http://hdl.handle.net/10993/85 Search this channel search http://orbilu.uni.lu/simple-search http://hdl.handle.net/10993/41995 Title: An experimental scrutiny of visual design modelling: VCL up against UML+OCL <br/> <br/>Author, co-author: Amalio, Nuno; Briand, Lionel; Kelsen, Pierre <br/> <br/>Abstract: The graphical nature of prominent modelling notations, such as the standards UML and SysML, enables them to tap into the cognitive benefits of diagrams. However, these notations hardly exploit the cognitive potential of diagrams and are only partially graphical with invariants and operations being expressed textually. The Visual Contract Language (VCL) aims at improving visual modelling; it tries to (a) maximise diagrammatic cognitive effectiveness, (b) increase visual expressivity, and (c) level of rigour and formality. It is an alternative to UML that does largely pictorially what is traditionally done textually. The paper presents the results of a controlled experiment carried out four times in different academic settings and involving 43 participants, which compares VCL against UML and OCL and whose goal is to provide insight on benefits and limitations of visual modelling. The paper’s hypotheses are evaluated using a crossover design with the following tasks: (i) modelling of state space, invariants and operations, (ii) comprehension of modelled problem, (iii) detection of model defects and (iv) comprehension of a given model. Although visual approaches have been used and advocated for decades, this is the first empirical investigation looking into the effects of graphical expression of invariants and operations on modelling and model usage tasks. Results suggest VCL benefits in defect detection, model comprehension, and modelling of operations, providing some empirical evidence on the benefits of graphical software design. Thu, 23 Jan 2020 16:35:14 GMT http://hdl.handle.net/10993/41994 Title: Alzette: A 64-bit ARX-box <br/> <br/>Author, co-author: Beierle, Christof; Biryukov, Alex; Cardoso Dos Santos, Luan; Groszschädl, Johann; Perrin, Léo Paul; Udovenko, Aleksei; Velichkov, Vesselin; Wang, Qingju <br/> <br/>Abstract: S-boxes are the only source of non-linearity in many symmetric primitives. While they are often defined as being functions operating on a small space, some recent designs propose the use of much larger ones (e.g., 32 bits). In this context, an S-box is then defined as a subfunction whose cryptographic properties can be estimated precisely. In this paper, we present a 64-bit ARX-based S-box called Alzette, which can be evaluated in constant time using only 12 instructions on modern CPUs. Its parallel application can also leverage vector (SIMD) instructions. One iteration of Alzette has differential and linear properties comparable to those of the AES S-box, while two iterations are at least as secure as the AES super S-box. Since the state size is much larger than the typical 4 or 8 bits, the study of the relevant cryptographic properties of Alzette is not trivial. Thu, 23 Jan 2020 16:17:46 GMT http://hdl.handle.net/10993/41993 Title: Schwaemm and Esch: Lightweight Authenticated Encryption and Hashing using the Sparkle Permutation Family <br/> <br/>Author, co-author: Beierle, Christof; Biryukov, Alex; Cardoso Dos Santos, Luan; Groszschädl, Johann; Perrin, Léo Paul; Udovenko, Aleksei; Velichkov, Vesselin; Wang, Qingju Thu, 23 Jan 2020 16:12:01 GMT http://hdl.handle.net/10993/41992 Title: In-The-Field Monitoring of Functional Calls: Is It Feasible? <br/> <br/>Author, co-author: Cornejo Olivares, Oscar Eduardo; Briola, Daniela; Micucci, Daniela; Mariani, Leonardo Thu, 23 Jan 2020 15:50:33 GMT http://hdl.handle.net/10993/41991 Title: BlockPGP: A Blockchain-based Framework for PGP Key Servers <br/> <br/>Author, co-author: Yakubov, Alexander; Shbair, Wazen; Khan, Nida; State, Radu; Medinger, Christophe; Hilger, Jean <br/> <br/>Abstract: Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards offering end-to-end encryption for email messages and other sensitive information exchange. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. PGP implements asymmetric encryption with certificates shared through a network of PGP key servers. In this paper, we propose a new PGP management framework with the key servers infrastructure implemented using blockchain technology. Our approach offers fast propagation of certificate revocation among PGP key servers and elimination of man-in-the-middle risks. It also grants users the required access control to update their own PGP certificates, which is not the case with the current PGP key servers. A prototype has been implemented using Ethereum blockchain and an open source key server, named Hockeypuck. Finally, we evaluated the prototype with extensive experiments. Our results show that our solution is practical and it could be integrated with the existing public PGP key servers infrastructure. Thu, 23 Jan 2020 15:06:14 GMT http://hdl.handle.net/10993/41967 Title: On Identifying and Explaining Similarities in Android Apps <br/> <br/>Author, co-author: Li, Li; Bissyande, Tegawendé François D Assise; Wang, Haoyu; Klein, Jacques Thu, 23 Jan 2020 09:08:58 GMT http://hdl.handle.net/10993/41965 Title: Rebooting Research on Detecting Repackaged Android Apps: Literature Review and Benchmark <br/> <br/>Author, co-author: Li, Li; Bissyande, Tegawendé François D Assise; Klein, Jacques Thu, 23 Jan 2020 09:03:43 GMT http://hdl.handle.net/10993/41962 Title: Assessing the Generalizability of code2vec Token Embeddings <br/> <br/>Author, co-author: Kang, Hong Jin; Bissyande, Tegawendé François D Assise; David, Lo <br/> <br/>Abstract: Many Natural Language Processing (NLP) tasks, such as sentiment analysis or syntactic parsing, have benefited from the development of word embedding models. In particular, regardless of the training algorithms, the learned embeddings have often been shown to be generalizable to different NLP tasks. In contrast, despite recent momentum on word embeddings for source code, the literature lacks evidence of their generalizability beyond the example task they have been trained for. In this experience paper, we identify 3 potential downstream tasks, namely code comments generation, code authorship identification, and code clones detection, that source code token embedding models can be applied to. We empirically assess a recently proposed code token embedding model, namely code2vec’s token embeddings. Code2vec was trained on the task of predicting method names, and while there is potential for using the vectors it learns on other tasks, it has not been explored in literature. Therefore, we fill this gap by focusing on its generalizability for the tasks we have identified. Eventually, we show that source code token embeddings cannot be readily leveraged for the downstream tasks. Our experiments even show that our attempts to use them do not result in any improvements over less sophisticated methods. We call for more research into effective and general use of code embeddings. Thu, 23 Jan 2020 08:54:12 GMT http://hdl.handle.net/10993/41956 Title: Handling duplicates in Dockerfiles families: Learning from experts <br/> <br/>Author, co-author: Oumaziz, Mohamed; Falleri, Jean-Rémy; Blanc, Xavier; Bissyande, Tegawendé François D Assise; Klein, Jacques Thu, 23 Jan 2020 08:33:46 GMT http://hdl.handle.net/10993/41905 Title: A Real-Time Approach for Chance-Constrained Motion Planning with Dynamic Obstacles <br/> <br/>Author, co-author: Castillo Lopez, Manuel; Ludivig, Philippe; Sajadi-Alamdari, Seyed Amin; Sanchez Lopez, Jose Luis; Olivares Mendez, Miguel Angel; Voos, Holger <br/> <br/>Abstract: Uncertain dynamic obstacles, such as pedestrians or vehicles, pose a major challenge for optimal robot navigation with safety guarantees. Previous work on motion planning has followed two main strategies to provide a safe bound on an obstacle's space: a polyhedron, such as a cuboid, or a nonlinear differentiable surface, such as an ellipsoid. The former approach relies on disjunctive programming, which has a relatively high computational cost that grows exponentially with the number of obstacles. The latter approach needs to be linearized locally to find a tractable evaluation of the chance constraints, which dramatically reduces the remaining free space and leads to over-conservative trajectories or even unfeasibility. In this work, we present a hybrid approach that eludes the pitfalls of both strategies while maintaining the original safety guarantees. The key idea consists in obtaining a safe differentiable approximation for the disjunctive chance constraints bounding the obstacles. The resulting