The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

Engineering bidirectional transformations

Bidirectional transformations, like software, need to be carefully engineered in order to provide guarantees about their correctness, completeness, acceptability and usability. This paper summarises a collection of lectures pertaining to engineering bidirectional transformations using Model-Driven Engineering techniques and technologies. It focuses on stages of a typical engineering lifecycle, starting with requirements and progressing to implementation and verification. It summarises Model-Driven Engineering approaches to capturing requirements, architectures and designs for bidirectional transformations, and suggests an approach for verification as well. It concludes by describing some challenges for future research into engineering bidirectional transformations

Language engineering : Challenges, opportunities and potential disasters for interactive systems

Language engineering underpins model-driven engineering and the application of domain-specific languages. In this talk, I will introduce language engineering and its principles and practices, using model-driven engineering as an exemplar. I will suggest how the engineering of interactive systems offers opportunities, challenges and the potential for chaos for language engineering

Putting formal specifications under the magnifying glass: Model-based testing for validation

A software development process is effectively an abstract form of model transformation, starting from an end-user model of requirements, through to a system model for which code can be automatically generated. The success (or failure) of such a transformation depends substantially on obtaining a correct, well-formed initial model that captures user concerns. Model-based testing automates black box testing based on the model of the system under analysis. This paper proposes and evaluates a novel model-based testing technique that aims to reveal specification/requirement-related errors by generating test cases from a test model and exercising them on the design model. The case study outlined in the paper shows that a separate test model not only increases the level of objectivity of the requirements, but also supports the validation of the system under test through test case generation. The results obtained from the case study support the hypothesis that there may be discrepancies between the formal specification of the system modeled at developer end and the problem to be solved, and using solely formal verification methods may not be sufficient to reveal these. The approach presented in this paper aims at providing means to obtain greater confidence in the design model that is used as the basis for code generation

An Approach for Model Querying-by-Example Applied to Multi- Paradigm Models

Scenarios for industry-scale multi-paradigm modelling involve analysis,transformation, or fine-grained manipulation of models. These models are often treatedwholly or in part as trees (e.g. XML or XMI documents, or source code). However,existing facilities for accessing and manipulating models as trees is limited. We present anovel approach to model querying-by-example, treating models as trees. The approachabstracts away from platform-specific concerns (e.g. XML), and exploits tree-basedpatterns in expressing queries; the results of queries are also trees, thus providing meansto compose (conjoin) queries without requiring intermediate manipulations

The Epsilon Pattern Language

We present the Epsilon Pattern Language (EPL), a textual language that supports expressing and detecting patterns on models conforming to arbitrary metamodels and captured using diverse modelling technologies. EPL provides out-of-the-box integration with existing languages that target a wide range of related model management activities (such as model validation, model-to-model and model-to-text transformation), thus enabling code reuse and seamless runtime interoperability across complex Model-Driven Engineering workflows. We discuss the syntax and semantics of EPL, its supporting development tools, and demonstrate how instances of patterns detected using EPL can be consumed and further processed by other model management programs

Integrating BON and Object-Z.

A significant limitation with object-oriented formal specification languages, such as Object-Z, is that they lack development and management processes, which can be used to guide the production of reliable, robust object-oriented systems. An integration of an object-oriented methodology, BON, and Object-Z is presented in order to add an industrially validated development process to Object-Z. An extensible CASE tool for BON is also described that supports the integration with an Object-Z code generation engine

Evaluating cloud database migration options using workload models

A key challenge in porting enterprise software systems to the cloud is the migration of their database. Choosing a cloud provider and service option (e.g., a database-as-a-service or a manually configured set of virtual machines) typically requires the estimation of the cost and migration duration for each considered option. Many organisations also require this information for budgeting and planning purposes. Existing cloud migration research focuses on the software components, and therefore does not address this need. We introduce a two-stage approach which accurately estimates the migration cost, migration duration and cloud running costs of relational databases. The first stage of our approach obtains workload and structure models of the database to be migrated from database logs and the database schema. The second stage performs a discrete-event simulation using these models to obtain the cost and duration estimates. We implemented software tools that automate both stages of our approach. An extensive evaluation compares the estimates from our approach against results from real-world cloud database migrations