scholarly journals CyberSPL: A Framework for the Verification of Cybersecurity Policy Compliance of System Configurations Using Software Product Lines

2019 ◽  
Vol 9 (24) ◽  
pp. 5364 ◽  
Author(s):  
Ángel Jesús Varela-Vaca  ◽  
Rafael M. Gasca ◽  
Rafael Ceballos ◽  
María Teresa Gómez-López ◽  
Pedro Bernáldez Torres
Keyword(s):  
Automated Analysis ◽  
Software Product Lines ◽  
Product Line ◽  
Feature Models ◽  
Product Lines ◽  
Software Products ◽  
Wide Range ◽  
Proposal A ◽  
Software Product ◽  
Real Scenario

Cybersecurity attacks affect the compliance of cybersecurity policies of the organisations. Such disadvantages may be due to the absence of security configurations or the use of default configuration values of software products and systems. The complexity in the configuration of products and systems is a known challenge in the software industry since it includes a wide range of parameters to be taken into account. In other contexts, the configuration problems are solved using Software Product Lines. This is the reason why in this article the framework Cybersecurity Software Product Line (CyberSPL) is proposed. CyberSPL is based on a methodology to design product lines to verify cybersecurity policies according to the possible configurations. The patterns to configure the systems related to the cybersecurity aspects are grouped by defining various feature models. The automated analysis of these models allows us to diagnose possible problems in the security configurations, reducing or avoiding them. As support for this proposal, a multi-user and multi-platform solution has been implemented, enabling setting a catalogue of public or private feature models. Moreover, analysis and reasoning mechanisms have been integrated to obtain all the configurations of a model, to detect if a configuration is valid or not, including the root cause of problems for a given configuration. For validating the proposal, a real scenario is proposed where a catalogue of four different feature models is presented. In this scenario, the models have been analysed, different configurations have been validated, and several configurations with problems have been diagnosed.

Addressing Non-Functional Properties in Feature Models: A Goal-Oriented Approach

2014 ◽  
Vol 24 (10) ◽  
pp. 1439-1487 ◽  
Author(s):  
Mehdi Noorian ◽  
Mohsen Asadi ◽  
Ebrahim Bagheri ◽  
Weichang Du
Keyword(s):  
Functional Properties ◽  
Product Line ◽  
Feature Model ◽  
Software Systems ◽  
Feature Models ◽  
Target Domain ◽  
Product Lines ◽  
Software Products ◽  
Software Product ◽  
Goal Models

Software Product Line (SPL) engineering is a systematic reuse-based software development approach which is founded on the idea of building software products using a set of core assets rather than developing individual software systems from scratch. Feature models are among the widely used artefacts for SPL development that mostly capture functional and operational variability of a system. Researchers have argued that connecting intentional variability models such as goal models with feature variability models in a target domain can enrich feature models with valuable quality and non-functional information. Interrelating goal models and feature models has already been proposed in the literature for capturing non-functional properties in software product lines; however, this manual integration process is cumbersome and tedious. In this paper, we propose a (semi) automated approach that systematically integrates feature models and goal models through standard ontologies. Our proposed approach connects feature model and goal model elements through measuring the semantic similarity of their annotated ontological concepts. Our work not only provides the means to systematically interrelate feature models and goal models but also allows domain engineers to identify and model the role and significance of non-functional properties in the domain represented by the feature model.

scholarly journals Uma Linguagem de Modelagem de Domínio Específico para Linhas de Produto de Software Dinâmicas

2020 ◽  
Author(s):  
Helberth Borelli ◽  
Sérgio Teixeira de Carvalho
Keyword(s):  
Adaptive Systems ◽  
Development Time ◽  
Software Product Lines ◽  
Feature Models ◽  
Service Model ◽  
Product Lines ◽  
Software Products ◽  
Domain Specific ◽  
Software Product ◽  
Dynamic Software

