Integrating software specifications into intrusion detection

There exist a number of Intrusion Detection Systems (IDSs) that detect computer attacks based on some defined attack scenarios. The attack scenarios or security requirements in some of these IDSs are specified in attack specification languages that are different from software specification languages. The use of two different languages for software specification and attack specification may generate redundant and conflicting requirements. The advantage of using the same language for both functional specifications and attacks specifications is that software designers can address the two different issues without learning two types of languages. We present a method of integrating Abstract State Machine Language (AsmL) and Unified Modeling Language (UML) state charts that are extended finite state machine based software specification languages, with an open source IDS Snort. This work provides AsmL and UML users an IDS that they can use without knowing how to write Snort rules. We automatically translate attack scenarios written in AsmL and UML state charts into Snort rules with context information. The original Snort is modified so that it can use the rules automatically generated by the translator. Adding context information to Snort rules improves the detection capability of Snort. To show the efficacy of the presented approach, we have built a prototype and evaluated it using a number of well-known attack scenarios.     

Synthesis from scenario-based specifications

We consider the problem of the automatic generation of reactive systems from specifications given in the scenario-based language of live sequence charts (LSCs). We start by extending the language so that it becomes more suitable for synthesis. We then translate a system specification given in the language into a two-player game between the system and the environment. By solving the game, we generate a winning strategy for the system, which corresponds to a correct implementation of the specification. We also define two notions of system correctness, and show how each can be synthesized.     

Synthesis of Reo circuits from scenario-based interaction specifications

It is difficult to construct correct models for distributed large-scale service-oriented applications. Typically, the behavior of such an application emerges from the interaction and collaboration of multiple components/services. On the other hand, each component, in general, takes part in multiple scenarios. Consequently, not only components, but also their interaction protocols are important in the development process for distributed systems. Coordination models and languages, like Reo, offer powerful “glue-code” to encode interaction protocols. In this paper we propose a novel synthesis technique, which can be used to generate Reo circuits directly from scenario specifications. Inspired by the way UML2.0 sequence diagrams can be algebraically composed, we define an algebraic framework for merging connectors generated from partial specifications by exploiting the algebraic structure of UML sequence diagrams.     

A software tool for top-down programming

Top-down design and programming methods have become well established in both commercial and academic environments. However, a programmer using such methods faces a number of organizational difficulties. This paper describes a software tool, written in Pascal, which eliminates these difficulties. It allows a programmer to interactively develop programs in a top-down fashion.     

Improving timing analysis effectiveness for scenario-based specifications by combining SAT and LP techniques

Software and Systems Modeling - Open environmental software systems are often time-sensitive, as they need to respond to other entities within the systems and/or in the environments promptly. The...     

地震勘探解释软件远程共享的构建方法探讨

地震勘探解释软件价格昂贵,且软件许可证数量有限,严重影响了科研生产的正常开展。为此,提出了地震勘探解释软件远程共享的构建方法,使常规的地震解释软件Landmark及Jason等,可通过FLEX许可管理软件实现软件共享;其他软件可通过共享模式的组合达到软件共享目的;软件共享管理平台用于共享解释软件的综合管理,并利用网络专线实现远程软件共享。该软件远程共享的构建方法,对其他需要实现远程软件共享的单位或部门,具有一定的参考与借鉴价值。     

Features meet scenarios: modeling and consistency-checking scenario-based product line specifications

Many modern software-intensive systems consist of multiple components interacting together to deliver the intended functionality. Often, these systems come in many variants (products) and are managed together as a software product line. This variability is the source of additional complexity which can cause inconsistencies and offset the economies of scale promised by product line engineering. Engineers thus need intuitive, yet precise means for specifying requirements and require tools for automatically detecting inconsistencies within these requirements. In recent work, we proposed a technique for the scenario-based specification of interactions in product lines by a combination of Modal Sequence Diagrams and Feature Diagrams. Furthermore, we elaborated an efficient consistency-checking technique based on a dedicated model-checking approach especially tailored for product lines. In this paper, we report on further evaluations that underline significant performance benefits of our approach. We describe further optimizations and detail on how we encode the consistency-checking problem for a model-checker.     

