Write a Blog >>
Fri 16 - Fri 23 October 2020


Contributions related to all aspects of modeling, modeling languages and model-based engineering are cordially invited to the 23rd edition of MODELS, in Montreal, Canada 18-23 October 2020.

MODELS is the premier conference series for model-based software and systems engineering. Since 1998, MODELS has covered all aspects of modeling, from languages and methods, to tools and applications. Attendees of MODELS come from diverse backgrounds, including researchers, academics, engineers and industrial professionals. MODELS 2020 is a forum for participants to exchange cutting-edge research results and innovative practical experiences around modeling and model-based software and systems.

This year’s edition will provide an opportunity for the modeling community to further advance the foundations of modeling, and come up with innovative applications of modeling in emerging areas of cyber-physical systems, embedded systems, socio-technical systems, cloud computing, big data, machine learning, security, open source, and sustainability.

In 2020, MODELS has a special theme on “Modeling in the era of data”. We especially encourage contributions where model-driven engineering intersects with research and applications on, not exclusively, data curation, data science, artificial intelligence, machine learning, Internet of Things, and smart cities.

We invite you to join us at MODELS 2020, Montreal, Canada and to help shape the modelling methods and technologies of the future!

Topic of Interest

MODELS 2020 seeks submissions on diverse topics related to modeling for software and systems engineering, including, but not limited to:

  • Foundations of MBE, including definition of the syntax and semantics of modeling and model transformation languages.

  • New paradigms, formalisms, applications, approaches, frameworks, or processes for MBE.

  • Definition, usage, and analysis of generative and reengineering approaches.

  • Development of systems engineering and modeling-in-the-large concepts.

  • Search-based MBE and artificial intelligence for MBE.

  • Human factors in model-based software and systems engineering.

  • Tools, meta-tools and language workbenches for MBE, including model management.

  • Integration of modeling languages and tools (hybrid multi-modeling approaches).

  • Evaluation and comparison of modeling languages, techniques and tools.

  • Quality assurance (analysis, testing, verification) for functional and non-functional properties of models and model transformations.

  • Collaborative modeling research to address global and team management issues (e.g., browser-based and cloud-enabled collaboration research and tools).

  • Evolution of general-purpose modeling languages and related standards.

  • Evidence-based education research for curricular concerns on modeling topics.

  • Modeling in software engineering; applications of models to address general software engineering challenges.

  • Modeling for specific challenges such as collaboration, scalability, security, interoperability, adaptability, flexibility, maintainability, dependability, reuse, energy efficiency, and uncertainty.

  • Modeling with, and for, new and emerging systems and paradigms such as cyber-security, cyber-physical systems (CPSs), the internet of things (IoTs), cloud computing, DevOps, data analytics, data science, machine learning, big data, systems engineering, social media, devices and services, robotics, mobile applications, conversational agents, open source software, sustainability and modeling for social good.

You're viewing the program in a time zone which is different from your device's time zone - change time zone

