Global ETD Search

301	Highlight and execute suspicious paths in Android malware / Mettre en avant et exécuter les chemins suspicieux dans les malwares Android Leslous, Mourad 18 December 2018 (has links) Les smartphones sont devenus omniprésents dans notre vie quotidienne à cause des options qu'ils proposent. Aujourd'hui, Android est installé sur plus de 80% des smartphones. Les applications mobiles recueillent une grande quantité d'informations sur l'utilisateur. Par conséquent, Android est devenu une cible préférée des cybercriminels. Comprendre le fonctionnement des malwares et comment les détecter est devenu un défi de recherche important. Les malwares Android tentent souvent d'échapper à l'analyse statique en utilisant des techniques telles que l'obfuscation et le chargement dynamique du code. Des approches d'analyse ont été proposées pour exécuter l'application et surveiller son comportement. Néanmoins, les développeurs des malwares utilisent des bombes temporelles et logiques pour empêcher le code malveillant d'être exécuté sauf dans certaines circonstances. Par conséquent, plus d'actions sont requises pour déclencher et surveiller leurs comportements. Des approches récentes tentent de caractériser automatiquement le comportement malveillant en identifiant les endroits du code les plus suspicieux et en forçant leur exécution. Elles se basent sur le calcul des graphes de flot de contrôle (CFG) qui sont incomplets, car ils ne prennent pas en considération tous les types de chemins d'exécution. Ces approches analysent seulement le code d'application et ratent les chemins d'exécution générés quand l'application appelle une méthode du framework, qui appelle à son tour une autre méthode applicative. Nous proposons GPFinder, un outil qui extrait automatiquement les chemins d'exécution qui mènent vers les endroits suspicieux du code, en calculant des CFG qui incluent les appels interprocéduraux explicites et implicites. Il fournit aussi des informations clés sur l'application analysée afin de comprendre comment le code suspicieux a été injecté dans l'application. Pour valider notre approche, nous utilisons GPFinder pour étudier une collection de 14224 malwares Android. Nous évaluons que 72,69% des échantillons ont au moins un endroit suspicieux du code qui n'est atteignable qu'à travers des appels implicites. Les approches de déclenchement actuelles utilisent principalement deux stratégies pour exécuter une partie du code applicatif. La première stratégie consiste à modifier l'application excessivement pour lancer le code ciblé sans faire attention à son contexte originel. La seconde stratégie consiste à générer des entrées pour forcer le flot de contrôle à prendre le chemin désiré sans modifier le code d'application. Cependant, il est parfois difficile de lancer un endroit spécifique du code seulement en manipulant les entrées. Par exemple, quand l'application fait un hachage des données fournies en entrée et compare le résultat avec une chaîne de caractères fixe pour décider quelle branche elle doit prendre. Clairement, le programme de manipulation d'entrée devrait inverser la fonction de hachage, ce qui est presque impossible. Nous proposons TriggerDroid, un outil qui a deux buts : forcer l'exécution du code suspicieux et garder le contexte originel de l'application. Il fournit les événements framework requis pour lancer le bon composant et satisfait les conditions nécessaires pour prendre le chemin d'exécution désiré. Pour valider notre approche, nous avons fait une expérience sur 135 malwares Android de 71 familles différentes. Les résultats montrent que notre approche nécessite plus de raffinement et d'adaptation pour traiter les cas spéciaux dus à la grande diversité des échantillons analysés. Finalement, nous fournissons un retour sur les expériences que nous avons conduites sur différentes collections, et nous expliquons notre processus expérimental. Nous présentons le dataset Kharon, une collection de malwares Android bien documentés qui peuvent être utilisés pour comprendre le panorama des malwares Android. / The last years have known an unprecedented growth in the use of mobile devices especially smartphones. They became omnipresent in our daily life because of the features they offer. They allow the user to install third-party apps to achieve numerous tasks. Smartphones are mostly governed by the Android operating system. It is today installed on more than 80% of the smartphones. Mobile apps collect a huge amount of data such as email addresses, contact list, geolocation, photos and bank account credentials. Consequently, Android has become a favorable target for cyber criminals. Thus, understanding the issue, i.e., how Android malware operates and how to detect it, became an important research challenge. Android malware frequently tries to bypass static analysis using