A Classification Model for Reusable Software Components

TIris paper presents work which has been carried out in the ESF-ROSE project (referred to as ROSE in the remainder of this paper). Funded under the Eureka programme (Eureka is the famous interjection used by Archimedes in his bath and not an acronym), the ESF project (Eureka Software Factory) aims at providing a highly effective software manufacturing environment The use of the wordfactory in the software context has very little connection to traditional assemblyline factories. Instead, a Software Factory is a factory in the modem sense providing Computer Integrated Software Manufacturing with emphasis on integration. A software factory covers the total software production process, including all technical and managerial tasks, with a high degree of automation and resource utilization. The ROSE project is a collaborative effon involving MATRA Espace, the software house Serna Group (France), and the University of Dortmund (Federal Republic of Gennany). Pan of the work on classification is the Ph.D. research of author Eric Rames. The main goals of the ROSE project (Reuse Of SoftwarE) are: • to analyze and to define in a comprehensive way the concept of software reuse; • to develop an environment for the reuse of software components within a factory. A precondition for reuse in software development is the existence of libraries of reusable software components. In order to suppon reuse, the collection must contain not only the components themselves, but also be accessible by a system that provides descriptions of the components and retrieval mechanisms so that users may match their specific requirements against these descriptions. Indexing reusable software components according to a classification scheme allows reusers to have a better understanding and more efficient access to the libraries' contents. Therefore a classification scheme is built so that it represents selection criteria the reuser might have. These indexes would be searchable and keyed to retrievable software descriptions. Based on retrievals, users may then access the actual software. Building such a collection is a domain analysis process [PRI90] that includes activities such as: • Identification of software components that should be reusable and description in terms of reusable software components. • Definition of a classification scheme appropriate for indexing and retrieving the reusable software components. TIris paper focuses on the latter topic and how it is performed in the ROSE project. A case study carried out from the aerospace domain is then presented. A discussion of ongoing and future work will conclude this paper

An Automated, Language-Based Approach to the Creation of Component Libraries

A major promise of component-based software engineering is the reduction of application development time and costs by reusing software components. The existence of and access to component libraries, as well as the ability to build such libraries in the first place, is therefore key in a component-based development infrastructure to facilitate the envisioned reuse. We believe that the future demand for component libraries will increase substantially because many companies are about to adopt the software product line ideas. Due to the lack of a general standard for component libraries and because of the restrictions of existing ones, it is very often the case that new reuse libraries are written from scratch to fit a user's specific requirements. An additional problem is the size and the focus of (existing) component libraries or component repositories. With an increasing size and a broadening focus of the library it becomes harder to retrieve the "right" components due to more complex classification structures, which hinders effective reuse. This will lead to a large number of specific libraries, rather than to the global all-encompassing single one. This work introduces a component library description language, which allows for the definition of a component library, its provided functionality, and its associated semantics on a high level of abstraction. The language compiler uses those definitions made in the (XML-based) language to automatically generate a component library, which is a user-defined, customized application, including a web-based user interface and a persistent storage facility to store the components handled by the library. The language approach allows for the rapid development of domain specific component libraries in a time and cost efficient manner and therefore supports the need for fast creation of reuse libraries with minimal up-front investment

Reusability in software engineering

This paper surveys recent work concerning reusability in software engineering. The current directions in software reusability are discussed, and the two major approaches of reusable building blocks and reusable patterns studied. An extensive bibliography, parts of which are annotated, is included

Design reuse research : a computational perspective

This paper gives an overview of some computer based systems that focus on supporting engineering design reuse. Design reuse is considered here to reflect the utilisation of any knowledge gained from a design activity and not just past designs of artefacts. A design reuse process model, containing three main processes and six knowledge components, is used as a basis to identify the main areas of contribution from the systems. From this it can be concluded that while reuse libraries and design by reuse has received most attention, design for reuse, domain exploration and five of the other knowledge components lack research effort

Improving Knowledge Retrieval in Digital Libraries Applying Intelligent Techniques

Nowadays an enormous quantity of heterogeneous and distributed information is stored in the digital University. Exploring online collections to find knowledge relevant to a user’s interests is a challenging work. The artificial intelligence and Semantic Web provide a common framework that allows knowledge to be shared and reused in an efficient way. In this work we propose a comprehensive approach for discovering E-learning objects in large digital collections based on analysis of recorded semantic metadata in those objects and the application of expert system technologies. We have used Case Based-Reasoning methodology to develop a prototype for supporting efficient retrieval knowledge from online repositories. We suggest a conceptual architecture for a semantic search engine. OntoUS is a collaborative effort that proposes a new form of interaction between users and digital libraries, where the latter are adapted to users and their surroundings

Execution Integrity with In-Place Encryption

Instruction set randomization (ISR) was initially proposed with the main goal of countering code-injection attacks. However, ISR seems to have lost its appeal since code-injection attacks became less attractive because protection mechanisms such as data execution prevention (DEP) as well as code-reuse attacks became more prevalent. In this paper, we show that ISR can be extended to also protect against code-reuse attacks while at the same time offering security guarantees similar to those of software diversity, control-flow integrity, and information hiding. We present Scylla, a scheme that deploys a new technique for in-place code encryption to hide the code layout of a randomized binary, and restricts the control flow to a benign execution path. This allows us to i) implicitly restrict control-flow targets to basic block entries without requiring the extraction of a control-flow graph, ii) achieve execution integrity within legitimate basic blocks, and iii) hide the underlying code layout under malicious read access to the program. Our analysis demonstrates that Scylla is capable of preventing state-of-the-art attacks such as just-in-time return-oriented programming (JIT-ROP) and crash-resistant oriented programming (CROP). We extensively evaluate our prototype implementation of Scylla and show feasible performance overhead. We also provide details on how this overhead can be significantly reduced with dedicated hardware support