Article

Performance analysis of security aspects in UML models

Authors:

C. M. Woodside,

James M. Bieman,

Siv Hilde Houmb, and

Jan JürjensAuthors Info & Claims

WOSP '07: Proceedings of the 6th international workshop on Software and performance

February 2007

Pages 91 - 102

https://doi.org/10.1145/1216993.1217010

Published: 05 February 2007 Publication History

Abstract

The focus of the paper is on the analysis of performance effects of different security solutions modeled as aspects in UML. Aspect oriented modeling (AOM) allows software designers to isolate and separately address solutions for crosscutting concerns, which are defined as distinct UML aspect models, then are composed with the primary UML model of the system under development. For performance analysis we use techniques developed previously in the PUMA project, which take as input UML models annotated with the standard UML Profile for Schedulability, Performance and Time (SPT), and transform them first into Core Scenario Model (CSM) and then into different performance models. The contribution of this paper is in performing the composition of the aspects with the primary model at the CSM level. The input is represented by the primary model and a number of aspect models in UML+SPT, which are processed as follows: a) converted separately to CSM; b) composed into a single CSM model; c) transformed into a Layered Queueing Networks (LQN) model and d) analyzed. The proposed approach is illustrated with a case study based on two standards, TPC-W and SSL.

References

[1]

Balsamo, S., Di Marco, A., Inverardi, P., Simeoni, M., "Model-based performance prediction in software development: a survey", IEEE Transactions on Software Engineering, Vol 30, No.5, pp. 295--310, May 2004.

Digital Library

[2]

Barros, J. P., and Gomes, L. "Towards the Support for Crosscutting Concerns in Activity Diagrams: a Graphical Approach", Fourth Workshop on Aspect-Oriented Modeling with UML, San Francisco, 2003.

[3]

Espinoza, H., Dubois, H., Gerard, S., Medina, J., Petriu, D.C. and Woodside M., "Annotating UML Models with Non-Functional Properties for Quantitative Analysis," in MoDELS 2005 Workshops (Jean-Michel Bruel, Ed.), LNCS 3844, pp. 79--90, Springer-Verlag, 2006.

Digital Library

[4]

France, R., Ray, I., Georg, G. and Ghosh, S., "An Aspect-Oriented Approach to Early Design Modeling," IEE Proceedings - Software, Special Issue on Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design, 151(4):173--185, August 2004.

[5]

Franks, G., "Performance Analysis of Distributed Server Systems," Ph.D. Thesis, Carleton University, Systems and Computer Engineering, Report OCIEE-00-01, Jan. 2000.

[6]

Ho, W.M., Jézáquel, J-M., Pennaneac'h, F., Plouzeau, N., "A Toolkit for Weaving Aspect Oriented UML Designs", Proc. of the 1st Int. Conference on Aspect-Oriented Software Development AOSD'2002, pp. 99--105, Enschede, The Netherlands, 2002.

Digital Library

[7]

Houmb, S. H. and G. Georg, G., "The Aspect-Oriented Risk-Driven Development (AORDD) Framework", In O. Benediktsson et al., editor, Proc. of the Int. Conference on Software Development (SWDC.REX), pp 81--91, Reykjavik, Iceland, 2005.

[8]

Houmb S. H., Jürjens, J., Georg, G., France, R. "An integrated security verification and security solution trade-off analysis", In Integrating Security and Software Engineering: Advances and Future Vision. Mouratidis, H. and Giorgini, P. (eds). Idea Group Inc., 2006.

[9]

Jürjens, J., Secure systems development with UML. Springer-Verlag, Berlin Heidelberg, 2004.

Digital Library

[10]

M. Mahoney, A. Bader, T. Elrad, and O. Aldawud. Using Aspects to Abstract and Modularize Statecharts. In Proc. 5th Wsh. Aspect-Oriented Modeling, Lisboa, 2004.

[11]

Menascé, D., "Security Performance", IEEE Internet Computing, vol. 7, nb. 3, pp 84--87, May/June 2003.

Digital Library

[12]

OMG, UML Profile for Schedulability, Performance, and Time, (formal/05-01-02), January, 2005.