multiple techniques such as code obfuscation and dynamic code loading. To overcome these limitations, many analysis techniques have been proposed to execute the app and monitor its behavior at runtime. Nevertheless, malware developers use time and logic bombs to prevent the malicious code from executing except under certain circumstances. Therefore, more actions are needed to trigger it and monitor its behavior. Recent approaches try to automatically characterize the malicious behavior by identifying the most suspicious locations in the code and forcing them to execute. They strongly rely on the computation of application global control flow graphs (CFGs). However, these CFGs are incomplete because they do not take into consideration all types of execution paths. These approaches solely analyze the application code and miss the execution paths that occur when the application calls a framework method that in turn calls another application method. We propose in this dissertation a tool, GPFinder, that automatically exhibits execution paths towards suspicious locations in the code by computing global CFGs that include edges representing explicit and implicit interprocedural calls. It also gives key information about the analyzed application in order to understand how the suspicious code was injected into the application. To validate our approach, we use GPFinder to study a collection of 14,224 malware samples, and we evaluate that 72.69% of the samples have at least one suspicious code location which is only reachable through implicit calls. Triggering approaches mainly use one of the following strategies to run a specific portion of the application's code: the first approach heavily modifies the app to launch the targeted code without keeping the original behavioral context. The second approach generates the input to force the execution flow to take the desired path without modifying the app's code. However, it is sometimes hard to launch a specific code location just by fuzzing the input. For instance, when the application performs a hash on the input data and compares the result to a fixed string to decide which branch of the condition to take, the fuzzing program should reverse the hashing function, which is obviously a hard problem. We propose in this dissertation a tool, TriggerDroid, that has a twofold goal: force the execution of the suspicious code and keep its context close to the original one. It crafts the required framework events to launch the right app component and satisfies the necessary triggering conditions to take the desired execution path. To validate our approach, we led an experiment on a dataset of 135 malware samples from 71 different families. Results show that our approach needs more refinement and adaptation to handle special cases due to the highly diverse malware dataset that we analyzed. Finally, we give a feedback on the experiments we led on different malware datasets, and we explain our experimental process. Finally, we present the Kharon dataset, a collection of well documented Android malware that can be used to understand the malware landscape. Android Malware Analyse dynamique Analyse statique Retro ingénierie Graphe de flot de contrôle Android Malware Static analysis Dynamic analysis Reverse engineering Control flow graph
302	"Um processo para construção de frameworks a partir da engenharia reversa de sistemas de informação baseados na Web: aplicação ao domínio dos leilões virtuais" / A Process for Framework Development from Reverse Engineering of Web-based Information Systems: Application to the Online Auction Domain Ré, Reginaldo 04 October 2002 (has links) Um processo para o desenvolvimento de frameworks para sistemas de informação baseados na Web é proposto. Esse processo é composto pelos subprocessos de engenharia reversa de sistemas baseados na Web, de criação de uma linguagem de padrões e de construção e instanciação do framework. O subprocesso de engenharia reversa utiliza sistemas presentes na Web para derivar um modelo do domínio de aplicação. O desenvolvimento da linguagem de padrões é baseado no modelo do domínio e a construção do framework utiliza essa linguagem de padrões como base de todo o processo. Os produtos resultantes do uso desse processo para o domínio dos leilões virtuais, a Linguagem de Padrões LV e o Framework Qd+, também são apresentados. / A process for the development of web-based information systems frameworks is proposed. This process comprises a reverse engineering - for web-based information systems -, a pattern language creation, and a framework instantiation subprocesses. The reverse engineering subprocess uses existing WISs to derive an application domain model. The pattern language is created from the application domain model and the framework is developed from this pattern language. The deliverables of the application of this process to the online auctions domain, the Pattern Language for Online Auctions and the Qd+ Framework, are also presented. engenharia reversa frameworks OO leilões virtuais online auctions OO frameworks padrões de software reverse engineering sistemas de informação baseados na web software patterns web-based informations systems
