Yijun Yu · Arosha Bandara · Shinichi Honiden Zhenjiang Hu · Tetsuo Tamai · Hausi Muller John Mylopoulos · Bashar Nuseibeh Eds. Engineering Adaptive Software Systems Communications of NII Shonan Meetings Engineering Adaptive Software Systems Yijun Yu • Arosha Bandara (cid:129) Shinichi Honiden Zhenjiang Hu (cid:129) Tetsuo Tamai (cid:129) Hausi Muller John Mylopoulos (cid:129) Bashar Nuseibeh Editors Engineering Adaptive Software Systems Communications of NII Shonan Meetings 123 Editors YijunYu AroshaBandara TheOpenUniversity TheOpenUniversity MiltonKeynes,UK MiltonKeynes,UK ShinichiHoniden ZhenjiangHu NationalInstituteofInformatics NationalInstituteofInformatics Tokyo,Japan Tokyo,Japan TetsuoTamai HausiMuller HoseiUniversity UniversityofVictoria Tokyo,Japan Victoria,BC,Canada JohnMylopoulos BasharNuseibeh UniversityofToronto TheOpenUniversity Toronto,Canada MiltonKeynes,UK ISBN978-981-13-2184-9 ISBN978-981-13-2185-6 (eBook) https://doi.org/10.1007/978-981-13-2185-6 LibraryofCongressControlNumber:2018961997 ©SpringerNatureSingaporePteLtd.2019 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartof thematerialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodology nowknownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthors,andtheeditorsaresafetoassumethattheadviceandinformationinthisbook arebelievedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsor theeditorsgiveawarranty,expressorimplied,withrespecttothematerialcontainedhereinorforany errorsoromissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictional claimsinpublishedmapsandinstitutionalaffiliations. ThisSpringerimprintispublishedbytheregisteredcompanySpringerNatureSingaporePteLtd. The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore Preface The first Shonan Meeting on Engineering Adaptive Systems (EASy) [1], which was held in 2012, generated heated discussions on the problems and challenges aboutself-managingsystems.Participantsfrommultipledisciplinariesreachedthe consentthatEASyhasbynomeansaneasysolutioninsoftwareengineeringalone, nottomentionmanyotherchallengesingeneralsystemengineering. TheorganisersofthefollowingShonanmeetings[2,3]decidedtofocusonthe problems and solutions that can help engineer adaptive software, hence a change of the focus to Engineering Adaptive Software Systems (EASSy). The technical reports above have gathered from abstracts of all individual participants; however, therehasnotyetbeenafullreportonthecruxofinterestingviewpoints,whichcould collaboratively pave the way to solve some aspects of the long-standing research problems. This book is a collection of materialised reflections by some of our active participants present in much greater details, which we hope can fuel a tank of thoughtsforengineeringthenext-generationadaptivesoftwaresystems. Thechaptersincludedinthebookhaveagoodcoverageofthearea,rangingfrom designandengineeringprinciples(Chap.1)tocontrol-theoreticsolutions(Chap.2) and bidirectional transformations (Chap.3), which can be seen as promising ways to implement the functional requirements of self-adaptive systems. Important quality requirements are also dealt with by these approaches: parallel adaptation for performance (Chap.4), self-adaptive authorization infrastructure for security (Chap.5), and self-adaptive risk assessment for self-protection (Chap.6). Finally, Chap.7providesaconcreteself-adaptiveroboticsoperatingsystemasatestbedfor self-adaptivesystems. Althoughbynomeansacompletecoverageofallpossibleresearchtopics,these chapters can be seen as concrete research agenda’s proposed by experts in these areas. v vi Preface In a nutshell, we hope the book will initiate promising progresses in this interdisciplinaryresearchfield. ShonanVillage,Japan, EASSyShonanMeetingsOrganisers MiltonKeynes,UK YijunYu MiltonKeynes,UK AroshaBandara Tokyo,Japan ShinichiHoniden Tokyo,Japan ZhenjiangHu Tokyo,Japan TetsuoTamai Victoria,BC,Canada HausiMuller Toronto,Canada JohnMylopoulos MiltonKeynes,UK BasharNuseibeh July2018 References 1.Bandara, A., Yu, Y., Nuseibeh, B., Honiden, S.: Engineering adaptive systems. In: Shonan Meetings,ShonanTechnicalReport003,Shonan,Japan(2012) 2.Yu,Y.,Honiden,S.,Muller,H.A.,Mylopoulos,J.:Engineeringadaptivesoftwaresystems.In: ShonanMeetings,ShonanTechnicalReport027,Shonan,Japan(2013) 3.Tamai, T., Muller, H.A., Nuseibeh, B.: Engineering adaptive software systems. In: Shonan Meetings,ShonanTechnicalReport052,Shonan,Japan(2015) Contents 1 DesignandEngineeringofAdaptiveSoftwareSystems................. 