-
Systematizing Modeler Experience (MX) in Model-Driven Engineering Success Stories
Authors:
Reyhaneh Kalantari,
Julian Oertel,
Joeri Exelmans,
Satrio Adi Rukmono,
Vasco Amaral,
Matthias Tichy,
Katharina Juhnke,
Jan-Philipp Steghöfer,
Silvia Abrahão
Abstract:
Modeling is often associated with complex and heavy tooling, leading to a negative perception among practitioners. However, alternative paradigms, such as everything-as-code or low-code, are gaining acceptance due to their perceived ease of use. This paper explores the dichotomy between these perceptions through the lens of ``modeler experience'' (MX). MX includes factors such as user experience,…
▽ More
Modeling is often associated with complex and heavy tooling, leading to a negative perception among practitioners. However, alternative paradigms, such as everything-as-code or low-code, are gaining acceptance due to their perceived ease of use. This paper explores the dichotomy between these perceptions through the lens of ``modeler experience'' (MX). MX includes factors such as user experience, motivation, integration, collaboration \& versioning and language complexity. We examine the relationships between these factors and their impact on different modeling usage scenarios. Our findings highlight the importance of considering MX when understanding how developers interact with modeling tools and the complexities of modeling and associated tooling.
△ Less
Submitted 28 June, 2024;
originally announced June 2024.
-
Human Factors in Model-Driven Engineering: Future Research Goals and Initiatives for MDE
Authors:
Grischa Liebel,
Jil Klünder,
Regina Hebig,
Christopher Lazik,
Inês Nunes,
Isabella Graßl,
Jan-Philipp Steghöfer,
Joeri Exelmans,
Julian Oertel,
Kai Marquardt,
Katharina Juhnke,
Kurt Schneider,
Lucas Gren,
Lucia Happe,
Marc Herrmann,
Marvin Wyrich,
Matthias Tichy,
Miguel Goulão,
Rebekka Wohlrab,
Reyhaneh Kalantari,
Robert Heinrich,
Sandra Greiner,
Satrio Adi Rukmono,
Shalini Chakraborty,
Silvia Abrahão
, et al. (1 additional authors not shown)
Abstract:
Purpose: Software modelling and Model-Driven Engineering (MDE) is traditionally studied from a technical perspective. However, one of the core motivations behind the use of software models is inherently human-centred. Models aim to enable practitioners to communicate about software designs, make software understandable, or make software easier to write through domain-specific modelling languages.…
▽ More
Purpose: Software modelling and Model-Driven Engineering (MDE) is traditionally studied from a technical perspective. However, one of the core motivations behind the use of software models is inherently human-centred. Models aim to enable practitioners to communicate about software designs, make software understandable, or make software easier to write through domain-specific modelling languages. Several recent studies challenge the idea that these aims can always be reached and indicate that human factors play a role in the success of MDE. However, there is an under-representation of research focusing on human factors in modelling. Methods: During a GI-Dagstuhl seminar, topics related to human factors in modelling were discussed by 26 expert participants from research and industry. Results: In breakout groups, five topics were covered in depth, namely modelling human aspects, factors of modeller experience, diversity and inclusion in MDE, collaboration and MDE, and teaching human-aware MDE. Conclusion: We summarise our insights gained during the discussions on the five topics. We formulate research goals, questions, and propositions that support directing future initiatives towards an MDE community that is aware of and supportive of human factors and values.
△ Less
Submitted 29 April, 2024;
originally announced April 2024.
