ENASE 2019 Abstracts


Area 1 - Service Science and Business Information Systems

Full Papers
Paper Nr: 23
Title:

A Convolutional Neural Network for Language-Agnostic Source Code Summarization

Authors:

Jessica Moore, Ben Gelman and David Slater

Abstract: Descriptive comments play a crucial role in the software engineering process. They decrease development time, enable better bug detection, and facilitate the reuse of previously written code. However, comments are commonly the last of a software developer’s priorities and are thus either insufficient or missing entirely. Automatic source code summarization may therefore have the ability to significantly improve the software development process. We introduce a novel encoder-decoder model that summarizes source code, effectively writing a comment to describe the code’s functionality. We make two primary innovations beyond current source code summarization models. First, our encoder is fully language-agnostic and requires no complex input preprocessing. Second, our decoder has an open vocabulary, enabling it to predict any word, even ones not seen in training. We demonstrate results comparable to state-of-the-art methods on a single-language data set and provide the first results on a data set consisting of multiple programming languages.

Paper Nr: 59
Title:

Scaling a Standardized Procedure to Conceptualizing and Completing User Stories across Scrum Teams and Industries

Authors:

Matthew Ormsby and Curtis Busby-Earle

Abstract: Agile Software Development (ASD) is a user-centric approach to executing software development projects in continuous iterations. This approach focuses on collaboration and communication among self-organizing, cross-functional teams. Over the last two decades, ASD has been viewed as the answer to the pitfalls of the Waterfall Software Development approach. As such, large organizations have embraced this methodology and its scaling frameworks to produce faster to-market software. It is important to note that the agile methodology does not guarantee that all organizational and project problems related to software development are solved. This paper aims to contribute to the agile community by testing an existing procedure that has proven successful within a scrum team of a single company and applying it across multiple scrum teams within different domains in a large organization.

Paper Nr: 84
Title:

Investigating Mobile Applications Quality in Official and Third-party Marketplaces

Authors:

Fausto Fasano, Fabio Martinelli, Francesco Mercaldo and Antonella Santone

Abstract: One of the winning factors of Android was the use of the Java programming language and the XML language for application development. Furthermore, the open-source license and the availability of reverse engineering tools stimulated the proliferation of third-party markets where users can download for free repackaged version of commercial app, facilitating the phenomenon of plagiarism. In this paper we present an empirical study aimed to define whether there are differences from the quality point of view in Android applications available in the official market and in third-party ones, investigating whether supervised and unsupervised models built with a set of features belonging to four categories (i.e., dimensional, complexity, object oriented and Android) are effective in app store detection.

Short Papers
Paper Nr: 8
Title:

Model-based Network Fault Injection for IoT Protocols

Authors:

Jun Yoneyama, Cyrille Artho, Yoshinori Tanabe and Masami Hagiya

Abstract: IoT devices operate in environments where networks may be unstable. They rely on transport protocols to deliver data with given quality-of-service settings. To test an implementation of the popular MQTT protocol thoroughly, we extend the model-based test framework “Modbat” to simulate unstable networks by taking into account delays and transmission failures. Our proxy-based technology requires no changes to the IoT software, while the model allows the user to define stateless or stateful types or fault patterns. We evaluate our methods on a client-server library for MQTT, a transport protocol designed for IoT.

Paper Nr: 10
Title:

Towards a New Adaptation Engine for Self-Adaptation of BPMN Processes Instances

Authors:

Jamila Oukharijane, Imen Ben Said, Mohamed A. Chaabane, Eric Andonoff and Rafik Bouaziz

Abstract: In this paper we introduce an adaptation engine supporting self-adaptation of running BPMN process instances. This adaptation engine implements the MAPE-K (Monitor, Analyze, Plan, Execute, Knowledge) approach from autonomic computing for self-adaptation. The MAPE control loop aims at identifying the adaptation need and defining and executing the operations required to deal with these needs while the K is the knowledge needed for the MAPE control loop. More precisely, the paper presents the architecture of the adaptation engine: it details how autonomic managers responsible for self-adaptation of process instances implement the MAPE control loop.

Paper Nr: 13
Title:

A General Framework to Identify Software Components from Execution Data

Authors:

Cong Liu, Boudewijn F. van Dongen, Nour Assy and Wil M. van der Aalst

Abstract: Restructuring an object-oriented software system into a component-based one allows for a better understanding of the software system and facilitates its future maintenance. A component-based architecture structures a software system in terms of components and interactions where each component refers to a set of classes. In reverse engineering, identifying components is crucial and challenging for recovering the component-based architecture. In this paper, we propose a general framework to facilitate the identification of components from software execution data. This framework is instantiated for various community detection algorithms, e.g., the Newman’s spectral algorithm, Louvain algorithm, and smart local moving algorithm. The proposed framework has been implemented in the open source (Pro)cess (M)ining toolkit ProM. Using a set of software execution data containing around 1.000.000 method calls generated from four real-life software systems, we evaluated the quality of components identified by different community detection algorithms. The empirical evaluation results demonstrate that our approach can identify components with high quality, and the identified components can be further used to facilitate future software architecture recovery tasks.

Paper Nr: 26
Title:

A Pattern-based Process Management System to Flexibly Execute Collaborative Tasks

Authors:

Mamadou L. Cisse, Hanh N. Tran, Samba Diaw, Bernard Coulette and Alassane Bah

Abstract: Managing collaborations during the execution of a process is complex and challenging, especially for managing the collaboration inside a task having multiple instances performed by various actors. Existing process management approaches propose either a rigid control for conducting such collaborative tasks or no control at all. Aiming at a more flexible way to execute and control multi-instance tasks, we investigate a solution based on late-binding mechanism to allow actors choosing dynamically suitable strategies to perform their collaboration. First, we propose a process modeling language which focuses on describing multi-instance tasks and their dynamic instances at execution time. Second, this language is then used to represent patterns capturing reusable collaboration strategies. A prototype of a pattern-based Process Management System has been developed to demonstrate the possible flexible execution of collaborative tasks.

Paper Nr: 78
Title:

Indoor Localisation with Intelligent Luminaires for Home Monitoring

Authors:

Iuliana Marin, Maria I. Bocicor and Arthur-Jozsef Molnar

Abstract: This paper presents the initial results of our experiments regarding accurate indoor localisation. The research was carried out in the context of a European Union funded project targeting the development of a configurable, cost-effective cyber-physical system for monitoring older adults in their homes. The system comprises a number of hardware nodes deployed as intelligent luminaires that replace light bulbs present in the monitored location. By measuring the strength of a Bluetooth Low Energy signal generated by a device on the monitored person, a rough estimation of the person’s location is obtained. We show that the presence of walls, furniture and other objects in typical indoor settings precludes accurate localisation. In order to improve accuracy, we employ several software-based approaches, including Kalman filtering and neural networks. We carry out an initial experiment showing that additional software processing significantly improves localisation accuracy.

Paper Nr: 94
Title:

Towards a Uniform Model Transformation Process for Abstract User Interfaces Generation

Authors:

Lassaad Ben Ammar

Abstract: The Model-Driven Development (MDD) paradigm is currently being taken interest in the field of Software Engineering (SE). It allows simplification and automation of the development process by defining models and transformations of those models. Model-Based User Interface Development (MBUID) is a variant of the MDD paradigm in the domain of UI development. It aims to reduce the efforts needed to develop UIs. It has had a significant research by the SE community leading to the definition of the Cameleon Reference Framework (CRF) as a unifying framework which structures the UI development process. In the last few years, several research works have been conducted with the aim of proposing a Cameleon-compliant UI development process. This situation leads to a series of important shortcomings; among them we quote in particular the lack of consensus (standard) about the information the different models have to contain and how to transform these models. With the aim of solving this issue of giving a uniformed UI development process, this paper presents an initiative towards uniformed task model and its transformation to an abstract user interface.

