Trusted Product Lines

ContextThe paper addresses the use of a Software Product Line approach in the context of developing software for a high-integrity, regulated domain such as civil aerospace. The success of a Software Product Line approach must be judged on whether useful products can be developed more effectively (lower cost, reduced schedule) than with traditional single-system approaches. When developing products for regulated domains, the usefulness of the product is critically dependent on the ability of the development process to provide approval evidence for scrutiny by the regulating authority.ObjectiveThe objective of the work described is to propose a framework for arguing that a product instantiated using a Software Product Line approach can be approved and used within a regulated domain, such that the development cost of that product would be less than if it had been developed in isolation.MethodThe paper identifies and surveys the issues relating the adoption of Software Product Lines as currently understood (including related technologies such as feature modelling, component-based development and model transformation) when applied to high-integrity software development. We develop an argument framework using Goal Structuring Notation to structure the claims made and the evidence required to support the approval of an instantiated product in such domains. Any unsubstantiated claims or missing/sub-standard evidence is identified, and we propose potential approaches or pose research questions to help address this.ResultsThe paper provides an argument framework supporting the use of a Software Product Line approach within a high-integrity regulated domain. It shows how lifecycle evidence can be collected, managed and used to credibly support a regulatory approval process, and provides a detailed example showing how claims regarding model transformation may be supported. Any attempt to use a Software Product Line approach in a regulated domain will need to provide evidence to support their approach in accordance with the argument outlined in the paper.ConclusionProduct Line practices may complicate the generation of convincing evidence for approval of instantiated products, but it is possible to define a credible Trusted Product Line approach.     

Learning in multi-agent systems: a case study of construction claims negotiation

The ability of agents to learn is of growing importance in multi-agent systems. It is considered essential to improve the quality of peer to peer negotiation in these systems. This paper reviews various aspects of agent learning, and presents the particular learning approach—Bayesian learning—adopted in the MASCOT system (multi-agent system for construction claims negotiation). The core objective of the MASCOT system is to facilitate construction claims negotiation among different project participants. Agent learning is an integral part of the negotiation mechanism. The paper demonstrates that the ability to learn greatly enhances agents' negotiation power, and speeds up the rate of convergence between agents. In this case, learning is essential for the success of peer to peer agent negotiation systems.     

Improving the management of product lines by performing domain knowledge extraction and cross product line analysis

ContextIncrease in market competition is one of the main reasons for developing and maintaining families of systems, termed Product Lines (PLs). Managing those PLs is challenging, let alone the management of several related PLs. Currently, those PLs are managed separately or their relations are analyzed assuming explicit specification of dependencies or use of an underlying terminology. Such assumptions may not hold when developing the PLs in different departments or companies applying various engineering processes.ObjectiveIn this work we call for utilizing the knowledge gained from developing and maintaining different PLs in the same domain in order to recommend on improvements to the management of PLs.MethodThe suggested approach conducts domain knowledge extraction and cross PL analysis on feature diagrams – the main aid for modeling PL variability. The domain knowledge is extracted by applying similarity metrics, clustering, and mining techniques. Based on the created domain models, the approach performs cross PL analysis that examines relations in the domain models and generates improvement recommendations to existing PLs and overall management recommendations (e.g., merging or splitting PLs).ResultsThe approach outcomes were evaluated by humans in a domain of mobile phones. The evaluation results may provide evidence that the outcomes of the approach in general and its recommendations in particular meet human perception of the given domain.ConclusionWe conclude that through domain knowledge extraction and cross PL analysis the suggested approach may generate recommendations useful to the management of individual PLs, as well as to the overall management of different PLs in the same domain.     

