EuroPLoP 2015 - List of published papers
A pattern language for use cases specification Alberto Rodrigues da Silva, Dušan Savić, Siniša Vlajić, Ilija Antović, Saša Lazarević, Vojislav Stanojević, Miloš Milić
Use cases describe a set of interactions between actors/users and the system under study. These interactions should be described textually according to some style and template to be simultaneously readable, consistent and verifiable. The main reason for these qualities is that use cases specification should be used both by business analysts and requirements engineers, when specifying functional requirements, as well as by software developers, when designing and implementing the involved system functionality. In spite of the popularity of use cases, there are not many patterns and guidance to help produce use cases specifications in a systematic and high-quality way. Furthermore, in the context of Model Driven Development (MDD) approaches, use cases specifications can be also considered models with precise syntax and semantics to be automatically validated or used in model-to-model or model-to-text transformations. In this paper we propose a pattern language to improve the quality of use cases specifications. These patterns are concrete guidelines that have emerged from the research and industrial experience of the authors throughout the years, particularly in the designing of MDD languages and approaches and in applying them in concrete applications. These patterns are interconnected among themselves and are the following: (P1) Define Use Case Types, (P2) Keep Use Case Consistent with the Domain Model, (P3) Define Use Case with Different Scenario and Interaction Block Types, and (P4) Define Use Case with Different Action Types.
Five patterns for designing pattern mining workshops Yuma Akado, Sakurako Kogure, Alice Sasabe, Jei-Hee Hong, Keishi Saruwatari, Takashi Iba
In this paper, we present five ideas for designing pattern mining workshop. The ideas we propose are (1) Dual Motivation; setting different goals for participants and organizers, (2) Solution-Problem Pair; extracting both "Solution" and "Problem," (3) Topic Card; using "Topic cards" for accelerating the dialogues, (4) Generator; positioning a "Generator" who supports the mining process, and (5) Stage Setting; making suitable atmosphere based on the theme. As a practice of these five patterns, we will use the case of "Generative Beauty Workshop: A Workshop for living your beautiful life to the fullest" held by Generative Beauty Project from Takashi Iba Laboratory. We expect these ideas would be helpful for the people who are willing to design a pattern mining workshop for their research.
Guiding the selection of security patterns based on security requirements and pattern classification Anas Motii, Brahim Hamid, Agnès Lanusse, Jean-Michel Bruel
Security pattern-based system and software engineering (PBSE) approaches aim at building secure software and systems by capturing and reusing artifacts that encapsulate security expert's knowledge called security patterns. In this context, security patterns are selected by developers based on security requirements. On the other hand, security risk management is an iterative approach that consists of: (1) a risk assessment activity for identifying, analyzing and evaluating security risks and (2) a risk treatment activity to mitigate these risks which result in issuing security requirements. Hence, risk management and security PBSE can be used together. In this context, this paper aims at guiding the selection of security patterns in security PBSE based on security risk management results and pattern classification. For illustration purposes, we consider an example of a SCADA (Supervisory Control And Data Acquisition) system.
Fundamental behavioral properties, part I: extending the theory of centers for pattern language 3.0 Takashi Iba, Arisa Kamada, Yuma Akado, Takuya Honda, Alice Sasabe, Sakurako Kogure
Christopher Alexander explored the hidden quality in a town or a building and defined the concepts of wholeness and centers in his book, The Nature of Order. He said that the whole becomes lively when centers intensify each other and proposed fifteen fundamental properties that describe how centers intensify each other. These properties are geometrical so it is still unknown whether it will work for things that are hard to perceive only by shapes or spatial characteristics, such as human actions or society. In this paper, we present the fundamental behavioral properties of lively human actions, found through the investigation of human activity Pattern Languages on the basis of Alexander's theory of wholeness and center. Out of the 24 properties we found, we introduce 6 properties in this paper: 1. BOOTSTRAP, 2. SOURCE, 3. SPREADING, 4. ATTRACTION, 5. INVOLVING, and 6. TOGETHERNESS.