Paper Nr: 38
Title:

Developing and Testing Networked Software for Moving Robots

Authors:

Ichiro Satoh

Abstract: Autonomous transport robots have been widely used to carry products in manufacturing and warehousing spaces. Such robots are smart and networked in the sense that they exchange information with stationary servers and other robots in their visiting spaces through wireless local-area networks. Therefore, when software running on such robots is executed with the services that the robots are connected to through networks, including multicast protocols. To test such software, we need to execute it within the network domains of the locations that the robots may move and connect to, because the correctness of the software depends on the services. To solve this problem, we present a framework for emulating the physical mobility of autonomous transport robots by the logical mobility of software designed for running on computers by using a mobile agent technology. It enables such software to run within target network domains so that the software can locally access servers and receive multicast packets limited within the domains. It was evaluated with a practical example in a real factory.

Paper Nr: 47
Title:

Architecture to Manage and Protect Personal Data Utilising Blockchain

Authors:

Jens Leicht and Maritta Heisel

Abstract: Many Internet users employ a multitude of online services. Many services require the same data to be entered and users enter it repeatedly. Instead of entering information for every new service a user wants to use, we propose a system that allows users to simply share a set of information with any service they want to use. The information is entered once and stored in a distributed storage system. Users can easily share the data with any service provider, in order to use a service. Our proposed system makes use of the distributed ledger, provided by blockchains, to manage access rights. By taking the data away from the service providers, the personal data is also protected against unwanted data leaks.

Paper Nr: 69
Title:

Modelling Co-occurring Changes in a BPEL Process with Petri Nets

Authors:

Parimala N.

Abstract: Changes to a BPEL process can occur due to changes in its requirements. In this paper, we are considered with more than one change which must be made simultaneously. Such changes are referred to as co-occurring changes. Petri nets are used to express the changes because of their applicability to reflect changes to the system as an evolution of the Petri net model. Each change is expressed as a rewrite rule. The rewrite rules are analysed to determine the order in which they have to be applied. The rules may have to be executed in parallel or in a particular order. A change model, L-Change is defined which enforces that either both changes take place or none.

Paper Nr: 93
Title:

Optimizing Regression Testing with Functional Flow Block Reliability Diagram

Authors:

Vaishali Chourey and Meena Sharma

Abstract: Model based testing techniques are widely used to generate tests from models and their specifications. Regression Testing is critical in evolving software systems. It implies that Software undergoes continuous integration and subsequent testing of modules and components to develop a final release of the software. Recent research on test automation have revealed challenges in testing such as enormous test cases generated that are either redundant or irrelevant tests. This prevents the critical parts of code from testing and leave faults uncovered. Manual testing also slows the process and makes exhaustive testing for quality difficult. This paper proposes an approach to generate regression tests from model synthesized from UML interaction diagrams and also prioritize tests. The algorithm generate test suites from the proposed intermediate model. The reliability analysis is performed on blocks and the results govern the prioritization of tests.

Paper Nr: 96
Title:

Towards Automated Management and Analysis of Heterogeneous Data within Cannabinoids Domain

Authors:

Kenji Koga, Maria Spichkova and Nitin Mantri

Abstract: Cannabinoid research requires the cooperation of experts from various field biochemistry and chemistry to psychological and social sciences. The data that have to be managed and analysed are highly heterogeneous, especially because they are provided by a very diverse range of sources. A number of approaches focused on data collection and the corresponding analysis, restricting the scope to a sub-domain. Our goal is to elaborate a solution that would allow for automated management and analysis of heterogeneous data within the complete cannabinoids domain. The corresponding integration of diverse data sources would increase the quality and preciseness of the analysis. In this paper, we introduce the core ideas of the proposed framework as well as present the implemented prototype of a cannabinoids data platform.

Paper Nr: 99
Title:

Multiple Perspectives of Digital Enterprise Architecture

Authors:

Alfred Zimmermann, Rainer Schmidt and Kurt Sandkuhl

Abstract: Enterprises are transforming their strategy, culture, processes, and their information systems to enlarge their Digitalization efforts or to approach for digital leadership. The Digital Transformation profoundly disrupts existing enterprises and economies. In current times, a lot of new business opportunities appeared using the potential of the Internet and related digital technologies: The Internet of Things, Services Computing, Cloud Computing, Artificial Intelligence, Big Data with Analytics, Mobile Systems, Collaboration Networks, and Cyber-Physical Systems. Digitization fosters the development of IT environments with many rather small and distributed structures, like the Internet of Things, Microservices, or other micro-granular elements. Architecting micro-granular structures have a substantial impact on architecting digital services and products. The change from a closed-world modeling perspective to more flexible Open World of living software and system architectures defines the context for flexible and evolutionary software approaches, which are essential to enable the Digital Transformation. In this paper, we are revealing multiple perspectives of digital enterprise architecture and decisions to effectively support value and service-oriented software systems for intelligent digital services and products.

Area 2 - Software Engineering

Full Papers
Paper Nr: 29
Title:

CloudCity: A Live Environment for the Management of Cloud Infrastructures

Authors:

Pedro Lourenço, João P. Dias, Ademar Aguiar and Hugo S. Ferreira

Abstract: Cloud computing has emerged as the de facto approach for providing services over the Internet. Although having increased popularity, challenges arise in the management of such environments, especially when the cloud service providers are constantly evolving their services and technology stack in order to maintain position in a demanding market. This usually leads to a combination of different services, each one managed individually, not providing a big picture of the architecture. In essence, the end state will be too many resources under management in an overwhelming heterogeneous environment. An infrastructure that has considerable growth will not be able to avoid its increasing complexity. Thus, this papers introduces liveness as an attempt to increase the feedback-loop to the developer in the management of cloud architectures. This aims to ease the process of developing and integrating cloud-based systems, by giving the possibility to understand the system and manage it in an interactive and immersive experience, thus perceiving how the infrastructure reacts to change. This approach allows the real-time visualization of a cloud infrastructure composed of a set of Amazon Web Services resources, using visual city metaphors.

Paper Nr: 30
Title:

Live Software Development Environment for Java using Virtual Reality

Authors:

Diogo Amaral, Gil Domingues, João P. Dias, Hugo S. Ferreira, Ademar Aguiar and Rui Nóbrega

Abstract: Any software system that has a considerable growing number of features will suffer from essential complexity, which makes the understanding of the software artifacts increasingly costly and time-consuming. A common approach for reducing the software understanding complexity is to use software visualizations techniques. There are already several approaches for visualizing software, as well as for extracting the information needed for those visualizations. This paper presents a novel approach to tackle the software complexity, delving into the common approaches for extracting information about software artifacts and common software visualization metaphors, allowing users to dive into the software system in a live way using virtual reality (VR). Experiments were carried out in order to validate the correct extraction of metadata from the software artifact and the corresponding VR visualization. With this work, we intend to present a starting point towards a Live Software Development approach.