A methodology for constructing predicate transition net specifications

In this paper, a methodology for constructing hierarchical and structured predicate transition net specifications is developed, which includes new systematic notation extensions for supporting various transformation techniques upon predicate transition nets and several rules for applying such transformation techniques. The levelling technique in data-flow diagrams is adapted in the refinement and the abstraction techniques, and the state decomposition idea in state-charts is employed in designing various label formulation operators. The methodology is illustrated through the specification of a lift system. The methodology can significantly reduce the constructing complexity and enhance the comprehensibility of large predicate transition net specifications.     

基于场景方法的笔式界面软件设计工具

为缩短的笔式用户界面软件的开发周期,让设计人员对软件的整体构思在开发过程中得以保持,提高团队人员的交流效率,提出了有关笔式界面软件的文档描述规范PUIML(pen-based user interface modeling language),并设计实现了一个笔交互的笔式用户界面软件设计工具.以笔式操作平台为软件平台,以PUIML为数据模型,采用基于场景设计的开发方法,为设计人员和用户提供自然的纸笔交互方式,设计结果形成PUIML形式的文档,通过主控程序执行.实践结果表明,使用PUIMaker可以解决笔式用户界面开发中存在的以开发人员为中心,原始设计与开发结果不一致等问题,提高了笔式界面软件的开发效率.     

Model checking large software specifications

In this paper, we present our experiences in using symbolic model checking to analyze a specification of a software system for aircraft collision avoidance. Symbolic model checking has been highly successful when applied to hardware systems. We are interested in whether model checking can be effectively applied to large software specifications. To investigate this, we translated a portion of the state-based system requirements specification of Traffic Alert and Collision Avoidance System II (TCAS II) into input to a symbolic model checker (SMV). We successfully used the symbolic model checker to analyze a number of properties of the system. We report on our experiences, describing our approach to translating the specification to the SMV language, explaining our methods for achieving acceptable performance, and giving a summary of the properties analyzed. Based on our experiences, we discuss the possibility of using model checking to aid specification development by iteratively applying the technique early in the development cycle. We consider the paper to be a data point for optimism about the potential for more widespread application of model checking to software systems     

Semi-automated architectural abstraction specifications for supporting software evolution

In this paper we present an approach for supporting the semi-automated architectural abstraction of architectural models throughout the software life-cycle. It addresses the problem that the design and implementation of a software system often drift apart as software systems evolve, leading to architectural knowledge evaporation. Our approach provides concepts and tool support for the semi-automatic abstraction of architecture component and connector views from implemented systems and keeping the abstracted architecture models up-to-date during software evolution. In particular, we propose architecture abstraction concepts that are supported through a domain-specific language (DSL). Our main focus is on providing architectural abstraction specifications in the DSL that only need to be changed, if the architecture changes, but can tolerate non-architectural changes in the underlying source code. Once the software architect has defined an architectural abstraction in the DSL, we can automatically generate architectural component views from the source code using model-driven development (MDD) techniques and check whether architectural design constraints are fulfilled by these models. Our approach supports the automatic generation of traceability links between source code elements and architectural abstractions using MDD techniques to enable software architects to easily link between components and the source code elements that realize them. It enables software architects to compare different versions of the generated architectural component view with each other. We evaluate our research results by studying the evolution of architectural abstractions in different consecutive versions of five open source systems and by analyzing the performance of our approach in these cases.     

Measuring complexity and coverage of software specifications

Coverage testing in the context of Markov chain usage models refers to coverage of a model of the specification and profile of intended use, rather than coverage of the code that implements the specification. A new measure of specification complexity based on the number of statistically typical paths through the model of the specification is derived. Formulae are presented to compute bounds on the expected number of test cases required to achieve state and arc coverage. Formulae are presented to compare different usage models with respect to the amount of testing required to achieve coverage of typical paths. Convexity properties are established for these formulae to facilitate their use in optimization calculations that are used to generate transition probabilities for the usage models.     

Integrating domain knowledge,requirements, and specifications

This paper describes efforts to develop a transformation-based software environment that supports the acquisition and validation of software requirements specifications. These requirements may be stated informally at first, and then gradually formalized and elaborated. Support is provided for groups of requirements analysts working together, focusing on different analysis tasks and areas of concern. The environment assists in the validation of formalized requirements by translating them into natural language and graphical diagrams and testing them against a running simulation of the system to be built. Requirements defined in terms of domain concepts are transformed into constraints on system components. The advantages of this approach are that specifications can be traced back to requirements and domain concepts, which in turn have been precisely defined.     

