Software reflexion models: bridging the gap between design andimplementation

The artifacts constituting a software system often drift apart over time. We have developed the software reflexion model technique to help engineers perform various software engineering tasks by exploiting, rather than removing, the drift between design and implementation. More specifically, the technique helps an engineer compare artifacts by summarizing where one artifact (such as a design) is consistent with and inconsistent with another artifact (such as source). The technique can be applied to help a software engineer evolve a structural mental model of a system to the point that it is “good enough” to be used for reasoning about a task at hand. The software reflexion model technique has been applied to support a variety of tasks, including design conformance, change assessment, and an experimental reengineering of the million-lines-of-code Microsoft Excel product. We provide a formal characterization of the reflexion model technique, discuss practical aspects of the approach, relate experiences of applying the approach and tools, and place the technique into the context of related work     

Process mining using BPMN: relating event logs and process models

Process-aware information systems (PAIS) are systems relying on processes, which involve human and software resources to achieve concrete goals. There is a need to develop approaches for modeling, analysis, improvement and monitoring processes within PAIS. These approaches include process mining techniques used to discover process models from event logs, find log and model deviations, and analyze performance characteristics of processes. The representational bias (a way to model processes) plays an important role in process mining. The BPMN 2.0 (Business Process Model and Notation) standard is widely used and allows to build conventional and understandable process models. In addition to the flat control flow perspective, subprocesses, data flows, resources can be integrated within one BPMN diagram. This makes BPMN very attractive for both process miners and business users, since the control flow perspective can be integrated with data and resource perspectives discovered from event logs. In this paper, we describe and justify robust control flow conversion algorithms, which provide the basis for more advanced BPMN-based discovery and conformance checking algorithms. Thus, on the basis of these conversion algorithms low-level models (such as Petri nets, causal nets and process trees) discovered from event logs using existing approaches can be represented in terms of BPMN. Moreover, we establish behavioral relations between Petri nets and BPMN models and use them to adopt existing conformance checking and performance analysis techniques in order to visualize conformance and performance information within a BPMN diagram. We believe that the results presented in this paper can be used for a wide variety of BPMN mining and conformance checking algorithms. We also provide metrics for the processes discovered before and after the conversion to BPMN structures. Cases for which conversion algorithms produce more compact or more complicated BPMN models in comparison with the initial models are identified.     

Mining architectural violations from version history

Software architecture conformance is a key software quality control activity that aims to reveal the progressive gap normally observed between concrete and planned software architectures. However, formally specifying an architecture can be difficult, as it must be done by an expert of the system having a high level understanding of it. In this paper, we present a lightweighted approach for architecture conformance based on a combination of static and historical source code analysis. The proposed approach relies on four heuristics for detecting absences (something expected was not found) and divergences (something prohibited was found) in source code based architectures. We also present an architecture conformance process based on the proposed approach. We followed this process to evaluate the architecture of two industrial-strength information systems, achieving an overall precision of 62.7 % and 53.8 %. We also evaluated our approach in an open-source information retrieval library, achieving an overall precision of 59.2 %. We envision that an heuristic-based approach for architecture conformance can be used to rapidly raise architectural warnings, without deeply involving experts in the process.     

Calculating ROI for software product lines

Product line engineering has become an important and widely used approach for efficiently developing portfolios of software products. The idea is to develop a set of products as a single, coherent development task from a core asset base (sometimes called a platform), a collection of artifacts specifically designed for use across a portfolio. This approach produces order-of-magnitude economic improvements compared to one-at-a-time software system development. Because the product line approach isn't limited to specific technical properties of the planned software but rather focuses on economic characteristics, high return on investment has become the anthem of the approach's protagonists. Our software product line cost model can calculate the costs and benefits (and hence the ROI) that we can expect to accrue from various product line development situations. It's also straightforward and intuitive.     

STEP一到性测试系统的开发

STEP AP 203（ISO10303－203－1994）是表达3D机械产品设计阶段的产品数据的国际标准,它提供了一种独立于任何特定系统的信息通信的中性机制,然而,如果不对应用系统进行确定其是否与标准相一致的测试,则产品数据交换的目标就不能完全达到,文中在给出STEP一致性测试的系统方法的基础上,通过已开发的STEP AP 203一致性测试系统,来说明如何实现STEP一致性测试。     

Improving active Mealy machine learning for protocol conformance testing

Using a well-known industrial case study from the verification literature, the bounded retransmission protocol, we show how active learning can be used to establish the correctness of protocol implementation I relative to a given reference implementation R. Using active learning, we learn a model M _R of reference implementation R, which serves as input for a model-based testing tool that checks conformance of implementation I to M _R . In addition, we also explore an alternative approach in which we learn a model M _I of implementation I, which is compared to model M _R using an equivalence checker. Our work uses a unique combination of software tools for model construction (Uppaal), active learning (LearnLib, Tomte), model-based testing (JTorX, TorXakis) and verification (CADP, MRMC). We show how these tools can be used for learning models of and revealing errors in implementations, present the new notion of a conformance oracle, and demonstrate how conformance oracles can be used to speed up conformance checking.     

