Results 201-220 of 249.
Bookmark and Share    
Full Text
Peer Reviewed
See detailA Native Versioning Concept to Support Historized Models at Runtime
Hartmann, Thomas UL; Fouquet, François UL; Nain, Grégory UL et al

in Dingel, Juergen; Schulte, Wolfram; Ramos, Isidro (Eds.) et al Model-Driven Engineering Languages and Systems - 17th International Conference, MODELS 2014, Valencia, Spain, September 28 - October 3, 2014. Proceedings (2014)

Models@run.time provides semantically rich reflection layers enabling intelligent systems to reason about themselves and their surrounding context. Most reasoning processes require not only to explore the ... [more ▼]

Models@run.time provides semantically rich reflection layers enabling intelligent systems to reason about themselves and their surrounding context. Most reasoning processes require not only to explore the current state, but also the past history to take sustainable decisions e.g. to avoid oscillating between states. Models@run.time and model-driven engineering in general lack native mechanisms to efficiently support the notion of history, and current approaches usually generate redundant data when versioning models, which reasoners need to navigate. Because of this limitation, models fail in providing suitable and sustainable abstractions to deal with domains relying on history-aware reasoning. This paper tackles this issue by considering history as a native concept for modeling foundations. Integrated, in conjunction with lazy load/storage techniques, into the Kevoree Modeling Framework, we demonstrate onto a smart grid case study, that this mechanisms enable a sustainable reasoning about massive historized models. [less ▲]

Detailed reference viewed: 262 (28 UL)
Full Text
Peer Reviewed
See detailAdvances in Model-Driven Security
Lucio, Levi; Zhang, Qin UL; Nguyen, Phu Hong UL et al

in Memon, Atif (Ed.) Advances in Computers (2014)

Sound methodologies for constructing security-critical systems are extremely important in order to confront the increasingly varied security threats. As a response to this need, Model-Driven Security has ... [more ▼]

Sound methodologies for constructing security-critical systems are extremely important in order to confront the increasingly varied security threats. As a response to this need, Model-Driven Security has emerged in the early 2000s as a specialized Model-Driven Engineering approach for supporting the development of security-critical systems. In this chapter we summarize the most important developments of Model-Driven Security during the past decade. In order to do so we start by building a taxonomy of the most important concepts of this domain. We then use our taxonomy to describe and evaluate a set of representative and influential Model-Driven Security approaches in the literature. In our development of this topic we concentrate on the concepts shared by Model-Driven Engineering and Model-Driven Security. This allows us to identify and debate the advantages, disadvantages and open issues when applying Model-Driven Engineering to the Information Security domain. This chapter provides a broad view of Model-Driven Security and is intended as an introduction to Model-Driven Security for students, researchers and practitioners. [less ▲]

Detailed reference viewed: 404 (24 UL)
Full Text
Peer Reviewed
See detailConviviality-Driven Access Control Policy
El Kateb, Donia UL; Zannone, Nicola; Moawad, Assaad UL et al

in Requirements Engineering (2014)

Detailed reference viewed: 238 (56 UL)
Full Text
Peer Reviewed
See detailThe NOAH Project: Giving a Chance to Threatened Species in Africa with UAVs
Olivares Mendez, Miguel Angel UL; Bissyandé, Tegawendé; Somasundar, Kannan et al

in Bissyandé, Tegawendé F.; van Stam, Gertjan (Eds.) e-Infrastructure and e-Services for Developing Countries (2014)

Organized crime now targets one of the most precious wealth in Africa, the wild life. The most affected by the poaching are the Big 5, whose survival requires attention and efforts from everyone, in ... [more ▼]

Organized crime now targets one of the most precious wealth in Africa, the wild life. The most affected by the poaching are the Big 5, whose survival requires attention and efforts from everyone, in accordance to his own expertise. Just as Noah (A patriarchal character in Abrahamic religions) was tasked to save every species from the Genesis flood, we envision the NOAH Project to (re)make natural parks as a safe haven. This endeavor requires efficient and effective surveillance which is now facilitated by the use of UAVs. We take this approach further by proposing the use of ICT algorithms to automate surveillance. The proposed intelligent system could inspect a bigger area, recognize potential threats and be manage by non-expert users, reducing the expensive resources that are needed by developing countries to address the problem. [less ▲]