User-driven visual composition of service-based interactive spaces

ObjectiveThe overall objective of the research work presented in this paper is to investigate models, methods and architectures to replace fixed, pre-packaged applications with flexible composition environments that make interactive environments “emerge” at run-time, based on composition actions performed by non-technical users. The approach aims at the lightweight construction of integrated, situational workspaces pervasively accessible and sharable through a variety of devices.MethodsBased on a meta-design approach, we designed and implemented a platform that allows end users, not necessarily experts of technologies, to extract contents from heterogeneous sources and compose Personal Information Spaces (PISs) that satisfy their information needs. Specific emphasis is posed on the adoption of a composition paradigm that abstracts from technical details and can thus be used by non-technical users.ResultsThe platform for service composition that supports the activity of the different involved stakeholders is described in details. Thanks to the separation of concerns on which the composition paradigm is based, the overall approach and its enabling platform are also amenable to customization with respect to the requirements of specific domains.ConclusionWe present an approach where a composition platform enables the extraction of content from heterogeneous services and its integration into situational applications where content presentation is flexibly managed through different visual templates. We also discuss the advantages offered by this approach to the stakeholders of a specific community of users in the Cultural Heritage domain.PracticeThe developed prototypes were evaluated in laboratories and field studies: the former aimed at investigating the ease of use and the users satisfaction of the functionality and the user interface of the environment for domain customization, the latter aimed instead at observing real users (e.g., guides of an archeological park) in action, to assess the validity of the proposed composition paradigm as an EUD practice.ImplicationsThe user studies described in this paper provided hints for refining the prototypes, and laid the basis for future work related to the identification of design principles that can make service-based composition technologies in general more useful and usable for end users.     

An adaptive middleware design to support the dynamic interpretation of domain-specific models

ContextAs the use of Domain-Specific Modeling Languages (DSMLs) continues to gain popularity, we have developed new ways to execute DSML models. The most popular approach is to execute code resulting from a model-to-code transformation. An alternative approach is to directly execute these models using a semantic-rich execution engine – Domain-Specific Virtual Machine (DSVM). The DSVM includes a middleware layer responsible for the delivery of services in a given domain.ObjectiveWe will investigate an approach that performs the dynamic combination of constructs in the middleware layer of DSVMs to support the delivery of domain-specific services. This middleware should provide: (a) a model of execution (MoE) that dynamically integrates decoupled domain-specific knowledge (DSK) for service delivery, (b) runtime adaptability based on context and available resources, and (c) the same level of operational assurance as any DSVM middleware.MethodOur approach will involve (1) defining a framework that supports the dynamic combination of MoE and DSK and (2) demonstrating the applicability of our framework in the DSVM middleware for user-centric communication. We will measure the overhead of our approach and provide a cost-benefit analysis factoring in its runtime adaptability using appropriate experimentation.ResultsOur experiments show that combining the DSK and MoE for a DSVM middleware allow us to realize efficient specialization while maintaining the required operability. We also show that the overhead introduced by adaptation is not necessarily deleterious to overall performance in a domain as it may result in more efficient operation selection.ConclusionThe approach defined for the DSVM middleware allows for greater flexibility in service delivery while reducing the complexity of application development for the user. These benefits are achieved at the expense of increased execution times, however this increase may be negligible depending on the domain.     

Composing web services enacted by autonomous agents through agent-centric contract net protocol

ContextAgents are considered as one of the fundamental technologies underlying open and dynamic systems that are largely enabled by the semantic web and web services. Recently, there is a trend to introduce the notion of autonomy empowered by agents into web services. However, it has been argued that the characteristics of autonomy will make agents become available intermittently and behave variedly over time, which therefore increase the complexity on devising mechanisms for composing services enacted by autonomous agents.ObjectiveIn this work, we propose an extension to Contract Net protocol, called Agent-centric Contract Net Protocol (ACNP), as a negotiation mechanism with three key features for composing web services enacted by autonomous agents.Method(1) A matchmaking mechanism embedded in a middle agent (as a service matchmaker) for discovering web services that are available intermittently is presented based on the concept of agent roles; (2) A selection algorithm based on risk-enabled reputation model (REAL) embedded in a manager agent (as a service composer) is introduced to serve a basis for selecting web services with variant performance; and (3) A negotiation mechanism between a manager agent and contractor agents (as atomic services) is devised and enables both a service composer and the atomic services to request, refuse or agree on adapting changes of services.ResultsThe problem of assembling a computer is discussed in this paper.ConclusionIt is increasingly recognised that web services would become more autonomous by introducing diverse agent technologies to better constitute more complex systems in open and dynamic environments. As web service technologies are best exploited by composite services, it is imperative to devise mechanisms for composing services of autonomy.     