Paper Nr: 32
Title:

Semantic Search and Query Over SBVR-based Business Rules using SMT based Approach and Information Retrieval Method

Authors:

Kritika Anand, Sayandeep Mitra and Pavan K. Chittimalli

Abstract: Presently, business organizations are regulating their activities with the aid of Business Rules (BR’s). A single rule set of an organization contains large and diverse categories of BR’s , thereby making it difficult for Business Analysts and end users to analyze and extract relevant BR’s. Rule Search with natural language terms fail due to their inability to capture logical semantics present in BR’s. In this paper, we present a novel approach to give correct and complete sets of SBVR (Semantics of Business Vocabulary and Business Rules) based BR’s based on a specified query. We integrate conventional Information Retrieval Approach of text based searches over the rule base and corresponding meta-data with a SMT (Satisfiability Modulo Theory) based approach capturing the higher first order logic of the rules. The major applications of this approach are change impact analysis when rules are added, deleted or modified from a rule set, identifying the candidate set of rules affected due to change in the rule set and during match and gap analysis where we compare two sets of BR’s identifying similarity and difference in business functionality between them. We show the implementation of our tool along with its performance on industry level datasets.

Paper Nr: 41
Title:

Amniote: A User Space Interface to the Android Runtime

Authors:

Zachary Yannes and Gary Tyson

Abstract: The Android Runtime (ART) executes apps in a dedicated virtual machine called the Dalvik VM. The Dalvik VM creates a Zygote instance when the device first boots which is responsible for sharing Android runtime libraries to new applications. New apps rely heavily on external libraries in addition to the runtime libraries for everything from graphical user interfaces to remote databases. We propose an extension to the Zygote, aptly named Amniote, which exposes the Zygote to the user space. Amniote allows developers to sideload common third-party libraries to reduce application boot time and memory. Just like the Android runtime libraries, apps would share the address to the library and generate a local copy only when one app writes to a page. In this paper, we will address three points. First, we will demonstrate that many third-party libraries are used across the majority of Android applications. Second, execution of benchmark apps show that most page accesses are before copy-on-write operations, which indicates that pages from preloaded classes will infrequently be duplicated. Third, we will provide a solution, the Amniote framework, and detail the benefits over the traditional Zygote framework.

Paper Nr: 46
Title:

A Formal Modeling Scheme for Analyzing a Software System Design against the GDPR

Authors:

Evangelia Vanezi, Georgia M. Kapitsaki, Dimitrios Kouzapas and Anna Philippou

Abstract: Since the adoption of the EU General Data Protection Regulation (GDPR) in May 2018, designing software systems that conform to the GDPR principles has become vital. Modeling languages can be a facilitator for this process, following the principles of model-driven development. In this paper, we present our work on the usage of a π-calculus-based language for modeling and reasoning about the GDPR provisions of 1) lawfulness of processing by providing consent, 2) consent withdrawal, and 3) right to erasure. A static analysis method based on type checking is proposed to validate that a model conforms to associated privacy requirements. This is the first step towards a rigorous Privacy-By-Design methodology for analyzing and validating a software system model against the GDPR. A use case is presented to discuss and illustrate the framework.

Paper Nr: 49
Title:

Longitudinal Evaluation of Software Quality Metrics in Open-Source Applications

Authors:

Arthur-Jozsef Molnar, Alexandra Neamţu and Simona Motogna

Abstract: Assessment of software quality remains the focus of important research efforts, with several proposed quality models and assessment methodologies. ISO 25010 describes software quality in terms of characteristics such as reliability, security or maintainability. In turn, these characteristics can be evaluated in terms of software metric values, establishing a relation between software metrics and quality. However, a general metric-based model for software quality does not yet exist. The diversity of software applications, metric definitions and differences between proposed quality models all contribute to this. Our paper proposes a longitudinal evaluation of the metric values and their relations in the context of three complex, open-source applications. We cover the entire 18 year development history of the targeted applications. We explore typical values for metrics associated with software product quality and explore their evolution in the context of software development. We identify dependant metrics and explore the effect class size has on the strength of dependencies. At each step, we compare the obtained results with relevant related work in order to contribute to a growing pool of evidence towards our goal - a metric-based evaluation of software quality characteristics.

Paper Nr: 50
Title:

Specifying Industrial System Requirements using Specification Patterns: A Case Study of Evaluation with Practitioners

Authors:

Predrag Filipovikj and Cristina Seceleanu

Abstract: With the ever-increasing size and complexity of the industrial software systems there is an imperative need for an automated, systematic and exhaustive verification of various software artifacts, such as system specifications, models, code, etc. A potential remedy for this need might lie in a pool of techniques for computer-aided verification of software related artifacts, including system specifications. The Achilles’ heel of these techniques, and the main hinder for their wider adoption in the industrial development process are the complexity and the specialized skill-set required for the formal encoding of specifications. To alleviate this problem, Specification Patterns that are based on the observation that the system specifications are framed within reoccurring solutions have been proposed. The approach has been shown to be expressive enough for capturing requirements in the automotive domain, however, there is a lack of empirical data that can be used to judge its practical usefulness. In this paper, we involve an existing specification-patterns-based tool, called PROPAS, and propose a small-size evaluation of the approach with practitioners, on a case study conducted in cooperation with Scania, Sweden, one of the world’s leading manufacturers of heavy-load vehicles. Our results show that the specification patterns that are supported by an adequate tooling have the potential to be practically usefull for the non-experts in formal methods.

Paper Nr: 52
Title:

A Domain-Specific Modeling Language for Specification of Clinical Scores in Mobile Health

Authors:

Allan A. Barbosa, Francisco E. Silva, Luciano R. Coutinho, Davi D. Santos and Ariel S. Teles

Abstract: Clinical scores are a widely discussed topic in health as part of modern clinical practice. In general, these tools predict clinical outcomes, perform risk stratification, aid in clinical decision making, assess disease severity or assist diagnosis. However, the problem is that clinical scores data are traditionally obtained manually, which can lead to incorrect data and result. In addition, by collecting biological/health data in real time from humans, the current mobile health (mHealth) solutions that computationally solve that problem are limited because those systems are developed considering the specificities of a single clinical score. This work is part of the MDD4ClinicalScores project that addresses the productivity in developing mHealth solutions for clinical scores through the use of Model Driven Development concepts. This paper focus in describing DSML4ClinicalScore, a high-level domain-specific modeling language that uses the Ecore metamodel to describe a clinical score specification. To propose the DSML4ClinicalScore we analysed 89 clinical scores to define the artifacts of this proposed Metamodel. In the end, a practical case study using this DSML is provided to validate the DSML4ClinicalScore Metamodel, and to show how to use the proposal in a clinical situation scenario.

Paper Nr: 56
Title:

Architecture Modelling and Formal Analysis of Intelligent Multi-Agent Systems

Authors:

Ashalatha Kunnappiilly, Simin Cai, Raluca Marinescu and Cristina Seceleanu

Abstract: Modern cyber-physical systems usually assume a certain degree of autonomy. Such systems, like Ambient Assisted Living systems aimed at assisting elderly people in their daily life, often need to perform safety-critical functions, for instance, fall detection, health deviation monitoring, communication to caregivers, etc. In many cases, the system users have distributed locations, as well as different needs that need to be serviced intelligently and simultaneously. These features call for intelligent, adaptive, scalable and fault-tolerant system design solutions, which are well embodied by multi-agent architectures. Analyzing such complex architectures at design phase, to verify if an abstraction of the system satisfies all the critical requirements is beneficial. In this paper, we start from an agent-based architecture for ambient assisted living systems, inspired from the literature, which we model in the popular Architecture Analysis and Design Language. Since the latter lacks the ability to specify autonomous agent behaviours, which are often intelligent, non deterministic or probabilistic, we extend the architectural language with a sub-language called Agent Annex, which we formally encode as a Stochastic Transition System. This contribution allows us to specify behaviours of agents involved in agent-based architectures of cyber-physical systems, which we show how to exhaustively verify with the state-of-art model checker PRISM. As a final step, we apply our framework on a distributed ambient assisted living system, whose critical requirements we verify with PRISM.