Detailed reference viewed: 257 (12 UL)
Full Text
Peer Reviewed
See detailCoverage-based Test Cases Selection for XACML Policies
Bertolino, Antonia; Le Traon, Yves UL; Lonetti, Francesca et al

in IEEE International Conference on Software Testing Verification and Validation Workshops (2014)

XACML is the de facto standard for implementing access control policies. Testing the correctness of policies is a critical task. The test of XACML policies involves running requests and checking manually ... [more ▼]

XACML is the de facto standard for implementing access control policies. Testing the correctness of policies is a critical task. The test of XACML policies involves running requests and checking manually the correct response. It is therefore important to reduce the manual test effort by automatically selecting the most important requests to be tested. This paper introduces the XACML smart coverage selection approach, based on a proposed XACML policy coverage criterion. The approach is evaluated using mutation analysis and is compared on the one side with a not-reduced test suite, on the other with random and greedy optimal test selection approaches. We performed the evaluation on a set of six real world policies. The results show that our selection approach can reach good mutation scores, while significantly reducing the number of tests to be run. [less ▲]

Detailed reference viewed: 143 (1 UL)
Full Text
Peer Reviewed
See detailA Survey of Formal Verification Techniques for Model Transformations: A Tridimensional Classification
Amrani, Moussa UL; Lúcio, Lévi; Selim, Gehan et al

in Journal of Technology (2014)

Detailed reference viewed: 256 (8 UL)
Full Text
Peer Reviewed
See detailModel-based testing of global properties on large-scale distributed systems
Sunyé, G.; De Almeida, E. C.; Le Traon, Yves UL et al

in Information and Software Technology (2014), 56(7), 749-762

Context Large-scale distributed systems are becoming commonplace with the large popularity of peer-to-peer and cloud computing. The increasing importance of these systems contrasts with the lack of ... [more ▼]

Context Large-scale distributed systems are becoming commonplace with the large popularity of peer-to-peer and cloud computing. The increasing importance of these systems contrasts with the lack of integrated solutions to build trustworthy software. A key concern of any large-scale distributed system is the validation of global properties, which cannot be evaluated on a single node. Thus, it is necessary to gather data from distributed nodes and to aggregate these data into a global view. This turns out to be very challenging because of the system's dynamism that imposes very frequent changes in local values that affect global properties. This implies that the global view has to be frequently updated to ensure an accurate validation of global properties. Objective In this paper, we present a model-based approach to define a dynamic oracle for checking global properties. Our objective is to abstract relevant aspects of such systems into models. These models are updated at runtime, by monitoring the corresponding distributed system. Method We conduce real-scale experimental validation to evaluate the ability of our approach to check global properties. In this validation, we apply our approach to test two open-source implementations of distributed hash tables. The experiments are deployed on two clusters of 32 nodes. Results The experiments reveal an important defect on one implementation and show clear performance differences between the two implementations. The defect would not be detected without a global view of the system. Conclusion Testing global properties on distributed software consists of gathering data from different nodes and building a global view of the system, where properties are validated. This process requires a distributed test architecture and tools for representing and validating global properties. Model-based techniques are an expressive mean for building oracles that validate global properties on distributed systems. © 2014 Elsevier B.V. All rights reserved. [less ▲]

Detailed reference viewed: 148 (1 UL)
Full Text
Peer Reviewed
See detailInformation Dependencies in MCS: Conviviality-Based Model and Metrics
Caire, Patrice UL; Bikakis, Antonis; Le Traon, Yves UL

in 16th INTERNATIONAL CONFERENCE ON PRINCIPLES AND PRACTICE OF MULTI-AGENT SYSTEMS (PRIMA 2013) (2013, December 01)

Detailed reference viewed: 167 (8 UL)
Full Text
Peer Reviewed
See detailA Systematic Review of Model-Driven Security
Nguyen, Phu Hong UL; Klein, Jacques UL; Kramer, Max et al

in The 20th Asia-Pacific Software Engineering Conference Proceedings (2013, December)

To face continuously growing security threats and requirements, sound methodologies for constructing secure systems are required. In this context, Model-Driven Security (MDS) has emerged since more than a ... [more ▼]

