Auflistung nach Autor:in "Bonorden, Leif"
1 - 10 von 26
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragAPI Deprecation: A Systematic Mapping Study(Software Engineering 2023, 2023) Bonorden, Leif; Riebisch, MatthiasThis extended abstract is based on a study published at the 48th Euromicro Conference on Software Engineering and Advanced Applications (SEAA 2022). [BR22a] We conducted a systematic mapping study on API deprecation including 36 primary studies. Our analysis highlights five major gaps in research: studying remote APIs, investigating a broader range of static APIs, joining views of suppliers and clients, including humans in studies, and designing with deprecation in mind.
- KonferenzbeitragCase Study: Securing MMU-less Linux Using CHERI(SE 2024 - Companion, 2024) Almatary, Hesham; Mazzinghi, Alfredo; Watson, Robert N. M.MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (i. e. coarse-grained protection with fixed number of protected regions). We secure the existing MMU-less Linux version of the RISC-V port using CHERI. CHERI is a hardware-software capability-based system that extends the ISA, toolchain, programming languages, operating systems, and applications in order to provide complete pointer and memory safety. We believe that CHERI could provide significant security guarantees for high-end dynamic MMU-less embedded systems at lower costs, compared to MMUs and MPUs, by: 1) building the entire software stack in pure-capability CHERI C mode which provides complete spatial memory safety at the kernel and user-level, 2) isolating user programs as separate ELFs, each with its own CHERI-based capability table; this provides spatial memory safety similar to what the MMU offers (i. e. user programs cannot access each other’s memory), 3) isolating user programs from the kernel as the kernel has its own capability table from the users and vice versa, and 4) compartmentalising kernel modules using CompartOS’ linkage-based compartmentalisation. This offers a new security front that is not possible using the current MMU-based Linux, where vulnerable/malicious kernel modules (e. g. device drivers) executing in the kernel space would not compromise or take down the entire system. These are the four main contributions of this paper, presenting novel CHERI-based mechanisms to secure MMU-less embedded Linux.
- KonferenzbeitragCode Smell Detection using Features from Version History(SE 2024 - Companion, 2024) Engeln, UlrikeCode smells are indicators of bad quality in software. There exist several detection techniques for smells, which mainly base on static properties of the source code. Those detectors usually show weak performance in detection of context-sensitive smells since static properties hardly capture information about relations in the code. To address this information gap, we propose a strategy to extract information about interdependencies from version history. We use static and the new historical features to identify code smells by a random forest. Experiments show that the introduced historical features improve detection of code smells that focus on interdependencies.
- KonferenzbeitragCORE: Code Once, Run Everywhere. Engineering Serverless Workflow Applications with High-Level of Abstraction(SE 2024 - Companion, 2024) Larcher, ThomasTo keep the serverless functions lightweight, a significant portion of the computing is typically offloaded to already pre-trained AI-based Backend-as-a-Service (BaaS) cloud services, such as speech recognition. The recent rise of federated serverless computing offers cost and performance advantages for these BaaS-enabled serverless workflows by deploying them across different cloud providers. However, due to the lack of interoperability among cloud providers, many challenges remain to setup the BaaS-enabled serverless workflows in federated serverless infrastructures.
- KonferenzbeitragDecision-Making About Federated Digital Twins – How to Distribute Information Storage and Computing(Modellierung 2022, 2022) Bonorden, Leif; Frerichs, Marc; Riebisch, Matthias; von Riegen, Stephanie; Hartke, Florian; Herzog, Rainer; Hotz, Lothar; Jürgensen, Dennis; Kiele-Dunsche, Markus; Schottler, Seeko; Schroeder, RafaelDigital Twins are commonly used as virtual representations of physical objects in manufacturing industries. Information for Digital Twins may be collected from multiple sources and stored in a distributed manner, leading to a Federated Digital Twin. Since decisions about such a federation are crucial for the system and its architecture, they should be guided by reliable and well-evaluated methods. However, current research is focused on distributed data sources but is missing decisions about the distribution of the digital twin itself. We present an approach to partition Federated Digital Twins by classifying information types, computing resources, and concerns of data suppliers. Furthermore, we show how decisions are made based on the Decision Model and Notation standard and evaluate the approach using an industrial case study.
