Component-Based Systems Reconfigurations Using Graph Transformations with <Emphasis Type="Italic">GROOVE</Emphasis>

Component-based systems permit standardisation and re-usability of code through the use of components. The architecture of component-based systems can be modified thanks to dynamic reconfigurations, which contribute to systems’ (self-)adaptation by adding or removing components without incurring any system downtime. In this context, the present article describes a formal model for dynamic reconfigurations of component-based systems. It provides a way of expressing runtime reconfigurations of a system and proving their correctness according to a static invariant for consistency constraints and/or a user-provided post-condition. Guarded reconfigurations allow us to build reconfigurations based on primitive reconfiguration operations using sequences of reconfigurations and the alternative and the repetitive constructs, while preserving configuration consistency. A practical contribution consists of the implementation of a component-based model using the GROOVE graph transformation tool. This implementation is illustrated on a cloud-based multi-tier application hosting environment managed as a component-based system. In addition, after enriching the model with interpreted configurations and reconfigurations in a consistency compatible manner, component systems’ implementations are related to their specifications by a simulation relation.     

A Framework for Engineering Interactions in Java-based Component Systems

This paper describes a Java-based framework for the development of component-based software systems supporting the specification of the logic of component interactions as a first-class aspect. Java is used as the reference development language.On the one side, the framework makes it possible to specify the logic of interaction at the component-level, in terms of input and output interfaces, the events generated and observed by a component, and related information about the management of the control flow. On the other side, it is possible to specify the logic of interaction at the inter-component level, providing a modelling and linguistic support for designing and (dynamically) programming the glue among the components, enabling general forms of observation, control and construction of the interaction space.As a result, the framework supports the coordination of components at different levels: from interoperability among heterogeneous and unknown components, to the support for dynamic introduction, removal and update of components, to general coordination patterns, such as workflow. The framework adopts first-order logic as the reference computational model for describing and defining the logic of interaction: the modalities adopted by components to interact, the coordination laws gluing the components and the interaction events occurring in the system are expressed as facts and rules. They compose the (evolving) logic theories describing and defining the interaction at the system level, and can be observed and controlled at runtime to allow dynamic re-configurability.     

扩充CDL支持基于构件的系统组装与演化

基于构件的软件开发方法适应于软件构造性和演化性的特征，也对软件配置管理提出了新要求，在基于构件的软件配置管理模型基础上，提出了在构件描述语言CDL上扩充系统演化信息的方法，使构件组装系统与配置管理系统形成有机的整体，为基于构件的软件开发方法提供了良好的技术支持，不仅可以有效地支持基于构件的系统构造定义，而且可以支持系统的演化以及系统的部署。     

可视化分布组件协调环境

分布组件的协调是基于组件的分布系统开发中的一个基本问题。针对具体应用,提出了一种分布组件协调模型－－Ｃｏｎｃｅｒｔｏ。Ｃｏｎｃｅｒｔｏ模型以Ｐｅｔｒｉ网为理论基础,综合了现有的控制驱动和数据驱动两类协调模型。Ｐｅｔｒｉ网的变迁与分布组件系统中的事件、条件、操作和时间信息结合起来,提供了与计算机系统交互的方法。在Ｃｏｎｃｅｒｔｏ模型基础上,实现了可视化分布组件协调环境,对分布组件系统进行并发死锁验证     

Static vulnerability detection in Java service-oriented components

Extensible component-based platforms allow dynamic discovery, installation and execution of components. Such platforms are service-oriented, as components may directly interact with each other via the services they provide. Even robust languages such as Java were not designed to handle safe code interaction between trusted and untrusted parties. Dynamic installation of code provided by different third parties leads to several security issues. The different security layers adopted by Java or component-based platforms cannot fully address the problem of untrusted components trying to tamper with other components via legitimate interactions. A malicious component might even use vulnerable ones to compromise the whole component-based platform. Our approach identifies vulnerable components in order to prevent them from threatening services security. We use static analysis to remain as exhaustive as possible and to avoid the need for non-standard or intrusive environments. We show that a static analysis through tainted object propagation is well suited to detect vulnerabilities in Java service-oriented components. We present STOP, a Service-oriented Tainted Object Propagation tool, which applies this technique to statically detect those security flaws. Finally, the audit of several trusted Apache Felix bundles shows that nowadays component-based platforms are not prepared for malicious Java interactions.     