Software Product Lines can be briefly defined as a family of productsthat share some commonalities. The feature models approach isused to represent the commonalities and variabilities among products.One possible way for the construction of these models is theuse of meta-models. However, the management of these features,traditionally performed at development time, is not sufficient forthe development of Adaptive Systems. One solution to this type ofdevelopment is the approach of Dynamic Software Product Lineswhich has as one of its aims to promote features input and outputat runtime allowing the product to be adapted after changes incontexts. This article proposes a Domain Specific Modelling Languagethat aims at modeling Dynamic Software Product Lines. Thislanguage describes dynamic adaptations promoted at runtime andthrough the use of the state machine approach. Such adaptations,based on state machines, must promote state features changes orfeatures exchanges at runtime, enabling these software products tomanage derivations in its life cycle. Our proposal was implementedwith the use of a Healthcare scenario and its development wasbased on the concept of the component service model.

scholarly journals Fragment-oriented programming: a framework to design and implement software product line domain components

DYNA ◽  
2018 ◽  
Vol 85 (207) ◽  
pp. 74-83 ◽  
Author(s):  
Daniel Correa ◽  
Raúl Mazo ◽  
Gloria Lucia Giraldo Goméz
Keyword(s):  
Software Product Line ◽  
Preliminary Evidence ◽  
Product Line ◽  
Software Systems ◽  
Software Components ◽  
Product Lines ◽  
Reusable Software ◽  
Software Products ◽  
Manual Intervention ◽  
Software Product

Software product lines facilitate the industrialization of software development. The main goal is to create a set of reusable software components for the rapid production of a software systems family. Many authors have proposed different approaches to design and implement the components of a product line. However, the construction and integration of these components continue to be a complex and time-consuming process. This paper introduces Fragment-oriented programming (FragOP), a framework to design and implement software product line domain components, and derive software products. FragOP is based on: (i) domain components, (ii) fragmentations points and (iii)fragments. FragOP was implemented in the VariaMos tool and using it we created a clothing stores software product line. We derivedfive different products, integrating automatically thousands of lines of code. On average, only three lines of code were manually modified;which provided preliminary evidence that using FragOP reduces manual intervention when integrating domain components.

scholarly journals Feature Model Configuration Based on Two-Layer Modelling in Software Product Lines

2019 ◽  
Vol 9 (4) ◽  
pp. 2648
Author(s):  
Elham Darmanaki Farahani ◽  
Jafar Habibi
Keyword(s):  
Product Line ◽  
Feature Model ◽  
Functional Requirements ◽  
Product Lines ◽  
Software Products ◽  
Model Configuration ◽  
Software Product ◽  
Software And Hardware ◽  
Application Requirements

The aim of the Software Product Line (SPL) approach is to improve the software development process by producing software products that match the stakeholders’ requirements. One of the important topics in SPLs is the feature model (FM) configuration process. The purpose of configuration here is to select and remove specific features from the FM in order to produce the required software product. At the same time, detection of differences between application’s requirements and the available capabilities of the implementation platform is a major concern of application requirements engineering. It is possible that the implementation of the selected features of FM needs certain software and hardware infrastructures such as database, operating system and hardware that cannot be made available by stakeholders. We address the FM configuration problem by proposing a method, which employs a two-layer FM comprising the application and infrastructure layers. We also show this method in the context of a case study in the SPL of a sample E-Shop website. The results demonstrate that this method can support both functional and non-functional requirements and can solve the problems arising from lack of attention to implementation requirements in SPL FM selection phase.

A Security Requirements Engineering Tool for Domain Engineering in Software Product Lines

2011 ◽  
pp. 73-92
Author(s):  
Jesús Rodríguez ◽  
Eduardo Fernández-Medina ◽  
Mario Piattini ◽  
Daniel Mellado
Keyword(s):  
Requirements Engineering ◽  
Software Product Lines ◽  
Product Line ◽  
Security Requirements ◽  
Engineering Process ◽  
Product Lines ◽  
Requirements Engineering Process ◽  
Security Requirements Engineering ◽  
Software Product ◽  
Automated Support

