% % GENERATED FROM http://acme.able.cs.cmu.edu % by : anonymous % IP : ec2-18-206-12-31.compute-1.amazonaws.com % at : Thu, 28 Mar 2024 21:38:21 -0400 GMT % % Selection : Entry type = PhdThesis % @PhdThesis{Sousa2005a, AUTHOR = {Sousa, Jo\~{a}o}, TITLE = {Scaling Task Management in Space and Time: Reducing User Overhead in Ubiquitous-Computing Environments}, YEAR = {2005}, SCHOOL = {Carnegie Mellon University School of Computer Science Technical Report CMU-CS-05-123}, KEYWORDS = {Aura, Ubiquitous Computing} } @PhdThesis{Spitznagel2004, AUTHOR = {Spitznagel, Bridget}, TITLE = {Compositional Transformation of Software Connectors}, YEAR = {2005}, SCHOOL = {Carnegie Mellon Univeristy School of Computer Science Technical Report CMU-CS-04-128}, KEYWORDS = {Software Architecture} } @PhdThesis{Schmerl1997, AUTHOR = {Schmerl, Bradley}, TITLE = {Designing Configuration Management Tools for Dynamically Composed Systems}, YEAR = {1997}, MONTH = {October}, ADDRESS = {Adelaide, South Australia}, SCHOOL = {Flinders University}, PDF = {http://www.cs.cmu.edu/~schmerl/publications/thesis.pdf} } @PhdThesis{Monroe1999, AUTHOR = {Monroe, Robert}, TITLE = {Rapid Development of Custom Software Architecture Design Environments}, YEAR = {1999}, MONTH = {August}, SCHOOL = {Carnegie Mellon University School of Computer Science}, NOTE = {Published as CMU SCS Technical Report CMU-CS-99-161}, KEYWORDS = {Software Architecture} } @PhdThesis{Allen97Thesis, AUTHOR = {Allen, Robert}, TITLE = {A Formal Approach to Software Architecture}, YEAR = {1997}, MONTH = {January}, SCHOOL = {Carnegie Mellon, School of Computer Science}, PDF = {http://reports-archive.adm.cs.cmu.edu/anon/1997/CMU-CS-97-144.pdf}, PS = {http://reports-archive.adm.cs.cmu.edu/anon/1997/CMU-CS-97-144.ps}, ABSTRACT = {As software systems become more complex, the overall system structure---or software architecture---becomes a central design problem. A system's architecture provides a model of the system that suppresses implementation detail, allowing the architect to concentrate on the analyses and decisions that are most crucial to structuring the system to satisfy its requirements. Unfortunately, current representations of software architecture are informal and ad hoc. While architectural concepts are often embodied in infrastructure to support specific architectural styles and in the initial conceptualization of a system configuration, the lack of an explicit, independently-characterized architecture or architectural style significantly limits the benefits of software architectural design in current practice. In this dissertation, I show that an Architecture Description Language based on a formal, abstract model of system behavior can provide a practical means of describing and analyzing software architectures and architectural styles. This dissertation demonstrates this claim through Wright, an architectural description language based on the formal description of the abstract behavior of architectural components and connectors. Wright provides a practical formal basis for the description of both architectural configurations and of architectural styles. It is distinguished by the use of explicit, independent connector types as interaction patterns, the ability to describe the abstract behavior of components using a CSP-like notation, the characterization of styles using predicates over system instances, and a collection of static checks to determine the consistency and completeness of an architectural specification. We introduce techniques to support the analysis of large-scale systems, and demonstrate Wright's expressiveness and practicality through three case studies. }, NOTE = {Issued as CMU Technical Report CMU-CS-97-144.} } @PhdThesis{Fairbanks2007, AUTHOR = {Fairbanks, George}, TITLE = {Design Fragments}, YEAR = {2007}, SCHOOL = {Institute for Software Research, Carnegie Mellon University}, HOWPUBLISHED = {Technical Report CMU-ISRI-07-108} } @PhdThesis{Cheng:2008:Thesis, AUTHOR = {Cheng, Shang-Wen}, TITLE = {Rainbow: Cost-Effective Software Architecture-Based Self-Adaptation}, YEAR = {2008}, MONTH = {May}, SCHOOL = {Carnegie Mellon University}, URL = {http://reports-archive.adm.cs.cmu.edu/anon/isr2008/abstracts/08-113.html}, NOTE = {Institute for Software Research Technical Report CMU-ISR-08-113}, KEYWORDS = {Rainbow} } @PhdThesis{Poladian2008:Thesis, AUTHOR = {Poladian, Vahe}, TITLE = {Tailoring Configuration to User's Tasks under Uncertainty}, YEAR = {2008}, MONTH = {April}, SCHOOL = {Carnegie Mellon University}, URL = {http://reports-archive.adm.cs.cmu.edu/anon/2008/abstracts/08-121.html}, ABSTRACT = {The expansion of computing infrastructure has opened the possibility of a world in which users can compute everywhere. Despite such advances, computing resources are often scarce and changing, limiting a user�s ability to take advantage of the applications and devices, and requiring changes to the application runtime settings. Currently, the burden of managing the computing environment (devices, applications, and resources) falls