Specifying and Monitoring Non-functional Properties.
Technische Universität, Darmstadt
[Ph.D. Thesis], (2011)
Available under Creative Commons Attribution Non-commercial No Derivatives, 2.5.
Download (1MB) | Preview
|Item Type:||Ph.D. Thesis|
|Title:||Specifying and Monitoring Non-functional Properties|
This thesis focuses on the implementation and the control of non-functional safety properties during system execution. More concretely, it describes the development process of such properties, starting with the formal specification, the verification, and the runtime enforcement of the specified properties to avoid any undesired behavior.
This thesis starts by studying and classifying the approaches on the specification and runtime verification of non-functional safety properties. When examining these approaches, the following observations are made. First, the non-functional properties are generally ignored in the early phases of the software development process. They are often addressed after the functional part is implemented, which has negative effects on the quality of the code. The approaches that use UML for modeling these properties cannot verify the absence of contradictions between the specified properties. In addition, UML lacks means to express various types of non-functional properties, such as temporal properties. Second, runtime verification approaches monitor the execution of the application at runtime and detect violations of the specified properties. However, just detecting the violation is not sufficient for critical applications. These approaches should enforce these properties and avoid the misbehavior of the system by skipping the execution of undesired events. Third, in current approaches the code for enforcing non-functional properties is mostly not encapsulated in separated modules. The implementation cuts across the functional application code. This lack of modularity leads to serious problems related to the quality of code and the possibility of changing those properties.
The thesis shows a generic and holistic approach, called Seven-pro that combines formal methods and aspect-oriented programming for specifying and runtime enforcing non-functional safety properties. Seven-pro covers the whole development process of non-functional properties and avoids the gap between the specification and the implementation by automatically generating aspects from a high-level specification. The generated aspects will be integrated, in a modular way, in the functional application code for enforcing the formally specified properties at runtime.
In addition, this thesis shows how Seven-pro covers different types of non-functional properties in distributed applications. This approach is applied to structural, qualitative and quantitative behavioral non-functional properties. This thesis presents three applications for the supported types of properties.
In the context of structural properties, Seven-pro is applied for specifying and enforcing architectural properties of distributed object-oriented applications that are characterized by dynamic software architectures. Seven-pro uses a combination of Z notation and Petri nets to specify (a) the architectural styles with their architectural invariants, (b) the reconfiguration operations with their pre- and post-conditions, and (c) the coordination protocols describing the execution order of the reconfiguration operations. A verification step is performed to verify the consistency of the specification and the preservation of the architectural style after a reconfiguration of the architecture. After that, the Z and Petri nets specifications are automatically translated to AspectJ aspects to verify – before each reconfiguration operation – that all related architectural properties are satisfied.
In the context of qualitative behavioral properties, Seven-pro is applied for specifying and enforcing static and dynamic separation of duties and different types and characteristics of delegation policies on top of role-based access control. In the specification phase, TemporalZ, a combination of Z notation and linear temporal logic, is used for formally specifying the supported policies. In the verification phase, the absence of contradictions between the specified policies is verified. In the implementation phase, the aspect language Alpha is extended with a new library for supporting the specified properties. In addition, TemporalZ specifications are automatically translated to Alpha aspects to control the access permissions according to the specified policies.
In the context of quantitative behavioral properties, Seven-pro is applied for specifying and enforcing temporal properties in Web service compositions. To support both relative and absolute timed properties, a new formal language called XTUS-Automata is proposed which extends timed automata with the constructs of the XTUS language. After formally verifying the absence of deadlocks in timed automata specifications and verifying other properties related to the XTUS language, the XTUS-Automata specifications are automatically translated to AO4BPEL aspects.
|Place of Publication:||Darmstadt|
|Classification DDC:||000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik|
|Divisions:||20 Department of Computer Science > Software Technology|
|Date Deposited:||20 Jul 2011 11:05|
|Last Modified:||07 Dec 2012 12:00|
|Referees:||Mezini, Prof. Mira and Jmaiel, Prof. Mohamed and Südholt, Prof. Mario|
|Refereed:||11 July 2011|