MOD2-SCM: A model-driven product line for software configuration management systems

ContextSoftware Configuration Management (SCM) is the discipline of controlling the evolution of large and complex software systems. Over the years many different SCM systems sharing similar concepts have been implemented from scratch. Since these concepts usually are hard-wired into the respective program code, reuse is hardly possible.ObjectiveOur objective is to create a model-driven product line for SCM systems. By explicitly describing the different concepts using models, reuse can be performed on the modeling level. Since models are executable, the need for manual programming is eliminated. Furthermore, by providing a library of loosely coupled modules, we intend to support flexible composition of SCM systems.MethodWe developed a method and a tool set for model-driven software product line engineering which we applied to the SCM domain. For domain analysis, we applied the FORM method, resulting in a layered feature model for SCM systems. Furthermore, we developed an executable object-oriented domain model which was annotated with features from the feature model. A specific SCM system is configured by selecting features from the feature model and elements of the domain model realizing these features.ResultsDue to the orthogonality of both feature model and domain model, a very large number of SCM systems may be configured. We tested our approach by creating instances of the product line which mimic wide-spread systems such as CVS, GIT, Mercurial, and Subversion.ConclusionThe experiences gained from this project demonstrate the feasibility of our approach to model-driven software product line engineering. Furthermore, our work advances the state of the art in the domain of SCM systems since it support the modular composition of SCM systems at the model rather than the code level.     

Investigating chemistry students’ learning about the relationship between the temperature and the pressure of a gas using a microcomputer‐based laboratory (MBL): A word of caution

Abstract

Learning chemistry with understanding is a challenge. From a social constructivist position, we view students’ chemistry learning from experiments as involving the shared negotiation of meaning that uses experimental data to confirm or challenge their existing scientific theories. This study focuses on the practices related to the use of a microcomputer‐based laboratory (MBL) in a high school chemistry course in which students were studying gases and kinetic theory. Given the widely accepted view that the use of such technology is a ‘cure‐all’ for educational problems, student learning using this technology might be considered disappointing. We find that little or no higher‐order thinking was employed as students engaged in using the MBL and that some alternative conceptions were still evident. It is necessary to consider the students’ and the teacher's use of such technology in the experimental context if the promise of its use is to be realized.     

Automated Negotiation from Declarative Contract Descriptions

Our approach for automating the negotiation of business contracts proceeds in three broad steps. First, determine the structure of the negotiation process by applying general knowledge about auctions and domain–specific knowledge about the contract subject along with preferences from potential buyers and sellers. Second, translate the determined negotiation structure into an operational specification for an auction platform. Third, after the negotiation has completed, map the negotiation results to a final contract. We have implemented a prototype which supports these steps by employing a declarative specification (in courteous logic programs) of (1) high–level knowledge about alternative negotiation structures, (2) general–case rules about auction parameters, (3) rules to map the auction parameters to a specific auction platform, and (4) special–case rules for subject domains. We demonstrate the flexibility of this approach by automatically generating several alternative negotiation structures for the domain of travel shopping in a trading agent competition.     

Compliance in service-oriented architectures: A model-driven and view-based approach