on the user. A user must manually start applications and adjust their settings according to the available resources. Assigning such chores of configuration to the user has a number of disadvantages. First, it consumes user�s precious cognitive resources. Second, effectively managing the environment requires skills that a typical user might not have. Third, even with adequate low-level expertise, managing the environment optimally (or even adequately) can be difficult. Ideally, the computing needs of a user are seamlessly matched with the capabilities of the environment: devices, applications, and available resources. The user should enjoy the best possible application quality, without worrying about managing the low-level computing mechanisms. In this dissertation, we describe a novel approach that substantially automates the control of the configuration of the environment for a user�s task: finding and starting applications, configuring their runtime settings, and allocating possibly limited resources. Our approach simultaneously satisfies two important requirements: utility and practicality. Utility ensures that configuration decisions take into account user�s preferences for specific applications and quality of service. Practicality ensures that configuration has low runtime overhead in terms of the latency of configuration decisions and its usage of resources. First, we model configuration analytically as a problem of optimizing user�s utility based on three inputs: (1) user�s preferences, (2) application capability, and (3) resource availability. Formally, automating the control of the configuration requires solving an optimization problem, and then using the optimization solution to control the environment. Next, we design a software infrastructure that is based on the analytical model. The infrastructure implements efficient algorithms to solve the problem of configuration, eliminating the need for manual configuration. We validate our approach using experiments and simulation, demonstrating that the infrastructure satisfies the requirements of utility and practicality while substantially automating configuration.}, NOTE = {Technical Report CMU-CS-08-121} } @PhdThesis{2011/Bhave/Thesis, AUTHOR = {Bhave, Ajinkya Y.}, TITLE = {Multi-View Consistency in Architectures for Cyber-Physical Systems}, YEAR = {2011}, SCHOOL = {Department of Electrical and Computer Engineering, Carnegie Mellon University}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/ajinkya-thesis.pdf}, ABSTRACT = {Today's complex cyber-physical systems (CPSs) are created using models throughout the system development life cycle, a process referred to as model-based design (MBD). The heterogeneity of elements in CPSs requires multiple perspectives and formalisms to explore the complete design space. Ensuring the consistency of these various system models is an important part of the integrated MBD approach.

In this thesis, we propose to unify heterogeneous system models through light-weight representations of their structure and semantics using architectural descriptions. Architectures are annotated structural representations that describe systems at a high level of abstraction, allowing designers to determine appropriate assignment of functionality to elements, and make trade-o s between different quality attributes. There are two fundamental shortcomings of current architecture modeling capabilities that limit their potential to fully address the engineering problems of large-scale, heterogeneous CPSs: (i) limited vocabulary to represent physical elements and their interactions; and (ii) inadequate ways to support consistency relations between heterogeneous architecture views of the same system.

This thesis addresses the first shortcoming through the development of the CPS architectural style that supports a uni ed representation of both physical and cyber elements and their interactions in the same framework. This ability allows the architect to create a common base architecture (BA) for a CPS that provides a uni ed point of reference for multi-domain system models. To address the second shortcoming, the architectural view is used as the mechanism to represent the architectures of system models as abstractions of the underlying shared BA. In this context, well-de ned mappings between a view and the BA are used to identify and manage semantically equivalent elements (and their relations) between each model and the underlying system. Structural consistency de nes when an architectural view conforms to the structural and semantic constraints imposed by components and connectors in the system's BA. Such a notion of consistency ensures that the model elements adhere to the connectivity constraints and physical laws present between elements in the BA. We define view consistency as the existence of an appropriate morphism between the typed graphs of a view and the BA. Depending on the type of morphism present, two notions of consistency are defined: view conformance and view completeness.

