On the Modular Specification of NFPs: A Case Study

The modular specification of non-functional properties of systems is a current challenge of Software Engineering, for which no clear solution exists. However, in the case of Domain-Specific Languages some successful proposals are starting to emerge, combining model-driven techniques with aspect-weaving mechanisms. In this paper we show one of these approaches in practice, and present the implementation we have developed to fully support it. We apply our approach for the specification and monitoring of non-functional properties using observers to a case study, illustrating how generic observers defining non-functional properties can be defined in an independent manner. Then, correspondences between these observers and the domain-specific model of the system can be established, and then weaved into a unified system specification using ATL model transformation. Such a unified specification can also be analyzed in a natural way to obtain the required non-functional properties of the system.This work is partially funded by Research Projects TIN2011-23795 and TIN2011-15497-E

Using Pilot Systems to Execute Many Task Workloads on Supercomputers

High performance computing systems have historically been designed to support applications comprised of mostly monolithic, single-job workloads. Pilot systems decouple workload specification, resource selection, and task execution via job placeholders and late-binding. Pilot systems help to satisfy the resource requirements of workloads comprised of multiple tasks. RADICAL-Pilot (RP) is a modular and extensible Python-based pilot system. In this paper we describe RP's design, architecture and implementation, and characterize its performance. RP is capable of spawning more than 100 tasks/second and supports the steady-state execution of up to 16K concurrent tasks. RP can be used stand-alone, as well as integrated with other application-level tools as a runtime system

Sound and Complete Runtime Security Monitor for Application Software

Conventional approaches for ensuring the security of application software at run-time, through monitoring, either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time verification). We present a runtime security monitor that detects both known and unknown cyber attacks by checking that the run-time behavior of the application is consistent with the expected behavior modeled in application specification. This is crucial because, even if the implementation is consistent with its specification, the application may still be vulnerable due to flaws in the supporting infrastructure (e.g. the language runtime system, libraries and operating system). This runtime security monitor is sound and complete, eliminating false alarms, as well as efficient, so that it does not limit runtime application performance and so that it supports real-time systems. The security monitor takes as input the application specification and the application implementation, which may be expressed in different languages. The specification language of the application software is formalized based on monadic second order logic and event calculus interpreted over algebraic data structures. This language allows us to express behavior of an application at any desired (and practical) level of abstraction as well as with high degree of modularity. The security monitor detects every attack by systematically comparing the application execution and specification behaviors at runtime, even though they operate at two different levels of abstraction. We define the denotational semantics of the specification language and prove that the monitor is sound and complete. Furthermore, the monitor is efficient because of the modular application specification at appropriate level(s) of abstraction

On Conditional Decomposability

The requirement of a language to be conditionally decomposable is imposed on a specification language in the coordination supervisory control framework of discrete-event systems. In this paper, we present a polynomial-time algorithm for the verification whether a language is conditionally decomposable with respect to given alphabets. Moreover, we also present a polynomial-time algorithm to extend the common alphabet so that the language becomes conditionally decomposable. A relationship of conditional decomposability to nonblockingness of modular discrete-event systems is also discussed in this paper in the general settings. It is shown that conditional decomposability is a weaker condition than nonblockingness.Comment: A few minor correction

Synchronous products of rewrite systems (extended version)

We present and formalize a concept of synchronous product for rewrite systems, and also a corresponding concept for general transition systems, used as semantics for the former. A series of examples shows their practical usefulness: for the strategic control of systems, and for modular specification and verification

ANSI/NISO Z39.99-2017 ResourceSync Framework Specification

This ResourceSync specification describes a synchronization framework for the web consisting of various capabilities that allow third-party systems to remain synchronized with a server’s evolving resources. The capabilities may be combined in a modular manner to meet local or community requirements. This specification also describes how a server should advertise the synchronization capabilities it supports and how third-party systems may discover this information. The specification repurposes the document formats defined by the Sitemap protocol and introduces extensions for them