A Query-Based Approach for the Analysis of Aspect-Oriented Systems

Barrenechea, Eduardo

January 2007

In recent years, many aspect-oriented languages and methods have been proposed in the literature to support separation of concerns that can be spread throughout a software system and its components and to facilitate post-development and unpredictable system changes in the code of these systems. These languages and methods provide new abstraction and composition mechanisms to deal with some special concerns, which are called cross-cutting concerns. Cross-cutting concerns, by nature, encode structures that represent changes related to many different system modules, and are often difficult to understand. Also, the provision and support for metrics that can give quantitative estimates related to various software quality features had been a challenge. Because of the complexity and intricate relationships with the base code, techniques for more rigorous analysis are crucially needed to check whether, for instance, some aspects are interfering with other aspects in an undesirable way or not behaving according to the systems requirements and expected behaviour. In this thesis we advocate that by extending the metrics and analysis capabilities of current approaches, which are often restricted to code-level evaluations, we can (i) define an approach to analyze aspect-oriented systems based on design and architecture-level quality criteria and metrics, (ii) implement tool support for our approach and (iii) provided experimental support based on case studies indicating the usefulness and impact of the approach.

aspect-oriented programming

software engineering

Applied Mathematics

Mining and tracking in evolving software

Breu, Silvia

January 2013

No description available.

004

Identifying Crosscutting Concerns from Requirement Specifications - A Case Study

Li, GANG

13 April 2010

Aspect-Oriented Requirement Engineering (AORE) is an emerging software engineering paradigm with increasing attention from academic as well as industrial communities. AORE aims at the systematic identification, modularization, composition and analysis of crosscutting concerns that manifest in requirements. It is believed that systematically managing crosscutting concerns early on at the requirement engineering stage can provide valuable insight at the architecture design and implementation stages and can help identify and thus manage crosscutting concerns at these stages. Moreover, identifying crosscutting concerns in requirements can help to reveal the scope of each concern in a software system, to detect potential conflicts between concerns and to facilitate trade-off negotiation early on. Hundreds of papers regarding AORE have been published in AORE communities. However, few of them address crosscutting concerns in real world requirements. Whether the proposed AORE approaches are productive when applied to real world requirements is unknown. In this thesis, we conduct an AORE case study consisting of an experiment using a real world software requirement specification in order to examine how crosscutting concerns present in real world requirement documents, explore the difference between crosscutting concerns in requirements and crosscutting concerns in code, and reason whether identifying and thus managing crosscutting concerns from real world requirements is a productive practice. / Thesis (Master, Computing) -- Queen's University, 2009-09-21 15:09:27.262

Crosscutting Concerns

Aspect-Oriented Requirement Engineering

Visual, Aspect-Oriented Tools for Component Pascal in Eclipse

Singh, Abhishek

January 2005

Tools and environments have aided developers in producing software since compilers and editors became standard offerings with operating systems. A major challenge for the tools and environments community has been to find ways to build and integrate tools so that they, or capabilities between them, can be easily adapted for use in new contexts. The "Eclipse" Project is an open source software development project dedicated to providing a robust, full-featured, commercial-quality, industry platform for the development of highly integrated tools. The mission of the "Eclipse" Project is to adapt and evolve the eclipse technology to meet the needs of the eclipse tool building community and its users, so that the vision of eclipse as an industry platform is realized. "Eclipse" uses an innovative plug-in architecture allowing near-infinite extensions to the base IDE. Unlike other opensource projects that don't allow proprietary derivative works, "Eclipse" can be extended with proprietary plug-ins, repackaged, and sold commercially. Aspect-Oriented programming (AOP) is a new programming paradigm based on the idea that computer systems are better programmed by separately specifying the various concerns of a system and some description of their relationships, and then relying on mechanisms in the underlying AOP environment to weave or compose them together into a coherent program. While the tendency in Object-Oriented Programming is to find commonality among classes and push it up in the inheritance tree, AOP attempts to realize scattered concerns as first-class elements, and eject them horizontally from the object structure. The primary goals of this research were 1. Incorporation of "Component Pascal" into "Eclipse". "Component Pascal"was a command line compiler that is targeted to a variety of platforms including JVM and.NET. 2. Research and design visual programming tools for "Component Pascal" in "Eclipse", in particular visual tools that support aspect-oriented views of software. These objectives are now complete and a plug-in has been developed that enables the development of "Component Pascal" software within "Eclipse". Aspect-Orientation has been incorporated directly into the "Component Pascal" compiler.