- KonferenzbeitragEnhancing DO-178C/DO-331 Based Process-Oriented Build Tool: Integration of System Composer and Automated PIL Simulation(SE 2024 - Companion, 2024) Panchal, Purav; Dmitriev, Konstantin; Myschik, StephanThe growing utilization of software in safety-critical systems can be attributed to advancing technology and substantial interest within aerospace and space industries. However, this increased reliance on software to enhance avionic system functionality raises crucial safety questions, emphasizing the need for compliance with standards like DO-178C/DO-331. To facilitate development, a process-oriented build tool was created in MATLAB/Simulink. This tool enhances development efficiency and ensures adherence to established processes, offering benefits like modular software management, systematic artifact handling with traceability, seamless integration with various verification tools, automated model and code verification, and a well-defined design environment. Recently, two new advancements have been made to the tool, integration of System Composer for developing software architecture and automated processor-in-the-loop (PIL) verification using Trace32. This paper presents these new developments along with examples.
- KonferenzbeitragEnhancing System-model Quality: Evaluation of the MontiBelle Approach with the Avionics Case Study on a Data Link Uplink Feed System(SE 2024 - Companion, 2024) Kausch, Hendrik; Pfeiffer, Mathias; Raco, Deni; Rumpe, Bernhard; Schweiger, AndreasSoftware quality is often related directly to the quality of the models used throughout the development phases. Assuring model quality can thus be an important aspect for assuring the quality of the final product. Measuring model quality is done via different quality indicators. In this article, we investigate the influence of our holistic systems engineering methodology on model quality. An avionics case study was previously conducted using our methodology. The developed SysML v2 model artifacts are evaluated in this paper regarding internal and external model quality, as well as model notation quality. In total, the positive impact on 26 model quality indicators from our previous work is argued. These indicators are divided into intra-model (single artifact) quality indicators and inter-model (across model artifact) quality indicators. The inter-model quality indicators are further classified into indicators for models at the same granularity level (horizontal) and across several granularity levels (vertical). Multiple quality indicators are positively affected by the modeling language’s capabilities and the underlying mathematical semantics. Other indicators depend on methodological guidelines that steer the engineering process. The evaluation of model-quality properties leads towards maturing a holistic systems engineering methodology that facilitates high model quality and thus indicates high product quality.
- KonferenzbeitragHyLiMo: A Textual DSL and Hybrid Editor for Efficient Modular Diagramming(SE 2024 - Companion, 2024) Krieger, NiklasDiagramming with precise layouting for scientific publications and technical documentations is time-consuming and cumbersome. Therefore, this work briefly presents HyLiMo, a tool for blended graphical and textual diagramming including live-synchronizing. This allows diagrammers to define diagrams textually and then adjust the layout graphically. An evaluation via two case studies confirmed the tool’s practicality in creating class diagrams with precise layouts. However, feedback suggests several features for future work.
- KonferenzbeitragImproving API Design Skills with the API Design FestRöll, Achim; Bonorden, LeifAPIs should be stable and demand a careful evolution, which requires a good initial design. Such API design skills usually come from experience, but the API Design Fest intends to compress such experience into a dense course. While the original training event was intended for practitioners, we are interested in the applicability in software engineering education. Thus, we conducted a slightly adopted API Design Fest with students and report on initial insights. While we find the overall event and its API design activities suitable, we recommend extended preparation on breaking changes for future API Design Fests with students.
- KonferenzbeitragInterfaces in Modular Software Systems: Some Research Questions(Softwaretechnik-Trends Band 39, Heft 2, 2019) Bonorden, LeifModularity of software systems is well-known and supported by various theories. Interfaces and interactions between such software modules are differently seen and treated from different points of view. This article briefly surveys semi-formal models, formal specifications and technical implementations, and introduces corresponding research questions regarding the compatibility of these perspectives with each other and their role in the software development process.
- «
- 1 (current)
- 2
- 3
- »