As ontology development becomes a more ubiquitous and collaborative process, the developers face the problem of maintaining versions of ontologies akin to maintaining versions of software code in large software projects. Versioning systems for software code provide mechanisms for tracking versions, checking out versions for editing, comparing different versions, and so on. We can directly reuse many of these mechanisms for ontology versioning. However, version comparison for code is based on comparing text files---an approach that does not work for comparing ontologies. Two ontologies can be identical but have different text representation. We have

CVS is a widely known version management system, which can be used for the distributed development of software as well as its distribution from a central database. In this paper, we provide an outline of a formal security analysis of a CVS-Server architecture performed in [1]. The analysis is based on an abstract architecture (enforcing a role-based access control on the repository), which is refined to an implementation architecture (based on the usual discretionary access control provided by the POSIX environment). Both architectures serve as framework to formulate access control and confidentiality properties. Both the abstract as well as the concrete architecture are specified in the language Z. Based on a logical embedding of Z into Isabelle/HOL, we provide formal, machine-checked proofs for consistency properties of the specification, for the correctness of the refinement, and for some security properties. Thus, we present a case study for the security analysis of realistic models over an off-the-shelf system by formal machine-checked proofs.

Abstract. Some free software and open source projects have been extremely successful in the past. The success of a project is often related to the number of developers it can attract: a larger community of developers (the `bazaar') identifies and corrects more software defects and adds more features via a peer-review process. In this paper two free software projects (Wine and Arla) are empirically explored in order to characterize their software lifecycle, development processes and communities. Both the projects show a phase where the number of active developers and the actual work performed on the system is constant, or does not grow: we argued that this phase corresponds to the one termed 'cathedral ' in the literature. One of the two projects (Wine) shows also a second phase: a sudden growing amount of developers corresponds to a similar growing output produced: we termed this as the `bazaar ' phase, and we also argued that this phase was not achieved for the other system. A further analysis revealed that the transition between `cathedral' and `bazaar ' was a phase by itself in Wine, achieved by creating a growing amount of new modules, which attracted new developers. 1Introduction Prominent free software (or open source software, OSS) projects such as Linux [32], Apache [27] and FreeBSD [18] have been extremely successful. Anecdotal evidence has been used in the past to characterize successful OSS projects: users/developers acting as "more eyeballs " in the correction of bugs, developers implementing new features independently, skillful project managers dealing with a mostly flat organization, and the resulting coordination costs [28]. Previous studies have provided empirical evidence on the process of successful OSS projects: the definition of various types of developers has been discussed for the Mozilla and the Apache projects, justifying different levels of effort [27], and claiming that the first type (core developers) contribute to the success of a system.

Abstract. We present a method for the security analysis of realistic models over off-the-shelf systems and their configuration by formal, machine-checked proofs. The presentation follows a large case study based on a formal security analysis of a CVS-Server architecture. The analysis is based on an abstract architecture (enforcing a role-based access control), which is refined to an implementation architecture (based on the usual discretionary access control provided by the POSIX environment). Both architectures serve as a skeleton to formulate access control and confidentiality properties. Both the abstract and the implementation architecture are specified in the language Z. Based on a logical embedding of Z into Isabelle/HOL, we provide formal, machine-checked proofs for consistency properties of the specification, for the correctness of the refinement, and for security properties.

NEST is a framework for simulating large, structured neuronal systems. It is designed to investigate the functional behavior of neuronal systems in the context of their anatomical, morphological, and electrophysiological properties. NEST aims at large networks, while maintaining an appropriate degree of biological detail. This is achieved by combining a broad range of abstraction levels in a single network simulation. Great biological detail is then maintained only at the points of interest, while the rest of the system can be modeled by more abstract components. Here, we describe the conception of NEST and illustrate its key features. We demonstrate that software design and organizational aspects were of equal importance for the success of the project. 1

Abstract. Ontologies are often seen as basic building blocks for the semantic web, as they provide a shared and reusable piece of knowledge about a specific domain. With the rapid development of semantic web, the scale and complexity of ontologies grow fast. The construction of large-scale ontologies will involve collaborative efforts of multiple developers. However, collaborative construction of ontologies is a complicated task. This paper discusses the challenging issues in collaborative ontology development, gives an overview of the related technologies and proposes a practical role-based collaborative development method, named RCDM. According to it, a pyramidal taxonomy of roles is adopted to divide ontology developers into different roles. Developers serving as different roles work collaboratively to construct a large-scale ontology, and a weighted statistical algorithm is adopted to solve conflicts led by different opinions. Compared with existing methods, RCDM is more suitable to large-scale ontology development, and does well in developers management, concurrency control, and conflicts resolution. It integrates wisdoms of different kinds of developers, no matter whether they are domain experts or not. 1

In typical open source software development, developers use revision control systems for product management, mailing list systems for human communications, and bug tracking systems for process management. All of these systems store development histories of the products that show significant information of problems during the development.However, it would be a hard job to retrieve useful information related to a current problem faced by developers. In this paper, we describe a software development supporting system CoxR that is capable of crawling the development histories. CoxR creates software development information web which consists of developers, emails, and program deltas, and provides an interface to search, navigate, browse, and retrieve past development results. Through a case study, we confirmed that CoxR helps developers to solve their problems by making it easier to search development history. 1.

This is based on a refinement, mapping a system architecture on an implementation architecture abstractly describing CVS in our implementation. The system architecture describes the abstract system operations including the desired access control model RBAC and serves as backbone to describe overall security requirements formally. The implementation architecture-- to be seen as an abstract program-- describes the security mechanisms on the UNIX/POSIX filesystem level, namely discretionary access control (DAC).

Permission is granted for noncommercial reproduction of the work for educational or research purposes. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein.

Searching the archives of electronic product support mailing lists often provides unsatisfactory results for users looking for quick solutions to their problems. Archives are inconvenient because they are too voluminous, lack efficient searching mechanisms, and retain the original thread structure which is not relevant to knowledge seekers. I present MCS, a system which improves mailing list archives through condensation. Condensation involves omitting redundant or useless messages, and adding meta-level information to messages to improve searching. The condensation process is performed by a human assisted by an editing tool. I describe the design and implementation of MCS, and compare it to related systems. I also present my experiences condensing a 1428 message mailing list archive to an archive containing only 177 messages (an 88% reduction). The condensation required only 1.5 minutes of editor effort per message. The condensed archive was adopted by the users of the mailing list....