Succinct data structures provide the same functionality as their corresponding traditional data structure in compact space. We improve on functions rank and select, which are the basic building blocks of FM-indexes and other succinct data structures. First, we present a cache-optimal, uncompressed bitvector representation that outperforms all existing approaches. Next, we improve, in both space and time, on a recent result by Navarro and Providel on compressed bitvectors. Last, we show techniques to perform rank and select on 64-bit words that are up to three times faster than existing methods. In our experimental evaluation, we first show how our improvements affect cache and runtime performance of both operations on data sets larger than commonly used in the evaluation of succinct data structures. Our experiments show that our improvements to these basic operations significantly improve the runtime performance and compression effectiveness of FM-indexes on small and large data sets. To our knowledge, our improvements result in FM-indexes that are either smaller or faster than all current state of the art implementations. Copyright © 2013 John Wiley & Sons, Ltd.

Code Bubbles is an attempt to redefine the user interface for an integrated programming environment. As it represents a whole new user interface, implementing it as a plug-in is inherently difficult. We get around this difficulty by combining two different plug-in architectures, a standard one based on registrations and callbacks and a message-based one that puts the plug-in at arm's length and defines a narrower two-way interface. This paper describes both how we have implemented Code Bubbles as a plug-in to Eclipse and how Code Bubbles itself is implemented as a set of plug-ins representing the different aspects of the environment, using both traditional and message-based plug-in architectures as appropriate. It also shows how the resultant architecture is flexible enough to support collaboration, different back ends, and a cloud-based environment. Copyright © 2013 John Wiley & Sons, Ltd.

Data warehouse loading and refreshment is typically performed by means of complex software processes called extraction–transformation–loading (ETL). In this paper, we propose a system based on a suite of visual languages for mastering several aspects of the ETL development process, turning it into a visual programming task. The approach can be easily generalized and applied to other data integration contexts beyond data warehouses. It introduces two new visual languages that are used to specify the ETL process, which can also be represented by means of UML activity diagrams. In particular, the first visual language supports data manipulation activities, whereas the second one provides traceability information of attributes to highlight the impact of potential transformations on integrated schemas depending on them. Once the whole ETL process has been visually specified, the designer might invoke the automatic generation of an activity diagram representing a possible orchestration of it based on its dependencies. The designer can edit such a diagram to modify the proposed orchestration provided that changes do not alter data dependencies. The final specification can be translated into code that is executable on the data sources. Finally, the effectiveness of the proposed approach has been validated through a user study in which we have compared the effort needed to design an ETL process in our approach with respect to the one required with main visual approaches described in the literature.Copyright © 2013 John Wiley & Sons, Ltd.

Establishing explicit mappings between features and their implementation elements in code is one of the critical factors to maintain and evolve software systems successfully. This is especially important when developers have to evolve program families, which have evolved from one single core system to similar but different systems to accommodate various requirements from customers. Many techniques and tools have emerged to assist developers in the feature mapping activity. However, existing techniques and tools for feature mapping are limited as they operate on a single program version individually. Additionally, existing approaches are limited to recover features on demand, that is, developers have to run the tools for each family member version individually. In this paper, we propose a cohesive suite of five mapping heuristics addressing those two limitations. These heuristics explore the evolution history of the family members in order to expand feature mappings in evolving program families. The expansion refers to the action of automatically generating the feature mappings for each family member version by systematically considering its previous change history. The mapping expansion starts from seed mappings and continually tracks the features of the program family, thus eliminating the need of on demand algorithms. Additionally, we present the MapHist tool that provides support to the application of the proposed heuristics. We evaluate the accuracy of our heuristics through two evolving program families from our industrial partners. Copyright © 2013 John Wiley & Sons, Ltd.

Model transformations are at the heart of model-driven engineering because they allow the automation of diverse kinds of model manipulations. Transformation scheduling is a key issue in the design and implementation of many transformation languages. This paper reports our results using continuations as the underlying technique for building a scheduling mechanism implicitly driven by data dependence among transformation rules. To support our experiments, we have built a proof-of-concept model transformation language, which is also reported here. First, we motivate the problem by analyzing the scheduling mechanism of current model transformation languages. Then, we introduce the notion of continuation, showing its applicability to model transformations. Afterwards, we present our approach, notably explaining how dependence is specified and giving the scheduling algorithm. We also analyze the lazy resolution of rules and how to deal with collection operations. The approach is validated by an implementation that targets the Java Virtual Machine and by running of the performance benchmarks that show its efficiency and scalability. Besides, we discuss how it can be applied to other existing transformation languages and present several applicability scenarios. Copyright © 2013 John Wiley & Sons, Ltd.

Most constrained systems use interpreters to run mobile programs written in Java. Such interpreters are designed to minimize resource usage and often do not allow mobile code in the devices to be changed. For this reason, runtime optimization is typically not supported, even though it is completely feasible. In this paper, we propose optimistic optimization as a concept for improving application performance in restricted interpreter environments. In an optimistic optimization, a mobile program is restructured speculatively during code generation. This requires that it is possible to undo such optimizations, at runtime, if an incorrect use is detected or the set of available classes has changed when compared with compile time. Experimental results show that interpreted applications using optimistic optimizations tend to run faster when compared with their conventionally optimized counterparts. Compared with standard load elimination, reductions in runtimes of up to 9% for optimistic load elimination and up to 23% for the combined optimization were achieved. Whereas an average performance improvement of 1.87% for optimistic load elimination and 3.7% for the combined optimization could be realized. Copyright © 2013 John Wiley & Sons, Ltd.

