approaches promise improvements through a more comprehensible layer of abstraction, but they are rarely fully embraced in practice. They are perceived as being overly complex, imposing additional work, and lacking the flexibility required in the real world. This thesis presents a novel approach to model-driven software engineering that focuses on simplicity through highly specialized tools. Domain experts are provided with development tools tailored to their individual needs, where they can easily specify the intent of the software using their known terms and concepts. This domain specificity (D) is a powerful mechanism to boil down the effort of defining a system to relevant aspects only. Many concepts are set upfront, which imposes a huge potential for automated generation. However, the full potential of domain-specific models can only unfold, if they are used as primary artifacts of development. The presented approach thus combines domain specificity with full generation (F) to achieve an overall pushbutton generation that does not require any round-trip engineering. Furthermore, service orientation (S) introduces a ‘just use’ philosophy of including arbitrarily complex functionality without needing to know their implementation, which also restores flexibility potentially sacrificed by the domain focus. The unique combination of these three DFS properties facilitates a focused, efficient, and flexible simplicity-driven way of software development. Key to the approach is a holistic solution that in particular also covers the simplicity-driven development of the required highly specialized DFS tools, as nothing would be gained if the costs of developing such tools outweighed the resulting benefits. This simplicity is achieved by applying the very same DFS concepts to the domain of tool development itself: DFS modeling tools are fully generated from models and services specialized to the (meta) domain of modeling tools. The presented Cinco meta tooling suite is a first implementation of such a meta DFS tool. It focuses on the generation of graphical modeling tools for graph structures comprising of various types of nodes and edges. Cinco has been very successfully applied to numerous industrial and academic projects, and thus also serves as a proof of concept for the DFS approach itself. The unique combination of the three DFS strategies and Cinco's meta-level approach towards their realization in practice lay the foundation for a new paradigm of software development that is strongly focused on simplicity

Reducing complexity in developing wireless sensor network systems using model-driven development

Wireless Sensor Network (WSN) is a collection of small and low-powered gadgets called sensor nodes (motes), which are capable of sensing the environment, collecting and processing the sensed data, and communicating with each other to accomplish a specific task. Moreover, all sensed and processed data are finally handed over to a central gathering point called a base station (sink), where all collected data are stored and can be reviewed by the user. Most of the current methods concerning WSN development are application or platform-dependent; hence it is not a trivial task to reuse developed applications in another environment. Therefore, WSN application development is a challenging and complex task because of the low-level technical details and programming complexity. Furthermore, most WSN development projects are managed by software engineers, not application field experts or WSN end users. Consequently, WSN solutions are considered expensive, due to the amount of effort that has to be put into these projects. This research project aims to reduce the complexity in developing WSN applications, by abstracting the low-level technical and programming details for average developers and domain experts. In this research, we argue that reducing complexity can be achieved by defining a new Domain-Specific Language (DSL) as a new application development and programming abstraction, which supports multi-levels modelling (i.e. network, group, and node-level). The outcome of this work is the definition of a new language called SenNet, which is an open source DSL programming abstraction that enables application developers to concentrate on the high-level application logic rather than the low-level complex details. SenNet was developed using the principles of Model-Driven Development (MDD) and macro-programming. Developers can use SenNet as a high-level programming abstraction to auto-generate a ready-to-deploy single node nesC code for all sensor nodes that comprise the SenNet application. SenNet gives developers the flexibility they need by offering them a broad range of predefined monitoring tasks and activities, enabling developers to develop different application types such as Sense-Forward (SF), and Event-Triggered (ET); besides providing a set of node-level and in-network data processing tasks. The current SenNet version is configured to generate nesC code, yet SenNet can be set up to produce and generate any programming language such as Java, or C++, by reconfiguring the code generator to produce the new language format, without changing the language design and produced semantics. Various tests and user study have been used to evaluate SenNet’s usability and functional suitability. Evaluation results found that SenNet could save 88.45% of the LOC required to be programmed by a developer, and 87.14% of the required vocabularies. Furthermore, results showed that SenNet could save 92.86% and 96.47% of the program length and volume respectively. Most of the user study participants (96%) found SenNet to be usable and helps to achieve the required WSN application with reduced development effort. Moreover, 82% of the participants believe that SenNet is functionally suitable for WSN application development. Two real-world business case studies developed were used to assess SenNet’s appropriateness to develop WSN real applications, and how it can be used to develop applications related to data processing tasks. Based on the final evaluation results, it can be concluded that our research has been successful in introducing SenNet as a new abstraction to reduce complexity in the WSN application development process