Paper Nr: 60
Title:

Migration of Software Components to Microservices: Matching and Synthesis

Authors:

Andreas Christoforou, Lambros Odysseos and Andreas S. Andreou

Abstract: Nowadays more and more software companies, as well as individual software developers, adopt the microservice architecture for their software solutions. Although many software systems are being designed and developed from scratch, a significant number of existing monolithic solutions tend to be transformed to this new architectural style. What is less common, though, is how to migrate component-based software systems to systems composed of microservices and enjoy the benefits of ease of changes, rapid deployment and versatile architecture. This paper proposes a novel and integrated process for the decomposition of existing software components with the aim being to fully or partially replace their functional parts with by a number of suitable and available microservices. The proposed process is built on semi-formal profiling and utilizes ontologies to match between properties of the decomposed functions of the component and those offered by microservices residing in a repository. Matching concludes with recommended solutions yielded by multi-objective optimization which considers also possible dependencies between the functional parts.

Paper Nr: 64
Title:

A Model Driven Approach to the Development of Gamified Interactive Clinical Practice Guidelines

Authors:

Job N. Nyameino, Fazle Rabbi, Ben-Richard Ebbesvik, Martin C. Were and Yngve Lamo

Abstract: Clinical practice guidelines (CPGs) play a fundamental role in modern medical practice since they summarize the vast medical literature and provide distilled recommendations on care based on the current best evidence. However, there are barriers to CPG utilization such as lack of awareness and lack of familiarity of the CPGs by clinicians due to ineffective CPG dissemination and implementation. This calls for research into effective and scalable CPG dissemination strategies that will improve CPG awareness and familiarity. We describe a formal model-driven approach to design and implement a gamified e-learning system for clinical guidelines. We employ gamification to increase user motivation and engagement in the training of guideline content. Our approach involves the use of models for different aspects of the system, an entity model for the clinical domain, a workflow model for the clinical processes and a game model to manage the training sessions. A game engine instantiates a training session by coupling the workflow and entity models to automatically generate questions based on the data in the model instances. Our proposed approach is flexible and adaptive as it allows for easy updates of the guidelines, integration with different device interfaces and representation of any guideline.

Paper Nr: 66
Title:

R-TNCES Rebuilding: A New Method of CTL Model Update for Reconfigurable Systems

Authors:

Mohamed Ramdani, Laid Kahloul, Mohamed Khalgui and Yousra Hafidi

Abstract: This paper deals with improved rebuilding of models in formal verification of reconfigurable discrete-event systems (RDESs) modeled by reconfigurable timed net condition event systems (R-TNCESs). Automated computation tree logic (CTL) model update and repair are approaches that extend model-checking to generate a new correct model that represents the desired behavior. We propose R-TNCES rebuilding method, which is a formal method that allows both the verification and the modification of reconfigurable models. The proposed approach generates from an incorrect model a new one that satisfies a given CTL formula. First, CTL is defined to deal with the system functional properties specification. A set of transformation rules with an algorithm are proposed to achieve the rebuilding phase. Finally, platform FESTO MPS is used as a case study to demonstrate the paper’s contribution. The obtained results show the efficiency of the proposed contribution even in large complex systems.

Paper Nr: 91
Title:

Easy Mobile Meter Reading for Non-smart Meters: Comparison of AWS Rekognition and Google Cloud Vision Approaches

Authors:

Maria Spichkova, Johan van Zyl, Siddharth Sachdev, Ashish Bhardwaj and Nirav Desai

Abstract: Electricity and gas meter reading is a time consuming task, which is done manually in most cases. There are some approaches proposing use of smart meters that report their readings automatically. However, this solution is expensive and requires (1) replacement of the existing meters, even when they are functional and new, and (2) large changes of the whole system dealing with the meter readings. This paper presents results of a project on automation of the meter reading process for the standard (non-smart) meters using computer vision techniques, focusing on the comparison of two computer vision techniques, Google Cloud Vision and AWS Rekognition.

Paper Nr: 97
Title:

Suggesting Software Measurement Plans with Unsupervised Learning Data Analysis

Authors:

Sarah A. Dahab and Stephane Maag

Abstract: Software measurement processes require to consider more and more data, measures and metrics. Measurement plans become complex, time and resource consuming, considering diverse kinds of software project phases. Experts in charge of defining the measurement plans have to deal with management and performance constraints to select the relevant metrics. They need to take into account a huge number of data though distributed processes. Formal models and standards have been standardized to facilitate some of these aspects. However, the maintainability of the measurements activities is still constituted of complex activities. In this paper, we aim at improving our previous work, which aims at reducing the number of needed software metrics when executing measurement process and reducing the expertise charge. Based on unsupervised learning algorithm, our objective is to suggest software measurement plans at runtime and to apply them iteratively. For that purpose, we propose to generate automatically analysis models using unsupervised learning approach in order to efficiently manage the efforts, time and resources of the experts. An implementation has been done and integrated on an industrial platform. Experiments are processed to show the scalability and effectiveness of our approach. Discussions about the results have been provided. Furthermore, we demonstrate that the measurement process performance could be optimized while being effective, more accurate and faster with reduced expert intervention.

Short Papers
Paper Nr: 18
Title:

A MARTE-Based Design Pattern for Adaptive Real-Time Embedded Systems

Authors:

Ahmed Ben Mansour, Mohamed Naija and Samir Ben Ahmed

Abstract: The design of adaptive real-time & embedded systems (RTES) is a hard task due to the complexity of both software/hardware features and the variability in the operational environment. This paper presents a new design pattern intended to support and facilitate the co-modeling and scheduling analysis of RTES. The contribution of this pattern is that is designed to i) support scheduling analysis allowing adaptation mechanisms ii) model all the software/hardware features and allocation in the same view iii) annotate the system with functional and non-functional properties using a high-level modeling language. The generated model from the pattern contains all the needed information to perform the schedulability tests. As a proof of concepts, we present experimental results for an automobile system.

Paper Nr: 25
Title:

From Requirements to Automated Acceptance Tests of Interactive Apps: An Integrated Model-based Testing Approach

Authors:

Daniel Maciel, Ana R. Paiva and Alberto Rodrigues da Silva

Abstract: Frequently software testing tends to be neglected at the beginning of the projects, only performed on the late stage. However, it is possible to benefit from combining requirement with testing specification activities. On one hand, acceptance tests specification will require less manual effort since they are defined or generated automatically from the requirements specification. On the other hand, the requirements specification itself will end up having higher quality due to the use of a more structured language, reducing typical problems such as ambiguity, inconsistency and incorrectness. This research proposes an approach that promotes the practice of tests specification since the very beginning of projects, and its integration with the requirements specification itself. It is a model-driven approach that contributes to maintain the requirements and tests alignment, namely between requirements, test cases, and low-level automated test scripts. To show the applicability of the approach, two complementary languages are adopted: the ITLingo RSL that is particularly designed to support both requirements and tests specification; and the Robot language, which is a low-level keyword-based language for the specification of test scripts. The approach includes model-to-model transformation techniques, such as test cases into test scripts transformations. In addition, these test scripts are executed by the Robot test automation framework.

Paper Nr: 27
Title:

UML Specification and Transformation of Safety Features for Memory Protection

Authors:

Lars Huning, Padma Iyenghar and Elke Pulvermüller

Abstract: Standards such as IEC 61508 or ISO 26262 provide a general guideline on how to develop embedded systems in a safety-critical context. However, they offer no actual support for the implementation of safety mechanisms. This paper proposes such development support by employing Model Driven Development (MDD). For this, we target the issue of soft errors, which may lead to silent data corruption due to radiation effects. We propose an MDD workflow including a model representation and model transformations, which are able to automatically generate memory protection for variables inside a program based on a model specification via UML stereotypes.

