Powered by
Conference Publishing Consulting

2012 7th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS), June 4–5, 2012, Zürich, Switzerland

SEAMS 2012 – Proceedings

Contents - Abstracts - Authors
Online Calendar - iCal File


Title Page

Grüezi and welcome to SEAMS 2012, the 7th ACM/IEEE International Symposium on Software Engineering for Adaptive and Self-Managing Systems, on June 4-5, 2012 in Zürich, Switzerland. As in previous years SEAMS is co-located with the ACM/IEEE International Conference on Software Engineering (ICSE).

Service-Based Systems

Proactive Adaptation of Service Composition
Rafael R. Aschoff and Andrea Zisman
(City University London, UK)
Adaptation of service compositions is considered a major research challenge for service-based systems. In this paper we describe a proactive approach to support adaptation of service compositions triggered by different types of problems. The approach allows for changes in the composition workflow by replacing a service operation, or a group of operations, by another service operation or a group of dynamically composed operations. The adaptation process is supported by the use of QoS prediction techniques, analysis of dependencies between service operations, and use of groups of service operations in a composition flow instead of isolated operations. A prototype tool has been implemented to illustrate and evaluate the framework. We also present results of experiments that we have conducted to evaluate the work.
Article Search
Dynamic Self-Adaptation for Distributed Service-Oriented Transactions
Hassan Gomaa and Koji Hashimoto
(George Mason University, USA)
Dynamic software adaptation addresses software systems that need to change their behavior during execution. To address reuse in dynamic software adaptation, software adaptation patterns, also referred to as software reconfiguration patterns, have been developed. A software adaptation pattern defines how a set of components that make up an architecture or design pattern dynamically cooperate to change the software configuration to a new configuration given a set of adaptation commands. This paper describes a dynamic self-adaptation pattern for distributed transaction management in service-oriented applications.
Article Search
OSIRIS-SR: A Safety Ring for Self-Healing Distributed Composite Service Execution
Nenad Stojnić and Heiko Schuldt
(University of Basel, Switzerland)
The advent of service-oriented architectures has strongly facilitated the development and deployment of largescale distributed applications. The middleware for orchestrating applications that consist of several distributed services has to be inherently distributed as well, in order to provide a high degree of scalability and to avoid any single point of failure. Self-healing execution of composite services requires replicated control metadata and instance data in a way that does not affect adaptivity and elasticity of the middleware. In this paper, we present OSIRIS-SR, a decentralized approach to self-healing composite service execution in a distributed environment. OSIRIS-SR exploits dedicated node monitors, organized in a self-organizing Safety Ring, for the replication of control data. Moreover, OSIRIS-SR leverages virtual stable storage for managing composite service instance data in a robust way. We present the architecture of OSIRIS-SR’s Safety Ring and discuss how it provides self-healing composite service execution. The performance evaluation shows that the additional gain in robustness has only marginal effects on the scalability characteristics of the system.
Article Search


Traffic Routing for Evaluating Self-Adaptation
Jochen Wuttke, Yuriy Brun, Alessandra Gorla, and Jonathan Ramaswamy
(University of Washington, USA; University of Lugano, Switzerland)
Toward improving the ability to evaluate self-adaptation mechanisms, we present the automated traffic routing problem. This problem involves large numbers of agents, partial knowledge, and uncertainty, making it well-suited to be solved using many, distinct self-adaptation mechanisms. The well-defined nature of the problem allows for comparison and proper evaluation of the underlying mechanisms and the involved algorithms. We (1) define the problem, (2) outline the sources of uncertainty and partial information that can be addressed by self-adaptation, (3) enumerate the dimensions along which self-adaptive systems should be evaluated to provide a benchmark for comparison of self-adaptation and traditional mechanisms, (4)present Adasim, an open-source traffic routing simulator that allows easy implementation and comparison of systems solving the automated traffic routing problem, and (5) demonstrate Adasim by implementing two traffic routing systems.
Article Search

