Knowledge-Intensive Processes: Characteristics, Requirements and Analysis of Contemporary Approaches

Engineering of knowledge-intensive processes (KiPs) is far from being mastered, since they are genuinely knowledge- and data-centric, and require substantial flexibility, at both design- and run-time. In this work, starting from a scientific literature analysis in the area of KiPs and from three real-world domains and application scenarios, we provide a precise characterization of KiPs. Furthermore, we devise some general requirements related to KiPs management and execution. Such requirements contribute to the definition of an evaluation framework to assess current system support for KiPs. To this end, we present a critical analysis on a number of existing process-oriented approaches by discussing their efficacy against the requirements

Automatic performance optimisation of component-based enterprise systems via redundancy

Component technologies, such as J2EE and .NET have been extensively adopted for building complex enterprise applications. These technologies help address complex functionality and flexibility problems and reduce development and maintenance costs. Nonetheless, current component technologies provide little support for predicting and controlling the emerging performance of software systems that are assembled from distinct components. Static component testing and tuning procedures provide insufficient performance guarantees for components deployed and run in diverse assemblies, under unpredictable workloads and on different platforms. Often, there is no single component implementation or deployment configuration that can yield optimal performance in all possible conditions under which a component may run. Manually optimising and adapting complex applications to changes in their running environment is a costly and error-prone management task. The thesis presents a solution for automatically optimising the performance of component-based enterprise systems. The proposed approach is based on the alternate usage of multiple component variants with equivalent functional characteristics, each one optimized for a different execution environment. A management framework automatically administers the available redundant variants and adapts the system to external changes. The framework uses runtime monitoring data to detect performance anomalies and significant variations in the application's execution environment. It automatically adapts the application so as to use the optimal component configuration under the current running conditions. An automatic clustering mechanism analyses monitoring data and infers information on the components' performance characteristics. System administrators use decision policies to state high-level performance goals and configure system management processes. A framework prototype has been implemented and tested for automatically managing a J2EE application. Obtained results prove the framework's capability to successfully manage a software system without human intervention. The management overhead induced during normal system execution and through management operations indicate the framework's feasibility

Quality Assurance of Software Models - A Structured Quality Assurance Process Supported by a Flexible Tool Environment in the Eclipse Modeling Project

The paradigm of model-based software development (MBSD) has become more and more popular since it promises an increase in the efficiency and quality of software development. In this paradigm, software models play an increasingly important role and software quality and quality assurance consequently leads back to the quality and quality assurance of the involved models. The fundamental aim of this thesis is the definition of a structured syntax-oriented process for quality assurance of software models that can be adapted to project-specific and domain-specific needs. It is structured into two sub-processes: a process for the specification of project-specific model quality assurance techniques, and a process for applying them on concrete software models within a MBSD project. The approach concentrates on quality aspects to be checked on the abstract model syntax and is based on quality assurance techniques model metrics, smells, and refactorings well-known from literature. So far, these techniques are mostly considered in isolation only and therefore the proposed process integrates them in order to perform model quality assurance more systematically. Three example cases performing the process serve as proof-of-concept implementations and show its applicability, its flexibility, and hence its usefulness. Related to several issues concerning model quality assurance minor contributions of this thesis are (1) the definition of a quality model for model quality that consists of high-level quality attributes and low-level characteristics, (2) overviews on metrics, smells, and refactorings for UML class models including structured descriptions of each technique, and (3) an approach for composite model refactoring that concentrates on the specification of refactoring composition. Since manually reviewing models is time consuming and error prone, several tasks of the proposed process should consequently be automated. As a further main contribution, this thesis presents a flexible tool environment for model quality assurance which is based on the Eclipse Modeling Framework (EMF), a common open source technology in model-based software development. The tool set is part of the Eclipse Modeling Project (EMP) and belongs to the Eclipse incubation project EMF Refactor which is available under the Eclipse public license (EPL). The EMF Refactor framework supports both the model designer and the model reviewer by obtaining metrics reports, by checking for potential model deficiencies (called model smells) and by systematically restructuring models using refactorings. The functionality of EMF Refactor is integrated into standard tree-based EMF instance editors, graphical GMF-based editors as used by Papyrus UML, and textual editors provided by Xtext. Several experiments and studies show the suitability of the tools for supporting the techniques of the structured syntax-oriented model quality assurance process

Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021

The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing

QUANTITATIVE SOCIAL SCIENCE METHODS, SOCIAL NETWORKS, AND SCALAR MISMATCHES: ADVANCING SOCIAL-ECOLOGICAL SYSTEMS SCIENCE TOWARDS ADAPTATION AND TRANSFORMATION

