Raúl Mazo scite author profile

Web services run in complex contexts where arising events may compromise the quality of the whole system. Thus, it is desirable to count on autonomic mechanisms to guide the self-adaptation of service compositions according to changes in the computing infrastructure. One way to achieve this goal is by implementing variability constructs at the language level. However, this approach may become tedious, difficult to manage, and error-prone. In this paper, we propose a solution based on a semantically rich variability model to support the dynamic adaptation of service compositions. When a problematic event arises in the context, this model is leveraged for decision-making. The activation and deactivation of features in the variability model result in changes in a composition model that abstracts the underlying service composition. These changes are reflected into the service composition by adding or removing fragments of Business Process Execution Language (WS-BPEL) code, which can be deployed at runtime. In order to reach optimum adaptations, the variability model and its possible configurations are verified at design time using Constraint Programming. An evaluation demonstrates several benefits of our approach, both at design time and at runtime.

show abstract

Using Constraint Programming to Manage Configurations in Self-Adaptive Systems

Sawyer

Mazo²,

Diaz³

et al. 2012

Computer

View full text Add to dashboard

A Security Ontology for Security Requirements Elicitation

Souag

Salinesi

Mazo

et al. 2015

View full text Add to dashboard

International audienceSecurity is an important issue that needs to be taken into account at all stages of information system development, including early requirements elicitation. Early analysis of security makes it possible to predict threats and their impacts and define adequate security requirements before the system is in place. Security requirements are difficult to elicit, analyze, and manage. The fact that analysts' knowledge about security is often tacit makes the task of security requirements elicitation even harder. Ontologies are known for being a good way to formalize knowledge. Ontologies, in particular, have been proved useful to support reusability. Requirements engineering based on predefined ontologies can make the job of requirement engineering much easier and faster. However, this very much depends on the quality of the ontology that is used. Some security ontologies for security requirements have been proposed in the literature. None of them stands out as complete. This paper presents a core and generic security ontology for security requirements engineering. Its core and generic status is attained thanks to its coverage of wide and high-level security concepts and relationships. We implemented the ontology and developed an interactive environment to facilitate the use of the ontology during the security requirements engineering process. The proposed security ontology was evaluated by checking its validity and completeness compared to other ontologies. Moreover, a controlled experiment with end-users was performed to evaluate its usability

show abstract

Reusable knowledge in security requirements engineering: a systematic mapping study

et al. 2015

View full text Add to dashboard

International audienceSecurity is a concern that must be taken into consideration starting from the early stages of system development. Over the last two decades, researchers and engineers have developed a considerable number of methods for security requirements engineering. Some of them rely on the (re)use of security knowledge. Despite some existing surveys about security requirements engineering , there is not yet any reference for researchers and practitioners that presents in a systematic way the existing proposals, techniques, and tools related to security knowledge reuse in security requirements engineering. The aim of this paper is to fill this gap by looking into drawing a picture of the literature on knowledge and reuse in security requirements engineering. The questions we address are related to methods, techniques, modeling frameworks, and tools for and by reuse in security requirements engineering. We address these questions through a systematic mapping study. The mapping study was a literature review conducted with the goal of identifying, analyzing, and categorizing state-of-the-art research on our topic. This mapping study analyzes more than thirty approaches, covering 20 years of research in security requirements engineering. The contributions can be summarized as follows: (1) A framework was defined for analyzing and comparing the different proposals as well as categorizing future contributions related to knowledge reuse and security requirements engineering; (2) the different forms of knowledge representation and reuse were identified; and (3) previous surveys were updated. We conclude that most methods should introduce more reusable knowledge to manage security requirements

show abstract

Feature Relations Graphs: A Visualisation Paradigm for Feature Constraints in Software Product Lines

Martinez

Ziadi²,

Mazo

et al. 2014

View full text Add to dashboard

International audience—Software Product Line Engineering is a mature approach enabling the derivation of product variants by assem-bling reusable assets. In this context, domain experts widely use Feature Models as the most accepted formalism for capturing commonality and variability in terms of features. Feature Models also describe the constraints in feature combinations. In industrial settings, domain experts often deal with Software Product Lines with high numbers of features and constraints. Furthermore, the set of features are often regrouped in different subsets that are overseen by different stakeholders in the process. Consequently, the management of the complexity of large Feature Models becomes challenging. In this paper we propose a dedicated interactive visualisation paradigm to help domain experts and stakeholders to manage the challenges in maintaining the con-straints among features. We build Feature Relations Graphs (FRoGs) by mining existing product configurations. For each feature, we are able to display a FRoG which shows the impact, in terms of constraints, of the considered feature on all the other features. The objective is to help domain experts to 1) obtain a better understanding of feature constraints, 2) potentially refine the existing feature model by uncovering and formalizing missing constraints and 3) serve as a recommendation system, during the configuration of a new product, based on the tendencies found in existing configurations. The paper illustrates the visualisation paradigm with the industrial case study of Renault's Electric Parking System Software Product Line

show abstract

Using Integer Constraint Solving in Reuse Based Requirements Engineering

Salinesi¹,

Mazo²,

Diaz³

et al. 2010

View full text Add to dashboard

International audienceProduct Lines (PL) have proved an effective approach to reuse-based systems development. Several modeling languages were proposed so far to specify PL. Although they can be very different, these languages show two common features: they emphasize (a) variability, and (b) the specification of constraints to define acceptable configurations. It is now widely acknowledged that configuring a product can be considered as a constraint satisfaction problem. It is thus natural to consider constraint programming as a first choice candidate to specify constraints on PL. For instance, the different constraints that can be specified using the FODA language can easily be expressed using boolean constraints, which enables automated calculation and configuration using a SAT solver. But constraint programming proposes other domains than the boolean domain: for instance integers, real, or sets. The integer domain was, for instance, proposed by Benavides to specify constraints on feature attributes. This paper proposes to further explore the use of integer constraint programming to specify PL constraints. The approach was implemented in a prototype tool. Its use in a real case showed that constraint programming encompasses different PL modeling languages (such as FORE, OVM, or else), and allows specifying complex constraints that are difficult to specify with these languages

show abstract

Defects in Product Line Models and How to Identify Them

Salinesi¹,

Mazo²

2012

View full text Add to dashboard

Recommendation Heuristics for Improving Product Line Configuration Processes

Mazo

Dumitrescu

Salinesi

et al. 2013

View full text Add to dashboard

scite is a Brooklyn-based startup that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Raúl Mazo

Dynamic adaptation of service compositions with variability models

Using Constraint Programming to Manage Configurations in Self-Adaptive Systems

A Security Ontology for Security Requirements Elicitation

Reusable knowledge in security requirements engineering: a systematic mapping study

Feature Relations Graphs: A Visualisation Paradigm for Feature Constraints in Software Product Lines

Using Integer Constraint Solving in Reuse Based Requirements Engineering

Defects in Product Line Models and How to Identify Them

Recommendation Heuristics for Improving Product Line Configuration Processes

Contact Info

Product

Resources

About