toward component non-functional interoperability analysis: a uml-based and goal-oriented approach
DESCRIPTION
Toward Component Non-functional Interoperability Analysis: A UML-based and Goal-oriented Approach. Sam Supakkul and Lawrence Chung The University of Texas at Dallas [email protected] , [email protected]. Component interoperability: current focus. Functional interoperability - PowerPoint PPT PresentationTRANSCRIPT
Toward Component Non-functional Interoperability
Analysis: A UML-based and Goal-oriented Approach
Sam Supakkul and Lawrence ChungThe University of Texas at Dallas
Component interoperability: current focus
Functional interoperability Syntactic interoperability
e.g. interface signature compatibility Semantic interoperability
e.g. the meaning of “ID” used by the client and server
Functional interoperability: syntactic compatibility
Client interface definition
void addClasses(String[] c)
ClientClassScheduler
addClasses(String[] c)
addClasses(Classes c)
Server interface definition
void addClasses(Classes c)
Client and server may compile but will not interoperate during run-time
Required interface
Provided interface
Non-functional interoperability question
ClientClassScheduler
addClasses(Classes c)
Secuity Secuity
The client expects secure interface. The server claims it provides secure interface. Can we conclude that the security expectation
is met?
Non-functional mismatch– different NFR definition
ClientClassScheduler
addClasses(Classes c)
Security Security
Confidentiality Integrity≠
Client does not want the communication to be seen by third parties
Server wants to make sure only valid client is using the interface
Non-functional mismatch– different NFR implementation
ClientClassScheduler
addClasses(Classes c)
Security Security
Integrity
Login/password authentication
Smartcard authentication≠
Integrity =
Non-functional interoperability:definition
ClientClassScheduler
addClasses(Classes c)
Secuity Secuity
Integrity
Login/password authentication
Integrity =
Login/password authentication=
Definition compatibility
Implementation compatibility
Non-functional interoperability analysis issues
How to represent the opposing NFRs NFR definition NFR implementation
How to compare the NFRs How to resolve non-functional
mismatches
Non-functional interoperability analysis process and techniques
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
UML component diagram component interface
The NFR Framework a goal-oriented method NFR definition NFR implementation
The NFR Framework: a review
Security [WebsiteComm]
Confidentiality[WebsiteComm]
Integrity[WebsiteComm]
Encryption[WebsiteComm]
SSL[WebsiteComm]
AccessControl[WebsiteComm]
Authentication[WebsiteComm]
Authorization[WebsiteComm]
Password[WebsiteComm]
AuthorizationPolicy[WebsiteComm]
SmartCard[WebsiteComm]
++ +Cost[WebsiteComm]
+X
++
+
Availability[WebsiteComm]
!
ServiceLevelAgreement[WebsiteComm]
++
RedundantInternetProviders[WebsiteComm]+ –
–
X
+
Claim[“Internet provider guarantees availability for high SLA”]
+
++
NFR softgoal
naming convention = Type [Topic]Type = SecurityTopic = WebsiteComm
operationalizing softgoal (implementation alternative)
AND decomposition
claim softgoal
positive contribution
negative contribution
Select (check) alternatives that are desirable or give better trade-off
Side-effect toward other NFRs
By-product toward other NFRs
AND decomposition
Propagate the check labels upward
Step 1: Model component capabilities
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
Functional components interfaces
Non-functional NFRs definitions implementatio
ns
Step 1: Model component capabilities
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
Login interface represents the realization of the operationalizing softgoal
Step 2: Identify capability mismatches
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
Step 2: Identify capability mismatches
Mark the matched softgoals with
common indicators
Compare only the selected implementations
Identify mismatches
Compare the NFR softgoals and their refinement
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
For each compatible interface
Compare NFR softgoals (definition)
For each compatible leaf NFR softgoal
Compare operationalizing softgoals (implementation)
Types of non-functional mismatches
Unsupported NFR
Unneeded NFR
Unsupported implementation
Unneeded implementation
Defined only by client
Defined only by server
NFR definition
NFR implementation
Step3: Resolve non-functional mismatches
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
3.1 Replace server componentsto meet client’s expected NFRs
3.2 Negotiate for more attainable NFRsto adjust client’s expected NFRs if
server’s NFRs are acceptable 3.3 Use adapter components
to meet client’s expected NFRs without affecting server
to satisfy server imposed restrictions without affecting client
Tactic 1: Replace server components
1. Model component capabilities
2. Identify capabilitymismatches
Acceptable interoperability
No
Yes
3.1 Replaceserver
components
3.2 Negotiatefor more
attainable NFRs
3.3 Use adapterto bridge
mismatches
Consider server components that provide the same functional interoperability
Compare the NFR definition and implementation as normal
Tactic 2: Negotiate for more attainable NFRs For unsupported definitions and
implementations (expected by client) Can they be removed or postponed? Are impacts (cost, security) acceptable or mitigated? If yes, remove them from the client’s NFR goal graph
For unneeded definitions and implementations (imposed by server)
Are they acceptable or desirable? Are impacts (cost, usability) acceptable or mitigated? If yes, add them to the client’s NFR goal graph
Tactic 3: Use adapter components - strategy
Mismatches to be resolved
Adaptation strategy For unsupported definitions and
implementations(expected by client) Adapter supports the required definitions
or implementations For unneeded definitions and
implementations(imposed by server) Adapter uses the imposed implementation
Tactic 3: Use adapter components - result
Use login/password as required by the client
Use fixed smartcard ID to satisfy the server
The adapter satisfies both the client and server
Use SSL as required by the client
Observation Adapter circumventing stronger security
measures Some security measures are not desirable
e.g. smartcard for web applications Common in practice
e.g. database connection manager component
Opportunities for other non-functional interoperability analysis
By claims and justifications By side-effects and by-products (correlations)
Conclusion Contributions
Explicit representation of NFRs in the UML component diagram to depict both NFR expectations and contracts
A process for non-functional interoperability analysis 3 tactics for resolving non-functional mismatches
Future work Non-functional semantic matching
e.g. JavaSecureLib=OpenSSLLib Interoperability analysis between the system-level
NFRs and the integrated components Tool support
Toward Component Non-functional Interoperability
Analysis: A UML-based and Goal-oriented Approach
Sam Supakkul and Lawrence ChungThe University of Texas at Dallas
[email protected], [email protected]
Thank you!