Patterns to build the magic backlog Lise B. Hvatum, Rebecca Wirfs-Brock
Agile development processes are driven from a backlog of development items. This paper describes patterns to build and structure the backlog for an agile development effort using the outcomes of requirements elicitation and analysis. The need to formalize the backlog increases with the size of the project.
The business of open source: missing patterns Michael Weiss
Open source has become an integral part of commercial software development. An open source business is a business that uses open source as a strategy to strengthen its business model. This paper documents common patterns followed by open source businesses. It complements a series of papers on open source business patterns that together form a pattern language on open source business. It identifies a gap in the existing pattern language and adds three new patterns (HEALTHY COMMUNITY, DUAL PRODUCT, and IP MODULARITY). The patterns are aimed at entrepreneurs, managers in established companies, and students interested in business models that use open source.
Data-driven design pattern production: a case study on the ASSISTments online learning system Paul Salvador Inventado, Peter Scupelli
Recently, online learning systems such as cognitive tutors, online courses, and massive open online courses (MOOCS) increased in popularity in various domains. The design quality of online learning systems is difficult to maintain. Multiple stakeholders are involved (e.g., software developers, interaction designers, learning scientists, teachers), the system is complex, there are rapid changes in software, platforms (e.g., mobile, tablet, desktop) and learning subject content, and so forth. Many existing online learning systems collect a significant amount of data that describe students' learning gains and affective states, which are indirect measures of system quality. Analysis of online learning system data can uncover linkages between particular design choices made and student learning. In this paper, we describe the data-driven design pattern production (3D2P) methodology to prospect, mine, write, and evaluate design patterns for online learning systems from collected data. Design patterns are high quality solutions for recurring problems in a particular context. Patterns identified with 3D2P can guide the addition of new content and the modification of system designs to maintain the quality of online learning systems. A case study on the ASSISTments math online learning system is presented to demonstrate the 3D2P methodology and discuss its benefits and limitations.
Design of knowledge management info-structures Elissaveta Gourova, Mila Dragomirova
Nowadays, knowledge is in the centre of organisational competitiveness and growth. It is difficult to manage knowledge as it resides in human minds. Knowledge Management success requires a synergy of organisational, technological and human-focused initiatives and tools integrated in a single system. This paper extends the patterns presented at VikingPLoP 2014 and EuroPLoP 2014 related to Knowledge Management systems and strategy. Its goal is to add sub-patterns in the area of information structures, and more specifically, focused on describing business processes -- their context and knowledge profile.
Interaction design patterns for spatio-temporal annotations in video learning environments Niels Seidel
This paper highlights interaction design patterns that are related to different types of video annotations within video learning environments. The implicit solutions outline different ways to augment videos in terms of rich and interactive multimedia. Therefore we distinguish time-dependent from time-related annotations as well as the position inside or outside the video frame. The patterns represent a subset of a pattern language of current 40 patterns that depict common solutions of recurring problems in the design and development of video learning environments. These patterns result from a content analysis of 118 video environments that were designated for learning. While 11 patterns in that language refer to macro interactions that affect one or many videos as a whole the remaining patterns as those presented here incorporate micro interactions within the video player. Altogether 18 patterns address video annotations. Six of them will be the object of this paper: Annotations, Table of Content, Overlay, Visual Highlighting, Simultaneous Media, and Follow Revisions.
Making web video accessible: interaction design patterns for assistive video learning environments Niels Seidel
This paper discusses four interaction design patterns that constitute assistive solutions to enhance the accessibility of audible and visual information inside learning environments. These patterns result from a content analysis of 118 video environments that were designated for learning. The analysis yields a pattern language of currently 40 patterns that describes common solutions of recurring problems in the design and development of video learning environments. Beside the complete representation of the accessibility patterns Closed Captions, Transcript, Zoom, and Shortcut Commands, this paper draws attention to possible ways of structuring the pattern language.
Trident architectural views: a pattern for dependable systems design Christian Kreiner
The TRIDENT ARCHITECTURAL VIEWS pattern is a systematic approach to architecting complex dependable systems. While engineering system functionality through several steps of refinement with full traceability is well established, dependability attributes like functional safety and IT security are hard to control during the creative steps of design. TRIDENT ARCHITECTURAL VIEWS has been mined primarily from best practices in engineering of systems exhibiting functional safety. It provides a three-view framework with Functional, Element, and Composition together with nine relations that guide architecture work for dependable systems.
Patterns for integrating agile development processes and user centred design Dina Salah, Richard Paige, Paul Cairns
The aim of this paper is to report the patterns that emerged as a result of conducting two studies: first, a Systematic Literature Review (SLR) that investigated Agile and User Centred Design Integration (AUCDI) challenges, strategies and success factors and included a total of 71 AUCDI experience reports, lessons learned, and success and failure AUCDI case studies. Second, an interview study that investigated challenges and practices faced by industrial AUCDI attempts. The patterns that emerged are related to various aspects of the integration process, for example, design, prioritizing User Centred Design (UCD) activities, usability testing, UCD practitioners, documentation and communication between the customer and the development team.
SIS: an architecture pattern for collective intelligence systems Juergen Musil, Angelika Musil, Stefan Biffl
Collective intelligence systems (CIS) like social networking services, wikis and social media platforms have influenced the way how people create knowledge and share information. An important aspect of these systems is how they mediate interaction and coordination among their user base. In this paper we report the Stigmergic Information System (SIS) architecture pattern that can be used by software architects to describe a wide range of CIS on a systemic level. The SIS pattern builds upon the nature-inspired coordination mechanism of stigmergy, which enables indirect communication of agents via traces in the environment. The SIS pattern describes a hybrid human-computer system where humans collectively create and share knowledge and thereby a virtual artifact network is growing that is managed by a reactive/adaptive computing infrastructure. The SIS pattern aims to support software architects to take into account the system design of CIS from an implementation-agnostic perspective.
Collaboration patterns for offshore software development Uwe van Heesch
Global sourcing in IT projects becomes increasingly important in medium and large-scale software projects to keep up with growth and innovation demands of the industry. Offshore contribution in software projects can reduce cost and development time, but it comes with special challenges that need to be addressed. Apart from large geographical distance, cultural and communication differences need to be anticipated in order to tap the full potential of offshore and onshore collaboration. This paper reports on two collaboration patterns for software projects with offshore contributions, the author observed in industrial practice and in the literature.
Rendering patterns for enterprise applications Rodrigo Vilar, Delano Oliveira, Hyggo Almeida
Graphical User Interface (GUI) coding represents a significant amount of effort in Enterprise applications development. Due to the coupling between GUI screens and domain entities, GUI code is hard to reuse and has lots of duplicated chunks. We propose five rendering patterns to organize GUI artifacts based on domain model meta data of Enterprise applications. We have validated our approach by using evolution scenarios to compare the use of the proposed patterns with existing solutions, such as Scaffolding frameworks and AOM Rendering patterns.
Theoretical and practical thoughts on the interplay of patterns and creativity Till Schümmer, Jörg M. haake, Wolfgang Stark
While patterns are valuable tools for building on settled knowledge and thereby reducing the risk of failure, they also limit the freedom of creativity in design. After reflecting on the being behind actual being which highlights the need for an utopian component in design practice, we will reflect on how the spirit of an utopian thinking can be linked with traditional design activities. As a result, we propose a process scaffold that allows practitioners to switch between the two design approaches: rational design and creative and performative design. As a sample domain, we look at HCI patterns. But in general, the ideas presented in this paper should not be limited to this kind of patterns.
Pattern catalog for multicore migration of embedded automotive systems Georg Macher, Andrea Höller, Eric Armengaud, Christian Kreiner
Embedded systems are already integrated into our everyday life and play a central role in all domains including automotive, aerospace, healthcare or industry. The complexity of embedded systems and software has grown significantly in recent years. For the automotive industry, as an example, embedded systems components are responsible for 25% of vehicle costs, while the added value from electronic components range between 40% for traditional vehicle up to 75% for electrics and hybrid vehicles. Driven by the ongoing challenge of reducing cost and simultaneously replacing safety-critical mechanical systems with more advanced embedded system, multi-core systems are also increasingly relevant for safety-critical embedded systems. However, when migrating safety-critical applications to multi-core systems special attention should be paid to preserve determinism, and assure certifiability of the system. Aim of the paper is to present a pattern catalog to provide a migration strategy for legacy software developed for safety-critical embedded single-core systems to parallel computing multi-core platforms. The pattern catalog shall help system integrators and software developers in the automotive domain to migrate existing safety-critical software to more advanced multi-core platforms. Furthermore, this paper highlight aspects and demands which influence the migration of safety-critical systems to multi-core computing platforms.