-
On the Anatomy of Real-World R Code for Static Analysis
Authors:
Florian Sihler,
Lukas Pietzschmann,
Raphael Straub,
Matthias Tichy,
Andor Diera,
Abdelhalim Dahou
Abstract:
CONTEXT The R programming language has a huge and active community, especially in the area of statistical computing. Its interpreted nature allows for several interesting constructs, like the manipulation of functions at run-time, that hinder the static analysis of R programs. At the same time, there is a lack of existing research regarding how these features, or even the R language as a whole are…
▽ More
CONTEXT The R programming language has a huge and active community, especially in the area of statistical computing. Its interpreted nature allows for several interesting constructs, like the manipulation of functions at run-time, that hinder the static analysis of R programs. At the same time, there is a lack of existing research regarding how these features, or even the R language as a whole are used in practice. OBJECTIVE In this paper, we conduct a large-scale, static analysis of more than 50 million lines of real-world R programs and packages to identify their characteristics and the features that are actually used. Moreover, we compare the similarities and differences between the scripts of R users and the implementations of package authors. We provide insights for static analysis tools like the lintr package as well as potential interpreter optimizations and uncover areas for future research. METHOD We analyze 4230 R scripts submitted alongside publications and the sources of 19450 CRAN packages for over 350000 R files, collecting and summarizing quantitative information for features of interest. RESULTS We find a high frequency of name-based indexing operations, assignments, and loops, but a low frequency for most of R's reflective functions. Furthermore, we find neither testing functions nor many calls to R's foreign function interface (FFI) in the publication submissions. CONCLUSION R scripts and package sources differ, for example, in their size, the way they include other packages, and their usage of R's reflective capabilities. We provide features that are used frequently and should be prioritized by static analysis tools, like operator assignments, function calls, and certain reflective functions like load.
△ Less
Submitted 29 January, 2024;
originally announced January 2024.
-
Streamlining Attack Tree Generation: A Fragment-Based Approach
Authors:
Irdin Pekaric,
Markus Frick,
Jubril Gbolahan Adigun,
Raffaela Groner,
Thomas Witte,
Alexander Raschke,
Michael Felderer,
Matthias Tichy
Abstract:
Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal. However, due to the large number of vulnerabilities that are published on a daily basis, they have the potential to rapidly expand in size. Consequently, this necessi…
▽ More
Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal. However, due to the large number of vulnerabilities that are published on a daily basis, they have the potential to rapidly expand in size. Consequently, this necessitates a significant amount of resources to generate attack graphs. In addition, generating composited attack models for complex systems such as self-adaptive or AI is very difficult due to their nature to continuously change. In this paper, we present a novel fragment-based attack graph generation approach that utilizes information from publicly available information security databases. Furthermore, we also propose a domain-specific language for attack modeling, which we employ in the proposed attack graph generation approach. Finally, we present a demonstrator example showcasing the attack generator's capability to replicate a verified attack chain, as previously confirmed by security experts.
△ Less
Submitted 1 October, 2023;
originally announced October 2023.
-
Model-Based Generation of Attack-Fault Trees
Authors:
Raffaela Groner,
Thomas Witte,
Alexander Raschke,
Sophie Hirn,
Irdin Pekaric,
Markus Frick,
Matthias Tichy,
Michael Felderer
Abstract:
Joint safety and security analysis of cyber-physical systems is a necessary step to correctly capture inter-dependencies between these properties. Attack-Fault Trees represent a combination of dynamic Fault Trees and Attack Trees and can be used to model and model-check a holistic view on both safety and security. Manually creating a complete AFT for the whole system is, however, a daunting task.…
▽ More
Joint safety and security analysis of cyber-physical systems is a necessary step to correctly capture inter-dependencies between these properties. Attack-Fault Trees represent a combination of dynamic Fault Trees and Attack Trees and can be used to model and model-check a holistic view on both safety and security. Manually creating a complete AFT for the whole system is, however, a daunting task. It needs to span multiple abstraction layers, e.g., abstract application architecture and data flow as well as system and library dependencies that are affected by various vulnerabilities. We present an AFT generation tool-chain that facilitates this task using partial Fault and Attack Trees that are either manually created or mined from vulnerability databases. We semi-automatically create two system models that provide the necessary information to automatically combine these partial Fault and Attack Trees into complete AFTs using graph transformation rules.
