10,205 research outputs found
A systematic literature review on process model testing: Approaches, challenges, and research directions
Testing is a key concern when developing process-oriented solutions as it
supports modeling experts who have to deal with increasingly complex models and
scenarios such as cross-organizational processes. However, the complexity of
the research landscape and the diverse set of approaches and goals impedes the
analysis and advancement of research and the identification of promising
research areas, challenges, and research directions. Hence, a systematic
literature review is conducted to identify interesting areas for future
research and to provide an overview of existing work. Over 6300 potentially
matching publications were determined during the search (literature databases,
selected conferences\journals, and snowballing). Finally, 153 publications from
2002 to 2013 were selected, analyzed, and classified. It was found that the
software engineering domain has influenced process model testing approaches
(e.g., regarding terminology and concepts), but recent publications are
presenting independent approaches. Additionally, historical data sources are
not exploited to their full potential and current testing related publications
frequently contain evaluations of relatively weak quality. Overall, the
publication landscape is unevenly distributed so that over 31 publications
concentrate on test-case generation but only 4 publications conduct performance
test. Hence, the full potential of such insufficiently covered testing areas is
not exploited. This systematic review provides a comprehensive overview of the
interdisciplinary topic of process model testing. Several open research
questions are identified, for example, how to apply testing to
cross-organizational or legacy processes and how to adequately include users
into the testing methods
Applied Metamodelling: A Foundation for Language Driven Development (Third Edition)
Modern day system developers have some serious problems to contend with. The
systems they develop are becoming increasingly complex as customers demand
richer functionality delivered in ever shorter timescales. They have to manage
a huge diversity of implementation technologies, design techniques and
development processes: everything from scripting languages to web-services to
the latest 'silver bullet' design abstraction. To add to that, nothing stays
still: today's 'must have' technology rapidly becomes tomorrow's legacy problem
that must be managed along with everything else. How can these problems be
dealt with? In this book we propose that there is a common foundation to their
resolution: languages. Languages are the primary way in which system developers
communicate, design and implement systems. Languages provide abstractions that
can encapsulate complexity, embrace the diversity of technologies and design
abstractions, and unite modern and legacy systems
Enhancing Reuse of Constraint Solutions to Improve Symbolic Execution
Constraint solution reuse is an effective approach to save the time of
constraint solving in symbolic execution. Most of the existing reuse approaches
are based on syntactic or semantic equivalence of constraints; e.g. the Green
framework is able to reuse constraints which have different representations but
are semantically equivalent, through canonizing constraints into syntactically
equivalent normal forms. However, syntactic/semantic equivalence is not a
necessary condition for reuse--some constraints are not syntactically or
semantically equivalent, but their solutions still have potential for reuse.
Existing approaches are unable to recognize and reuse such constraints.
In this paper, we present GreenTrie, an extension to the Green framework,
which supports constraint reuse based on the logical implication relations
among constraints. GreenTrie provides a component, called L-Trie, which stores
constraints and solutions into tries, indexed by an implication partial order
graph of constraints. L-Trie is able to carry out logical reduction and logical
subset and superset querying for given constraints, to check for reuse of
previously solved constraints. We report the results of an experimental
assessment of GreenTrie against the original Green framework, which shows that
our extension achieves better reuse of constraint solving result and saves
significant symbolic execution time.Comment: this paper has been submitted to conference ISSTA 201
Measuring Coverage of Prolog Programs Using Mutation Testing
Testing is an important aspect in professional software development, both to
avoid and identify bugs as well as to increase maintainability. However,
increasing the number of tests beyond a reasonable amount hinders development
progress. To decide on the completeness of a test suite, many approaches to
assert test coverage have been suggested. Yet, frameworks for logic programs
remain scarce.
