A Syntactic-Semantic Approach to Incremental Verification

Software verification of evolving systems is challenging mainstream methodologies and tools. Formal verification techniques often conflict with the time constraints imposed by change management practices for evolving systems. Since changes in these systems are often local to restricted parts, an incremental verification approach could be beneficial. This paper introduces SiDECAR, a general framework for the definition of verification procedures, which are made incremental by the framework itself. Verification procedures are driven by the syntactic structure (defined by a grammar) of the system and encoded as semantic attributes associated with the grammar. Incrementality is achieved by coupling the evaluation of semantic attributes with an incremental parsing technique. We show the application of SiDECAR to the definition of two verification procedures: probabilistic verification of reliability requirements and verification of safety properties.Comment: 22 pages, 8 figures. Corrected typo

Evolutionary improvement of programs

Most applications of genetic programming (GP) involve the creation of an entirely new function, program or expression to solve a specific problem. In this paper, we propose a new approach that applies GP to improve existing software by optimizing its non-functional properties such as execution time, memory usage, or power consumption. In general, satisfying non-functional requirements is a difficult task and often achieved in part by optimizing compilers. However, modern compilers are in general not always able to produce semantically equivalent alternatives that optimize non-functional properties, even if such alternatives are known to exist: this is usually due to the limited local nature of such optimizations. In this paper, we discuss how best to combine and extend the existing evolutionary methods of GP, multiobjective optimization, and coevolution in order to improve existing software. Given as input the implementation of a function, we attempt to evolve a semantically equivalent version, in this case optimized to reduce execution time subject to a given probability distribution of inputs. We demonstrate that our framework is able to produce non-obvious optimizations that compilers are not yet able to generate on eight example functions. We employ a coevolved population of test cases to encourage the preservation of the function's semantics. We exploit the original program both through seeding of the population in order to focus the search, and as an oracle for testing purposes. As well as discussing the issues that arise when attempting to improve software, we employ rigorous experimental method to provide interesting and practical insights to suggest how to address these issues

Report from GI-Dagstuhl Seminar 16394: Software Performance Engineering in the DevOps World

This report documents the program and the outcomes of GI-Dagstuhl Seminar 16394 "Software Performance Engineering in the DevOps World". The seminar addressed the problem of performance-aware DevOps. Both, DevOps and performance engineering have been growing trends over the past one to two years, in no small part due to the rise in importance of identifying performance anomalies in the operations (Ops) of cloud and big data systems and feeding these back to the development (Dev). However, so far, the research community has treated software engineering, performance engineering, and cloud computing mostly as individual research areas. We aimed to identify cross-community collaboration, and to set the path for long-lasting collaborations towards performance-aware DevOps. The main goal of the seminar was to bring together young researchers (PhD students in a later stage of their PhD, as well as PostDocs or Junior Professors) in the areas of (i) software engineering, (ii) performance engineering, and (iii) cloud computing and big data to present their current research projects, to exchange experience and expertise, to discuss research challenges, and to develop ideas for future collaborations

Design of a verification and validation framework for an aircraft trajectory computation software suite

In order to facilitate the optimal development of software, the presence of errors during its operation must be avoided. Consequently, the process of verification and validation plays a critical role in its development. Hence, the purpose of this project is to enhance the procedure mentioned specifically for Dynamo, an aircraft trajectory computation software developed by the Icarus group at the Polytechnic University of Catalonia. This project delineates the following objectives: firstly, to attain an in-depth understanding of the testing methodology and software error correction, thereby comprehending the verification and validation process employed in systems. Once the theoretical framework is firmly established, the next objective entails exploring the existing resources and practices within the Icarus group concerning Dynamo. To improve the error correction process, it is necessary to ascertain their current procedures and the reasons for carrying them out. With all this information gathered, the third objective of this project aims to present it to the members of the Icarus group, emphasising the importance of a robust verification and validation process. Moreover, during the topic presentation meeting, any possible requests they may have regarding improvements of the software are collected, aiming to make them as efficient as possible. As the final objective, this project proposes enhancements to refine the testing methodology, along with a manual detailing the steps needed to carry out a proper verification and validation process.By accomplishing these objectives, Dynamo will continue its development and progress in the most effective manner possible

Towards Practical Graph-Based Verification for an Object-Oriented Concurrency Model

To harness the power of multi-core and distributed platforms, and to make the development of concurrent software more accessible to software engineers, different object-oriented concurrency models such as SCOOP have been proposed. Despite the practical importance of analysing SCOOP programs, there are currently no general verification approaches that operate directly on program code without additional annotations. One reason for this is the multitude of partially conflicting semantic formalisations for SCOOP (either in theory or by-implementation). Here, we propose a simple graph transformation system (GTS) based run-time semantics for SCOOP that grasps the most common features of all known semantics of the language. This run-time model is implemented in the state-of-the-art GTS tool GROOVE, which allows us to simulate, analyse, and verify a subset of SCOOP programs with respect to deadlocks and other behavioural properties. Besides proposing the first approach to verify SCOOP programs by automatic translation to GTS, we also highlight our experiences of applying GTS (and especially GROOVE) for specifying semantics in the form of a run-time model, which should be transferable to GTS models for other concurrent languages and libraries.Comment: In Proceedings GaM 2015, arXiv:1504.0244

Evolution of security engineering artifacts: a state of the art survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research

Re-balancing the excellence frameworks with individualistic logic

The analysis and assessment of business excellence are often associated with the discussion on the design and justification of the excellence measures and their dimensions. This paper re-visits the critical issues in assessing business excellence, and aims to explore the conceptual development on re-balancing the performance dimensions in view of a framework. Based on the synthesising of published literatures and case studies it reveals that all the published excellence frameworks are based on the commonality logic ; and it suggests re-balancing them with the individualistic logic . This concept has then been operationalised by constructing a new excellence framework named world-class diamond model. Based on the surveyed data and by using structural equation modelling the re-balanced diamond model is tested and analysed in order to secure its theoretical validity. With the re-balanced framework, it stresses the critical importance of the individualistic logic in achieving business excellence. It also argues that the managerial implication of the individualistic logic lies in the firm-specific and situation-sensitive practices of business excellence. The original contribution of the research is a conceptually re-balanced perspective of business excellence, suggesting a shift from commonality logic towards individualistic logic