Three-dimensional networks-on-chip (3D NoC) are rising as a good approach to well managed complex interconnections in 3D multi-processor system-on-chip (MPSoC). This paper introduces a new router in order to enhance throughput and latency compared to classic 3D mesh NoC. The proposed router is hierarchical as it is composed of two completely decoupled modules: one for inter-layer communication and one for intra-layer communication. It is fully implemented in asynchronous logic to allow low latency transfer.

Synthesis and extrapolation results show that the hierarchical router is competitive with the classic 3D mesh in terms of area and power. Throughput and latency evaluation is performed using a SystemC-TLM NoC simulator. Simulations' results show that the proposed hierarchical router can outperform the 3D mesh by more than 25% in terms of throughput and latency in the case of transpose traffic. Copyright © 2012 John Wiley & Sons, Ltd.

Safety-critical systems are used in many domains (military, avionics, aerospace, etc.) and handle critical data in hostile environments. To prevent data access by unauthorized subjects, they must protect and isolate information so that only allowed entities can read or write information. However, because of their increased number of functionalities, safety-critical systems design becomes more complex; this increases difficulties in the design and the verification of security functions and potential error in their implementation. The multiple independent levels of security (MILS) approach introduces rules and guidelines for the design of secure systems. It isolates data according to their security levels, reducing system complexity to ease development. However, there is no approach addressing the whole development of MILS systems from high-level specification (application components with their security levels) to the final implementation (code that executes application functions and provide security mechanisms). This paper presents a complete development approach for the design, verification and implementation of MILS architectures. It aims at providing a complete framework to build secure applications based on MILS guidelines. We describe security concerns using a modeling language, verify security requirements and automatically implement the system code generation techniques and a MILS-compliant operating system that provides security functions. Copyright © 2012 John Wiley & Sons, Ltd.

Cloud computing is an emerging technology where information technology resources are provisioned to users in a set of a unified computing resources on a pay per use basis. The resources are dynamically chosen to satisfy a user service level agreement and a required level of performance. A cloud is seen as a computing platform for heavy load applications. Conjugate gradient (CG) method is an iterative linear solver that is used by many scientific and engineering applications to solve a linear system of algebraic equations. CG generates a heavy load of computation, and therefore, it slows the performance of the applications using it. Distributing CG is considered as a way to increase its performance. However, running a distributed CG, based on a standard API, such as Message Passing Interface, in a cloud face many challenges, such as the cloud processing and networking capabilities. In this work, we present an in-depth analysis of the CG algorithm and its complexity to develop adequate distributed algorithms. The implementation of these algorithms and their evaluation in our cloud environment reveal the gains and losses achieved by distributing the CG. The performance results show that despite the complexity of the CG processing and communication, a speedup gain of at least 1157.7 is obtained using 128 cores compared with National Aeronautics and Space Administration Advanced Supercomputing sequential execution. Given the emergence of clouds, the results in this paper analyzes performance issues when a generic public cloud, along with a standard development library, such as Message Passing Interface, is used for high-performance applications, without the need of some specialized hardware and software. Copyright © 2012 John Wiley & Sons, Ltd.

Memory access violations are a leading source of unreliability in C programs. As evidence of this problem, a variety of methods exist that retrofit C with software checks to detect memory errors at runtime. However, these methods generally suffer from one or more drawbacks including the inability to detect all errors, the use of incompatible metadata, the need for manual code modifications, and high runtime overheads. This paper presents a compiler analysis and transformation for ensuring the memory safety of C called MemSafe. MemSafe makes several novel contributions that improve upon previous work and lower the cost of safety. These include (i) a method for modeling temporal errors as spatial errors, (ii) a metadata representation that combines features of both object-based and pointer-based approaches, and (iii) a dataflow representation that simplifies optimizations for removing unneeded checks. MemSafe is capable of detecting real errors with lower overheads than previous efforts. Experimental results show that MemSafe detects all memory errors in six programs with known violations as well as two large and widely used open source applications. Finally, MemSafe ensures complete safety with an average overhead of 88% on 30 programs commonly used for evaluating the performance of error detection tools. Copyright © 2012 John Wiley & Sons, Ltd.

The development of software-based systems for vehicles in compliance with the new standard ISO 26262 – functional safety for road vehicles – requires a common understanding between the two domains. In this paper, we consider the impact of the ISO 26262 to the concept phase of the vehicle development, especially the model-based development of electric/electronic architectures. To found a formal basis for the electric/electronic architecture modeling, located in the development process and addressed by ISO 26262, we introduce a meta-model, combining the major concepts and relations of electric/electronic architectures and ISO 26262. Safety analysis can be supported by data available in the electric/electronic architecture model. In this paper, we present a methodology to facilitate and accumulate context-based information from electric/electronic architecture models to use them as input information for safety analysis. We also demonstrate how to perform the safety analysis method, that is, failure mode and effect analysis, based on the same architecture description language as the electric/electronic architecture model and also within the same modeling tool. We also present a methodology for the modeling and consideration of safety aspects and requirements crossing different system perimeters. This facilitates the consistent description and analysis of systems of systems, such as contemporary vehicles. Copyright © 2012 John Wiley & Sons, Ltd.

Traditionally, virtualization has been adopted by enterprise industry to make better use of the general purpose processors (single and multicore) besides improving the utilization of existing computational resources, especially in data centers. Until recently, its use in embedded systems (ESs) seemed to be a distant, unnecessary, and unfeasible reality. However, with the rise of each more powerful multiprocessed ESs, typically implemented as multiprocessor system-on-chip, virtualization has become a very promising technique to achieve and improve functionalities in future multiprocessor system-on-chips. One of the main advantages of virtualizing ESs is to improve the software design quality because legacy software can be reused along with newer applications. Also, we have the classic use cases, such as allowing several operating systems (OSs) to work in the same physical resource, simultaneously. Still, we can provide more secure ESs by splitting the system into user application OS and security certified OS, for instance. Moreover, depending on the way that embedded virtualization is employed, it may be even possible to reduce manufacturing costs and energy consumption levels. However, it is well understood that although ESs deal with increasingly more powerful solutions, they are still far more restricted than general purpose computers, especially in terms of area, memory size, and power consumption. In this article, we provide an extensive analysis of what is being currently offered as embedded virtualization solution, the pros and cons, besides presenting an innovative proposal regarding virtualization for restricted embedded architectures and its possible advantages. Copyright © 2012 John Wiley & Sons, Ltd.

Software should be correct and robust. This paper suggests that we need forthright words for the failure of not being robust—heedless and heedlessness—and of recursively creating software (such as a compiler or virtual machine) that itself does not support dependable software development. Heedless programming is common, particularly affecting ‘trivial’ operations such as on numbers, and extends deep into programming language design and into the use of computers more widely, thus making robust, dependable applications of all sorts unnecessarily problematic. The paper defines the problem and presents a call to action to start addressing the problems identified. Copyright © 2012 John Wiley & Sons, Ltd.

OSGi was designed with embedded systems in mind, its current support is insufficient for coping with one main characteristic of many embedded systems: real-time performance. This article analyzes different key issues in providing OSGi with real-time Java performance covering motivational issues, and different integration ways and challenges stemming from the integration. It also contributes a general framework for introducing real-time performance in OSGi, which is called the real-time for OSGi framework. The framework uses real-time Java virtual machines and the real-time specification for Java. The adoption of this framework allows cyber-physical systems to experience real-time Java performance in their applications. The framework introduces several integration levels for OSGi and real-time specification for Java, and specific real-time OSGi services. An empirical implementation was carried out using standard software, which was extended with the new defined services. Copyright © 2012 John Wiley & Sons, Ltd.

This paper is concerned with the correct specification and validation of quality attribute requirements (QARs) that crosscut through a diverse set of complex system functions. These requirements act as modifiers of system level functional requirements and thus have substantial influence on the eventual architectural selection. Because system designers traditionally address these requirements one quality attribute at a time, the process frequently results in QARs that contain subtle conflicting behaviors. This paper presents an approach to QAR-induced behavior validation and conflict detection via execution-based model checking early in the software development process. It explores the concept of conflicts between requirements with temporal and sequencing behaviors and presents an automated approach for discovering such conflicts. Published 2012. This article is a US Government work and is in the public domain in the USA.

Software security issues have been a major concern in the cyberspace community, so a great deal of research on security testing has been performed, and various security testing techniques have been developed. Threat modeling provides a systematic way to identify threats that might compromise security, and it has been a well-accepted practice by the industry, but test case generation from threat models has not been addressed yet. Thus, in this paper, we propose a threat model-based security testing approach that automatically generates security test sequences from threat trees and transforms them into executable tests. The security testing approach we consider consists of three activities in large: building threat models with threat trees; generating security test sequences from threat trees; and creating executable test cases by considering valid and invalid inputs. To support our approach, we implemented security test generation techniques, and we also conducted an empirical study to assess the effectiveness of our approach. The results of our study show that our threat tree-based approach is effective in exposing vulnerabilities. Copyright © 2012 John Wiley & Sons, Ltd.

