Advancing Operating Systems via Aspect-Oriented Programming

Operating system kernels are among the most complex pieces of software in existence to- day. Maintaining the kernel code and developing new functionality is increasingly compli- cated, since the amount of required features has risen significantly, leading to side ef fects that can be introduced inadvertedly by changing a piece of code that belongs to a completely dif ferent context. Software developers try to modularize their code base into separate functional units. Some of the functionality or “concerns” required in a kernel, however, does not fit into the given modularization structure; this code may then be spread over the code base and its implementation tangled with code implementing dif ferent concerns. These so-called “crosscutting concerns” are especially dif ficult to handle since a change in a crosscutting concern implies that all relevant locations spread throughout the code base have to be modified. Aspect-Oriented Software Development (AOSD) is an approach to handle crosscutting concerns by factoring them out into separate modules. The “advice” code contained in these modules is woven into the original code base according to a pointcut description, a set of interaction points (joinpoints) with the code base. To be used in operating systems, AOSD requires tool support for the prevalent procedu- ral programming style as well as support for weaving aspects. Many interactions in kernel code are dynamic, so in order to implement non-static behavior and improve performance, a dynamic weaver that deploys and undeploys aspects at system runtime is required. This thesis presents an extension of the “C” programming language to support AOSD. Based on this, two dynamic weaving toolkits – TOSKANA and TOSKANA-VM – are presented to permit dynamic aspect weaving in the monolithic NetBSD kernel as well as in a virtual- machine and microkernel-based Linux kernel running on top of L4. Based on TOSKANA, applications for this dynamic aspect technology are discussed and evaluated. The thesis closes with a view on an aspect-oriented kernel structure that maintains coherency and handles crosscutting concerns using dynamic aspects while enhancing de- velopment methods through the use of domain-specific programming languages

Whitepaper: The Value of Improving the Separation of Concerns

Microsoft's enterprise customers are demanding better ways to modularize their software systems. They look to the Java community, where these needs are being met with language enhancements, improved developer tools and middleware, and better runtime support. We present a business case for why Microsoft should give priority to supporting better modularization techniques, also known as advanced separation of concerns (ASOC), for the .NET platform, and we provide a roadmap for how to do so

SystemC Through the Looking Glass : Non-Intrusive Analysis of Electronic System Level Designs in SystemC

Due to the ever increasing complexity of hardware and hardware/software co-designs, developers strive for higher levels of abstractions in the early stages of the design flow. To address these demands, design at the Electronic System Level (ESL) has been introduced. SystemC currently is the de-facto standard for ESL design. The extraction of data from system designs written in SystemC is thereby crucial e.g. for the proper understanding of a given system. However, no satisfactory support of reflection/introspection of SystemC has been provided yet. Previously proposed methods for this purpose %introduced to achieve the goal nonetheless either focus on static aspects only, restrict the language means of SystemC, or rely on modifications of the compiler and/or parser. In this thesis, approaches that overcome these limitations are introduced, allowing the extraction of information from a given SystemC design without changing the SystemC library or the compiler. The proposed approaches retrieve both, static and dynamic (i.e. run-time) information

Aspect-oriented technology for dependable operating systems

Modern computer devices exhibit transient hardware faults that disturb the electrical behavior but do not cause permanent physical damage to the devices. Transient faults are caused by a multitude of sources, such as fluctuation of the supply voltage, electromagnetic interference, and radiation from the natural environment. Therefore, dependable computer systems must incorporate methods of fault tolerance to cope with transient faults. Software-implemented fault tolerance represents a promising approach that does not need expensive hardware redundancy for reducing the probability of failure to an acceptable level. This thesis focuses on software-implemented fault tolerance for operating systems because they are the most critical pieces of software in a computer system: All computer programs depend on the integrity of the operating system. However, the C/C++ source code of common operating systems tends to be already exceedingly complex, so that a manual extension by fault tolerance is no viable solution. Thus, this thesis proposes a generic solution based on Aspect-Oriented Programming (AOP). To evaluate AOP as a means to improve the dependability of operating systems, this thesis presents the design and implementation of a library of aspect-oriented fault-tolerance mechanisms. These mechanisms constitute separate program modules that can be integrated automatically into common off-the-shelf operating systems using a compiler for the AOP language. Thus, the aspect-oriented approach facilitates improving the dependability of large-scale software systems without affecting the maintainability of the source code. The library allows choosing between several error-detection and error-correction schemes, and provides wait-free synchronization for handling asynchronous and multi-threaded operating-system code. This thesis evaluates the aspect-oriented approach to fault tolerance on the basis of two off-the-shelf operating systems. Furthermore, the evaluation also considers one user-level program for protection, as the library of fault-tolerance mechanisms is highly generic and transparent and, thus, not limited to operating systems. Exhaustive fault-injection experiments show an excellent trade-off between runtime overhead and fault tolerance, which can be adjusted and optimized by fine-grained selective placement of the fault-tolerance mechanisms. Finally, this thesis provides evidence for the effectiveness of the approach in detecting and correcting radiation-induced hardware faults: High-energy particle radiation experiments confirm improvements in fault tolerance by almost 80 percent

