Specification matching is a way to compare two software components based on descriptions of the components' behaviors. In the context of software reuse and library retrieval, it can help determine whether one component can be substituted for another or how one can be modified to fit the requirements of the other. In the context of object-oriented programming, it can help determine when one type is a behavioral subtype of another. We use formal specifications to describe the behavior of software components, and hence, to determine whether two components match. We give precise definitions of not just exact match, but more relevantly, various flavors of relaxed match. These definitions capture the notions of generalization, specialization, and substitutability of software components. Since our formal specifications are pre- and post-conditions written as predicates in firstorder logic, we rely on theorem proving to determine match and mismatch. We give examples from our impleme...

attention as an important sub#eld of software engineering. During that time there has been considerable progress in developing the technological and methodological base for treating architectural design as an engineering discipline. However, much remains to be done to achieve that goal. Moreover, the changing face of technology raises anumber of new challenges for software architecture. This paper examines some of the important trends of software architecture in research and practice, and speculates on the important emerging trends, challenges, and aspirations.

An increasingly important trend in the engineering of complex systems is the design of component integration standards. Such standards define rules of interaction and shared communication infrastructure that permit composition of systems out of independently-developed parts. A problem with these standards is that it is often difficult to understand exactly what they require and provide, and to analyze them in order to understand their deeper properties. In this paper we use our experience in modeling the High Level Architecture (HLA) for Distributed Simulation to show how one can capture the structured protocol inherent in an integration standard as a formal architectural model that can be analyzed to detect anomalies, race conditions, and deadlocks. KEYWORDS Component integration standards, component-based software, protocol families, software architecture, formal specification. 1 Introduction Component integration standards are becoming increasingly important for commercial sof...

A critical challenge faced by the developer of a software system is to understand whether the system’s components correctly integrate. While type theory has provided substantial help in detecting and preventing errors in mismatched static properties, much work remains in the area of dynamics. In particular, components make assumptions about their behavioral interaction with other components, but currently we have only limited ways in which to state those assumptions and to analyze those assumptions for correctness. We have formulated a method that begins to address this problem. The method operates at the architectural level so that behavioral integration errors, such as deadlock, can be revealed early and at a high level. For each component, a specification is given of its interaction behavior. From this specification, assumptions that the component makes about the corresponding interaction behavior of the external context are automatically derived. We have defined an algorithm that performs compatibility checks between finite representations of a component’s context assumptions and the actual interaction behaviors of the components with which it is intended to interact. A configuration of a system is possible if and only if a successful way of matching actual behaviors with assumptions can be found. The state-space complexity of this algorithm is significantly less than that of comparable approaches, and in the worst case, the time complexity is comparable to the worst case

Most current-day software engineering tools and environments do not sufficiently allow software engineers to declare or enforce the intended software architecture. On the one hand, architectures are typically described at a too lowlevel, inhibiting their evolution and understanding. On the other hand most tools provide little support to automatically verify whether the source code conforms to the architecture. Therefore, a formalism is needed in which architectures can be expressed at a sufficiently abstract level, without losing the ability to perform automatic conformance checking. We propose to declaratively codify software architectures using virtual software classifications and relationships among these classifications. We illustrate how software architectures can be expressed elegantly in terms of these virtual classifications and how to keep them synchronized with the source code.

Abstract—Traditional IDLs were defined for describing the services that objects offer, but not those services they require from other objects, nor the relative order in which they expect their methods to be called. Some of the existing proposals try to add protocol information to object interfaces, but most of them fail to do so in a modular way. In this paper we propose an extension of the CORBA IDL that uses a sugared subset of the polyadic-calculus for describing object service protocols, based on the concept of roles. Roles allow the modular specification of the observable behavior of CORBA objects, reducing the complexity of the compatibility tests. Our main aim is the automated checking of protocol interoperability between CORBA objects in open component-based environments, using similar techniques to those used in software architecture description and analysis. In addition, our proposal permits the study of substitutability between CORBA objects, as well as the realization of dynamic compatibility tests during their runtime execution. Index Terms—Interface definition languages, software components, component-based software development, protocols, compatibility and substitutability of components.

The fundamental goal of all good design and engineering is to create maximal value added for any given investment. There are many dimensions in which value can be assessed, from monetary profit to the solution of social problems. The benefits sought are often domain-specific, yet the logic is the same: design is an investment activity. Software economics is the field that seeks to enable significant improvements in software design and engineering through economic reasoning about product, process, program, and portfolio and policy issues. We summarize the state of the art and identify shortfalls in existing knowledge. Past work focuses largely on costs, not on benefits, thus not on value added; nor are current technical software design criteria linked clearly to value creation. We present a roadmap for research emphasizing the need for a strategic investment approach to software engineering. We discuss how software economics can lead to fundamental improvements in software design and engineering, in theory and practice. 1

“No scene from prehistory is quite so vivid as that of the mortal struggles of great beasts in the tar pits... Large system programming has over the past decade been such a tar pit, and many great and powerful beasts have thrashed violently in it... “Everyone seems to have been surprised by the stickiness of the problem, and it is

this paper, we present an approach to tool development that attacks these problems. Progress requires synergistic, interdisciplinary collaborations between application domain and software engineering researchers. We have pursued such an approach in developing a fault tree modeling and analysis tool called Galileo. We describe our innovations in two dimensions. The first is Galileo's core reliability modeling and analysis function. The second is our work on software engineering for high-quality, low-cost modeling and analysis tools. In the reliability engineering domain, Galileo supports precise, modular, dynamic fault tree analysis using techniques developed primarily by Dugan and her colleagues. This approach addresses the problem that a single analysis technique is seldom applicable to an entire system. A good reliability engineer uses different techniques to analyze different parts of a system, decomposing a complex model into smaller pieces, applying different analysis techniques to submodels, and integrating partial results into a system-level result. Manually decomposing systems into parts, developing submodels, analyzing them with different tools and techniques, and integrating the partial results is tedious and error prone at best. By contrast, Galileo automatically detects independent sub-trees; translates them into appropriate submodels based on Markov chains, Boolean decision diagrams and other formalisms, analyzes the submodels; and integrates the results. Galileo supports precise analysis while exploiting modularity for scalability in solving problems that require time and space that is exponential in the number of basic events in the worst-case.

this report recommends a "software engineering" or a "software research" agenda, and how software research should address such areas as operating systems, networking, artificial intelligence, and database software.