ContextEnsuring software systems conforming to multiple sources of relevant policies, laws, and regulations is significant because the consequences of infringement can be serious. Unfortunately, this goal is hardly achievable due to the divergence and frequent changes of compliance sources and the differences in perception and expertise of the involved stakeholders. In the long run, these issues lead to problems regarding complexity, understandability, maintainability, and reusability of compliance concerns.ObjectiveIn this article, we present a model-driven and view-based approach for addressing problems related to compliance concerns.MethodCompliance concerns are represented using separate view models. This is achieved using domain-specific languages (DSLs) that enable non-technical and technical experts to formulate only the excerpts of the system according to their expertise and domain knowledge. The compliance implementations, reports, and documentation can be automatically generated from the models. The applicability of our approach has been validated using an industrial case study.ResultsOur approach supports stakeholders in dealing with the divergence of multiple compliance sources. The compliance controls and relevant reports and documentation are generated from the models and hence become traceable, understandable, and reusable. Because the generated artifacts are associated with the models, the compliance information won’t be lost as the system evolves. DSLs and view models convey compliance concerns to each stakeholder in a view that is most appropriate for his/her current work task.ConclusionsOur approach lays a solid foundation for ensuring conformance to relevant laws and regulations. This approach, on the one hand, aims at addressing the variety of expertise and domain knowledge of stakeholders. On the other hand, it also aims at ensuring the explicit links between compliance sources and the corresponding implementations, reports, and documents for conducting many important tasks such as root cause analysis, auditing, and governance.     

Agile product-line architecting in practice: A case study in smart grids

ContextSoftware Product Line Engineering implies the upfront design of a Product-Line Architecture (PLA) from which individual product applications can be engineered. The big upfront design associated with PLAs is in conflict with the current need of “being open to change”. To make the development of product-lines more flexible and adaptable to changes, several companies are adopting Agile Product Line Engineering. However, to put Agile Product Line Engineering into practice it is still necessary to make mechanisms available to assist and guide the agile construction and evolution of PLAs.ObjectiveThis paper presents the validation of a process for “the agile construction and evolution of product-line architectures”, called Agile Product-Line Architecting (APLA). The contribution of the APLA process is the integration of a set of models for describing, documenting, and tracing PLAs, as well as an algorithm for guiding the change decision-making process of PLAs. The APLA process is assessed to prove that assists Agile Product Line Engineering practitioners in the construction and evolution of PLAs.MethodValidation is performed through a case study by using both quantitative and qualitative analysis. Quantitative analysis was performed using statistics, whereas qualitative analysis was performed through interviews using constant comparison, triangulation, and supporting tools. This case study was conducted according to the guidelines of Runeson and Höst in a software factory where three projects in the domain of Smart Grids were involved.ResultsAPLA is deployed through the Flexible-PLA modeling framework. This framework supported the successful development and evolution of the PLA of a family of power metering management applications for Smart Grids.ConclusionsAPLA is a well-supported solution for the agile construction and evolution of PLAs. This case study illustrates that the proposed solution for the agile construction of PLAs is viable in an industry project on Smart Grids.     

Algorithm selection in bilateral negotiation

Despite the abundance of strategies in the multi-agent systems literature on repeated negotiation under incomplete information, there is no single negotiation strategy that is optimal for all possible domains. Thus, agent designers face an “algorithm selection” problem—which negotiation strategy to choose when facing a new domain and unknown opponent. Our approach to this problem is to design a “meta-agent” that predicts the performance of different negotiation strategies at run-time. We study two types of the algorithm selection problem in negotiation: In the off-line variant, an agent needs to select a negotiation strategy for a given domain but cannot switch to a different strategy once the negotiation has begun. For this case, we use supervised learning to select a negotiation strategy for a new domain that is based on predicting its performance using structural features of the domain. In the on-line variant, an agent is allowed to adapt its negotiation strategy over time. For this case, we used multi-armed bandit techniques that balance the exploration–exploitation tradeoff of different negotiation strategies. Our approach was evaluated using the GENIUS negotiation test-bed that is used for the annual international Automated Negotiation Agent Competition which represents the chief venue for evaluating the state-of-the-art multi-agent negotiation strategies. We ran extensive simulations using the test bed with all of the top-contenders from both off-line and on-line negotiation tracks of the competition. The results show that the meta-agent was able to outperform all of the finalists that were submitted to the most recent competition, and to choose the best possible agent (in retrospect) for more settings than any of the other finalists. This result was consistent for both off-line and on-line variants of the algorithm selection problem. This work has important insights for multi-agent systems designers, demonstrating that “a little learning goes a long way”, despite the inherent uncertainty associated with negotiation under incomplete information.     

