Resource Oriented Modelling: Describing Restful Web Services Using Collaboration Diagrams

The popularity of Resource Oriented and RESTful Web Services is increasing rapidly. In these, resources are key actors in the interfaces, in contrast to other approaches where services, messages or objects are. This distinctive feature necessitates a new approach for modelling RESTful interfaces providing a more intuitive mapping from model to implementation than could be achieved with non-resource methods. With this objective we propose an approach to describe Resource Oriented and RESTful Web Services based on UML collaboration diagrams. Then use it to model scenarios from several problem domains, arguing that Resource Oriented and RESTful Web Services can be used in systems which go beyond ad-hoc integration. Using the scenarios we demonstrate how the approach is useful for: eliciting domain ontologies; identifying recurring patterns; and capturing static and dynamic aspects of the interface

Meta-model Pruning

Large and complex meta-models such as those of Uml and its profiles are growing due to modelling and inter-operability needs of numerous\ud stakeholders. The complexity of such meta-models has led to coining\ud of the term meta-muddle. Individual users often exercise only a small\ud view of a meta-muddle for tasks ranging from model creation to construction\ud of model transformations. What is the effective meta-model that represents\ud this view? We present a flexible meta-model pruning algorithm and\ud tool to extract effective meta-models from a meta-muddle. We use\ud the notion of model typing for meta-models to verify that the algorithm\ud generates a super-type of the large meta-model representing the meta-muddle.\ud This implies that all programs written using the effective meta-model\ud will work for the meta-muddle hence preserving backward compatibility.\ud All instances of the effective meta-model are also instances of the\ud meta-muddle. We illustrate how pruning the original Uml metamodel\ud produces different effective meta-models

Model-Based Security Testing

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582

Identifying and Modelling Complex Workflow Requirements in Web Applications

Workflow plays a major role in nowadays business and therefore its requirement elicitation must be accurate and clear for achieving the solution closest to business’s needs. Due to Web applications popularity, the Web is becoming the standard platform for implementing business workflows. In this context, Web applications and their workflows must be adapted to market demands in such a way that time and effort are minimize. As they get more popular, they must give support to different functional requirements but also they contain tangled and scattered behaviour. In this work we present a model-driven approach for modelling workflows using a Domain Specific Language for Web application requirement called WebSpec. We present an extension to WebSpec based on Pattern Specifications for modelling crosscutting workflow requirements identifying tangled and scattered behaviour and reducing inconsistencies early in the cycle

Towards the Usage of MBT at ETSI

In 2012 the Specialists Task Force (STF) 442 appointed by the European Telcommunication Standards Institute (ETSI) explored the possibilities of using Model Based Testing (MBT) for test development in standardization. STF 442 performed two case studies and developed an MBT-methodology for ETSI. The case studies were based on the ETSI-standards GeoNetworking protocol (ETSI TS 102 636) and the Diameter-based Rx protocol (ETSI TS 129 214). Models have been developed for parts of both standards and four different MBT-tools have been employed for generating test cases from the models. The case studies were successful in the sense that all the tools were able to produce the test suites having the same test adequacy as the corresponding manually developed conformance test suites. The MBT-methodology developed by STF 442 is based on the experiences with the case studies. It focusses on integrating MBT into the sophisticated standardization process at ETSI. This paper summarizes the results of the STF 442 work.Comment: In Proceedings MBT 2013, arXiv:1303.037

A methodological proposal and tool support for the HL7 standards compliance in the development of health information systems

Health information systems are increasingly complex, and their development is presented as a challenge for software development companies offering quality, maintainable and interoperable products. HL7 (Health level 7) International, an international non-profit organization, defines and maintains standards related to health information systems. However, the modelling languages proposed by HL7 are far removed from standard languages and widely known by software engineers. In these lines, NDT is a software development methodology that has a support tool called NDT-Suite and is based, on the one hand, on the paradigm of model-driven engineering and, on the other hand, in UML that is a widely recognized standard language. This paper proposes an extension of the NDT methodology called MoDHE (Model Driven Health Engineering) to offer software engineers a methodology capable of modelling health information systems conforming to HL7 using UML domain models

Metamodel-based model conformance and multiview consistency checking

Model-driven development, using languages such as UML and BON, often makes use of multiple diagrams (e.g., class and sequence diagrams) when modeling systems. These diagrams, presenting different views of a system of interest, may be inconsistent. A metamodel provides a unifying framework in which to ensure and check consistency, while at the same time providing the means to distinguish between valid and invalid models, that is, conformance. Two formal specifications of the metamodel for an object-oriented modeling language are presented, and it is shown how to use these specifications for model conformance and multiview consistency checking. Comparisons are made in terms of completeness and the level of automation each provide for checking multiview consistency and model conformance. The lessons learned from applying formal techniques to the problems of metamodeling, model conformance, and multiview consistency checking are summarized