In this demonstration we show our language Ptolemy, which allows for separation of crosscutting concerns while maintaining modular reasoning. We demonstrate the benefits of Ptolemy over existing aspect-oriented langua...
详细信息
ISBN:
(纸本)9781450309424
In this demonstration we show our language Ptolemy, which allows for separation of crosscutting concerns while maintaining modular reasoning. We demonstrate the benefits of Ptolemy over existing aspect-orientedlanguages and implicit invocation designs. Ptolemy's quantified, typed events provide a flexible quantification mechanism that acts as a declarative interface between object-oriented code and crosscutting code. Events are announced explicitly and declaratively. Event types allow for compile-time errors and avoid the fragile pointcut problem of aspect-orientedlanguages. The interface provided by event types also allows for modular reasoning, without considering all aspects in the system. The declarative event announcement allows avoiding writing tedious and error-prone boiler-plate code that implicit invocation designs require. We demonstrate several realistic examples that showcase the features of the Ptolemy language and show use of Ptolemy's compiler. The demonstrated compiler is built on top of the OpenJDK Java compiler (javac), providing full backwards compatibility with existing Java sources as well as ease of integration into the existing tool chains. We show how to integrate the compiler into both existing Ant and Eclipse builds.
This paper presents F4F (Framework For Frameworks), a system for effective taint analysis of framework-based web applications. Most modern web applications utilize one or more web frameworks, which provide useful abst...
详细信息
ISBN:
(纸本)9781450309400
This paper presents F4F (Framework For Frameworks), a system for effective taint analysis of framework-based web applications. Most modern web applications utilize one or more web frameworks, which provide useful abstractions for common functionality. Due to extensive use of reflective language constructs in framework implementations, existing static taint analyses are often ineffective when applied to framework-based applications. While previous work has included ad hoc support for certain framework constructs, adding support for a large number of frameworks in this manner does not scale from an engineering standpoint. F4F employs an initial analysis pass in which both application code and configuration files are processed to generate a specification of framework-related behaviors. A taint analysis engine can leverage these specifications to perform a much deeper, more precise analysis of framework-based applications. Our specification language has only a small number of simple but powerful constructs, easing analysis engine integration. With this architecture, new frameworks can be handled with no changes to the core analysis engine, yielding significant engineering benefits. We implemented specification generators for several web frameworks and added F4F support to a state-of-the-art taint-analysis engine. In an experimental evaluation, the taint analysis enhanced with F4F discovered 525 new issues across nine benchmarks, a harmonic mean of 2.10X more issues per benchmark. Furthermore, manual inspection of a subset of the new issues showed that many were exploitable or reflected bad security practice.
Despite many evolutions in the software architecture of enterprise applications, one thing has remained the same over the years: They still use a relational database both for data persistence and transactional support...
详细信息
ISBN:
(纸本)9781450309424
Despite many evolutions in the software architecture of enterprise applications, one thing has remained the same over the years: They still use a relational database both for data persistence and transactional support. We argue that such design, once justified by hardware limitations, endured mostly for legacy reasons and is no longer adequate for a significant portion of modern applications running in a new generation of multicore machines with very large memories. We propose a new architecture for enterprise applications that uses a Software Transactional Memory for transactional support at the application server tier, thereby shifting the responsibility of transaction control from the database to the application server. The database tier remains in our architecture with the sole purpose of ensuring the durability of data. With this change we are able to provide strictly serializable transaction semantics, and we do so with increased performance. Thus, we claim that strict serializability is harmless, in the sense that programmers no longer have to trade correctness for performance for a significant class of applications. We have been using this new architecture since 2005 in the development of real-world complex object-orientedapplications, and we present statistical data collected over several years about the workload patterns of these applications, revealing a surprisingly low rate of write transactions.
JavaScript developers create programs by calling functions and they use functions to construct objects. JavaScript development tools need to report to developers about those functions and constructors, for example in ...
详细信息
ISBN:
(纸本)9781450309424
JavaScript developers create programs by calling functions and they use functions to construct objects. JavaScript development tools need to report to developers about those functions and constructors, for example in debugger call-stacks and in object representations. However, most functions are anonymous: developers need not to specify names for functions. Based on our analysis of ten large, widely used JavaScript projects, less than 7% of JavaScript functions are named by developers. After studying examples from these JavaScript projects, we propose Static Function-object Consumption, a principled, automated approach based on local source code analysis for providing names to nameless JavaScript functions. We applied our approach to 90000 anonymous functions that appeared in the analyzed JavaScript projects. The approach is successful in naming more than 99% (91% are unique within their file) of anonymous functions while the average length of function names is kept less than 37 characters.
The proceedings contain 33 papers. The topics discussed include: Flapjax: a programming language for Ajax applications;CZ: multiple inheritance without diamonds;Grace: safe multithreaded programming for C/C++;a type a...