[13]

OMG, UML Profile for Modeling and Analysis of Real-Time and Embedded systems (MARTE) RFP, realtime/05-02-06, 2005.

[14]

Petriu, D. B. and Woodside, C. M., "A Metamodel for Generating Performance Models from UML Designs", in Proc UML 2004, LNCS 3273, pp. 41--53, Springer 2004.

[15]

Petriu, D. B. and Woodside, C. M., "Software Performance Models from System Scenarios", Performance Evaluation, Volume 61, Issue 1, pp. 65--89, Elsevier 2005.

Digital Library

[16]

Petriu, D.C. and Woodside, C. M, "Performance Analysis with UML," in UML for Real, (B. Selic, L. Lavagno, and G. Martin, eds.), pp. 221--240, Kluwer, 2003.

Digital Library

[17]

Reddy, Y. R., Ghosh, S., France, R. B., Straw, G., Bieman, J. M., McEachen, N., Song, E., Georg, G., "Directives for Composing Aspect-Oriented Design Class Models", in A. Rashid, and M. Aksit (eds). Transactions on Aspect-Oriented Software Development I, LNCS 3880, pp 75-105, Springer, 2006.

Digital Library

[18]

Shen, H., Petriu, D.C., "Performance Analysis of UML Models using Aspect Oriented Modeling Techniques", In Model Driven Engineering Languages and Systems, (L.Briand and C. Williams, Eds). LNCS Vol. 3713, pp. 156--170, Springer, 2005.

Digital Library

[19]

Smith, C. U., Performance Engineering of Software Systems, Addison-Wesley Publishing Co., New York, NY, 1990.

Digital Library

[20]

Straw, G., Georg, G., Song, E., Ghosh, S., France, R., Bieman, J. M., "Model Composition Directives", In Proc. UML 2004 - Modelling Languages and Applications, 7th Int. Conference, Lisbon, Portugal, LNCS 3273, pp 84--97, Springer 2004.

[21]

Transaction Processing Performance Council, www.tpc.org.

[22]

Woodside, C.M, Petriu, D.C., Petriu, D.B., Shen, H, Israr, T., and Merseguer, J., "Performance by Unified Model Analysis (PUMA)," In Proc. 5th Int. Workshop on Software and Performance WOSP'2005, pp. 1--12, Palma, Spain, 2005.

Digital Library

[23]

?, LQN Online Documentations, http://www.sce.carleton.ca/rads/lqn/lqn-documentation.

Cited By

Jia QCai YÇakmak OLiu AMuccini H(2023)A Model-Based, Quality Attribute-Guided Architecture Re-Design Process at GoogleProceedings of the 45th International Conference on Software Engineering: Software Engineering in Practice10.1109/ICSE-SEIP58684.2023.00011(61-73)Online publication date: 17-May-2023
https://dl.acm.org/doi/10.1109/ICSE-SEIP58684.2023.00011
Taibi DCai YWeber IMirakhorli MGodfrey MStough JPelliccione P(2023)Continuous Alignment Between Software Architecture Design and Development in CI/CD PipelinesSoftware Architecture10.1007/978-3-031-36847-9_4(69-86)Online publication date: 3-Jun-2023
https://doi.org/10.1007/978-3-031-36847-9_4
Ahmadian APeldszus SRamadan QJürjens JBodden ESchäfer WDeursen AZisman A(2017)Model-based privacy and security analysis with CARiSMAProceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering10.1145/3106237.3122823(989-993)Online publication date: 21-Aug-2017
https://dl.acm.org/doi/10.1145/3106237.3122823
Show More Cited By

Index Terms

Performance analysis of security aspects in UML models

Recommendations

Performance analysis of security aspects by weaving scenarios extracted from UML models

Aspect-oriented modeling (AOM) allows software designers to describe features that address pervasive concerns separately as aspects, and to systematically incorporate the features into a design model using model composition techniques. The goal of this ...
Read More
From UML/SPT models to schedulability analysis: approach and a prototype implementation using ATL

Model Driven Architecture (MDA) is a software development approach promoted by the OMG. MDA is based on two key concepts, models and model transformations. Several kinds of models are generally used throughout the development process to specify a ...
Read More
Modeling and integrating aspects with UML activity diagrams
SAC '09: Proceedings of the 2009 ACM symposium on Applied Computing