Exact model-matching control of three-dimensional systems using state and output feedback

For a general state space model of three-dimensional (3-D) systems, the exact model-matching control problem via state and output feedback ia considered. A frequency domain approach is employed in which the 3-D prototype system (model) is given in transfer function matrix of the form G _m(p, w, z). The approach is based on equating the closed-loop transfer matrix function G _c(p, w, z) to G _m(p, w, z) and solving for the required feedback matrix gains through an application of Kronecker matrix product concept. We start with the static feedback case, and then treat the dynamic feedback problem for the important case of proportional plus integral plus derivative (PID) control. The approach leads to a set of linear algebraic equations, which involve the necessary and sufficient conditions for the exact model matching problem to have a solution. Two simple, but non-trivial examples, are computed.     

Search-based automated testing of continuous controllers: Framework,tool support,and case studies

ContextTesting and verification of automotive embedded software is a major challenge. Software production in automotive domain comprises three stages: Developing automotive functions as Simulink models, generating code from the models, and deploying the resulting code on hardware devices. Automotive software artifacts are subject to three rounds of testing corresponding to the three production stages: Model-in-the-Loop (MiL), Software-in-the-Loop (SiL) and Hardware-in-the-Loop (HiL) testing.ObjectiveWe study testing of continuous controllers at the Model-in-Loop (MiL) level where both the controller and the environment are represented by models and connected in a closed loop system. These controllers make up a large part of automotive functions, and monitor and control the operating conditions of physical devices.MethodWe identify a set of requirements characterizing the behavior of continuous controllers, and develop a search-based technique based on random search, adaptive random search, hill climbing and simulated annealing algorithms to automatically identify worst-case test scenarios which are utilized to generate test cases for these requirements.ResultsWe evaluated our approach by applying it to an industrial automotive controller (with 443 Simulink blocks) and to a publicly available controller (with 21 Simulink blocks). Our experience shows that automatically generated test cases lead to MiL level simulations indicating potential violations of the system requirements. Further, not only does our approach generate significantly better test cases faster than random test case generation, but it also achieves better results than test scenarios devised by domain experts. Finally, our generated test cases uncover discrepancies between environment models and the real world when they are applied at the Hardware-in-the-Loop (HiL) level.ConclusionWe propose an automated approach to MiL testing of continuous controllers using search. The approach is implemented in a tool and has been successfully applied to a real case study from the automotive domain.     

Scattering cross sections for composite surfaces with large mean square slopes—full wave analysis

Abstract

In this work the full wave approach to rough surface scattering is applied to composite models of rough surfaces with large mean square slopes. It is shown that both specular point scattering as well as Bragg scattering are accounted for in the analysis and the results are compared with earlier solutions based on a combination of physical optics and perturbation theories. Using the full wave approach it is not essential to decompose the rough surface into individual surfaces with different roughness scales unless it is desired to separate the specular point contribution from the Bragg contribution to the scattering cross sections. Shadowing is accounted for in the analysis.     

Test case selection for black-box regression testing of database applications

ContextThis paper presents an approach for selecting regression test cases in the context of large-scale database applications. We focus on a black-box (specification-based) approach, relying on classification tree models to model the input domain of the system under test (SUT), in order to obtain a more practical and scalable solution. We perform an experiment in an industrial setting where the SUT is a large database application in Norway’s tax department.ObjectiveWe investigate the use of similarity-based test case selection for supporting black box regression testing of database applications. We have developed a practical approach and tool (DART) for functional black-box regression testing of database applications. In order to make the regression test approach scalable for large database applications, we needed a test case selection strategy that reduces the test execution costs and analysis effort. We used classification tree models to partition the input domain of the SUT in order to then select test cases. Rather than selecting test cases at random from each partition, we incorporated a similarity-based test case selection, hypothesizing that it would yield a higher fault detection rate.MethodAn experiment was conducted to determine which similarity-based selection algorithm was the most suitable in selecting test cases in large regression test suites, and whether similarity-based selection was a worthwhile and practical alternative to simpler solutions.ResultsThe results show that combining similarity measurement with partition-based test case selection, by using similarity-based test case selection within each partition, can provide improved fault detection rates over simpler solutions when specific conditions are met regarding the partitions.ConclusionsUnder the conditions present in the experiment the improvements were marginal. However, a detailed analysis concludes that the similarity-based selection strategy should be applied when a large number of test cases are contained in each partition and there is significant variability within partitions. If these conditions are not present, incorporating similarity measures is not worthwhile, since the gain is negligible over a random selection within each partition.     