Join Point Designation Diagrams: Eine grafische Darstellungsweise für den Entwurf von Join Point Selektionen in der aspektorientierten Softwareentwicklung

Sharing knowledge about program specifications is a crucial task in collaborative software development. Developers need to be able to properly assess the objectives of the program specification in order to adequately deploy or evolve a piece of program. The specification of join point selections (also known as "pointcuts") in Aspect-Oriented Software Development (AOSD) is a piece of a program which frequently tends to grow quite complex, in particular if the join point selections involve selection constraints on the dynamic execution history of the program. In that case, readers of the pointcut specification frequently find themselves confronted with considerable comprehension problems because they need to inspect and realize an intricate and fragmented program specification in order to reconstruct the true objectives of the join point selection. This thesis presents Join Point Designation Diagrams (JPDDs) as a possible solution to the problem. JPDDs are a visual notation that provides an extensive set of join point selection means which are consolidated from a variety of contemporary aspect-oriented programming languages. JPDDs are capable of highlighting different join point selection constraints depending on the conceptual view on program execution which underlies the join point selection. With the help of these means, JPDDs are capable of representing complex join point selections on the dynamic execution of a program in a succinct and concise manner. JPDDs may be used by software developers of different aspect-oriented programming languages to represent their join point selections for the sake of an improved comprehensibility of the join point selections and – thus – for the sake of an easier communication between software developers. This thesis gives empirical evidence that JPDDs indeed facilitate the comprehensibility of join point selections. To do so, it conducts a controlled experiment which compares JPDDs to equivalent pointcut implementations in an aspect-oriented programming language. The experiment shows that JPDDs have a clear benefit over their codified counterparts in most of the case, while only in few cases no such benefit could be measured.Die Kommunikation und der Wissensaustausch zwischen Softwareentwicklern über Programmspezifikationen ist eine essentielle Notwendigkeit in großen Softwareprojekten. Softwareentwickler müssen den Sinn und Zweck eines (Teil)Programms richtig erfassen, bevor sie in der Lage sind, das (Teil)Programm richtig einzubinden bzw. weiterzuentwickeln. Join Point Selektionen in der aspektorientierten Softwareentwicklung (auch "Pointcuts" genannt) sind ein Beispiel für Programmspezifikationen, die schnell komplex werden – insbesondere dann, wenn sie Selektionsbedingungen enthalten, die sich auf die Laufzeitvergangenheit eines Programms beziehen. Die Spezifikationen solcher Join Point Selektionen sind oft schwer zu verstehen, da Softwareentwickler eine Vielzahl kleiner Spezifikationsfragmente und ihre Abhängigkeiten analysieren müssen, bevor sie den Sinn und Zweck einer Join Point Selektion erfassen können. Diese Dissertation präsentiert Join Point Designation Diagrams (JPDDs) als eine Lösung für das Problem. JPDDs sind eine grafische Notation, die eine Vielzahl von Selektionstechniken aus aktuellen aspektorientierten Programmiersprachen vereinigt. JPDDs ermöglichen es, unter Berücksichtigung gängiger konzeptioneller Sichten auf die Programmausführung relevante Selektionsbedingungen besonders hervorzuheben. Dabei stellen JPDDs Bedingungen, die sich auf die Laufzeitvergangenheit eines Programms beziehen, unzersplittert dar. JPDDs können von Softwareentwicklern unterschiedlicher Programmiersprachen benutzt werden, um ihre Join Point Selektionen zu spezifizieren und so das Verständnis der Join Point Selektionen – und damit die Kommunikation und den Wissensaustausch zwischen Softwareentwicklern – zu vereinfachen. Diese Dissertation weist mit Hilfe eines kontrollierten empirischen Experiments nach, dass JPDDs tatsächlich in der Lage sind, das Verständnis von Join Point Selektionen zu vereinfachen. Dazu werden JPDDs mit äquivalenten Pointcut-Spezifikationen in einer aspektorientierten Programmiersprache verglichen. Das Experiment zeigt, dass JPDDs in der Mehrzahl der Fälle vorteilhaft sind. Nur in wenigen Ausnahmen konnte kein Vorteil im Vergleich zu der aspektorientierten Programmiersprache beobachtet werden

iObserve: Integrated Observation and Modeling Techniques to Support Adaptation and Evolution of Software Systems

