A software architecture centric engineering approach for Internetware

As a new software paradigm evolved by the Internet, Internetware brings many challenges for the traditional software development methods and techniques. Though architecture-based component composition (ABC) approach is originated in the traditional software paradigm, it supports the engineering of Internetware effectively due to its philosophy, rationales and mechanisms. ABC has three major contributions to the en- gineering of Internetware in detail. First, the feature oriented domain modeling method can structure the “disordered”“software entities” to “ordered Internetware” bottom-up in the problem space. Second, the architecture centric design and analysis method can support the development of self-adaptive Internetware. Third, the component operating platform is a reflective and self-adaptive middleware that not only provides Internetware with a pow- erful and flexible runtime infrastructure but also enables the self-adaptation of the structure and individual entities of Internetware.     

基于软件体系结构的Web应用自适应

随着互联网的迅速发展,Internet上的Web应用大量涌现.然而传统主要依靠管理人员人工配置和维护系统的方式由于不断变化的环境和需求而显得有所不足.本文在相关工作的基础上,提出一种基于软件体系结构构建自适应Web系统的技术方案,该方案具有非侵入式设计和自适应相关组件具有可恢复能力的特点.同时,本文也实现了一个自适应系统原型来说明这个方案及其效果.     

Architecture-based resilience evaluation for self-adaptive systems

One of the major challenges related to self-adaptive software systems is the provision of assurances that the system is resilient against changes that may occur either in the system or its environment. These assurances should be based on complementary sources of evidence that collectively justify that the system is able to attain the specified levels of resilience. The contribution of this paper is the definition and development of an architecture-based approach that evaluates by comparison the adaptation mechanisms of a self-adaptive software system. The proposed approach relies on the identification of representative environmental and system changeloads (i.e., sequences of changes) used in the run-time stimulation of the system. The system response obtained from this stimulation is collected and aggregated into a probabilistic model that is employed in the evaluation of system resilience. Our approach is intended to be used before deployment, since the process often involves putting the system through adverse conditions which are not adequate when the system is in production. The feasibility and effectiveness of the proposed approach is demonstrated in the context of Rainbow, an architecture-based platform for self- adaptation, and Znn.com, a case study that reproduces the typical infrastructure for a news website.     

基于软件结构的最优测试工作量的分配方法

现代社会越来越依赖于稳定的软件系统的运行;除此之外,尽管这些软件系统的规模和复杂度越来越高,但是必须达到很高的系统稳定性,且必须降低进一步开发和维护所需要的资源。为了减轻软件开发的挑战性,需要一种有效的方法来引导软件系统中资源的分配。提出了一种根据每一组件对系统稳定性的贡献来确定每一组件所需分配的工作量的方法,从而在工作量最小的条件下达到一定的系统稳定性。假设组件对系统稳定性的影响主要包含两个方面的因素:系统结构和组件的可靠性。这种描述方法被称为基于结构的测试量分配优化方法,因为其在测试量分配过程中考虑了系统的结构。验证结果表明这种基于结构的优化方法比其他测试量分配策略更有效。     

Fuzzy Self-Adaptation of Mission-Critical Software Under Uncertainty

Mission-critical software(MCS) must provide continuous,online services to ensure the successful accomplishment of critical missions.Self-adaptation is particularly desirable for assuring the quality of service(QoS) and availability of MCS under uncertainty.Few techniques have insofar addressed the issue of MCS self-adaptation,and most existing approaches to software self-adaptation fail to take into account uncertainty in the self-adaptation loop.To tackle this problem,we propose a fuzzy control based approach,i.e.,Software Fuzzy Self-Adaptation(SFSA),with a view to deal with the challenge of MCS self-adaptation under uncertainty.First,we present the SFSA conceptual framework,consisting of sensing,deciding and acting stages,and establish the formal model of SFSA to lay a rigorous and mathematical foundation of our approach.Second,we develop a novel SFSA implementation technology as well as its supporting tool,i.e.,the SFSA toolkit,to automate the realization process of SFSA.Finally,we demonstrate the effectiveness of our approach through the development of an adaptive MCS application in process control systems.Validation experiments show that the fuzzy control based approach proposed in this work is effective and with low overheads.     

Self-adaptation and secure information flow in multiparty communications

We present a comprehensive model of structured communications in which self-adaptation and security concerns are jointly addressed. More specifically, we propose a model of multiparty, self-adaptive communications with access control and secure information flow guarantees. In our model, multiparty protocols (choreographies) are described as global types; security violations occur when process implementations of protocol participants attempt to read or write messages of inappropriate security levels within directed exchanges. Such violations trigger adaptation mechanisms that prevent the violations to occur and/or to propagate their effect in the choreography. Our model is equipped with local and global adaptation mechanisms for reacting to security violations of different gravity; type soundness results ensure that the overall multiparty protocol is still correctly executed while the system adapts itself to preserve the participants’ security.     