Our tool framework is implemented in the AcmeStudio architecture design framework, and consists of a view map language, a graphical view editor, and a set of graph morphism algorithms for consistency checking. We illustrate the application of our architectural approach with two case studies: an autonomous quadrotor with heterogeneous legacy models, and management of model variants in simulation environments for engine control of vehicles.}, KEYWORDS = {Cyberphysical Systems} } @PhdThesis{Barnes/Thesis/2013, AUTHOR = {Barnes, Jeffrey M.}, TITLE = {Software Architecture Evolution}, YEAR = {2013}, SCHOOL = {Institute for Software Research, School of Computer Science, Carnegie Mellon University}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/CMU-ISR-13-118.pdf}, ABSTRACT = {Many software systems eventually undergo changes to their basic architectural structure. Such changes may be prompted by new feature requests, new quality attribute requirements, changing technology, or other reasons. Whatever the causes, architecture evolution is commonplace in real-world software projects. Today’s software architects, however, have few techniques to help them plan such evolution. In particular, they have little assistance in planning alternatives, making trade-offs among these different alternatives, or applying best practices for particular domains. To address this, we have developed an approach for assisting architects in planning and reasoning about software architecture evolution. Our approach is based on modeling and analyzing potential evolution paths that represent different ways of evolving the system. We represent an evolution path as a sequence of transitional architectural states leading from the initial architecture to the target architecture, along with evolution operators that characterize the transitions among these states. We support analysis of evolution paths through the definition and application of constraints that express rules governing the evolution of the systemand evaluation functions that assess path quality. Finally, a set of these modeling elements may be grouped together into an evolution style that encapsulates a body of knowledge relevant to a particular domain of architecture evolution. We evaluate this approach in three ways. First, we evaluate its applicability to real-world architecture evolution projects. This is accomplished through case studies of two very different software organizations. Second, we undertake a formal evaluation of the computational complexity of verifying evolution constraints. Finally, we evaluate the implementability of the approach based on our experiences developing prototype tools for software architecture evolution.}, NOTE = {Technical Report CMU-ISR-13-118}, KEYWORDS = {Architecture Evolution} } @PhdThesis{Moreno:Thesis:2017, AUTHOR = {Moreno, Gabriel A.}, TITLE = {Adaptation Timing in Self-Adaptive Systems}, YEAR = {2017}, MONTH = {April}, SCHOOL = {Institute for Software Research, School of Computer Science,Carnegie Mellon University}, URL = {http://reports-archive.adm.cs.cmu.edu/anon/isr2017/abstracts/17-103.html}, ABSTRACT = {Software-intensive systems are increasingly expected to operate under changing and uncertain conditions, including not only varying user needs and workloads, but also fluctuating resource capacity. Self-adaptation is an approach that aims to address this problem, giving systems the ability to change their behavior and structure to adapt to changes in themselves and their operating environment without human intervention. Self-adaptive systems tend to be reactive and myopic, adapting in response to changes without anticipating what the subsequent adaptation needs will be. Adapting reactively can result in inefficiencies due to the system performing a suboptimal sequence of adaptations. Furthermore, some adaptation tactics—atomic adaptation actions that leave the system in a consistent state—have latency and take some time to produce their effect. In that case, reactive adaptation causes the system to lag behind environment changes. What is worse, a long running adaptation action may prevent the system from performing other adaptations until it completes, further limiting its ability to effectively deal with the environment changes. To address these limitations and improve the effectiveness of self-adaptation, we present proactive latency-aware adaptation, an approach that considers the timing of adaptation (i) leveraging predictions of the near future state of the environment to adapt proactively; (ii) considering the latency of adaptation tactics when deciding how to adapt; and (iii) executing tactics concurrently. We have developed three different solution approaches embodying these principles. One is based on probabilistic model checking, making it inherently able to deal with the stochastic behavior of the environment, and guaranteeing optimal adaptation choices over a finite decision horizon. The second