Engineering scalable modelling Languages

Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Ingeniería Informática. Fecha de lectura: 08-11-2019Esta tesis tiene embargado el acceso al texto completo hasta el 08-05-2021Model-Driven Engineering (MDE) aims at reducing the cost of system development by raising the level of abstraction at which developers work. MDE-based solutions frequently involve the creation of Domain-Specific Modelling Languages (DSMLs). WhilethedefinitionofDSMLsandtheir(sometimesgraphical)supportingenvironments are recurring activities in MDE, they are mostly developed ad-hoc from scratch. The construction of these environments requires high expertise by developers, which currently need to spend large efforts for their construction. This thesis focusses on the development of scalable modelling environments for DSMLs based on patterns. For this purpose, we propose a catalogue of modularity patterns that can be used to extend a modelling language with services related to modularization and scalability. More specifically, these patterns allows defining model fragmentation strategies, scoping and visibility rules, model indexing services, and scoped constraints. Once the patterns have been applied to the meta-model of a modelling language, we synthesize a customized modelling environment enriched with the defined services, which become applicable to both existing monolithic legacy models and new models. A second contribution of this thesis is a set of concepts and technologies to facilitate the creation of graphical editors. For this purpose, we define heuristics which identify structures in the DSML abstract syntax, and automatically assign their diagram representation. Using this approach, developers can create a graphical representation by default from a meta-model, which later can be customised. These contributions have been implemented in two Eclipse plug-ins called EMFSplitter and EMF-Stencil. On one hand, EMF-Splitter implements the catalogue of modularity patterns and, on the other hand, EMF-Stencil supports the heuristics and the generation of a graphical modelling environment. Both tools were evaluated in different case studies to prove their versatility, efficiency, and capabilitieEl Desarrollo de Software Dirigido por Modelos (MDE, por sus siglas en inglés) tiene como objetivo reducir los costes en el desarrollo de aplicaciones, elevando el nivel de abstracciónconelqueactualmentetrabajanlosdesarrolladores. Lassolucionesbasadas en MDE frecuentemente involucran la creación de Lenguajes de Modelado de Dominio Específico (DSML, por sus siglas en inglés). Aunque la definición de los DSMLs y sus entornos gráficos de modelado son actividades recurrentes en MDE, actualmente en la mayoría de los casos se desarrollan ad-hoc desde cero. La construcción de estos entornos requiere una alta experiencia por parte de los desarrolladores, que deben realizar un gran esfuerzo para construirlos. Esta tesis se centra en el desarrollo de entornos de modelado escalables para DSML basados en patrones. Para ello, se propone un catálogo de patrones de modularidad que se pueden utilizar para extender un lenguaje de modelado con servicios relacionados con la modularización y la escalabilidad. Específicamente, los patrones permiten definir estrategias de fragmentación de modelos, reglas de alcance y visibilidad, servicios de indexación de modelos y restricciones de alcance. Una vez que los patrones se han aplicado al meta-modelo de un lenguaje de modelado, se puede generar automáticamente un entorno de modelado personalizado enriquecido con los servicios definidos, que se vuelven aplicables tanto a los modelos monolíticos existentes, como a los nuevos modelos. Una segunda contribución de esta tesis es la propuesta de conceptos y tecnologías para facilitar la creación de editores gráficos. Para ello, definimos heurísticas que identifican estructuras en la sintaxis abstracta de los DSMLs y asignan automáticamente su representación en el diagrama. Usando este enfoque, los desarrolladores pueden crear una representación gráfica por defecto a partir de un meta-modelo. Estas contribuciones se implementaron en dos plug-ins de Eclipse llamados EMFSplitter y EMF-Stencil. Por un lado, EMF-Splitter implementa el catálogo de patrones y, por otro lado, EMF-Stencil implementa las heurísticas y la generación de un entorno de modelado gráfico. Ambas herramientas se han evaluado con diferentes casos de estudio para demostrar su versatilidad, eficiencia y capacidade

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

A Scholarship Approach to Model-Driven Engineering

Model-Driven Engineering is a paradigm for software engineering where software models are the primary artefacts throughout the software life-cycle. The aim is to define suitable representations and processes that enable precise and efficient specification, development and analysis of software. Our contributions to Model-Driven Engineering are structured according to Boyer\u27s four functions of academic activity - the scholarships of teaching, discovery, application and integration. The scholarships share a systematic approach towards seeking new insights and promoting progressive change. Even if the scholarships have their differences they are compatible so that theory, practice and teaching can strengthen each other.Scholarship of Teaching: While teaching Model-Driven Engineering to under-graduate students we introduced two changes to our course. The first change was to introduce a new modelling tool that enabled the execution of software models while the second change was to adapt pair lecturing to encourage the students to actively participate in developing models during lectures. Scholarship of Discovery: By using an existing technology for transforming models into source code we translated class diagrams and high-level action languages into natural language texts. The benefit of our approach is that the translations are applicable to a family of models while the texts are reusable across different low-level representations of the same model.Scholarship of Application: Raising the level of abstraction through models might seem a technical issue but our collaboration with industry details how the success of adopting Model-Driven Engineering depends on organisational and social factors as well as technical. Scholarship of Integration: Building on our insights from the scholarships above and a study at three large companies we show how Model-Driven Engineering empowers new user groups to become software developers but also how engineers can feel isolated due to poor tool support. Our contributions also detail how modelling enables a more agile development process as well as how the validation of models can be facilitated through text generation.The four scholarships allow for different possibilities for insights and explore Model-Driven Engineering from diverse perspectives. As a consequence, we investigate the social, organisational and technological factors of Model-Driven Engineering but also examine the possibilities and challenges of Model-Driven Engineering across disciplines and scholarships