303	Reconstruction d’un modèle B-Rep à partir d’un maillage 3D / Reconstruction of a B-Rep model from 3D mesh Bénière, Roseline 01 February 2012 (has links) De nos jours, la majorité des objets manufacturés sont conçus par des logiciels informatiques de CAO (Conception Assistée par Ordinateur). Cependant, lors de la visualisation, d'échange de données ou des processus de fabrication, le modèle géométrique doit être discrétisé en un maillage 3D composé d'un nombre fini de sommets et d'arêtes. Or, dans certaines situations le modèle initial peut être perdu ou indisponible. La représentation discrète 3D peut aussi être modifiée, par exemple après une simulation numérique, et ne plus correspondre au modèle initial. Une méthode de rétro-ingénierie est alors nécessaire afin de reconstruire une représentation continue 3D à partir de la représentation discrète.Dans ce manuscrit, nous présentons une procédure automatique et complète de rétro-ingénierie pour les maillages 3D issus principalement de la discrétisation d'objets mécaniques. Pour cela, nous proposons des améliorations sur la détection de primitives géométriques simples. Puis, nous introduisons un formalisme clair pour la définition de la topologie de l'objet et la construction des intersections entre les primitives. Enfin, nous décrivons une nouvelle méthode de construction de surfaces paramétriques 3D, fondée sur l'extraction automatique de grilles rectangulaires régulières supports. La méthode a été testée sur des maillages 3D issus d'applications industrielles et permet d'obtenir des modèles B-Rep cohérents. / Nowadays, most of the manufactured objects are designed using CAD (Computer-Aided Design) software. Nevertheless, for visualization, data exchange or manufacturing applications, the geometric model has to be discretized into a 3D mesh composed of a finite number of vertices and edges. But, in some cases, the initial model may be lost or unavailable. In other cases, the 3D discrete representation may be modified, for example after a numerical simulation, and does not correspond anymore to the initial model. A retro-engineering method is then required to reconstruct a 3D continuous representation from the discrete one.In this Ph.D. Thesis, we present an automatic and comprehensive reverse engineering process mainly dedicated to 3D meshes of mechanical items. We present first several improvements in automatically detecting geometric primitives from a 3D mesh. Then, we introduce a clear formalism to define the topology of the object and to construct the intersections between primitives. At the end, we describe a new method to fit 3D parametric surfaces which is based on extracting regular rectangular grids. The whole process is tested on 3D industrial meshes and results in reconstructing consistent B-Rep models. Cao Rétro-ingénierie Maillage 3D Boundary Representation Courbure 3D Ajustement surfaces Cad Reverse Engineering 3D Mesh Boundary Representation 3D Curvature Surfaces fitting
304	Migration des applications orientées-objet vers celles à base de composants / Migrating Object Oriented Applications into Component-Based ones Al Shara, Zakarea 17 November 2016 (has links) Les applications orientées objet de tailles significatives ont des dépendances complexes et nombreuses, et généralement ne disposent pas d'architectures logicielles explicites. Par conséquent, elles sont difficiles à maintenir, et certaines parties de ces applications sont difficiles à réutiliser. Le paradigme de développement à base de composants est né pour améliorer ces aspects et pour soutenir la maintenabilité et la réutilisation efficaces. Il offre une meilleure compréhensibilité à travers une vue d'architecture de haut niveau. Ainsi, la migration des applications orientées objet à celles à base de composants contribuera à améliorer ces caractéristiques, et de soutenir l'évolution des logiciels et la future maintenance.Dans cette thèse, nous proposons une approche pour transformer automatiquement les applications orientées objet à celles à base de composants. Plus particulièrement, l'entrée de l'approche est le résultat fourni par la récupération de l'architecture logicielle: une description de l'architecture à base de composants. Ainsi, notre approche transforme le code source orienté objet afin de produire des composants déployables. Nous nous concentrons sur la transformation des dépendances orientées objet en celles basées sur les interfaces. De plus, nous passons du concept d'objet au concept