Combining SOA and BPM Technologies for Cross-System Process Automation

This paper summarizes the results of an industry case study that introduced a cross-system business process automation solution based on a combination of SOA and BPM standard technologies (i.e., BPMN, BPEL, WSDL). Besides discussing major weaknesses of the existing, custom-built, solution and comparing them against experiences with the developed prototype, the paper presents a course of action for transforming the current solution into the proposed solution. This includes a general approach, consisting of four distinct steps, as well as specific action items that are to be performed for every step. The discussion also covers language and tool support and challenges arising from the transformation

Une méthode globale pour la vérification d'exigences temps réel (application à l'avionique modulaire intégrée)

Dans le domaine de l aéronautique, les systèmes embarqués ont fait leur apparition durant les années 60, lorsque les équipements analogiques ont commencé à être remplacés par leurs équivalents numériques. Dès lors, l engouement suscité par les progrès de l informatique fut tel que de plus en plus de fonctionnalités ont été numérisées. L accroissement permanent de la complexité des systèmes a conduit à la définition d une architecture appelée Avionique Modulaire Intégrée (IMA pour Integrated Modular Avionics). Cette architecture se distingue des architectures antérieures, car elle est fondée sur des standards (ARINC 653 et ARINC 664 partie 7) permettant le partage des ressources de calcul et de communication entre les différentes fonctions avioniques. Ce type d architecture est appliqué aussi bien dans le domaine civil avec le Boeing B777 et l Airbus A380, que dans le domaine militaire avec le Rafale ou encore l A400M. Pour des raisons de sûreté, le comportement temporel d un système s appuyant sur une architecture IMA doit être prévisible. Ce besoin se traduit par un ensemble d exigences temps réel que doit satisfaire le système. Le problème exploré dans cette thèse concerne la vérification d exigences temps réel dans les systèmes IMA. Ces exigences s articulent autour de chaînes fonctionnelles, qui sont des séquences de fonctions. Une exigence spécifie alors une borne acceptable (minimale ou maximale) pour une propriété temporelle d une ou plusieurs chaînes fonctionnelles. Nous avons identifié trois catégories d exigences temps réel, que nous considérons pertinentes vis-à-vis des systèmes étudiés. Il s agit des exigences de latence, de fraîcheur et de cohérence. Nous proposons une modélisation des systèmes IMA, et des exigences qu ils doivent satisfaire, dans le formalisme du tagged signal model. Nous montrons alors comment, à partir de ce modèle, nous pouvons générer pour chaque exigence un programme linéaire mixte, c est-à-dire contenant à la fois des variables entières et réelles, dont la solution optimale permet de vérifier la satisfaction de l exigenceEmbedded systems appeared in aeronautics during the 60 s, when the process of replacing analog devices by their digital counterpart started. From that time, the broad thrust of computer science advances make it possible to digitize more and more avionics functionalities. The continual increase of the complexity of these systems led to the definition of a new architecture called Integrated Modular Avionics (IMA). This architecture stands apart from previous architecture because it is based on standards (ARINC 653 and ARINC 664 part 7) which allow the sharing of computation and communication resources among avionics functions. This architecture is implemented in civil aircrafts, with Boeing B777 and Airbus A380, and in military aircrafts, with Rafale or A400M. For safety reason, the temporal behaviour of such a system must be predictable, which is expressed with a set real-time requirements. A real-time requirement specifies an upper or lower bound of a temporal property of one or several functional chains. A functional chain is a sequence of functions. In this thesis, we explore the verification of real-time requirements in IMA systems. We have identified three real-time requirements relevant to our problem : latency, freshness and consistency. We propose a model of IMA systems, and the requirements they must meet, based on the tagged signal model. Then we derive from this model, for each requirement, a mixed integer linear program whose optimal solution allows us to verify the requirementTOULOUSE-INP (315552154) / SudocSudocFranceF

Une méthode globale pour la vérification d’exigences temps réel : application à l’avionique modulaire intégrée