1 SoichiroHidaka,ZhenjiangHu,MarinLitoiu,LinLiu,PatrickMartin, XinPeng,GuilingWang,andYijunYu 2 Self-AdaptationofSoftwareUsingAutomaticallyGenerated Control-TheoreticalSolutions.............................................. 35 StepanShevtsov,DannyWeyns,andMartinaMaggio 3 Challenges in Engineering Self-Adaptive Authorisation Infrastructures ............................................................... 57 LionelMontrieux,RogériodeLemos,andChrisBailey 4 BidirectionalTransformationsforSelf-AdaptiveSystems .............. 95 Lionel Montrieux, Naoyasu Ubayashi, Tianqi Zhao, Zhi Jin, andZhenjiangHu 5 ParallelAdaptationofMultipleServiceCompositionInstances ....... 115 RafaelRoqueAschoff,AndreaZisman,andPedroAlexandre 6 Assessing Security and Privacy Behavioural Risks forSelf-ProtectionSystems ................................................. 135 YijunYu,YoshiokaNobukazu,andTetsuoTamai 7 Experimenting with Adaptation in Smart Cyber-Physical Systems:AModelProblemandTestbed .................................. 149 Vladimir Matena, Tomas Bures, Ilias Gerostathopoulos, andPetrHnetynka vii Chapter 1 Design and Engineering of Adaptive Software Systems SoichiroHidaka,ZhenjiangHu,MarinLitoiu,LinLiu,PatrickMartin, XinPeng,GuilingWang,andYijunYu Abstract New challenges such as big data, ultra-large-scale services, and contin- uously available services are driving the evolution to adaptive software systems, which are able to modify their behavior in response to their environmental and ThischapterwaseditedbySoichiroHidakaandPatrickMartin. S.Hidaka((cid:2)) HoseiUniversity,Tokyo,Japan e-mail:[email protected] Z.Hu NationalInstituteofInformatics,Tokyo,Japan e-mail:[email protected] M.Litoiu YorkUniversity,Toronto,ON,Canada e-mail:[email protected] L.Liu SchoolofSoftware,TsinghuaUniversity,Beijing,China e-mail:[email protected] P.Martin Queen’sUniversity,Kingston,ON,Canada e-mail:[email protected] X.Peng FudanUniversity,Shanghai,China e-mail:[email protected] G.Wang BeijingKeyLaboratoryonIntegrationandAnalysisofLarge-ScaleStreamData, NorthChinaUniversityofTechnology,Beijing,China e-mail:[email protected] Y.Yu TheOpenUniversity,MiltonKeynes,UK e-mail:[email protected] ©SpringerNatureSingaporePteLtd.2019 1 Y.Yuetal.(eds.),EngineeringAdaptiveSoftwareSystems, https://doi.org/10.1007/978-981-13-2185-6_1 2 S.Hidakaetal. internalchanges,inordertoachievetheirgoals.Providingsupportinallphasesof thelifecycleofadaptivesoftwaresystemsisthusanimportantchallengefacingthe softwareengineeringresearchcommunity.Thischapterhighlightscurrentresearch on methods and techniques for the design and engineering of adaptive software systems. The design space for self-adaptive systems is first examined, and then a goal-orientedframeworkforadaptiveservicecompositionisdescribed.Thehuman factors component of the design of adaptive systems are considered from four different points of view. We then argue that model management from database community can be adapted for effective development of self-adaptive systems. Finally,sustainabilityofadaptivecomponentsareshowntobeachievedbymaking requirementsfuture-proof. 1.1 Introduction Theneedforsoftwaresystemstoaccommodatethedemandsofnewchallengessuch asbigdata,ultra-large-scaleservices,andcontinuouslyavailableservicesisdriving theevolutiontoadaptivesoftwaresystems,whichareabletomodifytheirbehavior inresponsetochangesintheirexternalenvironment,orinthesystemitself,inorder toachievetheirgoals.Themechanismstoachievetheseadaptationsmusttherefore beoneofthefocusesofthesystem’sdevelopmentandmaintenance. There is a strong agreement in the self-adaptive systems community that the design and implementation of self-adaptive systems should be based on feedback loops.Brunetal.