The adaptive capacity of social-ecological systems to maintain resilience or undergo transformation is increasingly important for navigating global change. Although social interactions and ecological disturbances are often cited as an essential element of social-ecological systems, social interactions are often undertheorized and simplistic, and the relative effects of both social and ecological processes are rarely considered in tandem. In this dissertation, I work towards advancing social-ecological systems research by highlighting opportunities for improved quantitative social science methods, using structurally explicit methods to evaluate the mechanisms underpinning social interactions, and characterizing scalar mismatches in a social-ecological system experiencing a regime shift. In Chapter 1, I provide an overview and introduction for my dissertation. In Chapter 2, I undertook a literature review of social-ecological system studies that quantified social interactions, concluding with a typology for improving conceptual clarity, a compendium of social interaction measures including mapped empirical relationships of each to focal concepts in social-ecological systems science to support theoretical development, and a discussion of opportunities for improved treatment of social interaction complexity in future studies. In Chapter 3, I assessed how social networks and disturbance influenced behaviors of agricultural producers navigating a wide-spread regime shift in the Great Plains biome of Nebraska, US. This social-ecological system is experiencing a regime shift, whereby eastern redcedar is encroaching upon grasslands causing persistent change. I found social network measures were not only more predictive of management behavior than disturbance, but also more predictive of transformative, rather than adaptive, behavior. These findings indicate social interactions, though often overlooked, are critical for influencing adaptive and transformative behavior in social-ecological systems. In Chapter 4, I characterized scalar mismatches between social and ecological components of the Great Plains biome in Nebraska. I found that individual producers respond to collective-level factors and regional-level disturbance as they attempt to manage this regime shift, often with limited success, indicating that the social level responsible for managing this transition is misaligned with the ecological level of the process. These findings highlight opportunities for higher social levels to support individual-level efforts to manage regime shifts in this social-ecological system in Nebraska with implications for detecting and characterizing scalar mismatches globally. In Chapter 5, I synthesize my findings and provide an arc of my contribution to social-ecological systems system

Context-Aware Software

With the advent of PDAs (Personal Digital Assistants), smart phones, and other forms of mobile and ubiquitous computers, our computing resources are increasingly moving off of our desktops and into our everyday lives. However, the software and user interfaces for these devices are generally very similar to that of their desktop counterparts, despite the radically different and dynamic environments that they face. We propose that to better assist their users, such devices should be able to sense, react to, and utilise, the user's current environment or context. That is, they should become context-aware. In this thesis we investigate context-awareness at three levels: user interfaces, applications, and supporting architectures/frameworks. To promote the use of context-awareness, and to aid its deployment in software, we have developed two supporting frameworks. The first is an application-oriented framework called stick-e notes. Based on an electronic version of the common Post-It Note, stick-e notes enable the attachment of any electronic resource (e.g. a text file, movie, Java program, etc.) to any type of context (e.g. location, temperature, time, etc.). The second framework we devised seeks to provide a more universal support for the capture, manipulation, and representation of context information. We call it the Context Information Service (CIS). It fills a similar role in context-aware software development as GUI libraries do in user interface development. Our applications research explored how context-awareness can be exploited in real environments with real users. In particular, we developed a suite of PDA-based context-aware tools for fieldworkers. These were used extensively by a group of ecologists in Africa to record observations of giraffe and rhinos in a remote Kenyan game reserve. These tools also provided the foundations for our HCI work, in which we developed the concept of the Minimal Attention User Interface (MAUI). The aim of the MAUI is to reduce the attention required by the user in operating a device by carefully selecting input/output modes that are harmonious to their tasks and environment. To evaluate our ideas and applications a field study was conducted in which over forty volunteers used our system for data collection activities over the course of a summer season at the Kenyan game reserve. The PDA-based tools were unanimously preferred to the paper-based alternatives, and the context-aware features were cited as particular reasons for preferring them. In summary, this thesis presents two frameworks to support context-aware software, a set of applications demonstrating how context-awareness can be utilised in the ''real world'', and a set of HCI guidelines and principles that help in creating user interfaces that fit to their context of use

Designing the Extended Zero Trust Maturity Model A Holistic Approach to Assessing and Improving an Organization’s Maturity Within the Technology, Processes and People Domains of Information Security

Zero Trust is an approach to security where implicit trust is removed, forcing applications, workloads, servers and users to verify themselves every time a request is made. Furthermore, Zero Trust means assuming anything can be compromised, and designing networks, identities and systems with this in mind and following the principle of least privilege. This approach to information security has been coined as the solution to the weaknesses of traditional perimeter-based information security models, and adoption is starting to increase. However, the principles of Zero Trust are only applied within the technical domain to aspects such as networks, data and identities in past research. This indicates a knowledge gap, as the principles of Zero Trust could be applied to organizational domains such as people and processes to further strengthen information security, resulting in a holistic approach. To fill this gap, we employed design science research to develop a holistic maturity model for Zero Trust maturity based on these principles: The EZTMM. We performed two systematic literature reviews on Zero Trust and Maturity Model theory respectively and collaborated closely with experts and practitioners on the operational, tactical and strategic levels of six different organizations. The resulting maturity model was anchored in prior Zero Trust and maturity model literature, as well as practitioner and expert experiences and knowledge. The EZTMM was evaluated by our respondent organizations through two rounds of interviews before being used by one respondent organization to perform a maturity assessment of their own organization as a part of our case study evaluation. Each interview round resulted in ample feedback and learning, while the case study allowed us to evaluate and improve on the model in a real-world setting. Our contribution is twofold: A fully functional, holistic Zero Trust maturity model with an accompanying maturity assessment spreadsheet (the artifact), and our reflections and suggestions regarding further development of the EZTMM and research on the holistic application of Zero Trust principles for improved information security