Model Based Development of Quality-Aware Software Services

Modelling languages and development frameworks give support for functional and structural description of software architectures. But quality-aware applications require languages which allow expressing QoS as a first-class concept during architecture design and service composition, and to extend existing tools and infrastructures adding support for modelling, evaluating, managing and monitoring QoS aspects. In addition to its functional behaviour and internal structure, the developer of each service must consider the fulfilment of its quality requirements. If the service is flexible, the output quality depends both on input quality and available resources (e.g., amounts of CPU execution time and memory). From the software engineering point of view, modelling of quality-aware requirements and architectures require modelling support for the description of quality concepts, support for the analysis of quality properties (e.g. model checking and consistencies of quality constraints, assembly of quality), tool support for the transition from quality requirements to quality-aware architectures, and from quality-aware architecture to service run-time infrastructures. Quality management in run-time service infrastructures must give support for handling quality concepts dynamically. QoS-aware modeling frameworks and QoS-aware runtime management infrastructures require a common evolution to get their integration

A quality of service based framework for dynamic, dependable systems

There is currently much UK government and industry interest towards the integration of complex computer-based systems, including those in the military domain. These systems can include both mission critical and safety critical applications, and therefore require the dependable communication of data. Current modular military systems requiring such performance guarantees are mostly based on parameters and system states fixed during design time, thus allowing a predictable estimate of performance. These systems can exhibit a limited degree of reconfiguration, but this is typically within the constraints of a predefined set of configurations. The ability to reconfigure systems more dynamically, could lead to further increased flexibility and adaptability, resulting in the better use of existing assets. Current software architecture models that are capable of providing this flexibility, however, tend to lack support for dependable performance. This thesis explores the benefits for the dependability of future dynamic systems, built on a publish/subscribe model, from using Quality of Service (QoS) methods to map application level data communication requirements to available network resources. Through this, original contributions to knowledge are created, including; the proposal of a QoS framework that specifies a way of defining flexible levels of QoS characteristics and their use in the negotiation of network resources, a simulation based evaluation of the QoS framework and specifically the choice of negotiation algorithm used, and a test-bed based feasibility study. Simulation experimentation conducted comparing different methods of QoS negotiation gives a clear indication that the use of the proposed QoS framework and flexible negotiation algorithm can provide a benefit in terms of system utility, resource utilisation, and system stability. The choice of negotiation algorithm has a particularly strong impact on these system properties. The cost of these benefits comes in terms of the processing power and execution time required to reach a decision on the acceptance of a subscriber. It is suggested, given this cost, that when computational resources are limited, a simpler priority based negotiation algorithm should be used. Where system resources are more abundant, however, the flexible negotiation algorithm proposed within the QoS framework can offer further benefits. Through the implementation of the QoS framework within an existing military avionics software architecture based emulator on a test-bed, both the technical challenges that will need to be overcome and, more importantly, the potential viability for the inclusion of the QoS framework have been demonstrated

Analysis of Quality Dependencies in the Composition of Software Architectures

A dependable system has to meet some quality criteria in order to provide certain reliance on its operation. The quality of a system depends on the complex composition of the quality of its subsystems. Specications of non-functional properties are commonly used to describe provided quality, required quality, resource usage and resource availability. Enclosing these specifications along with architectural models allows performing preliminary quality assessments (design-phase analysis). We allow configuration choices for quality specifications to represent design choices, deployment choices, or component adaptability. We focus on a composition study that answers to: is it possible to meet system and subsystem requirements given provided qualities? and, which configuration allows satisfying the requirements? The contributions of this work are: i) to formalize the composition based on quality levels and constraints, ii) to analyze existing quality dependencies in such a composition, iii) to show how we represent and evaluate dependencies in a model driven environment

