3rd International Workshop on Software Patterns and Quality (SPAQu'09)
October 25, 2009, Orlando, Florida, USA,
Co-located with 24th ACM Conference on Object-Oriented Programming Systems and Applications (OOPSLA 2009)


* Home

* Topics

* Submissions

* Important dates

* Program

* Committee

* SPAQu'07

* SPAQu'08

Workshop Result in 2007

SPAQu'07 was successfully over! Thank you for your cooperation. We summarize the workshop result below.

Statistics

  • Date: December 3, 2007
  • Location: Room C, Midland Hall, 5th Floor, Midland Square, Nagoya, Japan
  • N. registrations: 53
  • N. actual participants: around 35
  • N. submitted papers: 10 full papers and 6 short papers
  • N. accepted papers: 6 full papers (acceptance ratio is 0.6) and 10 short papers
  • Keynotes
    • Joseph W. Yoder (The Refactory Inc & Joe Yoder Enterprises): "Software Patterns and Quality: Can Patterns Help Quality?"
    • Eduardo B. Fernandez (Florida Atlantic University): "Three types of security-related patterns and how they work to improve security"
  • Online proceedings: Available here
  • Proceedings in print:
    Hironori Washizaki and Nobukazu Yoshioka, 
    "APSEC2007 co-located workshop W3: 
    1st International Workshop on Software Patterns and Quality (SPAQu'07)", 
    Information Processing Society of Japan, 
    ISBN 978-4-915256-69-1 C3040, December, 2007. 

Summary

We attracted more than 40 people in this first international workshop! This was the highest number among all of collocated workshops of APSEC 2007. We assigned 20 minutes for each full paper presentation and 12 minutes for each position. Moreover we had two keynotes from leaders in software patterns engineering. For each keynote and presentation, we had enough time to discuss about the talk and related topics by questions-and-answers.

After all presentations, we discussed four topics independently in a small group. Followings are summaries of those group discussions. You can obtain all discussion results in PDF format that are taken from scratch pad sheets.

  1. Quality Without A Name (QWAN): What is it?
    • Cool
    • Beautiful
    • Context dependent?
    • Subjective?
    • Quality of People
    • Meta Property
  2. Pattern-related Methods, Tools and Relationships
    • Current status:
      • Just focusing on Solutions. Only solution-based tool!
      • Missing link/trace between high level and low level patterns.
      • Still unknown about what is the difference between patterns, principles, knowhow, best practices and standards.
      • Difficult to evaluate patterns
      • Culture to keep knowhow secret
      • Standard is abstracted. It is necessary to test it with patterns.
    • Goals (L: long term, M: medium term, S: short term):
      • L: Literary education for practioners is needed.
      • L: Clear understanding of definition is necessary.
      • M: Supporting tools (such as detection tools) and methods (such as interviewing) to recognize real problems (such as code smells) is necessary. Such activities are closed to analysis patterns.
      • S: We need more and real examples.
  3. Quality by/of Patterns
    • Current status:
      • Problems in recognizing and evaluating patterns
      • We need more examples.
      • Detecting design patterns by examples
      • How to measure impact of applying design patterns?
      • Coverage is one of key points.
    • Long term goals:
      • Detection of patterns from structure of codes by semantic matching
      • What kind of things we have to consider?
        • Quality of design
        • Quality of requirement
        • We have no efficient measures for evaluating security.
        • Quality will much depend on requirements.
        • "Maintainability pattern" as a new topic
        • All design patterns related to maintainability but context/situation is different.
    • Short term goal: giving metrics
  4. Security Patterns
    • Goals:
      • Tool support for application of security patterns
      • Methodologies for secure system development
    • Problem: Scope of security is wide.
    • Solutions:
      • MDD, UML
      • Security grammar and supporting tool
      • LTL (linear temporal logic)
      • Defining the standard of security requirement specifications

Photos

Final Program and Online Proceedings at SPAQu'07

Online-proceedings is now opened to the public; please follow the link on each paper title, or, entire content is here.

