Showing papers in "Software - Practice and Experience in 2006"
TL;DR: The paper describes JULIA, a Java implementation of the FRACTAL model, a small but efficient runtime framework, which relies on a combination of interceptors and mixins for the programming of reflective features of components.
Abstract: This paper presents FRACTAL, a hierarchical and reflective component model with sharing. Components in this model can be endowed with arbitrary reflective capabilities, from plain black-box objects to components that allow a fine-grained manipulation of their internal structure. The paper describes JULIA, a Java implementation of the model, a small but efficient runtime framework, which relies on a combination of interceptors and mixins for the programming of reflective features of components. The paper presents a qualitative and quantitative evaluation of this implementation, showing that component-based programming in FRACTAL can be made very efficient. Copyright © 2006 John Wiley & Sons, Ltd.
612 citations
TL;DR: J ULIA is described, a Java implementation of the F RACTAL model, a small but efficient runtime framework, which relies on a combination of interceptors and mixins for the programming of reflective features of components.
Abstract: This paper presents F RACTAL, a hierarchical and reflective component model with sharing. Components in this model can be endowed with arbitrary reflective capabilities, from plain black-box objects to components that allow a fine-grained manipulation of their internal structure. The paper describes J ULIA, a Java implementation of the model, a small but efficient runtime framework, which relies on a combination of interceptors and mixins for the programming of reflective features of components. The paper presents a qualitative and quantitative evaluation of this implementation, showing that component-based programming in F RACTAL can be made very efficient. Copyright © 2006 John Wiley & Sons, Ltd.
385 citations
TL;DR: In this paper, a collection of mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware are proposed to help distributed, object-based applications tolerate corruption-inducing attacks.
Abstract: Applications that are part of a mission-critical information system need to maintain a usable level of key services through ongoing cyber-attacks. In addition to the well-publicized denial of service (DoS) attacks, these networked and distributed applications are increasingly threatened by sophisticated attacks that attempt to corrupt system components and violate service integrity. While various approaches have been explored to deal with DoS attacks, corruption-inducing attacks remain largely unaddressed. We have developed a collection of mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware that help distributed, object-based applications tolerate corruption-inducing attacks. In this paper, we present the ITUA architecture, which integrates these mechanisms in a framework for auto-adaptive intrusion-tolerant systems, and we describe our experience in using the technology to defend a critical application that is part of a larger avionics system as an example. We also motivate the adaptive responses that are key to intrusion tolerance, and explain the use of the ITUA architecture to support them in an architectural framework. Copyright © 2006 John Wiley & Sons, Ltd.
246 citations
TL;DR: The aim of this paper is to develop a taxonomy that characterizes and classifies how market-based RMSs can support utility-driven cluster computing in practice and is mapped to existing market- based RMSes designed for both cluster and other computing platforms to survey current research developments and identify outstanding issues.
Abstract: In utility-driven cluster computing, cluster Resource Management Systems (RMSs) need to know the specific needs of different users in order to allocate resources according to their needs. This in turn is vital to achieve service-oriented Grid computing that harnesses resources distributed worldwide based on users' objectives. Recently, numerous market-based RMSs have been proposed to make use of real-world market concepts and behavior to assign resources to users for various computing platforms. The aim of this paper is to develop a taxonomy that characterizes and classifies how market-based RMSs can support utility-driven cluster computing in practice. The taxonomy is then mapped to existing market-based RMSs designed for both cluster and other computing platforms to survey current research developments and identify outstanding issues. Copyright © 2006 John Wiley & Sons, Ltd.
150 citations
TL;DR: This article presents the design, implementation and application of Mobile-C, an IEEE Foundation for Intelligent Physical Agents (FIPA) compliant agent platform for mobile CsC++ agents, which conforms to the FIPA standards both at agent and platform level.
