Stefan Sobernig

Modeling and enforcing secure object flows in process-driven SOAs: an integrated model-driven approach

In this paper, we present an integrated model-driven approach for the specification and the enforcement of secure object flows in process-driven service-oriented architectures (SOA). In this context, a secure object flow ensures the confidentiality and the integrity of important objects (such as business contracts or electronic patient records) that are passed between different participants in SOA-based business processes. We specify a formal and generic metamodel for secure object flows that can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a UML extension for secure object flows. Moreover, we describe how platform-independent models are mapped to platform-specific software artifacts via automated model transformations. In addition, we give a detailed description of how we integrated our approach with the Eclipse modeling tools.

Towards Living Inter-organizational Processes

Business Process Management (BPM) has gained significant adoption in practice for enabling organizations to increase their effectiveness, efficiency, and flexibility. This broad adoption has not only been fostered by a rich and well-established theory to model, analyze, simulate, and enact business processes, but also by internationally accepted standards and mature technologies. Caused by the ever increasing speed and volatility of markets and the dynamics of new technologies, such as cloud infrastructures and mobile communications, we face a new generation of business processes, which we refer to as living inter-organizational processes. Such processes are not in control of one single organization, instead, they are enacted by multiple organizations, where no participating party possesses full control over the entire process. Such processes often involve a high number of actors that might even be unknown in advance. These actors require various degrees in participation, they are acting in heterogeneous environments. Moreover, such processes are often weakly structured or designed in an ad-hoc manner, and have to be continuously subject to evolution. Unfortunately, existing theories, methodologies, and technologies cannot cope with this challenging combination of aspects, which all have to be considered when dealing with living inter-organizational processes. The state of the art typically addresses singular aspects in isolation. However, a holistic approach to these challenges bears a tremendous potential. This paper aims to contribute towards a holistic approach to living inter-organizational processes. To this end, we describe different perspectives on inter-organizational processes and identify challenges for making them living processes.

Architectural Decision Making for Service-Based Platform Integration: A Qualitative Multi-Method Study

Nowadays the software architecture of a system is often seen as a set of design decisions providing the rationale for the system design. When designing a software architecture multiple levels of design decisions need to be considered. For example, the service-based integration of heterogeneous platforms and the development of applications on top of those integration services requires high-level as well as technology-, domain-, and application-dependent architectural decisions. In this context, we performed a series of qualitative studies following a multi-method approach. First, we conducted a systematic literature review from which we derived a pattern language for platform integration featuring 40 patterns, as well as a pattern-based architectural decision model. Then, we performed interviews with 9 platform experts from 3 companies for revising the architectural knowledge captured by the pattern language and the decision model. Finally, we participated in a case study and observed the decision-making process to validate the results further. Our observations resulted in 1) a qualitatively validated, pattern-based architectural decision model and 2) a generalized model of the different levels and stages of architectural decision making for service-based platform integration.

Extracting reusable design decisions for UML-based domain-specific languages

We conducted an extensive systematic literature review (SLR) based on 8,000+ publications for 2005-2012.We examined 90 UML-based domain-specific languages (DSLs) for their design decisions.We extracted 27 reusable design decisions and 7 characteristic DSL designs into a publicly available design-decision catalog.One third of the documented design decisions can be combined to characterize more than 60% of the reviewed DSLs. When developing domain-specific modeling languages (DSMLs), software engineers have to make a number of important design decisions on the DSML itself, or on the software-development process that is applied to develop the DSML. Thus, making well-informed design decisions is a critical factor in developing DSMLs. To support this decision-making process, the model-driven development community has started to collect established design practices in terms of patterns, guidelines, story-telling, and procedural models. However, most of these documentation practices do not capture the details necessary to reuse the rationale behind these decisions in other DSML projects. In this paper, we report on a three-year research effort to compile and to empirically validate a catalog of structured decision descriptions (decision records) for UML-based DSMLs. This catalog is based on design decisions extracted from 90 DSML projects. These projects were identified-among others-via an extensive systematic literature review (SLR) for the years 2005-2012. Based on more than 8,000 candidate publications, we finally selected 84 publications for extracting design-decision data. The extracted data were evaluated quantitatively using a frequent-item-set analysis to obtain characteristic combinations of design decisions and qualitatively to document recurring documentation issues for UML-based DSMLs. We revised the collected decision records based on this evidence and made the decision-record catalog for developing UML-based DSMLs publicly available. Furthermore, our study offers insights into UML usage (e.g. diagram types) and into the adoption of UML extension techniques (e.g. metamodel extensions, profiles).

