Mining and tracking in evolving software

Breu, Silvia

January 2013

No description available.

004

Framework-based model construction with AOP assistance /

Chen, Zebin,

January 2008

Thesis (Ph. D.)--University of Oregon, 2008. / Typescript. Includes vita and abstract. Includes bibliographical references (leaves 123-127). Also available online in ProQuest, free to University of Oregon users.

Analysis of techniques for implementing software product lines variabilities

Osandy Alves Matos Junior, Pedro

31 January 2008

Made available in DSpace on 2014-06-12T15:54:11Z (GMT). No. of bitstreams: 2 arquivo1967_1.pdf: 2290024 bytes, checksum: c02392abf0809cdb2a823828412d659c (MD5) license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2008 / Conselho Nacional de Desenvolvimento Científico e Tecnológico / Linhas de Produtos de Software (LPS) são conjuntos de sistemas de software que compartilham uma base comum de funcionalidades e satisfazem a necessidades especificas de determinados segmentos de mercado. LPS são desenvolvidas a partir de uma arquitetura comum e compartilham um conjunto de artefatos reusaveis (projetados para um dominio de aplicacão especifico). Entre as atividades principais na construcão e manutencão de uma LPS esta a gerência das variacões nos diversos artefatos que a compõem. Em particular, a escolha de tecnicas de programacão que possibilitem a introducão de variacões em artefatos de implementacão e uma atividade que merece bastante atencão. A escolha de qual tecnica utilizar para lidar com determinados tipos de variacões nos artefatos de implementacão de uma LPS pode gerar impactos significativos tanto na qualidade desses artefatos como na qualidade dos produtos finais gerados. Apesar da importância dessa atividade, poucos estudos publicados mostram comparacões entre as diversas tecnicas que permitem a implementacão de variacões em software. A maioria dos trabalhos existentes limita-se a avaliacões qualitativas dessas tecnicas, não analisando o impacto dessas tecnicas nos atributos de qualidade de LPS existentes atraves de metricas de software. O foco do presente trabalho e a comparacão entre algumas das tecnicas de implementa cão de variacões usadas na industria de software. Para tal, primeiro apresentamos um catalogo de tipos de variacões, onde variacões são classificadas de acordo com a sua estrutura e localizacão no codigo da aplicacão. As variacões apresentadas no catalogo foram identificadas atraves de uma analise realizada em uma LPS do dominio de jogos para dispositivos moveis. Em seguida, apresentamos propostas de solucão que utilizam algumas das principais tecnicas de programacão para lidar com cada tipo de variacão espec ico. Como parte desse trabalho, analisamos o impacto da utilizacão de cada solução proposta atraves de dados qualitativos e quantitativos. Analisamos ainda a composicão do uso dessas solucões para implementar variacões em LPS e como um catalogo de tipos reestruturacão de variacões em uma LPS.

Software Product Lines

Aspect-Oriented Programming

Mixins

Modularisation de la sécurité informatique dans les systèmes distribués / Modularization of security software engineering in distributed systems

Serme, Gabriel

05 November 2013

Intégrer les problématiques de sécurité au cycle de développement logiciel représente encore un défi à l’heure actuelle, notamment dans les logiciels distribués. La sécurité informatique requiert des connaissances et un savoir-faire particulier, ce qui implique une collaboration étroite entre les experts en sécurité et les autres acteurs impliqués. La programmation à objets ou à base de composants est communément employée pour permettre de telles collaborations et améliorer la mise à l’échelle et la maintenance de briques logicielles. Malheureusement, ces styles de programmation s’appliquent mal à la sécurité, qui est un problème transverse brisant la modularité des objets ou des composants. Nous présentons dans cette thèse plusieurs techniques de modularisation pour résoudre ce problème. Nous proposons tout d’abord l’utilisation de la programmation par aspect pour appliquer de manière automatique et systématique des techniques de programmation sécurisée et ainsi réduire le nombre de vulnérabilités d’une application. Notre approche se focalise sur l’introduction de vérifications de sécurité dans le code pour se protéger d’attaques comme les manipulations de données en entrée. Nous nous intéressons ensuite à l’automatisation de la mise en application de politiques de sécurité par des techniques de programmation. Nous avons par exemple automatisé l’application de règles de contrôle d’accès fines et distribuées dans des web services par l’instrumentation des mécanismes d’orchestration de la plate-forme. Nous avons aussi proposé des mécanismes permettant l’introduction d’un filtrage des données à caractère privée par le tissage d’aspects assisté par un expert en sécurité. / Addressing security in the software development lifecycle still is an open issue today, especially in distributed software. Addressing security concerns requires a specific know-how, which means that security experts must collaborate with application programmers to develop secure software. Object-oriented and component-based development is commonly used to support collaborative development and to improve scalability and maintenance in software engineering. Unfortunately, those programming styles do not lend well to support collaborative development activities in this context, as security is a cross-cutting problem that breaks object or component modules. We investigated in this thesis several modularization techniques that address these issues. We first introduce the use of aspect-oriented programming in order to support secure programming in a more automated fashion and to minimize the number of vulnerabilities in applications introduced at the development phase. Our approach especially focuses on the injection of security checks to protect from vulnerabilities like input manipulation. We then discuss how to automate the enforcement of security policies programmatically and modularly. We first focus on access control policies in web services, whose enforcement is achieved through the instrumentation of the orchestration mechanism. We then address the enforcement of privacy protection policies through the expert-assisted weaving of privacy filters into software. We finally propose a new type of aspect-oriented pointcut capturing the information flow in distributed software to unify the implementation of our different security modularization techniques.

