Abstract
Archery is a language for behavioural modelling of architectural patterns, supporting hierarchical composition and a type discipline. This paper extends Archery to cope with the patterns' structural dimension through a set of (re-)configuration combinators and constraints that all instances of a pattern must obey. Both types and instances of architectural patterns are semantically represented as bigraphical reactive systems and operations upon them as reaction rules. Such a bigraphical semantics provides a rigorous model for Archery patterns and reduces constraint verification in architectures to a type-checking problem. © 2012 Springer-Verlag.

Abstract

Abstract

Abstract
This paper presents an approach to analyse the application of tactics in architectural patterns. We define and illustrate the approach using ARCHERY, a language for specifying, analysing and verifying architectural patterns. The approach consists of characterising the design principles of an architectural pattern as constraints, expressed in the language, and then, establishing a refinement relation based on their satisfaction. The application of tactics preserving refinement ensures that the original design principles, expressed themselves as constraints, still hold in the resulting architectural pattern. The paper focuses on fault-tolerance tactics, and identifies a set of requirements for a semantic framework characterising them. The application of tactics represented as model transformations is then discussed and illustrated using two case studies.

Abstract

Abstract
We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an attack against ECDH-based functionality. The attack, although more general, can recover the entire (static) private key from an associated SSL server via 633 adaptive queries when the NIST curve P-256 is used. One can view it as a software-oriented analogue of the bug attack concept due to Biham et al. and, consequently, as the first bug attack to be successfully applied against a real-world system. In addition to the attack and a posteriori countermeasures, we show that formal verification, while rarely used at present, is a viable means of detecting the features which the attack hinges on. Based on the security implications of the attack and the extra justification posed by the possibility of intentionally incorrect implementations in collaborative software development, we conclude that applying and extending the coverage of formal verification to augment existing test strategies for OpenSSL-like software should be deemed a worthwhile, long-term challenge.