Explore the vast range of titles available.

\"Software product lines provide a systematic means of managing variability in a suite of products. They have many benefits but there are three major barriers that can prevent them from reaching their full potential. First, there is the challenge of scale: a large number of variants may exist in a product line context and the number of interrelationships and dependencies can rise exponentially. Second, variations tend to be systemic by nature in that they affect the whole architecture of the software product line. Third, software product lines often serve different business contexts, each with its own intricacies and complexities. The AMPLE (http://www.ample-project.net/) approach tackles these three challenges by combining advances in aspect-oriented software development and model-driven engineering. The full suite of methods and tools that constitute this approach are discussed in detail in this edited volume and illustrated using three real-world industrial case studies\"-- Provided by publisher.

Engineering secure systems is an error-prone process, where any decision margin potentially favors critical implementation faults. To this end, formal security models serve as an abstract basis for verifying security properties. Unfortunately, the potential for human error in engineering and analyzing such models is still considerable.This work seeks to mitigate this problem. We identified semantic gaps between security requirements, informal security policies, and security models as a major source of error. Our goal is then based on this observation: to support error-minimizing design decisions by bridging such gaps. Due to the broad range of security-critical application domains, no single modeling framework may achieve this. We therefore adopt the idea of aspect-oriented software development to tailor the formal part of a security engineering process towards security requirements of the system.Our method, termed aspect-oriented security engineering, is based on the idea of keeping each step in this process well-defined, small, and monotonic in terms of the degree of formalism. Our practical results focus on two use cases: first, model engineering for operating systems and middleware security policies; second, model analysis of runtime properties related to potential privilege escalation. We eventually combine both use cases to present a model-based reengineering approach for the access control system of Security-Enhanced Linux (SELinux).

Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

This report examines Pittsburgh Public Schools' implementation and outcomes of the Pittsburgh Principal Incentive Program from school years 2007-2008 through 2010-2011, how principals and other school staff have responded to the reforms, and what outcomes accompanied program implementation.

Learn how to successfully implement trustworthy computing tasks using aspect-oriented programming This landmark publication fills a gap in the literature by not only describing the basic concepts of trustworthy computing (TWC) and aspect-oriented programming (AOP), but also exploring their critical interrelationships. The author clearly demonstrates how typical TWC tasks such as security checks, in-and-out conditions, and multi-threaded safety can be implemented using AOP. Following an introduction, the book covers: Trustworthy computing, software engineering, and computer science Aspect-oriented programming and Aspect.NET Principles and case studies that apply AOP to TWC Coverage includes Aspect.NET, the AOP framework developed by the author for the Microsoft.NET platform, currently used in seventeen countries. The author discusses the basics of Aspect.NET architecture, its advantages compared to other AOP tools, and its functionality. The book has extensive practical examples and case studies of trustworthy software design and code using the Aspect.NET framework. In addition, the book explores other software technologies and tools for using AOP for trustworthy software development, including Java and AspectJ. This book also includes a valuable chapter dedicated to ERATO, the author's teaching method employed in this book, which has enabled thousands of students to quickly grasp and apply complex concepts in computing and software engineering, while the final chapter presents an overall perspective on the current state of AOP and TWC with a view toward the future. Software engineers, architects, developers, programmers, and students should all turn to this book to learn this tested and proven method to create more secure, private, and reliable computing.

Aspect oriented programming (AOP) is a new programming model that provides new concepts to handle cross-cutting concerns about code. The idea of introducing AOP in the internet of things (IoT) is inherited from the complexity of sensor operations involving data acquisition, processing, and communication, the need to support multiple simultaneous services for users particularly security services such as authentication, authorization, data traceability, and transaction management, and the challenges posed by the IoT deployments, the treatment of these data volumes lead to problematic code redundancy and cross-cutting concerns that compromise system maintainability. In this context, AOP enables the separation of core functionalities, data management, and cross-cutting concerns, allowing them to be developed and reused independently within the same codebase. To address these issues, this paper proposes an AOP model for IoT systems based on the Petri net representations. The model strategically integrates the core AOP advantages of modularity, reusability, and extensibility, microservices based architectural decomposition and specialized handling of sensor-specific requirements in IoT environments.