A domain-specific language for context modeling in context-aware systems

Context-awareness refers to systems that can both sense and react based on their environment. One of the main difficulties that developers of context-aware systems must tackle is how to manage the needed context information. In this paper we present MLContext, a textual Domain-Specific Language (DSL) which is specially tailored for modeling context information. It has been implemented by applying Model-Driven Development (MDD) techniques to automatically generate software artifacts from context models. The MLContext abstract syntax has been defined as a metamodel, and model-to text transformations have been written to generate the desired software artifacts. The concrete syntax has been defined with the EMFText tool, which generates an editor and model injector.     

Defining quality intuitively

This is the decade of software quality. In the 1980s we focused on trying to increase productivity; in the 1990s we strive to create higher quality products. Quality is not about user satisfaction, product conformance, or costs and schedules-nor is it solely about defects. Instead, there is a well defined, intuitive relationship between quality and those other product traits, one that clearly distinguishes among them. Further, the detail level definition of software quality concerns the attribute set that each product should have, a collection that must be prioritized differently for different project types     

A tool environment for quality assurance based on the Eclipse Modeling Framework

The paradigm of model-based software development has become more and more popular since it promises an increase in the efficiency and quality of software development. Following this paradigm, models become primary artifacts in the software development process. Therefore, software quality and quality assurance frequently leads back to the quality and quality assurance of the involved models. In our approach, we propose a model quality assurance process that can be adapted to project-specific and domain-specific needs. This process is based on static model analysis using model metrics and model smells. Based on the outcome of the model analysis, appropriate model refactoring steps can be performed. In this paper, we present a tool environment conveniently supporting the proposed model quality assurance process. In particular, the presented tools support metrics reporting, smell detection, and refactoring for models being based on the Eclipse Modeling Framework, a widely used open source technology in model-based software development.     

A warning on how to implement anonymous credential protocols into the information card framework

Unlinkability is a privacy feature supported by those multi-party security protocols allowing anonymous users’ credential exchanges among different organizations. Proper signature schemes, based on discrete logarithms, must be used in order to guarantee the above requirements as well as selective disclosure of information. In this paper, we highlight that whenever a concrete architecture based on the above protocols is implemented, some aspects concerning how to manage the association between bases of discrete logarithms and attributes used in attribute certificates should be carefully considered, in order to guarantee that unlinkability really holds. We show that the problem is concrete by testing that the state-of-the-art implementation suffers from the above problem. A general solution is also proposed.     

远程IP/ICMP协议一致性测试研究

在 INTERNET迅速发展的今天 ,作为 INTERNET的核心的 IP协议的地位已日趋重要 ,IP协议的一致性测试已成为协议工程学的研究重点 .ICMP协议作为 IP模块的差错报告和控制报文 ,与 IP协议的一致性测试具有十分密切的关系 .测试实践向 IP/ ICMP的测试活动提出了新的要求——远程测试 .在 PITS系统 〔1〕基础上 ,清华大学 CNPT实验室进一步开发了 IP/ ICMP远程测试模块 .本文分析了 IP/ ICMP一致性测试远程化的可行性 ,提出了一种测试方法并加以实现     

Model-based incremental conformance checking to enable interactive product configuration

ContextModel-based product line engineering (PLE) is a paradigm that can enable automated product configuration of large-scale software systems, in which models are used as an abstract specification of commonalities and variabilities of products of a product line.ObjectiveIn the context of PLE, providing immediate feedback on the correctness of a manual configuration step to users has a practical impact on whether a configuration process with tool support can be successfully adopted in practice.MethodIn an existing work, a UML-based variability modeling methodology named as SimPL and an interactive configuration process was proposed. Based on the existing work, we propose an automated, incremental and efficient conformance checking approach to ensure that the manual configuration of a variation point conforms to a set of pre-defined conformance rules specified in the Object Constraint Language (OCL). The proposed approach, named as Zen-CC, has been implemented as an integrated part of our product configuration and derivation tool: Zen-Configurator.ResultsThe performance and scalability of Zen-CC have been evaluated with a real-world case study. Results show that Zen-CC significantly outperformed two baseline engines in terms of performance. Besides, the performance of Zen-CC remains stable during the configuration of all the 10 products of the product line and its efficiency also remains un-impacted even with the growing product complexity, which is not the case for both of the baseline engines.ConclusionThe results suggest that Zen-CC performs practically well and is much more scalable than the two baseline engines and is scalable for configuring products with a larger number of variation points.     

