A comprehensive pattern-oriented approach to engineering security methodologies

ContextDeveloping secure software systems is an issue of ever-growing importance. Researchers have generally come to acknowledge that to develop such systems successfully, their security features must be incorporated in the context of a systematic approach: a security methodology. There are a number of such methodologies in the literature, but no single security methodology is adequate for every situation, requiring the construction of “fit-to-purpose” methodologies or the tailoring of existing methodologies to the project specifics at hand. While a large body of research exists addressing the same requirement for development methodologies – constituting the field of Method Engineering – there is nothing comparable for security methodologies as such; in fact, the topic has never been studied before in such a context.ObjectiveIn this paper we draw inspiration from a number of Method Engineering ideas and fill the latter gap by proposing a comprehensive approach to engineering security methodologies.MethodOur approach is embodied in three interconnected parts: a framework of interrelated security process patterns; a security-specific meta-model; and a meta-methodology to guide engineers in using the latter artefacts in a step-wise fashion. A UML-inspired notation is used for representing all pattern-based methodology models during design and construction. The approach is illustrated and evaluated by tailoring an existing, real-life security methodology to a distributed-system-specific project situation.ResultsThe paper proposes a novel pattern-oriented approach to modeling, constructing, tailoring and combining security methodologies, which is the very first and currently sole such approach in the literature. We illustrate and evaluate our approach in an academic setting, and perform a feature analysis to highlight benefits and deficiencies.ConclusionUsing our proposal, developers, architects and researchers can analyze and engineer security methodologies in a structured, systematic fashion, taking into account all security methodology aspects.     

Transforming and tracing reused requirements models to home automation models

ContextModel-Driven Software Development (MDSD) has emerged as a very promising approach to cope with the inherent complexity of modern software-based systems. Furthermore, it is well known that the Requirements Engineering (RE) stage is critical for a project’s success. Despite the importance of RE, MDSD approaches commonly leave textual requirements specifications to one side.ObjectiveOur aim is to integrate textual requirements specifications into the MDSD approach by using the MDSD techniques themselves, including metamodelling and model transformations. The proposal is based on the assumption that a reuse-based Model-Driven Requirements Engineering (MDRE) approach will improve the requirements engineering stage, the quality of the development models generated from requirements models, and will enable the traces from requirements to other development concepts (such as analysis or design) to be maintained.MethodThe approach revolves around the Requirements Engineering Metamodel, denominated as REMM, which supports the definition of the boilerplate based textual requirements specification languages needed for the definition of model transformation from application requirements models to platform-specific application models and code.ResultsThe approach has been evaluated through its application to Home Automation (HA) systems. The HA Requirement Specification Language denominated as HAREL is used to define application requirements models which will be automatically transformed and traced to the application model conforming to the HA Domain Specific Language.ConclusionsAn anonymous online survey has been conducted to evaluate the degree of acceptance by both HA application developers and MDSD practitioners. The main conclusion is that 66.7% of the HA experts polled strongly agree that the automatic transformation of the requirements models to HA models improves the quality of the HA models. Moreover, 58.3% of the HA participants strongly agree with the usefulness of the traceability matrix which links requirements to HA functional units in order to discover which devices are related to a specific requirement. We can conclude that the experts we have consulted agree with the proposal we are presenting here, since the average mark given is 4 out of 5.     

Verifying goal-oriented specifications used in model-driven development processes

Goal-oriented requirements engineering promotes the use of goals to elicit, elaborate, structure, specify, analyze, negotiate, document, and modify requirements. Thus, goal-oriented specifications are essential for capturing the objectives that the system to be developed should achieve. However, the application of goal-oriented specifications into model-driven development (MDD) processes is still handcrafted, not aligned in the automated flow from models to code. In other words, the experience of analysts and designers is necessary to manually transform the input goal-oriented models into system models for code generation (models compilation). Some authors have proposed guidelines to facilitate and partially automate this translation, but there is a lack of techniques to assess the adequacy of goal-oriented models as starting point of MDD processes. In this paper, we present and evaluate a verification approach that guarantees the automatic, correct, and complete transformation of goal-oriented models into design models used by specific MDD solutions. In particular, this approach has been put into practice by adopting a well-known goal-oriented modeling approach, the i* framework, and an industrial MDD solution called Integranova.     