nonlinear optimization problem is free of chance constraint linearization and disjunctive programming, and therefore, it can be efficiently solved to meet fast real-time requirements with multiple obstacles. We validate our approach through mathematical proof, simulation and real experiments with an aerial robot using nonlinear model predictive control to avoid pedestrians. <br/> <br/>Commentary: This paper has been accepted for publication in the IEEE Robotics and Automation Letters. Please cite the paper as: M. Castillo-Lopez, P. Ludivig, S. A. Sajadi-Alamdari, J. L. Sanchez-Lopez, M. A. Olivares-Mendez, H. Voos, "A Real-Time Approach for Chance-Constrained Motion Planning with Dynamic Obstacles", IEEE Robotics and Automation Letters (RA-L), 2020. Wed, 22 Jan 2020 14:08:19 GMT http://hdl.handle.net/10993/41904 Title: 7th International Workshop on Self-Optimisation in Autonomic and Organic Computing Systems <br/> <br/>Author, co-author: Botev, Jean; Stein, Anthony; Tomforde, Sven Wed, 22 Jan 2020 14:03:42 GMT http://hdl.handle.net/10993/41902 Title: Mixed Reality - Potential and Pitfalls for Representing History <br/> <br/>Author, co-author: Botev, Jean Wed, 22 Jan 2020 13:51:07 GMT http://hdl.handle.net/10993/41900 Title: Contingent Payments on a Public Ledger: Models and Reductions for Automated Verification. <br/> <br/>Author, co-author: Bursuc, Sergiu; Kremer, Steve Wed, 22 Jan 2020 12:41:26 GMT http://hdl.handle.net/10993/41899 Title: Private Votes on Untrusted Platforms: Models, Attacks and Provable Scheme <br/> <br/>Author, co-author: Bursuc, Sergiu; Dragan, Constantin-Catalin; Kremer, Steve Wed, 22 Jan 2020 12:37:48 GMT http://hdl.handle.net/10993/41882 Title: Markov Chain Monte Carlo and the Application to Geodetic Time Series Analysis <br/> <br/>Author, co-author: Olivares Pulido, German; Teferle, Felix Norman; Hunegnaw, Addisu <br/> <br/>Abstract: The time evolution of geophysical phenomena can be characterised by stochastic time series. The stochastic nature of the signal stems from the geophysical phenomena involved and any noise, which may be due to, e.g., un-modelled effects or measurement errors. Until the 1990's, it was usually assumed that white noise could fully characterise this noise. However, this was demonstrated to be not the case and it was proven that this assumption leads to underestimated uncertainties of the geophysical parameters inferred from the geodetic time series. Therefore, in order to fully quantify all the uncertainties as robustly as possible, it is imperative to estimate not only the deterministic but also the stochastic parameters of the time series. In this regard, the Markov Chain Monte Carlo (MCMC) method can provide a sample of the distribution function of all parameters, including those regarding the noise, e.g., spectral index and amplitudes. After presenting the MCMC method and its implementation in our MCMC software we apply it to synthetic and real time series and perform a cross-evaluation using Maximum Likelihood Estimation (MLE) as implemented in the CATS software. Several examples as to how the MCMC method performs as a parameter estimation method for geodetic time series are given in this chapter. These include the applications to GPS position time series, superconducting gravity time series and monthly mean sea level (MSL) records, which all show very different stochastic properties. The impact of the estimated parameter uncertainties on sub-sequentially derived products is briefly demonstrated for the case of plate motion models. Finally, the MCMC results for weekly downsampled versions of the benchmark synthetic GNSS time series as provided in Chapter 2 are presented separately in an appendix. Wed, 22 Jan 2020 09:25:15 GMT http://hdl.handle.net/10993/41864 Title: Transparency by Design in Data-Informed Research: a Collection of Information Design Patterns <br/> <br/>Author, co-author: Rossi, Arianna; Lenzini, Gabriele <br/> <br/>Abstract: Oftentimes information disclosures describing personal data-gathering research activities are so poorly designed that participants fail to be informed and blindly agree to the terms, without grasping the rights they can exercise and the risks derived from their cooperation. To respond to the challenge, this article presents a series of operational strategies for transparent communication