d'instance d'un composant. En outre, nous fournissons une approche de transformation déclarative en utilisant des langages dédiés. Nous démontrons notre approche sur de nombreux modèles de composants bien connus. / Large object-oriented applications have complex and numerousdependencies, and usually do not have explicitsoftware architectures. Therefore they are hard to maintain, and parts of themare difficult to reuse. Component-based development paradigm emergedfor improving these aspects and for supporting effectivemaintainability and reuse. It provides better understandabilitythrough a high-level architecture view of the application. Thus, migrating object-oriented applications to component-based ones will contribute to improve these characteristics, and support software evolution and future maintenance.In this dissertation, we propose an approach to automatically transform object-oriented applications tocomponent-based ones. More particularly, the input of the approach isthe result provided by software architecture recovery: acomponent-based architecture description. Then, our approachtransforms the object-oriented source code in order to producedeployable components. We focus on transforming object-oriented dependencies into interface-based ones. Moreover, we move from the concept of object to the concept of component instance. Furthermore, we provide a declarative transformation approach using domain-specific languages. We demonstrate our approach on many well-known component models. Migration de logiciel À base de composants Orientée objet Rétro-Ingénierie Transformation Evolution du logiciel Software Migration Component-Based Object-Oriented Reverse engineering Transformation Software evolution
305	Análise do processo de conformação de chapas utilizando simulação computacional e engenharia reversa como ferramentas integradas no desenvolvimento e construção de estampos automotivos. / Sheet metal forming process analysis using computer simulation and reverse engineering as integrated tools in automotives stamping design and construction. Damoulis, Gleiton Luiz 05 October 2010 (has links) Em anos recentes, os processos de conformação de chapas automotivas têm sido drasticamente modificados. A utilização de equipamentos de medição metrológicos óticos sem contato e respectivos softwares baseados em fotogrametria, bem como o uso de programas de simulação de estampagem baseados no Método dos Elementos Finitos (FEM), estão se tornando uma rotina no desenvolvimento de ferramentais de estampagem, visto que a confiabilidade, precisão de resultados e facilidade de uso em relação à topologia superficial do ferramental, representou um grande salto tecnológico. Entretanto, por maior que tenha sido o avanço, persistem ainda problemas relacionados ao custo benefício quanto à adoção de certas técnicas e a possibilidade de utilizar ambos os sistemas de forma a um complementar o outro. Neste sentido, o objetivo desta tese é analisar o processo de conformação de chapas utilizando simulação computacional e engenharia reversa como ferramentas integradas no desenvolvimento e construção de estampos automotivos. São descritos casos industriais, cujos resultados demonstram que novas técnicas podem ser aplicadas na definição e modelagem do processo de estampagem de chapas metálicas, utilizando a metrologia ótica, engenharia reversa e a simulação computacional baseada no Método dos Elementos Finitos. / In recently years, sheet metal forming processes used in automotive industry have been drastically modified. The use of non-contact measurement devices based on optical metrology and respective software based on photogrammetry, and the use of stamping simulation programs based on Finite Element Method (FEM), are becoming a routine in the development of tools for stamping, visa that reliability, accuracy of results and ease of use, in relation to the tooling surface topology, was a major technology leap. However, although this advancement, there are still remaining problems related to the cost benefit of the adoption of certain techniques, and the possibility of the use of both systems, in order to complement one another. In this sense, the aims of this thesis is to analyze the sheet metal forming process using computer simulation and reverse engineering as integrated tools in design and construction of automotive dies. Industry cases are described, whose results show that new techniques can be applied in definition and modeling of stamping metal sheets process, using optical metrology, reverse engineering and computer simulation based on Finite Element Method. Computer simulation Conformação de chapas metálicas Elementos finitos Engenharia reversa Finite element Fotogrametria Photogrammetry Reverse engineering Sheet metal forming Simulação Simulação computacional Simulation
