From model-driven software development processes to problem diagnoses at runtime

Following the “convention over configuration” paradigm, model-driven software development (MDSD) generates code to implement the “default” behaviour that has been specified by a template separate from the input model. On the one hand, developers can produce end-products without a full understanding of the templates; on the other hand, the tacit knowledge in the templates is subtle to diagnose when a runtime software failure occurs. Therefore, there is a gap between templates and runtime adapted models. Generalising from the concrete problematic examples in MDSD processes to a model-based problem diagnosis, the chapter presents a procedure to separate the automated fixes from those runtime gaps that require human judgments

On the 3-particle scattering continuum in quasi one dimensional integer spin Heisenberg magnets

We analyse the three-particle scattering continuum in quasi one dimensional integer spin Heisenberg antiferromagnets within a low-energy effective field theory framework. We exactly determine the zero temperature dynamical structure factor in the O(3) nonlinear sigma model and in Tsvelik's Majorana fermion theory. We study the effects of interchain coupling in a Random Phase Approximation. We discuss the application of our results to recent neutron-scattering experiments on the Haldane-gap material ${\rm CsNiCl_3}$.Comment: 8 pages of revtex, 5 figures, small changes, to appear in PR

Requirements and specifications for adaptive security: concepts and analysis

In an adaptive security-critical system, security mechanisms change according to the type of threat posed by the environment. Specifying the behavior of these systems is difficult because conditions of the environment are difficult to describe until the system has been deployed and used for a length of time. This paper defines the problem of adaptation in security-critical systems, and outlines the RELAIS approach for expressing requirements and specifying the behavior in a way that helps identify the need for adaptation, and the appropriate adaptation behavior at runtime. The paper introduces the notion of adaptation via input approximation and proposes statistical machine learning techniques for realizing it. The approach is illustrated with a running example and is applied to a realistic security example from a cloud-based file-sharing application. Bayesian classification and logistic regression methods are used to implement adaptive specifications and these methods offer different levels of adaptive security and usability in the file-sharing application

Evolution of security engineering artifacts. A state of the art survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research