What is computer security?

Computer and network security, or cybersecurity, are critical issues. But merely protecting the systems that hold data about citizens, corporations, and government agencies it is not enough. The infrastructure of networks, routers, domain name servers, and switches that glue these systems together must not fail, or computers will no longer be able to communicate accurately or reliably. Given the magnitude of securing cyberspace, a reflection on what we are trying to do seems in order. Several questions arise, such as what exactly the infrastructure is, what threats it must be secured against, and how protection can be provided on a cost-effective basis. But underlying all these questions is how to define a secure system. What is security? Having it is obviously good; everyone says so. But few people define it exactly, or even nebulously. This column tries to place cybersecurity in perspective, because it is, of course, central to countries, organizations, and even home users now and in the future.     

策略驱动的软件自适应机制研究

中间件是支持和实现软件自适应的重要手段。除了内建于中间件的通用自适应机制外,中间件还应当为应用相关的自适应过程提供开发和运行支持。以普适计算为背景,基于关注点分离原则,引入策略对软件自适应过程进行抽象描述,提出了基于策略的软件自适应概念模型,进而提出了适应使能、基层和元层分离的轻量级构件化实现模型。基于上述模型,在面向普适计算的自适应中间件平台UbiStar中设计实现了一种基于策略的软件自适应框架,可以支持基于上述模型的普适计算应用的开发和运行,从而为应用相关的软件自适应过程提供有效支持。     

一种基于赋时Petri网和ZBDD的装配序列规划方法

机载航空电子系统设计采用综合化系统体系结构,可实现计算系统及其计算资源和计算设施的"物理集成";以及机载嵌入式软件系统的"功能集成";提供对系统计算功能的动态配置管理和实时动态冗余,以期得到较高的计算性能和保障系统的高可靠性。基于软件系统架构的层次关系研究了复杂嵌入式计算任务的运行模态表示方法,分析了嵌入式软件系统任务模态的迁移关系,提出了基于AADL软件体系结构的嵌入式软件模态划分方法,制定了系统动态重构蓝图,并设计了基于模态的嵌入式软件动态重构实施方法。基于软件架构的模态分析及其动态重构,有助于提高复杂嵌入式软件系统的可靠性、安全性和重用性。     

Dynamic adaptation of service compositions with variability models

Web services run in complex contexts where arising events may compromise the quality of the whole system. Thus, it is desirable to count on autonomic mechanisms to guide the self-adaptation of service compositions according to changes in the computing infrastructure. One way to achieve this goal is by implementing variability constructs at the language level. However, this approach may become tedious, difficult to manage, and error-prone. In this paper, we propose a solution based on a semantically rich variability model to support the dynamic adaptation of service compositions. When a problematic event arises in the context, this model is leveraged for decision-making. The activation and deactivation of features in the variability model result in changes in a composition model that abstracts the underlying service composition. These changes are reflected into the service composition by adding or removing fragments of Business Process Execution Language (WS-BPEL) code, which can be deployed at runtime. In order to reach optimum adaptations, the variability model and its possible configurations are verified at design time using Constraint Programming. An evaluation demonstrates several benefits of our approach, both at design time and at runtime.     

Cloud providers viability

A major part of the commercial Internet is moving toward the cloud paradigm. This phenomenon has a drastic impact on the organizational structures of enterprizes and introduces new challenges that must be properly addressed to avoid major setbacks. One such challenge is that of cloud provider viability, that is, the reasonable certainty that the Cloud Service Provider (CSP) will not go out of business, either by filing for bankruptcy or by simply shutting down operations, thus leaving its customers stranded without an infrastructure and, depending on the type of cloud service used, even without their applications or data. This article attempts to address the issue of cloud provider viability, defining a possible way of modeling viability as a non-functional requirement and proposing some approaches that can be used to mitigate the problem, both from a technical and from a legal perspective. By introducing a structured perspective into the topic of cloud viability, describing the risks, factors and possible mitigators, the contribution of this work is twofold: it gives the customer a better understanding to determine when it can rely on the cloud infrastructure on the long term and what precautions it should take in any case, and provides the CSP with means to address some of the viability issues and thus increase its customers’ trust.     

基于多客户端结构的jTPCC测试系统的改进及实现

首先介绍了现在流行的数据库性能测试标准TPC-C;然后根据开源TPC-C测试软件jTPCC在使用过程中存在的问题对该软件进行了分析;由于存在的主要问题是客户端资源占用过多和服务器端压力不足,所以提出了将该软件从单客户端结构改进为可控制的多客户端结构的改进方案,并且实现了该方案.改造完成以后的测试数据表明,经过改进的软件比原软件测试数据更准确,使用更方便.     