Abstract: This article presents the design, implementation and application of Mobile-C, an IEEE Foundation for Intelligent Physical Agents (FIPA) compliant agent platform for mobile CsC++ agents. IEEE FIPA standards are a set of specifications designed to ensure the interoperation between agents in a heterogeneous network. Mobile-C conforms to the FIPA standards both at agent and platform level. Mobile-C extends FIPA standards to support mobile agents by integrating an embeddable CsC++ interpreter—Ch—into the platform as a mobile agent execution engine and defining a mobile agent mobility protocol to direct agent migration process. Agent migration in Mobile-C is achieved through FIPA agent communication language (ACL) messages encoded in XML. Using FIPA ACL messages for agent migration provides a straightforward but effective way for inter-platform agent migration in FIPA compliant agent systems as both agent communication and migration can share the same communication mechanism. Choosing scriptable CsC++ as a mobile agent language allows mobile agents easy interfacing with low-level software modules and underlying hardware. Mobile-C has been used to simulate highway traffic detection and management. The agent-based traffic detection and management system uses agent technology for real-time distributed traffic information fusion. Mobile agents in the system are used for dynamic code deployment and performing unanticipated actions. The application of agent technology shows a great potential for enhancing the interoperability, flexibility and distributed computing capabilities of intelligent transportation systems. Copyright © 2006 John Wiley & Sons, Ltd.
99 citations
TL;DR: It is argued that the AspectJ implementation is superior to the pure Java implementation, and proposed architecture-specific guidelines that provide practical advice for both restructuring and implementing certain kinds of persistent and distributed applications with Aspect J.
Abstract: This paper reports our experience using AspectJ, a general-purpose aspect-oriented extension to Java, to implement distribution and persistence concerns in a Web-based information system. This system was originally implemented in Java and restructured with AspectJ. Our main contribution is to show that AspectJ is useful for implementing several persistence and distribution concerns in the considered application, but also in similar applications. We have also identified interferences between the implemented aspects and a few drawbacks in the language, so we suggest some minor language modifications that could significantly improve similar implementations. Despite those problems, we argue that the AspectJ implementation is superior to the pure Java implementation. Some of the aspects implemented in our experiment are abstract and constitute a simple aspect framework. The other aspects are application specific but we suggest that different implementations might follow the same aspect patterns. The framework and the patterns allow us to propose architecture-specific guidelines that provide practical advice for both restructuring and implementing certain kinds of persistent and distributed applications with AspectJ. Copyright © 2006 John Wiley & Sons, Ltd.This work was performed while the first and third authors were at Informatics Center of the Federal University of Pernambuco
72 citations
TL;DR: Two sets of experiments that assess the performance of several fitness functions, relative to one another and to random generation, demonstrate that some fitness functions provide better results than others, generating fewer test cases to exercise a given program path.
Abstract: Previous research using genetic algorithms to automate the generation of data for path testing has utilized several different fitness functions, assessing their usefulness by comparing them to random generation. This paper describes two sets of experiments that assess the performance of several fitness functions, relative to one another and to random generation. The results demonstrate that some fitness functions provide better results than others, generating fewer test cases to exercise a given program path. In these studies, the branch predicate and inverse path probability approaches were the best performers, suggesting that a two-step process combining these two methods may be the most efficient and effective approach to path testing. Copyright © 2005 John Wiley & Sons, Ltd.
44 citations
TL;DR: The Multi-tasking Virtual Machine (MVM) solves the problem of proliferation of server instances by providing an efficient and scalable implementation of the isolate API for multiple, isolated tasks, enabling the co-location of multiple server instances in a single MVM process.
Abstract: The Java™ 2 Platform, Enterprise Edition (J2EE™), is established as the standard platform for hosting enterprise applications written in the Java programming language. Similar to an operating system, a J2EE server can host multiple applications, but this is problematic due to limitations on scalability, weak inter-application isolation and inadequate resource management facilities in the underlying Java platform. These limitations lead to a proliferation of server instances with a consequent dramatic increase in the total memory footprint and more complex system administration. The Multi-tasking Virtual Machine (MVM) solves this problem by providing an efficient and scalable implementation of the isolate API for multiple, isolated tasks, enabling the co-location of multiple server instances in a single MVM process. Isolates also enable the restructuring of a J2EE server implementation as a collection of isolated components, offering increased flexibility and reliability. The resulting system is a step towards a complete and scalable operating environment for enterprise applications. Copyright © 2006 John Wiley & Sons, Ltd.