Dans le domaine de l’aéronautique, les systèmes embarqués ont fait leur apparition durant les années 60, lorsque les équipements analogiques ont commencé à être remplacés par leurs équivalents numériques. Dès lors, l’engouement suscité par les progrès de l’informatique fut tel que de plus en plus de fonctionnalités ont été numérisées. L’accroissement permanent de la complexité des systèmes a conduit à la définition d’une architecture appelée Avionique Modulaire Intégrée (IMA pour Integrated Modular Avionics). Cette architecture se distingue des architectures antérieures, car elle est fondée sur des standards (ARINC 653 et ARINC 664 partie 7) permettant le partage des ressources de calcul et de communication entre les différentes fonctions avioniques. Ce type d’architecture est appliqué aussi bien dans le domaine civil avec le Boeing B777 et l’Airbus A380, que dans le domaine militaire avec le Rafale ou encore l’A400M. Pour des raisons de sûreté, le comportement temporel d’un système s’appuyant sur une architecture IMA doit être prévisible. Ce besoin se traduit par un ensemble d’exigences temps réel que doit satisfaire le système. Le problème exploré dans cette thèse concerne la vérification d’exigences temps réel dans les systèmes IMA. Ces exigences s’articulent autour de chaînes fonctionnelles, qui sont des séquences de fonctions. Une exigence spécifie alors une borne acceptable (minimale ou maximale) pour une propriété temporelle d’une ou plusieurs chaînes fonctionnelles. Nous avons identifié trois catégories d’exigences temps réel, que nous considérons pertinentes vis-à-vis des systèmes étudiés. Il s’agit des exigences de latence, de fraîcheur et de cohérence. Nous proposons une modélisation des systèmes IMA, et des exigences qu’ils doivent satisfaire, dans le formalisme du tagged signal model. Nous montrons alors comment, à partir de ce modèle, nous pouvons générer pour chaque exigence un programme linéaire mixte, c’est-à-dire contenant à la fois des variables entières et réelles, dont la solution optimale permet de vérifier la satisfaction de l’exigence. ABSTRACT : Embedded systems appeared in aeronautics during the 60’s, when the process of replacing analog devices by their digital counterpart started. From that time, the broad thrust of computer science advances make it possible to digitize more and more avionics functionalities. The continual increase of the complexity of these systems led to the definition of a new architecture called Integrated Modular Avionics (IMA). This architecture stands apart from previous architecture because it is based on standards (ARINC 653 and ARINC 664 part 7) which allow the sharing of computation and communication resources among avionics functions. This architecture is implemented in civil aircrafts, with Boeing B777 and Airbus A380, and in military aircrafts, with Rafale or A400M. For safety reason, the temporal behaviour of such a system must be predictable, which is expressed with a set real-time requirements. A real-time requirement specifies an upper or lower bound of a temporal property of one or several functional chains. A functional chain is a sequence of functions. In this thesis, we explore the verification of real-time requirements in IMA systems. We have identified three real-time requirements relevant to our problem : latency, freshness and consistency. We propose a model of IMA systems, and the requirements they must meet, based on the tagged signal model. Then we derive from this model, for each requirement, a mixed integer linear program whose optimal solution allows us to verify the requirement

Service-oriented design of microfludic devices

Microfluidics is a relatively new and, with an estimation of the market for these devices exceeding $3 billion in 2014, it is considered a profitable domain. Constant development of new technologies and growing demand for more versatile products cause increasing complexity in this area. To address this, the current trends for the domain include automation, standardisation and customisation. At the same time, the society is moving from product types offering to services. Due to the customisation trend this transition appears beneficial for microfluidics. Taking advantage of these opportunities, an investigation of microfluidic design has been undertaken to address the issues at their origins. The literature review showed a lack of a general design methodology applicable for all microfluidic devices, identified existing approaches as technology driven and the domain as unique in terms of design. Also, it highlighted a number of automation and standardisation attempts in the area. In addition, microfluidics shows limited customer and service-orientation. Meanwhile, an investigation of complexity and its implications in microfluidics narrowed the study to sub-section interactions, which allowed standardisation and automation without compromising customisation. In response to these gaps, an aim of the research is to develop a guideline for service- oriented design of microfluidic devices that can deal with sub-section interactions. This research reviews: existing methodologies for design in micro-scale, their applicability to the domain, microfluidic practitioners’ approach to design, state of service-thinking and services in the area and how sub-section interactions are dealt with for these devices. The developed guideline and design enablers present a proposal for a general process for the design of microfluidics. The solution attempts to tackle the issue of sub- section interactions and brings the domain one step towards an ‘experience economy’ by incorporating service-considerations into the design process. The usefulness of this contribution has been confirmed by a variety of methods and numerous sources including experts in the field.EThOS - Electronic Theses Online ServiceGBUnited Kingdo