△ Less
Submitted 18 September, 2023;
originally announced September 2023.
-
Towards Model Co-evolution Across Self-Adaptation Steps for Combined Safety and Security Analysis
Authors:
Thomas Witte,
Raffaela Groner,
Alexander Raschke,
Matthias Tichy,
Irdin Pekaric,
Michael Felderer
Abstract:
Self-adaptive systems offer several attack surfaces due to the communication via different channels and the different sensors required to observe the environment. Often, attacks cause safety to be compromised as well, making it necessary to consider these two aspects together. Furthermore, the approaches currently used for safety and security analysis do not sufficiently take into account the inte…
▽ More
Self-adaptive systems offer several attack surfaces due to the communication via different channels and the different sensors required to observe the environment. Often, attacks cause safety to be compromised as well, making it necessary to consider these two aspects together. Furthermore, the approaches currently used for safety and security analysis do not sufficiently take into account the intermediate steps of an adaptation. Current work in this area ignores the fact that a self-adaptive system also reveals possible vulnerabilities (even if only temporarily) during the adaptation. To address this issue, we propose a modeling approach that takes into account the different relevant aspects of a system, its adaptation process, as well as safety hazards and security attacks. We present several models that describe different aspects of a self-adaptive system and we outline our idea of how these models can then be combined into an Attack-Fault Tree. This allows modeling aspects of the system on different levels of abstraction and co-evolve the models using transformations according to the adaptation of the system. Finally, analyses can then be performed as usual on the resulting Attack-Fault Tree.
△ Less
Submitted 18 September, 2023;
originally announced September 2023.
-
Traceability and Reuse Mechanisms, the most important Properties of Model Transformation Languages
Authors:
Stefan Höppner,
Matthias Tichy
Abstract:
Dedicated model transformation languages are claimed to provide many benefits over the use of general purpose languages for developing model transformations. However, the actual advantages associated with the use of MTLs are poorly understood empirically. There is little knowledge and empirical assessment about what advantages and disadvantages hold and where they originate from. In a prior interv…
▽ More
Dedicated model transformation languages are claimed to provide many benefits over the use of general purpose languages for developing model transformations. However, the actual advantages associated with the use of MTLs are poorly understood empirically. There is little knowledge and empirical assessment about what advantages and disadvantages hold and where they originate from. In a prior interview study, we elicited expert opinions on what advantages result from what factors and a number of factors that moderate the influence. We aim to quantitatively asses the interview results to confirm or reject the effects posed by different factors. We intend to gain insights into how valuable different factors are so that future studies can draw on these data for designing targeted and relevant studies. We gather data on the factors and quality attributes using an online survey. To analyse the data, we use universal structure modelling based on a structure model. We use significance values and path coefficients produced bz USM for each hypothesised interdependence to confirm or reject correlation and to weigh the strength of influence present. We analyzed 113 responses. The results show that the Tracing and Reuse Mechanisms are most important overall. Though the observed effects were generally 10 times lower than anticipated. Additionally, we found that a more nuanced view of moderation effects is warranted. Their moderating influence differed significantly between the different influences, with the strongest effects being 1000 times higher than the weakest. The empirical assessment of MTLs is a complex topic that cannot be solved by looking at a single stand-alone factor. Our results provide clear indication that evaluation should consider transformations of different sizes and use-cases. Language development should focus on providing transformation specific reuse mechanisms .
△ Less
Submitted 11 May, 2023;
originally announced May 2023.
-
The Impact of Model Transformation Language Features on Quality Properties of MTLs: A Study Protocol
Authors:
Stefan Höppner,
Matthias Tichy
Abstract:
Background: Dedicated model transformation languages are claimed to provide many benefits over the use of general purpose languages for developing model transformations. However, the actual advantages and disadvantages associated with the use of model transformation languages are poorly understood empirically. There is little knowledge over what advantages and disadvantages hold in which cases and…
▽ More
Background: Dedicated model transformation languages are claimed to provide many benefits over the use of general purpose languages for developing model transformations. However, the actual advantages and disadvantages associated with the use of model transformation languages are poorly understood empirically. There is little knowledge over what advantages and disadvantages hold in which cases and where they originate from. In a prior interview study, we elicited expert opinions on what advantages result from what factors surrounding model transformation languages as well as a number of moderating factors that moderate the influence.
