A UML-based static verification framework for security

Secure software engineering is a new research area that has been proposed to address security issues during the development of software systems. This new area of research advocates that security characteristics should be considered from the early stages of the software development life cycle and should not be added as another layer in the system on an ad-hoc basis after the system is built. In this paper, we describe a UML-based Static Verification Framework (USVF) to support the design and verification of secure software systems in early stages of the software development life-cycle taking into consideration security and general requirements of the software system. USVF performs static verification on UML models consisting of UML class and state machine diagrams extended by an action language. We present an operational semantics of UML models, define a property specification language designed to reason about temporal and general properties of UML state machines using the semantic domains of the former, and implement the model checking process by translating models and properties into Promela, the input language of the SPIN model checker. We show that the methodology can be applied to the verification of security properties by representing the main aspects of security, namely availability, integrity and confidentiality, in the USVF property specification language

Property specification and static verification of UML models

We present a static verification tool (SVT), a system that performs static verification on UML models composed of UML class and state machine diagrams. Additionally, the SVT allows the user to add extra behavior specification in the form of guards and effects by defining a small action language. UML models are checked against properties written in a special-purpose property language that allows the user to specify linear temporal logic formulas that explicitly reason about UML components. Thus, the SVT provides a strong foundation for the design of reliable systems and a step towards model-driven security

A monitoring approach for runtime service discovery

Effective runtime service discovery requires identification of services based on different service characteristics such as structural, behavioural, quality, and contextual characteristics. However, current service registries guarantee services described in terms of structural and sometimes quality characteristics and, therefore, it is not always possible to assume that services in them will have all the characteristics required for effective service discovery. In this paper, we describe a monitor-based runtime service discovery framework called MoRSeD. The framework supports service discovery in both push and pull modes of query execution. The push mode of query execution is performed in parallel to the execution of a service-based system, in a proactive way. Both types of queries are specified in a query language called SerDiQueL that allows the representation of structural, behavioral, quality, and contextual conditions of services to be identified. The framework uses a monitor component to verify if behavioral and contextual conditions in the queries can be satisfied by services, based on translations of these conditions into properties represented in event calculus, and verification of the satisfiability of these properties against services. The monitor is also used to support identification that services participating in a service-based system are unavailable, and identification of changes in the behavioral and contextual characteristics of the services. A prototype implementation of the framework has been developed. The framework has been evaluated in terms of comparison of its performance when using and when not using the monitor component

Discovering Services during Service-Based System Design Using UML

Recently, there has been a proliferation of service-based systems, i.e., software systems that are composed of autonomous services but can also use software code. In order to support the development of these systems, it is necessary to have new methods, processes, and tools. In this paper, we describe a UML-based framework to assist with the development of service-based systems. The framework adopts an iterative process in which software services that can provide functional and nonfunctional characteristics of a system being developed are discovered, and the identified services are used to reformulate the design models of the system. The framework uses a query language to represent structural, behavioral, and quality characteristics of services to be identified, and a query processor to match the queries against service registries. The matching process is based on distance measurements between the queries and service specifications. A prototype tool has been implemented. The work has been evaluated in terms of recall, precision, and performance measurements

Reconciliation of object interaction models

This paper presents Reconciliation+, a tool-supported method which identifies overlaps between models of different object interactions expressed as UML sequence and/or collaboration diagrams, checks whether the overlapping elements of these models satisfy specific consistency rules, and guides developers in handling these inconsistencies. The method also keeps track of the decisions made and the actions taken in the process of managing inconsistencies

Proactive and reactive runtime service discovery: a framework and its evaluation

The identification of services during the execution of service-based applications to replace services in them that are no longer available and/or fail to satisfy certain requirements is an important issue. In this paper we present a framework to support runtime service discovery. This framework can execute service discovery queries in pull and push mode. In pull mode, it executes queries when a need for finding a replacement service arises. In push mode, queries are subscribed to the framework to be executed proactively, and in parallel with the operation of the application, in order to identify adequate services that could be used if the need for replacing a service arises. Hence, the proactive (push) mode of query execution makes it more likely to avoid interruptions in the operation of service-based applications when a service in them needs to be replaced at runtime. In both modes of query execution, the identification of services relies on distance-based matching of structural, behavioural, quality, and contextual characteristics of services and applications. A prototype implementation of the framework has been developed and an evaluation was carried out to assess the performance of the framework. This evaluation has shown positive results, which are discussed in the paper

XTraQue: traceability for product line systems

Product line engineering has been increasingly used to support the development and deployment of software systems that share a common set of features and are developed based on the reuse of core assets. The large number and heterogeneity of documents generated during the development of product line systems may cause difficulties to identify common and variable aspects among applications, and to reuse core assets that are available under the product line. In this paper, we present a traceability approach for product line systems. Traceability has been recognised as an important task in in software system development. Traceability relations can improve the quality of the product being developed and reduce development time and cost. We present a rule-based approach to support automatic generation of traceability relations between feature-based object-oriented documents. The traceability rules used in our work are classified into two groups namely (a) direct rules, which support the creation of traceability relations that do not depend on the existence of other relations, and (b) indirect rules, which require the existence of previously generated relations. The documents are represented in XML and the rules are represented in an extension of XQuery. A prototype tool called XTraQue has been implemented. This tool, together with a mobile phone product line case study, has been used to demonstrate and evaluate our work in various experiments. The results of these experiments are encouraging and comparable with other approaches that support automatic generation of traceability relations

Effect of Particle Size on Droplet Infiltration into Hydrophobic Porous Media As a Model of Water Repellent Soil

The wettability of soil is of great importance for plants and soil biota, and in determining the risk for preferential flow, surface runoff, flooding,and soil erosion. The molarity of ethanol droplet (MED) test is widely used for quantifying the severity of water repellency in soils that show reduced wettability and is assumed to be independent of soil particle size. The minimum ethanol concentration at which droplet penetration occurs within a short time (≤10 s) provides an estimate of the initial advancing contact angle at which spontaneous wetting is expected. In this study, we test the assumption of particle size independence using a simple model of soil, represented by layers of small (0.2–2 mm) diameter beads that predict the effect of changing bead radius in the top layer on capillary driven imbibition. Experimental results using a three-layer bead system show broad agreement with the model and demonstrate a dependence of the MED test on particle size. The results show that the critical initial advancing contact angle for penetration can be considerably less than 90° and varies with particle size, demonstrating that a key assumption currently used in the MED testing of soil is not necessarily valid

A Cost-Effective Design for a Neutrino Factory

There have been active efforts in the U.S., Europe, and Japan on the design of a Neutrino Factory. This type of facility produces intense beams of neutrinos from the decay of muons in a high energy storage ring. In the U.S., a second detailed Feasibility Study (FS2) for a Neutrino Factory was completed in 2001. Since that report was published, new ideas in bunching, cooling and acceleration of muon beams have been developed. We have incorporated these ideas into a new facility design, which we designate as Study 2B (ST2B), that should lead to significant cost savings over the FS2 design.Comment: 46 pages, 38 figures; to be submitted to Physical Review Special Topics: Accelerators and Beam