一种基于构件的手机可重构虚拟仪器技术

针对手机测试系统对便携式测量提出的在线升级和功能调整的要求,提出了基于构件的手机动态可重构测试系统。采用动态XML解析器模型实现了手机端测试系统的动态解析、构件的查找和装配,形成一个测试功能可以根据测试任务快速重组的测试系统。提出了支持面向发布/订阅模式的仪器构件模型,在此基础上设计了系统数据模型和事件模型来实现构件之间消息的传递与数据的更新。以声音信号采集分析仪器和3种人体生理信号采集测试系统为应用例子,进行测试。结果证明了该平台的可实现性,并能够满足手机测试系统对便携式测量提出的在线重构和功能调整的要求。     

KLAIM: a kernel language for agents interaction and mobility

We investigate the issue of designing a kernel programming language for mobile computing and describe KLAIM, a language that supports a programming paradigm where processes, like data, can be moved from one computing environment to another. The language consists of a core Linda with multiple tuple spaces and of a set of operators for building processes. KLAIM naturally supports programming with explicit localities. Localities are first-class data (they can be manipulated like any other data), but the language provides coordination mechanisms to control the interaction protocols among located processes. The formal operational semantics is useful for discussing the design of the language and provides guidelines for implementations. KLAIM is equipped with a type system that statically checks access right violations of mobile agents. Types are used to describe the intentions (read, write, execute, etc.) of processes in relation to the various localities. The type system is used to determine the operations that processes want to perform at each locality, and to check whether they comply with the declared intentions and whether they have the necessary rights to perform the intended operations at the specific localities. Via a series of examples, we show that many mobile code programming paradigms can be naturally implemented in our kernel language. We also present a prototype implementation of KLAIM in Java     

分布式软件体系结构中组件依赖的描述

分布式软件的动态配置及软件体系结构中的一个重要问题是对组件依赖的理解和描述。该文采用的方法提供了精确描述组件交互的基础,展示了分布式系统组件间的拓扑关系,进而描述了软件体系结构。该方法还对组件测试提供了有力支持,它的突出优点是用一种方法来描述体系结构并支持软件测试。     

网格环境下的航空发动机集成设计与分布仿真研究

建立了一个开发航空发动机分布仿真的系统环境．该环境中子模型具有自治性,子模型的设计者可以根据自己的需要选择所使用的工具,定义变量以及他们与其他设计者之间的关系．应用新兴的网格技术建立了一个集成设计和分布仿真的环境框架,它可以灵活地建立和修改基于部件对象模型建立起来的航空发动机模型,并尝试解决仿真中存在的多学科耦合以及大计算量的问题．该框架具有图形化界面,可以方便地更改发动机的参数和结构,其所具有网格技术的易扩展性也为今后建立更复杂的发动机模型提供了良好的平台．研究人员可以应用该系统提供的可扩展设计和仿真环境,灵活地组建新的航空发动机模型并进行仿真．     

基于Java平台实现安全行为模型验证

非信任代码的安全执行是移动代码安全的重要问题之一。携带模型代码方法同时从移动代码的生产者和使用者的角度考虑,为安全执行非信任代码提供了一个系统、全面且有效的解决方案。该方法主要包括安全策略的定义、安全行为模型的生成,以及其验证和安全策略的强制实施。针对已被广泛使用的Java平台,在深入分析其基于访问控制的安全体系结构的基础上,通过对Java核心类的修改和扩展,提出了一种能增加新的安全策略,以及实现MCC方法中安全行为模型验证的方法,为提高Java安全策略的描述能力,以及基于于Java平台实现MCC方法,确保更全面的安全机制提供了可行的途径。     

