Preserving the Quality of Architectural Tactics in Source Code

In any complex software system, strong interdependencies exist between requirements and software architecture. Requirements drive architectural choices while also being constrained by the existing architecture and by what is economically feasible. This makes it advisable to concurrently specify the requirements, to devise and compare alternative architectural design solutions, and ultimately to make a series of design decisions in order to satisfy each of the quality concerns. Unfortunately, anecdotal evidence has shown that architectural knowledge tends to be tacit in nature, stored in the heads of people, and lost over time. Therefore, developers often lack comprehensive knowledge of underlying architectural design decisions and inadvertently degrade the quality of the architecture while performing maintenance activities. In practice, this problem can be addressed through preserving the relationships between the requirements, architectural design decisions and their implementations in the source code, and then using this information to keep developers aware of critical architectural aspects of the code. This dissertation presents a novel approach that utilizes machine learning techniques to recover and preserve the relationships between architecturally significant requirements, architectural decisions and their realizations in the implemented code. Our approach for recovering architectural decisions includes the two primary stages of training and classification. In the first stage, the classifier is trained using code snippets of different architectural decisions collected from various software systems. During this phase, the classifier learns the terms that developers typically use to implement each architectural decision. These ``indicator terms\u27\u27 represent method names, variable names, comments, or the development APIs that developers inevitably use to implement various architectural decisions. A probabilistic weight is then computed for each potential indicator term with respect to each type of architectural decision. The weight estimates how strongly an indicator term represents a specific architectural tactics/decisions. For example, a term such as \emph{pulse} is highly representative of the heartbeat tactic but occurs infrequently in the authentication. After learning the indicator terms, the classifier can compute the likelihood that any given source file implements a specific architectural decision. The classifier was evaluated through several different experiments including classical cross-validation over code snippets of 50 open source projects and on the entire source code of a large scale software system. Results showed that classifier can reliably recognize a wide range of architectural decisions. The technique introduced in this dissertation is used to develop the Archie tool suite. Archie is a plug-in for Eclipse and is designed to detect wide range of architectural design decisions in the code and to protect them from potential degradation during maintenance activities. It has several features for performing change impact analysis of architectural concerns at both the code and design level and proactively keep developers informed of underlying architectural decisions during maintenance activities. Archie is at the stage of technology transfer at the US Department of Homeland Security where it is purely used to detect and monitor security choices. Furthermore, this outcome is integrated into the Department of Homeland Security\u27s Software Assurance Market Place (SWAMP) to advance research and development of secure software systems

Developing an Argument for Def Stan 00-56 from Existing Qualification Evidence

International audienceCommonly-used civil guidance and standards in the safety-critical software industry (IEC 61508, EN 50128, DO-178B) constrain development activity and generate process and product evidence. However, procurements for UK defence systems must be supported with a safety case assessed against Def Stan 00-56 Issue 4. This paper studies the use of evidence from civil guidance and standards in arguments towards DS 00-56. The approach is centred on a particular application, the KCG qualified code generator, and is based on a generic software contribution argumentation approach. The results show that issues arise in substantiating failure conditions, choosing a suitable level of detail in the argumentand relating detailed explanations to the structure of the evidence. Explicit argumentation was found to be useful in addressing each of these issues

An approach to impact analysis in software maintenance

Impact analysis is a software maintenance activity, which consists of determining the scope of a requested change, as a basis for planning and implementing it. After a change request has been specified (change understanding) and the initial part of the system to be changed has been identified (change localization), impact analysis helps to understand consequences of the change on other parts of the system. Induced changes, also named ripple effects, among software components are detected. Most existing approaches perform impact analysis for changes occurring at the code level. In this thesis, concepts developed to perform impact analysis at the code level are applied to trace changes occurring at the design level. The method consists of proposing an activity model addressing the different steps of impact analysis and a data model on which propagations of changes can be traced. The method is validated with a case study applied to a system from the aerospace field. The tools we developed on PCTE help for consistency checks in HOOD based designs during editing. Our data-model based on an Entity Relationship notation describes a way to model HOOD diagrams in PCTE and further on to propagate changes on the repository. Examples chosen address the design phase of a simple engine system. We show that addressing modifications at a higher level of abstraction than the code eases understanding and localization of changes. It also limits the propagation of ripple effects (i.e., unexpected behaviour of the system) by detecting secondary changes at an earlier stage