Programmation orientée aspect

Aspect-oriented programming

Dynamic User Defined Permissions for Android Devices

Stelly, Christopher D

20 December 2013

Mobile computing devices have become an essential part of everyday life and are becoming the primary means for collecting and storing sensitive personal and corporate data. Android is, by far, the dominant mobile platform, which makes its permissions model responsible for securing the vast majority of this sensitive data. The current model falls well short of actual user needs, as permission assignments are made statically at installation time. Therefore, it is impossible to implement dynamic security policies that could be applied selectively depending on context. Users are forced to unconditionally trust installed apps without means to isolate them from sensitive data. We describe a new approach, app sanitization, which automatically instruments apps at installation time, such that users can dynamically grant and revoke individual permissions. The main advantage of our technique is that it runs in userspace and utilizes standard aspect-oriented methods to incorporate custom security controls into the app.

android

security

privacy

permissions

instrumentation

aspect oriented programming

appsanitizer

Opening up trace-based mechanisms -- application to context-aware Ssstems

Leger Morales, Paul Saint

January 2012

Doctor en Ciencias, Mención Computación / In 1972, David Lorge Parnas argued that modular programming is extremely valuable for the development of large pieces of code. This is so because a module can be written with little knowledge of the code of other modules and replaced without the need to rewrite the remaining other modules. However, paradigms based on general procedures like object-oriented programming do not fully support modular programming due to crosscutting concerns of a system. Fortunately, the aspect-oriented paradigm provides a set of abstractions and mechanisms that allow developers to modularize these concerns; therefore, improving modular programming. Aspects are widely-known abstractions to modularize crosscutting concerns. An aspect intercepts a single execution point, named join point, to execute a piece of code, named advice, that implements a crosscutting concern. However, some crosscutting concerns cannot be modularized through the interception of a single join point, e.g. error detections. Trace-based mechanisms support the definitions of stateful aspects that intercept join point traces. A stateful aspect is defined by a join point trace pattern and an advice that is executed when this pattern is matched. Various trace-based mechanisms have been proposed. These mechanisms do not share the exact semantics, which suggests there is no silver-bullet trace-based mechanism for all purposes. In addition, existing mechanisms do not allow developers to expressively define patterns and semantics of their stateful aspects. Therefore, developers end up "coding around" these mechanisms or creating specialized ones to modularize a particular crosscutting concern. In this thesis work, we propose a model of an expressive and open trace-based mechanism, named OTM. This model allows developers to flexibly define patterns and adapt them at runtime. In addition, as OTM follows the open implementation guidelines, this model allows developers to customize the semantics of how stateful aspects match and advise join point traces. Finally, this dissertation presents a concrete and practical implementation of OTM for JavaScript and a typed functional description in Typed Racket. We use the JavaScript implementation of our model to develop a number of systems that adapt their behavior when they detect certain contexts, know as context-aware systems. A context is detected by analyzing the history of events of a context-aware system. In this kind of systems, patterns represent the contexts that must be detected and advices represent the system adaptations. The development of these systems showed that our practical version improves modularity support to build (Web) applications, and that will eventually make it possible to empirically validate the benefits brought by an expressive and open trace-based mechanism.