306	"Um processo para construção de frameworks a partir da engenharia reversa de sistemas de informação baseados na Web: aplicação ao domínio dos leilões virtuais" / A Process for Framework Development from Reverse Engineering of Web-based Information Systems: Application to the Online Auction Domain Reginaldo Ré 04 October 2002 (has links) Um processo para o desenvolvimento de frameworks para sistemas de informação baseados na Web é proposto. Esse processo é composto pelos subprocessos de engenharia reversa de sistemas baseados na Web, de criação de uma linguagem de padrões e de construção e instanciação do framework. O subprocesso de engenharia reversa utiliza sistemas presentes na Web para derivar um modelo do domínio de aplicação. O desenvolvimento da linguagem de padrões é baseado no modelo do domínio e a construção do framework utiliza essa linguagem de padrões como base de todo o processo. Os produtos resultantes do uso desse processo para o domínio dos leilões virtuais, a Linguagem de Padrões LV e o Framework Qd+, também são apresentados. / A process for the development of web-based information systems frameworks is proposed. This process comprises a reverse engineering - for web-based information systems -, a pattern language creation, and a framework instantiation subprocesses. The reverse engineering subprocess uses existing WISs to derive an application domain model. The pattern language is created from the application domain model and the framework is developed from this pattern language. The deliverables of the application of this process to the online auctions domain, the Pattern Language for Online Auctions and the Qd+ Framework, are also presented. engenharia reversa frameworks OO leilões virtuais padrões de software sistemas de informação baseados na web online auctions OO frameworks reverse engineering software patterns web-based informations systems
307	Program Understanding Techniques in Database Reverse Engineering Henrard, Jean 19 September 2003 (has links) For many years software engineering has primarily focused on the development of new systems and neglected maintenance and reengineering of legacy applications. Maintenance typically represents 70% of the cost during the life cycle of a system. In order to allow an efficient and safe maintenance of a legacy system, we need to reverse engineer it in order to reconstruct its missing or out-of-date documentation. In data-oriented applications the reverse engineering complexity can be broken down by considering that the database can be reverse engineered independently of the procedural components. Database reverse engineering can be defined as the process of recovering the database's schema(s) of an application from database declaration text and program source code that use the data in order to understand their exact structure and meaning. A database reverse engineering methodology is broken down into three processes: project preparation, data structure extraction that recovers the database's logical schema and data structure conceptualization that interprets the logical schema in conceptual terms. In order to validate our methodology and program understanding techniques, we have developed tools to support them. Those tools have proved absolutely necessary to perform database reverse engineering of medium to larger applications in reasonable time and at reasonable cost. To cut down on the cost of large projects, we have stressed the need for automation to reduce the manual work of the analyst. Our experience with real size projects has taught us that the management aspects of a project are essential success factors. The management of a project comprises different aspects such as database reverse engineering explanation, cost evaluation and database reverse engineering result evaluation. base de données rétro-ingénierie program slicing migration compréhension de programmes conceptualisation extraction de structure de données fragmentation de programmes data reverse engineering data structure extraction conceptualization
308	Robust inference of gene regulatory networks : System properties, variable selection, subnetworks, and design of experiments Nordling, Torbjörn E. M. January 2013 (has links) In this thesis, inference of biological networks from in vivo data generated by perturbation experiments is considered, i.e. deduction of causal interactions that exist among the observed variables. Knowledge of such regulatory influences is essential in biology. A system property–interampatteness–is introduced that explains why the variation in existing gene expression data is concentrated to a few “characteristic modes” or “eigengenes”, and why previously inferred models have a large number of false positive and false negative links. An interampatte system is characterized by strong INTERactions enabling simultaneous AMPlification and ATTEnuation