Architectural knowledge discovery with latent semantic analysis: Constructing a reading guide for software product audits

Architectural knowledge is reflected in various artifacts of a software product. In a software product audit this architectural knowledge needs to be uncovered and its effects assessed in order to evaluate the quality of the software product. A particular problem is to find and comprehend the architectural knowledge that resides in the software product documentation. In this article, we discuss how the use of a technique called Latent Semantic Analysis can guide auditors through the documentation to the architectural knowledge they need. We validate the use of Latent Semantic Analysis for discovering architectural knowledge by comparing the resulting vector-space model with the mental model of documentation that auditors possess.     

On the refinement of use case models with variability support

Modeling software product lines shall imply modeling from different perspectives with different modeling artifacts such as use case diagrams, component diagrams, class diagrams, activity diagrams, sequence diagrams and others. In this paper, we elaborate on use cases for modeling product lines and we explore them from the perspective of variability by working with the unified modeling language (UML) ?extend? relationship. We also explore them from the perspective of detail by (functionally) refining use cases with ?extend? relationships between them. This paper’s intent is to provide for comprehension about use case modeling with functional refinement when variability is present.     

Process interoperability in healthcare systems with dynamic semantic web services

Healthcare systems are very complex due to extreme heterogeneity in their data and processes. Researchers and practitioner need to make systems interoperable and integrate for the benefit of all the stakeholders including hospitals, clinicians, medical support staff, and patients. The broader goal of interoperability can only be achieved when standards are practiced.Two different healthcare systems can earn HL7 conformance and compliance but at the same time can be incompatible for interoperability because of varying implementation of HL7 interaction model. This is mainly because workflows in healthcare systems are very complex. Interoperability on one hand requires flexible mechanism for the mapping of business processes to a standard, HL7 in our example. On the other hand it requires deeper understanding of the standard interaction model and gaps created by their incompatible implementations. In this paper we propose a novel technique of dynamically creating semantic web services as overlay on top of the existing services. We used Web Service Modeling Framework as an underlying architecture for HL7 process artifacts implementation as semantic web services. These semantic services are mapped to our proposed interaction ontology. Integrated reasoning mechanism provides necessary execution semantics for more effective and seamless end-to-end communication.The prototype we tested on different processes from the laboratory domain at a local diagnostic laboratory with uninterrupted process flow. The scenario of Result Query Placer interaction flow and its associated process artifacts are executed for the proof of concept.The proposed solution complements the existing data interoperability in HL7 and leads to semantic process interoperability. The achievement of semantic interoperability results in timely delivery of healthcare services to patients saving precious lives.     

Automated test generation using model checking: an industrial evaluation

In software development, testers often focus on functional testing to validate implemented programs against their specifications. In safety-critical software development, testers are also required to show that tests exercise, or cover, the structure and logic of the implementation. To achieve different types of logic coverage, various program artifacts such as decisions and conditions are required to be exercised during testing. Use of model checking for structural test generation has been proposed by several researchers. The limited application to models used in practice and the state space explosion can, however, impact model checking and hence the process of deriving tests for logic coverage. Thus, there is a need to validate these approaches against relevant industrial systems such that more knowledge is built on how to efficiently use them in practice. In this paper, we present a tool-supported approach to handle software written in the Function Block Diagram language such that logic coverage criteria can be formalized and used by a model checker to automatically generate tests. To this end, we conducted a study based on industrial use-case scenarios from Bombardier Transportation AB, showing how our toolbox CompleteTest can be applied to generate tests in software systems used in the safety-critical domain. To evaluate the approach, we applied the toolbox to 157 programs and found that it is efficient in terms of time required to generate tests that satisfy logic coverage and scales well for most of the programs.     

基于属性证书的X.509证书改进方案

传统X.509证书实现Web安全属性服务时有其一定的局限性。文章详细描述了Farrell等提出的属性证书格式,并给出了用一种基于属性证书的改进证书方案来实现Web上安全属性服务的模型。     

A scoped approach to traceability management

Traceability is the ability to describe and follow the life of a software artifact and a means for modeling the relations between software artifacts in an explicit way. Traceability has been successfully applied in many software engineering communities and has recently been adopted to document the transition among requirements, architecture and implementation. We present an approach to customize traceability to the situation at hand. Instead of automating tracing, or representing all possible traces, we scope the traces to be maintained to the activities stakeholders must carry out. We define core traceability paths, consisting of essential traceability links required to support the activities. We illustrate the approach through two examples: product derivation in software product lines, and release planning in software process management. By using a running software product line example, we explain why the core traceability paths identified are needed when navigating from feature to structural models and from family to product level and backward between models used in software product derivation. A feasibility study in release planning carried out in an industrial setting further illustrates the use of core traceability paths during production and measures the increase in performance of the development processes supported by our approach. These examples show that our approach can be successfully used to support both product and process traceability in a pragmatic yet efficient way.