in line with legal-ethical requirements. These "transparency-enhancing design patterns" can be implemented by data controllers/researchers to maximize the clarity, navigability, and noticeability of the information provided and ultimately empower data subjects/research subjects to appreciate and determine the permissible use of their data. Tue, 21 Jan 2020 21:09:13 GMT http://hdl.handle.net/10993/41863 Title: Making the Case for Evidence-based Standardization of Data Privacy and Data Protection Visual Indicators <br/> <br/>Author, co-author: Rossi, Arianna; Lenzini, Gabriele <br/> <br/>Abstract: Lately, icons have witnessed a growing wave of interest in the view of enhancing transparency and clarity of data processing practices in mandated disclosures. Although benefits in terms of comprehensibility, noticeability, navigability of the information and user’s attention and memorization can be expected, they should also be supported by decisive empirical evidence about the efficacy of the icons in specific contexts. Misrepresentation, oversimplification, and improper salience of certain aspects over others are omnipresent risks that can drive data subjects to wrong conclusions. Cross-domain and international standardization of visual means also poses a serious challenge: if on the one hand developing standards is necessary to ensure widespread recognition and comprehension, each domain and application presents unique features that can be hardly established, and imposed, in a top-down manner. This article critically discusses the above issues and identifies relevant open questions for scientific research. It also provides concrete examples and practical suggestions for researchers and practitioners that aim to implement transparency-enhancing icons in the spirit of the General Data Protection Regulation (GDPR). Tue, 21 Jan 2020 20:52:05 GMT http://hdl.handle.net/10993/41862 Title: Which Properties has an Icon? A Critical Discussion on Evaluation Methods for Standardised Data Protection Iconography <br/> <br/>Author, co-author: Rossi, Arianna; Lenzini, Gabriele <br/> <br/>Abstract: Following GDPR's Article12.7's proposal to use standardized icons to inform data subject in "an easily visible, intelligible and clearly legible manner," several icon sets have been developed. In this paper, we firstly critically review some of those proposals. We then examine the properties that icons and icon sets should arguably fulfill according to Art.12's transparency provisions. Lastly, we discuss metrics and evaluation procedures to measure compliance with the Article. Tue, 21 Jan 2020 20:44:27 GMT http://hdl.handle.net/10993/41861 Title: Software Engineering of Fault Tolerant Systems <br/> <br/>Author, co-author: Guelfi, Nicolas; Pelliccione, Patrizio; Muccini, Henry; Romanovsky, Alexander Tue, 21 Jan 2020 17:41:18 GMT http://hdl.handle.net/10993/41860 Title: Adaptive Ontology-based Web Information Retrieval: The TARGET Framework <br/> <br/>Author, co-author: Pruski, Cedric; Guelfi, Nicolas; Reynaud, Chantal <br/> <br/>Abstract: Finding relevant information on the Web is difficult for most users. Although Web search applications are improving, they must be more 'intelligent' to adapt to the search domains targeted by queries, the evolution of these domains, and users' characteristics. In this paper, the authors present the TARGET framework for Web Information Retrieval. The proposed approach relies on the use of ontologies of a particular nature, called adaptive ontologies, for representing both the search domain and a user's profile. Unlike existing approaches on ontologies, the authors make adaptive ontologies adapt semi-automatically to the evolution of the modeled domain. The ontologies and their properties are exploited for domain specific Web search purposes. The authors propose graph-based data structures for enriching Web data in semantics, as well as define an automatic query expansion technique to adapt a query to users' real needs. The enriched query is evaluated on the previously defined graph-based data structures representing a set of Web pages returned by a usual search engine in order to extract the most relevant information according to user needs. The overall TARGET framework is formalized using first-order logic and fully tool supported. Tue, 21 Jan 2020 17:37:50 GMT