Wed 21 Oct
Times are displayed in time zone: Eastern Time (US & Canada) change

13:15 - 14:30: A2-Education and GamesTechnical Track at Room A
Chair(s): Steffen ZschalerKing's College London
13:15 - 13:35
Is Automated Grading of Models Effective? Assessing Automated Grading of Class DiagramsP&I
Technical Track
Weiyi Bian, Omar AlamTrent University, Jörg KienzleMcGill University, Canada
13:35 - 13:50
A Model-driven Alternative to Programming in Blocks using Rule-based TransformationsNIV
Technical Track
Huseyin ErginBall State University, Wenjun ShiEast China Normal University, China, Herart Dominggus Nurue, Jeff GrayUniversity of Alabama
Media Attached
13:50 - 14:05
Papyrus for gamers, let's play modelingDemo
Technical Track
Antonio BucchiaroneFondazione Bruno Kessler, Trento, Italy, Maxime Savary-Leblanc, Xavier Le Pallec, Jean-Michel BruelUniversité de Toulouse, France, Antonio CicchettiMälardalen University, Jordi CabotICREA - UOC, Sebastian GerardCEA Saclay - NanoInnov, Hamna Aslam, Annapaola MarconiFondazione Bruno Kessler, Trento, Italy, Mirko Perillo
14:05 - 14:20
Automated Video Game World Map Synthesis by Model-Based TechniquesDemo
Technical Track
Boqi Chen, Dylan Havelock, Connor Plante, Michael Sukkarieh, Oszkár SemeráthBudapest University of Technology and Economics, Daniel VarroMcGill University / Budapest University of Technology and Economics
13:15 - 14:30: B2-MDE Process SupportTechnical Track at Room B
Chair(s): Jesús Sánchez CuadradoUniversidad de Murcia
13:15 - 13:35
To build, or not to build: ModelFlow, a build solution for MDE projectsFT
Technical Track
Beatriz SanchezUniversity of York, Dimitris KolovosUniversity of York, Richard PaigeMcMaster University
Pre-print Media Attached
13:35 - 13:55
An extensible framework for customizable model repairFT
Technical Track
Angela Barriga, Rogardt Heldal, Ludovico IovinoGran Sasso Science Institute, L'Aquila, Italy, Magnus Marthinsen, Adrian RutleWestern Norway University of Applied Sciences
13:55 - 14:15
Interactive Metamodel/Model Co-Evolution: A Clustering-based Multi-Objective ApproachFT
Technical Track
14:15 - 14:30
Ark: a constraint-based method for architectural synthesis of smart systemsJ1st
Technical Track
Milena Guessi, Flavio OquendoIRISA (UMR CNRS) - Univ. Bretagne-Sud (UBS), Elisa Yumi NakagawaUniversity of São Paulo, Brazil
15:00 - 16:15: A3-Systems Engineering IITechnical Track at Room A
Chair(s): Nelly BencomoAston University
15:00 - 15:20
AC-ROS: Assurance Case Driven Adaptation for the Robot Operating SystemFT
Technical Track
Betty H.C. ChengMichigan State University, Robert Clark, Jonathon Fleck, Michael LangfordMichigan State University, Philip McKinley
15:20 - 15:40
Supporting Robotic Software Migration Using Static Analysis and Model-Driven EngineeringP&I
Technical Track
Sophie Wood, Nicholas MatragkasUniversity of York, Dimitris KolovosUniversity of York, Richard PaigeMcMaster University, Simos GerasimouUniversity of York, UK
Link to publication Pre-print
15:40 - 16:00
Model-Based Automatic Fleet Deployment of Edge Computing ApplicationsP&I
Technical Track
Hui SongSINTEF Digital, Rustem Dautov, Nicolas Ferry, Arnor SolbergTellu IoT ordinary PC member PI papers, Franck Fleurey
16:00 - 16:15
CyprIoT Project - An Open Source Toolset to Model and Generate a Network of ThingsDemo
Technical Track
15:00 - 16:15: B3-Model Analysis and ValidationTechnical Track at Room B
Chair(s): Marsha ChechikUniversity of Toronto, Canada
15:00 - 15:20
Semantic Comparisons of Alloy ModelsFT
Technical Track
Jan Oliver RingertUniversity of Leicester, Syed Waqee WaliUniversity of Leicester, UK
DOI Pre-print
15:20 - 15:40
Automated Generation of Consistent Models with Structural and Attribute ConstraintsFT
Technical Track
Oszkár SemeráthBudapest University of Technology and Economics, Aren BabikianMcGill University, Anqi Li, Kristóf Marussy, Daniel VarroMcGill University / Budapest University of Technology and Economics
Link to publication
15:40 - 16:00
mel - Model Extractor Language for Extracting Facts from ModelsFT
Technical Track
Robert Hackman, Joanne M. AtleeUniversity of Waterloo, Finn HacketComputer Science, University of Waterloo, Michael W. GodfreyUniversity of Waterloo, Canada
16:00 - 16:15
Strengthening Validation of Model Behavior through Filmstrip Templates in the tool USEDemo
Technical Track

