Metamodel-based model conformance and multiview consistency checking

Model-driven development, using languages such as UML and BON, often makes use of multiple diagrams (e.g., class and sequence diagrams) when modeling systems. These diagrams, presenting different views of a system of interest, may be inconsistent. A metamodel provides a unifying framework in which to ensure and check consistency, while at the same time providing the means to distinguish between valid and invalid models, that is, conformance. Two formal specifications of the metamodel for an object-oriented modeling language are presented, and it is shown how to use these specifications for model conformance and multiview consistency checking. Comparisons are made in terms of completeness and the level of automation each provide for checking multiview consistency and model conformance. The lessons learned from applying formal techniques to the problems of metamodeling, model conformance, and multiview consistency checking are summarized

Debugging Techniques for Locating Defects in Software Architectures

The explicit design of the architecture for a software product is a well established part of development projects. As the software architecture descriptions are becoming larger and more complex, there is more likelihood of defects being present in the software architecture. Studies have shown that a defect in the software architecture that has propagated to the development phase is very expensive to fix. To prevent such propagation of defects, this research proposes to provide debugging support for software architecture design. Debugging is commonly used in programming languages to effectively find the cause of a failure and locate the error to provide a fix. The same should be accomplished in software architectures to debug architecture failures. Without debugging support, the software architect is unable to quickly locate and determine the source of an error. In our work, we define a process for debugging software architecture and provide analysis techniques to locate defects in a software architecture that fails to meet functional and non-functional requirements. We have implemented the techniques and provide an evaluation of the techniques based on examples using an industry standard architecture definition language, Architecture Analysis and Design Language (AADL)

Rigorous Development of Composite Grid Services

CRESS (Communication Representation Employing Systematic Specification) is introduced as notation, a methodology and a toolset for service development. The article focuses on rigorous development of composite grid services, with particular emphasis on the principles behind the methodology. A straightforward graphical notation is used to describe grid services. These are then automatically specified, analysed and implemented. Analysis includes formal verification of desirable service properties, formal validation of test scenarios, testing of implementation functionality, and evaluation of implementation performance. The case study that illustrates the approach is document content analysis to compare two pieces of text. This involves two composite services supported by two partner services. The usability of the service design notation is assessed, and a comparison is made of the approach with similar ones. These show that the CRESS approach to developing services is usable and more complete than other comparable approaches

Modeling security and privacy requirements: A use case-driven approach

Context: Modern internet-based services, ranging from food-delivery to home-caring, leverage the availability of multiple programmable devices to provide handy services tailored to end-user needs. These services are delivered through an ecosystem of device-specific software components and interfaces (e.g., mobile and wearable device applications). Since they often handle private information (e.g., location and health status), their security and privacy requirements are of crucial importance. Defining and analyzing those requirements is a significant challenge due to the multiple types of software components and devices integrated into software ecosystems. Each software component presents peculiarities that often depend on the context and the devices the component interact with, and that must be considered when dealing with security and privacy requirements. Objective: In this paper, we propose, apply, and assess a modeling method that supports the specification of security and privacy requirements in a structured and analyzable form. Our motivation is that, in many contexts, use cases are common practice for the elicitation of functional requirements and should also be adapted for describing security requirements. Method: We integrate an existing approach for modeling security and privacy requirements in terms of security threats, their mitigations, and their relations to use cases in a misuse case diagram. We introduce new security-related templates, i.e., a mitigation template and a misuse case template for specifying mitigation schemes and misuse case specifications in a structured and analyzable manner. Natural language processing can then be used to automatically report inconsistencies among artifacts and between the templates and specifications. Results: We successfully applied our approach to an industrial healthcare project and report lessons learned and results from structured interviews with engineers. Conclusion: Since our approach supports the precise specification and analysis of security threats, threat scenarios and their mitigations, it also supports decision making and the analysis of compliance to standards