Static and dynamic structure in design patterns

technical reportDesign patterns are a valuable mechanism for emphasizing structure, capturing design expertise, and facilitating restructuring of software systems. Patterns are typically applied in the context of an object-oriented language and are implemented so that the pattern participants correspond to object instances that are created and connected at run-time. This paper describes a complementary realization of design patterns, in which the pattern participants are statically instantiated and connected components. Our approach separates the static parts of the software design from the dynamic parts of the system behavior. This separation makes the software design more amenable to analysis, enabling more effective and domain specific detection of system design errors, prediction of run-time behavior, and more effective optimization. This technique is applicable to imperative, functional, and object-oriented languages: we have extended C, Scheme, and Java with our component model. In this paper, we illustrate this approach in the context of the OSKit, a collection of operating system components written in C

Taguchi approach for performance evaluation of service-oriented software systems.

Service-oriented software systems are becoming increasingly common in the world today as big companies such as Microsoft and IBM advocate approaches focusing on assembly of system from distributed services. Although performance of such systems is a big problem, there is surprisingly an obvious lack of attention for evaluating the performance of enterprise-scale, service-oriented software systems. This thesis investigates the application of statistical tools in performance engineering domain for total quality management. In particular, the Taguchi approach is used as an efficient and systematic way to optimize designs for performance, quality, and cost. The aim is to improve the performance of software systems and to reduce application development cost by assembling services from known vendors or intranet services. The focus of this thesis is on the response time of service-oriented systems. Nevertheless, the developed methodology also applies to other performance issues, such as memory management and caching. The interaction problems of those issues are preserved for future work.Dept. of Computer Science. Paper copy at Leddy Library: Theses & Major Papers - Basement, West Bldg. / Call Number: Thesis2004 .L585. Source: Masters Abstracts International, Volume: 43-01, page: 0240. Adviser: Xiaobu Yuan. Thesis (M.Sc.)--University of Windsor (Canada), 2004

Knowledge-Based Synthesis of Distributed Systems Using Event Structures

To produce a program guaranteed to satisfy a given specification one can synthesize it from a formal constructive proof that a computation satisfying that specification exists. This process is particularly effective if the specifications are written in a high-level language that makes it easy for designers to specify their goals. We consider a high-level specification language that results from adding knowledge to a fragment of Nuprl specifically tailored for specifying distributed protocols, called event theory. We then show how high-level knowledge-based programs can be synthesized from the knowledge-based specifications using a proof development system such as Nuprl. Methods of Halpern and Zuck then apply to convert these knowledge-based protocols to ordinary protocols. These methods can be expressed as heuristic transformation tactics in Nuprl.Comment: A preliminary version of this paper appeared in Proceedings of the 11th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning LPAR 2004, pp. 449-46

Deductive formal verification of embedded systems

We combine static analysis techniques with model-based deductive verification using SMT solvers to provide a framework that, given an analysis aspect of the source code, automatically generates an analyzer capable of inferring information about that aspect. The analyzer is generated by translating the collecting semantics of a program to a formula in first order logic over multiple underlying theories. We import the semantics of the API invocations as first order logic assertions. These assertions constitute the models used by the analyzer. Logical specification of the desired program behavior is incorporated as a first order logic formula. An SMT-LIB solver treats the combined formula as a constraint and solves it. The solved form can be used to identify logical and security errors in embedded programs. We have used this framework to analyze Android applications and MATLAB code. We also report the formal verification of the conformance of the open source Netgear WNR3500L wireless router firmware implementation to the RFC 2131. Formal verification of a software system is essential for its deployment in mission-critical environments. The specifications for the development of routers are provided by RFCs that are only described informally in English. It is prudential to ensure that a router firmware conforms to its corresponding RFC before it can be deployed for managing mission-critical networks. The formal verification process demonstrates the usefulness of inductive types and higher-order logic in software certification

Interfacing with Proof Assistants for Domain Specific Programming Using EventML

This paper presents a paradigm for using proof assistants in the programming process. We demonstrate how the programming language EventML provides a useful interface to proof assistants throughout code development. Enhancing the use of proof assistants in programming will make them more valuable and accessible to a large community. We designed EventML specifically to cooperate with proof assistants at every stage of program creation. It will help programmers ensure correctness, document the code, and support modifications and improvements. Cooperation is especially effective when the proof assistant and the programming language share the same type system and when the proof assistant can generate executable code for the programming language, as is natural for proof assistants using constructive type theories.