Paper Nr: 31
Title:

CVSS-based Estimation and Prioritization for Security Risks

Authors:

Roman Wirtz and Maritta Heisel

Abstract: During software development, it is of essential importance to consider security threats. The number of reported incidents and the harm for organizations due to such incidents highly increased during the last few years. The efforts for treating threats need to be spent in an effective manner. A prioritization can be derived from the risk level of a threat, which is defined as the likelihood of occurence and the consequence for an asset. In this paper, we propose a risk estimation and evaluation method for information security based on the Common Vulnerability Scoring System (CVSS). Our method can be applied during requirements engineering. The application in one of the earliest stages of a software development lifecycle enables security engineers to focus on the most servere risks right from the beginning. As initial input, we make use of a pattern-based description of relevant threats to the software. When estimating the risk level of those threats, we consider three perspectives: (1) software providers, (2) data owner, and (3) third parties for which a potential harm may exist, too. Our method combines attributes of the pattern and the different perspectives to estimate and prioritize risks. The pattern-based description allows a semi-automatic application of our method, which ends with a ranking of risks according to their priority as final outcome.

Paper Nr: 40
Title:

Modeling Traceability in Software Development: A Metamodel and a Reference Model for Traceability

Authors:

Bruno Azevedo and Mario Jino

Abstract: Many traceability models lack well-defined traceability link types, provide incomplete coverage of situations, do not provide mechanisms to ensure consistency of traceability, and consider only requirements traceability ignoring other activities of development. We propose a set of basic concepts for traceability, a reference model, and a comprehensive metamodel for traceability created using this reference model. The reference model defines: basic elements for traceability, basic actions to be done on artifacts, basic properties that sets of link types and artifact types should have, basic categories that should be realized regarding these sets, and basic set of processes for traceability. The metamodel is composed of a visual model defining how its elements interact, the definition and semantic description of link types and artifact types which realize the categories of the reference model, and a set of detailed processes describing the steps to maintain traceability and system consistency. Our proposal aims to reduce the problems identified; the reference model provides directions to help the creation, or evaluation, of a traceability model; the metamodel provides semantically described traceability link types, coverage of the most common situations, mechanisms to ensure consistency of traceability, and covers the most common activities in software development.

Paper Nr: 42
Title:

Towards New Ways of Evaluating Methods of Supporting Requirements Management and Traceability using Signal-to-Noise Ratio

Authors:

Krzysztof Wnuk, Markus Borg and Tony Gorschek

Abstract: Developing contemporary software solutions requires many processes and people working in synergy to achieve a common goal. Any misalignment between parts of the software production cycle can severely impede the quality of the development process and its resulting products. In this paper, we focus on improving means for measuring the quality of methods used to support finding similarities between software product artifacts, especially requirements. We propose a new set of measures, Signal-to-Noise ratios which extends the commonly used precision and recall measures. We test the applicability of all three types of SNR on two methods for finding similar requirements: the normalized compression distance (NCD) originating from the domain of information theory, and the Vector Space Model originating from computer linguistics. The results obtained present an interesting property of all types of SNR, all the values are centered around 1 which confirms our hypothesis that the analyzed methods can only limit the search space for the analysis. The analyst may still have difficulties in manually assessing the correct links among the incorrect ones.

Paper Nr: 51
Title:

Analyzing the Evolution of Javascript Applications

Authors:

Angelos Chatzimparmpas, Stamatia Bibi, Ioannis Zozas and Andreas Kerren

Abstract: Software evolution analysis can shed light on various aspects of software development and maintenance. Up to date, there is little empirical evidence on the evolution of JavaScript (JS) applications in terms of maintainability and changeability, even though JavaScript is among the most popular scripting languages for front-end web applications, including IoT applications. In this study, we investigate JS applications’ quality and changeability trends over time by examining the relevant Laws of Lehman. We analyzed over 7,500 releases of JS applications and reached some interesting conclusions. The results show that JS applications continuously change and grow, there are no clear signs of quality degradation while the complexity remains the same over time, despite the fact that the understandability of the code deteriorates.

Paper Nr: 53
Title:

A Model-based Approach for the Modeling and the Verification of Railway Signaling System

Authors:

Racem Bougacha, Abderrahim Ait Wakrime, Slim Kallel, Rahma Ben Ayed and Simon Collart-Dutilleul

Abstract: Railway Signaling System aims at resolving interoperability problems of railway signaling and train control/command. An European system is taken place to guarantee interoperability between international borders. Such complex systems require a high-level of safety. We propose an approach for modeling and verifying railway signaling systems. Our approach consists of graphical modeling such systems and automatically generating formal specification in Event-B. It is based on model-driven engineering techniques. We propose model-to-model transformation to generate Event-B model from UML class diagram profiled with safety and railways concepts. A textual Event-B code is also automatically generated using model-to-text transformation. The proposed approach allows to formally verify the safety of railway signaling systems based on model checking and animator tool.

Paper Nr: 63
Title:

Mutating UML State Machine Behavior with Semantic Mutation Operators

Authors:

Anna Derezinska and Łukasz Zaremba

Abstract: In Model-Driven Software Development (MDSD), an application can be built using classes and their state machines as source models. The final application can be tested as any source code. In this paper, we discuss a specific approach to mutation testing in which modifications relate to different variants of behavioural features modelled by UML state machines, while testing deals with standard executions of the final application against its test cases. We have proposed several mutation operators aimed at mutating behaviour of UML state machines. The operators take into account event processing, time management, behaviour of complex states with orthogonal regions, and usage of history pseudostates. Different possible semantic interpretations are associated with each operator. The operators have been implemented in the Framework for eXecutable UML (FXU). The framework, that supports code generation from UML classes and state machines and building target C# applications, has been extended to realize mutation testing with use of multiple libraries. The semantic mutation operators have been verified in some MDSD experiments.

Paper Nr: 65
Title:

On Improved Verification of Reconfigurable Real-Time Systems

Authors:

Yousra Hafidi, Laid Kahloul, Mohamed Khalgui and Mohamed Ramdani

Abstract: This paper deals with formal modeling and verification of reconfigurable real-time systems under reconfigurability and real-time constraints. To deal with the modeling, we enrich the formalism, named reconfigurable timed net condition event systems (R-TNCESs), with new reconfiguration forms such as the ability to update the earliest/latest firing time on the intervals which are associated to flow arcs. To handle the verification of the new extended formalism, an algorithm is defined to generate a timed accessibility graph for timed net condition event systems (TNCESs). We control the verification complexity of R-TNCESs using a new method which accelerate the generation of accessibility graphs, where redundancies, repetitions, and unnecessary computations are avoided as much as possible. An experimentation is carried out and a performance evaluation is achieved to demonstrate the advantages of the proposed contribution compared with related works.

Paper Nr: 68
Title:

Consolidating a Model for Describing Situated Software Practices

Authors:

Diana Kirk, Stephen MacDonell and Ewan Tempero

Abstract: Many prescriptive approaches to developing software intensive systems have been advocated but each is based on assumptions about context. It has been found that practitioners do not follow prescribed methodologies, but rather select and adapt specific practices according to local needs. As researchers, we would like to be in a position to support such tailoring. However, at the present time we simply do not have sufficient evidence relating practice and context for this to be possible. We have long understood that a deeper understanding of situated software practices is crucial for progress in this area, and have been exploring this problem from a number of perspectives. In this position paper, we draw together the various aspects of our work into a holistic model and discuss the ways in which the model might be applied to support the long term goal of evidence-based decision support for practitioners. The contribution specific to this paper is a discussion on model evaluation, including a proof-of-concept demonstration of model utility. We map Kernel elements from the Essence system to our model and discuss gaps and limitations exposed in the Kernel. Finally, we overview our plans for further refining and evaluating the model.