Producing electronic rather than paper documents has considerable benefits such as easier organizing and data management. Therefore, existence of automatic writing assistance tools such as spell and grammar checker/correctors can increase the quality of electronic texts by removing noise and correcting the erroneous sentences. Different kinds of errors in a text can be categorized into spelling, grammatical and real-word errors. In this article, we present a language-independent approach based on a statistical machine translation framework to develop a proofreading tool, which detects grammatical errors as well as context-sensitive spelling mistakes (real-word errors). A hybrid model for grammar checking is suggested by combining the mentioned approach with an existing rule-based grammar checker. Experimental results on both English and Persian languages indicate that the proposed statistical method and the rule-based grammar checker are complementary in detecting and correcting syntactic errors. The results of the hybrid grammar checker, applied to some English texts, show an improvement of about 24% with respect to the recall metric with almost similar value for precision. Experiments on real-world data set show that state-of-the-art results are achieved for grammar checking and context-sensitive spell checking for Persian language.Copyright © 2012 John Wiley & Sons, Ltd.

We introduce a new Syntax-based Security Testing framework that uses a protocol specification to perform security testing on text-based communication protocols. A protocol specification of a particular text-based protocol under test represents its syntactic grammar and static constraints. The specification is used to generate test cases by mutating valid messages, breaking the syntax and constraints of the protocol. The framework is demonstrated using a toy web application and the open source application KOrganizer.Copyright © 2012 John Wiley & Sons, Ltd.

In component-based development, software systems are built by assembling components already developed and prepared for integration. To estimate the quality of components, complexity, reusability, dependability, and maintainability are the key aspects. The quality of an individual component influences the quality of the overall system. Therefore, there is a strong need to select the best quality component, both from functional and nonfunctional aspects. The present paper produces a critical analysis of metrics for various quality aspects for components and component-based systems. These aspects include four main quality factors: complexity, dependency, reusability, and maintainability. A systematic study is applied to find as much literature as possible. A total of 49 papers were found suitable after a defined search criteria. The analysis provided in this paper has a different objective as we focused on efficiency and practical ability of the proposed approach in the selected papers. The various key attributes from these two are defined. Each paper is evaluated based on the various key parameters viz. metrics definition, implementation technique, validation, usability, data source, comparative analysis, practicability, and extendibility. The paper critically examines various quality aspects and their metrics for component-based systems. In some papers, authors have also compared the results with other techniques. For characteristics like complexity and dependency, most of the proposed metrics are analytical. Soft computing and evolutionary approaches are either not being used or much less explored so far for these aspects, which may be the future concern for the researchers. In addition, hybrid approaches like neuro-fuzzy, neuro-genetic, etc., may also be examined for evaluation of these aspects. However, to conclude that one particular technique is better than others may not be appropriate. It may be true for one characteristic by considering different set of inputs and dataset but may not be true for the same with different inputs. The intension in the proposed work is to give a score for each metric proposed by the researchers based on the selected parameters, but certainly not to criticize any research contribution by authors. Copyright © 2012 John Wiley & Sons, Ltd.

Application-specific instruction set processors have proven successful in meeting the various design constraints of modern embedded systems and often provide the only viable trade-off between computing power and opposing metrics such as power consumption. A promising approach to facilitate the exploration of processor design alternatives are processor description languages, which capture the instruction set and hardware organization of a processor. With the use of those processor models, various design tasks, for example, the adaption of software development tools, the generation of hardware models, and various verification tasks, can be automatized. These languages thus allow effective shortening of development turnaround times. In this work, the novel xADL language is presented, which, in contrast to most contemporary processor description languages, focuses on a structural modeling of the processor's hardware organization. However, a behavioral model of the instruction set is automatically derived using instruction set extraction. This provides a tight coupling between the structural hardware view and the instruction set view of the processor and reduces the complexity of processor models in comparison with existing languages. The feasibility of our approach is demonstrated by a compiler backend generator based on tree pattern matching. An important property of our generator is its ability to automatically verify whether the resulting compiler is complete, that is, it can process all possible input programs. The generated compilers are competitive to handcrafted production compilers, showing speedups of up to 20% for certain benchmarks. On average, moderate slowdowns between 3% and 15% have been observed for several processor models while considerable reductions in code size have been measured. Copyright © 2012 John Wiley & Sons, Ltd.

Bug-finding tools rely on specifications of what is correct or incorrect code. As it is difficult for a tool developer or user to anticipate all possible specifications, strategies for inferring specifications have been proposed. These strategies obtain probable specifications by observing common characteristics of code or execution traces, typically focusing on sequences of function calls. To counter the observed high rate of false positives, heuristics have been proposed for ranking or pruning the results. These heuristics, however, can result in false negatives, especially for rarely used functions. In this paper, we propose an alternate approach to specification inference, in which the user guides the inference process using patterns of code that reflect the user's understanding of the conventions and design of the targeted software project. We focus on specifications describing the correct usage of API functions, which we refer to as API protocols. Our approach builds on the Coccinelle program matching and transformation tool, which allows a user to construct patterns that reflect the structure of the code to be matched. We evaluate our approach on the source code of the Linux kernel, which defines a very large number of API functions with varying properties. Linux is also critical software, implying that fixing even bugs involving rarely used protocols is essential. In our experiments, we use our approach to find over 3000 potential API protocols, with an estimated false positive rate of under 15% and use these protocols to find over 360 bugs in the use of API functions. Copyright © 2012 John Wiley & Sons, Ltd.

The emergence of model-driven software development brings new opportunities and challenges for rapid prototyping. On the one hand, the modeling process is inherently abstract, removing the prototyper from details, and letting him or her focus on exploring design alternatives for various aspects of the system. On the other hand, the most popular modeling languages and tools entirely omit the modeling and generating of user interfaces. As a result, the benefit of user interface prototypes as a medium for interaction with the user and customer is lost. This paper presents a model-oriented technology called Umple that can be used for prototyping and also supporting model driven engineering. Umple allows end users to quickly create class and state machine models and to incrementally embed implementation artifacts. At any point in the modeling process, users can quickly generate a fully functional prototype that exposes modeling implications on the user interface, and allows stakeholders to get a feel of how the full system will behave. Copyright © 2011 John Wiley & Sons, Ltd.

Many-core platforms, providing large numbers of parallel execution resources, emerge as a response to the increasing computation needs of embedded applications. A major challenge raised by this trend is the efficient mapping of applications on parallel resources. This is a nontrivial problem because of the number of parameters to be considered for characterizing both the applications and the underlying platform architectures. Recently, several authors have proposed to use multi-objective evolutionary algorithm to solve this problem within the context of mapping applications on network-on-chips. However, these proposals have several limitations: (1) only few metaheuristics are explored (mainly Nondominated Sorting Genetic Algorithm II and Strength Pareto Evolutionary Algorithm 2), (2) only few objective functions are provided, and (3) they only deal with a small number of the application and architecture constraints. In this paper, we propose a new framework that avoids all of the problems cited previously. Our framework is implemented on top of the jMetal framework, which offers an extensible environment. Our framework allows designers to (1) explore several new metaheuristics, (2) easily add a new objective function (or to use an existing one), and (3) take into account any number of architecture and application constraints. The paper also presents experiments illustrating how our framework is applied to the problem of mapping streaming applications on an NoC-based many-core platform. Our results show that several new metaheuristics outperform the classical multi-objective metaheuristics such as Nondominated Sorting Genetic Algorithm II and Strength Pareto Evolutionary Algorithm 2. Moreover, a parallel multi-objective evolutionary algorithm is implemented in our framework in order to increase the explored space of solutions by simultaneously running several metaheuristics. Copyright © 2011 John Wiley & Sons, Ltd.

Modern software often uses ontologies as its key component to store data and their relationships. This is different from using an ontology as a stand-alone tool for knowledge sharing and representation. The ontology component needs to work with other software components and needs to evolve as the software evolves. Ontology design has been a research topic for years; however, most of these studies focus on using ontologies as stand-alone applications. This paper studies ontology patterns that can be applied to design ontologies as an integral part of a service-oriented application. The paper first briefly reviews various ontology design issues including a brief survey of existing ontology design patterns. The paper then outlines general principles for using ontologies in software applications, including the needs to incorporate ontology design process as a part of software development processes, design ontologies as a component of an overall software architecture, and use ontologies to enhance software evolution and the role that ontologies can play in software validation. The paper then proposes some common ontology patterns that can be used to design ontologies in service-oriented applications. This is followed by examining two international projects, SENSEI and FCINT, where ontologies are used in service-oriented applications and several ontology design patterns are used. Copyright © 2011 John Wiley & Sons, Ltd.

It is an established trend that CPU development takes advantage of Moore's Law to improve in parallelism much more than in scalar execution speed. This results in higher hardware thread counts (MIMD) and improved vector units (SIMD), of which the MIMD developments have received the focus of library research and development in recent years. To make use of the latest hardware improvements, SIMD must receive a stronger focus of API research and development because the computational power can no longer be neglected and often auto-vectorizing compilers cannot generate the necessary SIMD code, as will be shown in this paper. Nowadays, the SIMD capabilities are sufficiently significant to warrant vectorization of algorithms requiring more conditional execution than was originally expected for Streaming SIMD Extension to handle. The Vc library (http://compeng.uni-frankfurt.de/?vc) was designed to support developers in the creation of portable vectorized code. Its capabilities and performance have been thoroughly tested. Vc provides portability of the source code, allowing full utilization of the hardware's SIMD capabilities, without introducing any overhead. Copyright © 2011 John Wiley & Sons, Ltd.