Supporting model-driven development using a process-centered software engineering environment

The adoption of Model-Driven Development (MDD) is increasing and it is widely recognized as an important approach for building software systems. In addition to traditional development process models, an MDD process requires the selection of metamodels and mapping rules for the generation of the transformation chain which produces models and application code. In this context, software process tasks should be performed in a specific sequence, with the correct input artifacts to produce the output ones. However, existing support tools and transformation engines for MDD do not have a process-centered focus that addresses different kinds of software process activities, such as application modeling and testing to guide the developers. Furthermore, they do not enable process modeling nor the (semi) automated execution of activities during process enactment. The MoDErNE (Model Driven Process-Centered Software Engineering Environment) uses process-centered software engineering environment concepts to improve MDD process specification and enactment by using a metamodeling foundation. In MoDErNE, a software process model may be enacted several times in different software projects. This paper details the MoDErNE environment, its approach and architecture and also the case studies through which the tool was evaluated.     

A Framework for Design Tradeoffs

Designs almost always require tradeoffs between competing design choices to meet system requirements. We present a framework for evaluating design choices with respect to meeting competing requirements. Specifically, we develop a model to estimate the performance of a UML design subject to changing levels of security and fault-tolerance. This analysis gives us a way to identify design solutions that are infeasible. Multi-criteria decision making techniques are applied to evaluate the remaining feasible alternatives. The method is illustrated with two examples: a small sensor network and a system for controlling traffic lights. Dr. Anneliese Amschler Andrews is Professor and Chair of the Department of Computer Science at the University of Denver. Before that she was the Huie Rogers Endowed Chair in Software Engineering at Washington State University. Dr. Andrews is the author of a text book and over 130 articles in the area of Software Engineering, particularly software testing and maintenance. Dr. Andrews holds an MS and PhD from Duke University and a Dipl.-Inf. from the Technical University of Karlsruhe. She served as Editor-in-Chief of the IEEE Transactions on Software Engineering. She has also served on several other editorial boards including the IEEE Transactions on Reliability, the Empirical Software Engineering Journal, the Software Quality Journal, the Journal of Information Science and Technology, and the Journal of Software Maintenance. She was Director of the Colorado Advanced Software Institute from 1995 to 2002. CASI's mission was to support technology transfer research related to software through collaborations between industry and academia. Ed Mancebo studied software engineering at Milwaukee School of Engineering and computer science at Washington State University. His masters thesis explored applying systematic decision making methods to software engineering problems. He is currently a software developer at Amazon.com. Dr. Per Runeson is a professor in software engineering at Lund University, Sweden. His research interests include methods to facilitate, measure and manage aspects of software quality. He received a PhD from Lund University in 1998 and has industrial experience as a consulting expert. He is a member of the editorial board of Empirical Software Engineering and several program committees, and currently has a senior researcher position funded by the Swedish Research Council. Robert France is currently a Full Professor in the Department of Computer Science at Colorado State University. His research interests are in the area of Software Engineering, in particular formal specification techniques, software modeling techniques, design patterns, and domain-specific modeling languages. He is an Editor-in-Chief of the Springer journal on Software and System Modeling (SoSyM), and is a Steering Committee member and past Steering Committee Chair of the MoDELS/UML conference series. He was also a member of the revision task forces for the UML 1.x standards.     

Mockup-Driven Development: Providing agile support for Model-Driven Web Engineering

ContextAgile software development approaches are currently becoming the industry standard for Web Application development. On the other hand, Model-Driven Web Engineering (MDWE) methodologies are known to improve productivity when building this kind of applications. However, current MDWE methodologies tend to ignore important aspects of Web Applications development supported by agile processes, such as constant customer feedback or early design of user interfaces.ObjectiveIn this paper we analyze the difficulties of supporting agile features in MDWE methodologies. Then, we propose an approach that eases the incorporation of well-known agile practices to MDWE.MethodWe propose using User Interface prototypes (usually known as mockups) as a way to start the modeling process in the context of a mixed agile-MDWE process. To assist this process, we defined a lightweight metamodel that allows modeling features over mockups, interacting with end-users and generating MDWE models. Then, we conducted a statistical evaluation of both approaches (traditional vs. mockup-based modeling).ResultsFirst we comment on how agile features can be added to MDWE processes using mockups. Then, we show by means of a quantitative study that the proposed approach is faster, less error-prone and still as complete as traditional MDWE processes.ConclusionThe use of mockups to guide the MDWE process helps in the reduction of the development cycle as well as in the incorporation of agile practices in the model-driven workflow. Complete MDWE models can be built and generated by using lightweight modeling over User Interface mockups, and this process suggests being more efficient, in terms of errors and effort, than traditional modeling in MDWE.     