[9],intheirearlierresearchroadmappaper,emphasizefeedback loops as first-class design entities and argue that loops are the essential features in controlling and managing uncertainties in software systems. They assert that, by making feedback loops visible, the impact of these feedback loops on system behavior could be identified earlier and the most important properties of self- adaptation could be addressed. Feedback loops are therefore an important focus oftheworkdiscussedinthechapter. Providingsupportinallphasesofthelifecycleofadaptivesoftwaresystemsisan importantchallengefacingthesoftwareengineeringresearchcommunity[15,20]. Thischapter highlightscurrentresearchonmethods and techniques forthedesign andengineeringofadaptivesoftwaresystems. 1.2 DesigningAdaptiveSoftwareSystems The design of adaptive software systems involves making decisions about observ- ing the environment and the system itself, selecting adaptation mechanisms and enactingthemechanisms[20].InthissectionLitoiufirstexaminesthedesignspace for adaptive systems on Software Defined Infrastructure (SDIs) such as clouds. SDIsintroduceadditionalcomplexityforthedesignofadaptivesystemsinthatan adaptationperformedbyasystemcanaffectboththesystemandtheSDI. 1 DesignandEngineeringofAdaptiveSoftwareSystems 3 Service orientation is a leading form for Web-based software applications that allowdistributedenterprisebusinessprocessestointegratethroughthecomposition ofindividualindependentlydevelopedservices.Compositeservices,however,need toevolveandreorganize asnewrequirements andservicesemerge.LiuandWang nextdescribeagoal-orientedframeworkforadaptiveservicecomposition. Human factors are another important aspect of design since humans influence the adaptive software systems in various ways. Adaptive software systems fulfill the stakeholders’ requirements through the cooperation of human, hardware, and software.Pengconsiderstheimpactofhumaninvolvementonthedesignofadaptive softwaresystemsfromfourdifferentviewpoints,namely,experts,users,agents,and components. 1.2.1 DesignSpaceforSelf-AdaptiveSystems Designing an adaptive system encompasses decisions such as what and how to monitor the system and its environment, how and when to select and activate adaptations, etc. More recently, Brun et al. [10] introduce the concept of design space for adaptive systems, which contains key questions to ask when designing a self-adaptive system.The authors present a conceptual model of how toidentify different components of an adaptive system by answering a set of questions along fivedimensions:identification,observation,representation,control,andadaptation mechanisms. In recent years, companies and institutions have started to deploy and run their applications on Software Defined Infrastructure (SDI), typified by clouds. The main consequence of this is that the self-adaptive feedback loops built around an application can change not only the application but the application’s environment, that is, the cloud, as well. One example of such a SDI is SAVI cloud1 which is an Extended Cloud consisting of edges and a core. The edges are resource- constrained clouds, primarily aimed to host latency-sensitive components/services of the application. Meanwhile, the core has ample resources and is capable of executingthemoreresource-intensivecomponents/services. FeedbackloopsinaSDIhavetoconsidertheparticularitiesoftheinfrastructure, especiallythefactthattheSDIisprogrammable andresources(softwareservices, network, storage), exposed as services, can be acquired, released, or tuned at runtime.Figure1.1showsareferencefeedbackloopforapplicationsdeployedona SDI.Therearetwobasiccomplementarysetsofloops,composedofvariedservices, thatcanworkatdifferenttimescales,withdifferentperformance: (cid:129) Reactivefeedback(blackarrows):reactstocurrentloadandevents,implements simplecontroldecisionssuchasPID(proportional,integrative,derivative).These loopsarefastbutarelimitedintheadaptationsolutionstheyprovide ContributedbyMarinLitoiu. 1http://www.savinetwork.ca