42 citations
TL;DR: This paper presents a novel approach involving the use of preference information as a basis for making flexible adaptation decisions, and discusses the experiences in applying conceptual and software frameworks for context and preference modelling to a case study involving the development of an adaptive communication application.
Abstract: Applications that exploit contextual information in order to adapt their behaviour to dynamically changing operating environments and user requirements are increasingly being explored as part of the vision of pervasive or ubiquitous computing. Despite recent advances in infrastructure to support these applications through the acquisition, interpretation and dissemination of context data from sensors, they remain prohibitively difficult to develop and have made little penetration beyond the laboratory. This situation persists largely due to a lack of appropriately high-level abstractions for describing, reasoning about and exploiting context information as a basis for adaptation. In this paper, we present our efforts to address this challenge, focusing on our novel approach involving the use of preference information as a basis for making flexible adaptation decisions. We also discuss our experiences in applying our conceptual and software frameworks for context and preference modelling to a case study involving the development of an adaptive communication application.
38 citations
TL;DR: The improved Reconfigurable Context‐Sensitive Middleware (RCSM) is developed and an approach is presented to provide development and runtime support to incorporate SAW in trustworthy ubicomp application software.
Abstract: Due to the dynamic and ephemeral nature of ubiquitous computing (ubicomp) environments, it is especially important that the application software in ubicomp environments is trustworthy. In order to have trustworthy application software in ubicomp environments, situation-awareness (SAW) in the application software is needed to enforce flexible security policies and detect violations of security policies. In this paper, an approach is presented to provide development and runtime support to incorporate SAW in trustworthy ubicomp application software. The development support is to provide SAW requirement specification and automated code generation to achieve SAW in trustworthy ubicomp application software, and the runtime support is for context acquisition, situation analysis and situation-aware communication. To realize our approach, the improved Reconfigurable Context-Sensitive Middleware (RCSM) is developed to provide the above development and runtime support. Copyright © 2006 John Wiley & Sons, Ltd.
35 citations
TL;DR: This article presents a novel framework for the sampling-based profiling of Java programs, which relies on program transformation techniques and exploits bytecode instruction counting to regularly activate a user-defined profiling agent, which processes the current call stack.
Abstract: This article presents a novel framework for the sampling-based profiling of Java programs, which relies on program transformation techniques. We exploit bytecode instruction counting to regularly activate a user-defined profiling agent, which processes the current call stack. This approach has several advantages, such as making the instrumentation entirely portable, generating reproducible profiles, and enabling a fine-grained adjustment of the sampling rate. Our framework offers a flexible API to write portable profiling agents in pure Java. While the overhead due to our profiling scheme is comparable to the overhead caused by prevailing, timing-based profilers, the resulting profiles are much more accurate. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: STLlint, a program analysis implemented for the C++ Standard Template Library and similar, generic software libraries, and the general approach that underlies STLlint are presented, showing that static checking of library semantics differs greatly from checking of language semantics.
Abstract: Traditional static checking centers around finding bugs in programs by isolating cases where the language has been used incorrectly. These language-based checkers do not understand the semantics of software libraries, and therefore cannot be used to detect errors in the use of libraries. In this paper, we introduce STLlint, a program analysis we have implemented for the C++ Standard Template Library and similar, generic software libraries, and we present the general approach that underlies STLlint. We show that static checking of library semantics differs greatly from checking of language semantics, requiring new representations of program behavior and new algorithms. Major challenges include checking the use of generic algorithms, loop analysis for interfaces, and organizing behavioral specifications for extensibility. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: This paper describes an architecture that allows the flexible orchestration of business processes and a methodology is defined to evaluate Web service compatibility based on interface matching, in order to select substitutable Web services.
