|
The size and complexity of many pieces of modern software is astounding:
For instance, the Microsoft XP operating system contains about
40 million lines of code, which, if printed, would occupy about
720,000 pages forming a stack 240 feet high [1].
In fact, it seems fair to say software ranks among the most complex
human-made artifacts.
But rather than being a curious exception, highly complex
software appears to becoming the norm, both in
parts of our daily lives where many people would not
expect it or where failure would have severe consequences.
For instance, new cars may contain about 100 million
lines of code [2,7], new cell-phones more than 5 million [3], and
even pace makers have 80,000 lines of code [4].
This trend has several consequences. First,
many companies employ a surprisingly large number of
software developers (e.g., Siemens employs more software
developers than Microsoft [5]) and the
the job prospects of software developers continue to be excellent
(e.g., the US Bureau of Labor Statistics predicts that computing
will be one of the fastest growing professions for the forseeable
future [6]).
Second, the costs of development for many products are often
heavily influenced by the cost of software development.
For instance, in the early 1990ties, software
accounted for just about 2% of the overall cost of developing
a car; now, it is already about 13-15% [7].
Third, ensuring that the developed software is of
appropriate quality is becoming more and more
difficult. In fact, some experts believe that
traditional development processes for, e.g., aircraft software
are reaching the limit of affordability [8] and there
already have been many cases where development practise
appears to have been overwhelmed by system complexity (e.g., [9,10]).
To conclude, there is evidence that we increasingly lack the means
to develop software that meets modern demands in an efficient,
cost-effective way.
The MASE group conducts research to address this problem.
More concretely, we develop techniques and tools that,
in some form, simplify the construction of modern software.
Most of our work based on the observation that
all other engineering disciplines use modeling (i.e.,
abstraction) very effectively to build complex artifacts
reliably. We also use modeling of (aspects of) software to
deal with complexity and aim at increasing the utility of
these models by showing how they can be used for different
tasks including
design (e.g., via trade-off analyses), verification
(e.g., via analyses that establish desirable properties),
testing (e.g., via test case generation), and implementation
(e.g., via automatic code generation).
Currently, our research grouped around the following two
efforts:
1. Model-Driven Development (MDD)
The main goal behind
MDD is to make models, rather than code, the primary artifact
around which most software development activities are centered.
Through the emphasis on models, MDD attempts to manage the complexity
of software and its development by supporting abstraction and automation.
To this end, it combines techniques not only from software modeling
(e.g., UML and Domain-Specific Modeling), but also from a range of
areas such as generative programming, software product lines,
programming languages, and formal methods.
The long-term goal of our work is to help maximize the potential of MDD.
To do this, we are currently engaged in the following projects:
- Execution, Analysis and Evolution of Models of Real-Time, Embedded Software
UML-RT is a variant of UML developed specifically to support
MDD of the kind of embedded software found in, e.g.,
telecommunication systems. UML-RT is used by, e.g., IBM Rational
RoseRT and IBM RSA-RTE. The goal of our work is to
provide a formal semantics of UML-RT and effective testing, analysis
and verification techniques.
Research carried is carried out in collaboration with IBM Canada
and Malina Software Corporation and funded by the
Natural Sciences and Engineering
Research Council of Canada (NSERC),
the Ontario Centres of Excellence, and IBM Canada.
- Network on Engineering Complex Software Intensive Systems for Automotive Systems (NECSIS)
NECSIS was announced October 18, 2010 by Tony Clement,
Minister of Industry, and is a $16.6-million national
research network created to tackle the technological
challenges related to the growing complexity of automotive
software systems. For more details see press releases from
Queen's University,
IBM Canada,
McMaster University and
Scientific Computing.
MASE is proud to be part of this network and will research
the integration of analysis and transformation of models of
automotive software.
Research is carried out in collaboration with IBM Canada,
General Motors Canada,
and Malina Software Corporation and funded
by the
Natural Sciences and Engineering
Research Council of Canada (NSERC),
Automotive Partnership
Canada (APC), IBM Canada, and General Motors Canada.
For information on the results produced in these projects,
please see our publications page.
2. Applying Discrete Event System Theory for Software Engineering
The goal of this research theme is to leverage the existing work on
the supervisory control problem to simplify software
development. Discrete Event System control theory (DES) defines the
supervisory control problem (SCP) as follows: given an uncontrolled
system G and a specification L, find a supervisor S such that S
restricts G in such a way that all its executions satisfy L and that S
is minimally restrictive. Control theory offers a large body of
research on the SCP with surprisingly little application to software
development.
We have been investigating the use of automatically
generated supervisors for the automatic enforcement of software
specifications that restrict the order in which certain kinds of
events are allowed to occur. Depending on how these events are
defined, different kinds of specifications can be enforced.
For instance, in recent work we considered events
based on the access to resources shared by
concurrently executing processes. Concurrent source code
devoid of any concurrency control is manually instrumented with
events. From this, the uncontrolled system G is obtained. The
supervisor S generated via DES control theory will contain a minimally
restrictive control scheme that causes G to satisfy the specification
L and ensures deadlock freedom (if deadlock is unavoidable, S will
prevent all of G's executions). The control scheme is then realized in
the original source code by injecting appropriate synchronization
constructs into the concurrent source code before event
occurrences. To the best of our knowledge, this approach represents
the first use of DES theory for the generation of concurrency control
code. Apart from the initial event instrumentation, the process is
completely automatic, programming language independent, and inherits
the strong theoretical properties of the standard supervisory control
framework developed.
Funding for this work is provided by the
Natural Sciences and Engineering Research Council of Canada (NSERC).
For information on the results produced in this project,
please see our publications page.
References
[1] Vincent Maraia. The Build Master: Microsoft's Software Configuration Management Best Practices. Addison Wesley. 2005. Also in
How Many Lines of Code in Windows?. Knowing.NET.
Link to article (last accessed October 25, 2010).
[2] T. Kontzer. GM CTO Says Software Will Be Part Of Bumper-To-Bumper Warranties.
In InformationWeek. Oct. 19, 2004. Link to article (last accessed October 25, 2010).
[3] Jack Ganssle. A Million Lines of Code. EETimes. January 14, 2008.
Link to article (last accessed October 25, 2010).
[4] Chloe Taft. CDRH Software Forensics Lab: Applying Rocket Science To Device Analysis.
The Grey Sheet. Elsevier. October 15, 2007. Available from
Medical Devices Today (last accessed Ocober 25, 2010).
[5] Reinhold E. Achatz. Keynote: Optimizing the Software Development in
Industry (exemplified for Siemens). Peter Liggesmeyer, Klaus Pohl,
Michael Goedicke (Eds.): Software Engineering 2005. March 8-11, 2005. Essen, Germany.
LNI 64 GI 2005. (German)
[6] Computing Careers: The Future Is Bright. ACM Technews. June 30, 2010.
Link to article (last accessed October 25, 2010).
[7] Robert E. Charette. This Car Runs on Code. IEEE Spectrum. February 2009.
Link to article (last accessed October 25, 2010).
[8] Peter H. Feiler. Model-Based Validation of Safety-Critical Embedded
Systems. IEEE Aerospace Conference. Big Sky, MT, USA. 6-13 March 2010.
Pages 1-10.
Link to article (last accessed October 25, 2010).
[9] Kevin Poulsen. Tracking the Blackout Bug. SecurityFocus. April 7, 2004.
Link to article (last accessed October 25, 2010).
[10] NASA will study Toyota accelerator problem. The Associated Press. March 30, 2010.
Link
to article (last accessed Ocober 25, 2010).
|