This paper describes key aspects of remote service invocation in federations of OSGi containers. It refers to the OSGi Remote Service Admin specification and describes its efficient implementation over message-oriented middleware. Scalability problems of several different approaches to implementation are identified, and a solution in a form of innovative Remote Service Admin model extension is proposed. The extension, named On-demand Remote Service Admin, is analyzed and validated in the context of a motivating scenario. Validation includes performance and scalability evaluation, which confirms that all assumed requirements have been satisfied by the constructed prototype. Finally, the presented research is compared with related works. Copyright © 2011 John Wiley & Sons, Ltd.

The complexity of modern embedded systems increases as they incorporate new concerns such as distribution and mobility. These new features need to be considered as early as possible in the software development life cycle. Model driven engineering promotes an intensive use of models and is now widely seen as a solution to master the development of complex systems such as embedded ones. Component-based software engineering is another major trend that gains acceptance in the embedded world because of its properties such as reuse, modularity, and flexibility.

This article proposes the Flex-eWare component model (FCM) for designing and implementing modern embedded systems. The FCM unifies model driven engineering and component-based software engineering and has been evaluated in several application domains with different requirements: wireless sensor networks, distributed client/server applications, and control systems for electrical devices. This approach highlights a new concept: flexibility points that arise at several stages of the development process, that is, in the model (design phase), in the execution platform, and during the execution itself. This flexibility points are captured with model libraries that can extend the FCM. Copyright © 2011 John Wiley & Sons, Ltd.

A vast number of software fault localization techniques have been proposed recently with the growing realization that manual debugging is time-consuming, tedious, and error-prone, and fault localization is one of the most expensive debugging activities. Although some techniques perform better than others on a large number of data sets, they do not do so on all data sets and therefore, the actual quality of fault localization can vary considerably by using just one technique. This paper proposes the use of a consensus-based strategy that combines the results of multiple fault localization techniques to consistently provide high quality performance, irrespective of data set. Empirical evidence based on case studies conducted on six sets of programs (seven programs of the Siemens suite, and the gzip, grep, make, space, and Ant programs) and three different fault localization techniques (Tarantula, Ochiai, and H3) suggests that the consensus-based strategy holds merit and generally provides close to the best, if not the best, results. Empirically, we show that this is true of both single-fault and multifault programs. Additionally, the consensus-based strategy makes use of techniques that all operate on the same set of input data, minimizing the overhead. It is also simple to include or exclude techniques from consensus, making it an easily extensible or tractable strategy. Copyright © 2011 John Wiley & Sons, Ltd.

A privacy enhancing technology (PET) is an application or a mechanism that allows users to protect the privacy of their personally identifiable information. Early PETs were about enabling anonymous mailing and anonymous browsing, but lately, there have been active research and development efforts in many other problem domains. This paper describes the first pattern language for developing PETs. Currently, it contains 12 patterns. These privacy patterns are not limited to a specific problem domain; they can be applied to design anonymity systems for various types of online communication, online data sharing, location monitoring, voting, and electronic cash management. The pattern language guides a developer when he or she is designing a PET for an existing problem or innovating a solution for a new problem. Copyright © 2011 John Wiley & Sons, Ltd.

There are many software pattern catalogs that exist in the published literature today, but none of them uses a consistent classification technique that results in evolving and extensible pattern catalog. We have created a new classification scheme and used it as the basis for constructing a software pattern catalog. It is a uniform approach for creating, maintaining, and expanding the catalog. We present a brief overview of the classification scheme, describe the resulting catalog and the principles underlying its construction, show how to use the catalog, and demonstrate some of its benefits for software designers. Copyright © 2011 John Wiley & Sons, Ltd.

This work presents an extensive case study on the model-based design of a commercial-grade stream processing middleware (IBM's InfoSphere Streams) its runtime and language (SPL) compiler. The model-based underpinnings are pervasive throughout the whole environment, from describing inter-process communication interfaces and objects to the design of the extensibility mechanism in the runtime and language. In addition to many software engineering advantages such as consistent, uniform, and self-documented integration among the different parts of the system, we show intrinsic performance benefits to the platform derived from this design approach. First, we demonstrate how an incremental compilation strategy employed by the SPL compiler and rooted on the model description of the application, extracted by the compiler as part of the application building process, leads to better compile-time performance. Second, we discuss how the model-based code generation strategy employed by the SPL compiler also leads to increased runtime performance, by specializing the generated code to particular characteristics of the runtime environment. Finally, we show how the extensibility strategy used in the SPL language leads to automatic syntactic and semantic checks at compile time, while enabling behavioral reasoning and specific optimizations at runtime. Copyright © 2011 John Wiley & Sons, Ltd.

Many researchers employ various statistical methods to locate faults in faulty programs. Like other researchers, we sometimes have made mistakes in the quest of making statistical fault localization both practical and scientific. In this experience report, we reflect on our work conducted on this topic, organize our isolated experiences in the format of models and errors, and cast them in the context of statistics. Copyright © 2011 John Wiley & Sons, Ltd.

Design patterns codify proven solutions to recurring design problems. Their proper use within a development context requires that: (i) we understand them; (ii) we ascertain their applicability or relevance to the design problem at hand; and (iii) we apply them faithfully to the problem at hand. We argue that an explicit representation of the design problem solved by a design pattern is key to supporting the three tasks in an integrated fashion. We propose a model-driven representation of design patterns consisting of triples < MP, MS, T > where MP is a model of the problem solved by the pattern, MS is a model of the solution proposed by the pattern, and T is a model transformation of an instance of the problem into an instance of the solution. Given an object-oriented design model, we look for model fragments that match MP (call them instances of MP), and when one is found, we apply the transformation T yielding an instance of MS. Easier said than done. Experimentation with an Eclipse Modeling Framework-based implementation of our approach applied to a number of open-source software application's raised fundamental questions about: (i) the nature of design patterns in general, and the ones that lend themselves to our approach, and (ii) our understanding and codification of seemingly simple design patterns. In this paper, we present the principles behind our approach, report on the results of applying the approach to the Gang of Four (GoF) design patterns, and discuss the representability of design problems solved by these patterns. Copyright © 2011 John Wiley & Sons, Ltd.

XQuery is a recommendation by the World Wide Web Consortium as a standard XML query language. In addition to being a special-purpose query language, XQuery has also features that support unexpected applications such as problem solving. We demonstrate and discuss these features by presenting several XQuery programs for solving recreational problems and puzzles. Copyright © 2011 John Wiley & Sons, Ltd.

Automatic test data generation is a very popular domain in the field of search-based software engineering. Traditionally, the main goal has been to maximize coverage. However, other objectives can be defined, such as the oracle cost, which is the cost of executing the entire test suite and the cost of checking the system behavior. Indeed, in very large software systems, the cost spent to test the system can be an issue, and then it makes sense by considering two conflicting objectives: maximizing the coverage and minimizing the oracle cost. This is what we did in this paper. We mainly compared two approaches to deal with the multi-objective test data generation problem: a direct multi-objective approach and a combination of a mono-objective algorithm together with multi-objective test case selection optimization. Concretely, in this work, we used four state-of-the-art multi-objective algorithms and two mono-objective evolutionary algorithms followed by a multi-objective test case selection based on Pareto efficiency. The experimental analysis compares these techniques on two different benchmarks. The first one is composed of 800 Java programs created through a program generator. The second benchmark is composed of 13 real programs extracted from the literature. In the direct multi-objective approach, the results indicate that the oracle cost can be properly optimized; however, the full branch coverage of the system poses a great challenge. Regarding the mono-objective algorithms, although they need a second phase of test case selection for reducing the oracle cost, they are very effective in maximizing the branch coverage. Copyright © 2011 John Wiley & Sons, Ltd.

Nowadays, process-aware information systems (PAISs) are widely used for the management of ‘administrative’ processes characterized by clear and well-defined structures. Besides those scenarios, PAISs can be used also in mobile and pervasive scenarios, where process participants can be only equipped with smart devices, such as personal digital assistants. None of existing PAISs can be entirely deployed on smart devices, making unfeasible its usage in highly mobile scenarios. This paper presents ROME4EU, a mobile PAIS developed for being applied to the coordination of emergency operators, and an extensive validation of the system, both in term of performances and usability/acceptability by the users. Copyright © 2011 John Wiley & Sons, Ltd.

Architectural patterns are often applied in combination with related patterns within software architectures. The relationships among architectural patterns must be considered when applying a combination of patterns into a system; for example the way the Model-View-Controller uses the Observer pattern to implement the change propagation mechanism needs to be carefully designed. However, effective integration of architectural patterns within software architectures remains a challenging task. This is because the integration of any two architectural patterns can take several forms. Furthermore, existing pattern languages define generic and abstract relationships between architectural patterns without going into detail about associations among the participants of architectural patterns. In this paper, we propose to address the pattern integration issue by discovering and defining a set of pattern participants relationships that serve the purpose of effectively integrating architectural patterns. Our findings are validated through a controlled experiment, which provides significant evidence that the proposed relationships support inexperienced designers in integrating patterns. Copyright © 2011 John Wiley & Sons, Ltd.