Trusted Product Lines

ContextThe paper addresses the use of a Software Product Line approach in the context of developing software for a high-integrity, regulated domain such as civil aerospace. The success of a Software Product Line approach must be judged on whether useful products can be developed more effectively (lower cost, reduced schedule) than with traditional single-system approaches. When developing products for regulated domains, the usefulness of the product is critically dependent on the ability of the development process to provide approval evidence for scrutiny by the regulating authority.ObjectiveThe objective of the work described is to propose a framework for arguing that a product instantiated using a Software Product Line approach can be approved and used within a regulated domain, such that the development cost of that product would be less than if it had been developed in isolation.MethodThe paper identifies and surveys the issues relating the adoption of Software Product Lines as currently understood (including related technologies such as feature modelling, component-based development and model transformation) when applied to high-integrity software development. We develop an argument framework using Goal Structuring Notation to structure the claims made and the evidence required to support the approval of an instantiated product in such domains. Any unsubstantiated claims or missing/sub-standard evidence is identified, and we propose potential approaches or pose research questions to help address this.ResultsThe paper provides an argument framework supporting the use of a Software Product Line approach within a high-integrity regulated domain. It shows how lifecycle evidence can be collected, managed and used to credibly support a regulatory approval process, and provides a detailed example showing how claims regarding model transformation may be supported. Any attempt to use a Software Product Line approach in a regulated domain will need to provide evidence to support their approach in accordance with the argument outlined in the paper.ConclusionProduct Line practices may complicate the generation of convincing evidence for approval of instantiated products, but it is possible to define a credible Trusted Product Line approach.     

Traceability-centric model-driven object-oriented engineering

ContextObject-oriented (OO) development method is a popular paradigm in developing target systems. However, the current practices of OO analysis and design (OOAD) and implementation largely rely on human developers’ experience and expertise, making it possible less efficient and more error-prone. Hence, there is room for improving the development efficiency while preserving high quality of programs.ObjectiveModel-driven development (MDD) is a promising approach to developing programs by machine-assisted model transformation, saving human efforts and reducing the possibility of introducing program faults. Hence, it is appealing to apply key disciplines of MDD in developing OO programs.MethodIn this paper, we propose a comprehensive framework for applying MDD on OO program engineering in a rigorous and formal fashion. The framework consists of: (1) a hybrid engineering model of human and machine, (2) meta-models of OOAD artifacts, (3) traceability map with trace links, and (4) transformation rules.ResultsWe identified five platform independent models and two platform specific models, and defined formal representations for them. We identified 16 traceability links and accordingly 16 transformation rules among the eight artifacts. Through the case study, we showed that our work is feasible and applicable. We assessed our work and concluded that our work is sound, complete, and extendable. Our work established the foundation toward automatic generation of OO programs based on the traceability framework.ConclusionIt is concluded that it is essential to identify the OOAD artifacts, traceability links, and transformation rules for automatic generation of OO programs. It is also important to understand the human involvement nature in MDD and to explicitly treat them in the model transformation.     

A metamodel for modeling system features and their refinement, constraint and interaction relationships

