XRound : A reversible template language and its application in model-based security analysis

Successful analysis of the models used in Model-Driven Development requires the ability to synthesise the results of analysis and automatically integrate these results with the models themselves. This paper presents a reversible template language called XRound which supports round-trip transformations between models and the logic used to encode system properties. A template processor that supports the language is described, and the use of the template language is illustrated by its application in an analysis workbench, designed to support analysis of security properties of UML and MOF-based models. As a result of using reversible templates, it is possible to seamlessly and automatically integrate the results of a security analysis with a model. (C) 2008 Elsevier B.V. All rights reserved

Modeling and Testing of Aspect-Oriented Systems

Aspect-Oriented programming modularizes crosscutting concerns into Aspects, which are automatically weaved to the specified points of a program. Although Aspect-Oriented programming improves program maintainability and the encapsulation of crosscutting concerns, it also breaks some traditional programming rules due to the weaving mechanism. Therefore, a new software testing approach has to be developed to rigorously test Aspect-Oriented programs. In this thesis, we introduce the concept of Aspect modeling and Aspect testing and then proceed to our investigation of a model-based incremental approach for testing Aspect-Oriented programs. First, a state machine model in UML is created for each Aspect and each base class, which is the class to be weaved with the aspect. Then each individual aspect or base class is tested using the test cases generated from state machine models. A combined state machine model is established by weaving the aspect model into the base class model. Finally, we perform a test on the woven program using test cases generated from the combined state machine model. Because the number of scenarios for weaving aspects and base classes could be very large, it may require a huge number of test cases to effectively test the program. To speed up the process, we propose a prioritizing strategy for selecting test cases in order to find errors sooner since different test cases have different capacity for tracking errors. We demonstrate that the test cases generated from the state machine model have to satisfy the adequacy of the transition coverage, the round-trip coverage, and the state coverage in the state machine model. Furthermore, the prioritizing strategy is developed based on the number of changes brought by weaving of an aspect and its base classes. The test case including more changes will have a higher priority. The effectiveness of the investigated strategy is evaluated through the case study and the mutation testing. The result of case study shows that the model-based incremental approach integrated with prioritizing test case selection provides an effective tool for testing large-scale Aspect-Oriented systems.  M.S

Traceability for the maintenance of secure software

Traceability links among different software engineering artifacts make explicit how a software system was implemented to accommodate its requirements. For secure and dependable software system development, one must ensure the linked entities are truly traceable to each other and the links are updated to reflect true traceability among changed entities. However, traditional traceability relationships link recovery techniques are not accurate enough. To address this problem, we propose a traceability technique based on refactoring, which is then continuously integrated with other software maintenance activities. Applying our traceability technique to the proven SSL protocol design, we found a significant vulnerability bug in its open-source implementation. The results also demonstrate the level of accuracy and change resilience of our technique that enable reuse of the traceability-related analysis on different implementations

Modeling Modeling Modeling

International audienceModel-driven engineering and model-based approaches have permeated all branches of software engineering to the point that it seems that we are using models, as Molière's Monsieur Jourdain was using prose, without knowing it. At the heart of modeling, there is a relation that we establish to represent something by something else. In this paper we review various definitions of models and relations between them. Then, we define a canonical set of relations that can be used to express various kinds of representation relations and we propose a graphical concrete syntax to represent these relations. We also define a structural definition for this language in the form of a metamodel and a formal interpretation using Prolog. Hence, this paper is a contribution towards a theory of modeling

Solving Constraints in Model Transformations

Constraint programming holds many promises for model driven software development (MDSD). Up to now, constraints have only started to appear in MDSD modeling languages, but have not been properly reflected in model transformation. This paper introduces constraint programming in model transformation, shows how constraint programming integrates with QVT Relations - as a pathway to wide spread use of our approach - and describes the corresponding model transformation engine. In particular, the paper will illustrate the use of constraint programming for the specification of attribute values in target models, and provide a qualitative evaluation of the benefit drawn from constraints integrated with QVT Relations

Middleware specialization using aspect oriented programming

Standardized middleware is used to build large distributed real-time and enterprise (DRE) systems. These middleware are highly flexible and support a large number of features since they have to be applicable to a wide range of domains and applications. This generality and flexibility, however, often causes many performance and footprint overheads par-ticularly for product line architectures, which have a well-defined scope smaller than that of the middleware yet must leverage its benefits, such as reusability. To alleviate this tension thus a key objective is to specialize the middleware, which comprises removing the sources of excessive general-ity while simultaneously optimizing the required features of middleware functionality. To meet this objective this paper describes how we have applied Aspect-Oriented Program-ming (AOP) in a novel manner to address these challenges. Although AOP is primarily used for separation of concerns, we use it to specialize middleware. Aspects are used to se-lect the specific set of features needed by the product line. Aspect weaving is subsequently used to specialize the mid-dleware. This paper describes the key motivation for our research, identifies the challenges developing middleware-based product lines and shows how to resolve those using aspects. The results applying our AOP-based specialization techniques to event demultiplexing middleware for the case of single threaded implementation showed 3 % decrease in latency and 2 % increase in throughput, while in the thread pool implementation showed 4 % decrease in latency and 3% increase in throughput