Model transformation and synchronization process patterns Georg Macher, Christian Kreiner
Embedded systems are already integrated into our everyday life and play a central role in all domains including automotive, aerospace, healthcare or industry. The complexity of embedded systems and software has grown significantly in recent years. Software's impact on embedded system's functionality, has led to an enormous increase of SW complexity, while reduction of innovation cycles and growing demand for extra-functional requirements. Supporting cooperation between the involved domain and SW development experts to combine their expertise is a core challenge in embedded software development. Nevertheless, today, a lack of tool support and integration makes it impossible to cover the complete development life cycle using model-driven development (MDD) paradigms. This paper identifies patterns of concurrent workflows in embedded system development which can be used to identify dependencies and consequences of concurrency of workflows and thus, highlight the basic problem and provide know-how how to overcome these issues and foster MDD along the development life cycle.
Flipped classroom patterns: designing valuable in-class meetings Christian Köppe, Ralph Niels, Robert Holwerda, Lars Tijsma, Niek Van Diepen, Koen Van Turnhout, René Bakker
The flipping classroom approach is directed at getting students well-prepared in class so that the valuable face-to-face time during the in-class meetings can be used more efficiently to support students' learning. This requires a radical change of the role of the lecturers, as they are not knowledge transmitters anymore but learning facilitators. This role change has direct impact on the design of the in-class-meetings. Based on five years of experience with flipped classrooms for learning programming in bachelor computing programs and on an educational and organization analysis, we started to collect and describe patterns that help with improving various aspects of Flipped Classrooms. In this paper we describe five patterns that help with the design and execution of in-class meetings in a Flipped Classroom course.
Touching patterns to interview transcriptions Satomi Oi, Tetsuro Kubota, Norihiko Kimura, Takashi Iba
We propose a method to show patterns touched to interview transcriptions. It is for helping readers who want to learn from them. The method enables us to indicate how patterns are appearing and linking episodes in a series of the interviews and help readers to see how or when interviewee using and combining patterns in his/her concrete action. Besides, we illustrates how interviews relate to each other by patterns. Mapping patterns to the interview transcriptions is improving the understanding of the patterns. By linking episode beyond interview by patterns, readers can compare and connect each interviewee's different thought or different fields of study. This time we have created a pattern language on creative activity and living creatively. We created this pattern language from interviews conducted by Iba with 7 people who work on creative activity in various domains.
Weaving in patterns into it infrastructure models: industry case and exemplary approaches Frank J. Frey, Roland Bijvank, Michael Pöttker
Architectural patterns are a helpful means for designing IT architectures, as they facilitate re-using proven knowledge (good practices) from previous exercises. Furthermore referencing a pattern in an architecture model helps improving the understandability of the model, as it directs to a comprehensive description of the pattern, but does not require to include the full description into the model. In this paper we describe how patterns can be woven into architecture models, focusing on deployment views of the IT infrastructure. Two different modeling approaches, Fundamental Modeling Concepts (FMC) and ArchiMate, are compared based on a real-world case concerning the infrastructure architecture of a large data center. This paper provides practical insights for IT architects from the industry by discussing the practical case and comparing both modeling approaches. Furthermore, it is supposed to intensify the exchange between industry experts and scientific researchers and it should motivate pursuing further research concerning patterns and IT infrastructure models.
Improving writer's workshop by introducing checklist and perspectives Tian Xia, Joseph Yoder, Rebecca Wirfs-Brock, Hironori Washizaki
A Pattern Writer's Workshop (WW) is a peer-review method to improve pattern or pattern language papers. However, several problems may arise, leading to "ad hoc" review meetings where patterns are not systematically reviewed and authors do not receive useful feedback. Previously, we considered Checklist-based Reading (CBR) and Perspective-based Reading (PBR), which are techniques to improve ad hoc reviews, but some deficiencies were noted. In our focus group, we organized a mini WW using these technique and results are summarized in this paper.