On constructing communication protocols from component-based service specifications

Constructing communication protocols from component service specifications, each of which specifies a subfunction of the target protocol, enables efficient development of a large and complex communication protocol. Concerning this construction, related techniques have been already proposed: integration of component protocol specifications into a single protocol specification and transformation of service specifications to protocol specifications. However, the integration needs special knowledge of communication protocols, and the transformation requires that a large and complex service specification should be developed as input to produce the target protocol. In order to cope with these problems, this paper proposes a new method which at first integrates component service specifications into a single service specification, and then transforms the service specification into the target protocol by a protocol synthesis technique. The most important point of view is that component integration is performed at the service specification level rather than the protocol specification level. Additionally, we define a class of ‘well-formed’ service specification which ensures correctness of the target protocol. As a result, the integration and transformation can be efficiently executed in small state space without special knowledge of communication protocols. Finally, we have shown the effectiveness of the proposed method by constructing a part of the real-life OSI protocol FTAM.     

Integrating bottom-up and top-down visual stimulus for saliency detection in news video

This paper presents a new attention model for detecting visual saliency in news video. In the proposed model, bottom-up (low level) features and top-down (high level) factors are used to compute bottom-up saliency and top-down saliency respectively. Then, the two saliency maps are fused after a normalization operation. In the bottom-up attention model, we use quaternion discrete cosine transform in multi-scale and multiple color spaces to detect static saliency. Meanwhile, multi-scale local motion and global motion conspicuity maps are computed and integrated into motion saliency map. To effectively suppress the background motion noise, a simple histogram of average optical flow is adopted to calculate motion contrast. Then, the bottom-up saliency map is obtained by combining the static and motion saliency maps. In the top-down attention model, we utilize high level stimulus in news video, such as face, person, car, speaker, and flash, to generate the top-down saliency map. The proposed method has been extensively tested by using three popular evaluation metrics over two widely used eye-tracking datasets. Experimental results demonstrate the effectiveness of our method in saliency detection of news videos compared to several state-of-the-art methods.     

Integrating specifications: A similarity reasoning approach

Requirements analysis usually results in a set of different specifications for the same system, which must be integrated. Integration involves the detection and elimination of discrepancies between them. Discrepancies may be due to differences in representation models, modeling perspectives or practices. As instances of the semantic heterogeneity problem (Gangopadhyay and Barsalou, 1991), discrepancies are broader than logical inconsistencies, and therefore not always detectable using theorem proving. This paper proposes an approach to their detection using meta-modeling and similarity analysis. Specification components are classified under a meta-model of domain independent semantic modeling abstractions and thereby compared according to a newly developed model of similarity. Similarity analysis results in an isomorphic mapping between them, which can be used as a basis for reconciling and merging them. The approach is extensible in the sense that it accommodates different models for representing specifications, and analysis scales up to manage large, complex specification because the complexity of similarity analysis is polynomial.     

High-level testing and example-directed development of software specifications

A testing-based approach for constructing and refining very high-level software functionality representations such as intentions, natural language assertions, and formal specifications is presented and applied to a standard line-editing problem as an illustration. The approach involves the use of specification-based (black-box) test-case generation strategies, high-level specification formalisms, redundant or parallel development and cross-validation, and a logic programming support environment. Test-case reference sets are used as software functionality representations for the purposes of cross-validating two distinct high-level representations, and identifying ambiguities and omissions in those representations. In fact, we propose the use of successive refinements of such test reference sets as the authoritative specification throughout the software development process. Potential benefits of the approach include improvements in user/ designer communication over all life cycle phases, and an increase in the quality of specifications and designs.     

Quality optimisation of software architectures and design specifications

This special issue of the Journal of Systems and Software presents novel software architecture optimisation frameworks. The majority of the approaches consider the problem of optimising conflicting quality attributes simultaneously. Other approaches focus on effectively searching for better software architectures by either using smart problem-dependent heuristics or by combining the expression power of ADLs with architecture optimisation.