Paper Nr: 70
Title:

Towards Understanding Industry’s Perspectives on the Software Quality Characteristics: A Survey

Authors:

Mert Ozkaya and Nurdan Canbaz

Abstract: The ISO SQuaRE software quality standard categorises software quality into eight different characteristics: functional suitability, performance efficiency, compatibility, usability, reliability, security, maintainability and portability. Each quality characteristic is further considered in terms of a cohesive set of sub-characteristics. In this paper, a survey has been conducted with the goal of understanding which software quality characteristics are popular in industries and any modeling languages and tools used for analysing the software quality. The survey has been performed with 16 experienced practitioners, who work for a Turkish software company and have been requested to answer a pre-determined set of questions. The survey results lead to many interesting outcomes, some of which are as follows: (i) maintainability and performance efficiency are the top-popular characteristics, while portability is the least, (ii) time behaviour is the top-considered performance sub-characteristic, (iii) interoperability is the top-considered compatibility sub-characteristic, (iv) learnability and appropriateness recognisability are the top-considered usability sub-characteristics, (v) availability is the top-considered reliability sub-characteristic, (vi) confidentiality and integrity are the top-considered security sub-characteristics, (vii) modularity and reusability are the top-considered maintainability sub-characteristics, (viii) none of the participants use any modeling languages for analysing the software quality early on, and (ix) the participants use COTS tools for analysing the software implementation.

Paper Nr: 71
Title:

An Approach of Extracting God Class Exploiting Both Structural and Semantic Similarity

Authors:

Pritom S. Akash, Ali Z. Sadiq and Ahmedul Kabir

Abstract: Code smell is a sign of design and development flaws in a software system which reduces the reusability and maintainability of the system. Refactoring is a continuous practice of eliminating code smells from the source code. A God Class is one of the most common code smells where too many responsibilities are defined in a single class. God Classes reduce the quality of a system by increasing coupling and decreasing cohesion. In this paper, we propose an approach for extracting a God Class into new classes by increasing class cohesion. For this, both structural and semantic relationship between methods in a class are analyzed, and strongly related methods are clustered and suggested to be in the same class. We assessed the proposed approach on fifteen real God Classes from two well-known open source systems and it is shown that the cohesion among the classes is increased after refactoring. A comparative result of our approach with a similar existing approach is presented and it is found that our approach provides better results for almost all the experimented God Classes.

Paper Nr: 72
Title:

Comparing Testing and Runtime Verification of IoT Systems: A Preliminary Evaluation based on a Case Study

Authors:

Maurizio Leotta, Diego Clerissi, Luca Franceschini, Dario Olianas, Davide Ancona, Filippo Ricca and Marina Ribaudo

Abstract: Assuring the quality of Internet of Things (IoT) systems is of paramount importance, and guaranteeing their reliability and compliance with the requirements is mandatory, but few attempts have been made so far. In previous works, we proposed two approaches for acceptance testing and runtime verification of IoT systems. Both works rely on a UML state machine to specify the system expected behaviour. In the acceptance testing approach, the interesting paths to exercise are identified and translated into executable test scripts. In the runtime verification approach, the relevant events during the system execution are monitored and compared against a formal specification derived from the UML state machine. In this paper, we compare the effectiveness of our two approaches, by applying them to a mobile health IoT system for the management of diabetic patients, employing over 100 mutated versions of the original system and analysing more than 1000 different executions. Results show that both approaches are effective in different ways in detecting bugs. While the acceptance testing approach is more effective to detect the bugs affecting the user interface, the runtime verification approach tracks better the subtle deviations from the system expected behaviour, in particular those concerning network issues.

Paper Nr: 74
Title:

Hammock-based Identification of Changes in Advice Applications between Aspect-oriented Programs

Authors:

Marija Katic

Abstract: In an aspect-oriented program, the cross-cutting functionalities are defined in pieces of advice such that they apply to program-execution points for the core functionalities. Program changes can affect the application of pieces of advice. To that end, a source-code differencing tool, for two versions of an aspect-oriented program, needs to support the identification of changes in pieces of advice at locations of their applications. To alleviate this task, we introduce an extension of the existing differencing technique for object-oriented programs. We implemented a tool AjDiff and used it to evaluate our technique on the two examples of aspect-oriented programs: Tracing and Telecom. We manually verified that our tool can successfully identify changes in pieces of advice at locations of their application.

Paper Nr: 75
Title:

NOSOLAP: Moving from Data Warehouse Requirements to NoSQL Databases

Authors:

Deepika Prakash

Abstract: Typical data warehouse systems are implemented either on a relational database or on a multi-dimensional database. While the former supports ROLAP operations the latter supports MOLAP. We explore a third alternative, that is, to implement a data warehouse on a NoSQL database. For this, we propose rules that help us move from information obtained from data warehouse requirements engineering stage to the logical model of NoSQL databases, giving rise to NOSOLAP (NOSql OLAP). We show the advantages of NOSOLAP over ROLAP and MOLAP. We illustrate our NOSOLAP approach by converting to the logical model of Cassandra and give an example.

Paper Nr: 76
Title:

Safe Design Real-time Embedded Systems with Security Patterns

Authors:

Ahmed Ben Mansour, Mohamed Naija and Samir Ben Ahmed

Abstract: Security is a fundamental property in the modeling of real-time embedded systems. Unfortunately, integrating this property is a hard task for a designer due to their small background concerning this feature. Thankfully, the design pattern can provide a practical solution to integrate security through an abstraction mode. However, Nowadays the number of design pattern is increasing, for that reason, the selection of suitable pattern is a fundamental challenge for designers. In this context, we propose in this position paper an approach to integrating security pattern in the phase of modeling of real-time embedded systems. To solve the problem of selection pattern we propose in our approach to use the ontology-based solution, and thus, we propose some methods to guarantee the performance of the systems after integrating.

Paper Nr: 80
Title:

Evaluation and Comparison of Dynamic Call Graph Generators for JavaScript

Authors:

Zoltán Herczeg and Gábor Lóki

Abstract: JavaScript is the most popular programming language these days and it is also the core language of the node.js environment. Sharing code is a simple task in this environment and the shared code can be easily reused as building blocks to create new applications. This vibrant and ever growing environment is not perfect though. Due to the large amount of reused code, even simple applications can have a lot of indirect dependencies. Developers may not even be aware of the fact that some of these dependencies could contain malware, since harmful code can be hidden relatively easily due to the dynamic nature of JavaScript. Dynamic software analysis is one way of detecting suspicious activities. Call graphs can reveal the internal workings of an application and they have been used successfully for malware detection. In node.js, no tool has been available for directly generating JavaScript call graphs before. In this paper, we are going to introduce three tools that can be used to generate call graphs for further analysis. We show that call graphs contain a significant amount of engine-specific information but filters can be used to reduce such differences.

Paper Nr: 83
Title:

Integrating Users Logic Into Requirements Engineering for Connected Healthcare co-Design

Authors:

Sofia Ouhbi, Maria Karampela and Minna Isomursu

Abstract: The ongoing transformation in healthcare requires the creation of agile systems to meet the growing needs of patients. An approach to develop such systems requires the elicitation of end-users’ perspectives to software development life circle. The current requirements development process does not emphasis on the importance of end-users’ participation in the requirements elicitation phase. The present study proposes an approach utilizing Service-Dominant (S-D) logic framework to contribute to the co-design of connected health services. Value co-creation practices when combined with requirements engineering best practices can contribute towards the development of usable software for connected healthcare systems.