Visual

aspect-oriented

component

pascal

eclipse

Framework-based model construction with AOP assistance /

Chen, Zebin,

January 2008

Thesis (Ph. D.)--University of Oregon, 2008. / Typescript. Includes vita and abstract. Includes bibliographical references (leaves 123-127). Also available online in ProQuest, free to University of Oregon users.

Analysis of techniques for implementing software product lines variabilities

Osandy Alves Matos Junior, Pedro

31 January 2008

Made available in DSpace on 2014-06-12T15:54:11Z (GMT). No. of bitstreams: 2 arquivo1967_1.pdf: 2290024 bytes, checksum: c02392abf0809cdb2a823828412d659c (MD5) license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2008 / Conselho Nacional de Desenvolvimento Científico e Tecnológico / Linhas de Produtos de Software (LPS) são conjuntos de sistemas de software que compartilham uma base comum de funcionalidades e satisfazem a necessidades especificas de determinados segmentos de mercado. LPS são desenvolvidas a partir de uma arquitetura comum e compartilham um conjunto de artefatos reusaveis (projetados para um dominio de aplicacão especifico). Entre as atividades principais na construcão e manutencão de uma LPS esta a gerência das variacões nos diversos artefatos que a compõem. Em particular, a escolha de tecnicas de programacão que possibilitem a introducão de variacões em artefatos de implementacão e uma atividade que merece bastante atencão. A escolha de qual tecnica utilizar para lidar com determinados tipos de variacões nos artefatos de implementacão de uma LPS pode gerar impactos significativos tanto na qualidade desses artefatos como na qualidade dos produtos finais gerados. Apesar da importância dessa atividade, poucos estudos publicados mostram comparacões entre as diversas tecnicas que permitem a implementacão de variacões em software. A maioria dos trabalhos existentes limita-se a avaliacões qualitativas dessas tecnicas, não analisando o impacto dessas tecnicas nos atributos de qualidade de LPS existentes atraves de metricas de software. O foco do presente trabalho e a comparacão entre algumas das tecnicas de implementa cão de variacões usadas na industria de software. Para tal, primeiro apresentamos um catalogo de tipos de variacões, onde variacões são classificadas de acordo com a sua estrutura e localizacão no codigo da aplicacão. As variacões apresentadas no catalogo foram identificadas atraves de uma analise realizada em uma LPS do dominio de jogos para dispositivos moveis. Em seguida, apresentamos propostas de solucão que utilizam algumas das principais tecnicas de programacão para lidar com cada tipo de variacão espec ico. Como parte desse trabalho, analisamos o impacto da utilizacão de cada solução proposta atraves de dados qualitativos e quantitativos. Analisamos ainda a composicão do uso dessas solucões para implementar variacões em LPS e como um catalogo de tipos reestruturacão de variacões em uma LPS.

Software Product Lines

Aspect-Oriented Programming

Mixins

Modularisation de la sécurité informatique dans les systèmes distribués / Modularization of security software engineering in distributed systems

