IUPC: Identification and Unification of Process Constraints

Business Process Compliance (BPC) has gained significant momentum in research and practice during the last years. Although many approaches address BPC, they mostly assume the existence of some kind of unified base of process constraints and focus on their verification over the business processes. However, it remains unclear how such an inte- grated process constraint base can be built up, even though this con- stitutes the essential prerequisite for all further compliance checks. In addition, the heterogeneity of process constraints has been neglected so far. Without identification and separation of process constraints from domain rules as well as unification of process constraints, the success- ful IT support of BPC will not be possible. In this technical report we introduce a unified representation framework that enables the identifica- tion of process constraints from domain rules and their later unification within a process constraint base. Separating process constraints from domain rules can lead to significant reduction of compliance checking effort. Unification enables consistency checks and optimizations as well as maintenance and evolution of the constraint base on the other side.Comment: 13 pages, 4 figures, technical repor

Incremental modular testing for AOP

By designing systems as sets of modules that can be composed into larger applications, developers unleasha multitude of advantages. The promise of AOP (Aspect-Oriented Programming) is to enable developers toorganize crosscutting concerns into separate units of modularity making it easier to accomplish this vision.However, AOP does not allow unit tests to be untangled, which impairs the development of properly testedindependent modules. This paper presents a technique that enables developers to encapsulate crosscuttingconcerns using AOP and still be able to develop reusable unit tests. Our approach uses incremental testingand invasive aspects to modify and adapt tests. The approach was evaluated in a medium scale project withpromising results. Without using the proposed technique, due to the presence of invasive aspects, some unittests would have to be discarded or modified to accommodate the changes made by them. This would havea profound impact on the overall modularity and, in particular, on the reusability of those modules. We willshow that this technique enables proper unit tests that can be reused even when coupled with aspect-orientedcode

A Conceptual Framework for Adapation

This paper presents a white-box conceptual framework for adaptation that promotes a neat separation of the adaptation logic from the application logic through a clear identification of control data and their role in the adaptation logic. The framework provides an original perspective from which we survey archetypal approaches to (self-)adaptation ranging from programming languages and paradigms, to computational models, to engineering solutions

A Conceptual Framework for Adapation

We present a white-box conceptual framework for adaptation. We called it CODA, for COntrol Data Adaptation, since it is based on the notion of control data. CODA promotes a neat separation between application and adaptation logic through a clear identification of the set of data that is relevant for the latter. The framework provides an original perspective from which we survey a representative set of approaches to adaptation ranging from programming languages and paradigms, to computational models and architectural solutions

A Conceptual Framework for Adapation

This paper presents a white-box conceptual framework for adaptation that promotes a neat separation of the adaptation logic from the application logic through a clear identification of control data and their role in the adaptation logic. The framework provides an original perspective from which we survey archetypal approaches to (self-)adaptation ranging from programming languages and paradigms, to computational models, to engineering solutions

Transparent code authentication at the processor level

The authors present a lightweight authentication mechanism that verifies the authenticity of code and thereby addresses the virus and malicious code problems at the hardware level eliminating the need for trusted extensions in the operating system. The technique proposed tightly integrates the authentication mechanism into the processor core. The authentication latency is hidden behind the memory access latency, thereby allowing seamless on-the-fly authentication of instructions. In addition, the proposed authentication method supports seamless encryption of code (and static data). Consequently, while providing the software users with assurance for authenticity of programs executing on their hardware, the proposed technique also protects the software manufacturers’ intellectual property through encryption. The performance analysis shows that, under mild assumptions, the presented technique introduces negligible overhead for even moderate cache sizes

FOAL 2004 Proceedings: Foundations of Aspect-Oriented Languages Workshop at AOSD 2004

Aspect-oriented programming is a paradigm in software engineering and FOAL logos courtesy of Luca Cardelli programming languages that promises better support for separation of concerns. The third Foundations of Aspect-Oriented Languages (FOAL) workshop was held at the Third International Conference on Aspect-Oriented Software Development in Lancaster, UK, on March 23, 2004. This workshop was designed to be a forum for research in formal foundations of aspect-oriented programming languages. The call for papers announced the areas of interest for FOAL as including, but not limited to: semantics of aspect-oriented languages, specification and verification for such languages, type systems, static analysis, theory of testing, theory of aspect composition, and theory of aspect translation (compilation) and rewriting. The call for papers welcomed all theoretical and foundational studies of foundations of aspect-oriented languages. The goals of this FOAL workshop were to: � Make progress on the foundations of aspect-oriented programming languages. � Exchange ideas about semantics and formal methods for aspect-oriented programming languages. � Foster interest within the programming language theory and types communities in aspect-oriented programming languages. � Foster interest within the formal methods community in aspect-oriented programming and the problems of reasoning about aspect-oriented programs. The papers at the workshop, which are included in the proceedings, were selected frompapers submitted by researchers worldwide. Due to time limitations at the workshop, not all of the submitted papers were selected for presentation. FOAL also welcomed an invited talk by James Riely (DePaul University), the abstract of which is included below. The workshop was organized by Gary T. Leavens (Iowa State University), Ralf L?ammel (CWI and Vrije Universiteit, Amsterdam), and Curtis Clifton (Iowa State University). The program committee was chaired by L?ammel and included L?ammel, Leavens, Clifton, Lodewijk Bergmans (University of Twente), John Tang Boyland (University of Wisconsin, Milwaukee), William R. Cook (University of Texas at Austin), Tzilla Elrad (Illinois Institute of Technology), Kathleen Fisher (AT&T Labs�Research), Radha Jagadeesan (DePaul University), Shmuel Katz (Technion�Israel Institute of Technology), Shriram Krishnamurthi (Brown University), Mira Mezini (Darmstadt University of Technology), Todd Millstein (University of California, Los Angeles), Benjamin C. Pierce (University of Pennsylvania), Henny Sipma (Stanford University), Mario S?udholt ( ?Ecole des Mines de Nantes), and David Walker (Princeton University). We thank the organizers of AOSD 2004 for hosting the workshop

Runtime Detection of a Bandwidth Denial Attack from a Rogue Network-on-Chip

Chips with high computational power are the crux of today’s pervasive complex digital systems. Microprocessor circuits are evolving towards many core designs with the integration of hundreds of processing cores, memory elements and other devices on a single chip to sustain high performance computing while maintaining low design costs. Two decisive paradigm shifts in the semiconductor industry have made this evolution possible: (a) architectural and (b) organizational. At the heart of the architectural innovation is a scalable high speed data communication structure, the network-on-chip (NoC). NoC is an interconnect network for the glueless integration of on-chip components in the modern complex communication centric designs. In the recent days, NoC has replaced the traditional bus based architecture owing to its structured and modular design, scalability and low design cost. The organizational revolution has resulted in a globalized and collaborative supply chain with pervasive use of third party intellectual properties to reduce the time-to-market and overall design costs. Despite the advantages of these paradigm shifts, modern system-on-chips pose a plethora of security vulnerabilities. This work explores a threat model arising from a malicious NoC IP embedded with a hardware trojan affecting the resource availability of on-chip components. A rigorous simulation infrastructure is established to evaluate the feasibility and potency of such an attack. Further, a non-invasive runtime monitoring technique is proposed and thoroughly investigated to ensure the trustworthiness of a third party NoC IP with low overheads