of different signals and we show that perturbation of individual state variables, e.g. genes, typically leads to ill-conditioned data with both characteristic and weak modes. The weak modes are typically dominated by measurement noise due to poor excitation and their existence hampers network reconstruction. The excitation problem is solved by iterative design of correlated multi-gene perturbation experiments that counteract the intrinsic signal attenuation of the system. The next perturbation should be designed such that the expected response practically spans an additional dimension of the state space. The proposed design is numerically demonstrated for the Snf1 signalling pathway in S. cerevisiae. The impact of unperturbed and unobserved latent state variables, that exist in any real biological system, on the inferred network and required set-up of the experiments for network inference is analysed. Their existence implies that a subnetwork of pseudo-direct causal regulatory influences, accounting for all environmental effects, in general is inferred. In principle, the number of latent states and different paths between the nodes of the network can be estimated, but their identity cannot be determined unless they are observed or perturbed directly. Network inference is recognized as a variable/model selection problem and solved by considering all possible models of a specified class that can explain the data at a desired significance level, and by classifying only the links present in all of these models as existing. As shown, these links can be determined without any parameter estimation by reformulating the variable selection problem as a robust rank problem. Solution of the rank problem enable assignment of confidence to individual interactions, without resorting to any approximation or asymptotic results. This is demonstrated by reverse engineering of the synthetic IRMA gene regulatory network from published data. A previously unknown activation of transcription of SWI5 by CBF1 in the IRMA strain of S. cerevisiae is proven to exist, which serves to illustrate that even the accumulated knowledge of well studied genes is incomplete. / Denna avhandling behandlar inferens av biologiskanätverk från in vivo data genererat genom störningsexperiment, d.v.s. bestämning av kausala kopplingar som existerar mellan de observerade variablerna. Kunskap om dessa regulatoriska influenser är väsentlig för biologisk förståelse. En system egenskap—förstärksvagning—introduceras. Denna förklarar varför variationen i existerande genexpressionsdata är koncentrerat till några få ”karakteristiska moder” eller ”egengener” och varför de modeller som konstruerats innan innehåller många falska positiva och falska negativa linkar. Ett system med förstärksvagning karakteriseras av starka kopplingar som möjliggör simultan FÖRSTÄRKning och förSVAGNING av olika signaler. Vi demonstrerar att störning av individuella tillståndsvariabler, t.ex. gener, typiskt leder till illakonditionerat data med både karakteristiska och svaga moder. De svaga moderna domineras typiskt av mätbrus p.g.a. dålig excitering och försvårar rekonstruktion av nätverket. Excitationsproblemet löses med iterativdesign av experiment där korrelerade störningar i multipla gener motverkar systemets inneboende försvagning av signaller. Följande störning bör designas så att det förväntade svaret praktiskt spänner ytterligare en dimension av tillståndsrummet. Den föreslagna designen demonstreras numeriskt för Snf1 signalleringsvägen i S. cerevisiae. Påverkan av ostörda och icke observerade latenta tillståndsvariabler, som existerar i varje verkligt biologiskt system, på konstruerade nätverk och planeringen av experiment för nätverksinferens analyseras. Existens av dessa tillståndsvariabler innebär att delnätverk med pseudo-direkta regulatoriska influenser, som kompenserar för miljöeffekter, generellt bestäms. I princip så kan antalet latenta tillstånd och alternativa vägar mellan noder i nätverket bestämmas, men deras identitet kan ej bestämmas om de inte direkt observeras eller störs. Nätverksinferens behandlas som ett variabel-/modelselektionsproblem och löses genom att undersöka alla modeller inom en vald klass som kan förklara datat på den önskade signifikansnivån, samt klassificera endast linkar som är närvarande i alla dessa modeller som existerande. Dessa linkar kan bestämmas utan estimering av parametrar genom att skriva om variabelselektionsproblemet som ett robustrangproblem. Lösning av rangproblemet möjliggör att statistisk konfidens kan tillskrivas individuella linkar utan approximationer eller asymptotiska betraktningar. Detta demonstreras genom rekonstruktion av det syntetiska IRMA genreglernätverket från publicerat data. En tidigare okänd aktivering av transkription av SWI5 av CBF1 i IRMA stammen av S. cerevisiae bevisas. Detta illustrerar att t.o.m. den ackumulerade kunskapen om välstuderade gener är ofullständig. / <p>QC 20130508</p> network inference reverse engineering variable selection model selection feature selection subset selection system identification system theory network theory subnetworks design of experiments perturbation experiments gene regulatory networks biological networks
