GRaViTY Tool
The GRaViTY tool is a research prototype for the analysis of software design and security, evaluation and execution of refactorings and automated software optimization.
The GRaViTY-Tool
Today’s software systems tend to be used on a long-term basis, are highly interconnected, share many common parts, and often process security-critical data, so that keeping up with ever-changing security precautions, attacks, and mitigations is vital to preserve a system’s security. Model-based system development enables us to address security issues already in the early phases of the software design, as in UML models. The continuous changes in the security assumptions and the design of software systems —for instance, due to structural decay— have to be reflected in both the system models (e.g., UML models) and the system’s implementation (including program models). The detection of which change is necessary currently needs to be performed manually by developers.
Using the GRaViTY tool, we are studying approaches for automatically detecting and performing necessary changes on a single representation of the system and keeping all other representations synchronized with this changed representation. Allowing developers to develop systems in a model-based manner and dealing with the structural decay of long-living systems.
Publications
The GRaViTY tool is part of various publications:
- Sven Peldszus, Jens Bürger, Jan Jürjens: UMLsecRT: Reactive Security Monitoring of Java Applications With Round-Trip Engineering; Transactions on Software Engineering (TSE); 2024 - paper
- Katja Tuma, Sven Peldszus, Daniel Strüber, Riccardo Scandariato, Jan Jürjens: Checking Security Compliance between Models and Code; Software and Systems Modeling (SoSyM), vol. 22, pp. 273-296, 2022 - paper- open access
- Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings; In: Proceedings of the International Conference on Model Driven Engineering Languages and Systems (MODELS), pp. 23-33, 2019 - paper
- Sebastian Ruland, Géza Kulcsár, Erhan Leblebici, Sven Peldszus, Malte Lochau: Controlling the Attack Surface of Object-Oriented Refactorings. In: Proceedings of the 21st International Conference on Fundamental Approaches in Software Engineering (FASE), pp. 38-55, April 2018 - paper - open access
- Sven Peldszus, Géza Kulcsár, Malte Lochau, Sandro Schulze: Continuous Detection of Design Flaws in Evolving Object-Oriented Programs using Incremental Multi-pattern Matching. In: Proceedings of the 31st International Conference on Automated Software Engineering (ASE), September 2016 - preprint
- Sven Peldszus, Géza Kulcsár, Malte Lochau, Sandro Schulze: Incremental Co-Evolution of Java Programs based on Bidirectional Graph Transformation. In: Proceedings of the Principles and Practices of Programming on The Java Platform (PPPJ), pp. 138-151, 2015 - paper
- Sven Peldszus, Géza Kulcsár, Malte Lochau: A Solution to the Java Refactoring Case Study using eMoflon. In: Tassilo Horn, Filip Krikava, Louis Rose (editors): Proceedings of the 8th Transformation Tool Contest (TTC), CEUR Workshop Proceedings, pp. 118-122, July 2015 - paper - open access
- Géza Kulcsár, Sven Peldszus, Malte Lochau: Object-oriented Refactoring of Java Programs using Graph Transformation. In: Tassilo Horn, Filip Krikava, Louis Rose (editors): Proceedings of the 8th Transformation Tool Contest (TTC), CEUR Workshop Proceedings, pp. 53-82, July 2015 - paper - open access
Installation
The tool can be installed from the following updatesite into Eclipse: https://gravity-tool.github.io/updatesite
All dependencies should be installed automatically.
Development
Developers
- Sven Peldszus
- Sebastian Ruland
- Géza Kulcsár
- …
See also the list of contributors who participated in this project.
License
This project is licensed under the Eclipse Public License - see the LICENSE file for details.
Contact
Sven Peldszus (sven.peldszus@gu.se)
Chalmers|University of Gothenburg
Box 100
412 96 Göteborg, Sweden