Serme, Gabriel

05 November 2013

Intégrer les problématiques de sécurité au cycle de développement logiciel représente encore un défi à l’heure actuelle, notamment dans les logiciels distribués. La sécurité informatique requiert des connaissances et un savoir-faire particulier, ce qui implique une collaboration étroite entre les experts en sécurité et les autres acteurs impliqués. La programmation à objets ou à base de composants est communément employée pour permettre de telles collaborations et améliorer la mise à l’échelle et la maintenance de briques logicielles. Malheureusement, ces styles de programmation s’appliquent mal à la sécurité, qui est un problème transverse brisant la modularité des objets ou des composants. Nous présentons dans cette thèse plusieurs techniques de modularisation pour résoudre ce problème. Nous proposons tout d’abord l’utilisation de la programmation par aspect pour appliquer de manière automatique et systématique des techniques de programmation sécurisée et ainsi réduire le nombre de vulnérabilités d’une application. Notre approche se focalise sur l’introduction de vérifications de sécurité dans le code pour se protéger d’attaques comme les manipulations de données en entrée. Nous nous intéressons ensuite à l’automatisation de la mise en application de politiques de sécurité par des techniques de programmation. Nous avons par exemple automatisé l’application de règles de contrôle d’accès fines et distribuées dans des web services par l’instrumentation des mécanismes d’orchestration de la plate-forme. Nous avons aussi proposé des mécanismes permettant l’introduction d’un filtrage des données à caractère privée par le tissage d’aspects assisté par un expert en sécurité. / Addressing security in the software development lifecycle still is an open issue today, especially in distributed software. Addressing security concerns requires a specific know-how, which means that security experts must collaborate with application programmers to develop secure software. Object-oriented and component-based development is commonly used to support collaborative development and to improve scalability and maintenance in software engineering. Unfortunately, those programming styles do not lend well to support collaborative development activities in this context, as security is a cross-cutting problem that breaks object or component modules. We investigated in this thesis several modularization techniques that address these issues. We first introduce the use of aspect-oriented programming in order to support secure programming in a more automated fashion and to minimize the number of vulnerabilities in applications introduced at the development phase. Our approach especially focuses on the injection of security checks to protect from vulnerabilities like input manipulation. We then discuss how to automate the enforcement of security policies programmatically and modularly. We first focus on access control policies in web services, whose enforcement is achieved through the instrumentation of the orchestration mechanism. We then address the enforcement of privacy protection policies through the expert-assisted weaving of privacy filters into software. We finally propose a new type of aspect-oriented pointcut capturing the information flow in distributed software to unify the implementation of our different security modularization techniques.

Programmation orientée aspect

Aspect-oriented programming

Dynamic User Defined Permissions for Android Devices

Stelly, Christopher D

20 December 2013

Mobile computing devices have become an essential part of everyday life and are becoming the primary means for collecting and storing sensitive personal and corporate data. Android is, by far, the dominant mobile platform, which makes its permissions model responsible for securing the vast majority of this sensitive data. The current model falls well short of actual user needs, as permission assignments are made statically at installation time. Therefore, it is impossible to implement dynamic security policies that could be applied selectively depending on context. Users are forced to unconditionally trust installed apps without means to isolate them from sensitive data. We describe a new approach, app sanitization, which automatically instruments apps at installation time, such that users can dynamically grant and revoke individual permissions. The main advantage of our technique is that it runs in userspace and utilizes standard aspect-oriented methods to incorporate custom security controls into the app.

android

security

privacy

permissions

instrumentation

aspect oriented programming

appsanitizer

Opening up trace-based mechanisms -- application to context-aware Ssstems

Leger Morales, Paul Saint

January 2012

Doctor en Ciencias, Mención Computación / In 1972, David Lorge Parnas argued that modular programming is extremely valuable for the development of large pieces of code. This is so because a module can be written with little knowledge of the code of other modules and replaced without the need to rewrite the remaining other modules. However, paradigms based on general procedures like object-oriented programming do not fully support modular programming due to crosscutting concerns of a system. Fortunately, the aspect-oriented paradigm provides a set of abstractions and mechanisms that allow developers to modularize these concerns; therefore, improving modular programming. Aspects are widely-known abstractions to modularize crosscutting concerns. An aspect intercepts a single execution point, named join point, to execute a piece of code, named advice, that implements a crosscutting concern. However, some crosscutting concerns cannot be modularized through the interception of a single join point, e.g. error detections. Trace-based mechanisms support the definitions of stateful aspects that intercept join point traces. A stateful aspect is defined by a join point trace pattern and an advice that is executed when this pattern is matched. Various trace-based mechanisms have been proposed. These mechanisms do not share the exact semantics, which suggests there is no silver-bullet trace-based mechanism for all purposes. In addition, existing mechanisms do not allow developers to expressively define patterns and semantics of their stateful aspects. Therefore, developers end up "coding around" these mechanisms or creating specialized ones to modularize a particular crosscutting concern. In this thesis work, we propose a model of an expressive and open trace-based mechanism, named OTM. This model allows developers to flexibly define patterns and adapt them at runtime. In addition, as OTM follows the open implementation guidelines, this model allows developers to customize the semantics of how stateful aspects match and advise join point traces. Finally, this dissertation presents a concrete and practical implementation of OTM for JavaScript and a typed functional description in Typed Racket. We use the JavaScript implementation of our model to develop a number of systems that adapt their behavior when they detect certain contexts, know as context-aware systems. A context is detected by analyzing the history of events of a context-aware system. In this kind of systems, patterns represent the contexts that must be detected and advices represent the system adaptations. The development of these systems showed that our practical version improves modularity support to build (Web) applications, and that will eventually make it possible to empirically validate the benefits brought by an expressive and open trace-based mechanism.