Patterns for creative thinking: idea generation Christian Kohls
Creativity is an important skill in many domains. It is required to innovate, develop new ideas, get deeper insights, address challenges and resolve conflicts. In this context we understand creativity as the process of creating and developing new and original ideas as one step in the innovation process. This paper contains five patterns for ideation, based on a wide range of existing creativity methods. It captures the essence of similar methods and provides five-step instructions to apply the pattern to your own every-day challenges. Moreover, each pattern presents digital tools that can support the process.
Assessment-driven course design foundational patterns Joe Bergin, Christian Kohls, Christian Köppe, Yishay Mor, Michel Portier, Till Schümmer, Steven Warburton
Assessment is one of the most important areas in education yet many university teachers are not trained in assessment strategies and the underlying principles. Assessment should be fair and relevant for the targeted learning outcomes. While these are honorable goals, the principles do not state how to achieve them. This is where patterns come to the rescue as they capture tested ways to ensure constructive alignment, a learning outcome oriented course design, and a clearly stated and communicated list of assessment criteria. The patterns presented in this paper have been mined by a group of practicing educators during the first EduPLoP. They are foundational assessment patterns and can be considered as entry point for more specific patterns on different assessment types.
Test patterns for android mobile applications Inês Coimbra Morgado, Ana C. R. Paiva
Mobile applications are a rapidly increasing part of our daily life, featuring more than one million applications and fifty billions downloads in the two major markets. Thus, it is important to ensure their functional correctness. The Pattern-Based GUI Testing (PBGT) project presented an approach for systematising and automating the GUI testing of web applications by modelling testing goals with User Interface Test Patterns(UITPs), i.e., test strategies for recurring behaviour of the UI. This paper extends the set of UITPs used by the PBGT project with three UITPs specific to the testing of mobile applications: Side Drawer, Orientation and Resources Dependency.
Patterns for common criteria certification Andreas Daniel Sinnhofer, Wolfgang Raschke, Christian Steger, Christian Kreiner
One step in the development of certifiable secure systems is to provide trust in the development process and in the implemented security mechanisms of the product. In the domain of information technology, the Common Criteria schemes are used to evaluate the implemented security mechanisms of a product. Traditionally, a product certification is issued at a late stage of the development process, even though some Common Criteria evaluation paradigm exists to support the development process. The usage of such a paradigm would result in a beneficial certification process, since the evaluator gains experience through the maturing product. We have identified patterns which are designed to support the development process of secure applications. Based on these patterns, a systematic approach to integrate the evaluation process into the development process can be defined.
Balance expectations Andreas Fiesser
This paper presents two patterns about expectation management strategies of a software developing company towards its clients. EARLY WARNING and CLEAN SURFACE deal with the timing and depth of communication between the two organizations.
Applying performance patterns for requirements analysis Azadeh Alebrahim, Maritta Heisel
Performance as one of the critical quality requirements for the success of a software system must be integrated into software development from the beginning to prevent performance problems. Analyzing and modeling performance demands knowledge of performance experts and analysts. In order to integrate performance analysis into software analysis and design methods, performance-specific properties known as domain knowledge have to be identified, analyzed, and documented properly. In this paper, we propose the performance analysis method PoPeRA to guide the requirements engineer in dealing with performance problems as early as possible in requirements analysis. Our structured method provides support for identifying potential performance problems using performance-specific domain knowledge attached to the requirement models. To deal with identified performance problems, we make use of performance analysis patterns to be applied to the requirement models in the requirements engineering phase. To show the application of our approach, we illustrate it with the case study CoCoME, a trading system to be deployed in supermarkets for handling sales.