Stock trading is one of the key items in an economy and estimating its behavior and taking the best decision in it are among the most challenging issues. Solutions based on intelligent agent systems are proposed to cope with those challenges. Agents in a multiagent system (MAS) can share a common goal or they can pursue their own interests. That nature of MASs exactly fits the requirements of a free market economy. Although existing studies include noteworthy proposals on agent-based market simulation and researchers discuss theoretical design issues of agent-based stock exchange systems, unfortunately only a very few of the studies consider exact development and implementation of multiagent stock trading systems within the software engineering perspective and guides to the software engineers for constructing such software systems starting from scratch. To fill this gap, in this paper, we discuss the development of a multiagent-based stock trading system by taking into consideration software design according to a well-defined agent oriented software engineering methodology and implementation with a widely-used MAS software development framework. Each participant in the system is first designed as belief–desire–intention agents with their facts, goals, and plans, and then belief–desire–intention reasoning and behavioral structure of the designed agents are implemented. Lessons learned during design and development within the software engineering perspective and evaluation of the implemented multiagent stock exchange system are also reported. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud computing has increasingly become a new model in the world of computing, and more businesses are moving to the cloud. As a cost-effective and time-efficient way to develop new applications and services, service aggregation in cloud computing empowers all service providers and consumers and creates tremendous opportunities in various industry sectors. However, it also poses various challenges to the privacy of personal information as well as the confidentiality of business and governmental information. The full benefits of service aggregation in cloud computing would only be enjoyed if the privacy concerns are addressed properly. In this paper, we investigate the privacy issues in service aggregation in a cloudenvironment and propose a privacy preserving protocol that is suitable for this environment. To demonstrate the security of our system, we construct a security game called IND-P3SAC-CPA and prove the security of the protocol accordingly. Our protocol has a distinct property that allows any service provider to obtain only the queried data under its conspiracy with the cloud. Additionally, the efficiency and various extensions are also discussed. Copyright © 2011 John Wiley & Sons, Ltd.

This paper presents an evaluation of the impact of the so-called operating system (OS) latencies on the performance of a synchronous network based on global time coordination. The concept of end-to-end latency was first defined by extending the concept of latency used to evaluate the performance of real-time systems and the end-to-end latency provided by a general-purpose OS was measured as a benchmark. Finally, real-time techniques were used to reduce the worst-case values of such a latency, showing how a gateway between synchronous and asynchronous networks can be implemented by using commercial-off-the-shelf hardware and a proper software stack (based on a real-time version of Linux). The use of a real-time OS is still a nontrivial task, which requires experience and the analysis of the specific application to devise the proper techniques to be applied. This work dissects the problem of OS-to-network data transfer (and vice versa) identifying the key sources of latencies and delay jitter, and solving each problem with the application of a proper technique. Copyright © 2011 John Wiley & Sons, Ltd.

Middleware support for advanced pervasive applications includes dealing with heterogeneous systems and dynamic changes of execution environments. If applications are context aware, they are able to detect such changes at runtime and react to them accordingly. Furthermore, they can also proactively adapt to upcoming situations by making accurate assumptions about future contexts. However, the design of reusable middleware support for such future-context-aware applications is still challenging as a supporting prediction system has to be generic, but at the same time has to provide potential for high accuracy and efficiency.

This paper proposes a concept for the development of future-context-aware applications on the basis of the novel approach of structured context prediction. As a framework, this approach allows for integrating domain-specific knowledge and facilitates application, combination, and implementation of suitable prediction methods. In addition, specific runtime mechanisms for distribution of knowledge and adaptation of prediction tasks are proposed, which enable useful context predictions even for dynamic applications. The overall development process as well as practical experiments with the prototype framework is illustrated by two use case scenarios—demonstrating that both high accuracy and efficiency of future context predictions are achievable and even ad hoc context predictions can be supported this way. Copyright © 2011 John Wiley & Sons, Ltd.

In a cross-organizational context, software services are provided and consumed by different organizations. Ensuring that the non-functional requirements of all the involved organizations are satisfied is hard to achieve in such a distributed and heterogeneous environment: the implementation of features, for example, security, is scattered across the services of multiple organizations. In this paper, we present a coordination architecture for flexible and policy-driven composition of cross-organizational features in distributed service systems. The underlying approach of this architecture is to specify the features and their composition at a higher level that abstracts the internal implementation mechanisms of the organizations involved. By means of feature composition policies, the organizations specify at a fine-grained level which features are required and when they have to apply. Driven by these policies, our coordination middleware dynamically integrates the appropriate features throughout the cross-organizational service composition in a consistent and efficient way. We have validated our architecture in a proof of concept showing limited performance overhead. Copyright © 2011 John Wiley & Sons, Ltd.

Behavior-based detection and signature-based detection are two popular approaches to malware (malicious software) analysis. The security industry, such as the sector selling antivirus tools, has been using signature and heuristic-based technologies for years. However, this approach has been proven to be inefficient in identifying unknown malware strains. On the other hand, the behavior-based malware detection approach has a greater potential in identifying previously unknown instances of malicious software. The accuracy of this approach relies on techniques to profile and recognize accurate behavior models. Unfortunately, with the increasing complexity of malicious software and limitations of existing automatic tools, the current behavior-based approach cannot discover many newer forms of malware either. In this paper, we implement ‘holography platform’, a behavior-based profiler on top of a virtual machine emulator that intercepts the system processes and analyzes the CPU instructions, CPU registers, and memory. The captured information is stored in a relational database, and data mining techniques are used to extract information. We demonstrate the breadth of the ‘holography platform’ by conducting two experiments: a packed binary behavior analysis and a malvertising (malicious advertising) incident tracing. Both tasks are known to be very difficult to do efficiently using existing methods and tools. We demonstrate how the precise behavior information can be easily obtained using the ‘holography platform’ tool. With these two experiments, we show that the ‘holography platform’ can provide security researchers and automatic malware detection systems with an efficient malicious software behavior analysis solution. Copyright © 2011 John Wiley & Sons, Ltd.

Search engines essentially rely on the structure of the graph of hyperlinks. Although accurate for the main trend, this is not effective when some query is ambiguous. Leveraging semantic information by the mean of interest matching allows proposing complementary results that are tailored to the user's expectations. This paper proposes a collaborative search companion system, CoFeed, that collects user search queries and that considers feedback to build user-centric and document-centric profiling information. Over time, the system constructs ranked collections of elements that maintain the required information diversity and enhance the user search experience by presenting additional results tailored to the user's interest space. This collaborative search companion requires a supporting architecture adapted to large user populations generating high request loads. To that end, it integrates mechanisms for ensuring scalability and load balancing of the service under varying loads and user interest distributions. Moreover, collecting the recommendation data poses the problem of users’ privacy, and the bias one peer can induce to the system by sending fake recommendations. To that end, CoFeed ensures both publisher anonymity and rate limitation. With the former, the origin of the data is never known by the server that processes it, even if several servers collude to spy on some user. The latter, combined with decoupled authentication, allows to minimize the influence of cheating peers sending fake recommendations. Experiments with a deployed prototype highlight the efficiency of the system by analyzing improvement in search relevance, computational cost, scalability and load balancing. Copyright © 2011 John Wiley & Sons, Ltd.

Nowadays, the computational devices are everywhere. In malls, offices, streets, cars, and even homes, we can find devices providing and consuming functionality to improve the user satisfaction. These devices include sensors that provide information about the environment state (e.g., temperature, occupancy, light levels), service providers (e.g., Internet TVs, GPS), smartphones (that contain user preferences), and actuators that act on the environment (e.g., closing the blinds, activating the alarm, changing the temperature). Although these devices exhibit communication capabilities, their integration into a larger monitoring system remains a challenging task, partly because of the strong heterogeneity of technologies and protocols. Therefore, in this article, we focus on home environments and propose a middleware solution, called DigiHome, that applies the Service Component Architecture (SCA) component model to integrate data and events generated by heterogeneous devices in this kind of environments. DigiHome exploits the SCA extensibility to incorporate the REpresentational State Transfer (REST) architectural style and, in this way, leverages on the integration of multiscale systems-of-systems (from wireless sensor networks to the Internet). Additionally, the platform applies Complex Event Processing technology that detects application-specific situations. We claim that the modularization of concerns fostered by DigiHome and materialized in a service-oriented architecture, makes it easier to incorporate new services and devices in smart home environments. The benefits of the DigiHome platform are demonstrated on smart home scenarios covering home automation, emergency detection, and energy saving situations. Copyright © 2011 John Wiley & Sons, Ltd.