Software computacional - Desarrollo

Aplicaciones web

Aspect-oriented programming

Um processo para customização de sistemas de software utilizando componentes orientados a aspectos / A process to customize software systems using aspect oriented componentes

Bianchi, Thiago

10 June 2013

A manutenção de software é reconhecida como uma atividade bastante importante, senão indispensável, da Engenharia de Software. As alterações realizadas no software durante a sua manutenção, se não forem realizadas de forma sistematizada, acabam por descaracterizar e prejudicar a manutenibilidade desse software. Nesse contexto, a customização de sistemas de software, ou seja, a manutenção adaptativa de sistemas de software para domínios e ambientes específicos, vem sendo largamente adotada pela indústria. Em outra perspectiva, a Programação Orientada a Aspectos (POA) foi proposta como uma abordagem para melhorar a separação de interesses em sistemas de software. Em paralelo, tem-se Componentes de Software que enfatizam o projeto e a construção de sistemas de software visando o aumento do reúso e da produtividade. Ainda nessa linha, algumas propostas têm sido feitas com o objetivo de combinar os conceitos de componentes de software com o paradigma de orientação a aspectos, ou seja, a criação de componentes que utilizem aspectos como interface para entrecortar outros sistemas. Vale destacar que na indústria, a manutenção de software, incluindo a customização, não tem sido realizada de maneira sistemática o que contribui para a degradação da qualidade dos sistemas. Portanto, a principal contribuição deste trabalho é propor um processo para customização de sistemas de software utilizando componentes orientados a aspectos visando a diminuição do acoplamento na adaptação de sistemas de software e, consequentemente, melhorando sua manutenibilidade. Além disso, um estudo de caso foi conduzido no qual a abordagem proposta foi utilizada na customização de um sistema de software comercial de grande porte. Os resultados desse estudo de caso foram analisados qualitativamente e contribuíram para avaliar a aplicabilidade da abordagem proposta neste trabalho como um processo sistematizado de customização de sistemas de software utilizando componentes orientados a aspectos / The software maintenance is recognized as a very important activity, if not indispensable, of Software Engineering. The changes made on the software during its maintenance, if not performed in a systematic way, eventually disfigure and damage the maintainability of this software. In this context, the customization of software systems, in other words, the adaptive maintenance of software systems for domains and for specific environments, has been widely adopted by industry. In another perspective, Aspect-Oriented Programming (AOP) has been proposed as an approach to improve separation of concerns in software systems. In parallel, there is Software Components that emphasize design and construction of software systems in order to increase reuse and productivity. Also in this subject, some proposals have been made with the objective to combine the concepts of software components with the aspect oriented paradigm, in other words, the creation of components that use aspects as interface to crosscut other systems. It is important to highlight that in the industry, software maintenance, including customization, has not been performed on a systematic way which contributes to the software quality degradation. Therefore, the main contribution of this work is to propose a process for customization of software systems using aspect oriented components aiming the reduction of coupling on software systems adaptation and thus improving its maintainability. Furthermore, a case study was conducted wherein the proposed approach was used to customize a large scale software system. The results of this case study were analyzed qualitatively and have contributed to evaluate the applicability of the proposed approach in this work as a systematic process to customize software systems using aspect-oriented components

Aspect oriented componentes

Componentes orientados a aspectos

Customização

Customization

Prometheus

Prometheus