MixDecorator: an enhanced version of decorator pattern Virginia Niculescu
Decorator design pattern is a very well-known pattern that allows additional functionality to be dynamically attached to an object. Decorators provide a flexible alternative to subclassing for extending functionality. In this paper we analyze and design a pattern -- MixDecorator -- that could be considered an enhanced version of the Decorator pattern, which does not just eliminate some constraints or limitations of the original one, but also allows it to be used as a base of a general extension mechanism. This pattern introduces significant flexibility by allowing direct access to all added responsibilities. Using it, we may combine different responsibilities and operate with them directly and in any order. A complex example of using it for a collection framework design is presented.
Awareness seeds for more gender diversity in computer science education Anne Bartilla, Christian Köppe
Computer Science is still not a very diverse field, it is mainly male-dominated. The picture in Computer Science Education is not much better. In the Netherlands, only 4-5% of the CS students are female. We believe that one of the first steps required for changing this situation is to create a higher level of awareness of this status quo and its implications. In this paper we propose five patterns that help lecturers to create such awareness as a first step towards a more gender-diverse student population.
Patterns for automated software diversity to support security and reliability Andrea Höller, Tobias Rauter, Johannes Iber, Christian Kreiner
Many approaches for increasing the security and/or fault tolerance of software systems are based on introducing "diversity in execution". This means that different versions of the same software show different characteristics during the execution while retaining the same functionality. For example, they can have diverse timing behaviors, access different memory regions, etc. In this paper, we present two patterns describing commonly used practices of realizing automated software diversity. The first pattern is static randomization that creates multiple execution variants of the same source code before distributing these variants. The second one is dynamic randomization, where only one single version of an executable program is able to perform its executions differently.
Towards a reliable mapping between performance and security tactics, and architectural patterns Azadeh Alebrahim, Stephan Fassbender, Martin Filipczyk, Michael Goedicke, Maritta Heisel
The software architecture of a system-to-be affects the fulfillment of the desired quality requirements for this system. For building upon common knowledge and best practices, the use of architectural patterns in the software architecture has shown to be valuable. Besides their functional properties, each architectural pattern has benefits and liabilities regarding the fulfillment of quality requirements. Whereas architectural patterns contribute to the fulfillment of several quality requirements positively or negatively in a larger scale, tactics aim at improving one specific quality requirement in a more local manner. In order to tailor a software architecture for satisfying one or more specific quality requirements, tactics have to be integrated into the structure of the architectural patterns. In this paper, we investigate the relationship between several architectural patterns and performance as well as security tactics. We study how easily one tactic can be implemented in an architectural pattern. Based on our investigation, we provide mappings between the architectural patterns and tactics. Additionally, we provide a reasoning for the relations we found. To discover the relevant factors for creating reliable relations, we conduct an experiment at the EuroPLoP 2015 as a Focus Group. We describe the definition and planning of this experiment. The results will be used to define a method for creating a reliable mapping between tactics and architectural patterns. The expected target audience for our paper is software architects as well as researchers with an interest in software architectures and controlled experiments.
Towards systematic selection of architectural patterns with respect to quality requirements Azadeh Alebrahim, Stephan Fassbender, Martin Filipczyk, Michael Goedicke, Maritta Heisel
The design of software architecture for a system-to-be is a challenge, since required functionality as well as the desired quality requirements have to be considered. Building upon common knowledge and best practices captured in architectural patterns has shown to be valuable in this context. However, existing solutions for deriving architectures from requirements mostly rely on experienced architects. Beside the required experience, it is often a problem that the decision is not properly reasoned and documented. In this paper, we propose a process to select appropriate architectural patterns with regards to given (quality) requirements for the system-to-be. The process uses problem frames for modeling requirements and relates requirements to architectural patterns by means of a question catalog. The answers to the questions indicate suitable architectural pattern candidates. The final decision making about the pattern to be used is supported with several steps and also takes tactics and their applicability for a pattern into account. This way, our proposed process connects requirements and architecture, guides even less experienced software engineers through the pattern selection process, provides support for decision making, and makes the decision rationale transparent. The expected target audience for this paper consists of both experienced and less-experienced software architects.
