Specifying Reusable Components

Reusable software components need expressive specifications. This paper outlines a rigorous foundation to model-based contracts, a method to equip classes with strong contracts that support accurate design, implementation, and formal verification of reusable components. Model-based contracts conservatively extend the classic Design by Contract with a notion of model, which underpins the precise definitions of such concepts as abstract equivalence and specification completeness. Experiments applying model-based contracts to libraries of data structures suggest that the method enables accurate specification of practical software

The AutoProof Verifier: Usability by Non-Experts and on Standard Code

Formal verification tools are often developed by experts for experts; as a result, their usability by programmers with little formal methods experience may be severely limited. In this paper, we discuss this general phenomenon with reference to AutoProof: a tool that can verify the full functional correctness of object-oriented software. In particular, we present our experiences of using AutoProof in two contrasting contexts representative of non-expert usage. First, we discuss its usability by students in a graduate course on software verification, who were tasked with verifying implementations of various sorting algorithms. Second, we evaluate its usability in verifying code developed for programming assignments of an undergraduate course. The first scenario represents usability by serious non-experts; the second represents usability on "standard code", developed without full functional verification in mind. We report our experiences and lessons learnt, from which we derive some general suggestions for furthering the development of verification tools with respect to improving their usability.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338

Abstracting object interactions using composition filters

It is generally claimed that object-based models are very suitable for building distributed system architectures since object interactions follow the client-server model. To cope with the complexity of today's distributed systems, however, we think that high-level linguistic mechanisms are needed to effectively structure, abstract and reuse object interactions. For example, the conventional object-oriented model does not provide high-level language mechanisms to model layered system architectures. Moreover, we consider the message passing model of the conventional object-oriented model as being too low-level because it can only specify object interactions that involve two partner objects at a time and its semantics cannot be extended easily. This paper introduces Abstract Communication Types (ACTs), which are objects that abstract interactions among objects. ACTs make it easier to model layered communication architectures, to enforce the invariant behavior among objects, to reduce the complexity of programs by hiding the interaction details in separate modules and to improve reusability through the application of object-oriented principles to ACT classes. We illustrate the concept of ACTs using the composition filters model

An Aspect–Oriented Approach based on Multiparty Interactions to Specifying the Behaviour of a System

Isolating computation and coordination concerns into separate pure computation and pure coordination enhances modularity, understandability and reusability of parallel and/or distributed software. This can be achieved by moving interaction primitives, which are now commonly scattered in programs, into separate modules written in a language aimed at coordinating objects and expressing how information flows among them. The usual model for coordination is the client/server model, but it is not adequate when several objects need to collaborate simultaneously in order to solve a problem because natural multiparty interactions need to be decomposed into a set of low–level, binary interactions. In this paper, we introduce CAL, an IP–based language for the description of the coordination aspect of a system. We show that it can be successfully described in terms of simple multiparty interactions that can be animated and are also amenable to formal reasoning.Comisión Interministerial de Ciencia y Tecnología (CICYT) MENHIR TIC 97–0593–C05–0

A Personalized Facet-Weight Based Ranking Method for Service Component Retrieval

With the recent advanced computing, networking technologies and embedded systems, the computing paradigm has switched from mainframe and desktop computing to ubiquitous computing, one of whose visions is to provide intelligent, personalized and comprehensive services to users. As a new paradigm, Active Services is proposed to generate such services by retrieving, adapting, and composing of existing service components to satisfy user requirements. As the popularity of this paradigm and hence the number of service components increases, how to efficiently retrieve components to maximally meet user requirements has become a fundamental and significant problem. However, traditional facet-based retrieval methods only simply list out all the results without any kind of ranking and do not lay any emphasis on the differences of importance on each facet value in user requirements, which makes it hard for user to quickly select suitable components from the resulting list. To solve the problems, this paper proposes a novel personalized facet-weight based ranking method for service component retrieval, which assigns a weight for each facet to distinguish the importance of the facets, and constructs a personalized model to automatically calculate facet-weights for users according to their histo -rical retrieval records of the facet values and the weight setting. We optimize the parameters of the personalized model, evaluate the performance of the proposed retrieval method, and compare with the traditional facet-based matching methods. The experimental results show promising results in terms of retrieval accuracy and execution time

Classbox/J: Controlling the Scope of Change in Java

International audienceUnanticipated changes to complex software systems can introduce anomalies such as duplicated code, suboptimal inheritance rela- tionships and a proliferation of run-time downcasts. Refactoring to eliminate these anomalies may not be an option, at least in certain stages of software evolution. Classboxes are modules that restrict the visibility of changes to selected clients only, thereby offering more freedom in the way unanticipated changes may be imple- mented, and thus reducing the need for convoluted design anoma- lies. In this paper we demonstrate how classboxes can be imple- mented in statically-typed languages like Java. We also present an extended case study of Swing, a Java GUI package built on top of AWT, and we document the ensuing anomalies that Swing intro- duces. We show how Classbox/J, a prototype implementation of classboxes for Java, is used to provide a cleaner implementation of Swing using local refinement rather than subclassing

Automated Fixing of Programs with Contracts

This paper describes AutoFix, an automatic debugging technique that can fix faults in general-purpose software. To provide high-quality fix suggestions and to enable automation of the whole debugging process, AutoFix relies on the presence of simple specification elements in the form of contracts (such as pre- and postconditions). Using contracts enhances the precision of dynamic analysis techniques for fault detection and localization, and for validating fixes. The only required user input to the AutoFix supporting tool is then a faulty program annotated with contracts; the tool produces a collection of validated fixes for the fault ranked according to an estimate of their suitability. In an extensive experimental evaluation, we applied AutoFix to over 200 faults in four code bases of different maturity and quality (of implementation and of contracts). AutoFix successfully fixed 42% of the faults, producing, in the majority of cases, corrections of quality comparable to those competent programmers would write; the used computational resources were modest, with an average time per fix below 20 minutes on commodity hardware. These figures compare favorably to the state of the art in automated program fixing, and demonstrate that the AutoFix approach is successfully applicable to reduce the debugging burden in real-world scenarios.Comment: Minor changes after proofreadin