Abstract: Web service composition is emerging as an interesting approach to integrate business applications and create intra-organizational business processes. Single Web services are combined to create a complex Web service that will realize the process business logic. Once the process is created, it is executed by an orchestration engine that invokes individual Web services in the correct order. However, Web services composing the workflow sometimes become unavailable during the run-time phase, blocking process execution. This paper describes an architecture that allows the flexible orchestration of business processes. With this approach, Web services composing the process can be automatically substituted with other compatible Web services during process execution. A methodology is defined to evaluate Web service compatibility based on interface matching, in order to select substitutable Web services. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: An architectural pattern for designing component-based application framework so that the appropriate mix of fixed and flexible elements can be integrated into architectures that maximize scalability and extensibility is described.
Abstract: A widely used architecture for the development of software systems is the component-based application framework. Such frameworks offer two mechanisms. First, they provide component integration and interoperability services which make it possible to extend the framework with various third-party components. Second, they provide mechanisms to customize the integrated components to the specific needs of applications to be built using the framework. This paper describes an architectural pattern for designing such frameworks so that the appropriate mix of fixed and flexible elements can be integrated into architectures that maximize scalability and extensibility. The pattern is illustrated by frameworks developed for three different application domains: electronic design automation, scientific visualization and numerical simulation, and industrial control systems. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: A method for measuring the cost and benefits of compiler optimizations, both individually and in synergy with other optimizations, is described.
Abstract: Compiler optimizations are difficult to implement and add complexity to a compiler. For this reason, compiler writers are selective about implementing them: they implement only the ones that they believe will be beneficial. To support compiler writers in this, we describe a method for measuring the cost and benefits of compiler optimizations, both individually and in synergy with other optimizations. We demonstrate our method by presenting results for the optimizations implemented in the Jikes Research Virtual Machine on the PowerPC and IA32 platforms. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: This paper describes intra-method control-flow and data-flow testing criteria for the Java bytecode language and implements a tool named JaBUTi (Java Bytecode Understanding and Testing), used to support the application of the testing criteria.
Abstract: This paper describes intra-method control-flow and data-flow testing criteria for the Java bytecode language. Six testing criteria are considered for the generation of testing requirements: four control-flow and two data-flow based. The main reason to work at a lower level is that, even when there is no source code, structural testing requirements can still be derived and used to assess the quality of a given test set. It can be used, for instance, to perform structural testing on third-party Java components. In addition, the bytecode can be seen as an intermediate language, so the analysis performed at this level can be mapped back to the original high-level language that generated the bytecode. To support the application of the testing criteria, we have implemented a tool named JaBUTi (Java Bytecode Understanding and Testing). JaBUTi is used to illustrate the application of the ideas developed in this paper. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: The research in the area of dynamic service adaptation is outlined to provide concepts and technologies allowing for such environments as a ubiquitous society where virtually everything is connected and made available within an organic information network.
Abstract: Change can be observed in our environment and in the technology we build. While changes in the environment happen continuously and implicitly, our technology has to be kept in sync with the changing world around it. Although we can prepare for some of the changes for most of them we cannot. This is especially true for next-generation mobile communication systems that are expected to support the creation of a ubiquitous society where virtually everything is connected and made available within an organic information network. Resources will frequently join or leave the network, new types of media or new combinations of existing types will be used to interact and cooperate, and services will be tailored to preferences and needs of individual customers to better meet their needs. This paper outlines our research in the area of dynamic service adaptation to provide concepts and technologies allowing for such environments. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: The company improved the maturity of its processes which allowed it to obtain the ISO 9000 certification and the framework was improved and important feedback was obtained, bringing to light new important issues which will be tacked in future work.
Abstract: This article presents the results and lessons learned in the application of the Framework for the Modelling and Measurement of Software Processes (FMESP) in a software company dedicated to the development and maintenance of software for information systems. The aim of FMESP is to provide companies with a conceptual and technological framework for the management of their process models and measurement models in an integrated way. Modelling and measurement are two key factors to promote continuous process improvement. As a result, important benefits were obtained. The company improved the maturity of its processes which allowed it to obtain the ISO 9000 certification. From a research point of view, Action-Research was successfully applied and as a result the framework was improved and important feedback was obtained, bringing to light new important issues which will be tacked in future work. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: The results indicate that TAWK can be used to quickly and easily perform a variety of common software engineering tasks, and the extensions to accommodate non-syntactic features significantly extend the generality of syntactic matchers.