Objective: We aim to quantitatively asses the interview results to confirm or reject the influences and moderation effects posed by different factors and to gain insights into how valuable different factors are to the discussion.
Method: We gather data on the factors and quality attributes using an online survey. To analyse the data and examine the hypothesised influences and moderations we use universal structure modelling based on a structural equation model. Universal structure modelling will produce significance values and path coefficients for each hypothesised and modelled interdependence between factors and quality attributes that can be used to confirm or reject correlation and to weigh the strength of influence present.
Limitations: Due to the complexity and abstractness of the concepts under investigation, a measurement via reflective or formative indicators is not possible. Instead participants are queried about their assessment of concepts through a single item question. We further assume that positive and negative effects of a feature are more prominent if the feature is used more frequently.
△ Less
Submitted 14 September, 2022;
originally announced September 2022.
-
Mapping aids using source location tracking increase novices' performance in programming cyber-physical systems
Authors:
Thomas Witte,
Andrea Vogt,
Tina Seufert,
Matthias Tichy
Abstract:
Novices need to overcome initial barriers while programming cyber-physical systems behavior, like coding quadcopter missions, and should thus be supported by an adequately designed programming environment. Using multiple representations by including graphical previews is a common approach to ease coding and program understanding. However, novices struggle to map information of the code and graphic…
▽ More
Novices need to overcome initial barriers while programming cyber-physical systems behavior, like coding quadcopter missions, and should thus be supported by an adequately designed programming environment. Using multiple representations by including graphical previews is a common approach to ease coding and program understanding. However, novices struggle to map information of the code and graphical previews. Previous studies imply that mapping aids in a live programming environment might support novices while programming and foster a deeper understanding of the content. To implement these mapping aids in a domain independent way Source Location Tracking based on run-time information can be used. In our study, we tested N=82 participants while interacting and learning in an online programming environment. Using our 2x2 between-subject design study, we investigated the effects of two mapping aids: highlighting and dynamic linking on coding correctness including typical errors, and learning outcomes. Based on process data, successful strategies were analyzed. Combining both mapping aids compared to one aid resulted in higher performance. While highlights were more helpful for implementing the quadcopter missions, dynamic linking improved learning outcomes on the comprehension and application level . Traces of learning strategies were related to higher coding correctness and higher learning outcomes. Based on process data, users in the group with both aids had a higher chance of avoiding certain typical implementation mistakes. Implementing dynamic linking and highlighting through source location tracking is a promising approach to support novices to develop a better semantic understanding of the domain specific language. Depending on the coding tasks different mapping aids might be effective.
△ Less
Submitted 31 August, 2022;
originally announced August 2022.