The security of modern computer systems heavily depends on security tools, especially on antivirus software solutions. In the anti-malware research community, development of techniques for evading detection by antivirus software is an active research area. This has led to malware that can bypass or subvert antivirus software. The common strategies deployed include the use of obfuscated code and staged malware whose first instance (usually installer such as dropper and downloader) is not detected by the antivirus software. Increasingly, most of the modern malware are staged ones in order for them to be not detected by antivirus solutions at the early stage of intrusion. The installers then determine the method for further intrusion including antivirus bypassing techniques. Some malware target boot and/or shutdown time when antivirus software may be inactive so that they can perform their malicious activities. However, there can be another time frame where antivirus solutions may be inactive, namely, during the time of update. All antivirus software share a unique characteristic that they must be updated at a very high frequency to provide up-to-date protection of their system. In this paper, we suggest a novel attack vector that targets antivirus updates and show practical examples of how a system and antivirus software itself can be compromised during the update of antivirus software. Local privilege escalation using this vulnerability is also described. We have investigated this design vulnerability with several of the major antivirus software products such as Avira, AVG, McAfee, Microsoft, and Symantec and found that they are vulnerable to this new attack vector. The paper also discusses possible solutions that can be used to mitigate the attack in the existing versions of the antivirus software as well as in the future ones. Copyright © 2013 John Wiley & Sons, Ltd.

Software engineering frameworks tame the complexity of large collections of classes by identifying structural invariants, regularizing interfaces, and increasing sharing across the collection. We wish to appropriate these benefits for families of closely related benchmarks, say for evaluating query engine implementation strategies. We introduce the notion of a benchmark framework, an ecosystem of benchmarks that are related in semantically rich ways and enabled by organizing principles. A benchmark framework is realized by iteratively changing one individual benchmark into another, say by modifying the data format, adding schema constraints, or instantiating a different workload. Paramount to our notion of benchmark frameworks are the ease of describing the differences between individual benchmarks and the utility of methods to validate the correctness of each benchmark component by exploiting the overarching ecosystem. As a detailed case study, we introduce τBench, a benchmark framework consisting of ten individual benchmarks, spanning XML, XQuery, XML Schema, and PSM, along with temporal extensions to each. The second case study examines the Mining Unstructured Data benchmark framework, and the third examines the potential benefits of rendering the TPC family as a benchmark framework. Copyright © 2013 John Wiley & Sons, Ltd.

Code obfuscation can help software developers protect technological secrets. Code readability is greatly enhanced with object-oriented technology that represents dynamic binding using instance method invocation. Therefore, dismantling instance methods is proposed in this paper as a critical obfuscating technique for object-oriented programs. The interception classes are interpolated first into the project. The static images and the up forwarders are then created. For each virtual function system and each interface function system, a respective dispatching function is set up. By properly arranging the class identifiers and binding identifiers, the switch statement in the dispatching function can be compiled into constant-time low-level code. After using dispatching functions to simulate virtual function system or interface function system invocations, all original instance methods in the project will be removed. Interception functions and export functions are indispensable in supporting the operation of callback methods. A prototype of our obfuscation system was implemented and successfully tested on some practical scale applications. Copyright © 2013 John Wiley & Sons, Ltd.

Classical Web crawlers make use of only hyperlink information in the crawling process. However, focused crawlers are intended to download only Web pages that are relevant to a given topic by utilizing word information before downloading the Web page. But, Web pages contain additional information that can be useful for the crawling process. We have developed a crawler, iCrawler (intelligent crawler), the backbone of which is a Web content extractor that automatically pulls content out of seven different blocks: menus, links, main texts, headlines, summaries, additional necessaries, and unnecessary texts from Web pages. The extraction process consists of two steps, which invoke each other to obtain information from the blocks. The first step learns which HTML tags refer to which blocks using the decision tree learning algorithm. Being guided by numerous sources of information, the crawler becomes considerably effective. It achieved a relatively high accuracy of 96.37% in our experiments of block extraction. In the second step, the crawler extracts content from the blocks using string matching functions. These functions along with the mapping between tags and blocks learned in the first step provide iCrawler with considerable time and storage efficiency. More specifically, iCrawler performs 14 times faster in the second step than in the first step. Furthermore, iCrawler significantly decreases storage costs by 57.10% when compared with the texts obtained through classical HTML stripping. Copyright © 2013 John Wiley & Sons, Ltd.

Stream processing applications process high volume, continuous feeds from live data sources, employ data-in-motion analytics to analyze these feeds, and produce near real-time insights with low latency. One of the fundamental characteristics of such applications is the on-the-fly nature of the computation, which does not require access to disk resident data. Stream processing applications store the most recent history of streams in memory and use it to perform the necessary modeling and analysis tasks. This recent history is often managed using windows. All data stream management systems provide some form of windowing functionality. Windowing makes it possible to implement streaming versions of the traditionally blocking relational operators, such as streaming aggregations, joins, and sorts, as well as any other analytic operator that requires keeping the most recent tuples as state, such as time series analysis operators and signal processing operators.

In this paper, we provide a categorization of different window types and policies employed in stream processing applications and give detailed operational semantics for various window configurations. We describe an extensibility mechanism that makes it possible to integrate windowing support into user-defined operators, enabling consistent syntax and semantics across system-provided and third-party toolkits of streaming operators. We describe the design and implementation of a runtime windowing library that significantly simplifies the construction of window-based operators by decoupling the handling of window policies and operator logic from each other. We present our experience using the windowing library to implement a relational operators toolkit and compare the efficacy of the solution to an earlier implementation that did not employ a common windowing library. Copyright © 2013 John Wiley & Sons, Ltd.

XML data warehouses are becoming more popular as data is harvested from the web or as output from web services. As these warehouses tend to grow significantly over time, various techniques for expediting queries have been developed. One such technique is to materialize some or all of the queries in advance of query processing. These views are then subject to change either when underlying data changes or view definitions themselves are modified by users. The work in this paper focuses on changes to view definitions or view adaptation as it is known. Our approach is to segment the materialized view into fragments to minimize the effect of view changes. One crucial aspect to this approach is how to select the best fragments for materialization. In this paper, we introduce a new approach to selecting fragments based on heuristics derived from costs associated with the view graph. Copyright © 2013 John Wiley & Sons, Ltd.