基于模型的自适应方法综述

自适应为管理现代软件系统的复杂性提供了有效的解决方案,被设计为自适应系统的软件能够持续的演化以应对环境中的不确定性.在现有的研究工作中,基于模型的自适应方法是一类广泛使用的方法,它将模型驱动工程技术的应用从设计时扩展到运行时以支持自适应能力的实现.通过利用软件模型对运行时丰富和不确定的信息进行管理,这类方法避免了将自适应逻辑与程序语言交织带来的复杂性,从而简化了自适应系统的开发.本文对近些年来国内外学者在该研究领域取得的成果进行了系统总结.首先,给出了六个研究问题,包括相关工作常用的需求模型、结构模型、行为模型、环境模型、模型与模型或模型与系统间的同步方式、自适应规划算法等;接着,依次总结了相关工作在这六个研究问题上的已有研究成果;最后,对未来研究可能面临的挑战进行了展望.     

The RETSINA MAS Infrastructure

RETSINA is an implemented Multi-Agent System infrastructure that has been developed for several years and applied in many domains ranging from financial portfolio management to logistic planning. In this paper, we distill from our experience in developing MASs to clearly define a generic MAS infrastructure as the domain independent and reusable substratum that supports the agents' social interactions. In addition, we show that the MAS infrastructure imposes requirements on an individual agent if the agent is to be a member of a MAS and take advantage of various components of the MAS infrastructure. Although agents are expected to enter a MAS and seamlessly and effortlessly interact with the agents in the MAS infrastructure, the current state of the art demands agents to be programmed with the knowledge of what infrastructure they will utilize, and what are various fall-back and recovery mechanisms that the infrastructure provides. By providing an abstract MAS infrastructure model and a concrete implemented instance of the model, RETSINA, we contribute towards the development of principles and practice to make the MAS infrastructure invisible and ubiquitous to the interacting agents.     

ORACLE数据库的管理措施与技术分析

数据库系统作为信息系统的基础软件,其安全性问题备受关注。确保数据库的安全利用和有效监控,是一个必须解决的问题。本文在对数据库系统安全相关理论和技术进行探讨的基础上,基于增强安全的思想,对于ORALCE数据库的应用系统的安全增强进行了研究和探讨。     

Web QoS控制研究综述

Internet的服务模式正由传统的数据通信与信息浏览向电子交易与服务转变 ,Web服务器系统作为支持电子商务的核心设施 ,需要对不同的用户或HTTP请求提供区分服务和性能保证 ,因此必须具备建立和支持服务质量 (QualityofService ,QoS)控制的机制与策略 .该文综述了WebQoS控制的研究现状 ,包括Web请求的分类机制、Web服务器应用软件的QoS控制机制、操作系统的WebQoS控制机制、中间件的WebQoS控制机制以及Web服务器集群系统的QoS控制机制与策略 ,并分析了进一步的研究方向 .     

基于并行搜索优化的指控系统自适应决策方法

指挥控制信息系统(指控系统)运行在动态变化的复杂环境中且任务需求时刻变更, 亟需一种自适应决策方法以动态产生调整系统的最优策略, 从而适应环境或任务变化, 确保系统长期稳定运行. 随着指控系统自身及其运行环境的持续复杂化, 自适应决策方法需具备应对多个非预期变化的在线权衡决策能力, 以避免造成冲突的调整后果或无法及时响...     

End-to-End QoS Support for a Medical Grid Service Infrastructure

Quality of Service support is an important prerequisite for the adoption of Grid technologies for medical applications. The GEMSS Grid infrastructure addressed this issue by offering end-to-end QoS in the form of explicit timeliness guarantees for compute-intensive medical simulation services. Within GEMSS, parallel applications installed on clusters or other HPC hardware may be exposed as QoS-aware Grid services for which clients may dynamically negotiate QoS constraints with respect to response time and price using Service Level Agreements. The GEMSS infrastructure and middleware is based on standard Web services technology and relies on a reservation based approach to QoS coupled with application specific performance models. In this paper we present an overview of the GEMSS infrastructure, describe the available QoS and security mechanisms, and demonstrate the effectiveness of our methods with a Grid-enabled medical imaging service.     

软件体系结构描述语言ADL及其研究进展

1.引言 Perry与Wolf,Garlan与Shaw的早期研究成果发表后,软件体系结构的研究引起了学术界极大兴趣。目前,软件体系结构已经成为软件工程研究中的热点,我国学者也开始了跟踪研究。在文[3]中,Shaw与Garlan指出,软件体系结构的研究活动大致分四类:     

基于Chi-square检验的分布式网络入侵检测系统

针对网络攻击的新特点,本文提出了一种基于Chi-square检验的分布式网络入侵检测系统模型CTDIDS。设计并实现了一个基于异常检测的入侵分析引擎。通过对网络数据包的分析,运用Chi-square值比较对系统的行为进行检测。与现有的入侵检测方法相比,本文提出的方法具有更好的环境适应性和数据协同分析能力。实验证明,分布式入侵检测系统CTDIDS具有更高的准确性和扩展性。