| 1. |
- Chechik, Marsha, et al.
(författare)
-
Message from the MiSE 2019 Workshop Organizers
- 2019
-
Ingår i: Proceedings - 2019 IEEE/ACM 11th International Workshop on Modelling in Software Engineering, MiSE 2019. ; , s. VII-
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)
|
|
| 2. |
- García Gonzalo, Sergio, 1989, et al.
(författare)
-
Variability modeling of service robots: Experiences and challenges
- 2019
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : ACM.
-
Konferensbidrag (refereegranskat)abstract
- Sensing, planning, controlling, and reasoning, are human-like capabilities that can be articially replicated in an autonomous robot. Such a robot implements data structures and algorithms devised on a large spectrum of theories, from probability theory, mechanics, and control theory to ethology, economy, and cognitive sciences. Software plays a key role in the development of robotic systems, as it is the medium to embody intelligence in the machine. During the last years, however, software development is increasingly becoming the bottleneck of robotic systems engineering due to three factors: (a) the software development is mostly based on community efforts and it is not coordinated by key stakeholders; (b) robotic technologies are characterized by a high variability that makes reuse of software a challenging practice; and (c) robotics developers are usually not specically trained in software engineering. In this paper, we illustrate our experiences from EU, academic, and industrial projects in identifying, modeling, and managing variability in the domain of service robots. We hope to raise awareness for the specic variability challenges in robotics software engineering and to inspire other researchers to advance thiseld.
|
|
| 3. |
- John, Stefan, et al.
(författare)
-
Searching for optimal models: Comparing two encoding approaches
- 2019
-
Ingår i: Journal of Object Technology. - : AITO - Association Internationale pour les Technologies Objets. - 1660-1769. ; 18:3, s. 1-22
-
Tidskriftsartikel (refereegranskat)abstract
- Search-Based Software Engineering (SBSE) is about solving software development problems by formulating them as optimization problems. In the last years, combining SBSE and Model-Driven Engineering (MDE), where models and model transformations are treated as key artifacts in the development of complex systems, has become increasingly popular. While search-based techniques have often successfully been applied to tackle MDE problems, a recent line of research investigates how a model-driven design can make optimization more easily accessible to a wider audience. In previous model-driven optimization efforts, a major design decision concerns the way in which solutions are encoded. Two main options have been explored: a model-based encoding representing candidate solutions as models, and a rule-based encoding representing them as sequences of transformation rule applications. While both encodings have been applied to different use cases, no study has yet compared them systematically. To close this gap, we evaluate both approaches on a common set of optimization problems, investigating their impact on the optimization performance. Additionally, we discuss their differences, strengths, and weaknesses laying the foundation for a knowledgeable choice of the right encoding for the right problem.
|
|
| 4. |
- Lambers, Leen, et al.
(författare)
-
Exploring conflict reasons for graph transformation systems
- 2019
-
Ingår i: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). - Cham : Springer International Publishing. - 1611-3349 .- 0302-9743. ; 11629 LNCS, s. 75-92
-
Konferensbidrag (refereegranskat)abstract
- Conflict and dependency analysis (CDA) is a static analysis for the detection of conflicting and dependent rule applications in a graph transformation system. Recently, granularity levels for conflicts and dependencies have been investigated focussing on delete-use conflicts and produce-use dependencies. A central notion for granularity considerations are (minimal) conflict and dependency reasons. For a rule pair, where the second rule is non-deleting, it is well-understood based on corresponding constructive characterizations how to efficiently compute (minimal) conflict and dependency reasons. We further explore the notion of (minimal) conflict reason for the general case where the second rule of a rule pair may be deleting as well. We present new constructive characterizations of (minimal) conflict reasons distinguishing delete-read from delete-delete reasons. Based on these constructive characterizations we propose a procedure for computing (minimal) conflict reasons and we show that it is sound and complete.
|
|
| 5. |
- Lambers, L., et al.
(författare)
-
Granularity of conflicts and dependencies in graph transformation systems: A two-dimensional approach
- 2019
-
Ingår i: Journal of Logical and Algebraic Methods in Programming. - : Elsevier BV. - 2352-2208 .- 2352-2216. ; 103, s. 105-129
-
Tidskriftsartikel (refereegranskat)abstract
- Conflict and dependency analysis (CDA) is a static analysis for the detection of conflicting and dependent rule applications in a graph transformation system. The state-of-the-art CDA technique, critical pair analysis, provides all potential conflicts and dependencies in minimal context as critical pairs, for each pair of rules. Yet, critical pairs can be hard to understand; users are mainly interested in core information about conflicts and dependencies occurring in various combinations. In this paper, we present an approach to conflicts and dependencies in graph transformation systems based on two dimensions of granularity. The first dimension refers to the overlap considered between the rules of a given rule pair; the second one refers to the represented amount of context information about transformations in which the conflicts occur. We introduce a variety of new conflict notions, in particular, conflict atoms, conflict reasons, and minimal conflict reasons, relate them to the existing conflict notions of critical pairs and initial conflicts, and position all of these notions within our granularity approach. Finally, we introduce dual concepts for dependency analysis. As we discuss in a running example, our approach paves the way for an improved CDA technique. (C) 2018 Elsevier Inc. All rights reserved.
|
|
| 6. |
|
|
| 7. |
- Peldszus, Sven, et al.