The current integrated circuit technologies are approaching their physical limits in terms of scaling and power consumption, in this context, the electronic design automation (EDA) industry is pushed towards solving ever more challenging problems in terms of performance, scalability and adaptability. Meeting these constraints needs innovation at both the algorithmic and the methodological level. Amongst academic EDA tools, Madeo toolkit has been targeting field-programmable gate array (FPGA) design-automation at the logic and the physical level since the late 1990s. As many other long-living software, despite embedding valuable legacy, Madeo exhibits unwanted characteristics that penalize evolution and render the automation problems even more difficult. This study presents a methodological approach to physical-design automation relying on model-driven engineering, which is illustrated through the incremental redesign of the Madeo framework. A benefit of this approach is the emergence of a common vocabulary to describe the EDA domain in an FPGA scope. A second advantage is the isolation of the optimization algorithms from the structural domain models. However, the main asset is the possibility to re-inject into the newly designed toolkit most of the legacy code. The redesigned framework is compared with and scored against initial code-base, and demonstrates a regression-free remodeling of the environment with net improvements in terms of size and complexity metrics. As a consequence, the evolution capability is back on stage, and the domain-space exploration widens to the algorithmic axis. Copyright © 2013 John Wiley & Sons, Ltd.

We present the design and implementation of a compiler from OCaml bytecode to JavaScript. The compiler first translates the bytecode into a static single-assignment intermediate representation on which optimizations are performed, before generating JavaScript. We believe that taking bytecode as an input instead of a high-level language is a sensible choice. Virtual machines provide a very stable API. Such a compiler is thus easy to maintain. It is also convenient to use, and it can just be added to an existing installation of the development tools. Already-compiled libraries can be used directly, with no need to reinstall anything. Finally, some virtual machines are the target of several languages. A bytecode to JavaScript compiler would make it possible to retarget all these languages to Web browsers at once. Copyright © 2013 John Wiley & Sons, Ltd.

Multicore processors are ubiquitous. Their use in embedded systems is growing rapidly, and given the constraints on uniprocessor clock speeds, their importance in meeting the demands of increasingly processor-intensive embedded applications cannot be understated. To harness this potential, system designers need to have available to them embedded operating systems with built-in multicore support for widely available embedded hardware. This paper documents our experience of adapting FreeRTOS, a popular embedded real-time operating system, to support multiple processors. A working multicore version of FreeRTOS that is able to schedule tasks on multiple processors as well as provide full mutual-exclusion support for use in concurrent applications is presented. Mutual exclusion is achieved in an almost completely platform-agnostic manner, preserving one of FreeRTOS's most attractive features: portability. Copyright © 2013 John Wiley & Sons, Ltd.

Grid or cloud environments leverage the need for self-repair solutions that resist and repair their own failures, something not yet ensured by existing solutions. In this paper, we describe the JADE Autonomic Repair System for legacy applications deployed in a grid or cloud environment. JADE is based on three main design principles. First, legacy applications are wrapped with Java objects, obtaining a uniform set of management operations over the heterogeneous legacy management capabilities. Second, to gain full autonomy, we adopt a replicated design combined with a recursive approach that makes JADE appear to JADE as any distributed application it manages and repairs. Finally, to scale, we rely on tiling the distributed environment and structuring our repair system per tile. To our knowledge, our repair system is the only one that is designed to scale and is fully autonomic, repairing not only the failures of the managed system but also its own. Our repair system has been tested in various realistic scenarios. Copyright © 2013 John Wiley & Sons, Ltd.

Multi-touch driven user interfaces are becoming increasingly prevalent because of their intuitiveness and because of the reduction in the associated hardware costs. In recognition of this trend, multi-touch software frameworks (MSFs) have begun to emerge. These frameworks abstract the low level issues of multi-touch software development and deployment. MSFs therefore enable software developers who are unfamiliar with the complexities of multi-touch software development to implement and deploy multi-touch applications more easily. However, some multi-touch applications have real-time system requirements, and at present, no MSFs provide support for the development and deployment of such real-time multi-touch applications. The implication of this is that software developers are unable to take advantage of MSFs and, therefore, are forced to handle the complexities of multi-touch and real-time systems development and deployment for themselves in an ad hoc manner. The primary consequence of this is that the multi-touch and/or real-time aspects of the application may not function correctly. In this paper, guidelines are presented for applying real-time system concepts to support the development and deployment of real-time multi-touch applications using MSFs. This serves to increase the probability that the application will meet its timing requirements while also reducing the complexity of the development and deployment process associated with multi-touch applications. Copyright © 2013 John Wiley & Sons, Ltd.

Memory accesses introduce big-time overhead and power consumption because of the performance gap between processors and main memory. This paper describes and evaluates a technique, loop scheduling with memory access reduction (LSMAR), that replaces hidden redundant load operations with register operations in loop kernels and performs partial scheduling for newly generated register operations subject to register constraints. By exploiting data dependence of memory access operations, the LSMAR technique can effectively reduce the number of memory accesses of loop kernels, thereby improving timing performance. The technique has been implemented into the Trimaran compiler and evaluated using a set of benchmarks from DSPstone and MiBench on the cycle-accurate simulator of the Trimaran infrastructure. The experimental results show that when the LSMAR technique is applied, the number of memory accesses can be reduced by 18.47% on average over the benchmarks when it is not applied. The measurements also indicate that the optimizations only lead to an average 1.41% increase in code size. With such small code size expansion, the technique is more suitable for embedded systems compared with prior work.Copyright © 2013 John Wiley & Sons, Ltd.

Non-cryptographic hash functions (NCHFs) have an immense number of applications, ranging from compilers and databases to videogames and computer networks. Some of the most important NCHF have been used by major corporations in commercial products. This practical success demonstrates the ability of hashing systems to provide extremely efficient searches over unsorted sets. However, very little research has been devoted to the experimental evaluation of these functions. Therefore, we evaluated the most widely used NCHF using four criteria as follows: collision resistance, distribution of outputs, avalanche effect, and speed. We identified their strengths and weaknesses and found significant flaws in some cases. We also discuss our conclusions regarding general hashing considerations such as selection of the compression map. Our results should assist practitioners and engineers in making more informed choices regarding which function to use for a particular problem.Copyright © 2013 John Wiley & Sons, Ltd.