ISBN:
(纸本)9781605587349
The proceedings contain 33 papers. The topics discussed include: Flapjax: a programming language for Ajax applications;CZ: multiple inheritance without diamonds;Grace: safe multithreaded programming for C/C++;a type and effect system for deterministic parallel Java;how a Java VM can get more from a hardware performance monitor;a concurrent dynamic analysis framework for multicore hardware;inferred call path profiling;accelerating the creation of customized, language-specific IDEs in Eclipse;debug all your code: portable mixed-environment debugging;strictly declarative specification of sophisticated points-to analyses;profile-guided static typing for dynamic scripting languages;static extraction and conformance analysis of hierarchical runtime architectural structure using annotations;allocation wall: a limiting factor of Java applications on emerging multi-core platforms;executing code in the past: efficient in-memory object graph versioning;and optimizing programs with intended semantics.
The proceedings contain 121 papers. The topics discussed include: agile development: overcoming a short-term focus in implementing best practices;making SOA work in a healthcare company;scalable nonblocking concurrent...
ISBN:
(纸本)9781605587660
The proceedings contain 121 papers. The topics discussed include: agile development: overcoming a short-term focus in implementing best practices;making SOA work in a healthcare company;scalable nonblocking concurrent objects for mission critical code;bit syntax for java;using a recursive traversal algorithm with an active composite pattern in swing applications;toward cloud-agnostic middlewares;using RESTful web-services and cloud computing to create next generation mobile applications;refactoring UML models: using openarchitectureware to measure UML model quality and perform pattern matching on UML models with OCL queries;an extensible framework for tracing model evolution in SOA solution design;reverse generation and refactoring of fit acceptance tests for legacy code;a different kind of programminglanguages course;using Python and QuickDraw to foster student engagement in CS1;and easing up on the introductory computer science syllabus: a shift from syntax to concepts.
The proceedings contain 10 papers. The topics discussed include: of scripts and programs: tall tales, urban legends, and future prospects;beyond static and dynamic scope;groovy package templates: supporting reuse and ...
ISBN:
(纸本)9781605587691
The proceedings contain 10 papers. The topics discussed include: of scripts and programs: tall tales, urban legends, and future prospects;beyond static and dynamic scope;groovy package templates: supporting reuse and runtime adaption of class hierarchies;contracts for first-class modules;language embedding and optimization in Mython;directing JavaScript with arrows;context-oriented software transactional memory in common Lisp;fast type reconstruction for dynamically typed programminglanguages;optimization of dynamic languages using hierarchical layering of virtual machines;the Ruby intermediate language;and hosting an object heap on manycore hardware: an exploration.
The healthcare industry in United States is the largest delivery system in the world. However, this system is facing significant pressures to transform itself to operate more efficiently. It is generally accepted that...
详细信息
ISBN:
(纸本)9781450309424
The healthcare industry in United States is the largest delivery system in the world. However, this system is facing significant pressures to transform itself to operate more efficiently. It is generally accepted that the use of health information technology can assist in solving the problem by reducing cost and increasing quality of patient care. However characteristics of adopters and quality of implementations are not well understood and are an ongoing challenge. Using an interdisciplinary study of healthcare and technology, the objective of this research is to measure the prevalence of health information technology capabilities and their impact on delivery of care. More specifically, this research will study health information technology adoption in context of Patient-Centered Medical Home implementations. By using as its basis the American Association of Family Physician recommendations for becoming a Patient-Centered Medical Home (one of the most widely disseminated models), the proposed research will survey health care providers for prevalence of structural and behavioral capabilities used to implement a Patient-Centered Medical Home. The general objectives of the feasibility study includes demonstrating the larger research objectives and demonstrating that the right mix of theories and methodologies have been considered. The small field study was conducted at Oregon Health & Science University (OHSU) with the Care Management Plus (CMP) Team. CMP is a proven HIT application for older adults and chronically ill patients with multiple conditions and the innovation includes software, clinic processes and training. Use of qualitative research based case study, with application of diffusion theory and dynamic capabilities using the Unified Modeling Language (UML) notation are demonstrated in this field study. In the following sections data collection, analysis, results, conclusions and limitations of research along with propositions for future research are discuss
The modularity of aspect-orientedprogramming (AOP) has been a controversial issue. To investigate this issue compared with object-orientedprogramming (OOP), we propose a simple language providing AOP mechanisms, whi...
详细信息
ISBN:
(纸本)9781450302036
The modularity of aspect-orientedprogramming (AOP) has been a controversial issue. To investigate this issue compared with object-orientedprogramming (OOP), we propose a simple language providing AOP mechanisms, which are enhanced traditional OOP mechanisms. We also present its formal system and then show that programs in this language can be only mostly modularly (i.e. separately) typechecked and compiled. We mention a source of this unmodularity and discuss whether or not it is appropriate to claim that AOP breaks modularity compared with OOP.
暂无评论