Control Theory and Resilience

A Systematic Survey on the Design of Self-Adaptive Software Systems Using Control Engineering Approaches
Tharindu Patikirikorala, Alan Colman, Jun Han, and Liuping Wang
(Swinburne University of Technology, Australia; Royal Melbourne Institute of Technology, Australia)
Control engineering approaches have been identified as a promising tool to integrate self-adaptive capabilities into software systems. Introduction of the feedback loop and controller into the management system potentially enables the software systems to achieve the runtime performance objectives and maintain the integrity of the system when they are operating in unpredictable and dynamic environments. There is a large body of literature that has proposed control engineering solutions for different application domains, handling different performance variables and control objectives. However, the relevant literature is scattered over different conference proceedings, journals and research communities. Consequently, conducting a survey to analyze and classify the existing literature is a useful, yet a challenging task. This paper presents the results of a systematic survey that includes classification and analysis of 161 papers in the existing literature. In order to capture the characteristics of the control solutions proposed in these papers we introduce a taxonomy as a basis for classification of all articles. Finally, survey results are presented, including quantitative, cross and trend analysis.
Article Search
Reliability-Driven Dynamic Binding via Feedback Control
Antonio Filieri, Carlo Ghezzi, Alberto Leva, and Martina Maggio
(Politecnico di Milano, Italy; Lund University, Sweden)
We are concerned with software that can self-adapt to satisfy certain reliability requirements, in spite of adverse changes affecting the environment in which it is embedded. Self-adapting software architectures are heavily based on dynamic binding. The bindings among components are dynamically set as the conditions that require a self-adaptation are discovered during the system's lifetime. By adopting a suitable modeling approach, the dynamic binding problem can be formulated as a discrete-time feedback control problem, and solved with very simple techniques based on linear blocks. Doing so, reliability objectives are in turn formulated as set point tracking ones in the presence of disturbances, and attained without the need for optimization. At design time, the proposed formulation has the advantage of naturally providing system sizing clues, while at operation time, the inherent computational simplicity of the obtained controllers results in a low overhead. Finally, the formulation allows for a rigorous assessment of the achieved results in both nominal and off-design conditions for any desired operation point.
Article Search
Evaluation of Resilience in Self-Adaptive Systems Using Probabilistic Model-Checking
Javier Cámara and Rogério de Lemos
(University of Coimbra, Portugal; University of Kent, UK)
The provision of assurances for self-adaptive systems presents its challenges since uncertainties associated with its operating environment often hamper the provision of absolute guarantees that system properties can be satisfied. In this paper, we define an approach for the verification of self-adaptive systems that relies on stimulation and probabilistic model-checking to provide levels of confidence regarding service delivery. In particular, we focus on resilience properties that enable us to assess whether the system is able to maintain trustworthy service delivery in spite of changes in its environment. The feasibility of our proposed approach for the provision of assurances is evaluated in the context of the Znn.com case study.
Article Search

Distributed Systems

Coordination of Distributed Systems through Self-Organizing Group Topologies
Sam Guinea and Panteha Saeedi
(Politecnico di Milano, Italy)
Distributed pervasive systems have been employed in a wide spectrum of applications, from environmental monitoring, to emergency response. These systems have very strong coordination requirements and are hard to design. Their development becomes even more complex if we consider that they need to be able to adapt to the frequent changes that can occur in the execution environment, or in the resources available to the system. We present A-3, a model and a self-organizing distributed middleware for designing and implementing high-volume and highly volatile distributed systems. It focuses on the coordination needs of such systems, yet it also provides designers with a clear view of where they can include control loops, and how they can coordinate them for global management. We have evaluated A-3 on an example in which we want to increase the efficiency and safety of staff and patients in a health-care environment using an RFID-based distributed surveillance system. The experiments we present evaluate the scalability, performance, and robustness of our middleware, and compare it with two plausible alternatives: a completely centralized solution, and a decentralized one based on Lime, a well-known distributed tuple space framework. We ascertain that, with A-3, a system can avoid overloading its elements by distributing the communication load, and that this can be achieved autonomously, regardless of the size of the system itself.
Article Search
Timing Constraints for Runtime Adaptation in Real-Time, Networked Embedded Systems
Marc Zeller and Christian Prehofer
(Fraunhofer ESK, Germany)
In this work, we consider runtime adaptation in networked embedded systems with tight real-time constraints. For such systems, we aim to adapt the placement of software components on networked hardware components at runtime without violating real-time constraints. We develop constraints for such an adaptation process and show the applicability to networked embedded systems like automotive in-vehicle networks. Then, we analyze two approaches for finding solutions in the resulting search space for adaptations, one based on planning algorithms and the other based on constraint solving. While planning approaches start from the current configuration and aim to find a migration sequence and a valid configuration, constraint solving approaches first find solutions and then check for a possible migration sequence. Based on simulations for the automotive domain, we show that approaches based on planning algorithms scale poorly, while constraint solving approaches can find solutions effectively.
Article Search
A Middleware and Algorithms for Trust Calculation from Multiple Evidence Sources
Chern Har Yew and Hanan Lutfiyya
(University of Western Ontario, Canada)
Trust is a concept that has been used to support better decision-making when there is incomplete information. Trust requires evidence. There are multiple evidence sources. One or more evidence sources may be used in trust calculation. This paper presents a middleware that takes this into account, the algorithms used and experimental results.
Article Search