10:00-10:05Opening
10:05-10:55Keynote 1
"Software Patterns and Quality: Can Patterns Help Quality?"
Joseph W. Yoder (The Refactory Inc & Joe Yoder Enterprises)
10:55-11:00Break
11:00-12:00Paper 1: Design and Refactoring
"Designing Mobile Agents using Behaviour Helper Pattern"
Ananta Charan Ojha (ICFAI University), Sateesh Kumar Pradhan (Utkal University), Manas Ranjan Patra (Berhampur University)
"A Method to Investigate Software Evolutions Using Design Pattern Detection Tool"
Kyohei Fushida, Shinji Kawaguchi, Hajimu Iida (Nara Institute of Science and Technology)
"Improving MDA-based Process Quality through Refactoring Patterns"
Liliana Favre, Claudia Pereira (Universidad Nacional del Centro de la Provincia de Buenos Aires)
12:00-13:00Lunch
13:00-13:50Keynote 2
"Three types of security-related patterns and how they work to improve security"
Eduardo B. Fernandez (Florida Atlantic University)

Security patterns are now starting to be accepted by industry. They are useful to guide the security design of systems by providing generic solutions that can stop a variety of attacks but it is not clear to an inexperienced designer what pattern should be applied to stop a specific attack. To complement security patterns, we proposed a new type of pattern, the Attack pattern. This pattern describes, from the point of view of the attacker, how a type of attack is performed. Another type of security-related pattern is the Secure Semantic Analysis pattern, which describes the requirements for a secure application through the instantiation of security patterns in specific places. We show here how these three types of patterns can work together to improve the security of a system under development.

13:50-13:55Break
13:55-14:55Paper 2: Security and QWAN
"Reverse Engineering to Detect Security Patterns in Code"
Michael VanHilst, Eduardo B. Fernandez (Florida Atlantic University)
"Extracting Relations among Security Patterns"
Atsuto Kubo (Waseda University), Hironori Washizaki (National Institute of Informatics), Yoshiaki Fukazawa (Waseda University)
"Creation toward Quality Without a Name - Sociological Analysis of Pattern Language -"
Takashi Iba (Keio University)
14:55-15:15Break with Coffee
15:15-16:15Position Groups (parallel)
Group A: Quality and Value by PatternsGroup B: Reverse Engineering and Analysis of Patterns
"Integration of Attack patterns and Protective Patterns"
Nobukazu Yoshioka (National Institute of Informatics)
"Measuring Abstraction Levels of Security Patterns"
Hironori Washizaki (National Institute of Informatics), Atsuto Kubo, Yoshiaki Fukazawa (Waseda University)
"Using security patterns to build secure systems"
Eduardo B. Fernandez (Florida Atlantic University), Nobukazu Yoshioka, Hironori Washizaki (National Institute of Informatics), Jan Jurjens (Open University)
"Towards an Investigation of Opportunities for Refactoring to Design Patterns"
Norihiro Yoshida, Katsuro Inoue (Osaka University)
"Specification of Business Value with and in Software Patterns"
Vladimir Tosic (NICTA, University of New South Wales, University of Western Ontario), Basem Suleiman, Abdul Babar (University of Western Ontario)
"Design Pattern Detection Using Source Code of Before Applying Design Patterns"
Kazuhiro Fukaya, Atsuto Kubo (Waseda University), Hironori Washizaki (National Institute of Informatics), Yoshiaki Fukazawa (Waseda University)
"A novel approach to the interpretation of pattern movements"
Terunobu Terry FUJINO (InArcadia, Inc.)
"Advocation of Log Patterns"
Kazuo Nemoto (IBM Japan)
"ELICITATION OF NON FUNCTIONAL REQUIREMENT WITH QUALITY POLICIES"
Zair Abdelouahab, Francisco bastos (Federal University of Maranhao)
"Conceptual Form Engine with Path Reading Matrix"
Masatake Nakanishi (Nagoya Keizai University)
16:15-16:55Group Discussion (parallel)
16:55-17:00Summary and Closing

What's Next?

Following the success of SPAQu'07, we will continue to hold the series of this workshop. We have a plan to hold second workshop collocated with DEXA, OOPSLA or other major conferences. If you have any suggestions, please let me know. Of course everyone is welcome to join our workshop.