Auflistung SE 2024 - Workshops nach Autor:in "Bonorden, Leif"
1 - 10 von 20
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragCase Study: Securing MMU-less Linux Using CHERI(SE 2024 - Companion, 2024) Almatary, Hesham; Mazzinghi, Alfredo; Watson, Robert N. M.MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (i. e. coarse-grained protection with fixed number of protected regions). We secure the existing MMU-less Linux version of the RISC-V port using CHERI. CHERI is a hardware-software capability-based system that extends the ISA, toolchain, programming languages, operating systems, and applications in order to provide complete pointer and memory safety. We believe that CHERI could provide significant security guarantees for high-end dynamic MMU-less embedded systems at lower costs, compared to MMUs and MPUs, by: 1) building the entire software stack in pure-capability CHERI C mode which provides complete spatial memory safety at the kernel and user-level, 2) isolating user programs as separate ELFs, each with its own CHERI-based capability table; this provides spatial memory safety similar to what the MMU offers (i. e. user programs cannot access each other’s memory), 3) isolating user programs from the kernel as the kernel has its own capability table from the users and vice versa, and 4) compartmentalising kernel modules using CompartOS’ linkage-based compartmentalisation. This offers a new security front that is not possible using the current MMU-based Linux, where vulnerable/malicious kernel modules (e. g. device drivers) executing in the kernel space would not compromise or take down the entire system. These are the four main contributions of this paper, presenting novel CHERI-based mechanisms to secure MMU-less embedded Linux.
- KonferenzbeitragCode Smell Detection using Features from Version History(SE 2024 - Companion, 2024) Engeln, UlrikeCode smells are indicators of bad quality in software. There exist several detection techniques for smells, which mainly base on static properties of the source code. Those detectors usually show weak performance in detection of context-sensitive smells since static properties hardly capture information about relations in the code. To address this information gap, we propose a strategy to extract information about interdependencies from version history. We use static and the new historical features to identify code smells by a random forest. Experiments show that the introduced historical features improve detection of code smells that focus on interdependencies.
- KonferenzbeitragCORE: Code Once, Run Everywhere. Engineering Serverless Workflow Applications with High-Level of Abstraction(SE 2024 - Companion, 2024) Larcher, ThomasTo keep the serverless functions lightweight, a significant portion of the computing is typically offloaded to already pre-trained AI-based Backend-as-a-Service (BaaS) cloud services, such as speech recognition. The recent rise of federated serverless computing offers cost and performance advantages for these BaaS-enabled serverless workflows by deploying them across different cloud providers. However, due to the lack of interoperability among cloud providers, many challenges remain to setup the BaaS-enabled serverless workflows in federated serverless infrastructures.
- KonferenzbeitragEnhancing DO-178C/DO-331 Based Process-Oriented Build Tool: Integration of System Composer and Automated PIL Simulation(SE 2024 - Companion, 2024) Panchal, Purav; Dmitriev, Konstantin; Myschik, StephanThe growing utilization of software in safety-critical systems can be attributed to advancing technology and substantial interest within aerospace and space industries. However, this increased reliance on software to enhance avionic system functionality raises crucial safety questions, emphasizing the need for compliance with standards like DO-178C/DO-331. To facilitate development, a process-oriented build tool was created in MATLAB/Simulink. This tool enhances development efficiency and ensures adherence to established processes, offering benefits like modular software management, systematic artifact handling with traceability, seamless integration with various verification tools, automated model and code verification, and a well-defined design environment. Recently, two new advancements have been made to the tool, integration of System Composer for developing software architecture and automated processor-in-the-loop (PIL) verification using Trace32. This paper presents these new developments along with examples.
- KonferenzbeitragEnhancing System-model Quality: Evaluation of the MontiBelle Approach with the Avionics Case Study on a Data Link Uplink Feed System(SE 2024 - Companion, 2024) Kausch, Hendrik; Pfeiffer, Mathias; Raco, Deni; Rumpe, Bernhard; Schweiger, AndreasSoftware quality is often related directly to the quality of the models used throughout the development phases. Assuring model quality can thus be an important aspect for assuring the quality of the final product. Measuring model quality is done via different quality indicators. In this article, we investigate the influence of our holistic systems engineering methodology on model quality. An avionics case study was previously conducted using our methodology. The developed SysML v2 model artifacts are evaluated in this paper regarding internal and external model quality, as well as model notation quality. In total, the positive impact on 26 model quality indicators from our previous work is argued. These indicators are divided into intra-model (single artifact) quality indicators and inter-model (across model artifact) quality indicators. The inter-model quality indicators are further classified into indicators for models at the same granularity level (horizontal) and across several granularity levels (vertical). Multiple quality indicators are positively affected by the modeling language’s capabilities and the underlying mathematical semantics. Other indicators depend on methodological guidelines that steer the engineering process. The evaluation of model-quality properties leads towards maturing a holistic systems engineering methodology that facilitates high model quality and thus indicates high product quality.
- KonferenzbeitragHyLiMo: A Textual DSL and Hybrid Editor for Efficient Modular Diagramming(SE 2024 - Companion, 2024) Krieger, NiklasDiagramming with precise layouting for scientific publications and technical documentations is time-consuming and cumbersome. Therefore, this work briefly presents HyLiMo, a tool for blended graphical and textual diagramming including live-synchronizing. This allows diagrammers to define diagrams textually and then adjust the layout graphically. An evaluation via two case studies confirmed the tool’s practicality in creating class diagrams with precise layouts. However, feedback suggests several features for future work.
- KonferenzbeitragLarge Language Models for Engineering Web Applications(SE 2024 - Companion, 2024) Kimmel, RobinThis work examines the potential of blending traditional programming methods with artificial intelligence, specifically large language models (LLMs), to automate the creation of web applications. The primary focus is on defining the necessary software architecture and components to transform diverse inputs, such as natural language and Unified Modeling Language (UML) notations, into functional web applications. The core concept involves a software agent built around a Large Language Model, equipped with tools to autonomously address tasks. While demonstrating promise, this approach exhibits certain limitations that demand further exploration and refinement.
- KonferenzbeitragMessage from the SE’24 Workshop Chairs(SE 2024 - Companion, 2024) Dhungana, Deepak; Lambers, LeenPreface of the SE’24 Workshop Proceedings
- KonferenzbeitragMessage from the SRC Chairs(SE 2024 - Companion, 2024) Bonorden, Leif; Henning, SörenThe Software Engineering 2024 conference (SE’24) features a Student Research Competition. This volume includes summaries of the nominated student works.
- KonferenzbeitragMode Management in Contract-Based Design(SE 2024 - Companion, 2024) Kröger, Janis; Fränzle, MartinNowadays, safety-critical systems are structured into several operating modes due to their various functionality. To evade inconsistent states in the specification and design, it is essential that these modes and their mode transitions are well defined. This entails a significant effort. This paper proposes an approach to coordinate mode changes between different components using a mode manager. Natural language patterns are designed to reduce the complexity of specifying mode changes. An example system ACC is used to illustrate the concept and patterns.