To face continuously growing security threats and requirements, sound methodologies for constructing secure systems are required. In this context, Model-Driven Security (MDS) has emerged since more than a decade ago as a specialized Model-Driven Engineering approach for supporting the development of secure systems. MDS aims at improving the productivity of the development process and quality of the resulting secure systems, with models as the main artifact. This paper presents how we systematically examined existing published work in MDS and its results. The systematic review process, which is based on a formally designed review protocol, allowed us to identify, classify, and evaluate different MDS approaches. To be more specific, from thousands of relevant papers found, a final set of the most relevant MDS publications has been identified, strictly selected, and reviewed. We present a taxonomy for MDS, which is used to synthesize data in order to classify and evaluate the selected MDS approaches. The results draw a wide picture of existing MDS research showing the current status of the key aspects in MDS as well as the identified most relevant MDS approaches.We discuss the main limitations of the existing MDS approaches and suggest some potential research directions based on these insights. [less ▲]

Detailed reference viewed: 302 (13 UL)
Full Text
Peer Reviewed
See detailGot Issues? Who Cares About It? A Large Scale Investigation of Issue Trackers from GitHub
Bissyande, Tegawendé François D Assise UL; Lo, David; Jiang, Lingxiao et al

in Proceedings of the 24th International Symposium on Software Reliability Engineering (ISSRE 2013) (2013, November)

Detailed reference viewed: 194 (9 UL)
Full Text
Peer Reviewed
See detailA Rule-based Contextual Reasoning Platform for Ambient Intelligence environments
Moawad, Assaad UL; Bikakis, Antonis; Caire, Patrice UL et al

in Theory, Practice, and Applications of Rules on the Web (2013, July 01)

The special characteristics and requirements of intelligent environments impose several challenges to the reasoning processes of Ambient Intelligence systems. Such systems must enable heterogeneous ... [more ▼]

The special characteristics and requirements of intelligent environments impose several challenges to the reasoning processes of Ambient Intelligence systems. Such systems must enable heterogeneous entities operating in open and dynamic environments to collectively rea- son with imperfect context information. Previously we introduced Con- textual Defeasible Logic (CDL) as a contextual reasoning model that addresses most of these challenges using the concepts of context, map- pings and contextual preferences. In this paper, we present a platform integrating CDL with Kevoree, a component-based software framework for Dynamically Adaptive Systems. We explain how the capabilities of Kevoree are exploited to overcome several technical issues, such as com- munication, information exchange and detection, and explain how the reasoning methods may be further extended. We illustrate our approach with a running example from Ambient Assisted Living. [less ▲]

Detailed reference viewed: 165 (13 UL)
Full Text
Peer Reviewed
See detailR-CoRe: A Rule-based Contextual Reasoning Platform for AmI
Moawad, Assaad UL; Bikakis, Antonis; Caire, Patrice UL et al

in Joint Proceedings of the 7th International Rule Challenge, the Special Track on Human Language Technology and the 3rd RuleML Doctoral Consortium hosted at the 8th International Symposium on Rules (RuleML2013) (2013, July)

In this paper we present R-CoRe; a rule-based contextual reasoning platform for Ambient Intelligence environments. R-CoRe integrates Contextual Defeasible Logic (CDL) and Kevoree, a component-based ... [more ▼]

In this paper we present R-CoRe; a rule-based contextual reasoning platform for Ambient Intelligence environments. R-CoRe integrates Contextual Defeasible Logic (CDL) and Kevoree, a component-based software platform for Dynamically Adaptive Systems. Previously, we explained how this integration enables to overcome several reasoning and technical issues that arise from the imperfect nature of context knowledge, the open and dynamic nature of Ambient Intelligence environments, and the restrictions of wireless communications. Here, we focus more on technical aspects related to the architecture of R-Core, and demonstrate its use in Ambient Assisted Living. [less ▲]

Detailed reference viewed: 149 (7 UL)
Full Text
See detailHighly precise taint analysis for Android applications
Fritz, Christian; Arzt, Steven; Rasthofer, Siegfried et al

Report (2013)

Today’s smart phones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by malicious apps that exploit their given privileges to steal such sensitive ... [more ▼]

Today’s smart phones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by malicious apps that exploit their given privileges to steal such sensitive data, or to track users without their consent or even the users noticing. Dynamic program analyses fail to discover such malicious activity because apps have learned to recognize the analyses as they execute. In this work we present FlowDroid, a novel and highly precise taint analysis for Android applications. A precise model of Android’s lifecycle allows the analysis to properly handle callbacks, while context, flow, field and objectsensitivity allows the analysis to track taints with a degree of precision unheard of from previous Android analyses. We also propose DroidBench, an open test suite for evaluating the e↵ectiveness and accuracy of taint-analysis tools specifically for Android apps. As we show through a set of experiments using SecuriBench Micro, DroidBench and a set of well-known Android test applications, our approach finds a very high fraction of data leaks while keeping the rate of false positives low. On DroidBench, our approach achieves 93% recall and 86% precision, greatly outperforming the commercial tools AppScan Source and Fortify SCA. [less ▲]