Using hierarchical scheduling to support soft real-time applications in general-purpose operating systems

Journal ArticleThe CPU schedulers in general-purpose operating systems are designed to provide fast response time for interactive applications and high throughput for batch applications. The heuristics used to achieve these goals do not lend themselves to scheduling real-time applications, nor do they meet other scheduling requirements such as coordinating scheduling across several processors or machines, or enforcing isolation between applications, users, and administrative domains. Extending the scheduling subsystems of general-purpose operating systems in an ad hoc manner is time consuming and requires considerable expertise as well as source code to the operating system. Furthermore, once extended, the new scheduler may be as inflexible as the original. The thesis of this dissertation is that extending a general-purpose operating system with a general, heterogeneous scheduling hierarchy is feasible and useful. A hierarchy of schedulers generalizes the role of CPU schedulers by allowing them to schedule other schedulers in addition to scheduling threads. A general, heterogeneous scheduling hierarchy is one that allows arbitrary (or nearly arbitrary) scheduling algorithms throughout the hierarchy. In contrast, most of the previous work on hierarchical scheduling has imposed restrictions on the schedulers used in part or all of the hierarchy. This dissertation describes the Hierarchical Loadable Scheduler (HLS) architecture, which permits schedulers to be dynamically composed in the kernel of a general-purpose operating system. The most important characteristics of HLS, and the ones that distinguish it from previous work, are that it has demonstrated that a hierarchy of nearly arbitrary schedulers can be efficiently implemented in a general-purpose operating system, and that the behavior of a hierarchy of soft real-time schedulers can be reasoned about in order to provide guaranteed scheduling behavior to application threads. The flexibility afforded by HLS permits scheduling behavior to be tailored to meet complex requirements without encumbering users who have modest requirements with the performance and administrative costs of a complex scheduler. Contributions of this dissertation include the following. (1) The design, prototype implementation, and performance evaluation of HLS in Windows 2000. (2) A system of guarantees for scheduler composition that permits reasoning about the scheduling behavior of a hierarchy of soft real-time schedulers. Guarantees assure users that application requirements can be met throughout the lifetime of the application, and also provide application developers with a model of CPU allocation to which they can program. (3) The design, implementation, and evaluation of two augmented CPU reservation schedulers, which provide increase scheduling predictability when low-level operating system activity steals time from applications

Maximum risk reduction with a fixed budget in the railway industry

Decision-makers in safety-critical industries such as the railways are frequently faced with the complexity of selecting technological, procedural and operational solutions to minimise staff, passengers and third parties’ safety risks. In reality, the options for maximising risk reduction are limited by time and budget constraints as well as performance objectives. Maximising risk reduction is particularly necessary in the times of economic recession where critical services such as those on the UK rail network are not immune to budget cuts. This dilemma is further complicated by statutory frameworks stipulating ‘suitable and sufficient’ risk assessments and constraints such as ‘as low as reasonably practicable’. These significantly influence risk reduction option selection and influence their effective implementation. This thesis provides extensive research in this area and highlights the limitations of widely applied practices. These practices have limited significance on fundamental engineering principles and become impracticable when a constraint such as a fixed budget is applied – this is the current reality of UK rail network operations and risk management. This thesis identifies three main areas of weaknesses to achieving the desired objectives with current risk reduction methods as: Inaccurate, and unclear problem definition; Option evaluation and selection removed from implementation subsequently resulting in misrepresentation of risks and costs; Use of concepts and methods that are not based on fundamental engineering principles, not verifiable and with resultant sub-optimal solutions. Although not solely intended for a single industrial sector, this thesis focuses on guiding the railway risk decision-maker by providing clear categorisation of measures used on railways for risk reduction. This thesis establishes a novel understanding of risk reduction measures’ application limitations and respective strengths. This is achieved by applying ‘key generic engineering principles’ to measures employed for risk reduction. A comprehensive study of their preventive and protective capability in different configurations is presented. Subsequently, the fundamental understanding of risk reduction measures and their railway applications, the ‘cost-of-failure’ (CoF), ‘risk reduction readiness’ (RRR), ‘design-operationalprocedural-technical’ (DOPT) concepts are developed for rational and cost-effective risk reduction. These concepts are shown to be particularly relevant to cases where blind applications of economic and mathematical theories are misleading and detrimental to engineering risk management. The case for successfully implementing this framework for maximum risk reduction within a fixed budget is further strengthened by applying, for the first time in railway risk reduction applications, the dynamic programming technique based on practical railway examples