Dealing with crosscutting concerns has been a critical problem in software development processes. Aspect-Oriented Programming (AOP) provides a viable programming-level solution by separating crosscutting concerns from primary concerns. To facilitate ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WOSP '07: Proceedings of the 6th international workshop on Software and performance

February 2007

216 pages

ISBN:1595932976

DOI:10.1145/1216993

General Chair:
Shikharesh Majumdar,
Program Chairs:
Vittorio Cortellessa
University of L'Aquila, Italy
,
Sebastian Uchitel
University of Buenos Aires, Argentina, and Imperial College, London, UK
,
Daniel Yankelevich
Pragma Consultores, Argentina

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 February 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

WOSP07

Sponsor:

WOSP07: Workshop on Software and Performance

February 5 - 8, 2007

Buenes Aires, Argentina

Acceptance Rates

Overall Acceptance Rate 149 of 241 submissions, 62%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
1,077
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Other Metrics

View Author Metrics

Citations

Cited By

Jia QCai YÇakmak OLiu AMuccini H(2023)A Model-Based, Quality Attribute-Guided Architecture Re-Design Process at GoogleProceedings of the 45th International Conference on Software Engineering: Software Engineering in Practice10.1109/ICSE-SEIP58684.2023.00011(61-73)Online publication date: 17-May-2023
https://dl.acm.org/doi/10.1109/ICSE-SEIP58684.2023.00011
Taibi DCai YWeber IMirakhorli MGodfrey MStough JPelliccione P(2023)Continuous Alignment Between Software Architecture Design and Development in CI/CD PipelinesSoftware Architecture10.1007/978-3-031-36847-9_4(69-86)Online publication date: 3-Jun-2023
https://doi.org/10.1007/978-3-031-36847-9_4
Ahmadian APeldszus SRamadan QJürjens JBodden ESchäfer WDeursen AZisman A(2017)Model-based privacy and security analysis with CARiSMAProceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering10.1145/3106237.3122823(989-993)Online publication date: 21-Aug-2017
https://dl.acm.org/doi/10.1145/3106237.3122823
Ahmadian AJurjens J(2016)Supporting Model-Based Privacy Analysis by Exploiting Privacy Level Agreements2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)10.1109/CloudCom.2016.0063(360-365)Online publication date: Dec-2016
https://doi.org/10.1109/CloudCom.2016.0063
Motii ALanusse AHamid BBruel J(2016)Model-Based Real-Time Evaluation of Security Patterns: A SCADA System Case StudyComputer Safety, Reliability, and Security10.1007/978-3-319-45480-1_30(375-389)Online publication date: 1-Sep-2016
https://doi.org/10.1007/978-3-319-45480-1_30
Ksiezopolski B(2015)Tool supportMultilevel Modeling of Secure Systems in QoP-ML10.1201/b18579-12(197-206)Online publication date: 10-Jun-2015
https://doi.org/10.1201/b18579-12
Rusinek DKsiezopolski BWierzbicki A(2015)Security trade-off and energy efficiency analysis in wireless sensor networksInternational Journal of Distributed Sensor Networks10.1155/2015/9434752015(7-7)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.1155/2015/943475
Cheng B(2015)A Review of Dr. Robert France's Contributions and Impact on Model-Driven Engineering and Software EngineeringACM SIGSOFT Software Engineering Notes10.1145/2757308.275731240:3(23-31)Online publication date: 2-Jun-2015
https://dl.acm.org/doi/10.1145/2757308.2757312
Brosig FMeier PBecker SKoziolek AKoziolek HKounev S(2015)Quantitative Evaluation of Model-Driven Performance Analysis and Simulation of Component-Based ArchitecturesIEEE Transactions on Software Engineering10.1109/TSE.2014.236275541:2(157-175)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1109/TSE.2014.2362755
Rusinek DKsiezopolski BWierzbicki A(2015)On the Balancing Security Against Performance in Database SystemsComputer Networks10.1007/978-3-319-19419-6_10(102-116)Online publication date: 28-May-2015
https://doi.org/10.1007/978-3-319-19419-6_10
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents