Formalization and Detection of Software
Design Patterns

Abstract

In the present day scenario, the application software has turned out to be extremely complex because the developers try to accommodate to various changing needs of users.Hence they often intend to capture common aspects of previously developed similar software that are frequently reoccurred for other systems.Assigning a proper framework for the frequently reoccurring aspects or often called as “design patterns”, is carried out during design phase of the proposed software. Design patterns support reuse of software architecture and standardize the way designs are developed. Software patterns often capture the static and dynamic aspects and collaborations of acceptable solutions to the problem that arise when building applications. It is observed that the representation of design patterns is
available in the form of informal or semi-formal language, which makes it difficult to apply design patterns directly. In this thesis, the concept of design patterns is analyzed by using both forward engineering and reverse engineering techniques.In the process of forward engineering, a lightweight formal notation has been used to formalize the concept of design patterns.In reverse engineering approach, detection of design patterns has been performed.In the process of formalization, security design patterns are considered to formalize a security aspect of a system. The detection process is carried out by applying software metrics, machine learning techniques, a feature selection technique and a graph-based technique.
Formalization of security design patterns is an essential task because security issues in software industries are day-by-day becoming too much challenging due to malicious attacks, resulting in exploration of the security holes in a software system.To secure the information assets associated with any software system, organizations need to design the system based on security patterns, which are useful to build and test various security mechanisms. Considering patterns are nothing but certain design guidelines, but they have certain limitations in terms of consistency and usability. Hence, these security patterns may sometimes act as insecure. In this research work, an attempt has been made to compose security patterns for the web-based application. Subsequently, a formal modeling approach for the composition of security design patterns is presented in order to formalize the design.For maximizing comprehensibility, Unified Modeling Language(UML) notations are helpful to represent structural and behavioral aspects of a web-based system. A formal modeling language i.e., Alloy is considered for analyzing web-based security patterns.For the demonstration of this approach, a case study on banking system is considered.A qualitative evaluation is performed for the identified security patterns against the critical security properties. In this study, a model-driven framework is presented that helps to automate the process of analyzing web security patterns.
In reverse engineering approach, software developer requires to understand the undocumented design of a system. Detecting design patterns of a system help reverse engineers with considerable insight on the system structure and its internal attributes.In this research work, an attempt has been made to detect software design patterns by using software metrics and classification based techniques. The proposed method is carried out in two phases, creation of metrics-oriented dataset and detection of software design patterns. The creation of datasets is performed by using software metrics for the learning of classifiers.Subsequently, pattern detection process has been performed by using classification-based techniques such as Artificial Neural Network, Support Vector Machine and Random Forest. In order to evaluate the proposed method, the results of experiments are shown by considering four open source software such as JHotDraw,QuickUML,JUnit and Quaqua.
It is observed that a large number of features occurred during the preparation of datasets,which need to be reduced. In order to reduce redundant features, an application of feature selection technique is presented. This study presents a semi-automated technique for the
formation of pattern-based dataset. Subsequently, feature selection technique is applied on the prepared dataset. Identification of design patterns is performed by using learning based methods such as Artificial Neural Network, Support Vector Machine, Random Forest, Layered Recurrent Neural Network and Logistic Regression methods. In order to validate the proposed method, a set of case studies such as JHotDraw, JRefactory, CubeTwister, JUnit, QuickUML, Quaqua, MapperXML and PMD have been considered.
After applying machine learning techniques, the same job of detection of patterns are further carried out by considering a graph-based approach. Graph isomorphism and
normalized cross correlation techniques have been applied for the mining of software patterns, where system as well as associated design patterns are presented in the form of graphs. The graph isomorphism technique finds the pattern subgraph in the system graph and normalized cross-correlation technique provides a way to formulate the percentage existence of the design pattern in the system. An algorithm is presented to identify relevant information from the XML files. Then graph isomorphism and normalized cross-correlation techniques are used to find the pattern subgraph and its percentage existence in the system.This approach has been tested on four open source software such as Jrat,JUnit, Lexi-Alpha and Informa for the identification of Composite, Facade, Flyweight, State, and Template Method design patterns.