When models of a system change, analyses based on them have to be reevaluated in order for the results to stay meaningful. In many cases, the time to get updated analysis results is critical. This thesis proposes multiple, combinable approaches and a new formalism based on category theory for implicitly incremental model analyses and transformations. The advantages of the implementation are validated using seven case studies, partially drawn from the Transformation Tool Contest (TTC).
When models of a system change, analyses based on them have to be reevaluated in order for the results to stay meaningful. In many cases, the time to ...
Complex software systems are described with multiple artifacts, such as code, design diagrams and others. Ensuring their consistency is crucial and can be automated with transformations for pairs of artifacts. We investigate how developers can combine independently developed and reusable transformations to networks that preserve consistency between more than two artifacts. We identify synchronization, compatibility and orchestration as central challenges, and we develop approaches to solve them.
Complex software systems are described with multiple artifacts, such as code, design diagrams and others. Ensuring their consistency is crucial and ca...
IoT applications perceive and interact with the environment via smart devices and cloud services. When operating such applications one is faced with the challenge of configuring the smart devices and the cloud services in a manner, which achieves a high data quality at low operational costs. This work supports IoT operators with IoT collection strategies and cost optimization functions for data qualities, which are influenced by the interplay of smart device and cloud service configurations.
IoT applications perceive and interact with the environment via smart devices and cloud services. When operating such applications one is faced with t...
Die modellbasierte Performancevorhersage ist ein bekanntes Konzept zur Gewährleistung der Softwarequalität. Derzeitige Ansätze basieren auf einem Modell mit einer Metrik, was zu ungenauen Vorhersagen für moderne Architekturen führt. In dieser Arbeit wird ein Multi-Strategie-Ansatz zur Erweiterung von Performancevorhersagemodellen zur Unterstützung von Multicore-Architekturen vorgestellt, in Palladio implementiert und dadurch die Genauigkeit der Vorhersage deutlich verbessert. Model-based performance prediction is a well-known concept to ensure the quality of software. Current approaches...
Die modellbasierte Performancevorhersage ist ein bekanntes Konzept zur Gewährleistung der Softwarequalität. Derzeitige Ansätze basieren auf einem M...
Developing variable systems faces many challenges. Dependencies between interrelated artifacts within a product variant, such as code or diagrams, across product variants and across their revisions quickly lead to inconsistencies during evolution. This work provides a unification of common concepts and operations for variability management, identifies variability-related inconsistencies and presents an approach for view-based consistency preservation of variable systems.
Developing variable systems faces many challenges. Dependencies between interrelated artifacts within a product variant, such as code or diagrams, acr...
Software vendors must consider confidentiality especially while creating software architectures because decisions made here are hard to change later. Our approach represents and analyzes data flows in software architectures. Systems specify data flows and confidentiality requirements specify limitations of data flows. Software architects use detected violations of these limitations to improve the system. We demonstrate how to integrate our approach into existing development processes.
Software vendors must consider confidentiality especially while creating software architectures because decisions made here are hard to change later. ...
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is a challenging task. This work presents an automated approach to extract access control requirements from business processes with the purpose of transforming them into a) access permissions for role-based access control and b) architectural data flow constraints to identify violations of access control in enterprise application architectures.
Business processes and information systems evolve constantly and affect each other in non-trivial ways. Aligning security requirements between both is...
In this work, the authors analysed the co-dependency between models and analyses, particularly the structure and interdependence of artefacts and the feature-based decomposition and composition of model-based analyses. Their goal is to improve the maintainability of model-based analyses. They have investigated the co-dependency of Domain-specific Modelling Languages (DSMLs) and model-based analyses regarding evolvability, understandability, and reusability.
In this work, the authors analysed the co-dependency between models and analyses, particularly the structure and interdependence of artefacts and the ...
This work introduces architectural security analyses for detecting access violations and attack paths in software architectures. It integrates access control policies and vulnerabilities, often analyzed separately, into a unified approach using software architecture models. Contributions include metamodels for access control and vulnerabilities, scenario-based analysis, and two attack analyses. Evaluation demonstrates high accuracy in identifying issues for secure system development.
This work introduces architectural security analyses for detecting access violations and attack paths in software architectures. It integrates access ...