Thu 22 Oct
Times are displayed in time zone: Eastern Time (US & Canada) change

11:00 - 12:15: A4-RequirementsTechnical Track at Room A
Chair(s): Loli BurgueñoOpen University of Catalonia & CEA LIST
11:00 - 11:20
Leveraging Natural-language Requirements for Deriving Better Acceptance Criteria from ModelsP&I
Technical Track
Alvaro Veizaga, Mauricio Alferez, Damiano TorreUniversity of Luxembourg, Mehrdad Sabetzadeh, Lionel C. BriandUniversity of Ottawa, Canada
11:20 - 11:40
From Text to Visual BPMN Process Models: Design and EvaluationP&I
Technical Track
Ana IvanchikjSoftware Institute, Faculty of Informatics, USI Lugano, souhaila serboutSoftware Institute @ USI, Cesare PautassoSoftware Institute, Faculty of Informatics, USI Lugano
Link to publication DOI Pre-print Media Attached
11:40 - 12:00
"Union is Power": Analyzing Families of Goal Models using Union ModelsFT
Technical Track
Sanaa AlwidianUniversity of Montreal, Daniel AmyotUniversity of Ottawa
12:00 - 12:15
Using empirical studies to mitigate symbol overload in iStar extensionsJ1st
Technical Track
Enyo Gonçalves, Camilo AlmendraUniversidade Federal do Ceará, Miguel GoulaoNOVA-LINCS, FCT/UNL, João Araújo, Jaelson Castro
11:00 - 12:15: B4-Language Engineering and ModularityTechnical Track at Room B
Chair(s): Benoit CombemaleUniversity of Toulouse and Inria
11:00 - 11:20
A Compositional Framework for Systematic Modeling Language ReuseFT
Technical Track
Arvid ButtingSoftware Engineering RWTH Aachen University, Jerome Pfeiffer, Bernhard RumpeRWTH Aachen, Andreas WortmannRWTH Aachen University
11:20 - 11:40
Template Based Model Engineering in UMLFT
Technical Track
11:40 - 11:55
On the benefits of file-level modularity for EMF modelsJ1st
Technical Track
Mojtaba Bagherzadeh, Karim JahedQueen's University, Juergen DingelQueen's University, Kingston, Ontario
DOI Pre-print
11:55 - 12:10
Concrete Syntax-Based Find for Graphical DSLsDemo
Technical Track
15:00 - 16:15: A5-Behavioural ModelingTechnical Track at Room A
Chair(s): Massimo Tisi
15:00 - 15:20
Synthesis of State Machine ModelsFT
Technical Track
15:20 - 15:40
Efficient Reordering and Replay of Execution Traces of Distributed Reactive Systems in the Context of Model-driven DevelopmentFT
Technical Track
Majid BabaeiQueen's University, Mojtaba Bagherzadeh, Juergen DingelQueen's University, Kingston, Ontario
15:40 - 15:55
Designing, Animating, and Verifying Partial UML ModelsNIV
Technical Track
Frédéric Jouault ERIS Team, ESEO , France, Valentin Besnard, Théo Le CalvarUniversity of Angers, Ciprian TeodorovENSTA Bretagne, Matthias Brun, Jérôme Delatour
Link to publication DOI Authorizer link Media Attached
15:55 - 16:10
Mixed-semantics composition of statecharts for the component-based design of reactive systemsJ1st
Technical Track
Bence GraicsBudapest University of Technology and Economics, Vince MolnárBudapest University of Technology and Economics, András VörösBudapest University of Technology and Economics, Istvan MajzikBudapest University of Technology and Economics, Daniel VarroMcGill University / Budapest University of Technology and Economics
Link to publication DOI
15:00 - 16:15: B5-Models and DataTechnical Track at Room B
Chair(s): Dimitris KolovosUniversity of York
15:00 - 15:20
Detecting Quality Problems in Research Data: A Model-Driven ApproachFT
Technical Track
Arno Kesper, Viola WenzPhilipps-Universität Marburg, Gabriele TaentzerUniversität Marburg
Link to publication DOI File Attached
15:20 - 15:35
Insights Collaboration Space – A Team Collaboration App for the Design of Data-Driven ServicesDemo
Technical Track
15:35 - 15:50
Towards User-Centred tooling for Modelling of Big Data ApplicationsDemo
Technical Track
Hourieh KhalajzadehMonash University, Australia, Tarun Verma, Andrew SimmonsDeakin University, John GrundyMonash University, Mohamed AbdelrazekDeakin University, Australia, John HoskingUniversity of Auckland
15:50 - 16:05
TyphonML: a Modeling Environment to Develop Hybrid PolystoresDemo
Technical Track
Francesco BascianiUniversity of L'Aquila, Juri Di RoccoUniversity of L'Aquila, Davide Di RuscioUniversity of L'Aquila, Ludovico IovinoGran Sasso Science Institute, L'Aquila, Italy, Alfonso PierantonioUniversità degli Studi dell'Aquila