Proper memory management and pointer usage often prove to be the most difficult concepts for students learning C++ to grasp. Compounding this problem is the fact that the compilers and runtime environments traditionally used to introduce these concepts leave much to be desired with regard to generating meaningful diagnostics to assist students in tracking down and fixing memory-related logical errors. To alleviate this, we have developed Dereferee, an advanced yet thin wrapper around C++ pointers that greatly increases the quality of these runtime diagnostics, but with only a small amount of intrusion into the development process. With regard to performance, memory-intensive programs will experience execution times approximately 20–30 times slower when using Dereferee, which is comparable with other similar tools. Furthermore, the library has been designed to be customizable and easily disabled to transition codes from development to production.Copyright © 2013 John Wiley & Sons, Ltd.

Timely run-time software replacement techniques are a corner stone for reconciling real-time systems development and dynamic behavior. Typical real-time systems do not consider dynamic behavior because it deeply challenges predictability and timeliness. Current efforts are starting to merge the safe and predictable execution with a controllable level of dynamicity by imposing a set of bounds and limitations to the system dynamic behavior. One of the obstacles for this is how to time-bound the different operations required to effectively implement component replacement. In this paper, the main challenges for this problem are identified, and a model to ensure that components can be replaced at run time preserving the temporal properties of the system is provided that also avoids failures in replacements. A real example and simulations of our replacement model are provided that validate the presented ideas. Copyright © 2013 John Wiley & Sons, Ltd.

Compiler optimization phase ordering is a fundamental, pervasive, and long-standing problem for optimizing compilers. This problem is caused by interacting optimization phases producing different codes when applied in different orders. Producing the best phase ordering code is very important in performance-oriented and cost-constrained domains, such as embedded systems. In this work, we analyze the causes of the phase ordering problem in our compiler, Very Portable Optimizer (VPO), and report our observations. We devise new techniques to eliminate, what we call, false phase interactions in our compiler. We find that reducing such false phase interactions significantly prunes the phase order search space. We also develop and study algorithms to find the best average performance that can be delivered by a single phase sequence over our benchmark set and discuss the challenges in resolving this important problem. Our results show that there is no single sequence in VPO that can achieve the optimal phase ordering performance across all functions. Copyright © 2013 John Wiley & Sons, Ltd.

We present a novel approach to combined textual and visual programming by allowing visual, interactive objects to be embedded within textual source code and segments of source code to be further embedded within those objects. We retain the strengths of text-based source code, while enabling visual programming where it is beneficial. Additionally, embedded objects and code provide a simple object-oriented approach to adding a visual form of LISP-style macros to a language. The ability to freely combine source code and visual, interactive objects with one another allows for the construction of interactive programming tools and experimentation with novel programming language extensions. Our visual programming system is supported by a type coercion-based presentation protocol that displays normal Java and Python objects in a visual, interactive form. We have implemented our system within a prototype interactive programming environment called ‘The Larch Environment’. Copyright © 2013 John Wiley & Sons, Ltd.

One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper, we present a study with operating system's (OS's) vulnerability data from the NIST National Vulnerability Database (NVD). We have analyzed the vulnerabilities of 11 different OSs over a period of 18 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSs. Hence, although there are a few caveats on the use of NVD data to support definitive conclusions, our analysis shows that by selecting appropriate OSs, one can preclude (or reduce substantially) common vulnerabilities from occurring in the replicas of the intrusion-tolerant system. Copyright © 2013 John Wiley & Sons, Ltd.

Ensuring models’ consistency is a key concern when using a model-based development approach. Therefore, model inconsistency detection has received significant attention over the last years. To be useful, inconsistency detection has to be sound, efficient, and scalable. Incremental detection is one way to achieve efficiency in the presence of large models. In most of the existing approaches, incrementalization is carried out at the expense of the memory consumption that becomes proportional to the model size and the number of consistency rules. In this paper, we propose a new incremental inconsistency detection approach that only consumes a small and model size-independent amount of memory. It will therefore scale better to projects using large models and many consistency rules. Copyright © 2012 John Wiley & Sons, Ltd.

Smalltalk is an exciting object-oriented language in which even primitive values are uniformly handled as normal objects described by classes that one can browse and extend. Smalltalk was born during the seventies, but the ideas behind currently available implementations are still modern and innovative.

Smalltalk benefits from being a highly expressive language in which complex and powerful systems can emerge from the composition of simple building blocks. Thanks to its dynamic nature, fast prototyping and agile software development are made possible. Smalltalk also benefits from having powerful meta-programming facilities. A program is able to query and to change its own structure and behavior. Smalltalk is not only a language but also an interactive system that is implemented in Smalltalk and that can be customized according to users needs.

This special issue presents four extended versions of research papers from the third International Workshop on Smalltalk Technologies (IWST) that was organized at Edinburgh on September 2011.

• Johan Fabry et al. presented Phantom, an aspect language that includes recent research results in aspect interactions and reentrancy control. Phantom is designed to be optimized and compiled where possible.

• Increasing use of reflection and meta-programming techniques in real world applications underlines the need for more dynamic approaches. New approaches have shifted to object-specific reuse. Jorge Ressia et al. proposed a new abstraction called a talent, which models features that are shared between objects of different class hierarchies.

• Martin Dias et al. presented Fuel, a general-purpose object serializer that focuses on speed, through a compact binary format and an efficient pickling algorithm. Fuel serializes any object, thus having a full-featured language-specific format.

• Redesign of nontrivial software is often a challenge. Ciprian Teodorov et al. addressed physical-design automation and presented a methodological approach relying on model-driven engineering. Also, they summarized some lessons learned from the incremental redesign of Madeo, a toolkit that targets field-programmable gate array design automation.

A repository of learning objects is a system that stores electronic resources in a technology-mediated learning process. The need for this kind of repository is growing as more educators become eager to use digital educational contents and more of it becomes available. The sharing and use of these resources relies on the use of content and communication standards as a means to describe and exchange educational resources, commonly known as learning objects. This paper presents the design and implementation of a service-oriented repository of learning objects called crimsonHex. This repository supports new definitions of learning objects for specialized domains and we illustrate this feature with the definition of programming exercises as learning objects and its validation by the repository. The repository is also fully compliant with existing communication standards and we propose extensions by adding new functions, formalizing message interchange and providing a REST interface. To validate the interoperability features of the repository, we developed a repository plug-in for Moodle that is expected to be included in the next release of this popular learning management system. Copyright © 2012 John Wiley & Sons, Ltd.