Software maintenance including design is difficult because it is usually performed on someone else's work over a period of time. Maintaining a pattern-based design is especially much more difficult when the information on specific patterns that have been used are not available in the corresponding design documents. Also, finding a maintainer who has a similar level of knowledge on specific patterns that the initial designer had is not easy. Pattern-based design, the use of design patterns during the software design process, has become widely used in the object-oriented community because of its many benefits such as its reuse. However, the defects in pattern-based design can be introduced during the design maintenance phase when the changes are made to the requirements and the initial design, but the conformance to the original patterns is neglected. This conformance process is laborious and time consuming; no systematic process exists to guide the defects discovery and maintenance. Also, deep and correct knowledge of design patterns and their characteristics are required because this process is conducted by human experts. Failure to follow this conformance process and to maintain correct designs during software design evolution may cause serious problems in later software development and maintenance stages by not providing the benefits of pattern-based design that would have been possible if followed correctly. There is a strong need of a systematic design and maintenance method for preventing defects in design patterns introduced during the evolution of pattern-based software design and its maintenance. Because conventional UML design methods do not provide such systematic ways of assessing pattern-based design conformance to the evolutionary changes, we have developed the pattern instance changes with UML profiles (PICUP) design method, which is an improved design method for perfective and corrective UML pattern-based design maintenance and assessment. Design pattern in UML profiles (DPUP) is developed for the use of instantiation, maintenance, and assessment of UML pattern-based designs to support the formal specification of a design pattern. DPUPs, as the main part of the PICUP design method, provide metamodel-level UML design constraints using UML stereotype notations and metamodel-level Object Constraint Language design constraints. Assessment of pattern-based designs in UML class diagram with the corresponding DPUPs enforces maintainers to make necessary and correct changes to keep the principles of the original designs. Pattern-related information is annotated using stereotype notations to help assess pattern-based designs when changes are made. Furthermore, the structural conformance checking of a given UML pattern-based design can be automated by using the assessment tool. The major contributions of this paper are: (i) specifying design patterns using extended UML profile; (ii) providing a means of how to instantiate pattern-based designs from DPUPs with naming conventions; and (iii) providing design constraints for maintaining pattern-based design to guide correct changes of a given design in PICUP method. Explanatory type case studies were performed to better understand and evaluate the effectiveness of the PICUP design method with DPUPs. Answers to the case study questionnaires and the pattern defects discovered from the case studies support the hypothesis that the PICUP method is an improved design method that ensures structural conformance of UML pattern-based designs to the corresponding design patterns during perfective and corrective design maintenance for software systems. Copyright © 2011 John Wiley & Sons, Ltd.

Energy-efficient implementation techniques for virtual machines (VMs) have received little attention yet: conventional wisdom claims that VMs have a diametrical effect on energy consumption, and VM-based applications are therefore short-lived. In this paper, we argue that bytecode interpretation is affordable if we synthesize VMs specifically for energy efficiency. We present TinyVM, an execution infrastructure that seamlessly integrates with C and nesC/TinyOS-based programming environments. TinyVM achieves high code density through the use of compressed bytecode as the primary program representation. Compressed bytecode allows rapid application deployment with low communication overhead. TinyVM executes compressed bytecode in place, which eliminates the need for a decompression stage and thereby reduces memory consumption on sensor nodes. Our infrastructure automates the creation of energy-efficient application-specific VMs. Applications are partitioned in machine code, bytecode, and VM instruction set extensions. Partitioning is manually controlled and/or fully guided by a discrete optimization problem that produces a partitioning with lowest energy consumption for a given program size limit. We provide experimental results for sensor network benchmarks and for selected applications on various CPU architectures including Atmega128-based motes and the ARM-based Intel iMote2. TinyVM has been released under the GNU General Public License. Copyright © 2011 John Wiley & Sons, Ltd.

Computing systems are increasingly designed as a collection of interacting services that constitute a set of functionality offered by a service provider or server to its clients. Many service-oriented computing systems have constraints on the resources they allocate and manage. In these systems, certain types of services should consume resources only when they are accessed by clients, and clients should be shielded from where services are located, how they are deployed, and how their lifecycle is managed. The activator pattern provides an effective means to efficiently and transparently automate scalable on-demand activation and deactivation of services accessed by many clients. This paper motivates the need for the activator pattern, describes the structure and dynamics of canonical implementations of the pattern, and examines the benefits and liabilities of applying this pattern to services in resource-constrained computing systems. Copyright © 2011 John Wiley & Sons, Ltd.

Web 2.0 Mashups offer entirely new opportunities for context-aware application (CAA) developers by integrating Web 2.0 technologies to facilitate interoperability among heterogeneous context-aware systems. From a software engineering perspective, a visualized approach for Web 2.0-based CAA modeling is crucial. Current CAA development, however, cannot provide a conceptual model for Web 2.0-based CAA. Therefore, the development efficiency and potential for reuse are decreased. The UML is a general purpose modeling language with potential for use in many application domains. However, UML often lacks elements needed to model concepts in specific domains, such as Web 2.0-based CAA modeling. To address the above issues, this study presents the Web 2.0-based CAA UML profile, a UML profile for modeling Web 2.0-based CAA. Copyright © 2011 John Wiley & Sons, Ltd.

The design, development and maintenance of large virtual campuses are complex issues. This paper describes the architecture of a large university multiplatform virtual campus. Because we have not found virtual campus architectures described in the literature, the goal of this paper is to make our experience available to a wider audience so that organizations interested in the deployment of a large virtual campus can take advantage of our work. Thus, this paper analyzes this architecture from three different points of view: (i) software architecture; (ii) detailed software design; and (iii) hardware architecture. Copyright © 2011 John Wiley & Sons, Ltd.

Design patterns are rapidly gaining acceptance in the software community not only as reusable constructs for software development but also for the documentation of the software architectural design. Most of the existing design pattern languages describe design patterns using a combination of a natural language, UML-style diagrams and complex mathematical or logic based formalisms, which makes them hard for programmers to understand. In this paper we propose a design pattern definition language (DPDL) based on XML which can be used for sharing design patterns’ implementation details among developers. DPDL is easy to understand and use. It provides unambiguous description of the patterns and is extensible. DPDL also has the flexibility of defining design patterns in a generic term to be used as templates. Copyright © 2011 John Wiley & Sons, Ltd.

Although traditional approaches to code profiling help locate performance bottlenecks, they offer only limited support for removing these bottlenecks. The main reason is the lack of detailed visual runtime information to identify and eliminate computation redundancy. We provide three profiling blueprints that help identify and remove performance bottlenecks. The structural distribution blueprint graphically represents the CPU consumption share for each method and class of an application. The behavioral distribution blueprint depicts the distribution of CPU consumption along method invocations and hints at method candidates for caching optimizations. The behavioral evolution blueprint compares profiles of different versions of a software system and highlights performance-critical changes in the system. These three blueprints helped us to significantly optimize Mondrian, an open source visualization engine. Our implementation is freely available for the Pharo development environment and has been evaluated in a number of different scenarios. Copyright © 2011 John Wiley & Sons, Ltd.

Software architectural evaluation is a key discipline used to identify, at early stages of a real-time system (RTS) development, the problems that may arise during its operation. Typical mechanisms supporting concurrency, such as semaphores, mutexes or monitors, usually lead to concurrency problems in execution time that are difficult to be identified, reproduced and solved. For this reason, it is crucial to understand the root causes of these problems and to provide support to identify and mitigate them at early stages of the system lifecycle. This paper aims to present the results of a research work oriented to the development of the tool called ‘Deadlock Risk Evaluation of Architectural Models’ (DREAM) to assess deadlock risk in architectural models of an RTS. A particular architectural style, Pipelines of Processes in Object-Oriented Architectures–UML (PPOOA) was used to represent platform-independent models of an RTS architecture supported by the PPOOA –Visio tool. We validated the technique presented here by using several case studies related to RTS development and comparing our results with those from other deadlock detection approaches, supported by different tools. Here we present two of these case studies, one related to avionics and the other to planetary exploration robotics. Copyright © 2011 John Wiley & Sons, Ltd.

Adaptive random testing is an enhancement of random testing. Previous studies on adaptive random testing assumed that once a failure is detected, testing is terminated and debugging is conducted immediately. It has been shown that adaptive random testing normally uses fewer test cases than random testing for detecting the first software failure. However, under many practical situations, testing should not be withheld after the detection of a failure. Thus, it is important to investigate the effectiveness with respect to the detection of multiple failures. In this paper, we compare adaptive random testing and random testing under various scenarios and examine whether adaptive random testing is still able to use fewer test cases than random testing to detect multiple software failures. Our study delivers some interesting results and highlights a number of promising research projects. Copyright © 2011 John Wiley & Sons, Ltd.

This report introduces a new lossless asymmetric single instruction multiple data codec designed for extremely efficient decompression of large satellite images. A throughput in excess of 3GB/s allows decompression to proceed in parallel with asynchronous transfers from fast block devices such as disk arrays. This is made possible by a simple and fast single instruction multiple data entropy coder that removes leading null bits. Our main contribution is a new approach for vectorized prediction and encoding. Unlike previous approaches that treat the entropy coder as a black box, we account for its properties in the design of the predictor. The resulting compressed stream is 1.2 to 1.5 times as large as JPEG-2000, but can be decompressed 100 times as quickly – even faster than copying uncompressed data in memory. Applications include streaming decompression for out of core visualization. To the best of our knowledge, this is the first entirely vectorized algorithm for lossless compression. Copyright © 2011 John Wiley & Sons, Ltd.

Our everyday environments may soon be pervaded with radio frequency identification (RFID) tags integrated in physical objects. These RFID tags can store a digital representation of the physical object and transmit it wirelessly to pervasive, context-aware applications running on mobile devices. However, communicating with RFID tags is prone to many failures inherent to the technology. This hinders the development of such applications, as traditional programming models require the programmer to deal with the RFID hardware characteristics manually. On the other hand, traditional RFID middleware focuses on limited scenarios in an enterprise context and not on general ubiquitous computing scenarios. In this paper, we extend the ambient-oriented programming paradigm to program RFID applications, by considering RFID tags as intermittently connected mutable proxy objects hosted on mobile distributed computing devices, and detail our prototype implementation. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud computing is a disruptive technology, representing a new model for information technology solution engineering and management that promises to introduce significant cost savings and other benefits. The adoption of Cloud computing requires a detailed comparison of infrastructure alternatives, taking a number of aspects into careful consideration. Existing methods of evaluation, however, limit decision-making to the relative costs of Cloud computing, but do not take a broader range of criteria into account. The Multi-Criteria Comparison Method for Cloud Computing () offers a multi-criteria-based decision framework that can be applied to Cloud computing. The framework allows organizations to create evaluation methods that help to determine what infrastructure best suits their needs by evaluating and ranking infrastructure alternatives using multiple criteria derived from a comprehensive criteria catalog. Therefore, offers a way to differentiate infrastructures not only by costs but also in terms of benefits, opportunities and risks. can be adapted to facilitate a wide array of decision-making scenarios within the domain of information technology infrastructures, depending on the criteria selected to support the framework. The software prototype presented in this paper creates an interface to decision-makers that makes the framework more usable for Cloud infrastructure decisions in practice. Copyright © 2011 John Wiley & Sons, Ltd.