Fri 23 Oct
Times are displayed in time zone: Eastern Time (US & Canada) change

13:15 - 14:30: B7-Run-time and ArchitectureTechnical Track at Room B
Chair(s): Bran SelicMalina Software Corporation
13:15 - 13:35
A model-based approach for developing event-driven architectures with AsyncAPIP&I
Technical Track
Abel GómezUniversitat Oberta de Catalunya, Markel Iglesias-Urkia, Aitor Urbieta, Jordi CabotICREA - UOC
DOI Pre-print Media Attached
13:35 - 13:55
A Scalable Querying Scheme for Memory-efficient Runtime Models with HistoryFT
Technical Track
Lucas SakizloglouHasso Plattner Institute, University of Potsdam, Sona GhahremaniHasso Plattner Institute, University of Potsdam, Matthias BarkowskyHasso Plattner Institute, University of Potsdam, Germany, Matthias BarkowskyHasso Plattner Institute, University of Potsdam, Germany, Holger GieseHasso Plattner Institute, University of Potsdam
Link to publication DOI Pre-print
13:55 - 14:10
A model-based architecture for interactive run-time monitoringJ1st
Technical Track
Nicolas Hili, Mojtaba Bagherzadeh, Karim JahedQueen's University, Juergen DingelQueen's University, Kingston, Ontario
14:10 - 14:25
MReplayer: A Trace Replayer of Distributed UML-RT ModelsDemo
Technical Track
Majid BabaeiQueen's University, Mojtaba Bagherzadeh, Juergen DingelQueen's University, Kingston, Ontario
15:00 - 16:15: B8-Variability and EvaluationTechnical Track at Room B
Chair(s): Mahdi ManeshPorsche Digital GmbH
15:00 - 15:20
Variability Representations in Class Models: An Empirical AssessmentFT
Technical Track
Daniel StrüberRadboud University Nijmegen, Anthony Anjorin, Thorsten BergerChalmers University of Technology, Sweden / University of Gothenburg, Sweden
15:20 - 15:40
Co-evolution of Simulink Models in a Model-Based Product LineP&I
Technical Track
Robbert JongelingMalardalen University, Antonio CicchettiMälardalen University, Federico CiccozziMalardalen University, Jan CarlsonMalardalen University
Link to publication DOI Pre-print
15:40 - 15:55
Claimed Advantages and Disadvantages of (dedicated) Model Transformation languages: A Systematic Literature ReviewJ1st
Technical Track
15:55 - 16:10
Using Benji to Systematically Evaluate Model Comparison AlgorithmsDemo
Technical Track
Lorenzo AddaziMälardalen University, Antonio CicchettiMälardalen University

Call for papers

Foundations Track Papers

We invite authors to submit high quality contributions describing significant, original, and unpublished results in the following categories:

  1. Technical Papers
  2. Technical papers should describe innovative research in modeling or model-driven engineering activities. Papers in this submission category should describe a novel contribution to the field and should carefully support claims of novelty with citations to the relevant literature.