Paper Nr: 85
Title:

Identifying Logical Dependencies from Co-Changing Classes

Authors:

Adelina D. Stana and Ioana Şora

Abstract: Emerging software engineering approaches support the idea that logical dependencies should be included next to structural dependencies in general methods and tools for dependency management. However, logical dependencies are still hard to identify, as not all co-changes during the system evolution represent true logical dependencies. Our work identifies a set of factors that can be used to filter the recordings of class co-changes in order to find valid logical dependencies. In order to find the characteristics of logical dependencies, we analyze the quantitative relationships between the sets of logical and structural dependencies and their intersection and differences. We present results obtained through an experimental study on a set of 27 open source software projects written in Java and C# with their historical evolutions which sum up to over 70000 commit transactions. Identifying valid logical dependencies from co-changing classes will enhance dependency models used in various software analysis activities.

Paper Nr: 88
Title:

Software Development Process: An Action Grammars Perspective

Authors:

Diana Kirk

Abstract: Practitioners adapt development methodologies to suit local needs, for example, by combining agile and traditional elements. To support this, we need a deeper understanding of the underlying mechanisms behind the various software development approaches, with the aim of finding a perspective that is common to all. In the field of IT, it has been suggested that a change in perspective from ‘technology and people’ to ‘action’ might help address the disconnect between artifact- and people-centric approaches. In this position paper, we explore this idea for software development by considering a change in viewpoint from methodology to patterns of action. Actions are the core functions that are the building blocks for software development and are defined in a lexicon. Possible relationships between actions are depicted in a grammar and processes are modelled as action grammars. We represent some common development methodologies as action grammars and discuss insights gained. Our contributions are the exploration of a novel way of viewing the software process, some insights gained and the exposure of issues with popular terminology.

Paper Nr: 92
Title:

Using Developer-tool-Interactions to Expand Tracing Capabilities

Authors:

Dennis Ziegenhagen, Andreas Speck and Elke Pulvermüller

Abstract: Expanding current software traceability methodologies offers opportunities to significantly support development activities. State-of-the-art traceability frameworks use tracing data at specific points in time. This data includes information about development artefacts and their relations, which may be used for analysis, visualisation and similar purposes. In between those points in time, developers create, modify or delete requirements, diagrams, source code and other relevant artefacts. We propose to capture such artefact interactions in order to enrich the tracing data. By applying existing approaches in the field of developer-tool interaction analysis to the enriched data, we aim at supporting the developer’s work. In this paper, we present the overall approach, along with our development of a modular framework which may be used to capture the desired data from various tools, manage it and finally enable the execution of developer-interaction analyses.

Paper Nr: 102
Title:

Requirements Engineering for Global Systems: Cultural, Regulatory and Technical Aspects

Authors:

Maria Spichkova and Heinz Schmidt

Abstract: In this paper we present a formal framework for analysis and optimisation of the requirements specifications of systems developed to apply in several countries. As different countries typically have different regulations/laws as well as different cultural restrictions, the corresponding specific requirements might differ in each particular case. Our framework provides a basis for (1) systematic and formal analysis of the diversity and interdependencies within the sets of the requirements, to avoid non-compliance, contradictions and redundancies; (2) corresponding systematic process for change management in the case of global system development.

Paper Nr: 105
Title:

Categorical Classification of Factors Effecting Knowledge Management in Software Crowdsourcing: Hypothetical Framework

Authors:

Nasir Hussain

Abstract: Within Software Crowdsourcing, Knowledge Management has a great significance in both academia and industry as a valuable tool used to manage knowledge from the crowd. The aim of this research is to ascertain which success are and which are failure factors of Knowledge Management in Software Crowdsourcing. Literature review techniques and Quantitative Research techniques were applied in order to establish the success and failure factors. By utilizing the literature review method a total of twelve success factors were established of which seven is supported. Eight failure factures were established out of which six are supported. Subsequent to the analysis, a framework is presented in which the factors are further linked to the implementation of Knowledge Management in Software Crowdsourcing. This research and its suggested framework will also prove useful for academics to further gain a comprehensive view of Knowledge Management factors in Software Crowdsourcing for use in future studies.

Paper Nr: 9
Title:

Distributed Kanban with Limited Geographical Distance: Analyzing Lean Principles Pull, Work in Progress and Kaizen

Authors:

Raoul Vallon, Stefan Strobl, Martin Ras, Mario Bernhart and Thomas Grechenig

Abstract: Although the software development methodology Kanban, which refers and relates to the concepts and ideas of Lean Manufacturing originating in the Japanese automobile industry, was initially developed and used within distributed teams, correlating research is lacking, incomplete and relatively young as a field. This paper addresses the need for research in this field and investigates three specific aspects of Kanban in distributed teams: Pull System, Work In Progress Limit and the concept of Kaizen culture (continuous improvement) narrowed by the distribution, size and life cycle of the team. Our qualitative methodology is based on a case study where empirical data was collected through the use of semi-structured expert interviews. The evaluative strategy is qualitative content analysis. The results of this study show that challenges and complications result from the use of Kanban, but it is effective within distributed teams. The observed challenges are discussed in detail and we conclude with eight recommendations for practicing Kanban in a distributed team as well as indicators for future research directions.

Paper Nr: 11
Title:

Analytic Pattern and Tool for Analysis of a Gap of Changes in Enterprise Architectures

Authors:

Richard Dijkstra and Ella Roubtsova

Abstract: Change analysis of enterprise architectures is usually done by observing differences between two enterprise architectures, As-Is and To-Be. If the As-Is and To-Be have a lot of differences, it is problematic to manually create a correct view on changes. This paper proposes a revision of a definition of the Gap of Changes and defines it as a language independent analytic pattern suitable for using in tools. The paper describes a tool built on the basis of this definition. The change analysis without the tool and with the tool output has been tested in a workshop. The added value of the tool was acknowledged by the workshop participants.

Paper Nr: 20
Title:

Refactoring Misuse Case Diagrams using Model Transformation

Authors:

Mohamed El-Attar and Nidal Nasser

Abstract: Secure software engineering entails that security concerns needs to be considered from the early phases of development, as early as the requirements engineering phase. Misuse cases is a well-known security analysis and specifications techniques, based on the popular use case modeling technique, that takes place in the requirements engineering phase. Similar to use case modeling, misuse case modellers are prone to committing modeling mistakes and applying antipatterns. As a result, misuse case models need to be analysed to determine if they contain fallacious design decisions. Changes, known as refactoring, to the misuse case diagrams are then required to remedy any design issues and such changes which would normally be manually applied. However, manual application of such changes in misuse case models are prone to human error, further compounding the design issues in a given misuse case model. To this end, this paper presents a model transformation approach to systematically apply changes to misuse case models. A case study related to a book store is presented to illustrate the application and feasibility of the approach.