-
Advantages and Disadvantages of (Dedicated) Model Transformation Languages A Qualitative Interview Study
Authors:
Stefan Höppner,
Yves Haas,
Matthias Tichy,
Katharina Juhnke
Abstract:
Model driven development envisages the use of model transformations to evolve models. Model transformation languages, developed for this task, are touted with many benefits over general purpose programming languages. However, a large number of these claims have not yet been substantiated. They are also made without the context necessary to be able to critically assess their merit or built meaningf…
▽ More
Model driven development envisages the use of model transformations to evolve models. Model transformation languages, developed for this task, are touted with many benefits over general purpose programming languages. However, a large number of these claims have not yet been substantiated. They are also made without the context necessary to be able to critically assess their merit or built meaningful empirical studies around them. The objective of our work is to elicit the reasoning, influences and background knowledge that lead people to assume benefits or drawbacks of model transformation languages. We conducted a large-scale interview study involving 56 participants from research and industry. Interviewees were presented with claims about model transformation languages and were asked to provide reasons for their assessment thereof. We qualitatively analysed the responses to find factors that influence the properties of model transformation languages as well as explanations as to how exactly they do so. Our interviews show, that general purpose expressiveness of GPLs, domain specific capabilities of MTLs as well as tooling all have strong influences on how people view properties of model transformation languages. Moreover, the Choice of MTL, the Use Case for which a transformation should be developed as well as the Skills of involved stakeholders have a moderating effect on the influences, by changing the context to consider. There is a broad body of experience, that suggests positive and negative influences for properties of MTLs. Our data suggests, that much needs to be done in order to convey the viability of model transformation languages. Efforts to provide more empirical substance need to be undergone and lackluster language capabilities and tooling need to be improved upon. We suggest several approaches for this that can be based on the results of the presented study.
△ Less
Submitted 4 July, 2022; v1 submitted 31 January, 2022;
originally announced January 2022.
-
A Domain-Specific Language for Modeling and Analyzing Solution Spaces for Technology Roadmapping
Authors:
Alexander Breckel,
Jakob Pietron,
Katharina Juhnke,
Florian Sihler,
Matthias Tichy
Abstract:
The introduction of major innovations in industry requires a collaboration across the whole value chain. A common way to organize such a collaboration is the use of technology roadmaps, which act as an industry-wide long-term planning tool. Technology roadmaps are used to identify industry needs, estimate the availability of technological solutions, and identify the need for innovation in the futu…
▽ More
The introduction of major innovations in industry requires a collaboration across the whole value chain. A common way to organize such a collaboration is the use of technology roadmaps, which act as an industry-wide long-term planning tool. Technology roadmaps are used to identify industry needs, estimate the availability of technological solutions, and identify the need for innovation in the future. Roadmaps are inherently both time-dependent and based on uncertain values, i.e., properties and structural components can change over time. Furthermore, roadmaps have to reason about alternative solutions as well as their key performance indicators. Current approaches for model-based engineering do not inherently support these aspects.
We present a novel model-based approach treating those aspects as first-class citizens. To address the problem of missing support for time in the context of roadmap modeling, we introduce the concepts of a common global time, time-dependent properties, and time-dependent availability. This includes requirements, properties, and the structure of the model or its components as well. Furthermore, we support the specification and analysis of key performance indicators for alternative solutions. These concepts result in a continuous range of various valid models over time instead of a single valid model at a certain point of time. We present a graphical user interface to enable the user to efficiently create and analyze those models. We further show the semantics of the resulting model by a translation into a set of global constraints as well as how we solve the resulting constraint system. We report on the evaluation of these concepts and the Iris tool with domain experts from different companies in the automotive value chain based on the industrial case of a smart sensing electrical fuse.
△ Less
Submitted 24 September, 2021;
originally announced September 2021.
-
Verlässliche Software im 21. Jahrhundert
Authors:
Stefan Wagner,
Matthias Tichy,
Michael Felderer,
Stefan Leue
Abstract:
Software is the main innovation driver in many different areas, like cloud services, autonomous driving, connected medical devices, and high-frequency trading. All these areas have in common that they require high dependability. In this paper, we discuss challenges and research directions imposed by these new areas on guaranteeing the dependability. On the one hand challenges include characteristi…
▽ More
Software is the main innovation driver in many different areas, like cloud services, autonomous driving, connected medical devices, and high-frequency trading. All these areas have in common that they require high dependability. In this paper, we discuss challenges and research directions imposed by these new areas on guaranteeing the dependability. On the one hand challenges include characteristics of the systems themselves, e. g., open systems and ad-hoc structures. On the other hand, we see new aspects of dependability like behavioral traceability.
△ Less
Submitted 4 December, 2018;
originally announced December 2018.