approach uses stochastic dynamic programming to make adaptation decisions, and thanks to performing part of the computations required to make those decisions off-line, it achieves a speedup of an order of magnitude over the first solution approach without compromising optimality. A third solution approach makes adaptation decisions based on repertoires of adaptation strategies— predefined compositions of adaptation tactics. This approach is more scalable than the other two because the solution space is smaller, allowing an adaptive system to reap some of the benefits of proactive latency-aware adaptation even if the number of ways in which it could adapt is too large for the other approaches to consider all these possibilities. We evaluate the approach using two different classes of systems with different adaptation goals, and different repertoires of adaptation strategies. One of them is a web system, with the adaptation goal of utility maximization. The other is a cyberphysical system operating in a hostile environment. In that system, self-adaptation must not only maximize the reward gained, but also keep the probability of surviving a mission above a threshold. In both cases, our results show that proactive latency-aware adaptation improves the effectiveness of self-adaptation with respect to reactive time-agnostic adaptation.}, NOTE = {Technical Report CMU-ISR-17-103}, KEYWORDS = {Latency-aware, Rainbow, Self-adaptation} } @PhdThesis{Ruchkin:2019:Thesis, AUTHOR = {Ruchkin, Ivan}, TITLE = {Integration of Modeling Methods for Cyber-Physical Systems}, YEAR = {2019}, MONTH = {March}, SCHOOL = {Carnegie Mellon University}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/ruchkin-20190328-final.pdf}, ABSTRACT = {Cyber-physical systems (CPS) incorporate digital (cyber) and mechanical (physical) elements that interact in complex ways. Many safety-critical CPS, such as autonomous vehicles and drones, are becoming increasingly widespread and hence demand rigorous quality assurance. To this end, CPS engineering relies on modeling methods, which use models to represent the system and design-time analyses to interpret/change the models. Coming from diverse scientific and engineering fields, these modeling methods are difficult to combine, or integrate, due to implicit relations and dependencies between them. CPS failures can lead to substantial damage or loss of life, and are often due to two key integration challenges: (i) inconsistencies between models — contradictions in models that do not add up to a cohesive design, and (ii) incorrect interactions of analyses — analyses performed out-of-order and in mismatched contexts, leading to erroneous analysis outputs. This thesis presents a novel approach to detect and prevent integration issues between CPS modeling methods during the design phase. To detect inconsistencies between models, the approach allows engineers to specify integration properties — quantified logical statements that relate elements of multiple models — in the Integration Property Language (IPL). IPL statements describe verifiable conditions that are equivalent to an absence of inconsistencies. To interface with the models, IPL relies on integration abstractions — simplified representations of models for integration purposes. This thesis proposes two abstractions: views (annotated component-and-connector models, inspired by software architecture) and behavioral properties (expressions in model-specific property languages, such as the linear temporal logic). Combining these abstractions lets engineers relate model structure and behavior in IPL statements. To ensure correct interactions of analyses, I introduce analysis contracts — a lightweight specification that captures inputs, outputs, assumptions, and guarantees for each analysis, in terms of the integration abstractions. Given these contracts, an analysis execution platform performs analyses in the order of their dependencies, and only in the contexts that guarantee correct outputs. My approach to integration was validated on four case studies of CPS modeling methods in different systems: energy-aware planning in a mobile robot, collision avoidance in a mobile robot, thread/battery scheduling in a quadrotor, and reliable/ secure sensing in an autonomous vehicle. This validation has shown that the approach can find safety-critical errors by specifying expressive integration properties and soundly checking them within practical constraints — all while being customizable to heterogeneous models, analyses, and domains.