This paper presents AIBench (SING group, Ourense, Spain), a JAVA desktop application framework mainly focused on scientific software development, with the goal of improving the productivity of research groups. Following the MVC design pattern, the programmer is able to develop applications using only three types of concepts: operations, data-typesand views. The framework provides the rest of the functionality present in typical scientific applications, including user parameter requests, logging facilities, multithreading execution, experiment repeatability and graphic user interface generation, among others. The proposed framework is implemented following a plugin-based architecture, which also allows assembling new applications by the reuse of modules from past development projects. Copyright © 2011 John Wiley & Sons, Ltd.

The Burrows–Wheeler Transform (BWT) produces a permutation of a string X, denoted X^∗, by sorting the n cyclic rotations of X into full lexicographical order and taking the last column of the resulting n×n matrix to be X^∗. The transformation is reversible in time. In this paper, we consider an alteration to the process, called k-BWT, where rotations are only sorted to a depth k. We propose new approaches to the forward and reverse transform, and show that the methods are efficient in practice. More than a decade ago, two algorithms were independently discovered for reversing k-BWT, both of which run in time. Two recent algorithms have lowered the bounds for the reverse transformation to and, respectively. We examine the practical performance for these reversal algorithms. We find that the original approach is most efficient in practice, and investigates new approaches, aimed at further speeding reversal, which store precomputed context boundaries in the compressed file. By explicitly encoding the context boundaries, we present an reversal technique that is both efficient and effective. Finally, our study elucidates an inherently cache-friendly – and hitherto unobserved – behavior in the reverse k-BWT, which could lead to new applications of the k-BWT transform. In contrast to previous empirical studies, we show that the partial transform can be reversed significantly faster than the full transform, without significantly affecting compression effectiveness. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud promises users that they can present and deploy IT services in a pay-as-you-go fashion in an open and virtualized cloud environment while saving huge capital investment in their own IT infrastructure. In this sense, protection of users' privacy is critical and has become one of the most concerned issues as otherwise users may eventually lose the confidence and passion of deploying cloud in practice. Under some special cloud circumstances, some users' privacy, such as plans or habits, could be induced from their service requests by service providers without permissions from users. In this regard, obfuscation strategy can protect this kind of privacy by injecting ‘noise’ service requests to confuse potential ‘immoral’ service providers. However, existing noise obfuscation strategies focus on single noise injection whereas investigation of noise injection architecture has been neglected. Especially, a common service pattern in inter-clouds environment, the cooperative service process including different service providers, makes the risk of privacy serious and uncontrollable by the spread of users' privacy. To address this, we present a novel trust-based noise injection strategy for privacy protection in cloud. To support the strategy, we describe our noise injection architecture in cloud which specializes in the relations between various service roles in inter-clouds based on our trust model. The simulation can demonstrate that our noise injection strategy could significantly improve the effectiveness of privacy protection. Copyright © 2011 John Wiley & Sons, Ltd.

Mobile devices with their more and more powerful resources allow the development of mobile information systems in which services are not only provided by traditional systems but also autonomously executed and controlled in the mobile devices themselves. Services distributed on autonomous mobile devices allow both the development of cooperative applications without a back-end infrastructure and the development of applications blending distributed and centralized services. In this paper, we propose MicroMAIS: an integrated platform for supporting the execution of Web service-based applications natively on a mobile device. The MicroMAIS platform is composed of mAS and μ-BPEL. The former allows the execution of a single Web service, whereas the latter permits the orchestration of several Web services according to the WS-BPEL standard. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud computing offers virtualized computing elements on demand in a pay-as-you-go manner. The major motivations to adopt Cloud services include no upfront investment on infrastructure and transferring responsibility of maintenance, backups, and license management to Cloud Providers. However, one of the key challenges that holds businesses from adopting Cloud computing services is that, by migrating to Cloud, they move some of their information and services out of their direct control. Their main concern is how well the Cloud providers keep their information (security) and deliver their services (performance). To cope with this challenge, several service level agreement management systems have been proposed. However, monitoring service deployment as a major responsibility of those systems have not been deeply investigated yet. Therefore, this paper shows how monitoring services have to be described, deployed (discovered and ranked), and then how they have to be executed to enforce accurate penalties by eliminating service level agreement failure cascading effects on violation detection. Copyright © 2011 John Wiley & Sons, Ltd.

Dynamic slicing is a promising trace based technique that helps programmers in the process of debugging. In order to debug a failed run, dynamic slicing requires the dynamic dependence graph (DDG) information for that particular run. The two major challenges involved in utilizing dynamic slicing as a debugging technique are the efficient computation of the DDG and the efficient computation of the dynamic slice, given the DDG. In this paper, we present an efficient debugger, which first computes the DDG efficiently while the program is executing; dynamic slicing is later performed efficiently on the computed DDG, on demand. To minimize program slowdown during the online computation of DDG, we make the design decision of not outputting the computed dependencies to a file, instead, storing them in memory in a specially allocated fixed size circular buffer. The size of the buffer limits the length of the execution history that can be stored. To maximize the execution history that can be maintained, we introduce optimizations to eliminate the storage of most of the generated dependencies, at the same time ensuring that those that are stored are sufficient to capture the bug. Experiments conducted on CPU-intensive programs show that our optimizations are able to reduce the trace rate from 16 to 0.8 bytes per executed instruction. This enables us to store the dependence trace history for a window of 20 million executed instructions in a 16-MB buffer. Our debugger is also very efficient, yielding slicing times of around a second, and only slowing down the execution of the program by a factor of 19 during the online tracing step. Using recently proposed architectural support for monitoring, we are also able to handle multithreaded programs running on multicore processors. Copyright © 2011 John Wiley & Sons, Ltd.

Many sorting algorithms have been studied in the past, but there are only a few algorithms that can effectively exploit both single-instruction multiple-data (SIMD) instructions and thread-level parallelism. In this paper, we propose a new high-performance sorting algorithm, called aligned-access sort (AA-sort), that exploits both the SIMD instructions and thread-level parallelism available on today's multicore processors. Our algorithm consists of two phases, an in-core sorting phase and an out-of-core merging phase. The in-core sorting phase uses our new sorting algorithm that extends combsort to exploit SIMD instructions. The out-of-core algorithm is based on mergesort with our novel vectorized merging algorithm. Both phases can take advantage of SIMD instructions. The key to high performance is eliminating unaligned memory accesses that would reduce the effectiveness of SIMD instructions in both phases. We implemented and evaluated the AA-sort on PowerPC 970MP and Cell Broadband Engine platforms. In summary, a sequential version of the AA-sort using SIMD instructions outperformed IBM's optimized sequential sorting library by 1.8 times and bitonic mergesort using SIMD instructions by 3.3 times on PowerPC 970MP when sorting 32 million random 32-bit integers. Also, a parallel version of AA-sort demonstrated better scalability with increasing numbers of cores than a parallel version of bitonic mergesort on both platforms. Copyright © 2011 John Wiley & Sons, Ltd.

The problem of line breaking consists of finding the best way to split paragraphs into lines. It has been cleverly addressed by the total-fit algorithm exposed by Knuth and Plass in a well-known paper. Similarly, page-breaking algorithms break the content flow of a document into page units. Formatting languages—such as the World Wide Web Consortium standard Extensible Stylesheet Language Formatting Objects (XSL-FO)—allow users to set which content should be kept in the same page and how many isolated lines are acceptable at the beginning/end of each page. The strategies most formatters adopt to meet these requirements, however, are not satisfactory for many publishing contexts as they very often generate unpleasant empty areas. In that case, typographers are required to manually craft the results in order to completely fill pages. This paper presents a page-breaking algorithm that extends the original Knuth and Plass line-breaking approach and produces high-quality documents without unwanted empty areas. The basic idea consists of delaying the definitive choice of breaks in the line-breaking process in order to provide a larger set of alternatives to the actual pagination step. The algorithm also allows users to decide the set of properties to be adjusted for pagination and their variation ranges. An application of the algorithm to XSL-FO is also presented, with an extension of the language that allows users to drive the pagination process. The tool, named FOP+, is a customized version of the open-source Apache Formatting Objects Processor formatter. Copyright © 2011 John Wiley & Sons, Ltd.

The paradigm of Trusted Computing promises a new approach to improve the security of computer systems. The core functionality, based on a hardware component known as Trusted Platform Module, is integrated into commodity hardware. However, operating system integration and application software support remains limited at present. In particular, for Java, the most widely used platform-independent computing environment, there is currently no generally accepted Trusted Computing API. In this article, we describe the design of a high-level API for Trusted Computing. We report on the current state of the Trusted Computing Group's software architecture and on previous approaches targeting Java. We derive our requirements and design goals and describe a novel API design. We report on our transparent approach to standardization in the Java Community Process. The result of this effort is the API we propose in the Java Specification Request 321. In this work, we not only present the design of this new API but also discuss implementation and testing strategies. Copyright © 2011 John Wiley & Sons, Ltd.