309	Framework-Specific Modeling Languages Antkiewicz, Michal 12 September 2008 (has links) Framework-specific modeling languages (FSMLs) help developers build applications based on object-oriented frameworks. FSMLs formalize abstractions and rules of the framework's application programming interfaces (APIs) and can express models of how applications use an API. Such models, referred to as framework-specific models, aid developers in understanding, creating, and evolving application code. We present the concept of FSMLs, propose a way of specifying their abstract syntax and semantics, and show how such language specifications can be interpreted to provide reverse, forward, and round-trip engineering of framework-specific models and framework-based application code. We present a method for engineering FSMLs that was extracted post-mortem from the experience of building four such languages. The method is driven by the use cases that the FSMLs under development are to support. We present the use cases, the overall process, and its instantiation for each language. The presentation focuses on providing concrete examples for engineering steps, outcomes, and challenges. It also provides strategies for making engineering decisions. The presented method and experience are aimed at framework developers and tool builders who are interested in engineering new FSMLs. Furthermore, the method represents a necessary step in the maturation of the FSML concept. Finally, the presented work offers a concrete example of software language engineering. FSML engineering formalizes existing domain knowledge that is not present in language form and makes a strong case for the benefits of such formalization. We evaluated the method and the exemplar languages. The evaluation is both empirical and analytical. The empirical evaluation involved measuring the precision and recall of reverse engineering and verifying the correctness or forward and round-trip engineering. The analytical evaluation focused on the generality of the method. FSMLs frameworks framework-specific models reverse engineering forward engineering round-trip engineering modeling static analysis incremental code transformation Computer Science (Software Engineering)
310	Framework-Specific Modeling Languages Antkiewicz, Michal 12 September 2008 (has links) Framework-specific modeling languages (FSMLs) help developers build applications based on object-oriented frameworks. FSMLs formalize abstractions and rules of the framework's application programming interfaces (APIs) and can express models of how applications use an API. Such models, referred to as framework-specific models, aid developers in understanding, creating, and evolving application code. We present the concept of FSMLs, propose a way of specifying their abstract syntax and semantics, and show how such language specifications can be interpreted to provide reverse, forward, and round-trip engineering of framework-specific models and framework-based application code. We present a method for engineering FSMLs that was extracted post-mortem from the experience of building four such languages. The method is driven by the use cases that the FSMLs under development are to support. We present the use cases, the overall process, and its instantiation for each language. The presentation focuses on providing concrete examples for engineering steps, outcomes, and challenges. It also provides strategies for making engineering decisions. The presented method and experience are aimed at framework developers and tool builders who are interested in engineering new FSMLs. Furthermore, the method represents a necessary step in the maturation of the FSML concept. Finally, the presented work offers a concrete example of software language engineering. FSML engineering formalizes existing domain knowledge that is not present in language form and makes a strong case for the benefits of such formalization. We evaluated the method and the exemplar languages. The evaluation is both empirical and analytical. The empirical evaluation involved measuring the precision and recall of reverse engineering and verifying the correctness or forward and round-trip engineering. The analytical evaluation focused on the generality of the method. FSMLs frameworks framework-specific models reverse engineering forward engineering round-trip engineering modeling static analysis incremental code transformation Computer Science (Software Engineering)

Search results