}, NOTE = {Institute for Software Research Technical Report CMU-ISR-18-107}, KEYWORDS = {Cyberphysical Systems, Formal Methods} } @PhdThesis{2020:Pandey:Thesis, AUTHOR = {Pandey, Ashutosh}, TITLE = {Hybrid Planning in Self-adaptive Systems}, YEAR = {2020}, SCHOOL = {Carnegie Mellon University}, PDF = {http://reports-archive.adm.cs.cmu.edu/anon/isr2020/CMU-ISR-20-100.pdf}, ABSTRACT = {Planning is one of the fundamental design considerations when building a selfadaptive software system. Planning helps the adaptive system to determine an appropriate course of action at run time that seeks to change the system's behavior in response to faults, changing environments and security threats. Therefore, having an appropriate planner to find a plan is critical to a successful self-adaptation. For many adaptive systems, an appropriate planner is the one that not only finds a plan quickly, particularly, in urgent circumstances but also the plan provides a near-optimal long-term performance. However, due to the fundamental trade-off between quality and timeliness of planning, today designers often have to compromise between an approach that finds a plan quickly and an approach that is slow but finds a higher-quality plan. To deal with this trade-off, this thesis proposes a hybrid planning approach for self-adaptive systems that combines of-the-shelf deliberative and reactive planners to find a balance between quality and timeliness. The key idea is to use reactive planning to provide a quick (although potentially a sub-optimal) response, but simultaneously invoke deliberative planning to determine quality plans. Once the deliberative plan is ready, it takes over the execution from the reactive plan to provide a higher quality adaptation thereafter. Such a combination of planners can, in principle, reap the benefits of both worlds: providing plans quickly when the timing is critical, while allowing (nearly) optimal plans to be generated when the system has sufficient time to do so. Moreover, instead of going through the non-trivial process of developing a new algorithm/heuristic, hybrid planning combines off-the-shelf planners; therefore, hybrid planning does not require software engineers to master the complexity of developing new planning algorithms/heuristics. This thesis demonstrates that, compared to its constituent reactive and deliberative planners, hybrid planning can find a better balance between the timeliness and the quality of planning, thereby improve adaptation effectiveness as measured by a multidimensional utility function capturing different dimensions of a system's goal. In the process, the thesis makes contributions to both the theory and the practice of hybrid planning in self-adaptive systems. Specifically, the thesis provides: (a) a formal framework defining the problem of hybrid planning; (b) a practical approach (grounded in the formal model) to apply hybrid planning to self-adaptive systems; (c) informal guidelines and a quantitative approach to help engineers to select an appropriate set of planners to instantiate hybrid planning for a given domain, and (d) evaluation of hybrid planning using two realistic systems to bridge the gap between theory and practice. }, NOTE = {Institute for Software Research Technical Report CMU-ISR-20-100}, ANNOTE = {[Appendix](http://reports-archive.adm.cs.cmu.edu/anon/isr2020/CMU-ISR-20-100-Appendix.pdf)}, KEYWORDS = {Machine Learning, Model Checking, Planning, Self-adaptation} } @PhdThesis{2021:Cody:PhD, AUTHOR = {Kinneer, Cody}, TITLE = {Search-based Plan Reuse in Self-* Systems}, YEAR = {2021}, MONTH = {May}, PAGES = {122}, SCHOOL = {Institute for Software Research, Carnegie Mellon University}, ABSTRACT = {Increasingly software systems operate in environments of change and uncertainty, where the system's ability to satisfy its quality objectives depends on its ability to adapt. Self-adaptation allows these systems to manage this challenge by autonomously adapting to changes in their environments. While self-* systems are designed precisely to manage uncertainty, unexpected changes may violate design assumptions, resulting in the system failing to satisfy its quality attribute requirements. When this occurs, the planner must generate a new plan, an expensive operation for large systems. As autonomous systems increase in size, interconnectedness, and complexity, this cost can quickly become prohibitive. This thesis addresses this problem by leveraging information contained in prior plans to reduce the replanning necessary to respond to an unexpected change. Even in the face of an unexpected change, some of the insights contained in existing plans are likely to remain applicable. For example, an autonomous aerial vehicle encountering an unexpected obstacle will need to replan to avoid the obstacle, but the drone may be able to return to its prior plan after this maneuver. A larger change will reduce the amount of reuse that is possible, for example changing the drone's mission to fly to a new location, but still, the takeoff and landing procedures may be reused. This thesis reuses existing adaptation plans by seeding a genetic algorithm with these plans. This enables a scalable self-* planner that can replan in complex systems with large search spaces. While the idea of plan reuse is intuitive, in practice plan reuse is difficult and may even be worse