Existing specification-based testing techniques often generate comprehensive test suites to cover diverse combinations of test-relevant aspects. Such a test suite can be prohibitively expensive to execute exhaustively because of its large size. A pragmatic strategy often adopted in practice, called test-once strategy, is to identify certain particular conditions from the specification and to test each such condition once only. This strategy is implicitly based on the uniformity assumption that the implementation will process a particular condition uniformly, regardless of other parameters or inputs. As the decision of adopting the test-once strategy is often based on the specification, whether the uniformity assumption actually holds in the implementation needs to be critically assessed, or else the risk of inadequate testing could be non-negligible. As viable alternatives to reduce such a risk, a family of test-a-few strategies for the testing of particular conditions is proposed in this paper. Two rounds of experiments that evaluate the effectiveness of the test-a-few strategies as compared with the test-once strategy are further reported. Our experiments do the following: (1) provide clear evidence that the uniformity assumption often, but not always, holds and that the assumption usually fails to hold when the implementation is faulty; (2) demonstrate that all our proposed test-a-few strategies are statistically more reliable than the test-once strategy in revealing faulty programs; (3) show that random sampling is already substantially more effective than the test-once strategy; and (4) indicate that, compared with other test-a-few strategies under study, choice coverage seems to achieve a better trade-off between test effort and effectiveness. Copyright © 2011 John Wiley & Sons, Ltd.

Role-based collaboration is an emerging methodology to facilitate an organizational structure, provide orderly system behavior, and consolidate system security for both human and non-human entities, like agents, that collaborate and coordinate their activities with or within systems. Interaction management must, however, be able to handle run-time and dynamic scenarios. Hence, every role-based collaboration system must provide a good level of dynamism, that is, provide an agent with the capability to assume, use, and release a role depending on run-time conditions. Dynamism, however, does not suffice in adaptative scenarios: being able to use a role dynamically is important, but in order to enhance interagent communications, the capability to perceive a played role is important too. Role perceivability is the capability of an agent to autonomously recognize the role played by another entity without the need to ask a yellow-page directory. Whereas dynamism has been achieved with different techniques and often through language support, role perceivability is more difficult to achieve and to some extent even more important because it can boost sociality among entities and agents. In object-oriented programming languages, such as JAVA, role perceivability could be achieved with appropriate changes to the agent/entity class structure, but this requires compile time constraints that are, in their nature, not dynamic. This paper proposes an approach to remedy the above problems: maintaining an appropriate level of dynamism. The work presented here allows a JAVA agent to make its role perceivable to other entities as if it is applied at compile time. Copyright © 2011 John Wiley & Sons, Ltd.

This paper describes a self-applicable online partial evaluator for a flowchart language with recursive calls. Self-application of the partial evaluator yields generating extensions that are as efficient as those reported in the literature for offline partial evaluation. This result is remarkable because it has been assumed that online partial evaluation techniques unavoidably lead to inefficient and overgeneralized generating extensions. The purpose of this paper is not to determine which kind of partial evaluation is better, but to show how the problem can be solved by recursive polyvariant specialization. The design of the self-applicable online partial evaluator is based on a number of known techniques, but by combining them in a new way this result can be produced. The partial evaluator, its techniques, and its implementation are presented in full. Self-application according to all three Futamura projections is demonstrated. The complete bootstrap of a compiler generator from a partial evaluator is also reported. Copyright © 2011 John Wiley & Sons, Ltd.

System virtualization has become the enabling technology to manage the increasing number of different applications inside data centers. The abstraction from the underlying hardware and the provision of multiple virtual machines (VM) on a single physical server have led to a consolidation and more efficient usage of physical servers. The abstraction from the hardware also eases the provision of applications on different data centers, as applied in several cloud computing environments. In this case, the application need not adapt to the environment of the cloud computing provider, but can travel around with its own VM image, including its own operating system and libraries. System virtualization and cloud computing could also be very attractive in the context of high-performance computing (HPC). Today, HPC centers have to cope with both, the management of the infrastructure and also the applications. Virtualization technology would enable these centers to focus on the infrastructure, while the users, collaborating inside their virtual organizations (VOs), would be able to provide the software. Nevertheless, there seems to be a contradiction between HPC and cloud computing, as there are very few successful approaches to virtualize HPC centers. This work discusses the underlying reasons, including the management and performance, and presents solutions to overcome the contradiction, including a set of new libraries. The viability of the presented approach is shown based on evaluating a selected parallel, scientific application in a virtualized HPC environment. Copyright © 2011 John Wiley & Sons, Ltd.

The Service Component Architecture (SCA) is a technology-independent standard for developing distributed Service-oriented Architectures (SOA). The SCA standard promotes the use of components and architecture descriptors, and mostly covers the lifecycle steps of implementation and deployment. Unfortunately, SCA does not address the governance of SCA applications and provides no support for the maintenance of deployed components. This article covers this issue and introduces the FRASCATI platform, a run-time support for SCA with dynamic reconfiguration capabilities and run-time management features. This article presents the internal component-based architecture of the FRASCATI platform, and highlights its key features. The component-based design of the FRASCATI platform introduces many degrees of flexibility and configurability in the platform itself and it can host the SOA applications. This article reports on micro-benchmarks highlighting that run-time manageability in the FRASCATI platform does not decrease its performance when compared with the de facto reference SCA implementation: Apache TUSCANY. Finally, a smart home scenario illustrates the extension capabilities and the various reconfigurations of the FRASCATI platform. Copyright © 2011 John Wiley & Sons, Ltd.

Workload generators are widely used for testing the performance of Web-based systems. Typically, these tools are also used to collect measurements such as throughput and end-user response times that are often used to characterize the QoS provided by a system to its users. However, our study finds that Web workload generation is more difficult than it seems. In examining the popular RUBiS client generator, we found that reported response times could be grossly inaccurate, and that the generated workloads were less realistic than expected, causing server scalability to be incorrectly estimated. Using experimentation, we demonstrate how the Java virtual machine and the Java network library are the root causes of these issues. Our work serves as an example of how to verify the behavior of a Web workload generator. Copyright © 2011 John Wiley & Sons, Ltd.

Logging and replay provide numerous benefits for debugging today's increasingly distributed and parallel applications, as well as for debugging within cloud computing environments. Tracking down faults, particularly in applications that involve non-deterministic executions, becomes much easier if such a technique is used. This article presents a system that leverages the functionality of modern x86 hardware extensions present in Intel and AMD processors to implement logging and replay of the Kernel-based Virtual Machine (KVM). With our KVM-based logging and replay system, virtual machines can be logged at will. The system can record the behavior of the operating system, the applications, the network traffic, and the user input. At a later time, and even on another machine, the problematic execution can be replayed and analyzed. The implementation incurs a minimal amount of processing and memory overhead, and thus, its effects are largely imperceptible to users of the system. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud computing infrastructure services enable the flexible creation of virtual infrastructures on-demand. However, the creation of infrastructures is only a part of the process for provisioning services. Other steps such as installation, deployment, configuration, monitoring and management of software components are needed to fully provide services to end-users in the cloud. This paper describes a peer-to-peer architecture to automatically deploy services on cloud infrastructures. The architecture uses a component repository to manage the deployment of these software components, enabling elasticity by using the underlying cloud infrastructure provider. The life cycle of these components is described in this paper, as well as the language for defining them. We also describe the open-source proof-of-concept implementation. Some technical information about this implementation together with some statistical results are also provided. Copyright © 2011 John Wiley & Sons, Ltd.

With the rapid development of cloud computing, software applications are shifting onto cloud storage rather than remaining within local networks. Software distributions within the cloud are subject to security breaches, privacy abuses, and access control violations. In this paper, we identify an insider threat to access control which is not completely eliminated by the usual techniques of encryption, cryptographic hashes, and access-control labels. We address this threat using software watermarking. We evaluate our access-control scheme within the context of a Collaboration-oriented Architecture, as defined by The Jericho Forum. Copyright © 2011 John Wiley & Sons, Ltd.

Hadoop, based on the popular MapReduce framework, is an open-source distributed computing framework that has been gaining much popularity and usage. It aims to allow programmers to focus on building applications that deals with processing large amount of data, without having to handle other issues when performing parallel computations. However, tuning the performance of Hadoop applications is not an easy task due to the level of abstraction of the framework. In this paper, we present three case studies and some of the challenges and issues that are to be considered in performance tuning when running applications in Hadoop. The focus is mainly on the impact of input data on Hadoop's performance and how they can be tuned. Copyright © 2011 John Wiley & Sons, Ltd.

We present POET, a scripting language designed for applying advanced program transformations to code in arbitrary programming languages as well as building ad hoc translators between these languages. We have used POET to support a large number of compiler optimizations, including loop interchange, parallelization, blocking, fusion/fission, strength reduction, scalar replacement, SSE vectorization, among others, and to fully support the code generation of several domain-specific languages, including automatic tester/timer generation, and automatically translating a finite-state-machine-based behavior modeling language into C++/ Java code. This paper presents key design and implementation decisions of the POET language and show how to use various language features to significantly reduce the difficulty of supporting programmable compiler optimization for high performance computing and supporting ad hoc code generation for various domain-specific languages. Copyright © 2011 John Wiley & Sons, Ltd.

