Abstract. Model-driven approaches to software development, when coupled with a domain-specific visual language, assist in capturing the essence of a large system in a notation that is familiar to a domain expert. From a high-level domain-specific model, it is possible to concisely describe the configuration features that a system must possess, in addition to checking that the model preserves semantic properties of the domain. With respect to large legacy applications written in disparate programming languages, the primary problem of transformation is the difficulty of adapting the legacy source to match the evolving features specified in the corresponding model. This paper presents an approach for uniting model-integrated computing with a mature program transformation engine. The paper describes a technique for performing widespread adaptations of source code from transformation rules that are generated from a domain-specific modeling environment for a large avionics framework. 1.

Buffer overflows are the most common source of security vulnerabilities in C programs. This class of vulnerability, which is found in both legacy and modern software, costs the software industry hundreds of millions of dollars per year. The most common type of buffer overflow is the runtime stack overflow. It is common because programmers often use stack allocated arrays. This enables the attacker to change a program’s control flow by writing beyond the boundary of an array onto a return address on the run-time stack. If the arrays are repositioned to the heap at compile time, none of these attacks succeed. Furthermore, repositioning buffers to the heap should perturb the heap memory enough to prevent many heap overflows as well. We have created a tool called Gemini that repositions stack allocated arrays at compile time using TXL. The transformation preserves the semantics of the program with a small performance penalty. This paper discusses the semantics-preserving transformation of stack allocated arrays to heap allocated “pointers to arrays”. A program that is amenable to a buffer overflow attack and several Linux programs are used as examples to demonstrate the effectiveness and overhead of our technique. 1.

Model transformations are one of the core technologies needed to apply OMG’s model driven engineering concept for the construction of real world systems. Several formalisms are currently proposed for the specification of these model transformations. A suitable formalism is based on graph transformation systems and graph transformation rules. The chapter provides an overview about the needed concepts to apply graph transformations in the context of model driven engineering and we show the technical feasibility based on several tools and applications.

Writing performance-critical programs can be frustrating because optimizing compilers for imperative languages tend to be unpredictable. For a subset of optimizations -- those that simplify rather than reorder code -- it would be useful to prove that a compiler reliably performs optimizations. We show that adopting a ``superanalysis'' approach to optimization enables such a proof. By analogy with linear algebra, we define the nullspace of an optimizer as those programs it reduces to the empty program. To span the nullspace, we define rewrite rules that de-optimize programs by introducing abstraction. For a model compiler we prove that any sequence of de-optimizing rewrite rule applications is undone by the optimizer. Thus, we are able to give programmers a clear mental model of what simplifications the compiler is guaranteed to perform, and make progress on the problem of ``abstraction penalty'' in imperative languages.

Huet and Lang (1978) presented a framework of automated program transformation based on lambda calculus in which programs are transformed according to a given program transformation template. They introduced a second-order matching algorithm of simply-typed lambda calculus to verify whether the input program matches the template. They also showed how to validate the correctness of the program transformation using the denotational semantics. We propose in this paper a framework of program transformation by templates based on term rewriting. In our new framework, programs are given by term rewriting systems. To automate our program transformation, we introduce a term pattern matching problem and present a sound and complete algorithm that solves this problem. We also discuss how to validate the correctness of program transformation in our framework. We introduce a notion of developed templates and a simple method to construct such templates without explicit use of induction. We then show that in any program transformation by developed templates the correctness of the transformation can be verified automatically. In our framework the correctness of the program transformation is discussed based on the operational semantics. This is a sharp contrast to Huet and Lang’s framework.

The reverse and reengineering research communities have a strong tradition of collecting, organizing, and unifying research results. Typical examples include an explicit taxonomy, dedicated web sites, an annotated bibliography, as well as efforts in exchange formats and tool evaluation. In this paper we describe and evaluate the use of a web authoring system to integrate such efforts. To that end, we propose the "Reengineering Wiki", which uses Wiki technology to enable web site visitors themselves to maintain and organize pages devoted to their topics of interest. This paper covers web authoring criteria, an introduction to wiki technology, typical wiki usage, and an evaluation of wiki-based systems. Moreover, the paper discusses the organization and contents of the Reengineering Wiki, and concludes with an invitation to participate in the Reengineering Wiki project.

Abstract. This paper deals with the issue of software adaptation. We focus on Component-Based Software Development including Architecture Description Languages, and clearly identify three levels of adaptation. We argue that capturing functional and non-functional changes in a system requires various types of adaptation tools working at different granularities and times in the system lifecycle, with various actors. 1

Term rewriting systems are widely used in computer science as a model of computation to relate syntax and semantics. In order to implement term rewriting system we need to use a strategy since there are many reduction sequences from a term in general. A strategy chooses one from such sequences. It is a function that takes a term to be rewritten and returns a term obtained by rewriting from the input term. There are two wellknown strategies: innermost strategies (or eager evaluation) and outermost strategies (or lazy evaluation). Innermost strategies can be implemented much more efficiently than outermost ones, while outermost strategies often have a better termination behavior than innermost ones. The evaluation strategy (the E-strategy), which is adopted by the family of OBJ algebraic specification languages, is one of the compromises between them. The E-strategy is more flexible than other fixed order of evaluation because each function symbol can have its own local strategy...

Software maintenance and evolution are the most costly and time consuming activities during the software development life cycle. One of the biggest challenges of software evolution is to adapt a software system to the ever-changing requirements from users or operating environments. An ideal goal is to encapsulate these requirements into a high-level abstraction, which can be used to drive large-scale adaptation of the underlying software implementation. Model-Driven Engineering (MDE) is one of the enabling techniques that support this objective, in that it allows the domain experts or application designers to synthesize various software artifacts from high-level models that represent domain concepts or system design logic. The state-of-the-art MDE techniques, however, lack support for advanced processes and constructive methods involved within the context of the evolution of software systems. With respect to large legacy systems written in disparate programming languages,

in Journal in Computer Virology and is scheduled to appear in 2008. Citations to and quotations from this work should reference that publication. If you cite this work, please check that the published form contains precisely the material to which you intend to refer.