Present day sophisticated and innovative attacks have resulted in exponentially increasing security problems. This paper therefore presents a three-phased threat-oriented security model to meet the above security challenges as a part of proactive risk management. This model is based on a spiral process for software development because it is a risk driven approach and provides an incremental method for a progressively growing system with decreasing risk. Integration of threat management during the development process in the proposed work provides necessary security cover against both unforeseen and known threats. Identification of these threats has been made possible by fusion of a threat modeling process and research honeytokens in conjunction with a statistical model in the first phase. Necessary security measures to mitigate the above identified threats have been adopted in the second phase using multiagent system planning. Risk reduction as a result of adoption of countermeasures has been evaluated in the third phase using meta-agents in association with fuzzy logic in a multiagent environment. The proposed proactive measures of this model have been demonstrated with a case study on ‘Online Banking’ to show its feasibility and has been implemented using Java Agent Development Environment, Apache Tomcat Server, with MySQL Server at the backend. Copyright © 2012 John Wiley & Sons, Ltd.

Pervasive computing applications involve both software concerns, such as any software system, and integration concerns, for the constituent networked devices of the pervasive computing environment. This situation is problematic for testing because it requires acquiring, testing, and interfacing a variety of software and hardware entities. This process can rapidly become costly and time-consuming when the target environment involves many entities.

This paper introduces DiaSim, a simulator for pervasive computing applications. To cope with widely heterogeneous entities, DiaSim is parameterized with respect to a description of a target pervasive computing environment. This description is used to generate both a programming framework to develop the simulation logic and an emulation layer to execute applications. Furthermore, a simulation renderer is coupled to DiaSim to allow a simulated pervasive system to be visually monitored and debugged.

DiaSim has been implemented and used to simulate various pervasive computing systems in different application areas, demonstrating the generality of our parameterized approach. Copyright © 2012 John Wiley & Sons, Ltd.

In the context of our research on Aspect-Oriented Programming, we have a need for a modern and powerful aspect language for Smalltalk. Current aspect languages for Smalltalk however fall short on various points. To address this deficit, we elected to design and build PHANtom: a modern aspect language for Pharo Smalltalk. PHANtom is designed to be an aspect language in the spirit of Smalltalk: dynamic, simple, and powerful. PHANtom is a modern aspect language because it incorporates the best features of languages that precede it, includes recent research results in aspect interactions and reentrancy control, and is designed from the onset to be optimized and compiled where possible. In this paper, we present the latest version of the language and give examples and patterns of use.Copyright © 2012 John Wiley & Sons, Ltd.

Tools for automated fault localization usually generate too many bug candidates depending on the underlying technique. Hence, more information is required in order to further restrict the number of bug candidates. Approaches that rely on specific knowledge of the program to be debugged, such as variable values at specific positions in the source code, are not easily accessible for users especially in the case of software maintenance. In order to avoid this problem, we suggest integrating testing to restrict the number of bug candidates. In particular, we propose computing possible corrections of the program and from this distinguishing test cases. A distinguishing test case is a test that reveals different output values for two program variants given the same input values. Besides the formal definitions and algorithms, we extend the first empirical results of our approach in this paper. The obtained empirical results show that the use of mutations and distinguishing test cases reduces the number of bug candidates by more than 90% on average. Copyright © 2012 John Wiley & Sons, Ltd.

We introduce a new Syntax-based Security Testing framework that uses a protocol specification to perform security testing on text-based communication protocols. A protocol specification of a particular text-based protocol under test represents its syntactic grammar and static constraints. The specification is used to generate test cases by mutating valid messages, breaking the syntax and constraints of the protocol. The framework is demonstrated using a toy web application and the open source application KOrganizer.Copyright © 2012 John Wiley & Sons, Ltd.

Modern software often uses ontologies as its key component to store data and their relationships. This is different from using an ontology as a stand-alone tool for knowledge sharing and representation. The ontology component needs to work with other software components and needs to evolve as the software evolves. Ontology design has been a research topic for years; however, most of these studies focus on using ontologies as stand-alone applications. This paper studies ontology patterns that can be applied to design ontologies as an integral part of a service-oriented application. The paper first briefly reviews various ontology design issues including a brief survey of existing ontology design patterns. The paper then outlines general principles for using ontologies in software applications, including the needs to incorporate ontology design process as a part of software development processes, design ontologies as a component of an overall software architecture, and use ontologies to enhance software evolution and the role that ontologies can play in software validation. The paper then proposes some common ontology patterns that can be used to design ontologies in service-oriented applications. This is followed by examining two international projects, SENSEI and FCINT, where ontologies are used in service-oriented applications and several ontology design patterns are used. Copyright © 2011 John Wiley & Sons, Ltd.

A vast number of software fault localization techniques have been proposed recently with the growing realization that manual debugging is time-consuming, tedious, and error-prone, and fault localization is one of the most expensive debugging activities. Although some techniques perform better than others on a large number of data sets, they do not do so on all data sets and therefore, the actual quality of fault localization can vary considerably by using just one technique. This paper proposes the use of a consensus-based strategy that combines the results of multiple fault localization techniques to consistently provide high quality performance, irrespective of data set. Empirical evidence based on case studies conducted on six sets of programs (seven programs of the Siemens suite, and the gzip, grep, make, space, and Ant programs) and three different fault localization techniques (Tarantula, Ochiai, and H3) suggests that the consensus-based strategy holds merit and generally provides close to the best, if not the best, results. Empirically, we show that this is true of both single-fault and multifault programs. Additionally, the consensus-based strategy makes use of techniques that all operate on the same set of input data, minimizing the overhead. It is also simple to include or exclude techniques from consensus, making it an easily extensible or tractable strategy. Copyright © 2011 John Wiley & Sons, Ltd.

