215 research outputs found
Recommended from our members
Towards an aspect weaving BPEL engine
This position paper proposes the use of dynamic aspects and
the visitor design pattern to obtain a highly configurable and
extensible BPEL engine. Using these two techniques, the
core of this infrastructural software can be customised to
meet new requirements and add features such as debugging,
execution monitoring, or changing to another Web Service
selection policy. Additionally, it can easily be extended to
cope with customer-specific BPEL extensions. We propose
the use of dynamic aspects not only on the engine itself
but also on the workflow in order to tackle the problems of
Web Service hot deployment and hot fixes to long running
processes. In this way, composing aWeb Service "on-the-fly"
means weaving its choreography interface into the workflow
The Python user interface of the elsA cfd software: a coupling framework for external steering layers
The Python--elsA user interface of the elsA cfd (Computational Fluid
Dynamics) software has been developed to allow users to specify simulations
with confidence, through a global context of description objects grouped inside
scripts. The software main features are generated documentation, context
checking and completion, and helpful error management. Further developments
have used this foundation as a coupling framework, allowing (thanks to the
descriptive approach) the coupling of external algorithms with the cfd solver
in a simple and abstract way, leading to more success in complex simulations.
Along with the description of the technical part of the interface, we try to
gather the salient points pertaining to the psychological viewpoint of user
experience (ux). We point out the differences between user interfaces and pure
data management systems such as cgns
ABCDE -- Agile Block Chain Dapp Engineering
Cryptocurrencies and their foundation technology, the Blockchain, are
reshaping finance and economics, allowing a decentralized approach enabling
trusted applications with no trusted counterpart. More recently, the Blockchain
and the programs running on it, called Smart Contracts, are also finding more
and more applications in all fields requiring trust and sound certifications.
Some people have come to the point of saying that the "Blockchain revolution"
can be compared to that of the Internet and the Web in their early days. As a
result, all software development revolving around the Blockchain technology is
growing at a staggering rate. The feeling of many software engineers about such
huge interest in Blockchain technologies is that of unruled and hurried
software development, a sort of competition on a first-come-first-served basis
which does not assure neither software quality, nor that the basic concepts of
software engineering are taken into account. This paper tries to cope with this
issue, proposing a software development process to gather the requirement,
analyze, design, develop, test and deploy Blockchain applications. The process
is based on several Agile practices, such as User Stories and iterative and
incremental development based on them. However, it makes also use of more
formal notations, such as some UML diagrams describing the design of the
system, with additions to represent specific concepts found in Blockchain
development. The method is described in good detail, and an example is given to
show how it works.Comment: 26 pages, 7 figures, 8 table
TOOL SUPPORT FOR CAPTURING THE ESSENCE OF A CONCERN IN SOURCE CODE
Software evolves constantly to adapt to changing user needs. As it evolves, it becomes progressively harder to understand due to accumulation of code changes, increasing code size, and the introduction of complex code dependencies. As a result, it becomes harder to maintain, exposing the software to potential bugs and degradation of code quality. High maintenance costs and diminished opportunities for software reusability and portability lead to reduced return on investment, increasing the likelihood of the software product being discarded or replaced. Nevertheless, we believe that there is value in legacy software due to the amount of intellectual efforts that have been invested in it. To extend its value, we utilize the common practice of identifying the pieces of code relevant to a given concern. Identifying relevant code is a manual process and relies on domain and code expertise. This makes it difficult to scale to large and complex code. In this thesis, we propose several automated approaches for capturing the essential code that represents a concern of interest. We utilize dynamic program analysis of execution traces to identify a relevant code subset. Information retrieval techniques are then utilized to improve the accuracy of the capture, refine the process, and verify the results
Recommended from our members
Making Software More Reliable by Uncovering Hidden Dependencies
As software grows in size and complexity, it also becomes more interdependent. Multiple internal components often share state and data. Whether these dependencies are intentional or not, we have found that their mismanagement often poses several challenges to testing. This thesis seeks to make it easier to create reliable software by making testing more efficient and more effective through explicit knowledge of these hidden dependencies.
The first problem that this thesis addresses, reducing testing time, directly impacts the day-to-day work of every software developer. The frequency with which code can be built (compiled, tested, and package) directly impacts the productivity of developers: longer build times mean a longer wait before determining if a change to the application being build was successful. We have discovered that in the case of some languages, such as Java, the vast majority of build time is spent running tests. Therefore, it's incredibly important to focus on approaches to accelerating testing, while simultaneously making sure that we do not inadvertently cause tests to erratically fail (i.e. become flaky).
Typical techniques for accelerating tests (like running only a subset of them, or running them in parallel) often can't be applied soundly, since there may be hidden dependencies between tests. While we might think that each test should be independent (i.e. that a test's outcome isn't influenced by the execution of another test), we and others have found many examples in real software projects where tests truly have these dependencies: some tests require others to run first, or else their outcome will change. Previous work has shown that these dependencies are often complicated, unintentional, and hidden from developers. We have built several systems, VMVM and ElectricTest, that detect different sorts of dependencies between tests and use that information to soundly reduce testing time by several orders of magnitude.
In our first approach, Unit Test Virtualization, we reduce the overhead of isolating each unit test with a lightweight, virtualization-like container, preventing these dependencies from manifesting. Our realization of Unit Test Virtualization for Java, VMVM eliminates the need to run each test in its own process, reducing test suite execution time by an average of 62% in our evaluation (compared to execution time when running each test in its own process).
However, not all test suites isolate their tests: in some, dependencies are allowed to occur between tests. In these cases, common test acceleration techniques such as test selection or test parallelization are unsound in the absence of dependency information. When dependencies go unnoticed, tests can unexpectedly fail when executed out of order, causing unreliable builds. Our second approach, ElectricTest, soundly identifies data dependencies between test cases, allowing for sound test acceleration.
To enable more broad use of general dependency information for testing and other analyses, we created Phosphor, the first and only portable and performant dynamic taint tracking system for the JVM. Dynamic taint tracking is a form of data flow analysis that applies labels to variables, and tracks all other variables derived from those tagged variables, propagating those tags. Taint tracking has many applications to software engineering and software testing, and in addition to our own work, researchers across the world are using Phosphor to build their own systems. Towards making testing more effective, we also created Pebbles, which makes it easy for developers to specify data-related test oracles on mobile devices by thinking in terms of high level objects such as emails, notes or pictures
A Survey of DeFi Security: Challenges and Opportunities
DeFi, or Decentralized Finance, is based on a distributed ledger called
blockchain technology. Using blockchain, DeFi may customize the execution of
predetermined operations between parties. The DeFi system use blockchain
technology to execute user transactions, such as lending and exchanging. The
total value locked in DeFi decreased from \$200 billion in April 2022 to \$80
billion in July 2022, indicating that security in this area remained
problematic. In this paper, we address the deficiency in DeFi security studies.
To our best knowledge, our paper is the first to make a systematic analysis of
DeFi security. First, we summarize the DeFi-related vulnerabilities in each
blockchain layer. Additionally, application-level vulnerabilities are also
analyzed. Then we classify and analyze real-world DeFi attacks based on the
principles that correlate to the vulnerabilities. In addition, we collect
optimization strategies from the data, network, consensus, smart contract, and
application layers. And then, we describe the weaknesses and technical
approaches they address. On the basis of this comprehensive analysis, we
summarize several challenges and possible future directions in DeFi to offer
ideas for further research
- …