Management: A bibliography for NASA managers

This bibliography lists 653 reports, articles and other documents introduced into the NASA scientific and technical information system in 1987. Items are selected and grouped according to their usefulness to the manager as manager. Citiations are grouped into ten subject categories; human factors and personnel issues; management theory and techniques; industrial management and manufacturing; robotics and expert systems; computers and information management; research and development; economics, costs and markets; logistics and operations management, reliability and quality control; and legality, legislation, and policy

Exploiting general-purpose background knowledge for automated schema matching

The schema matching task is an integral part of the data integration process. It is usually the first step in integrating data. Schema matching is typically very complex and time-consuming. It is, therefore, to the largest part, carried out by humans. One reason for the low amount of automation is the fact that schemas are often defined with deep background knowledge that is not itself present within the schemas. Overcoming the problem of missing background knowledge is a core challenge in automating the data integration process. In this dissertation, the task of matching semantic models, so-called ontologies, with the help of external background knowledge is investigated in-depth in Part I. Throughout this thesis, the focus lies on large, general-purpose resources since domain-specific resources are rarely available for most domains. Besides new knowledge resources, this thesis also explores new strategies to exploit such resources. A technical base for the development and comparison of matching systems is presented in Part II. The framework introduced here allows for simple and modularized matcher development (with background knowledge sources) and for extensive evaluations of matching systems. One of the largest structured sources for general-purpose background knowledge are knowledge graphs which have grown significantly in size in recent years. However, exploiting such graphs is not trivial. In Part III, knowledge graph em- beddings are explored, analyzed, and compared. Multiple improvements to existing approaches are presented. In Part IV, numerous concrete matching systems which exploit general-purpose background knowledge are presented. Furthermore, exploitation strategies and resources are analyzed and compared. This dissertation closes with a perspective on real-world applications

Design of Data-Driven Decision Support Systems for Business Process Standardization

Increasingly dynamic environments require organizations to engage in business process standardization (BPS) in response to environmental change. However, BPS depends on numerous contingency factors from different layers of the organization, such as strategy, business models (BMs), business processes (BPs) and application systems that need to be well-understood (“comprehended”) and taken into account by decision-makers for selecting appropriate standard BP designs that fit the organization. Besides, common approaches to BPS are non-data-driven and frequently do not exploit increasingly avail-able data in organizations. Therefore, this thesis addresses the following research ques-tion: “How to design data-driven decision support systems to increase the comprehen-sion of contingency factors on business process standardization?”. Theoretically grounded in organizational contingency theory (OCT), this thesis address-es the research question by conducting three design science research (DSR) projects to design data-driven decision support systems (DSSs) for SAP R/3 and S/4 HANA ERP systems that increase comprehension of BPS contingency factors. The thesis conducts the DSR projects at an industry partner within the context of a BPS and SAP S/4 HANA transformation program at a global manufacturing corporation. DSR project 1 designs a data-driven “Business Model Mining” system that automatical-ly “mines” BMs from data in application systems and represents results in an interactive “Business Model Canvas” (BMC) BI dashboard to comprehend BM-related BPS con-tingency factors. The project derives generic design requirements and a blueprint con-ceptualization for BMM systems and suggests an open, standardized reference data model for BMM. The project implements the software artifact “Business Model Miner” in Microsoft Azure / PowerBI and demonstrates technical feasibility by using data from an educational SAP S/4 HANA system, an open reference dataset, and three real-life SAP R/3 ERP systems. A field evaluation with 21 managers at the industry partner finds differences between tool results and BMCs created by managers and thus the po-tential for a complementary role of BMM tools to enrich the comprehension of BMs. A further controlled laboratory experiment with 142 students finds significant beneficial impacts on subjective and objective comprehension in terms of effectiveness, efficiency, and relative efficiency. Second, DSR project 2 designs a data-driven process mining DSS “KeyPro” to semi-automatically discover and prioritize the set of BPs occurring in an organization from log data to concentrate BPS initiatives on important BPs given limited organizational resources. The project derives objective and quantifiable BP importance metrics from BM and BPM literature and implements KeyPro for SAP R/3 ERP and S/4 HANA sys-tems in Microsoft SQL Server / Azure and interactive PowerBI dashboards. A field evaluation with 52 managers compares BPs detected manually by decision-makers against BPs discovered by KeyPro and reveals significant differences and a complemen-tary role of the artifact to deliver additional insights into the set of BPs in the organiza-tion. Finally, a controlled laboratory experiment with 30 students identifies the dash-boards with the lowest comprehension for further development. Third, OCT requires organizations to select a standard BP design that matches contin-gencies. Thus, DSR project 3 designs a process mining DSS to select a standard BP from a repository of different alternative designs based on the similarity of BPS contin-gency factors between the as-is process and the to-be standard processes. DSR project 3 thus derives four different process model variants for representing BPS contingency factors that vary according to determinant factors of process model comprehension (PMC) identified in PMC literature. A controlled laboratory evaluation with 150 stu-dents identifies significant differences in PMC. Based on laboratory findings, the DSS is implemented in the BPM platform “Apromore” to select standard BP reference mod-els from the SAP Best Practices Explorer for SAP S/4 HANA and applied for the pur-chase-to-pay and order-to-cash process of a manufacturing company

Computer Science 2019 APR Self-Study & Documents

UNM Computer Science APR self-study report and review team report for Spring 2019, fulfilling requirements of the Higher Learning Commission