164,119 research outputs found
A heuristic-based approach to code-smell detection
Encapsulation and data hiding are central tenets of the object oriented paradigm. Deciding what data and behaviour to form into a class and where to draw the line between its public and private details can make the difference between a class that is an understandable, flexible and reusable abstraction and one which is not. This decision is a difficult one and may easily result in poor encapsulation which can then have serious implications for a number of system qualities. It is often hard to identify such encapsulation problems within large software systems until they cause a maintenance problem (which is usually too late) and attempting to perform such analysis manually can also be tedious and error prone. Two of the common encapsulation problems that can arise as a consequence of this decomposition process are data classes and god classes. Typically, these two problems occur together – data classes are lacking in functionality that has typically been sucked into an over-complicated and domineering god class. This paper describes the architecture of a tool which automatically detects data and god classes that has been developed as a plug-in for the Eclipse IDE. The technique has been evaluated in a controlled study on two large open source systems which compare the tool results to similar work by Marinescu, who employs a metrics-based approach to detecting such features. The study provides some valuable insights into the strengths and weaknesses of the two approache
Formal certification and compliance for run-time service environments
With the increased awareness of security and safety of services in on-demand distributed service provisioning (such
as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of service properties and tend not to support the run-time monitoring and progressive certification in the service execution environment. In this paper we discuss an approach which provides both design-time and runtime behavioural compliance checking for a services architecture, through enabling a progressive event-driven model-checking technique. Providing an integrated approach to certification and compliance is a challenge however using analysis and monitoring techniques we present such an approach for on-going compliance checking
A Declarative Framework for Specifying and Enforcing Purpose-aware Policies
Purpose is crucial for privacy protection as it makes users confident that
their personal data are processed as intended. Available proposals for the
specification and enforcement of purpose-aware policies are unsatisfactory for
their ambiguous semantics of purposes and/or lack of support to the run-time
enforcement of policies.
In this paper, we propose a declarative framework based on a first-order
temporal logic that allows us to give a precise semantics to purpose-aware
policies and to reuse algorithms for the design of a run-time monitor enforcing
purpose-aware policies. We also show the complexity of the generation and use
of the monitor which, to the best of our knowledge, is the first such a result
in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International
Workshop on Security and Trust Management (STM 2015
RTL2RTL Formal Equivalence: Boosting the Design Confidence
Increasing design complexity driven by feature and performance requirements
and the Time to Market (TTM) constraints force a faster design and validation
closure. This in turn enforces novel ways of identifying and debugging
behavioral inconsistencies early in the design cycle. Addition of incremental
features and timing fixes may alter the legacy design behavior and would
inadvertently result in undesirable bugs. The most common method of verifying
the correctness of the changed design is to run a dynamic regression test suite
before and after the intended changes and compare the results, a method which
is not exhaustive. Modern Formal Verification (FV) techniques involving new
methods of proving Sequential Hardware Equivalence enabled a new set of
solutions for the given problem, with complete coverage guarantee. Formal
Equivalence can be applied for proving functional integrity after design
changes resulting from a wide variety of reasons, ranging from simple pipeline
optimizations to complex logic redistributions. We present here our experience
of successfully applying the RTL to RTL (RTL2RTL) Formal Verification across a
wide spectrum of problems on a Graphics design. The RTL2RTL FV enabled checking
the design sanity in a very short time, thus enabling faster and safer design
churn. The techniques presented in this paper are applicable to any complex
hardware design.Comment: In Proceedings FSFMA 2014, arXiv:1407.195
- …