AADLib, A Library of Reusable AADL Models

The SAE Architecture Analysis and Design Language is now a well-established language for the description of critical embedded systems, but also cyber-physical ones. A wide range of analysis tools is already available, either as part of the OSATE tool chain, or separate ones. A key missing elements of AADL is a set of reusable building blocks to help learning AADL concepts, but also experiment already existing tool chains on validated real-life examples. In this paper, we present AADLib, a library of reusable model elements. AADLib is build on two pillars: 1/ a set of ready-to- use examples so that practitioners can learn more about the AADL language itself, but also experiment with existing tools. Each example comes with a full description of available analysis and expected results. This helps reducing the learning curve of the language. 2/ a set of reusable model elements that cover typical building blocks of critical systems: processors, networks, devices with a high level of fidelity so that the cost to start a new project is reduced. AADLib is distributed under a Free/Open Source License to further disseminate the AADL language. As such, AADLib provides a convenient way to discover AADL concepts and tool chains, and learn about its features

A Static Verification Framework for Secure Peer-to-Peer Applications

In this paper we present a static verification framework to support the design and verification of secure peer-to-peer applications. The framework supports the specification, modeling, and analysis of security aspects together with the general characteristics of the system, during early stages of the development life-cycle. The approach avoids security issues to be taken into consideration as a separate layer that is added to the system as an afterthought by the use of security protocols. The main functionality supported by the framework are concerned with the modeling of the system together with its security aspects by using an extension of UML, modeling of abuse cases to represent scenarios of attackers and assist with the identification of properties to be verified, specification of properties to be verified in a graphical template language, verification of the models against the properties, and visualization of the results of the verification process

Model Based Development of Quality-Aware Software Services

Modelling languages and development frameworks give support for functional and structural description of software architectures. But quality-aware applications require languages which allow expressing QoS as a first-class concept during architecture design and service composition, and to extend existing tools and infrastructures adding support for modelling, evaluating, managing and monitoring QoS aspects. In addition to its functional behaviour and internal structure, the developer of each service must consider the fulfilment of its quality requirements. If the service is flexible, the output quality depends both on input quality and available resources (e.g., amounts of CPU execution time and memory). From the software engineering point of view, modelling of quality-aware requirements and architectures require modelling support for the description of quality concepts, support for the analysis of quality properties (e.g. model checking and consistencies of quality constraints, assembly of quality), tool support for the transition from quality requirements to quality-aware architectures, and from quality-aware architecture to service run-time infrastructures. Quality management in run-time service infrastructures must give support for handling quality concepts dynamically. QoS-aware modeling frameworks and QoS-aware runtime management infrastructures require a common evolution to get their integration

Distribution pattern-driven development of service architectures

Distributed systems are being constructed by composing a number of discrete components. This practice is particularly prevalent within the Web service domain in the form of service process orchestration and choreography. Often, enterprise systems are built from many existing discrete applications such as legacy applications exposed using Web service interfaces. There are a number of architectural configurations or distribution patterns, which express how a composed system is to be deployed in a distributed environment. However, the amount of code required to realise these distribution patterns is considerable. In this paper, we propose a distribution pattern-driven approach to service composition and architecting. We develop, based on a catalog of patterns, a UML-compliant framework, which takes existing Web service interfaces as its input and generates executable Web service compositions based on a distribution pattern chosen by the software architect

An engineering process for security patterns application in component based models

International audienceSecurity engineering with patterns is currently a very active area of research. Security patterns - an adaptation of Design Patterns to security - capture experts' experience in order to solve recurrent security problems in a structured and reusable way. In this paper, our objective is to describe an engineering process, called SCRIP (SeCurity patteRn Integration Process), which provides guidelines for integrating security patterns into component-based models. SCRIP defines activities and products to integrate security patterns in the whole development process, from UML component modeling until aspect code generation. The definition of SCRIP has been made using the OMG standard Software and System Process Engineering Meta-model (SPEM). We are developing a CASE tool to support that process

A UML Profile for Security and Code Generation

Recently, many research studies have suggested the integration of safety engineering at an early stage of modeling and system development using Model-Driven Architecture (MDA). This concept consists in deploying the UML (Unified Modeling Language) standard as aprincipal metamodel for the abstractions of different systems. To our knowledge, most of this work has focused on integrating security requirements after the implementation phase without taking them into account when designing systems. In this work, we focused our efforts on non-functional aspects such as the business logic layer, data flow monitoring, and high-quality service delivery. Practically, we have proposed a new UML profile for security integration and code generation for the Java platform. Therefore, the security properties will be described by a UML profile and the OCL language to verify the requirements of confidentiality, authorization, availability, data integrity, and data encryption. Finally, the source code such as the application security configuration, the method signatures and their bodies, the persistent entities and the security controllers generated from sequence diagram of system’s internal behavior after its extension with this profile and applying a set of transformations

Expressing and enforcing user-defined constraints of AADL models

The Architecture Analysis and Design Language AADL allows one to model complete systems, but also to define specific extensions through property sets and library of models. Yet, it does not define an explicit mechanism to enforce some semantics or consistency checks to ensure property sets are correctly used. In this paper, we present REAL (Requirements and Enforcements Analysis Language) as an integrated solution to this issue. REAL is defined as an AADL annex language. It adds the possibility to express constraints as theorems based on set theory to enforce implicit semantics of property sets or AADL models. We illustrate the use of the language on case studies we developed with industrial partners

Attribute based component design: Supporting model driven development in CbSE

In analysing the evolution of Software Engineering, the scale of the components has increased, the requirements for different domains become complex and a variety of different component frameworks and their associated models have emerged. Many modern component frameworks provide enterprise level facilities and services, such as instance management, and component container support, that allow developers to apply if needed to manage scale and complexity. Although the services provided by these frameworks are common, they have different models and implementation. Accordingly, the main problem is, when developing a component based application using a component framework, the design of the components becomes tightly integrated with the framework implementation and the framework model is embedded in the component functionality, and hence reduces reusability. Another problem arose is, the designers must have in-depth knowledge of the implementation of a component framework to be able to model, design and implement the components and take advantages of the services provided. To address these problems, this research proposes the Attribute based Component Design (AbCD) approach which allows developers to model software using logical and abstract components at the specification level. The components encapsulate the provided functionality, as well as the required services, runtime requirements and interaction models using a set of attributes. These attributes are systemically derived by grouping common features and services from light weight component frameworks and heavy weight component frameworks that are available in the literature. The AbCD approach consists of the AbCD Meta-model, which is an extension of the บML meta-model, and the Component Design Guidelines (CDG) that includes core Component based Software Engineering principles to assist the modelling process for designers. To support the AbCD approach, an implementation has been developed as a set of plug-ins, called the AbCD tool suite, for Eclipse IDE. An evaluation of the AbCD approach is conducted by using the tool suite with two case studies. The first case study focuses on abstraction achieved by the AbCD approach and the second focuses on reusability of the components. The evaluation shows that the artefacts produced using the approach provide an alternative architectural view to the design and help to re-factor the design based on aspects. At the same time the evaluation process identified possible improvements in the AbCD meta-model and the tool suite constructed. This research provides a non-invasive approach for designing component based software using model driven development