ICSM 2004 Tutorials

ICSM 2004 Tutorials

Tutorial I

Management of Maintenance and Evolution

Ned Chapin, InfoSci Inc., USA

This tutorial s main objective is to provide to persons attending, a basis for more successful management of software change in organizations. Secondary objectives are to share experience based and research based knowledge relevant to managing software maintenance and evolution, and to facilitate personal networking among the attenders about managing software maintenance and evolution. The tutorial attenders are the tutorial s customers; it is their expressed needs that this tutorial aims to serve.

The target audience is persons with supervisory or management roles (part time or full time) in relation to software maintenance or software evolution, from lead programmer/ analyst to manager of maintenance to CIO/CTO. Additional audiences are persons preparing themselves for supervisory or management roles in relation to software maintenance or evolution, and students and researchers interested in issues and successful practices in managing software maintenance and/or software evolution.

What the attenders say they want to focus on, relevant to the tutorial subject, will be the focus of this tutorial. To integrate the discussion and provide context and perspective, the presenter will draw from such topics as:

Tutorial II

Meta-programming in XVCL for Enhanced Changeability

Stan Jarzabek, National University of Singapore, Singapore

Some problems related to maintainability are difficult to address using conventional programming techniques. In this tutorial, I will focus on two such problems, namely redundancies and poor visibility of changes in programs. I will demonstrate a practical way to ease these problems, with meta-programming technique of XVCL, applied on top of traditional programs.

XVCL (XML-based Variant Configuration Language) is a meta-programming language, method and tool for managing software changes during evolution and reuse. XVCL is an open source software http://fxvcl.sourceforge.net developed at the National University of Singapore. XVCL facilitates change - speeds up the modification process and performs changes in a reliable manner. It automates routine tasks, allowing us to entirely focus on essential new problems that require our creativity. XVCL opens an extra window to enhance changeability in program areas that cause us a problem. We may target at architecture-level changes (such as configuring components and their interfaces), detailed changes in components code, or even changes in program documentation. XVCL allows us to streamline the whole chain of modifications triggered by different sources of change, propagating change to all the affected software artifacts.

To motivate the audience, I will start the tutorial by presenting empirical data showing situations when it becomes difficult to create maintainable program solutions using conventional programming techniques. I will introduce the concepts of XVCL in a sequence of easy to follow examples. The core of the tutorial will be based on case studies. I will discuss experiences from projects in domains of program libraries and Facility Reservation Systems. Case studies based on these projects will focus on enhancing maintainability by applying a meta-programming technique of XVCL. Finally, I will show how the meta-programming technique of XVCL can be integrated into existing programming paradigm and software development processes. Keywords: software maintenance, software design, visibility of change, software redundancies, metaprogramming.

Tutorial III

Program Transformation Systems: Theory and Practice for Software Generation, Maintenance and Reengineering

Hongjun Zheng and Ira Baxter, Semantic Designs, Inc., USA

As software demands grow, so does the need for tools to aid software engineers in designing, building and maintaining software systems. Software maintenance costs dominate software engineering costs, partly because most such engineering is done manually. Program transformation systems are semantically sound tools that modify programs (implement specifications, reverse engineer, change/modify/maintain code). These tools work by applying a knowledge base of software modification components called transformations that capture software system implementation knowledge. The transformations mechanically reuse domain engineering products to provide domain-specific automated analysis, modification, and generation of software, therefore enhancing productivity and quality over conventional methods.

Program transformation systems can capture software system implementation knowledge, as well as mechanically reuse domain-engineering products to provide domain-specific program generation. Because they provide automation, they can carry out massive changes to large-scale legacy systems that would be impractical by hand, such as Y2K remediation, system porting, refactoring, etc. The implementation knowledge available to a transformation system is key to carrying out reverse engineering, by explaining how code can implement proposed abstractions. Lastly, from the proper perspective, these systems can unify specification, design, and maintenance lifecycle phases.

An understanding of transformation system theory and technology can provide a deep understanding of how code generation, modification, and reuse of code and other software engineering artifacts can work. This tutorial provides a complete overview of transformation systems, from theory to implementation to application. The tutorial progresses from introductory to intermediate, all the necessary background will be provided, so attendees need only have basic software engineering knowledge and motivating experience modifying software.

Tutorial IV

Developing Software for Safety Critical Systems: When Failure is not an Option

Norman Schneidewind, Naval Postgraduate School, USA

Historically, Software Reliability Engineering (SRE) has been defined as the quantitative study of the operational behavior of software-based systems with respect to user requirements concerning reliability. This definition can be modified to include intrusion prevention and detection as follows:
  1. software reliability measurement, which includes estimation and prediction, with the help of software reliability models established in the literature for intrusion prevention and detection;
  2. the attributes and metrics of product design, development process, system architecture, software operational environment, and their implications on reliability for intrusion prevention and detection; and
  3. the application of this knowledge in specifying and guiding system software architecture, development, testing, acquisition, use, and maintenance for intrusion prevention and detection.

This tutorial provides a paradigm and recommended policies for preventing, mitigating, and repairing the effects of computer system intrusion. Int rusions in the form of worms, viruses, and denial of service have become prevalent on the Internet. Therefore it behooves user organizations to give first priority to preventive actions. In addition, it is important to have a strategy for emergency repair of intrusion actions. This tutorial makes the connection between traditional software reliability concepts and computer and network intrusion.

Page Last Updated:26h August 2004