This paper presents a metamodel for modeling system features and relationships between features. The underlying idea of this metamodel is to employ features as first-class entities in the problem space of software and to improve the customization of software by explicitly specifying both static and dynamic dependencies between system features. In this metamodel, features are organized as hierarchy structures by the refinement relationships, static dependencies between features are specified by the constraint relationships, and dynamic dependencies between features are captured by the interaction relationships. A first-order logic based method is proposed to formalize constraints and to verify constraints and customization. This paper also presents a framework for interaction classification, and an informal mapping between interactions and constraints through constraint semantics. Hong Mei received the BSc and MSc degrees in computer science from the Nanjing University of Aeronautics and Astronautics (NUAA), China, in 1984 and 1987, respectively, and the PhD degree in computer science from the Shanghai Jiao Tong University in 1992. He is currently a professor of Computer Science at the Peking University, China. His current research interests include Software Engineering and Software Engineering Environment, Software Reuse and Software Component Technology, Distributed Object Technology, and Programming Language. He has published more than 100 technical papers. Wei Zhang received the BSc in Engineering Thermophysics and the MSc in Computer Science from the Nanjing University of Aeronautics and Astronautics (NUAA), China, in 1999 and 2002, respectively. He is currently a PhD student at the School of Electronics Engineering and Computer Science of the Peking University, China. His research interests include feature-oriented requirements modeling, feature-driven software architecture design and feature-oriented software reuse. Haiyan Zhao received both the BSc and the MSc degree in Computer Science from the Peking Univeristy, China, and the Ph.D degree in Information Engineering from the University of Tokyo, Japan. She is currently an associate professor of Computer Science at the Peking University, China. Her research interests include Software Reuse, Domain Engineering, Domain Specific Languange and Program Transformation.     

A powertype-based metamodelling framework

Software development methodologies may be described in the context of an underpinning metamodel, but the precise mechanisms that permit them to be defined in terms of their metamodels are usually difficult to explain and do not cover all needs. For example, it is difficult to devise a way that allows the definition of properties of the elements that compose the methodology and, at the same time, of the entities (such as work products) created when the methodology is applied. This article introduces a new approach to constructing metamodels and deriving methodologies from them based on the concept of powertype. It combines key advantages of other metamodelling approaches and allows the seamless integration of process, modelling and documentational aspects of methodologies. With this approach, both methodology components and project entities can be described directly by the same metamodel. Cesar Gonzalez-Perez is a post-doctoral research fellow at the Faculty of Information Technology at UTS, where he works in object- and agent- oriented methodologies and metamodelling. Cesar is the author of over 40 publications and has led 12 successful software development projects. Cesar has previously worked in archaeology as well as biology, both in industry and academe. Cesar is the founder and former technical director of Neco, a company based in Spain specialising in software development support services, which include the deployment and use of the OPEN/Metis methodological framework at small and mid-sized organisations. Brian Henderson-Sellers is Director of the Centre for Object Technology Applications and Research and Professor of Information Systems at University of Technology, Sydney (UTS). He is author of eleven books on object technology and is well-known for his work in OO methodologies (MOSES, COMMA, OPEN, OOSPICE) and in OO metrics and, more recently, in agent-oriented methodologies. Brian has been Regional Editor of Object-Oriented Systems, a member of the editorial board of Object Magazine/Component Strategies and Object Expert for many years and is currently on the editorial board of Journal of Object Technology and Software and Systems Modelling. He is Editor of the International Journal on Agent-Oriented Software Engineering. He was the Founder of the Object-Oriented Special Interest Group of the Australian Computer Society (NSW Branch) and Chairman of the Computerworld Object Developers' Awards committee for ObjectWorld 94 and 95 (Sydney). He is a frequent, invited speaker at international OT conferences. In 1999, he was voted number 3 in the Who's Who of Object Technology (Handbook of Object Technology, CRC Press, Appendix N). He is a member of the Review Panel for the OMG's Software Process Engineering Model (SPEM) standards initiative and a member of the UML2.0 review team. In July 2001, Professor Henderson-Sellers was awarded a Doctor of Science (DSc) from the University of London for his research contributions in object-oriented methodologies.     

Pattern-based framework for modularized software development and evolution robustness

Context

Software development is now facing much more challenges than ever before due to the intrinsic high complexity and the increasing demands of the quick-service-ready paradigm.

Objective

As the developers are now called for more quality software systems from the industries, there is insufficient guidance from the methodologies and standards of software engineering that can provide assistance to the rapid development of qualified business software.

Method

In this work, we discuss the advantages of the pattern-based software development. We verify the benefits using a pattern-based software framework called OS2F, and a corresponding system design architecture that is intended for the rapid development of web applications.

Results

The objective of the framework/architecture is that, through software patterns, developers should be able to separate the work of system development from the business rules so as to reduce the problems caused by a developer’s lack of business experiences.

Conclusion

Through a suitable pattern-based software framework, the quality of the product can thus be enhanced, software development time and cost decreased, and software evolution robustness improved.     