Software computacional - Desarrollo

Aplicaciones web

Aspect-oriented programming

Advanced separation of concerns and the compatibility of aspect-orientation

Dechow, Doug

18 March 2005

The appropriate separation of concerns is a fundamental engineering principle. A concern, for software developers, is that which must be represented by code in a program; by extension, separation of concerns is the ability to represent a single concern in a single appropriate programming language construct. Advanced separation of concerns is a relatively recent technique in software development for dealing with the complexity of systems that contain crosscutting concerns, namely those individual concerns that cut across programs. Aspect-oriented programming (AOP), which is the area of this dissertation, offers a form of advanced separation of concerns in which primary and crosscutting concerns can be separated during problem solving. An aspect gathers into one place a concern that is or would otherwise be scattered throughout an object-oriented program or system. The primary aim of this dissertation-the AOPy project-is to investigate the usefulness of advanced separation of concerns that aspect-oriented programming offers. In other words, the AOPy Project determines whether the potential usefulness of aspect-oriented programming is currently actualized in practice. In determining its current practical usefulness, this dissertation also determines characteristics of and obstacles to usefulness of aspect-orientation in software development. Perhaps the most important contribution to understanding and addressing the problem of complexity in software systems that this dissertation makes is that the AOPy research project establishes a definition of compatibility of aspect-orientation and provides an analysis of sample instances during problem solving that indicate evidence of compatibility between object-orientation and aspect-orientation. Compatibility, as defined by the AOPy Project, exists when aspect-oriented ideas, terminology, and techniques are appropriately employed in the experimental problem-solving session. The primary scientific contribution of this dissertation, therefore, is a narrative description of the actual use of aspect-oriented programming in a series of controlled, problem-solving scenarios. Theories describing the use of aspect-oriented ideas, terminology, and techniques are generated and refined by means of Grounded Theory, a qualitative data analysis technique. Because this dissertation 1) analytically explores areas of compatibility of aspect-orientation with object-orientation and 2) defines areas of compatibility thwarted in practice, this research project can serve as a foundation for the development of aspect-oriented programming-based design methodologies that encourage compatibility and discourage non-compatibility. Therefore, the AOPy Project establishes a foundation for future research in both its methodology and its results and for future software development in practice. By contributing a definition of aspect-oriented compatibility and a framework within which it can be understood, this dissertation fosters the progression toward a seamless use of aspect-orientation between developer and task. / Graduation date: 2005

Computer programming

Computer software -- Development

Aspect-oriented programming

Structuring extensions in system infrastructure software using aspects

Baldwin, Jennifer Ellen

28 September 2006

Many significant system extensions are hard to modularize. Consequently, their addition to a software system can jeopardize fundamental software engineering principles such as maintainability, understandability and evolvability. For example, the distributed Java Virtual Machine (dJVM) is a cluster aware implementation of a JVM in which distribution was retroactively added as an extension to an existing system. The prototype implementation of the dJVM relies on a patch file applied to IBM’s Jikes Research Virtual Machine (RVM), introducing distribution code into roughly 55% of the original 1166 Java files. In order to better determine the efficacy of modern modularization techniques such as aspect-oriented programming (AOP) in the context of system extensions, we offer up a case study based on distribution. The thesis of this work is that aspects can enhance extensibility of low-level system infrastructure software and be effectively integrated with existing software practices for introducing widespread change.

Distribution

Aspect-Oriented Programming

Patch

Java Virtual Machine

Computer Science

Genaweave a generic aspect weaver framework based on model-driven program transformation /

Roychoudhury, Suman.

January 2008

Thesis (Ph. D.)--University of Alabama at Birmingham, 2008. / Additional advisors: Purushotham Bangalore, Barrett Bryant, Marjan Mernik, Anthony Skjellum, Randy Smith. Description based on contents viewed Oct. 8, 2008; title from PDF t.p. Includes bibliographical references (p. 161-173).

Model-driven aspect adaptation to support modular software evolution

Zhang, Jing.

January 2009

Thesis (Ph. D.)--University of Alabama at Birmingham, 2009. / Additional advisors: Barrett Bryant, Aniruddha Gokhale, Marjan Mernik, Chengcui Zhang. Description based on contents viewed June 3, 2009; title from PDF t.p. Includes bibliographical references (p. 161-177).