Towards Managing Variability in the Safety Design of an Automotive Hall Effect Sensor

ABSTRACT This paper discusses the merits and challenges of adopting software product line engineering (SPLE) as the main development process for an automotive Hall Effect sensor. This versatile component is integrated into a number of automotive applications with varying safety requirements (e.g., windshield wipers and brake pedals). This paper provides a detailed explanation as to why the process of safety assessment and verification of the Hall Effect sensor is currently cumbersome and repetitive: it must be repeated entirely for every automotive application in which the sensor is to be used. In addition, no support is given to the engineer to select and configure the appropriate safety solutions and to explain the safety implications of his decisions. To address these problems, we present a tailored SPLEbased approach that combines model-driven development with advanced model composition techniques for applying and reasoning about specific safety solutions. In addition, we provide insights about how this approach can reduce the overall complexity, improve reusability, and facilitate safety assessment of the Hall Effect sensor

Towards Managing Variability in the Safety Design of an Automotive Hall Effect Sensor

International audienceThis paper discusses the merits and challenges of adopting software product line engineering (SPLE) as the main development process for an automotive Hall Effect sensor. This versatile component is integrated into a number of automotive applications with varying safety requirements (e.g., windshield wipers and brake pedals). This paper provides a detailed explanation as to why the process of safety assessment and verification of the Hall Effect sensor is currently cumbersome and repetitive:~it must be repeated entirely for every automotive application in which the sensor is to be used. In addition, no support is given to the engineer to select and configure the appropriate safety solutions and to explain the safety implications of his decisions. To address these problems, we present a tailored SPLE-based approach that combines model-driven development with advanced model composition techniques for applying and reasoning about specific safety solutions. In addition, we provide insights about how this approach can reduce the overall complexity, improve reusability, and facilitate safety assessment of the Hall Effect sensor

An Empirical Assessment of the Maintenance Cost in Model-Driven Software Development (Een empirische beoordeling van de onderhoudskosten in modelgedreven software ontwikkeling)

The ever increasing complexity of software systems calls for improved development techniques. In this context, two evolutionary methodologies, i.e., Model-Driven Software Development (MDSD) and Aspect-Oriented Software Development (AOSD), seem to be very promising in tackling these complexities. The synergy between these two approaches, known as Aspect-Oriented Modeling (AOM), focuses on providing support for separating concerns at higher levels of abstraction. AOM approaches describe views using general-purpose modeling languages and provide mechanisms for integrating the views. Amongst the advantages of AOM are improved modularization techniques, a raised abstraction level, the use of models as primary development artifacts, automated model-to-model and model-to-code transformations.Unfortunately, most AOM approaches allow solely the use of a general-purpose modeling language (GPML), e.g., UML, for the specification of all concerns. Driven by the industry needs, domain-specific modeling languages (DSML) have started to emerge. Such DSMLs are tailored for a specific domain and provide abstractions that allow one to describe the solution directly in terms of the problem domain. DSMLs are very practical and a number of them becoming accepted throughout the industry. Hence, the combination of heterogeneous concerns each expressed in an optimal DSML has a great potential in the context of existing AOM approaches.Independent from the modeling paradigm used to specify each concern, it is far from obvious which is the more cost efficient development process when transforming the modularized design into implementation. The AOM research community is focusing on delivering techniques that reduce (if not eliminate) the need for lower level aspect-oriented artifacts, such as pointcuts specifications. Most AOM approaches provide means to specify and execute the composition of modularized concerns at the modeling level. The composed model is typically further transformed into an object-oriented implementation as it is the closest match in terms of abstractions used. We refer to this development process as the aspect "disrupting" process. However, it is also possible to use an aspect "preserving" process that preserves the modularization from models to code by targeting aspect-oriented platforms. The choice of the development process seems not to be neutral. Rather, it could have an impact on several directions, such as ease of maintenance, quality of the final product, productivity of the developers, etc.The contribution of this dissertation is threefold. Firstly, we explore the use of domain-specific modeling languages within an AOM approach. We illustrate the feasibility of this idea by relying on existing MDSD cornerstone techniques, standards and tools. As opposed to the explorative nature of our first contribution, our second contribution is a thorough systematic analysis of the cost of maintenance when semi-automatically translating modularized design into code. Based on two empirical user studies we provide evidence that the choice of the development process impacts the cost of maintenance of an existing system. Our studies demonstrate with a statistical significance that the aspect "preserving" process is the preferred alternative in many cases. Finally, an additional contribution is a summary and a list of good practices of how to plan, design, conduct, analyze and reporting empirical investigations of similar nature.nrpages: 147status: publishe