A framework for software process deployment and evaluation

ContextSoftware Process Engineering promotes the systematic production of software by following a set of well-defined technical and management processes. A comprehensive management of these processes involves the accomplishment of a number of activities such as model design, verification, validation, deployment and evaluation. However, the deployment and evaluation activities need more research efforts in order to achieve greater automation.ObjectiveWith the aim of minimizing the required time to adapt the tools at the beginning of each new project and reducing the complexity of the construction of mechanisms for automated evaluation, the Software Process Deployment & Evaluation Framework (SPDEF) has been elaborated and is described in this paper.MethodThe proposed framework is based on the application of well-known techniques in Software Engineering, such as Model Driven Engineering and Information Integration through Linked Open Data. It comprises a systematic method for the deployment and evaluation, a number of models and relationships between models, and some software tools.ResultsAutomated deployment of the OpenUP methodology is tested through the application of the SPDEF framework and support tools to enable the automated quality assessment of software development or maintenance projects.ConclusionsMaking use of the method and the software components developed in the context of the proposed framework, the alignment between the definition of the processes and the supporting tools is improved, while the existing complexity is reduced when it comes to automating the quality evaluation of software processes.     

An engineering process for developing Secure Data Warehouses

We present a new approach for the elicitation and development security requirements in the entire Data Warehouse (DWs) life cycle, which we have called a Secure Engineering process for DAta WArehouses (SEDAWA). Whilst many methods for the requirements analysis phase of the DWs have been proposed, the elicitation of security requirements as non-functional requirements has not received sufficient attention. Hence, in this paper we propose a methodology for the DW design based on Model Driven Architecture (MDA) and the standard Software Process Engineering Metamodel Specification (SPEM) from the Object Management Group (OMG). We define four phases comprising of several activities and steps, an d five disciplines which cover the whole DW design. Our methodology adapts the i¹ framework to be used under MDA and the SPEM approaches in order to elicit and develop security requirements for DWs. The benefits of our proposal are shown through an example related to the management of the pharmacies consortium business.     

A language-independent and formal approach to pattern-based modelling with support for composition and analysis

ContextPatterns are used in different disciplines as a way to record expert knowledge for problem solving in specific areas. Their systematic use in Software Engineering promotes quality, standardization, reusability and maintainability of software artefacts. The full realisation of their power is however hindered by the lack of a standard formalization of the notion of pattern.ObjectiveOur goal is to provide a language-independent formalization of the notion of pattern, so that it allows its application to different modelling languages and tools, as well as generic methods to enable pattern discovery, instantiation, composition, and conflict analysis.MethodFor this purpose, we present a new visual and formal, language-independent approach to the specification of patterns. The approach is formulated in a general way, based on graphs and category theory, and allows the specification of patterns in terms of (nested) variable submodels, constraints on their allowed variance, and inter-pattern synchronization across several diagrams (e.g. class and sequence diagrams for UML design patterns).ResultsWe provide a formal notion of pattern satisfaction by models and propose mechanisms to suggest model transformations so that models become consistent with the patterns. We define methods for pattern composition, and conflict analysis. We illustrate our proposal on UML design patterns, and discuss its generality and applicability on different types of patterns, e.g. workflow patterns, enterprise integration patterns and interaction patterns.ConclusionThe approach has proven to be powerful enough to formalize patterns from different domains, providing methods to analyse conflicts and dependencies that usually are expressed only in textual form. Its language independence makes it suitable for integration in meta-modelling tools and for use in Model-Driven Engineering.     

A systematic review of transformation approaches between user requirements and analysis models

Model transformation is one of the basic principles of Model Driven Architecture. To build a software system, a sequence of transformations is performed, starting from requirements and ending with implementation. However, requirements are mostly in the form of text, but not a model that can be easily understood by computers; therefore, automated transformations from requirements to analysis models are not easy to achieve. The overall objective of this systematic review is to examine existing literature works that transform textual requirements into analysis models, highlight open issues, and provide suggestions on potential directions of future research. The systematic review led to the analysis of 20 primary studies (16 approaches) obtained after a carefully designed procedure for selecting papers published in journals and conferences from 1996 to 2008 and Software Engineering textbooks. A conceptual framework is designed to provide common concepts and terminology and to define a unified transformation process. This facilitates the comparison and evaluation of the reviewed papers.     