The concepts of Service-Oriented Architectures and Software Product Lines are currently being paid a considerable amount of attention, both in research and in practice. Both disciplines promise to make the development of flexible, cost-effective software systems possible and to support high levels of reuse, and may sometimes be complementary to each other. In both paradigms, security is a critical issue, although most of the existing product line practices do not comprise all the security requirements engineering activities or provide automated support through which to perform these activities, despite the fact that it is widely accepted that the application of any requirements engineering process or methodology is much more difficult without a CARE (Computer-Aided Requirements Engineering) tool, since it must be performed manually. Therefore, this chapter shall present a tool denominated as SREPPLineTool, which provides automated support through which to facilitate the application of the security quality requirements engineering process for software product lines, SREPPLine. SREPPLineTool simplifies the management of security requirements in product lines by providing us with a guided, systematic and intuitive manner in which to deal with them from the early stages of product line development, thus simplifying the management and the visualization of artefact variability and traceability links and the integration of security standards, along with the management of the security reference model proposed by SREPPLine.

scholarly journals A LITERATURE REVIEW ON FEATURE DIAGRAM PRODUCT COUNTING AND ITS USAGE IN SOFTWARE PRODUCT LINE ECONOMIC MODELS

2013 ◽  
Vol 23 (08) ◽  
pp. 1177-1204 ◽  
Author(s):  
RUBEN HERADIO ◽  
DAVID FERNANDEZ-AMOROS ◽  
JOSE A. CERRADA ◽  
ISMAEL ABAD
Keyword(s):  
Cost Savings ◽  
Economic Models ◽  
Automated Analysis ◽  
Software Product Line ◽  
Product Line ◽  
Product Lines ◽  
Software Product ◽  
Feature Diagram ◽  
The Cost ◽  
Line Engineering

In software product line engineering, feature diagrams are a popular means to represent the similarities and differences within a family of related systems. In addition, feature diagrams implicitly model valuable information that can be used in economic models to estimate the cost savings of a product line. In particular, this paper reviews existing proposals on computing the total number of products modeled with a feature diagram and, given a feature, the number of products that implement it. This paper also reviews the economic information that can be estimated when such numbers are known. Thus, this paper contributes by bringing together previously-disparate streams of work: the automated analysis of feature diagrams and economic models for product lines.

Study on Manufacturing Materials with an Aspect-Oriented Modeling Method for Embedded Software Product Lines

2013 ◽  
Vol 771 ◽  
pp. 183-186
Author(s):  
Hua Xiao Liu ◽  
Bing Li ◽  
Ying Jin ◽  
Xue Hang Chi
Keyword(s):  
Software Product Lines ◽  
Embedded Software ◽  
Software Product Line ◽  
Modeling Method ◽  
Product Line ◽  
Reference Architecture ◽  
Product Lines ◽  
Software Product ◽  
Line Technology ◽  
Aspect Oriented Modeling

For different Manufacturing Materials, various embedded software is often needed to use to configure and implement different functions during the processing of production. In order to improve the reusability of embedded software, this paper combines the software product line technology to present a software product line reference architecture OVM_AO model, gives a detail modeling of the modify code part, meanwhile, gives the rule of transform the model to AOP model, improves the efficiency of the software automate equipped with material.

scholarly journals Resolving Code Smells in Software Product Line using Refactoring and Reverse Engineering

2020 ◽  
Author(s):  
Sami Ouali
Keyword(s):  
Reverse Engineering ◽  
Source Code ◽  
Software Product Line ◽  
Product Line ◽  
Production Costs ◽  
Code Smells ◽  
Product Lines ◽  
Software Products ◽  
Software Product ◽  
External Behavior

Software Product Lines (SPL) are recognized as a successful approach to reuse in software development. Its purpose is to reduce production costs. This approach allows products to be different with respect of particular characteristics and constraints in order to cover different markets. Software Product Line engineering is the production process in product lines. It exploits the commonalities between software products, but also to preserve the ability to vary the functionality between these products. Sometimes, an inappropriate implementation of SPL during this process can conduct to code smells or code anomalies. Code smells are considered as problems in source code which can have an impact on the quality of the derived products of an SPL. The same problem can be present in many derived products from an SPL due to reuse. A possible solution to this problem can be the refactoring which can improve the internal structure of source code without altering external behavior. This paper proposes an approach for building SPL from source code. Its purpose is to reduce code smells in the obtained SPL using refactoring source code. Another part of the approach consists on obtained SPL’s design based on reverse engineering.

Sign in / Sign up

Export Citation Format

Share Document