A privacy enhancing technology (PET) is an application or a mechanism that allows users to protect the privacy of their personally identifiable information. Early PETs were about enabling anonymous mailing and anonymous browsing, but lately, there have been active research and development efforts in many other problem domains. This paper describes the first pattern language for developing PETs. Currently, it contains 12 patterns. These privacy patterns are not limited to a specific problem domain; they can be applied to design anonymity systems for various types of online communication, online data sharing, location monitoring, voting, and electronic cash management. The pattern language guides a developer when he or she is designing a PET for an existing problem or innovating a solution for a new problem. Copyright © 2011 John Wiley & Sons, Ltd.

There are many software pattern catalogs that exist in the published literature today, but none of them uses a consistent classification technique that results in evolving and extensible pattern catalog. We have created a new classification scheme and used it as the basis for constructing a software pattern catalog. It is a uniform approach for creating, maintaining, and expanding the catalog. We present a brief overview of the classification scheme, describe the resulting catalog and the principles underlying its construction, show how to use the catalog, and demonstrate some of its benefits for software designers. Copyright © 2011 John Wiley & Sons, Ltd.

Many researchers employ various statistical methods to locate faults in faulty programs. Like other researchers, we sometimes have made mistakes in the quest of making statistical fault localization both practical and scientific. In this experience report, we reflect on our work conducted on this topic, organize our isolated experiences in the format of models and errors, and cast them in the context of statistics. Copyright © 2011 John Wiley & Sons, Ltd.

Architectural patterns are often applied in combination with related patterns within software architectures. The relationships among architectural patterns must be considered when applying a combination of patterns into a system; for example the way the Model-View-Controller uses the Observer pattern to implement the change propagation mechanism needs to be carefully designed. However, effective integration of architectural patterns within software architectures remains a challenging task. This is because the integration of any two architectural patterns can take several forms. Furthermore, existing pattern languages define generic and abstract relationships between architectural patterns without going into detail about associations among the participants of architectural patterns. In this paper, we propose to address the pattern integration issue by discovering and defining a set of pattern participants relationships that serve the purpose of effectively integrating architectural patterns. Our findings are validated through a controlled experiment, which provides significant evidence that the proposed relationships support inexperienced designers in integrating patterns. Copyright © 2011 John Wiley & Sons, Ltd.

Middleware support for advanced pervasive applications includes dealing with heterogeneous systems and dynamic changes of execution environments. If applications are context aware, they are able to detect such changes at runtime and react to them accordingly. Furthermore, they can also proactively adapt to upcoming situations by making accurate assumptions about future contexts. However, the design of reusable middleware support for such future-context-aware applications is still challenging as a supporting prediction system has to be generic, but at the same time has to provide potential for high accuracy and efficiency.

This paper proposes a concept for the development of future-context-aware applications on the basis of the novel approach of structured context prediction. As a framework, this approach allows for integrating domain-specific knowledge and facilitates application, combination, and implementation of suitable prediction methods. In addition, specific runtime mechanisms for distribution of knowledge and adaptation of prediction tasks are proposed, which enable useful context predictions even for dynamic applications. The overall development process as well as practical experiments with the prototype framework is illustrated by two use case scenarios—demonstrating that both high accuracy and efficiency of future context predictions are achievable and even ad hoc context predictions can be supported this way. Copyright © 2011 John Wiley & Sons, Ltd.

In a cross-organizational context, software services are provided and consumed by different organizations. Ensuring that the non-functional requirements of all the involved organizations are satisfied is hard to achieve in such a distributed and heterogeneous environment: the implementation of features, for example, security, is scattered across the services of multiple organizations. In this paper, we present a coordination architecture for flexible and policy-driven composition of cross-organizational features in distributed service systems. The underlying approach of this architecture is to specify the features and their composition at a higher level that abstracts the internal implementation mechanisms of the organizations involved. By means of feature composition policies, the organizations specify at a fine-grained level which features are required and when they have to apply. Driven by these policies, our coordination middleware dynamically integrates the appropriate features throughout the cross-organizational service composition in a consistent and efficient way. We have validated our architecture in a proof of concept showing limited performance overhead. Copyright © 2011 John Wiley & Sons, Ltd.

Search engines essentially rely on the structure of the graph of hyperlinks. Although accurate for the main trend, this is not effective when some query is ambiguous. Leveraging semantic information by the mean of interest matching allows proposing complementary results that are tailored to the user's expectations. This paper proposes a collaborative search companion system, CoFeed, that collects user search queries and that considers feedback to build user-centric and document-centric profiling information. Over time, the system constructs ranked collections of elements that maintain the required information diversity and enhance the user search experience by presenting additional results tailored to the user's interest space. This collaborative search companion requires a supporting architecture adapted to large user populations generating high request loads. To that end, it integrates mechanisms for ensuring scalability and load balancing of the service under varying loads and user interest distributions. Moreover, collecting the recommendation data poses the problem of users’ privacy, and the bias one peer can induce to the system by sending fake recommendations. To that end, CoFeed ensures both publisher anonymity and rate limitation. With the former, the origin of the data is never known by the server that processes it, even if several servers collude to spy on some user. The latter, combined with decoupled authentication, allows to minimize the influence of cheating peers sending fake recommendations. Experiments with a deployed prototype highlight the efficiency of the system by analyzing improvement in search relevance, computational cost, scalability and load balancing. Copyright © 2011 John Wiley & Sons, Ltd.

Nowadays, the computational devices are everywhere. In malls, offices, streets, cars, and even homes, we can find devices providing and consuming functionality to improve the user satisfaction. These devices include sensors that provide information about the environment state (e.g., temperature, occupancy, light levels), service providers (e.g., Internet TVs, GPS), smartphones (that contain user preferences), and actuators that act on the environment (e.g., closing the blinds, activating the alarm, changing the temperature). Although these devices exhibit communication capabilities, their integration into a larger monitoring system remains a challenging task, partly because of the strong heterogeneity of technologies and protocols. Therefore, in this article, we focus on home environments and propose a middleware solution, called DigiHome, that applies the Service Component Architecture (SCA) component model to integrate data and events generated by heterogeneous devices in this kind of environments. DigiHome exploits the SCA extensibility to incorporate the REpresentational State Transfer (REST) architectural style and, in this way, leverages on the integration of multiscale systems-of-systems (from wireless sensor networks to the Internet). Additionally, the platform applies Complex Event Processing technology that detects application-specific situations. We claim that the modularization of concerns fostered by DigiHome and materialized in a service-oriented architecture, makes it easier to incorporate new services and devices in smart home environments. The benefits of the DigiHome platform are demonstrated on smart home scenarios covering home automation, emergency detection, and energy saving situations. Copyright © 2011 John Wiley & Sons, Ltd.