Achieving Autonomic Computing through the Use of Variability Models at Run-time

Increasingly, software needs to dynamically adapt its behavior at run-time in response to changing conditions in the supporting computing infrastructure and in the surrounding physical environment. Adaptability is emerging as a necessary underlying capability, particularly for highly dynamic systems such as context-aware or ubiquitous systems. By automating tasks such as installation, adaptation, or healing, Autonomic Computing envisions computing environments that evolve without the need for human intervention. Even though there is a fair amount of work on architectures and their theoretical design, Autonomic Computing was criticised as being a \hype topic" because very little of it has been implemented fully. Furthermore, given that the autonomic system must change states at runtime and that some of those states may emerge and are much less deterministic, there is a great challenge to provide new guidelines, techniques and tools to help autonomic system development. This thesis shows that building up on the central ideas of Model Driven Development (Models as rst-order citizens) and Software Product Lines (Variability Management) can play a signi cant role as we move towards implementing the key self-management properties associated with autonomic computing. The presented approach encompass systems that are capable of modifying their own behavior with respect to changes in their operating environment, by using variability models as if they were the policies that drive the system's autonomic recon guration at runtime. Under a set of recon guration commands, the components that make up the architecture dynamically cooperate to change the con guration of the architecture to a new con guration. This work also provides the implementation of a Model-Based Recon guration Engine (MoRE) to blend the above ideas. Given a context event, MoRE queries the variability models to determine how the system should evolve, and then it provides the mechanisms for modifying the system.Cetina Englada, C. (2010). Achieving Autonomic Computing through the Use of Variability Models at Run-time [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/7484Palanci

Role-based Runtime Model Synchronization

Model-driven Software Development (MDSD) promotes the use of multiple related models to realize a software system systematically. These models usually contain redundant information but are independently edited. This easily leads to inconsistencies among them. To ensure consistency among multiple models, model synchronizations have to be employed, e.g., by means of model transformations, trace links, or triple graph grammars. Model synchronization poses three main problems for MDSD. First, classical model synchronization approaches have to be manually triggered to perform the synchronization. However, to support the consistent evolution of multiple models, it is necessary to immediately and continuously update all of them. Second, synchronization rules are specified at design time and, in classic approaches, cannot be extended at runtime, which is necessary if metamodels evolve at runtime. Finally, most classical synchronization approaches focus on bilateral model synchronization, i.e., the synchronization between two models. Consequently, for more than two models, they require the definition of pairwise model synchronizations leading to a combinatorial explosion of synchronization rules. To remedy these issues, we propose a role-based approach for runtime model synchronization. In particular, we propose role-based synchronization rules that enable the immediate and continuous propagation of changes to multiple interrelated models (and back again). Additionally, our approach permits adding new and customized synchronization rules at runtime. We illustrate the benefits of role-based runtime model synchronization using the Families to Persons case study from the Transformation Tool Contest 2017

Scalable Model-based Robustness Testing: Novel Methodologies and Industrial Application

Embedded systems, as for example communication and control systems, are being increasingly used in our daily lives and hence require thorough and systematic testing before their actual use. Many of these systems interact with their environment and, therefore, their functionality is largely dependent on this environment whose behavior can be unpredictable. Robustness testing aims at testing the behavior of a system in the presence of faulty situations in its operating environment (e.g., sensors and actuators). In such situations, the system should gracefully degrade its performance instead of abruptly stopping execution. To systematically perform robustness testing, one option is to resort to Model-Based Robustness Testing (MBRT), which is a systematic, rigorous, and automated way of conducting robustness testing. However, to successfully apply MBRT in industrial contexts, new technologies need to be developed to scale to the complexity of real industrial systems. This thesis presents a solution for MBRT on industrial systems, including scalable robustness modeling and executable test case generation. One important contribution of this thesis is a scalable RobUstness Modeling Methodology (RUMM), which is achieved using Aspect-Oriented Modeling (AOM). It is a complete, automated, and practical methodology that covers all features of state machines and aspect concepts necessary for MBRT. Such methodology, relying on a standard (Unified Modeling Language or UML) and using the target notation as the basis to model the aspects themselves, is expected to make the practical adoption of robustness modeling easier in industrial contexts. The applicability of the methodology is demonstrated using an industrial case study. Results showed that the approach significantly reduced modeling effort (98% on average), improved separation of concerns, and eased model evolution. The approach is further empirically evaluated using two controlled experiments involving human subjects and results showed that the proposed methodology significantly improves the readability of models as compared to modeling using standard UML notations. Another important contribution of this thesis is an efficient approach for solving constraints (written in Objects Constraint Language (OCL)) on the operating environment of a system, which is mandatory for emulating faulty situation in the environment for the purpose of MBRT. A set of novel heuristics is devised for various OCL constructs, which are required for the application of search algorithms. The heuristics have been empirically evaluated on an industrial case study for robustness testing and the results showed to be very promising and significantly better than the existing works in the literature on OCL constraint solvers. A final contribution of the thesis is robustness test case generation from the models developed using RUMM. Test case generation also includes scripts generation for environment emulation, which is mandatory for automated robustness testing again using an industrial case study. In preliminary experiments, the execution of test cases found one critical, robustness fault in a deployed industrial system