4,710 research outputs found
Simplification of UML/OCL schemas for efficient reasoning
Ensuring the correctness of a conceptual schema is an essential task in order to avoid the propagation of errors during software development. The kind of reasoning required to perform such task is known to be exponential for UML class diagrams alone and even harder when considering OCL constraints. Motivated by this issue, we propose an innovative method aimed at removing constraints and other UML elements of the schema to obtain a simplified one that preserve the same reasoning outcomes. In this way, we can reason about the correctness of the initial artifact by reasoning on a simplified version of it. Thus, the efficiency of the reasoning process is significantly improved. In addition, since our method is independent from the reasoning engine used, any reasoning method may benefit from it.Peer ReviewedPostprint (author's final draft
Analysis of Feature Models Using Alloy: A Survey
Feature Models (FMs) are a mechanism to model variability among a family of
closely related software products, i.e. a software product line (SPL). Analysis
of FMs using formal methods can reveal defects in the specification such as
inconsistencies that cause the product line to have no valid products. A
popular framework used in research for FM analysis is Alloy, a light-weight
formal modeling notation equipped with an efficient model finder. Several works
in the literature have proposed different strategies to encode and analyze FMs
using Alloy. However, there is little discussion on the relative merits of each
proposal, making it difficult to select the most suitable encoding for a
specific analysis need. In this paper, we describe and compare those strategies
according to various criteria such as the expressivity of the FM notation or
the efficiency of the analysis. This survey is the first comparative study of
research targeted towards using Alloy for FM analysis. This review aims to
identify all the best practices on the use of Alloy, as a part of a framework
for the automated extraction and analysis of rich FMs from natural language
requirement specifications.Comment: In Proceedings FMSPLE 2016, arXiv:1603.0857
Lightweight and static verification of UML executable models
Executable models play a key role in many software development methods by facilitating the (semi)automatic implementation/execution of the software system under development. This is possible because executable models promote a complete and fine-grained specification of the system behaviour. In this context, where models are the basis of the whole development process, the quality of the models has a high impact on the final quality of software systems derived from them. Therefore, the existence of methods to verify the correctness of executable models is crucial. Otherwise, the quality of the executable models (and in turn the quality of the final system generated from them) will be compromised. In this paper a lightweight and static verification method to assess the correctness of executable models is proposed. This method allows us to check whether the operations defined as part of the behavioural model are able to be executed without breaking the integrity of the structural model and returns a meaningful feedback that helps repairing the detected inconsistencies.Peer ReviewedPostprint (author's final draft
Formal security analysis of registration protocols for interactive systems: a methodology and a case of study
In this work we present and formally analyze CHAT-SRP (CHAos based
Tickets-Secure Registration Protocol), a protocol to provide interactive and
collaborative platforms with a cryptographically robust solution to classical
security issues. Namely, we focus on the secrecy and authenticity properties
while keeping a high usability. In this sense, users are forced to blindly
trust the system administrators and developers. Moreover, as far as we know,
the use of formal methodologies for the verification of security properties of
communication protocols isn't yet a common practice. We propose here a
methodology to fill this gap, i.e., to analyse both the security of the
proposed protocol and the pertinence of the underlying premises. In this
concern, we propose the definition and formal evaluation of a protocol for the
distribution of digital identities. Once distributed, these identities can be
used to verify integrity and source of information. We base our security
analysis on tools for automatic verification of security protocols widely
accepted by the scientific community, and on the principles they are based
upon. In addition, it is assumed perfect cryptographic primitives in order to
focus the analysis on the exchange of protocol messages. The main property of
our protocol is the incorporation of tickets, created using digests of chaos
based nonces (numbers used only once) and users' personal data. Combined with a
multichannel authentication scheme with some previous knowledge, these tickets
provide security during the whole protocol by univocally linking each
registering user with a single request. [..]Comment: 32 pages, 7 figures, 8 listings, 1 tabl
A Catalog of Reusable Design Decisions for Developing UML/MOF-based Domain-specific Modeling Languages
In model-driven development (MDD), domain-specific modeling languages (DSMLs) act as a communication vehicle for aligning the requirements of domain experts with the needs of software engineers. With the rise of the UML as a de facto standard, UML/MOF-based DSMLs are now widely used for MDD. This paper documents design decisions collected from 90 UML/MOF-based DSML projects. These recurring design decisions were gained, on the one hand, by performing a systematic literature review (SLR) on the development of UML/MOF-based DSMLs. Via the SLR, we retrieved 80 related DSML projects for review. On the other hand, we collected decisions from developing ten DSML projects by ourselves. The design decisions are presented in the form of reusable decision records, with each decision record corresponding to a decision point in DSML development processes. Furthermore, we also report on frequently observed (combinations of) decision options as well as on associations between options which may occur within a single decision point or between two decision points. This collection of decision-record documents targets decision makers in DSML development (e.g., DSML engineers, software architects, domain experts).Series: Technical Reports / Institute for Information Systems and New Medi
- …