Coordinating Mobile Agents by the XML-Based Tuple Space

This paper presents Xspace,a programmable coordination paradigm for Internet applications based on mobile agents.The Xspace system fully exploits the advantages of the XML language and Linda-like coordination.It supports XML documents as tuple fields and multiple matching routines implementing different relations among XML documents,including those given by XML query languages,The Xspace uses Java as the implementation language;it is based on object-oriented XMLized tuple spaces to implement a portable and programmable coordination paradigm for mobile agents.The dsign and implementation procedures of Xspace are described in this paper,Experiment and performance evaluation are also made.Finally,some conclusinos and remarks are given.     

Configuration and dynamic reconfiguration of components using the coordination paradigm

One of the most promising approaches in developing component-based (possibly distributed) systems is that of coordination models and languages. Coordination programming enjoys a number of advantages such as the ability to express different software architectures and abstract interaction protocols, support for multi-linguality, reusability and programming-in-the-large, etc. Configuration programming is another promising approach in developing large scale, component-based systems, with the increasing need for supporting the dynamic evolution of components. In this paper we explore and exploit the relationship between the notions of coordination and (dynamic) configuration and we illustrate the potential of control- or event-driven coordination languages to be used as languages for expressing dynamically reconfigurable software architectures. We argue that control-driven coordination has similar goals and aims with the notion of dynamic configuration and we illustrate how the former can achieve the functionality required by the latter.     

基于组件的开放式CAD系统模型

在回顾CAD系统的几类系统模型并分析其优缺点的基础上，立足于CAD系统的开放性、集成性和效率，运用基于组件的软件工程技术，提出了CAD系统组件模型，并详细地分析了模型中各组件的功能和组件间的通讯.系统模型具有两级总线结构，较之以往的模型，其开放性大大提高，便于实现结构灵活、开放性强的实用系统.同时，组件也为软件复用建立了良好的基础.     

基于组件的嵌入式软件开发方法

根据嵌入式软件的特点,提出一种以模型为中心、基于组件的嵌入式软件开发方法。它以动态数据流图为系统模型对嵌入式软件的功能和性能需求进行了描述,由此提供了强大的描述和分析能力;通过基于特定组件模型的实现结构和实现代码框架的自动生成,以DDF定义的系统可以被有效地分解为一系列独立的组件,合适的DDF调度算法一致地表示了系统组件的执行语义,使得并发开发的组件具有良好的可集成性。该方法充分考虑了嵌入式开发的特点,能有效地降低系统复杂性和支持系统组件的并发开发和复用,从而提高了开发效率并降低了开发成本。     

基于构件软件的可靠性通用模型

工作流管理的最终目的是实现适当的人在适当的时间执行适当的活动.企业要获得竞争力,需要在工作流模型中考虑与业务过程相关的时间约束.一个考虑时间因素的工作流模型,需要在投入运行前进行时间规范与验证,以保证工作流执行的时间协调.通过为工作流网元素扩展时间属性,得到集成业务过程时间约束的工作流模型??时间约束工作流网(TCWF-nets).基于对业务活动的可调度性分析,提出了时序一致性验证方法,确保工作流执行中活动之间时间交互的安全性.在所附加的时间约束下,该可调度分析方法不仅能够检测某一给定工作流调度的时间可行性,还能对特定的实例给出一个最优调度,使工作流执行延迟最小.研究结果表明,该方法支持业务过程的时间建模与分析,对于丰富现有工作流系统的时间管理功能以及增强现存工作流软件对动态业务环境的适应性具有重要意义.     

基于J2ME的手机智力游戏的研究与开发

J2ME作为Java技术专为消费嵌入式系统定制的版本,其稳定性、跨平台性、安全性、扩展性使得成为移动通讯设备上主流开发平台,基于J2ME的应用开发成为热点。该文介绍了笔者参与开发的一个基于J2ME的手机智力游戏的设计与开发。是对手机上基于J2ME的开发的一次有效探索。经过试验证明,程序在大多数手机上运行良好。