自适应邻域相关性的背景建模

目的 背景建模在计算机视觉领域中是检测、跟踪、行为学习和识别的基础,被广泛地应用于视频监控的运动目标检测。混合高斯（MOG）和Codebook是其中具有代表性的方法,但它们假设像素点间信息是独立的,只保留了时域信息而忽略了空域信息,使得模型对背景的描述局限于时间上的连续性。针对上述问题,提出了一种自适应邻域相关性的背景建模方法（ANC）。方法 ANC在保留原始方法时域信息建模特性的同时,增加对邻域模型的复用,同时利用计算结果反馈自适应调整邻域区域,提高对前景值判断的准确性。首先利用原始基于像素点的背景建模方法进行候选前景检测,然后将候选前景检测结果为前景点的像素与邻域像素点模型进行对比,若邻域范围存在匹配则为背景点,若不存在则为前景点;最后引入像素置信度概念,自适应调整邻域范围的大小。结果 与MOG和Codebook相比,在changedetection标准数据库上,ANC在ROC（受试者工作特征曲线）和度量值等方面的平均精度和F-measure都提高了7%以上。结论 自适应邻域相关性的背景建模方法适用于复杂多模态背景,克服了基于像素点背景建模方法假设的局限性。与普通基于像素点的背景建模方法相比,具有更好的鲁棒性和抗噪性,对复杂背景具有更强的适应性。     

DFANS: A highly efficient strategy for automated trust negotiation

Automated trust negotiation (ATN) is an approach establishing mutual trust between strangers wishing to share resources or conduct business by gradually requesting and disclosing digitally signed credentials. The digital credentials themselves are usually sensitive, so they have corresponding access control policies to control their disclosure. Therefore, an ATN strategy must be adopted to determine the search for a successful negotiation based on the access control policies. Previously proposed negotiation strategies are either not complete, disclosing irrelevant credentials, or not efficient enough. In this paper, we propose a novel ATN strategy, that is, Deterministic Finite Automaton Negotiation Strategy (DFANS). DFANS is complete and ensures that no irrelevant credentials are disclosed during the negotiation. Furthermore, DFANS is highly efficient. In the worst case, its communication complexity is O(n), where n is the total number of credentials requested, and its computational complexity is O(m) when not involving the cyclic dependencies, where m is the total size of the both sides' policies looked up during the negotiation. When cyclic dependencies exist, a reasonable additional cost of running OSBE protocol that is a provably secure and quite efficient scheme will be added to the computational cost of DFANS to guarantee the negotiation success whenever possible.     

egoisst: a negotiation support system for electronic business-to-business negotiations in e-commerce

Electronic negotiations can range from simple offer exchanges to complex communicative acts concerning packages of products and services. In contrast to dominant approaches aiming at automating the negotiation process (e.g. auction models), we introduce the notion of negotiation support for human negotiators conducting complex electronic negotiations. The negotiation support system egoisst for business-to-business electronic commerce is presented that is based on theories of communication and information systems and that combines communication and document management. egoisst has been successfully validated for e-negotiations in the construction industry.     

egoisst: a negotiation support system for electronic business-to-business negotiations in e-commerce

Electronic negotiations can range from simple offer exchanges to complex communicative acts concerning packages of products and services. In contrast to dominant approaches aiming at automating the negotiation process (e.g. auction models), we introduce the notion of negotiation support for human negotiators conducting complex electronic negotiations. The negotiation support system egoisst for business-to-business electronic commerce is presented that is based on theories of communication and information systems and that combines communication and document management. egoisst has been successfully validated for e-negotiations in the construction industry.