Surveys and Taxonomies

Claims and Supporting Evidence for Self-Adaptive Systems: A Literature Study
Danny Weyns, M. Usman Iftikhar, Sam Malek, and Jesper Andersson
(Linnaeus University, Sweden; George Mason University, USA)
Despite the vast body of work on self-adaption, no systematic study has been performed on the claims associated with self-adaptation and the evidence that exists for these claims. As such an insight is crucial for researchers and engineers, we performed a literature study of the research results from SEAMS since 2006 and the associated Dagstuhl seminar in 2008. The study shows that the primary claims of self-adaptation are improved flexibility, reliability, and performance of the system. On the other hand, the tradeoffs implied by self-adaptation have not received much attention. Evidence is obtained from basic examples, or simply lacking. Few systematic empirical studies have been performed, and no industrial evidence is reported. From the study, we offer the following recommendations to move the field forward: to improve evaluation, researchers should make their assessment methods, tools and data publicly available; to deal with poor discussion of limitations, conferences/workshops should require an explicit section on limitations in engineering papers; to improve poor treatment of tradeoffs, this aspect should be an explicit subject of reviews; and finally, to enhance industrial validation, the best academy-industry efforts could be formally recognized by the community.
Article Search
A Taxonomy of Uncertainty for Dynamically Adaptive Systems
Andres J. Ramirez, Adam C. Jensen, and Betty H. C. Cheng
(Michigan State University, USA)
Self-reconfiguration enables a dynamically adaptive system (DAS) to satisfy requirements even as detrimental system and environmental conditions arise. A DAS, especially one intertwined with physical elements, must increasingly reason about and cope with unpredictable events in its execution environment. Unfortunately, it is often infeasible for a human to exhaustively explore, anticipate, or resolve all possible system and environmental conditions that a DAS will encounter as it executes. While uncertainty can be difficult to define, its effects can hinder the adaptation capabilities of a DAS. The concept of uncertainty has been extensively explored by other scientific disciplines, such as economics, physics, and psychology. As such, the software engineering DAS community can benefit from leveraging, reusing, and refining such knowledge for developing a DAS. By synthesizing uncertainty concepts from other disciplines, this paper revisits the concept of uncertainty from the perspective of a DAS, proposes a taxonomy of potential sources of uncertainty at the requirements, design, and execution phases, and identifies existing techniques for mitigating specific types of uncertainty. This paper also introduces a template for describing different types of uncertainty, including fields such as source, occurrence, impact, and mitigating strategies. We use this template to describe each type of uncertainty and illustrate the uncertainty source in terms of an example DAS application from the intelligent vehicle systems (IVS) domain.
Article Search
A Taxonomy and Survey of Self-Protecting Software Systems
Eric Yuan and Sam Malek
(George Mason University, USA)
Self-protecting software systems are a class of autonomic systems capable of detecting and mitigating security threats at runtime. They are growing in importance, as the stovepipe static methods of securing software systems have shown inadequate for the challenges posed by modern software systems. While existing research has made significant progress towards autonomic and adaptive security, gaps and challenges remain. In this paper, we report on an extensive study and analysis of the literature in this area. The crux of our contribution is a comprehensive taxonomy to classify and characterize research efforts in this arena. We also describe our experiences with applying the taxonomy to numerous existing approaches. This has shed light on several challenging issues and resulted in interesting observations that could guide the future research.
Article Search