Software maintenance including design is difficult because it is usually performed on someone else's work over a period of time. Maintaining a pattern-based design is especially much more difficult when the information on specific patterns that have been used are not available in the corresponding design documents. Also, finding a maintainer who has a similar level of knowledge on specific patterns that the initial designer had is not easy. Pattern-based design, the use of design patterns during the software design process, has become widely used in the object-oriented community because of its many benefits such as its reuse. However, the defects in pattern-based design can be introduced during the design maintenance phase when the changes are made to the requirements and the initial design, but the conformance to the original patterns is neglected. This conformance process is laborious and time consuming; no systematic process exists to guide the defects discovery and maintenance. Also, deep and correct knowledge of design patterns and their characteristics are required because this process is conducted by human experts. Failure to follow this conformance process and to maintain correct designs during software design evolution may cause serious problems in later software development and maintenance stages by not providing the benefits of pattern-based design that would have been possible if followed correctly. There is a strong need of a systematic design and maintenance method for preventing defects in design patterns introduced during the evolution of pattern-based software design and its maintenance. Because conventional UML design methods do not provide such systematic ways of assessing pattern-based design conformance to the evolutionary changes, we have developed the pattern instance changes with UML profiles (PICUP) design method, which is an improved design method for perfective and corrective UML pattern-based design maintenance and assessment. Design pattern in UML profiles (DPUP) is developed for the use of instantiation, maintenance, and assessment of UML pattern-based designs to support the formal specification of a design pattern. DPUPs, as the main part of the PICUP design method, provide metamodel-level UML design constraints using UML stereotype notations and metamodel-level Object Constraint Language design constraints. Assessment of pattern-based designs in UML class diagram with the corresponding DPUPs enforces maintainers to make necessary and correct changes to keep the principles of the original designs. Pattern-related information is annotated using stereotype notations to help assess pattern-based designs when changes are made. Furthermore, the structural conformance checking of a given UML pattern-based design can be automated by using the assessment tool. The major contributions of this paper are: (i) specifying design patterns using extended UML profile; (ii) providing a means of how to instantiate pattern-based designs from DPUPs with naming conventions; and (iii) providing design constraints for maintaining pattern-based design to guide correct changes of a given design in PICUP method. Explanatory type case studies were performed to better understand and evaluate the effectiveness of the PICUP design method with DPUPs. Answers to the case study questionnaires and the pattern defects discovered from the case studies support the hypothesis that the PICUP method is an improved design method that ensures structural conformance of UML pattern-based designs to the corresponding design patterns during perfective and corrective design maintenance for software systems. Copyright © 2011 John Wiley & Sons, Ltd.

Computing systems are increasingly designed as a collection of interacting services that constitute a set of functionality offered by a service provider or server to its clients. Many service-oriented computing systems have constraints on the resources they allocate and manage. In these systems, certain types of services should consume resources only when they are accessed by clients, and clients should be shielded from where services are located, how they are deployed, and how their lifecycle is managed. The activator pattern provides an effective means to efficiently and transparently automate scalable on-demand activation and deactivation of services accessed by many clients. This paper motivates the need for the activator pattern, describes the structure and dynamics of canonical implementations of the pattern, and examines the benefits and liabilities of applying this pattern to services in resource-constrained computing systems. Copyright © 2011 John Wiley & Sons, Ltd.

Design patterns are rapidly gaining acceptance in the software community not only as reusable constructs for software development but also for the documentation of the software architectural design. Most of the existing design pattern languages describe design patterns using a combination of a natural language, UML-style diagrams and complex mathematical or logic based formalisms, which makes them hard for programmers to understand. In this paper we propose a design pattern definition language (DPDL) based on XML which can be used for sharing design patterns’ implementation details among developers. DPDL is easy to understand and use. It provides unambiguous description of the patterns and is extensible. DPDL also has the flexibility of defining design patterns in a generic term to be used as templates. Copyright © 2011 John Wiley & Sons, Ltd.

Our everyday environments may soon be pervaded with radio frequency identification (RFID) tags integrated in physical objects. These RFID tags can store a digital representation of the physical object and transmit it wirelessly to pervasive, context-aware applications running on mobile devices. However, communicating with RFID tags is prone to many failures inherent to the technology. This hinders the development of such applications, as traditional programming models require the programmer to deal with the RFID hardware characteristics manually. On the other hand, traditional RFID middleware focuses on limited scenarios in an enterprise context and not on general ubiquitous computing scenarios. In this paper, we extend the ambient-oriented programming paradigm to program RFID applications, by considering RFID tags as intermittently connected mutable proxy objects hosted on mobile distributed computing devices, and detail our prototype implementation. Copyright © 2011 John Wiley & Sons, Ltd.

Cloud computing is a disruptive technology, representing a new model for information technology solution engineering and management that promises to introduce significant cost savings and other benefits. The adoption of Cloud computing requires a detailed comparison of infrastructure alternatives, taking a number of aspects into careful consideration. Existing methods of evaluation, however, limit decision-making to the relative costs of Cloud computing, but do not take a broader range of criteria into account. The Multi-Criteria Comparison Method for Cloud Computing () offers a multi-criteria-based decision framework that can be applied to Cloud computing. The framework allows organizations to create evaluation methods that help to determine what infrastructure best suits their needs by evaluating and ranking infrastructure alternatives using multiple criteria derived from a comprehensive criteria catalog. Therefore, offers a way to differentiate infrastructures not only by costs but also in terms of benefits, opportunities and risks. can be adapted to facilitate a wide array of decision-making scenarios within the domain of information technology infrastructures, depending on the criteria selected to support the framework. The software prototype presented in this paper creates an interface to decision-makers that makes the framework more usable for Cloud infrastructure decisions in practice. Copyright © 2011 John Wiley & Sons, Ltd.