Assessing and Improving Industrial Software Processes

Software process is a complex phenomenon that involves a multitude of different artifacts, human actors with different roles, activities to be performed in order to produce a software product. Even though the research community is devoting a great effort in proposing solutions aimed at improving software process, several issues are still open. In this Thesis work I propose different solutions for assessing and improving software processes carried out in real industrial contexts. More in detail, I proposed a solution, based on ALM and MDE, for supporting Gap Analysis processes for assessing if a software process is carried out in accordance with Standards or Evaluation Framework. Then, I focused on a solution based on tool integration for the management of trace links among the artifacts involved in the software process. As another contribution, I proposed a Reverse engineering process and a tool, named EXACT, for supporting the analysis and comprehension of spreadsheet based artifacts involved in software development processes. Finally, I realized a semi-automatic approach, named AutoMative, for supporting the introduction in real Industrial software processes of SPL for managing the variability of the software products to be developed. Case studies conducted in real industrial settings showed the feasibility and the positive impact of the proposed solutions on real industrial software processes

A Modelling Approach to Multi-Domain Traceability

Traceability is an important concern in projects that span different engineering domains. Traceability can also be mandated, exploited and man- aged across the engineering lifecycle, and may involve defining connections between heterogeneous models. As a result, traceability can be considered to be multi-domain. This thesis introduces the concept and challenges of multi-domain trace- ability and explains how it can be used to support typical traceability scenarios. It proposes a model-based approach to develop a traceability solution which effectively operates across multiple engineering domains. The approach introduced a collection of tasks and structures which address the identified challenges for a traceability solution in multi-domain projects. The proposed approach demonstrates that modelling principles and MDE techniques can help to address current challenges and consequently improve the effectiveness of a multi-domain traceability solution. A prototype of the required tooling to support the approach is implemented with EMF and atop Epsilon; it consists of an implementation of the proposed structures (models) and model management operations to sup- port traceability. Moreover, the approach is illustrated in the context of two safety-critical projects where multi-domain traceability is required to underpin certification arguments

Trusted product lines

This thesis describes research undertaken into the application of software product line approaches to the development of high-integrity, embedded real-time software systems that are subject to regulatory approval/certification. The motivation for the research arose from a real business need to reduce cost and lead time of aerospace software development projects. The thesis hypothesis can be summarised as follows: It is feasible to construct product line models that allow the specification of required behaviour within a reference architecture that can be transformed into an effective product implementation, whilst enabling suitable supporting evidence for certification to be produced. The research concentrates on the following four main areas: 1. Construction of an argument framework in which the application of product line techniques to high-integrity software development can be assessed and critically reviewed. 2. Definition of a product-line reference architecture that can host components containing variation. 3. Design of model transformations that can automatically instantiate products from a set of components hosted within the reference architecture. 4. Identification of verification approaches that may provide evidence that the transformations designed in step 3 above preserve properties of interest from the product line model into the product instantiations. Together, these areas form the basis of an approach we term “Trusted Product Lines”. The approach has been evaluated and validated by deployment on a real aerospace project; the approach has been used to produce DO-178B/ED-12B Level A applications of over 300 KSLOC in size. The effect of this approach on the software development process has been critically evaluated in this thesis, both quantitatively (in terms of cost and relative size of process phases) and qualitatively (in terms of software quality). The “Trusted Product Lines” approach, as described within the thesis, shows how product line approaches can be applied to high-integrity software development, and how certification evidence created and arguments constructed for products instantiated from the product line. To the best of our knowledge, the development and effective application of product line techniques in a certification environment is novel and unique