As computing becomes more nomadic, privacy becomes a greater concern. People use portable devices to annex displays in their environments so that they can share information with other people. However, private information such as usernames, e-mail addresses, and folder names are shown on foreign displays. In addition, foreign keyboards can be used to enter in passwords generating a significant privacy and security risk. Because nomadic users' sensitive data is constantly at risk for exploitation via the UI toolkit, a solution for protecting user privacy must include that toolkit. This paper introduces the XICE framework—a windowing toolkit that provides easy display annexing and includes a robust privacy framework to help protect users and their data. This paper discusses the exploits that annexing external devices introduces and how XICE mitigates or eliminates those threats safely and naturally for both users and developers. Copyright © 2011 John Wiley & Sons, Ltd.

Packet traces are important objects in networking, commonly used in a wide set of applications, including monitoring, troubleshooting, measurements, and validation, to cite a few. Many tools exist to produce and process such traces, but they are often too specific; using them as a basis for creating extended tools is then impractical. Some other tools are generic enough, but exhibit performance issues. This paper reports on our experience designing WiPal, a packet trace manipulation framework with a focus on IEEE 802.11. WiPal is designed for performance and re-usability, while introducing several novel features compared to previous solutions. Besides presenting how WiPal's original design can benefit packet processing programs, we discuss a number of issues a program designer might encounter when writing packet trace processing software. An evaluation of WiPal shows that, albeit generic, it does not impact performance regarding execution speed. WiPal achieves performance levels observed only with specialized code and outperforms some well-known packet processing programs. Copyright © 2011 John Wiley & Sons, Ltd.

Intelligent service robots provide various services to users by understanding the context and goals of a user task. In order to provide more reliable services, intelligent service robots need to consider various factors, such as their surrounding environments, users' changing needs, and constrained resources. To handle these factors, most of the intelligent service robots are controlled by a task-based control system, which generates a task plan that represents a sequence of actions, and executes those actions by invoking the corresponding functions. However, the traditional task-based control systems lack the consideration of resource factors even though intelligent service robots have limited resources (limited computational power, memory space, and network bandwidth). Moreover, system-specific concerns such as the relationships among functional modules are not considered during the task generation phase. Without considering both the resource conditions and interdependencies among software modules as a whole, it will be difficult to efficiently manage the functionalities that are essential to provide core services to users. In this paper, we propose a mechanism for intelligent service robots to efficiently use their resources on-demand by separating system-specific information from task generation. We have defined a sub-architecture that corresponds to each action of a task plan, and provides a way of using the limited resources by minimizing redundant software components and maintaining essential components for the current action. To support the optimization of resource consumption, we have developed a two-phase optimization process, which is composed of the topological and temporal optimization steps. We have conducted an experiment with these mechanisms for an infotainment robot, and simulated the optimization process. Results show that our approach contributed to increase the utilization rate by 20% of the robot resources. Copyright © 2011 John Wiley & Sons, Ltd.

The new OPC Unified Architecture has been introduced as a replacement for the existing COM-based specifications. The article describes a generalized algorithm for the automatic generation of the address space structure for an UA server. First, we present the general startup procedure of an OPC UA server, focusing on the address space generation step. Afterwards we introduce specialized algorithms for the generation of the type nodes, of object, variable, method and view nodes. Finally the additional references are added to the fully meshed address space. The basic ideas of the algorithms are: the splitting of the nodes into groups and the sequential addition of the groups to the address space, and the naming of a main reference for every target node. The algorithms have been applied for an aggregating UA server which models the devices of an assembly line. The main advantages are: shorter development time, easier maintenance and the possibility to add nodes to the address space in both online and offline mode. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud computing promises a radical shift in the provisioning of computing resources within the enterprise. This paper describes the challenges that decision makers face when assessing the feasibility of the adoption of cloud computing in their organizations, and describes our Cloud Adoption Toolkit, which has been developed to support this process. The toolkit provides a framework to support decision makers in identifying their concerns, and matching these concerns to appropriate tools/techniques that can be used to address them. Cost Modeling is the most mature tool in the toolkit, and this paper shows its effectiveness by demonstrating how practitioners can use it to examine the costs of deploying their IT systems on the cloud. The Cost Modeling tool is evaluated using a case study of an organization that is considering the migration of some of its IT systems to the cloud. The case study shows that running systems on the cloud using a traditional ‘always on’ approach can be less cost effective, and the elastic nature of the cloud has to be used to reduce costs. Therefore, decision makers have to model the variations in resource usage and their systems' deployment options to obtain accurate cost estimates. Copyright © 2011 John Wiley & Sons, Ltd.

Although quality requirements (QRs) have become a major drive in today's software development, there have been very few real-world examples in the literature that demonstrate how to meet these requirements. This paper presents such an example. Specifically, the paper describes the design of a partition-based distributed stock trading service system that satisfies a set of QRs related to resource utilization, performance, scalability and availability. The paper evaluates this design through detailed experiments and discusses some design alternatives and the lessons learned. Central to this design are a static load distribution strategy and a dynamic load balancing strategy. The first strategy is to achieve an initial balanced workload on the system's server cluster during the system initialization time, whereas the second strategy is to maintain this balanced workload throughout the system execution time. Together, these two strategies work in unison to ensure that the server resources are efficiently utilized; the user requests are processed with the required speed; the application is partitioned with sufficient room to scale; and the system is highly available. Copyright © 2011 John Wiley & Sons, Ltd.

Business processes have become one of the key assets of organization, since these processes allow them to discover and control what occurs in their environments, with information systems automating most of an organization's processes. Unfortunately, and as a result of uncontrolled maintenance, information systems age over time until it is necessary to replace them with new and modernized systems. However, while systems are aging, meaningful business knowledge that is not present in any of the organization's other assets gradually becomes embedded in them. The preservation of this knowledge through the recovery of the underlying business processes is, therefore, a critical problem. This paper provides, as a solution to the aforementioned problem, a model-driven procedure for recovering business processes from legacy information systems. The procedure proposes a set of models at different abstraction levels, along with the model transformations between them. The paper also provides a supporting tool, which facilitates its adoption. Moreover, a real-life case study concerning an e-government system applies the proposed recovery procedure to validate its effectiveness and efficiency. The case study was carried out by following a formal protocol to improve its rigor and replicability. Copyright © 2011 John Wiley & Sons, Ltd.

Adt is a simple tool in the spirit of Lex and Yacc that makes monomorphic algebraic data types, polymorphic built-in types like the list and an efficient form of pattern matching available in C programs. C programs built with ADTs typically use NULL pointers only to indicate don't care values, and not as sentinels. This reduces the scope for errors involving NULL pointers. The Adt tool generates runtime checks, which catch many of the remaining NULL pointer dereferences. The runtime checks may consume a significant amount of CPU time; hence they can be switched off once the program is suitably debugged. Copyright © 2011 John Wiley & Sons, Ltd.

Self-adaptive software is a closed-loop system, since it continuously monitors its context (i.e. environment) and/or self (i.e. software entities) in order to adapt itself properly to changes. We believe that representing adaptation goals explicitly and tracing them at run-time are helpful in decision making for adaptation. While goal-driven models are used in requirements engineering, they have not been utilized systematically yet for run-time adaptation. To address this research gap, this article focuses on the deciding process in self-adaptive software, and proposes the Goal-Action-Attribute Model (GAAM). An action selection mechanism, based on cooperative decision making, is also proposed that uses GAAM to select the appropriate adaptation action(s). The emphasis is on building a light-weight and scalable run-time model which needs less design and tuning effort comparing with a typical rule-based approach. The GAAM and action selection mechanism are evaluated using a set of experiments on a simulated multi-tier enterprise application, and two sample ordinal and cardinal action preference lists. The evaluation is accomplished based on a systematic design of experiment and a detailed statistical analysis in order to investigate several research questions. The findings are promising, considering the obtained results, and other impacts of the approach on engineering self-adaptive software. Although, one case study is not enough to generalize the findings, and the proposed mechanism does not always outperform a typical rule-based approach, less effort, scalability, and flexibility of GAAM are remarkable. Copyright © 2011 John Wiley & Sons, Ltd.

The use of game technology for building virtual learning environments is intended to improve the motivation and engagement of the student, borrowing such properties from their entertaining counterparts. Nevertheless, wrapping pedagogical contents in a virtual environment is no simple achievement, and requires a rigorous process of designing and validating the metaphors and mechanics included in the virtual learning system. In this paper we describe such design process exemplified in the construction of consecutive versions of ViRPlay, a 3D role play virtual environment for teaching object-oriented design. We show how main mechanics were transferred from experiments in the real world and how such mechanics were evolved based on empirical evaluations. Copyright © 2011 John Wiley & Sons, Ltd.

A significant cost in PPM data compression (and often the major cost) is the provision and efficient coding of escapes while building contexts. This paper presents some recent, preliminary, work on a new technique for eliminating escapes in PPM compression, using bit-wise compression with binary contexts. It shows that PPM without escapes can achieve averages of 2.5 bits per character on the Calgary Corpus and 2.2 bpc on the Canterbury Corpus, both values comparing well with accepted good compressors. Copyright © 2011 John Wiley & Sons, Ltd.