Transformation As Search

In model-driven engineering, model transformations are con- sidered a key element to generate and maintain consistency between re- lated models. Rule-based approaches have become a mature technology and are widely used in different application domains. However, in var- ious scenarios, these solutions still suffer from a number of limitations that stem from their injective and deterministic nature. This article pro- poses an original approach, based on non-deterministic constraint-based search engines, to define and execute bidirectional model transforma- tions and synchronizations from single specifications. Since these solely rely on basic existing modeling concepts, it does not require the intro- duction of a dedicated language. We first describe and formally define this model operation, called transformation as search, then describe a proof-of-concept implementation and discuss experiments on a reference use case in software engineering

Une approche de MDE pour la résolution de problèmes de configuration : Une application à la plate-forme Eclipse

Finding the right configuration is often a challenging task since one needs to deal with many dependencies between plug-ins and most of existing configuration engines are not flexible enough to work in different scenarios. In this paper we propose a MDE-based approach to solve configuration problems, considering them as constraints satisfaction problems. This approach has been applied by an industrial partner to the management of plug-ins in the Eclipse framework, a big issue for all the technolNational audienceLa recherche de la bonne configuration est souvent une tâche complexe nécessitant la gestion des nombreuses dépendances entre plug-ins. D'autant plus que la plupart des moteurs de configuration existants n'ont pas la flexibilité nécessaire permettant de s'adapter à différents scénarios. Dans cet article, nous proposons une approche fondée sur l'IDM permettant la résolution de problèmes de configuration, en les représentant comme des problèmes de satisfaction de contraintes. Un de nos partenaires industriels a utilisé cette approche pour la gestion des plug-ins dans le cadre d'Eclipse. Cette gestion est considérée comme un problème important pour tous les fournisseurs de solutions basées sur Eclipse

Relational Constraint Driven Test Case Synthesis for Web Applications

This paper proposes a relational constraint driven technique that synthesizes test cases automatically for web applications. Using a static analysis, servlets can be modeled as relational transducers, which manipulate backend databases. We present a synthesis algorithm that generates a sequence of HTTP requests for simulating a user session. The algorithm relies on backward symbolic image computation for reaching a certain database state, given a code coverage objective. With a slight adaptation, the technique can be used for discovering workflow attacks on web applications.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330

Knowledge Flow Analysis for Security Protocols

Knowledge flow analysis offers a simple and flexible way to find flaws in security protocols. A protocol is described by a collection of rules constraining the propagation of knowledge amongst principals. Because this characterization corresponds closely to informal descriptions of protocols, it allows a succinct and natural formalization; because it abstracts away message ordering, and handles communications between principals and applications of cryptographic primitives uniformly, it is readily represented in a standard logic. A generic framework in the Alloy modelling language is presented, and instantiated for two standard protocols, and a new key management scheme.Comment: 20 page

A Typed Language for Truthful One-Dimensional Mechanism Design

We first introduce a very simple typed language for expressing allocation algorithms that allows automatic verification that an algorithm is monotonic and therefore truthful. The analysis of truthfulness is accomplished using a syntax-directed transformation which constructs a proof of monotonicity based on an exhaustive critical-value analysis of the algorithm. We then define a more high-level, general-purpose programming language with typical constructs, such as those for defining recursive functions, along with primitives that match allocation algorithm combinators found in the work of Mu'alem and Nisan [10]. We demonstrate how this language can be used to combine both primitive and user-defined combinators, allowing it to capture a collection of basic truthful allocation algorithms. In addition to demonstrating the value of programming language design techniques in application to a specific domain, this work suggests a blueprint for interactive tools that can be used to teach the simple principles of truthful mechanism desig

Metamodel Instance Generation: A systematic literature review

Modelling and thus metamodelling have become increasingly important in Software Engineering through the use of Model Driven Engineering. In this paper we present a systematic literature review of instance generation techniques for metamodels, i.e. the process of automatically generating models from a given metamodel. We start by presenting a set of research questions that our review is intended to answer. We then identify the main topics that are related to metamodel instance generation techniques, and use these to initiate our literature search. This search resulted in the identification of 34 key papers in the area, and each of these is reviewed here and discussed in detail. The outcome is that we are able to identify a knowledge gap in this field, and we offer suggestions as to some potential directions for future research.Comment: 25 page

Using Alloy to model-check visual design notations

This paper explores the process of validation for the abstract syntax of a graphical notation. We define an unified specification for five of the UML diagrams used by the Discovery Method and, in this document, we illustrate how diagrams can be represented in Alloy and checked against our specification in order to know if these are valid under the Discovery notation.Comment: 8 page

Automatic Visualization of Relational Logic Models

Abstract: The Alloy Analyzer is a software design tool that generates examples of system states and executions from logic models and displays those examples graphically with a visualization facility. Although many users find the visualization indispensable, others are put off by the perceived difficulty of customizing the visualization and the poor quality of default diagrams. Many others do not take full advantage of the customization, usually because they do not understand what customizations are available and how best to apply them. This paper describes techniques for inferring a better initial customization, or theme, entirely automatically, based on the model and on criteria derived from experience with manual customization. A plugin that implements these techniques was applied to a repertoire of models. Each automatically generated theme was compared to an "expert" theme and to the default theme, with a simple metric that quantifies the visual difference between themes. These comparisons, which provide an indication of how closely the plugin can match the expert result, show the generated theme to be superior to the default for most models

A First Step in the Translation of Alloy to Coq

International audienceAlloy is both a formal language and a tool for software mod-eling. The language is basically first order relational logic. The analyzer is based on instance finding: it tries to refute assertions and if it succeeds it reports a counterexample. It works by translating Alloy models and instance finding into SAT problems. If no instance is found it does not mean the assertion is satisfied. Alloy relies on the small scope hypothesis: examining all small cases is likely to produce interesting counterexamples. This is very valuable when developing a system. However, Alloy cannot show their absence. In this paper, we propose an approach where Alloy can be used as a first step, and then using a tool we develop, Alloy models can be translated to Coq code to be proved correct interactively