Abstract: Program understanding can be assisted by tools that match patterns in the program source. Lexical pattern matchers provide excellent performance and ease of use, but have a limited vocabulary. Syntactic matchers provide more precision, but may sacrifice performance, robustness, or power. To achieve more of the benefits of both models, we extend the pattern syntax of AWK to support matching of abstract syntax trees, as demonstrated in a tool called TAWK. Its pattern syntax is language-independent, based on abstract tree patterns. As in AWK, patterns can have associated actions, which in TAWK are written in C for generality, familiarity, and performance. The use of C is simplified by high-level libraries and dynamic linking. To allow processing of program files containing non-syntactic constructs such as textual macros, mechanisms have been designed that allow matching of ‘language-like’ macros in a syntactic fashion. We survey and apply prototypical approaches to concretely demonstrate the tradeoffs in program processing. Our results indicate that TAWK can be used to quickly and easily perform a variety of common software engineering tasks, and the extensions to accommodate non-syntactic features significantly extend the generality of syntactic matchers. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: A new instruction adapts LZ77 compression for use inside running programs, and it typically cuts code size by a third; that is, typical compression ratios are roughly 0.67×.
Abstract: A new instruction adapts LZ77 compression for use inside running programs. The instruction economically references and reuses code fragments that are too small to package as conventional subroutines. The compressed code is interpreted directly, with neither prior nor on-the-fly decompression. Hardware implementations seem plausible and could benefit both memory-constrained and more conventional systems. The method is extremely simple. It has been added to a pre-existing, bytecoded instruction set, and it added only 10 lines of C to the bytecode interpreter. It typically cuts code size by a third; that is, typical compression ratios are roughly 0.67×. More ambitious compressors are available, but they are more complex, which retards adoption. The current method offers a useful trade-off to these more complex systems. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: The ITUA architecture is presented, which integrates mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware in a framework for auto‐adaptive intrusion‐tolerant systems and describes the experience in using the technology to defend a critical application that is part of a larger avionics system.
Abstract: Applications that are part of a mission-critical information system need to maintain a usable level of key services through ongoing cyber-attacks. In addition to the well-publicized denial of service (DoS) attacks, these networked and distributed applications are increasingly threatened by sophisticated attacks that attempt to corrupt system components and violate service integrity. While various approaches have been explored to deal with DoS attacks, corruption-inducing attacks remain largely unaddressed. We have developed a collection of mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware that help distributed, object-based applications tolerate corruption-inducing attacks. In this paper, we present the ITUA architecture, which integrates these mechanisms in a framework for auto-adaptive intrusion-tolerant systems, and we describe our experience in using the technology to defend a critical application that is part of a larger avionics system as an example. We also motivate the adaptive responses that are key to intrusion tolerance, and explain the use of the ITUA architecture to support them in an architectural framework. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: By restructuring a complex legacy application, it is argued that code restructuring can be used to combat minefields, having implemented a mine detector for Cobol.
Abstract: In Cobol, procedures can be programmed in ways that lead to unexpected behaviour and reduced portability. This behaviour is recognized as so-called ‘mines’: programming practices containing hidden dangers and requiring extreme caution. Cobol mines can be created intentionally or by a programming error, and can be tripped at an unforeseen moment. This leads to minefields in source code with unseen hazards, which complicate understanding and maintenance, and which can lead to costly breakdowns of business critical software systems. We discuss Cobol mines and the dangers that come with them, having implemented a mine detector for Cobol. Our detector was deployed in an industrial situation, and a number of minefields were found in production systems. By restructuring a complex legacy application, we argue that code restructuring can be used to combat minefields. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: This paper proposes a model-centric approach where this kind of reasoning is driven by the analysis of quality attribute scenarios that explore responses stimulated by new requirements, such as new deployments of existing components.