Skill-based reconfiguration of industrial mobile robots

Caused by a rising mass customisation and the high variety of equipment versions, the exibility of manufacturing systems in car productions has to be increased. In addition to a exible handling of production load changes or hardware breakdowns that are established research areas in literature, this thesis presents a skill-based recon guration mechanism for industrial mobile robots to enhance functional recon gurability. The proposed holonic multi-agent system is able to react to functional process changes while missing functionalities are created by self-organisation. Applied to a mobile commissioning system that is provided by AUDI AG, the suggested mechanism is validated in a real-world environment including the on-line veri cation of the recon gured robot functionality in a Validity Check. The present thesis includes an original contribution in three aspects: First, a recon - guration mechanism is presented that reacts in a self-organised way to functional process changes. The application layer of a hardware system converts a semantic description into functional requirements for a new robot skill. The result of this mechanism is the on-line integration of a new functionality into the running process. Second, the proposed system allows maintaining the productivity of the running process and exibly changing the robot hardware through provision of a hardware-abstraction layer. An encapsulated Recon guration Holon dynamically includes the actual con guration each time a recon guration is started. This allows reacting to changed environment settings. As the resulting agent that contains the new functionality, is identical in shape and behaviour to the existing skills, its integration into the running process is conducted without a considerable loss of productivity. Third, the suggested mechanism is composed of a novel agent design that allows implementing self-organisation during the encapsulated recon guration and dependability for standard process executions. The selective assignment of behaviour-based and cognitive agents is the basis for the exibility and e ectiveness of the proposed recon guration mechanism

Extension and Application of Event-driven Process Chain for Information System Security Risk Management

Turvatehnika konstrueerimine on üks suuremaid murekohti süsteemi arenduses ja sellele tuleks tähelepanu pöörata kogu arendusprotsessi jooksul. Turvaliseks modelleerimiseks on mitmeid erinevaid keeli, mis aitavad hallata turvariske juba nõuete staadiumis. Käesolevas töös keskendutakse esmalt Event-driven Process Chain (EPC)-le, mida kasutatakse äriprotsesside modelleerimisel. Täpsemalt öeldes uuritakse, kuidas antud keel toetab infosüsteemi turberiskihaldust (ISSRM). Uurimuse eesmärk on välja selgitada EPC jaoks vajalikud turbenõuded. Nende tulemusena saame vastavustabeli EPC konstruktsioonide ja ISSRM domeeni mudeli kontseptide vahel. Järgnevalt laiendame EPC keelt ja selle konstruktsioone EPC ja ISSRM vastavustabeli seostega. Tekkinud laiendatud keelt kutsume “Security-Oriented EPC”. Laiendatud modelleerimiskeel sisaldab uut konstruktsioonide kogumikku, mis viitab ISSRM kontseptidele. Olles selgitanud turvanõuete olulisust varajases arendusstaadiumis, esitleme töötluse suunised, et viia ellu tõlked Security-Oriented EPC ja Mal-Activity Diagrams (MAD) vahel. Meie ettepanek põhineb EPC keele süstemaatiliste ja maandatud laiendustel ja selle vastastikusest sõltuvusest ISSRM domeeni mudelisse. Vastavuses olevad tulemused aitavad ärianalüütikutel mõista, kuidas modelleerida turvariske süsteemi nõuete ja disainimise staadiumites. Lisaks annavad töötluse tulemused võimaluse koostööks erinevate modelleerimiskeelte vahel, mida analüüsitakse kasutades sama kontseptuaalset raamistikku.Security engineering is one of the important concerns during the system development and it should be addressed throughout the whole system development process. Besides, there are several languages for security modeling that help dealing with security risk management at the requirements stage. In this thesis, first of all, we are focusing on Event-driven Process Chain (EPC), which is used during the business process modeling. More specifically, we investigate how this language supports information system security risk management (ISSRM). The purpose of this investigation is the problem of security requirements need of EPC. As a result, we obtain an alignment table between EPC constructs and ISSRM domain model concepts. Next, we extend the EPC language and its constructs with respect to the alignment table between EPC and ISSRM. As a consequence, we call the extended language as “Security-Oriented EPC”. The extended language contains new set of constructs which refer to ISSRM concepts. Lastly, after clarifying the importance of security requirements at the early system development, we present transformation guidelines to perform forward model translations from Security-Oriented EPC to Mal-Activity Diagrams (MAD). During the transformation, our proposal is based on the systematic and grounded extensions of EPC language and its interdependency to the domain model of ISSRM. Alignment results may help business analysts understand how to model security risks at the system requirement and design stages. Also, transformation results pave the way for interoperability between the modeling languages that are analysed using the same conceptual framework