A Rule-based Approach for Evolution of AADL Models based on Changes in Functional Requirements

The increasing complexity of software systems makes change management costly and time consuming. To ensure the cost-effective system longevity and endurance, it is crucial to apply change management in the early stages of software development. In this paper, we introduce a rule-based approach to make software architecture evolving based on counter examples provided by a model checker for violated, changing functional requirements. The approach works on software architecture in AADL and is based on verifying functional requirements using Maude model checker. Our goal is to provide guidelines to the architect about potential changes. Using an industrial example, we show how our approach helps in determining changes to produce a new version of the architecture

Sustainability evaluation of software architectures

Long-living software systems are sustainable if they can be cost-efficiently maintained and evolved over their entire life-cycle. The quality of software architectures determines sus-tainability to a large extent. Scenario-based software archi-tecture evaluation methods can support sustainability anal-ysis, but they are still reluctantly used in practice. They are also not integrated with architecture-level metrics when evaluating implemented systems, which limits their capabil-ities. Existing literature reviews for architecture evaluation focus on scenario-based methods, but do not provide a criti-cal reflection of the applicability of such methods for sustain-ability evaluation. Our goal is to measure the sustainabil-ity of a software architecture both during early design us-ing scenarios and during evolution using scenarios and met-rics, which is highly relevant in practice. We thus provide a systematic literature review assessing scenario-based meth-ods for sustainability support and categorize more than 40 architecture-level metrics according to several design prin-ciples. Our review identifies a need for further empirical research, for the integration of existing methods, and for the more efficient use of formal architectural models. 1

Evolution of security engineering artifacts: a state of the art survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research

Formal modelling and analysis of dynamic reconfiguration of dependable systems

PhD ThesisThe contribution of this thesis is a novel way of formally modelling and analyzing dynamic process reconfiguration in dependable systems. Modern dependable systems are required to be flexible, reliable, available and highly predictable. One way of achieving flexibility, reliability and availability is through dynamic reconfiguration. That is, by changing at runtime the structure of a system – consisting of its components and their communication links – or the hardware location of its software components. However, predicting the system’s behaviour during its dynamic reconfiguration is a challenge, and this motivates our research. Formal methods can determine whether or not a system’s design is correct, and design correctness is a key factor in ensuring the system will behave predictably and reliably at runtime. Therefore, our approach is formal. Existing research on software reconfiguration has focused on planned reconfiguration and link mobility. The focus of this thesis is on unplanned process reconfiguration. That is, the creation, deletion and replacement of processes that is not designed into a system when it is manufactured. We describe a process algebra (CCSdp) which is CCS extended with a new type of process (termed a fraction process) in order to model process reconfiguration. We have deliberately not introduced a new operator in CCSdp in order to model unplanned reconfiguration. Instead, we define a bisimulation ( o f ) that is used to identify a process for reconfiguration by behavioural matching. The use of behavioural matching based on o f (rather than syntactic or structural congruence-based matching) helps to make models simple and terse. However, o f is too weak to be a congruence. Therefore, we strengthen the conditions defining o f to obtain another bisimulation ( dp) which is a congruence, and (therefore) can be used for equational reasoning. Our notion of fraction process is recursive to enable fractions to be themselves reconfigured. We bound the depth of recursion of a fraction and its successors in order to ensure that o f and dp are decidable. Furthermore, we restrict the set of states in a model of a system to be finite, which also supports decidability of the two bisimulations and helps model checking. We evaluate CCSdp in two ways. First, with respect to requirements used to evaluate other formalisms. Second, through a simple case study, in which the reconfiguration of an o ce workflow is modelled using CCSdp.EPSRC fundin

COVER FE ATURE EVOLVING SOFTWARE ARCHITECTURE DESCRIPTIONS OF CRITICAL SYSTEMS

To manage the complexity of developing, maintaining, and evolving a critical software-intensive system, its architecture description must be accurately and traceably linked to its implementation. Software-intensive systems, whether real-time embedded systems or information-processing systems, present critical concerns for stakeholders. A system may be mission-critical for a company, in that it could lose its competitive advantage or even be unable to survive if the system doesn’t function properly. A system may be resourcecritical in terms of time, personnel, hardware, or any other crucial resource on which it might rely; unavailability or malfunction of these resources could cause the system t