USING SYSTEM EXECUTION EXECTION TRACES TO ANALYZE PERFORMANCE PROPERTIES OF SOFTWARE SYSTEMS

poster abstractSystem execution traces (execution logs) are traditionally used to evalu-ate functional properties of a software system. Prior research, however, has shown the usefulness of system execution traces in evaluating software sys-tem performance properties. Due to the complexity and verboseness of a system execution trace, however, higher-level abstractions, e.g., dataflow models are required to support such evaluation. Our current research effort therefore has focused on extending this dataflow model based system per-formance analysis in two folds. In one aspect, we have considered adapting the dataflow model when the system execution trace does not contain prop-erties required to support performance analysis. In the other aspect, we have developed techniques to auto-generate the supporting dataflow model from a system execution trace. The second aspect is critical because it is hard to manually craft a dataflow model for large and complex software sys-tems, especially distributed software systems. The tool and technique we developed for adapting the dataflow model is called System Execution Trace Adaptation Framework (SETAF); whereas, the tool and technique for auto-generating the dataflow model from a system execution trace is called Dataflow Model Auto Constructor (DMAC). Our cur-rent results from applying SETAF to several open-source production software applications show that there are 3 main patterns for adapting system execu-tion traces to support performance analysis if they do not already have the required properties. Likewise, our current results from applying DMAC to the same software applications show that DMAC is able to auto-construct a data-flow model that covers up to 95% of the originating system execution trace. This work was sponsored in part by the Australian Defense Science and Technology Organi-zation (DSTO

Self-Adaptive Role-Based Access Control for Business Processes

© 2017 IEEE. We present an approach for dynamically reconfiguring the role-based access control (RBAC) of information systems running business processes, to protect them against insider threats. The new approach uses business process execution traces and stochastic model checking to establish confidence intervals for key measurable attributes of user behaviour, and thus to identify and adaptively demote users who misuse their access permissions maliciously or accidentally. We implemented and evaluated the approach and its policy specification formalism for a real IT support business process, showing their ability to express and apply a broad range of self-adaptive RBAC policies

Integrating computer log files for process mining: a genetic algorithm inspired technique

Process mining techniques are applied to single computer log files. But many processes are supported by different software tools and are by consequence recorded into multiple log files. Therefore it would be interesting to find a way to automatically combine such a set of log files for one process. In this paper we describe a technique for merging log files based on a genetic algorithm. We show with a generated test case that this technique works and we give an extended overview of which research is needed to optimise and validate this technique

Generalized techniques for using system execution traces to support software performance analysis

This dissertation proposes generalized techniques to support software performance analysis using system execution traces in the absence of software development artifacts such as source code. The proposed techniques do not require modifications to the source code, or to the software binaries, for the purpose of software analysis (non-intrusive). The proposed techniques are also not tightly coupled to the architecture specific details of the system being analyzed. This dissertation extends the current techniques of using system execution traces to evaluate software performance properties, such as response times, service times. The dissertation also proposes a novel technique to auto-construct a dataflow model from the system execution trace, which will be useful in evaluating software performance properties. Finally, it showcases how we can use execution traces in a novel technique to detect Excessive Dynamic Memory Allocations software performance anti-pattern. This is the first attempt, according to the author\u27s best knowledge, of a technique to detect automatically the excessive dynamic memory allocations anti-pattern. The contributions from this dissertation will ease the laborious process of software performance analysis and provide a foundation for helping software developers quickly locate the causes for negative performance results via execution traces

Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation

Compartmentalization is good security-engineering practice. By breaking a large software system into mutually distrustful components that run with minimal privileges, restricting their interactions to conform to well-defined interfaces, we can limit the damage caused by low-level attacks such as control-flow hijacking. When used to defend against such attacks, compartmentalization is often implemented cooperatively by a compiler and a low-level compartmentalization mechanism. However, the formal guarantees provided by such compartmentalizing compilation have seen surprisingly little investigation. We propose a new security property, secure compartmentalizing compilation (SCC), that formally characterizes the guarantees provided by compartmentalizing compilation and clarifies its attacker model. We reconstruct our property by starting from the well-established notion of fully abstract compilation, then identifying and lifting three important limitations that make standard full abstraction unsuitable for compartmentalization. The connection to full abstraction allows us to prove SCC by adapting established proof techniques; we illustrate this with a compiler from a simple unsafe imperative language with procedures to a compartmentalized abstract machine.Comment: Nit

Reusable Knowledge-based Components for Building Software Applications: A Knowledge Modelling Approach

In computer science, different types of reusable components for building software applications were proposed as a direct consequence of the emergence of new software programming paradigms. The success of these components for building applications depends on factors such as the flexibility in their combination or the facility for their selection in centralised or distributed environments such as internet. In this article, we propose a general type of reusable component, called primitive of representation, inspired by a knowledge-based approach that can promote reusability. The proposal can be understood as a generalisation of existing partial solutions that is applicable to both software and knowledge engineering for the development of hybrid applications that integrate conventional and knowledge based techniques. The article presents the structure and use of the component and describes our recent experience in the development of real-world applications based on this approach