Models and Mediators

Model-Based Adaptive DoS Attack Mitigation
Cornel Barna, Mark Shtern, Michael Smit, Vassilios Tzerpos, and Marin Litoiu
(York University, Canada)
Denial of Service (DoS) attacks overwhelm online services, preventing legitimate users from accessing a service, often with impact on revenue or consumer trust. Approaches exist to filter network-level attacks, but application level attacks are harder to detect at the firewall. Filtering at this level can be computationally expensive and difficult to scale, while still producing false positives that block legitimate users. This paper presents a model-based adaptive architecture and algorithm for detecting DoS attacks at the web application level and mitigating them. Using a performance model to predict the impact of arriving requests, a decision engine adaptively generates rules for filtering traffic and sending suspicious traffic for further review, which may ultimately result in dropping the request or presenting the end user with a CAPTCHA to verify they are a legitimate user. Experiments performed on a scalable implementation demonstrate effective mitigation of attacks launched using a real-world DoS attack tool.
Article Search
A Language for Feedback Loops in Self-Adaptive Systems: Executable Runtime Megamodels
Thomas Vogel and Holger Giese
(HPI, Germany)
The development of self-adaptive software requires the engineering of proper feedback loops where an adaptation logic controls the underlying software. The adaptation logic often describes the adaptation by using runtime models representing the underlying software and steps such as analysis and planning that operate on these runtime models. To systematically address this interplay, runtime megamodels, which are specific runtime models that have themselves runtime models as their elements and that also capture the relationships between multiple runtime models, have been proposed. In this paper, we go one step further and present a modeling language for runtime megamodels that considerably eases the development of the adaptation logic by providing a domain-specific modeling approach and a runtime interpreter for this part of a self-adaptive system. This supports development by modeling the feedback loops explicitly and at a higher level of abstraction. Moreover, it permits to build complex solutions where multiple feedback loops interact or operate on top of each other, which is leveraged by keeping the megamodels explicit and alive at runtime and by interpreting them.
Article Search
Towards Mediation-Based Self-Healing of Data-Driven Business Processes
Tomasz Haupt
(Mississippi State University, USA)
This paper describes a novel software engineering approach for designing self-healing systems to manage business processes with particular focus on the recovery from faults caused by uncertainty and semantic failures of data. By the employment of service-oriented software engineering methods, mediation, service discovery, and late binding, we externalize and decentralize autonomic managers, thereby providing support for autonomic orchestration of services and hence autonomic adaptation of the business process in the response to failures. The complexity of the resulting selfhealing business process manager is reduced as the system is decomposed into a large number of small and thus easy to maintain components, each implementing a very simple behavior. Similar to systems occurring in nature, the dynamic, composition of these small components spontaneously leads to sophisticated healing capabilities.
Article Search

Requirements and Specifications

Synthesizing Dynamically Updating Controllers from Changes in Scenario-Based Specifications
Carlo Ghezzi, Joel Greenyer, and Valerio Panzica La Manna
(Politecnico di Milano, Italy)
Many software-intensive systems are expected to run continuously while their environments change and their requirements evolve, so their implementation must be updated dynamically to satisfy changing requirements while coping with changing environment properties. Techniques for developing dynamically updating systems exist, but thus far almost no attention has been paid to defining when updates are correct with respect to a changing specification, i.e., when a system can safely disregard its current obligations and change its behavior to satisfy the new specification. Based on an intuitive example, we elaborate a formal definition for correct updates of a current implementation with respect to specification changes. Moreover, we present an approach for synthesizing a dynamically updating controller from the current implementation and changes in a scenario-based specification that updates to the new behavior as soon as possible. The presented technique is a first step towards the specification-driven development of safe dynamically updating controllers.
Article Search
(Requirement) Evolution Requirements for Adaptive Systems
Vítor E. Silva Souza, Alexei Lapouchnian, and John Mylopoulos
(University of Trento, Italy)
It is often the case that stakeholders want to strengthen/weaken or otherwise change their requirements for a system-to-be when certain conditions apply at runtime. For example, stakeholders may decide that if requirement R is violated more than N times in a week, it should be relaxed to a less demanding one R-. Such evolution requirements play an important role in the lifetime of a software system in that they define possible changes to requirements, along with the conditions under which these changes apply. In this paper we focus on this family of requirements, how to model them and how to operationalize them at runtime. In addition, we evaluate our proposal with a case study adopted from the literature.
Article Search
On the Role of Primary and Secondary Assets in Adaptive Security: An Application in Smart Grids
Liliana Pasquale, Mazeiar Salehie, Raian Ali, Inah Omoronyia, and Bashar Nuseibeh
(Lero, Ireland; Bournemouth University, UK; Open University, UK)
Adaptive security aims to protect valuable assets managed by a system, by applying a varying set of security controls. Engineering adaptive security is not an easy task. A set of effective security countermeasures should be identified. These countermeasures should not only be applied to (primary) assets that customers desire to protect, but also to other (secondary) assets that can be exploited by attackers to harm the primary assets. Another challenge arises when assets vary dynamically at runtime. To accommodate these variabilities, it is necessary to monitor changes in assets, and apply the most appropriate countermeasures at runtime. The paper provides three main contributions towards engineering adaptive security. First, it proposes a modeling notation to represent primary and secondary assets, along with their variability. Second, it describes how to use the extended models in engineering security requirements and designing required monitoring functions. Third, the paper illustrates our approach through a set of adaptive security scenarios in the customer domain of a smart grid. We suggest that modeling secondary assets aids the deployment of countermeasures, and, in combination with a representation of assets variability, facilitates the design of monitoring functions.
Article Search

proc time: 0.03