In this paper, we introduce a framework for Prolog programs measuring test
coverage using mutations. We elaborate the main ideas of mutation testing and
transfer them to logic programs. To do so, we discuss the usefulness of
different mutations in the context of Prolog and empirically evaluate them in a
new mutation testing framework on different examples.Comment: 16 pages, Accepted for presentation in WFLP 201
Supporting Dynamic Service Composition at Runtime based on End-user Requirements
Network-based software application services are receiving a lot of attention in recent years, as observed in developments as Internet of Services, Software as a Service and Cloud Computing. A service-oriented computing ecosystem is being created where the end-user is having an increasingly more active role in the service creation process. However, supporting end-users in the creation process, at runtime, is a difficult undertaking. Users have different requirements and preferences towards application services, use services in different situations and expect highly abstract mechanisms in the creation process. Furthermore, there are different types of end-users: some can deliver more detailed requirements or can be provided with more advanced request interface, while others can not. To tackle these issues and provide end-users with personalised service delivery, we claim that runtime automated service composition mechanisms are required. In this paper we present the DynamiCoS framework, which aims at supporting the different phases required to provide end-users with automatic service discovery, selection and composition process. In this paper we also present the developed prototype and its evaluation
State of the Software Development Life-Cycle for the Internet-of-Things
Software has a longstanding association with a state of crisis considering
its success rate. The explosion of Internet-connected devices,
Internet-of-Things, adds to the complexity of software systems. The particular
characteristics of these systems, such as being large-scale and its
heterogeneity, pose increasingly new challenges. In this paper, we first
briefly introduce the IoT paradigm and the current state of art of software
development. Then, we delve into the particularities of developing software for
IoT systems and systems of systems, given an overview of what are the current
methodologies and tools for design, develop and test such systems. The findings
are discussed, revealing open issues and research directions, and reveal that
the nowadays IoT software development practices are still lagging behind of
what are the current best practices.Comment: 38 page
Abstract Interpretation-based verification/certification in the ciaoPP system
CiaoPP is the abstract interpretation-based preprocessor of
the Ciao multi-paradigm (Constraint) Logic Programming system. It uses modular, incremental abstract interpretation as a fundamental tool to obtain information about programs. In CiaoPP, the semantic approximations thus produced have been applied to perform high- and low-level optimizations during program compilation, including transformations such as mĂșltiple abstract specialization, parallelization, partial evaluation, resource usage control, and program verification. More recently, novel and promising applications of such semantic approximations are
being applied in the more general context of program development such as program verification. In this work, we describe our extensiĂłn of the system to incorpĂłrate Abstraction-Carrying Code (ACC), a novel approach to mobile code safety. ACC follows the standard strategy of associating safety certificates to programs, originally proposed in Proof Carrying- Code. A distinguishing feature of ACC is that we use an abstraction (or abstract model) of the program computed by standard static analyzers as a certifĂcate. The validity of the abstraction on the consumer side is checked in a single-pass by a very efficient and specialized abstractinterpreter. We have implemented and benchmarked ACC within CiaoPP. The experimental results show that the checking phase is indeed faster than the proof generation phase, and that the sizes of certificates are reasonable. Moreover, the preprocessor is based on compile-time (and run-time) tools for the certification of CLP programs with resource consumption assurances
soCloud: A service-oriented component-based PaaS for managing portability, provisioning, elasticity, and high availability across multiple clouds
Multi-cloud computing is a promising paradigm to support very large scale
world wide distributed applications. Multi-cloud computing is the usage of
multiple, independent cloud environments, which assumed no priori agreement
between cloud providers or third party. However, multi-cloud computing has to
face several key challenges such as portability, provisioning, elasticity, and
high availability. Developers will not only have to deploy applications to a
specific cloud, but will also have to consider application portability from one
cloud to another, and to deploy distributed applications spanning multiple
clouds. This article presents soCloud a service-oriented component-based
Platform as a Service (PaaS) for managing portability, elasticity,
provisioning, and high availability across multiple clouds. soCloud is based on
the OASIS Service Component Architecture (SCA) standard in order to address
portability. soCloud provides services for managing provisioning, elasticity,
and high availability across multiple clouds. soCloud has been deployed and
evaluated on top of ten existing cloud providers: Windows Azure, DELL KACE,
Amazon EC2, CloudBees, OpenShift, dotCloud, Jelastic, Heroku, Appfog, and an
Eucalyptus private cloud
A Detailed Survey on Various Aspects of SQL Injection in Web Applications: Vulnerabilities, Innovative Attacks, and Remedies
In today's world, Web applications play a very important role in individual
life as well as in any country's development. Web applications have gone
through a very rapid growth in the recent years and their adoption is moving
faster than that was expected few years ago. Now-a-days, billions of
transactions are done online with the aid of different Web applications. Though
these applications are used by hundreds of people, in many cases the security
level is weak, which makes them vulnerable to get compromised. In most of the
scenarios, a user has to be identified before any communication is established
with the backend database. An arbitrary user should not be allowed access to
the system without proof of valid credentials. However, a crafted injection
gives access to unauthorized users. This is mostly accomplished via SQL
Injection input. In spite of the development of different approaches to prevent
SQL injection, it still remains an alarming threat to Web applications. In this
paper, we present a detailed survey on various types of SQL Injection
vulnerabilities, attacks, and their prevention techniques. Alongside presenting
our findings from the study, we also note down future expectations and possible
development of countermeasures against SQL Injection attacks.Comment: Due to unresolved publication fee issue, authors withdrew paper after
acceptance in INFORMATION Journal, Japan. To be published elsewher
Semantics-based services for a low carbon society: An application on emissions trading system data and scenarios management
A low carbon society aims at fighting global warming by stimulating synergic
efforts from governments, industry and scientific communities. Decision support
systems should be adopted to provide policy makers with possible scenarios,
options for prompt countermeasures in case of side effects on environment,
economy and society due to low carbon society policies, and also options for
information management. A necessary precondition to fulfill this agenda is to
face the complexity of this multi-disciplinary domain and to reach a common
understanding on it as a formal specification. Ontologies are widely accepted
means to share knowledge. Together with semantic rules, they enable advanced
semantic services to manage knowledge in a smarter way. Here we address the
European Emissions Trading System (EU-ETS) and we present a knowledge base
consisting of the EREON ontology and a catalogue of rules. Then we describe two
innovative semantic services to manage ETS data and information on ETS
scenarios
- âŠ