Logging and replay provide numerous benefits for debugging today's increasingly distributed and parallel applications, as well as for debugging within cloud computing environments. Tracking down faults, particularly in applications that involve non-deterministic executions, becomes much easier if such a technique is used. This article presents a system that leverages the functionality of modern x86 hardware extensions present in Intel and AMD processors to implement logging and replay of the Kernel-based Virtual Machine (KVM). With our KVM-based logging and replay system, virtual machines can be logged at will. The system can record the behavior of the operating system, the applications, the network traffic, and the user input. At a later time, and even on another machine, the problematic execution can be replayed and analyzed. The implementation incurs a minimal amount of processing and memory overhead, and thus, its effects are largely imperceptible to users of the system. Copyright © 2011 John Wiley & Sons, Ltd.

Hadoop, based on the popular MapReduce framework, is an open-source distributed computing framework that has been gaining much popularity and usage. It aims to allow programmers to focus on building applications that deals with processing large amount of data, without having to handle other issues when performing parallel computations. However, tuning the performance of Hadoop applications is not an easy task due to the level of abstraction of the framework. In this paper, we present three case studies and some of the challenges and issues that are to be considered in performance tuning when running applications in Hadoop. The focus is mainly on the impact of input data on Hadoop's performance and how they can be tuned. Copyright © 2011 John Wiley & Sons, Ltd.

The service-oriented computing (SOC) paradigm has recently gained a lot of attention in the software industry because SOC represents a novel and a fresh way of architecting distributed applications. SOC is usually materialized via web services, which allows developers to structure applications exposing a clear, public interface to their capabilities. Although conceptually and technologically mature, SOC still lacks adequate development support from a methodological point of view. In this paper, we present the EasySOC project, a set of guidelines to simplify the development of service-oriented applications and services. EasySOC is a synthesized catalog of best SOC development practices that arise as a result of several years of research in fundamental Services Computing topics, that is, Web Service Description Language-based technical specification, Web Service discovery, and Web Service outsourcing. In addition, we describe a materialization of the guidelines for the Java language, which has been implemented as a plug-in for the Eclipse IDE. We believe that both the practical nature of the guidelines and the availability of this software that enforces them may help software practitioners to rapidly exploit our ideas for building real SOC applications. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, a distributed telematics peer-to-peer networking system is proposed to provide an efficient and feasible service discovery mechanism for mobile users. When mobile users travel on the road, they may request for some services from service providers to meet their demands. Mobile users in vehicles are assumed to go through a lot of regions, in which each region is associated with a region server. Related information of all service providers in a region is stored in its region server, and each region server is in charge of the service discovery requests from all vehicles located in its region. This paper focuses on the issues of developing a distributed peer-to-peer telematics service discovery networking system over the vehicular network environment for mobile users. To provide the communication mechanism for telematics service discovery among region server, mobile users, and service providers, the Telematics Service Markup Language is proposed. According to clients' demands, three types of query scenarios are proposed, which are (1) reference point based query, (2) continual query, and (3) route-based query. Finally, we present usage examples and system implementation of distributed telematics peer-to-peer. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we present heckmate, the first generic static analyzer of multithreaded Java programs based on abstract interpretation. heckmate can be tuned at different levels of precision and efficiency in order to prove various properties (e.g., absence of divisions by zero and data races), and it is sound for multithreaded programs. It supports all the most relevant features of Java multithreading, such as dynamic thread creation, runtime creation of monitors, and dynamic allocation of memory. The experimental results demonstrate that heckmate is accurate and efficient enough to analyze programs with some thousands of statements and a potentially infinite number of threads. Copyright © 2012 John Wiley & Sons, Ltd.

Class cohesion metrics apply different approaches to quantify the relatedness of the attributes and methods in a class. These relations can be direct or transitive. Method invocations are among the key sources of potential transitive attribute–method relations. That is, a method is not only related to the attributes that it references, but it may also be transitively related to the attributes referenced by the methods that it invokes. A few of the existing class cohesion metrics capture this potential transitive cohesion aspect. In this paper, we classify the method invocations as direct or transitive. The definitions of the class representative models used by 16 existing low-level design (LLD) metrics are extended to incorporate the cohesion caused by the two types of method invocations. The impact of incorporating the transitive relations because of the two types of method invocations on the cohesion values and on the ability of the LLD metrics to predict faulty classes are studied empirically. The results show that the transitive relations because of both types of method invocations featured a considerable degree of cohesion that is not captured by most of the existing LLD metrics. However, practically, incorporating transitive relations in cohesion measurement was found to be ineffective in improving the fault-prediction powers of most of the LLD metrics. Copyright © 2012 John Wiley & Sons, Ltd.

Translation Lookaside Buffers (TLBs) can play a critical role in improving the performance of emerging parallel workloads. Most current chip multiprocessor systems include multilevel TLBs and provide support for superpages both at the hardware and software level. Judicious use of superpages can significantly cut down the number of TLB misses and improve overall system performance. However, indiscriminate superpage allocation results in page fragmentation and increased application footprint, which often outweigh the benefits of reduced TLB misses. Previous research has explored policies for smart allocation of superpages from an operating system perspective. This paper presents a compiler-based strategy for automatic and profitable memory allocation via superpages. A significant advantage of a compiler-based approach is the availability of data-reuse information within an application. Our strategy employs data-locality analysis to estimate the TLB demands for both single-threaded and multi-threaded programs and uses this metric to apply selective superpage allocation. Apart from its obvious utility in improving TLB performance, this strategy can be used to improve the effectiveness of certain data-layout transformations and can be a useful tool in benchmarking and automatic performance tuning. We demonstrate the effectiveness of this strategy with experiments on three multicore platforms on a workload that contains both sequential and parallel applications. Copyright © 2012 John Wiley & Sons, Ltd.