Javier Fernández Briones

Integration of safety analysis in model-driven software development

Safety critical software requires integrating verification techniques in software development methods. Software architectures must guarantee that developed systems will meet safety requirements and safety analyses are frequently used in the assessment. Safety engineers and software architects must reach a common understanding on an optimal architecture from both perspectives. Currently both groups of engineers apply different modelling techniques and languages: safety analysis models and software modelling languages. The solutions proposed seek to integrate both domains coupling the languages of each domain. It constitutes a sound example of the use of language engineering to improve efficiency in a software-related domain. A model-driven development approach and the use of a platform-independent language are used to bridge the gap between safety analyses (failure mode effects and criticality analysis and fault tree analysis) and software development languages (e.g. unified modelling language). Language abstract syntaxes (metamodels), profiles, language mappings (model transformations) and language refinements, support the direct application of safety analysis to software architectures for the verification of safety requirements. Model consistency and the possibility of automation are found among the benefits.

Quality of Service Composition and Adaptability of Software Architectures

Quality of service adaptability refers to the ability of components/services to adapt in run-time the quality exhibited. A composition study from a quality point of view would investigate how these adaptable elements could be combined to meet system’s quality requirements. Enclosing quality properties with architectural models has been typically used to improve system understanding. Nevertheless these properties along with some supplementary information about quality adaptation would allow us to carry out a composition study during the design phase and even to predict some features of the adaptability behavior of the system. Existing modeling languages and tools lack enough mechanisms to cope with adaptability, e.g. to describe system elements that may offer/require several quality levels. This paper shows how we reuse existing modeling languages and tools, combine them and create new ones to tackle the problem of quality of service adaptability and composition. The final goal of this work is to evaluate architectural models to predict system’s QoS behavior before it is implemented.

Application of safety analyses in model driven development

Some high integrity software systems require the rigorous validation of safety properties. Assessing whether software architectures are able to meet these requirements is of great interest: to avoid the risk that the implementation does not fulfill requirements due to a bad design, and, to reduce the development cost of safety critical parts of the system. Safety analyses like FMECA and FTA are two methods used during preliminary safety assessments. We have implemented tools to automatically generate safety analyses from the models of the architecture: a UML profile for safety, modeling languages to express safety analyses, and a model transformation chain. Safety analysts can use these tools to annotate the models, analyze the architecture, and recommend system engineers mitigation means to apply for improving the architecture.

Domain-Specific multi-modeling of security concerns in service-oriented architectures

As a common reference for many in-development standards and execution frameworks, special attention is being paid to Service-Oriented Architectures. SOAs modeling, however, is an area in which a consensus has not being achieved. Currently, standardization organizations are defining proposals to offer a solution to this problem. Nevertheless, until very recently, non-functional aspects of services have not been considered for standardization processes. In particular, there exists a lack of a design solution that permits an independent development of the functional and non-functional concerns of SOAs, allowing that each concern be addressed in a convenient manner in early stages of the development, in a way that could guarantee the quality of this type of systems. This paper, leveraging on previous work, presents an approach to integrate security-related non-functional aspects (such as confidentiality, integrity, and access control) in the development of services.

Model-Driven Development of a Web Service-Oriented Architecture and Security Policies

Applying model-driven development methodologies provide inherent benefits such as increased productivity, greater reuse, and better maintainability, to name a few. Efforts on achieving model-driven development of web services already exist. However, there is currently no complete solution that addresses non-functional aspects of these services as well. This paper presents an ongoing work which seeks to integrate these non-functional aspects in the development of web services, with a clear emphasis on security.

On the Requirements for Quality Composability Modeling and Analysis

Real-time, embedded and safety-critical systems have to meet some quality criteria in order to provide certain reliance on its operation. The quality of a system depends on the complex composition of the quality of its subsystems. Quality composability depends on matchmaking the provided and required quality specifications. To allow for flexibility during the system design, we study composability as a configuration problem. We allow options of quality specifications to represent design choices, deployment choices, operation modes or component adaptability. This kind of assessments of system architectures is very important e.g., for COTS development. The contributions of this paper are: to study the modeling requirements to model composability analysis, to compare two modeling approaches, and to show how a model-driven environment can leverage composability assessments. The two modeling approaches, QoS-FT + OCL and MARTE + VSL, are used to attach quality specifications to system models. However, our ultimate goal is to evaluate these specifications, and we have implemented tool-support to evaluate composability using constraint satisfaction techniques.

Model Based Development of Quality-Aware Software Services

Modelling languages and development frameworks give support for functional and structural description of software architectures. But quality-aware applications require languages which allow expressing QoS as a first-class concept during architecture design and service composition, and to extend existing tools and infrastructures adding support for modelling, evaluating, managing and monitoring QoS aspects. In addition to its functional behaviour and internal structure, the developer of each service must consider the fulfilment of its quality requirements. If the service is flexible, the output quality depends both on input quality and available resources (e.g., amounts of CPU execution time and memory). From the software engineering point of view, modelling of quality-aware requirements and architectures require modelling support for the description of quality concepts, support for the analysis of quality properties (e.g. model checking and consistencies of quality constraints, assembly of quality), tool support for the transition from quality requirements to quality-aware architectures, and from quality-aware architecture to service run-time infrastructures. Quality management in run-time service infrastructures must give support for handling quality concepts dynamically. QoS-aware modeling frameworks and QoS-aware runtime management infrastructures require a common evolution to get their integration.

Modeling Quality of Service Adaptability

Quality of service adaptability refers to the ability of services (or components) to adapt the quality exhibited during run-time, or to the faculty of architectural models to show that several alternatives concerning quality could be implemented. Enclosing quality properties with architectural models has been typically used to improve system understanding. Nevertheless, these properties can also be used to compose subsystems whose quality can be adapted or/and to predict the behavior of the run-time adaptability. Existing software modeling languages lack enough mechanisms to cope with adaptability, e.g. to describe software elements that may offer/require several quality levels. This paper presents concepts that such a language needs to include to model quality-adaptable systems, and how we use those concepts to compose and analyze software architectures.

Model based integration of safety analysis and development

The development of safety critical software applications has always been done in accordance to strict methods. These systems require the application of verification techniques that guarantee safety properties. Often, they are complex systems that require the integration of different types of engineers such as safety engineers and software architects. Currently, different groups of engineers apply different analysis and modeling techniques (e.g. architectural description languages, and safety analysis models); these differences create inconsistencies between different types of model. In this paper we introduce some solutions to reduce these problems in some safety architectures. These solutions integrate developing modeling languages such as UML and specific safety analysis languages such as FTA and FMECA