Abstract: Much progress has been achieved in defining methods, techniques, and tools for software architecture reconstruction (SAR). However, less progress has been achieved in constructing reasoning frameworks from existing systems that support organizations in architecture analysis and design decisions. These reasoning frameworks are necessary, for example, to assemble existing components and deploy them in new system configurations. We propose a model-centric approach where this kind of reasoning is driven by the analysis of quality attribute scenarios. The scenarios and the related quality attribute models guide the SAR effort by focusing on the elicitation of model relevant artifacts. The approach further drives the model construction towards the analytical support of What If scenarios that explore responses stimulated by new requirements, such as new deployments of existing components. The paper provides two real-world case studies. The first case study introduces the model-centric reconstruction approach in the context of a large satellite tracking system. The second case study provides the construction of a time performance model for an existing embedded system in the automotive industry. The model allows us to perform cost-efficient predictions of component assemblies in new customer configurations. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: The structure and functionality of an advanced middleware platform for developing applications that apply various techniques to adapt themselves to changes in resource availability to meet real‐time QoS requirements are described.
Abstract: Computing systems are increasingly distributed, real-time, and embedded (DRE) and must operate under highly unpredictable and changeable conditions. A challenging problem for DRE systems is adaptation of behavior and reconfiguration of resources to maintain the best application performance in the face of changes in system load and available resources. To provide predictable mission-critical quality of service (QoS) end-to-end, QoS-enabled middleware services and mechanisms have begun to emerge, but they lack support for applications with stringent QoS requirements in changing, dynamic environments. This paper presents two contributions to research on adaptive and reconfigurable DRE systems. First, we describe the structure and functionality of an advanced middleware platform for developing applications that apply various techniques to adapt themselves to changes in resource availability to meet real-time QoS requirements. Second, we present results of a case study of a multimedia application for Unmanned Aerial Vehicle (UAV) video distribution we developed using this middleware platform in conjunction with QoS-enabledoperating systems and networking protocols. We describe the design of the multimedia application using our middleware platform and report empirical results showing how adaptive behavior and end-to-end resource management techniques are used to reconfigure the system dynamically to meet timeliness requirements. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: How context‐awareness can be expressed at the programming language level with a basis on four main abstractions: context, adapters, adaptation commands, and adaptive behavior management policies is introduced, and some development and management tools anchored on an example application, which is under development.
Abstract: The concept of pervasiveness provides the future of computing with an attractive perspective. However, software support for physical and logical mobility raises a set of new requirements and challenges for software production, creating demand for new types of applications, the so-called pervasive applications, which express follow-me semantics. The core of these challenges is a dynamic operating environment, which originates with the users' movement in different terminals and locations, and determines different execution contexts. For this envision to become a reality, developers must build applications that constantly adapt to a highly dynamic computing environment. Research works in pervasive computing have already addressed important issues, but they do not approach the problem of how to program general-purpose pervasive systems. Pervasive applications are distributed, mobile, adaptive and consider context as a first-order concept. To make the developers' task easier, we have introduced the software architecture called ISAM, which provides an integrated environment aimed at building pervasive applications composed of a development environment and an execution middleware. As part of our study within the ISAM project, we have been investigating how context-awareness can be expressed at the programming language level with a basis on four main abstractions: context, adapters, adaptation commands, and adaptive behavior management policies. This paper introduces such abstractions, and presents some development and management tools anchored on an example application, which is under development. Copyright © 2006 John Wiley & Sons, Ltd.
[...]
TL;DR: This paper proposes an extension of C++ (also applicable to other object-oriented languages) that enables double dispatch as a language feature and defines a translation from the new constructs to standard C++ and presents the preprocessor implementing this translation, called doublecpp.
Abstract: Double dispatch is the ability to dynamically select a method not only according to the run-time type of the receiver (single dispatch), but also according to the run-time type of the argument. This mechanism unleashes the power of dynamic binding in object-oriented languages, so enhancing re-usability and separation of responsibilities. However, many mainstream languages, such as, e.g., C++ and Java, do not provide it, resorting only to single dispatch. In this paper we propose an extension of C++ (also applicable to other object-oriented languages) that enables double dispatch as a language feature. This yields dynamic overloading and covariant specialization of methods. We define a translation from the new constructs to standard C++ and we present the preprocessor implementing this translation, called doublecpp . The translated code enjoys static type safety and implements the semantics of double dispatch by using only standard mechanisms of static overloading and dynamic binding, with minimal impact on the performance of the program. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: This paper provides an overview of a formal framework for ensuring the integrity of the compositions in object‐oriented designs by providing mathematically rigorous modeling and analysis techniques for object-oriented systems comprising pattern‐based designs as the basic building blocks or design components.