Flow: a few patterns for balancing flexibility and steadiness in decision-making Andreas Rüping
Decision-making is part of our everyday lives. Successful decision-making is fundamental for our ability to adapt to changing environments, which in turn is a key factor for longevity. In a world that's moving fast we are expected to be flexible and make decisions quickly. On the other hand, there is also a need for stability. Changes in direction, if they occur too frequently, cause ambiguous and inconsistent behaviour. Decisions that are constantly revised lead into chaos. This paper presents four patterns that address the tension between flexibility and steadiness. The first two patterns explain two principles that each foster flexibility and swiftness, while the two remaining patterns go on to support stability and steadiness. Together, they aim at a continuous flow of decision-making at the right pace. The patterns are explained both with analogies from natural sciences and with several concrete examples.
Software-security patterns: degree of maturity Michaela Bunke
Since Gamma et al. published their design patterns, patterns are very popular in the area of software engineering. They provide best practice to handle recurring problems during the software development phase. Three years later, security patterns appeared and provided solutions for security problems. Besides the name analogy, design and security patterns should be very similar except for the security factor. In research and industry software engineering with design patterns is widespread. However, some researchers suspect that security-pattern engineering is made difficult by some issues such as terminology or description form. Detecting adoption problems can help to improve security patterns in future. Thus, they can promote the awareness of security especially in the software maintenance phase where many programmers first give attention to security problems. Therefore, we will compare design and security patterns to find indicators for negative impact on security pattern engineering in software development. We address this issue on inspecting the aspects classification, description form, provided code examples, and usage in the software life-cycle. We determine the degree of maturity of software-security patterns by comparing them to the well-explored design patterns. To achieve the objective, we inspect the pattern terminology and conducted a study on the used description forms including provided UML diagrams and code examples. Moreover, a literature review is conducted to compare their state of research w.r.t. the software life-cycle. The maturity degree of security patterns compared to common design patterns differs and we depict further research opportunities on security patterns.
Patterns to implement active protective measures Jari Rauhamäki, Seppo Kuikka
There are various ways to protect people, environment and other systems from harm caused by machines and system. In this paper, patterns on implementing protective measures applying an active approach are given. The purpose of a protective measure is to lower the risk related to a hazard by either reducing the likelihood (the frequency of exposure of) or the consequences of a realization of harm. The protective measures can, for example, protect user from harms introduced by hazards in the system or operations of the system operator.
Creative CoCooking patterns: a pattern language for creative collaborative cooking Taichi Isaku, Takashi Iba
This paper will introduce the Creative CoCooking Patterns. This is a pattern language for a creative and collaborative cooking session. CoCooking is a word we have coined for this pattern language with the meaning "cooking together." When people eat today, in most cases there exists a large gap between the person who cooks and the person who eats. Based on Alexander's attempt to create a architectural process which allowed the families to join the architects in building their homes, CoCooking is our proposal as a new way of cooking that would solve many of the problems that today's cooking holds. The Kitchen Captain is a new kind of a professional that is similar to the Architect Builder proposed by alexander, which allows beginners to cook at their own decision but provides necessary help when needed. By recapturing cooking as a fun, social, and a creative process, CoCooking will make cooking a more easy and daily activity for all, become a method for team building and enhancing communication, and also would nurture people's fundamental creativity. The Creative CoCooking Patterns is a pattern language to actualize such a cooking session, and contains 34 patterns on effective cooking techniques, creating a warm atmosphere, and on nurturing creativity in the kitchen. The paper will introduce 6 patterns (Kitchen Captain, Small-Lot Dishwashing, Chat in the Kitchen, Kitchen Lessons, Menu Bind, and Leftover Producer) in full length, and then show the rest of the patterns as patlets.
Evolving the EAM pattern language Alexander W. Schneider, Florian Matthes
Since 2008, the documentation of Enterprise Architecture Management (EAM) patterns has drawn much interest from the academic as well as industrial community. Nowadays, more and more companies start EAM initiatives and the maturity of some early adopters has reached a high level. Therefore, it is now possible to extend the structure of EAM patterns to reflect and include the growing EAM knowledge in practice. For example, knowledge about typical stakeholders and external influence factors can guide the selection of EAM patterns. In addition, metrics and reports/documents are now commonly used for EAM and can also be included. Furthermore, the problem of collecting data needed to describe an enterprise architecture can also be documented by using the pattern format because practice-proven solutions already exist. Based on questioning 13 different companies new EAM patterns have been identified and documented using the extended structure presented in this article.