than replanning from scratch if not performed carefully. This dissertation provides reuse enhancing approaches to reduce the evaluation time of candidate plans, an approach for building reusable repertoires of plans and identifying generalizable plan fragments, and a co-evolutionary extension to enable plan reuse for security. The thesis is evaluated on three simulated case study systems, including a cloud-based web service provider, a team of autonomous aerial vehicles, and an enterprise business system under a cyber attack. Ultimately, plan reuse will enable large self-* systems to replan even after unexpected changes. }, KEYWORDS = {Explainable Software, Self-adaptation, Stochastic Search, uncertainty} } @PhdThesis{2022:Sukkerd:Thesis, AUTHOR = {Sukkerd, Roykrong}, TITLE = {Improving Transparency and Intelligibility of Multi-Objective Probabilistic Planning}, YEAR = {2022}, NUMBER = {CMU-ISR-22-104}, SCHOOL = {Institute for Software Research, School of Computer Science}, ABSTRACT = {Sequential decision-making problems with multiple objectives are natural to many application domains of AI-enabled systems. As these systems are increasingly used to work with people or to make decisions that impact people, it is important that their reasoning is intelligible to the end-users and stakeholders, to foster trust and effective human-agent collaborations. However, understanding the reasoning behind solving sequential decision problems is difficult for end-users even when white-box decision models such as Markov decision processes (MDPs) are used. Such intelligibility challenge is due to the combinatorial explosion of possible strategies for solving long-horizon problems. The multi-objective optimization aspect further complicates the problem as different objectives may conflict and reasoning about tradeoffs is required. These complexities pose a barrier for end-users to know whether the agent has made the right decisions for a given context, and may prohibit them from intervening if the agent was wrong. The goal of this thesis is to develop an explainability framework that enables the agent making sequential decisions to communicate its goals and rationale for its behavior to the end-users. We present an explainable planning framework for MDP, particularly to support problem domains with multiple optimization objectives. We propose consequence-oriented contrastive explanations, in which an argument for an agent's policy is in terms of its expected consequences on the task objectives, put in context of the selected viable alternatives to demonstrate the optimization and tradeoff reasoning of the agent. Our modeling framework supports reward decomposition, and augments MDP representation to ground the components of the reward or cost function in the domain-level concepts and semantics, to facilitate explanation generation. Our explanation generation method computes policy-level contrastive foils that describe the inflection points in the agent's decision making in terms of optimization and trade-off reasoning of the decomposed task objectives. We demonstrate the applicability of our explainable planning framework by applying it to three planning problem domains: waypoint-based navigation, UAV mission planning, and clinic scheduling. We design and conduct a human subjects experiment to evaluate the effectiveness of explanations based on measurable task performance. We design the users' task in the experiment to be: assessing the agent's planning decisions to determine whether they are the best decisions for a given problem context. Our experimental results show that our proposed consequence-oriented contrastive explanation approach significantly improves the users' ability to correctly assess the agent's planning decisions, as well as the users' confidence in their assessment. Lastly, we investigate the feasibility of a user-guided approach to our consequence oriented contrastive explanation paradigm. We propose a theoretical framework and approaches to formulate Why Not behavioral questions as state-action constraints and linear temporal logic constraints on the planning problem, and to solve for satisfying policies in order to explain the full impact that the queried behavior has on the subsequent decisions and on the task objectives. }, KEYWORDS = {Explainable Software, Planning, Self-adaptation} } @PhdThesis{Glazier:Thesis:2023, AUTHOR = {Glazier, Thomas J.}, TITLE = {Meta-Management of Collections of Autonomic Systems}, YEAR = {2023}, MONTH = {December}, NUMBER = {CMU-S3D-23-110}, SCHOOL = {Software and Societal Systems Department, School of Computer Science}, KEYWORDS = {Self-adaptation, Self-awareness & Adaptation} } @PhdThesis{Dwivedi:Thesis:2022, AUTHOR = {Dwivedi, Vishal}, TITLE = {Halo: A Framework for End-User Architecting}, YEAR = {2022}, NUMBER = {CMU-S3D-22-110}, SCHOOL = {Software and Societal Systems Department, School of Computer Science}, KEYWORDS = {End-user Architecture} }