A systematic review of code generation proposals from state machine specifications

ContextModel Driven Development (MDD) encourages the use of models for developing complex software systems. Following a MDD approach, modelling languages are used to diagrammatically model the structure and behaviour of object-oriented software, among which state-based languages (including UML state machines, finite state machines and Harel statecharts) constitute the most widely used to specify the dynamic behaviour of a system. However, generating code from state machine models as part of the final system constitutes one of the most challenging tasks due to its dynamic nature and because many state machine concepts are not supported by the object-oriented programming languages. Therefore, it is not surprising that such code generation has received great attention over the years.ObjectiveThe overall objective of this paper is to plot the landscape of published proposals in the field of object oriented code generation from state machine specifications, restricting the search neither to a specific context nor to a particular programming language.MethodWe perform a systematic, accurate literature review of published studies focusing on the object oriented implementation of state machine specifications.ResultsThe systematic review is based on a comprehensive set of 53 resources in all, which we have classified into two groups: pattern-based and not pattern-based. For each proposal, we have analysed both the state machine specification elements they support and the means the authors propose for their implementation. Additionally, the review investigates which proposals take into account desirable features to be considered in software development such as maintenance or reusability.ConclusionsOne of the conclusions drawn from the review is that most of the analysed works are based on a software design pattern. Another key finding is that many papers neither support several of the main components of the expressive richness of state machine specifications nor provide an implementation strategy that considers relevant qualitative aspects in software development.     

Applying MDE to the (semi-)automatic development of model transformations

ContextModel transformations play a key role in any software development project based on Model-Driven Engineering principles. However, despite the inherent complexity of developing model transformations, little attention has been paid to the application of MDE principles to the development of model transformations.ObjectiveIn order to: (a) address the inherent complexity of model transformation development and (b) alleviate the problem of the diversity of the languages that are available for model transformation, this paper proposes the application of MDE principles to the development of model transformations. In particular, we have adopted the idea of handling model transformations as transformation models in order to be able to model, transform and generate model transformations.MethodThe proposal follows an MDA-based approach that entails the modeling of model transformations at different abstraction levels and the connection of these models by means of model transformations. It has been empirically validated by conducting a set of case studies following a systematic research methodology.ResultsThe proposal was supported by the introduction of MeTAGeM, a methodological and technical framework for the model-driven development of model transformations that bundles a set of Domain-Specific Languages for modeling model transformations with a set of model transformations in order to bridge these languages and (semi-)automate model transformations development.ConclusionThis paper serves to show that a semi-automatic development process for model transformations is not only desirable but feasible. This process, based on MDE principles, helps to ease the task of developing model transformations and to alleviate interoperability issues between model transformation languages.     

Suitability assessment framework of agent-based software architectures

ContextA common distributed intelligent system architecture is Multi Agent Systems (MASs). Creating systems with this architecture has been recently supported by Agent Oriented Software Engineering (AOSE) methodologies. But two questions remain: how do we determine the suitability of a MAS implementation for a particular problem? And can this be determined without AOSE expertise?ObjectiveGiven the relatively small number of software engineers that are AOSE experts, many problems that could be better solved with a MAS system are solved using more commonly known but not necessarily as suitable development approaches (e.g. object-oriented). The paper aims to empower software engineers, who are not necessarily AOSE experts, in deciding whether or not they should advocate the use of an MAS technology for a given project.MethodThe paper will construct a systematic framework to identify key criteria in a problem requirement definition to assess the suitability of a MAS solution. The criteria are first identified using an iterative process. The features are initially identified from MAS implementations, and then validated against related work. This is followed by a statistical analysis of 25 problems that characterise agent-oriented solutions previously developed to group features into key criteria.ResultsKey criteria were sufficiently prominent using factor analysis to construct a framework which provides a process that identifies within the requirements the criteria discovered. This framework is then evaluated for assessing suitability of a MAS architecture, by non-AOSE experts, on two real world problems: an electricity market simulation and a financial accounting system.ConclusionSubstituting a software engineer’s personal inclination to (or not to) use a MAS, our framework provides an objective mechanism. It can supplant current practices where the decision to use a MAS architecture for a given problem remains an informal process. It was successfully illustrated on two real world problems to assess the suitability of a MAS implementation. This paper will potentially facilitate the take up of MAS technology.