Comparing Three Notations for Defining Scenario-based Model Tests: A Controlled Experiment

Scenarios are an established means to specify requirements for software systems. Scenario-based tests allow for validating software models against such requirements. In this paper, we consider three alternative notations to define such scenario tests on structural models: a semi structured natural-language notation, a diagrammatic notation, and a fully-structured textual notation. In particular, we performed a study to understand how these three notations compare to each other with respect to accuracy and effort of comprehending scenario-test definitions, as well as with respect to the detection of errors in the models under test. 20 software professionals (software engineers, testers, researchers) participated in a controlled experiment based on six different comprehension and maintenance tasks. For each of these tasks, questions on a scenario-test definition and on a model under test had to be answered. In an ex-post questionnaire, the participants rated each notation on a number of dimensions (e.g., practicality or scalability). Our results show that the choice of a specific scenario-test notation can affect the productivity (in terms of correctness and time-effort) when testing software models for requirements conformance. In particular, the participants of our study spent comparatively less time and completed the tasks more accurately when using the natural-language notation compared to the other two notations. Moreover, the participants of our study explicitly expressed their preference for the natural-language notation.

Requirements-Driven Testing of Domain-Specific Core Language Models Using Scenarios

In this paper, we present an approach for the scenario-based testing of the core language models of domain-specific modeling languages (DSML). The core language model is a crucial artifact in DSML development, because it captures all relevant domain abstractions and specifies the relations between these abstractions. In software engineering, scenarios are used to explore and to define (actual or intended) system behavior as well as to specify user requirements. The different steps in a requirements-level scenario can then be refined through detailed scenarios. In our approach, we use scenarios as a primary design artifact. Non-executable, human-understandable scenario descriptions can be refined into executable test scenarios. To demonstrate the applicability of our approach, we implemented a scenario-based testing framework based on the Eclipse Modeling Framework (EMF) and the Epsilon model-management toolkit.

Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models

This paper presents an approach for incorporating data integrity and data confidentiality into the model-driven development (MDD) of process-driven service-oriented architectures (SOAs) based on the OMG SoaML. Specifications for service interfaces are extended by UML activities to model invocation protocols. An invocation protocol makes the control and the object flows between service invocations explicit. Integrity and confidentiality attributes are used to annotate the object flows. The annotations serve for generating security-aware execution artefacts (e.g., interface description documents, deployment descriptors, and middleware configurations). We applied the approach prototypically in a Web Services platform environment (WS-BPEL, WSDL, WS-Security Policy).

Evolutionary Business Information Systems

This article reflects on existing and emerging future challenges arising in the area of “evolutionary business information systems”, a class of systems that demand an evolutionary software development process and which support secondary design of various conceptual layers. We place both existing contributions and future research opportunities in context by referring to an idealized, preliminary system architecture. Finally, we emphasize our pluralistic perspective on the research object and the resulting need for methodological flexibility in the sense of interdisciplinary configurations of research methods.

Comparing complexity of API designs: an exploratory experiment on DSL-based framework integration

Embedded, textual DSLs are often provided as an API wrapped around object-oriented application frameworks to ease framework integration. While literature presents claims that DSL-based application development is beneficial, empirical evidence for this is rare. We present the results of an experiment comparing the complexity of three different object-oriented framework APIs and an embedded, textual DSL. For this comparative experiment, we implemented the same, non-trivial application scenario using these four different APIs. Then, we performed an Object-Points (OP) analysis, yielding indicators for the API complexity specific to each API variant. The main observation for our experiment is that the embedded, textual DSL incurs the smallest API complexity. Although the results are exploratory, as well as limited to the given application scenario and a single embedded DSL, our findings can direct future empirical work. The experiment design is applicable for similar API design evaluations.

Building Blocks for a Smart Space for Learning^TM

This case study summarizes the demonstration of a semantic network of interoperable educational systems referred to as Smart Space for Learningtrade. We started connecting several educational nodes in projects such as Elena, Prolearn, and Icamp. Integration was achieved by using the interaction standard SQI, common schemas for querying and results presentation, and query exchange language, e.g. QEL. The paper particularly focuses on how heterogeneous nodes can be made interoperable by reusing generalizations of mediating components - building blocks for a Smart Space for Learningtrade