Aspect oriented programming aims at addressing the problem of the crosscutting concerns, i.e., those functionalities that are scattered among several modules in a given system. Aspects can be defined to modularize such concerns. In this work, we focus on a specific kind of crosscutting concerns, the scattered implementation of methods declared by interfaces that do not belong to the principal decomposition. We call such interfaces aspectizable. All the aspectizable interfaces identified within a large number of classes from the Java Standard Library and from three Java applications have been automatically migrated to aspects. To assess the effects of the migration on the internal and external quality attributes of these systems, we collected a set of metrics and we conducted an empirical study, in which some maintenance tasks were executed on the two alternative versions (with and without aspects) of the same system. In this paper, we report the results of such a comparison.

Aspect-oriented-programming is a relatively new technique that has evolved on top of the already well-established approach of object-oriented programming. When it is used correctly, it promises to remove many redundant parts of a code that appear repeatedly in an application, essentially untangling the original code. Thus, it can lead to a cleaner, more separated software design, to greater modularity and maintainability. Time-savings in software engineering can also be huge cost-savings, and anything that increases software quality is a welcome sight in an industry that in parts, still suffers from a bad reputation concerning the quality of its products. But, used in the wrong way or with insufficient knowledge, aspect-oriented programming can result in the opposite. Unintended side effects may introduce new bugs into an application, and therefore, it may be just one of the many negative consequences. In any case, there is a huge lack of empirical research on the subject, and in software engineering in general. Due to that fact, the question arises in how far hard facts can be drawn. This book deals with part of that problem by evaluating the aspect-oriented approach in a carefully designed and controlled experiment. On the basis of different tasks that were solved by participants of this study, the aspect-oriented approach (represented by AspectJ) is compared with a plain object-oriented approach (represented by Java). The book starts with an introduction to the topic, and further, it provides on the one hand, the survey's motivation and on the other hand, some background information. A short chapter on aspect-oriented programming and empirical research may help readers who are unfamiliar with any of the subjects. Then, the survey itself is described in detail, i.e. its design, its implementation, and its evaluation, followed by a thorough discussion of the results. And the answer to the question 'Can aspect-orientated programming keep its promise in productivity?' is given. Biographische Informationen Sebastian Kleinschmager is a software engineer from Germany who has a special interest in creating a scientific foundation for his field. During his studies in applied computer science (Bachelor's degree), and business information systems (Master), he focused his research on conducting empirical experiments to evaluate programming techniques. Apart from his academic research, he specializes in software development where he uses the .NET Framework and the newest web technologies, and where he stands a chance to put theory into practice.

We present an efficient and expressive tool for the instrumentation of Java programs at the bytecode level. BISM (Bytecode-Level Instrumentation for Software Monitoring) is a lightweight Java bytecode instrumentation tool that features an expressive high-level control-flow-aware instrumentation language. The instrumentation language is inspired by the aspect-oriented programming paradigm in modularizing instrumentation into separate transformers that encapsulate joinpoint selection and advice inlining, that is, the selection of points of interest in the execution and the execution of additional code at these points, respectively. BISM allows capturing joinpoints ranging from bytecode instructions to methods execution and provides comprehensive static and dynamic context information. It runs in two instrumentation modes: build-time and load-time. BISM also provides a mechanism to compose transformers and automatically detect when they interfere on the base program. Transformers in a composition can control the visibility of their advice and other instructions from the base program. We show several example applications for BISM and demonstrate its effectiveness using three experiments: a security scenario, a financial transaction system, and a general runtime verification case. The results show that (i) BISM instrumentation incurs low runtime and memory overheads, and (ii) the code produced by BISM performs better than the one produced by existing Java instrumentation tools.