The goal of iObserve is to develop methods and tools to support evolution and adaptation of long-lived software systems. Future long-living software systems will be engineered using third-party software services and infrastructures. Key challenges for such systems will be caused by dynamic changes of deployment options on cloud platforms. Third-party services and infrastructures are neither owned nor controlled by the users and developers of service-based systems. System users and developers are thus only able to observe third-party services and infrastructures via their interface, but are not able to look into the software and infrastructure that provides those services. In this technical report, we summarize our results of four activities to realize a complete tooling around Kieker, Palladio, and MAMBA, supporting performance and cost prediction, and the evaluation of data privacy in context of geo-locations. Furthermore, the report illustrates our efforts to extend Palladio

An aspect-oriented framework for systematic security hardening of software

In this thesis, we address the problems related to the security hardening of open source software. Accordingly, we first propose an aspect-oriented and pattern-based approach for systematic security hardening. It is based on the full separation between the roles and duties of the security experts and the developers performing the hardening. Such proposition constitutes a bridge that allows the security experts to provide the best solutions to particular security problems with the details on why, how and where to apply them. Moreover, it allows the developers to use these solutions to harden open source software without the need to have high security expertise. We realize the proposed approach by elaborating a programming independent and aspect-oriented based language for security hardening called SHL, developing its corresponding parser, compiler and facilities and integrating all of them into a framework for software security hardening. We also illustrate the feasibility of the elaborated framework by developing several security hardening case studies that deal with known security requirements and vulnerabilities and applying them on large scale software. Second, we enrich SHL and the aspect-oriented languages with new pointcut and primitive constructs ( GAFlow, GDFlow, ExportParameter and ImportParameter ) that provide features missing in the current AOP proposals and needed for systematic security hardening concerns. We also explore the viability of the proposed pointcuts and primitives by elaborating and implementing their algorithms and presenting the result of explanatory case studies. Finally, we improve the proposed framework by proposing a new approach for applying security hardening on the Gimple representation of software and elaborating formal syntax for SHL and Gimple together with an operational semantics for SHL weaving based on Gimple. We realize our proposition by integrating into the GCC compiler few features described in the SHL weaving semantics and developing a demonstrative case stud

Energy-aware design of hardware and software for ultra-low-power systems

Future visions of the Internet of Things and Industry 4.0 demand for large scale deployments of mobile devices while removing the numerous disadvantages of using batteries: degradation, scale, weight, pollution, and costs. However, this requires computing platforms with extremely low energy consumptions, and thus employ ultra-low-power hardware, energy harvesting solutions, and highly efficient power-management hardware and software. The goal of these power management solutions is to either achieve power neutrality, a condition where energy harvest and energy consumption equalize while maximizing the service quality, or to enhance power efficiency for conserving energy reserves. To reach these goals, intelligent power-management decisions are needed that utilize precise energy data. This thesis discusses the measurement of energy in embedded systems, both online and by external equipment, and the utilization of the acquired data for modeling the power consumption states of each involved hardware component. Furthermore, a method is shown to use the resulting models by instrumenting preexisting device drivers. These drivers enable new functionalities, such as online energy accounting and energy application interfaces, and facilitate intelligent power management decisions. In order to reduce additional efforts for device driver reimplementation and the violation of the separation of concerns paradigm, the approach shown in this thesis synthesizes instrumentation aspects for an aspect oriented programming language, so that the original device-driver source code remains unaffected. Eventually, an automated process of energy measurement and data analysis is presented. This process is able to yield precise energy models with low manual effort. In combination with the instrumentation synthesis of aspect code, this method enables an accelerated creation process for energy models of ultra-low-power systems. For all proposed methods, empirical accuracy and overhead measurements are presented. To support the claims of the author, first practical energy aware and wireless-radio networked applications are showcased: An energy-neutral light sensor, a photovoltaic-powered seminar-room door plate, and a sensor network experiment testbed for research and education