    Evaluation Criteria: Technical papers are evaluated on the basis of originality, soundness, relevance, importance of contribution, strength of validation, quality of presentation and appropriate comparison to related work. Where a submission builds upon previous work of the author(s), the novelty of the new contribution must be described clearly with respect to the previous work. Technical papers need to discuss clearly how the results were validated (e.g., formal proofs, controlled experiments, rigorous case studies, or simulations). Authors are strongly encouraged to make the artifacts used for the evaluation publicly accessible, e.g., through a Github repository or an alternative that is likely to remain available. There will be an artifact evaluation process, as discussed below.

  3. New Ideas and Vision Papers
  4. We solicit short papers that present new ideas and visions. Such papers may describe new, non-conventional model-driven engineering research positions or approaches that depart from standard practice. They can describe well-defined research ideas that are at an early stage of investigation. They could also provide new evidence that common wisdom should be challenged, present new unifying theories about existing modeling research that provides novel insight or that can lead to the development of new technologies or approaches, or apply modeling technology to radically new application areas.

    Evaluation Criteria: New ideas and vision papers will be assessed primarily on their level of originality and potential for impact on the field in terms of promoting innovative thinking. Hence, inadequacies in the state-of-the-art and the pertinence, correctness, and impact of the idea/vision must be described clearly, even though the new idea need not be fully worked out, and a fully detailed roadmap need not be presented.

Practice and Innovation Track

The goal of this track is to fill the gap between foundational research in model-based engineering (MBE) and industrial needs. We invite authors from academia and/or industry to submit original contributions reporting on the development of innovative MBE solutions in industries, public sector, or open-source settings, as well as innovative application of MBE in such contexts. Examples include:

  • Scalable and cost-effective methodologies and tools

  • Industrial case studies with valuable lessons learned

  • Experience reports providing novel insights

Each paper should provide clear take-away value by describing the context of a problem of practical importance, and the application of MBE that leads to a solution.

Evaluation Criteria: A paper in the P&I Track will be evaluated mainly from its practical take-away and the potential impact of the findings. More specifically,

  • The paper should discuss why the solution to the problem is innovative (e.g., in terms of advancing the state-of-practice), effective, and/or efficient, and what likely practical impact it has or will have;

  • The paper should provide a concise explanation of approaches, techniques, methodologies and tools employed;

  • The paper should explain best practices that emerged, tools developed, and/or software processes involved.

  • Studies reporting on negative findings must provide a thorough discussion of the potential causes of failure, and ideally a perspective on how to solve them.

The submission process for MODELS 2020 is similar to past MODELS conferences, with the specific details below. We however follow the double blind review process and “New Ideas and Vision Papers” should be submitted as short papers as mentioned. In the double blind review process, authors will not be identified to reviewers and reviewers will not be identified to authors. Please consult the submission information section below to prepare your manuscript for the double-blind process.

Submission Guidelines

For Foundations and Practice & Innovation tracks, papers must be submitted electronically through the MODELS 2020 EasyChair web page.

  • “Foundations” and “Practice and Innovation” papers must not exceed 10 pages for the main text, inclusive of all figures, tables, appendices, etc. Two more pages containing only references are permitted.

  • “New Ideas/Vision” papers must not exceed 6 pages for the main text, inclusive of all figures, tables, appendices, etc. One more page containing only references is permitted.

  • All submissions must be in PDF. The page limit is strict, and it will not be possible to purchase additional pages at any point in the process (including after the paper is accepted).

  • Formatting instructions are available at https://www.acm.org/publications/proceedings-template for both LaTeX and Word users. LaTeX users must use the provided acmart.cls and ACM-Reference-Format.bst without modification, enable the conference format in the preamble of the document (i.e., \documentclass[sigconf,review]{acmart}), and use the ACM reference format for the bibliography (i.e., \bibliographystyle{ACM-Reference-Format}). The review option adds line numbers, thereby allowing referees to refer to specific lines in their comments.
  • Lastly, MODELS 2020 will employ a double-blind review process. Thus, no submission may reveal its authors’ identities. The authors must make every effort to honor the double-blind review process. In particular, the authors’ names must be omitted from the submission and references to their prior work should be in the third person. For more information, check the submission information page.