(författare)
-
Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings
- 2019
-
Ingår i: Proceedings - 2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems, MODELS 2019. ; , s. 23-33
-
Konferensbidrag (refereegranskat)abstract
- During the development of security-critical software, the system implementation must capture the security properties postulated by the architectural design. This paper presents an approach to support secure data-flow compliance checks between design models and code. To iteratively guide the developer in discovering such compliance violations we introduce automated mappings. These mappings are created by searching for correspondences between a design-level model (Security Data Flow Diagram) and an implementation-level model (Program Model). We limit the search space by considering name similarities between model elements and code elements as well as by the use of heuristic rules for matching data-flow structures. The main contributions of this paper are three-fold. First, the automated mappings support the designer in an early discovery of implementation absence, convergence, and divergence with respect to the planned software design. Second, the mappings also support the discovery of secure data-flow compliance violations in terms of illegal asset flows in the software implementation. Third, we present our implementation of the approach as a publicly available Eclipse plugin and its evaluation on five open source Java projects (including Eclipse secure storage).
|
|
| 8. |
- Priefer, Dennis, et al.
(författare)
-
Applying MDD in the Content Management System Domain: Scenarios and Empirical Assessment
- 2019
-
Ingår i: Proceedings - 2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems, MODELS 2019. ; , s. 56-66
-
Konferensbidrag (refereegranskat)abstract
- Content Management Systems (CMSs) such as Joomla and WordPress dominate today's web. Enabled by standardized extensions, administrators can build powerful web applications for diverse customer demands. However, developing CMS extensions requires sophisticated technical knowledge, and the highly schematic code structure of an extension gives rise to errors during typical development and migration scenarios. Model-driven development (MDD) seems to be a promising paradigm to address these challenges, however it has not found adoption in the CMS domain yet. Systematic evidence of the benefit of applying MDD in this domain could facilitate its adoption; however, an empirical investigation of this benefit is currently lacking. In this paper, we present a mixed-method empirical investigation of applying MDD in the CMS domain, based on an interview suite, a controlled experiment, and a field experiment. We consider three scenarios of developing new (both independent and dependent) CMS extensions and of migrating existing ones to a new major platform version. The experienced developers in our interviews acknowledge the relevance of these scenarios and report on experiences that render them suitable candidates for a successful application of MDD. We found a particularly high relevance of the migration scenario. Our experiments largely confirm the potentials and limits of MDD as identified for other domains. In particular, we found a productivity increase up to factor 17 during the development of CMS extensions. Furthermore, our observations highlight the importance of good tooling that seamlessly integrates with already used tool environments and processes.
|
|
| 9. |
- Strüber, Daniel, 1986, et al.
(författare)
-
Facing the truth: Benchmarking the techniques for the evolution of variant-rich systems
- 2019
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : ACM. ; A, s. 177-188
-
Konferensbidrag (refereegranskat)abstract
- The evolution of variant-rich systems is a challenging task. To support developers, the research community has proposed a range of different techniques over the last decades. However, many techniques have not been adopted in practice so far. To advance such techniques and to support their adoption, it is crucial to evaluate them against realistic baselines, ideally in the form of generally accessible benchmarks. To this end, we need to improve our empirical understanding of typical evolution scenarios for variant-rich systems and their relevance for benchmarking. In this paper, we establish eleven evolution scenarios in which benchmarks would be beneficial. Our scenarios cover typical lifecycles of variant-rich system, ranging from clone&own to adopting and evolving a configurable product-line platform. For each scenario, we formulate benchmarking requirements and assess its clarity and relevance via a survey with experts in variant-rich systems and software evolution. We also surveyed the existing benchmarking landscape, identifying synergies and gaps. We observed that most scenarios, despite being perceived as important by experts, are only partially or not at all supported by existing benchmarks-a call to arms for building community benchmarks upon our requirements. We hope that our work raises awareness for benchmarking as a means to advance techniques for evolving variant-rich systems, and that it will lead to a benchmarking initiative in our community.
|
|
| 10. |
- Viertel, Fabien Patrick, et al.
(författare)
-
Detecting security vulnerabilities using clone detection and community knowledge
- 2019
-
Ingår i: Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE. - 2325-9000 .- 2325-9086. ; 2019-July, s. 245-252
-
Konferensbidrag (refereegranskat)abstract
- Faced with the severe financial and reputation implications associated with data breaches, enterprises now recognize security as a top concern for software analysis tools. While software engineers are typically not equipped with the required expertise to identify vulnerabilities in code, community knowledge in the form of publicly available vulnerability databases could come to their rescue. For example, the Common Vulnerabilities and Exposures Database (CVE) contains data about already reported weaknesses. However, the support with available examples in these databases is scarce. CVE entries usually do not contain example code for a vulnerability, its exploit or patch. They just link to reports or repositories that provide this information. Manually searching these sources for relevant information is time-consuming and error-prone. In this paper, we propose a vulnerability detection approach based on community knowledge and clone detection. The key idea is to harness available example source code of software weaknesses, from a large-scale vulnerability database, which are matched to code fragments using clone detection. We leverage a clone detection technique from the literature, which we adapted to make it applicable to vulnerability databases. In an evaluation based on 20 reports and affected projects, our approach showed good precision and recall.
|
|