Paper Nr: 24
Title:

A Model-Driven Approach for Developing Responsive Web Apps

Authors:

João Seixas, André Ribeiro and Alberto Rodrigues da Silva

Abstract: Nowadays users have multiple devices to access a myriad of web and mobile applications. This has increased the importance of developing such applications in a responsive way, i.e. with the ability to seamlessly display their contents on multiple devices. This paper proposes the XIS-Web technology as a model-driven approach focused in the development of responsive web applications. XIS-Web technology includes two main parts: the XIS-Web modeling language, implemented as a UML profile; and the XIS-Web framework, which is a set of integrated software tools. XIS-Web stands out in four key aspects: supports the modeling of web applications around six viewpoints, which ultimately promotes the separation of concerns that is key to managing complexity; generates user-interface models from extended use-case models, relieving this cumbersome and time consuming task from the user; employs latest generation web technologies (such as HTML5, JavaScript, CSS) that allow the required flexibility of developing responsive web applications; and allows the creation of platform-independent models without requiring a significant learning curve. This paper also presents an evaluation conducted in a controlled environment with a group of independent users, and briefly introduces simple case studies.

Paper Nr: 28
Title:

An Experimental Evaluation of Design Space Exploration of Hardware/Software Interfaces

Authors:

Thomas Rathfux, Hermann Kaindl, Ralph Hoch and Franz Lukasch

Abstract: We observe ever increasing variability of hardware/software interfaces (HSIs), e.g., in automotive systems. Hence, there is a need for the reuse of already existing HSIs. In this regard, an important question is whether automated adaptation of an already existing HSI to one that fulfills the requirements on a new HSI is feasible in industrial practice. Ideally, the number of adaptation steps should be minimal, so that new hardware production can be avoided. In this paper, we address the problem of finding such an optimal solution for a given specific HSI and a set of formally specified requirements on a new HSI. We propose using design space exploration employing (heuristic) search with optimality guarantees. Hence, a meta-model of such HSIs has been created together with transformation rules. Based on all that, an experimental evaluation of this approach shows its feasibility for realistic HSIs.

Paper Nr: 33
Title:

A Systematic Strategy to Teaching of Exploratory Testing using Gamification

Authors:

Igor F. Costa and Sandro B. Oliveira

Abstract: The Exploratory Testing (ET) is a growing approach in the industrial scenario, mainly in reason of the emerging utilization of agile practices in the software development process to satisfy the time to market. However, it is a subject little discussed in the academic context, for this reason, this work aims to use elements of gamification as a systematic strategy in the teaching of ET to keep a strong engagement of the students and stimulate a good performance, with that, obtaining as results, trained students to use this test approach in the industrial and academic context.

Paper Nr: 48
Title:

Introducing B-Sequenced Petri Nets as a CPN Sub-class for Safe Train Control

Authors:

Zakaryae Boudi, Abderrahim Ait Wakrime, Simon Collart-Dutilleul and Mohamed Haloua

Abstract: Formalizing system specification has been highly valuable in demonstrating safety and consistence of safety critical systems. It is undoubtedly the case in railway signalling, especially the European Rail Traffic Management System/European Train Control System (ERTMS/ETCS). However, the complexity of the European standard specification, especially for its highest level, namely level 3, requires a significant overtake in early modelling approaches when it comes to clearly expressing system functionalities along with safety requirements, all towards a concrete safe design. In this regard, our research introduces a Colored Petri net (CPN) sub-class associated to an Event-B machine and annotated by mathematical sequences, which are ex-pressed in the B-language, all in the view of enriching the modelling techniques intended for system formal specification and verification. In this paper, we show through a detailed ERTMS L3 case study, how such featured CPNs fit in the progressive formalization and verification of Movement Authority (MA) computation.

Paper Nr: 57
Title:

Formal Approach to Dynamic SoS Design

Authors:

Hela Kadri, Simon Collart-Dutilleul, Philippe Bon and Samir Ben Ahmed

Abstract: This paper deals with the problem of System-of-Systems (SoS) modeling whose structure change due to the dynamics of its constituent systems as they are developed in different operating modes. Designed by using multi-model approach, each operating mode represents a process functioning of its system, depending on the resources to activate and requirements to enforce. Studied as a Discrete-Event System (DES), we propose a hierarchical framework for designing suitable switching control for dynamic SoS using the High Level Petri Nets (HLPN). Following a bottom up approach, we model each component first in a separate sheet and then the operating modes. Next, systems are designed by integrating a switching mechanism to commit to different operating modes when switching events occur. Finally, a mechanism for managing systems dependencies inside the SoS is proposed. Algorithms are provided to generate the different layers of HLPN permitting easy implementation of our framework and a flexible manufacturing SoS is used to illustrate our approach.

Paper Nr: 87
Title:

On the Evolutionary Relationship between Change Coupling and Fix-Inducing Changes

Authors:

Ali Z. Sadiq, Md. I. Mostafa and Kazi Sakib

Abstract: Change Coupling (CC) is the implicit relation formed between two or more changing software artifacts (e.g. source code). These artifacts are found to have design issues and code smells. Existing research has revealed the relationship between the change coupled relation of a class with the number of bugs in bug repositories. However, this ignored their true relation at the creation time of bugs or erroneous changes known as Fix-Inducing Changes (FIC). This paper tries to find the actual relationship between FIC and change coupled relations with respect to considering recent and all commits. This is done by traversing the entire history of a repository with a commit window of 100 commits and collecting data about FICs and metrics related to change coupling and object oriented system. It is found from the analysis that recent CC relations at the time of error are more correlated with new errors. Besides, it is found that explanatory power for predicting future erroneous change is more in recent CC relation than the one formed by considering all commits starting from the 1st commit.

Paper Nr: 89
Title:

A Software Tools Catalogue to Support the Statistical Process Control on the Software Context

Authors:

Aluízio P. Neto and Sandro B. Oliveira

Abstract: Statistical Process Control (SPC) is applied to the software context in process analysis and improvement in high level maturity organizations. There are some studies that talk about the SPC in the context of software, however, these do not yet describe in depth the approaches related to it. The main goal of this study is to present the results of a Systematic Review of Literature, aiming to identify the SPC-related approaches (in this work, approaches are understood as techniques, frameworks, methods and tools to support the implementation of a process), which were put together in the form of a catalog. In this study, only the tools that implement the SPC will be presented, describing its characteristics, example of use, availability and ownership. With this study researchers will obtain valuable information for the possible future application of these tools in their development contexts.

Paper Nr: 101
Title:

Towards Readability Aspects of Probabilistic Mode Automata

Authors:

Heinz Schmidt and Maria Spichkova

Abstract: This paper presents a new approach and design model targeting hybrid designer- and operator-defined performance budgets for timing and energy consumption. The approach is based on Petri Nets formalism. As the cognitive load is typically high while using formal methods, this increases the chances of mistakes. Our approach is focused on the readability aspects and aims to decrease the cognitive load of developers. We illustrate the proposed approach on example of a sample embedded multi-media system, a modern digital camera.

Paper Nr: 104
Title:

A New Model-based Framework for Testing Security of IoT Systems in Smart Cities using Attack Trees and Price Timed Automata

Authors:

Moez Krichen and Roobaea Alroobaea

Abstract: In this paper we propose a new model-based framework for testing security properties of Internet of Things in Smart Cities. In general a model-based approach consists in extracting test cases from a formal specification either of the system under test or the environment of the considered system in an automatic fashion. Our framework is mainly built on the use of two formalisms namely Attack Trees and Price Timed Automata. An attack tree allows to describe the strategy adopted by the malicious party which intends to violate the security of the considered IOT system. An attack tree is translated into a network of price timed automata. The product of the constructed price timed automata is then computed using the well known UPPAALL platform. The obtained timed automata product serves as input for the adopted test generation algorithm. Moreover our framework takes advantage of the use of the standardized specification and execution testing language TTCN-3. With this respect, the obtained abstract tests are translated into the TTCN-3 format. Finally we propose a cloud-oriented architecture in order to ensure test execution and to collect the generated verdicts.