Prototizer: Agile on Steroids

Abstract. The model-driven software development (MDSD) vision has booked significant advances in the past decades. MDSD was said to be very promising in tackling the "wicked" problems of software engineering in general. However, a decade later MDSD is still far from becoming widely recognized within the mainstream software development. At the same time Agile software development methodologies are widely considered as the way to go. This is counter-intuitive as MDSD seems to be the right methodology to boost Agile approaches. From Agile software development perspective, design models are a waste. In this experience report, we present Prototizer, a tool based on modeldriven software engineering that could boost the Agile vision. We present a validation of Prototizer on a recent case study and discuss the main lessons learned throughout the past years

Generic Reusable Concern Compositions (GReCCo): Description and Case Study

This report presents the GReCCo approach to Aspect Oriented Modeling (AOM) using Generic Reusable Concern Compositions. GReCCo offers an AOM-based framework to promote and enhance the reuse of oblivious concern models. We focus on software design patterns, which represent complete solutions to recurring concernspecific problems. We have developed a prototype generic transformation engine written in ATL that can be used to compose two concern models specified in UML. We first describe the GReCCo approach and the offered composition types. In the second part, we illustrate the GReCCo approach on a case study in the domain of Electronic Health Information and Privacy (EHIP). We start from a description of the base part of the application. On top of this application, we apply several reusable concerns using the GReCCo methodology

Software vulnerability prediction using text analysis techniques

Early identification of software vulnerabilities is essential in software engineering and can help reduce not only costs, but also prevent loss of reputation and damaging litigations for a software firm. Techniques and tools for software vulnerability prediction are thus invaluable. Most of the existing techniques rely on using component characteristic(s) (like code complexity, code churn) for the vulnerability prediction. In this position paper, we present a novel approach for vulnerability prediction that leverages on the analysis of raw source code as text, instead of using “cooked” features. Our initial results seem to be very promising as the prediction model achieves an average accuracy of 0.87, precision of 0.85 and recall of 0.88 on 18 versions of a large mobile application.status: publishe

Design churn as predictor of vulnerabilities?

This paper evaluates a metric suite to predict vulnerable Java classes based on how much the design of an application has changed over time. We refer to this concept as design churn in analogy with code churn. Based on a validation on 10 Android applications, we show that several design churn metrics are in fact significantly associated with vulnerabilities. When used to build a prediction model, the metrics yield an average precision of 0.71 and an average recall of 0.27.status: publishe

Generic reusable concern compositions

The increasing complexity of software applications requires improved software development techniques in order to cope with, a.o., software reuse and evolution, the management of heterogeneous concerns, and the retargeting of systems towards new software platforms. The introduction of AOSD (aspect-oriented software development) and the support for MDD (model-driven development) are two important and promising evolutions that can contribute to better control of software complexity. In this paper we present an AOM (Aspect-Oriented Modeling) based framework to promote and enhance the reuse of concerns expressed in UML. We have developed a prototype composition engine implemented in ATL that can be used to compose concern models specified in UML. © 2008 Springer-Verlag Berlin Heidelberg.status: publishe

Specifying and composing concerns expressed in domain-specific modeling languages

Separation of concerns and levels of abstraction are key software engineering principles that can help master the increasing complexity of software applications. Aspect-oriented modeling (AOM) and domain-specific modeling languages (DSML) are two important and promising approaches in this context. However, little research is done to investigate the synergy between AOM and DSMLs. In this paper we present an asymmetric approach to compose modularized concerns expressed in different DSMLs with an application base model expressed in a general-purpose modeling language (GPML). This allows to specify each concern in the most appropriate modeling language. We introduce the concept of a concern interface, expressed in a GPML, that serves as a common language between a specific concern and the application base. In addition, we use an explicit composition model to specify the syntactic and the semantic links between entities from the different concerns. We explore these concepts using an application where we modularize the user interface modeled in WebML and the access control specified in XACML. The modularized concerns are then composed with an application base that has been specified in UML. © 2009 Springer Berlin Heidelberg.status: publishe

Predicting vulnerable software components via text mining

This paper presents an approach based on machine learning to predict which components of a software application contain security vulnerabilities. The approach is based on text mining the source code of the components. Namely, each component is characterized as a series of terms contained in its source code, with the associated frequencies. These features are used to forecast whether each component is likely to contain vulnerabilities. In an exploratory validation with 20 Android applications, we discovered that a dependable prediction model can be built. Such model could be useful to prioritize the validation activities, e.g., to identify the components needing special scrutiny.status: publishe