Digitised engineering knowledge for prefabricated façades

Façade design is a multidisciplinary activity requiring the balancing of many conflicting design requirements. Very often, however, the designed façade does not respond to these requirement, as relevant design and manufacturing knowledge, normally originating downstream in the design process, is not properly used upstream in the process. The inability to respond to this challenge increases the environmental impact of the construction sector, which is currently covering nearly 40% of the global emissions. Also, improving the stagnant sector’s productivity is of paramount importance today, as it is deemed to be nearly as half as that of the manufacturing sector. This research has thus investigated ways to collect, store, represent and digitalise the engineering knowledge that underpins the design of façade products for façades that are better designed. The work has involved a close collaboration with the British general contractor (and façade manufacturer) Laing O’Rourke. The research has explored ways of using design and manufacturing knowledge and it has developed a digital tool and tested its functionalities. In the first part, after a review of the state-of-the-art in knowledge-based approaches in other fields, the digital tool, and relevant methodology, are developed. The tool informs the user about the expected performance and manufacturability of the façade product under analysis. The boundaries of traditional research were also pushed beyond the proof-of-concept by validating the digital tool in both simulated and real-world scenarios. The goal was to understand how people can develop a design solution while being supported by a digital tool. It was found that using such tool increases the user’s awareness about the consequences of the his/her choices in less time. In the last part of the research, the tool was used to develop a novel optimisation algorithm, by including considerations about aesthetics and manufacturability, in parallel with the traditional performance-based approach. The application of the algorithm to a case study has shown that it is possible to improve existing solutions in terms of performance, without affecting aesthetic and manufacturability significantly.EPSRC, Laing O'Rourk

CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs

Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. It is crucial to detect such misuses early in the development process. To detect cryptography misuses, one must first define secure uses, a process mastered primarily by cryptography experts, and not by developers. In this paper, we present CrySL, a definition language for bridging the cognitive gap between cryptography experts and developers. CrySL enables cryptography experts to specify the secure usage of the cryptographic libraries that they provide. We have implemented a compiler that translates such CrySL specification into a context-sensitive and flow-sensitive demand-driven static analysis. The analysis then helps developers by automatically checking a given Java or Android app for compliance with the CrySL-encoded rules. We have designed an extensive CrySL rule set for the Java Cryptography Architecture (JCA), and empirically evaluated it by analyzing 10,000 current Android apps. Our results show that misuse of cryptographic APIs is still widespread, with 95% of apps containing at least one misuse. Our easily extensible CrySL rule set covers more violations than previous special-purpose tools with hard-coded rules, with our tooling offering a more precise analysis

Context-Aware Process Injection: Enhancing Process Flexibility by Late Extension of Process Instances

Companies must cope with high process variability and a strong demand for process flexibility due to customer expectations, product variability, and an abundance of regulations. Accordingly, numerous business process variants need to be supported depending on a multiplicity of influencing factors, e.g., customer requests, resource availability, compliance rules, or process data. In particular, even running processes should be adjustable to respond to contextual changes, new regulations, or emerging customer requests. This paper introduces the approach of context-aware process injection. It enables the sophisticated modeling of a context-aware injection of process fragments into a base process at design time, as well as the dynamic execution of the specified processes at run time. Therefore, the context-aware injection even considers dynamic wiring of data flow. To demonstrate the feasibility and benefits of the approach, a case study was conducted based on a proof-of-concept prototype developed with the help of an existing adaptive process management technology. Overall, context-aware process injection facilitates the specification of varying processes and provides high process flexibility at run time as well

The London Charter and the Seville Principles as sources of requirements for e-archaeology systems development purposes