Detailed reference viewed: 116 (1 UL)
Full Text
Peer Reviewed
See detailModel-Driven Adaptive Delegation
Nguyen, Phu Hong UL; Nain, Grégory UL; Klein, Jacques UL et al

in Masuhara, Hidehiko; Chiba, Sigeru; Ubayashi, Naoyasu (Eds.) Proceedings of the 12th annual international conference companion on Aspect-oriented software development (2013, March)

Model-Driven Security is a specialization of Model-Driven Engineering (MDE) that focuses on making security models productive, i.e., enforceable in the final deployment. Among the variety of models that ... [more ▼]

Model-Driven Security is a specialization of Model-Driven Engineering (MDE) that focuses on making security models productive, i.e., enforceable in the final deployment. Among the variety of models that have been studied in a MDE perspective, one can mention access control models that specify the access rights. So far, these models mainly focus on static definitions of access control policies, without taking into account the more complex, but essential, delegation of rights mechanism. User delegation is a meta-level mechanism for administrating access rights, which allows a user without any specific administrative privileges to delegate his/her access rights to another user. This paper analyses the main hard-points for introducing various delegation semantics in model-driven security and proposes a model-driven framework for 1) specifying access control, delegation and the business logic as separate concerns; 2) dynamically enforcing/weaving access control policies with various delegation features into security-critical systems; and 3) providing a flexibly dynamic adaptation strategy. We demonstrate the feasibility and effectiveness of our proposed solution through the proof-of-concept implementations of different systems. [less ▲]

Detailed reference viewed: 207 (15 UL)
Full Text
Peer Reviewed
See detailMutation Testing Strategies using Mutant Classification
Papadakis, Mike UL; Le Traon, Yves UL

in Abstract book of 28th Symposium On Applied Computing (2013)

Detailed reference viewed: 207 (5 UL)
Full Text
Peer Reviewed
See detailA PEP-PDP Architecture to Monitor and Enforce Security Policies in Java Applications
Elrakaiby, Yehia; Le Traon, Yves UL

in 2013 International Conference on Availability, Reliability and Security (2013)

Security of Java-based applications is crucial to many businesses today. In this paper, we propose an approach to completely automate the generation of a security architecture inside of a target Java ... [more ▼]

Security of Java-based applications is crucial to many businesses today. In this paper, we propose an approach to completely automate the generation of a security architecture inside of a target Java application where advanced security policies can be enforced. Our approach combines the use of Aspect-Oriented Programming with the Policy Enforcement Point (PEP) - Policy Decision Point (PDP) paradigm and allows the runtime update of policies. [less ▲]

Detailed reference viewed: 146 (0 UL)
Full Text
Peer Reviewed
See detailAssessing Software Product Line Testing Via Model-Based Mutation: An Application to Similarity Testing
Henard, Christopher UL; Papadakis, Mike UL; Perrouin, Gilles UL et al

in 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation, Workshops Proceedings, Luxembourg, Luxembourg, March 18-22, 2013 (2013)

Detailed reference viewed: 200 (13 UL)
Full Text
Peer Reviewed
See detailMulti-objective test generation for software product lines
Henard, Christopher UL; Papadakis, Mike UL; Perrouin, Gilles UL et al

in 17th International Software Product Line Conference, SPLC 2013, Tokyo, Japan - August 26 - 30, 2013 (2013)

Detailed reference viewed: 166 (13 UL)
Full Text
Peer Reviewed
See detailTowards automated testing and fixing of re-engineered feature models
Henard, Christopher UL; Papadakis, Mike UL; Perrouin, Gilles UL et al

in Proceedings of the 2013 International Conference on Software Engineering (2013)

Detailed reference viewed: 1029 (8 UL)
Full Text
Peer Reviewed
See detailProteum/FL: A tool for localizing faults using mutation analysis.
Papadakis, Mike UL; Delamaro, Eduardo Márcio; Le Traon, Yves UL

in International Working Conference on Source Code Analysis and Manipulation (2013)

Detailed reference viewed: 137 (4 UL)