Two threat patterns that exploit "security misconfiguration" and "sensitive data exposure" vulnerabilities Rohini Sulatycki, Eduardo B. Fernandez
We present threat patterns that describe attacks against applications that take advantage of security misconfigurations in the application stack and applications that expose sensitive data. These patterns provide insight on how to build and configure applications that might contain sensitive data and are also helpful in evaluating the security of existing applications.
A pattern for network functions virtualization Eduardo B. Fernandez, Brahim Hamid
Cloud computing has brought a large variety of services available to potential consumers. A recent type of services are the provision of network functions using virtualization. Network Functions Virtualization (NFV) is a network architecture where network node functions such as load balancers, firewalls, IDS, and accelerators are built in software and offered as services. This approach results in reduced complexity in network design, better scalability and agility, as well as faster deployment. We present here a pattern for the NFV architecture.
Using the repertory grid technique for mining design patterns Brigit Van Loggem
In this focus group, we investigated the use of the Repertory Grid Technique to mine design patterns in a methodical manner.
Patterns for software integrity protection Tobias Rauter, Andrea Höller, Johannes Iber, Christian Kreiner
Protecting the integrity of software modules is a critical task on all secure systems. Although many different technologies exist to examine and ensure software integrity, to the best of our knowledge, no security patterns that describe the underlying concepts exist yet. This work provides two new patterns that aim to provide solutions for examining, enforcement and attestation of software integrity. The application of the patterns is shown in a practical example that also illustrates the importance of these concepts.
Organizational patterns for multidisciplinary development of a mechatronic system Mark Den Hollander
The development of a mechatronic system (e.g. airplane, production machinery, home appliances) is done by multiple disciplines (e.g. software, mechanics, and electronics). The disciplines develop in parallel to shorten the time to market of a mechatronic system. This approach is also known as concurrent engineering. This way of working can encounter problems with the collaboration and dependencies between disciplines and the integration of deliverables. These problems can lead to system integration issues and project delays. This paper presents organizational patterns that provide practical solutions to counter these problems. It is the first time that these solutions are formalized and presented as an organizational pattern and integrated into organizational pattern languages created by Coplien & Harrison. The patterns can benefit a multidisciplinary team that develops a mechatronic system concurrently. It will make them aware of a solution to their problem, when to apply it, the forces and trade-offs of the solution, and how the solution can be implemented. These patterns will empower a multidisciplinary team to approach the stated problems.
Three patterns for user involvement in startups Laura Hokkanen, Marko Leppänen
Creating products in software startups consists of a great deal of uncertainty combined with little resources. Rapid validation of created solutions with the potential customers is essential to startups. However, often startups lack people with skills needed for the validation. We present three patterns that help in involving users to gain meaningful feedback and learning. First, the feedback has to be gotten from the right people and the right questions have to be asked. Furthermore, if the feedback is collected with a prototype, often called a Minimum Viable Product, users should be able to give feedback of the actual idea, not to any roughness caused by the immaturity and the prototypishness of the product.
Privacy transparency patterns Johanneke Siljee
Idioms for error handling in C Christopher Preschern
Error handling is a big part of writing software and when done poorly, the software becomes difficult to extend and to maintain. Programming languages like C++ or Java provide "Exceptions" and destructors which make error handling easier. Such mechanisms are not natively available for the C programming language and literature on good error handling in C is well scattered over the Internet. This paper presents collected knowledge on good error handling in form of C error handling idioms. Part of the idioms were directly found on the Internet and part of them were discovered by online and offline discussions on C error handling best practice.
Writers' Workshops in a Virtual Meeting Environment Stefan Holtel, Markus Mathar
Start Writing On Site - A Pattern to Return to a Pattern Conference Tim Wellhausen
Entity View - Simplify the Retrieval of Data in Applications Based on a Domain-Driven Design Tim Wellhausen