Abstract: Software patterns are a new design paradigm used to solve problems that arise when developing software within a particular context. Patterns capture the static and dynamic structure and collaboration among the components in a software design. A key promise of the pattern-based approach is that it may greatly simplify the construction of software systems out of building blocks and thus reuse experience and reduce cost. However, it also introduces significant problems in ensuring the integrity and reliability of these composed systems because of their complex software topologies, interactions and transactions. There is a need to capture these features as a contract through a formal model that allows us to analyze pattern-based designs. In this paper, we provide an overview of a formal framework for ensuring the integrity of the compositions in object-oriented designs by providing mathematically rigorous modeling and analysis techniques for object-oriented systems comprising pattern-based designs as the basic building blocks or design components. A case study related to a hypermedia Web-based application has been presented to illustrate our approach in distributed systems. Copyright © 2005 John Wiley & Sons, Ltd.
TL;DR: This paper presents a novel approach for transparent and efficient runtime protection against buffer overflows, implemented by two tools: Type Information Extractor and Depositor and LibsafePlus.
Abstract: Buffer overflow vulnerabilities are one of the most commonly and widely exploited security vulnerabilities in programs. Most existing solutions for avoiding buffer overflows are either inadequate, inefficient or incompatible with existing code. In this paper, we present a novel approach for transparent and efficient runtime protection against buffer overflows. The approach is implemented by two tools: Type Information Extractor and Depositor (TIED) and LibsafePlus. TIED is first used on a binary executable or shared library file to extract type information from the debugging information inserted in the file by the compiler and reinsert it in the file as a data structure available at runtime. LibsafePlus is a shared library that is preloaded when the program is run. LibsafePlus intercepts unsafe C library calls such as strcpy and uses the type information made available by TIED at runtime to determine whether it would be ‘safe’ to carry out the operation. With our simple design we are able to protect most applications with a performance overhead of less than 10%. Copyright © 2006 John Wiley & Sons, Ltd.
TL;DR: It is demonstrated how MUSTARD can validate specifications written in two standardized formal languages: language of temporal ordering specification (LOTOS) and specification and description language (SDL).
Abstract: It is argued that specifications should be rigorously validated against requirements. This is useful to build confidence in a specification and to check a specification after it or the requirements have changed. The multiple-use scenario test and refusal description (MUSTARD) is introduced as a means of formulating and formalizing validation scenarios. The practical use of MUSTARD on a number of case studies is introduced. The MUSTARD notation is then explained, using examples from Internet telephony to show how validation scenarios are written. The core MUSTARD constructs are augmented by domain-specific vocabularies that adapt it for different kinds of systems. It is demonstrated how MUSTARD can validate specifications written in two standardized formal languages: language of temporal ordering specification (LOTOS) and specification and description language (SDL). Copyright © 2006 John Wiley & Sons, Ltd.
[...]
TL;DR: A scheme for implementing dynamic casts suitable for systems where the performance and predictability of performance is essential is described, and the type ID scheme presented uses the modulo function to check that one class derives from another.
Abstract: We describe a scheme for implementing dynamic casts suitable for systems where the performance and predictability of performance is essential. A dynamic cast from a base class to a derived class in an object-oriented language can be performed quickly by having the linker assign an integer type ID to each class. A simple integer arithmetic operation verifies whether the cast is legal at run time. The type ID scheme presented uses the modulo function to check that one class derives from another. A 64-bit type ID is sufficient to handle class hierarchies of large size at least nine levels of derivation deep. We also discuss the pointer adjustments required for a C++ dynamiclcast. All examples will be drawn from the C++ language. Copyright © 2005 John Wiley & Sons, Ltd.