[EN] Requirements engineering (RE) is a discipline of critical importance in software development. This paper provides a process and a set of software artefacts to help in the production of e-archaeology systems with emphasis on requirements reuse and standards. In particular, two important guidelines in the field of earchaeology, the London Charter and the Principles of Seville, have been shown as two sources of requirements to be considered as a starting point for developing this type of systems.[ES] La Ingeniería de Requisitos (IR) es una disciplina de importancia crítica en el desarrollo de software. Este artículo proporciona un proceso y un conjunto de artefactos software para ayudar en la producción de sistemas de e-arqueología con énfasis en reutilización de requisitos y estándares. En particular, dos guías relevantes en el campo de la e-arqueología, la Carta de Londres y los Principios de Sevilla, se han mostrado como dos fuentes de requisitos a tener en cuenta como punto de partida para el desarrollo de este tipo de sistemas.This research is part of the project PEGASO-PANGEA (TIN2009-13718-C02-02), financed by the Spanish Ministry of Science and Innovation (Spain).Carrillo Gea, JM.; Toval, A.; Fernández Alemán, JL.; Nicolás, J.; Flores, M. (2013). The London Charter and the Seville Principles as sources of requirements for e-archaeology systems development purposes. Virtual Archaeology Review. 4(9):205-211. https://doi.org/10.4995/var.2013.4275OJS20521149CH'NG, E. et al. (2011): "From sites to landscapes: how computing technology is shaping archaeological practice", en Computer, vol. 44, n. 7, pp. 40-46.COS, J.A. et al. (2012): "Internationalization requirements for e-learning audit purposes", en Proceedings of the 3rd IEEE Global Engineering Education Conference, EDUCON 2012, pp. 90-95. http://dx.doi.org/10.1109/educon.2012.6201027GLASS, R.L. (2002): Software engineering: facts and fallacies. Addison-Wesley. Boston.GREENFIELD, J. and SHORT, K. (2004): Software factories: assembling applications with patterns, models, frameworks, and tools. Wiley. Indianapolis.KÄKÖLÄ, T. and DUEÑAS, J.C. (Eds.) (2006): Software Product Lines. Research issues in engineering and management. Springer. Berlin Heidelberg. http://dx.doi.org/10.1007/978-3-540-33253-4TOVAL, A. et al. (2002): "Requirements reuse for improving information systems security: a practitioner's approach", en REJ Requirements Engineering Journal, vol. 6, n. 4, pp. 205-219.TOVAL, A. et al. (2008): "Eight key issues for an effective reuse-based requirements process", en IJCSSE International Journal of Computer Systems Science and Engineering, vol. 23, n. 6, pp. 373-385.TOVAL, A. et al. (2011): "Learning systems development using reusable standard-based requirements catalogs", en Proceedings of the 2nd IEEE Global Engineering Education Conference, EDUCON 2011, pp. 907- 912. http://dx.doi.org/10.1109/educon.2011.577325

Dealing with Variability in Process-aware Information Systems: Language Requirements, Features, and Existing Proposals

The increasing adoption of Process-aware Information Systems (PAISs), together with the variability of Business Processes (BPs) across different application contexts, has resulted in large process model repositories with collections of related process model variants. To reduce both costs and occurrence of errors, the explicit management of variability throughout the BP lifecycle becomes crucial. In literature, several proposals dealing with BP variability have been proposed. However, the lack of a method for their systematic comparison makes it difficult to select the most appropriate one meeting current needs best. To close this gap, this work presents an evaluation framework that allows analyzing and comparing the variability support provided by existing proposals developed in the context of BP variability. The framework encompasses a set of language requirements as well as a set of variability support features. While language requirements allow assessing the expressiveness required to explicitly represent variability of different process perspectives, variability support features reflect the tool support required to properly cover such expressiveness. Our evaluation framework has been derived based on an in-depth analysis of several large real-world process scenarios, an extensive literature review, and an analysis of existing PAISs. In this vein, the framework helps to understand BP variability along the BP lifecycle. In addition, it supports PAISs engineers in deciding, which of the existing BP variability proposals meets best their needs

Blueprint model and language for engineering cloud applications

Abstract: The research presented in this thesis is positioned within the domain of engineering CSBAs. Its contribution is twofold: (1) a uniform specification language, called the Blueprint Specification Language (BSL), for specifying cloud services across several cloud vendors and (2) a set of associated techniques, called the Blueprint Manipulation Techniques (BMTs), for publishing, querying, and composing cloud service specifications with aim to support the flexible design and configuration of an CSBA.