Submissions that do not adhere to these limits or that violate the formatting guidelines will be desk-rejected without review. Accepted papers will be published in the conference proceedings published by

ACM. Selected papers from the conference will be invited to revise and submit extended versions of the papers for publication in the International Journal on Software and Systems Modeling (SoSyM).

Review Process

MODELS 2020’s double blind review process will use a single phase with no rebuttals. There will be an extended discussion phase monitored by one Program Board member assigned to each paper. The Program Chairs will also be heavily involved in monitoring discussions and reviews, to ensure that quality reviews are produced.

All papers that conform to the submission guidelines will be peer-reviewed by at least three members of the Program Committee. The Program Board will monitor the reviews of papers assigned to them, to ensure that the reviews are constructive and sufficiently detailed so that authors can both improve their papers and understand the rationale behind final decisions. After reviews are completed, the Program Board will lead a discussion phase on papers assigned to them, in order to come up with recommendations. These recommendations will be discussed at the Program Board meeting, to be held in early July 2020, in order to come up with decisions on papers to be presented at the conference.

Authors of accepted papers will be invited to submit their accompanying artifacts (e.g., software, datasets, proofs) to the Artifact Evaluation track. The Artifact Evaluation track is run by a separate committee whose task is to assess how the artifacts support the results presented in the papers. Participation in the Artifact Evaluation process is optional and does not affect the final decision regarding the papers. Papers that successfully go through the Artifact Evaluation process will be rewarded with a seal of approval printed on the paper themselves. The artifacts will be archived.

Important Dates

Foundation Track and Practice and Innovation Track have the following deadlines:

  • May 15, 2020, Abstract submission

  • May 22, 2020, Paper submission (firm)

  • July 13, 2020, Author notification

  • July 31, 2020, Camera Ready Due

Please note that:

  • Abstract submission is mandatory.

  • All deadlines are hard. No extensions will be granted.

  • All dates are according to time zone “Anywhere on Earth”, i.e., UTC-12.

  • All accepted papers must be presented by an author who is registered as a “Regular” participant (student presenters must register as a Regular participant).

Submission Information

MODELS 2020 will follow a double-blind reviewing process in which the identity of authors will not be known to the program committee at any time during the process. The papers submitted must not reveal the authors´ identities in any way. Hence, the authors should make every reasonable effort to keep the paper anonymous, but of course there is no need to guarantee that the authors’ identity is undiscoverable.

Why Double Blind?

There are many reasons for a double-blind review process at conferences, including to avoid (even unconscious) bias from the reviewers. Hence, to make the review process as fair as possible, we want to avoid either positive or negative bias of reviewers from the authors’ identities. Recently, many conferences have moved to a double blind process to avoid such bias, including ICSE, ICSME, FASE, ESEC/FSE, and ASE, among many others.

For more information on motivations for double-blind reviewing, see Claire Le Goues’s very well argued, referenced and evidenced blog posting in favor of double-blind review processes for Software Engineering conferences. See also a list of double-blind resources from Robert Feldt, as well as a more formal study of the subject by Moritz Beller and Alberto Bacchelli, as well as studies on the benefits of double blind in merit reviewing.

How to prepare your paper for double-blind reviewing?

● Omit all authors’ names and affiliations from the title page. Omit also acknowledgements, if they mention any names or organizations.

● Refer to your own work in the third person. You should not change the names of your own previously published tools, approaches, or systems, because this would clearly compromise the review process. Instead, refer to the authorship or provenance of tools, approaches, or systems in the third person, so that it is credible that another author could have written your paper.

● If possible, do not rely on external sources for supplementary material (your website, your GitHub repository, your YouTube channel, a companion technical report or thesis) in the paper. Such material might reveal author identities. It is possible to post a link to an anonymous GitHub repository, or anonymous web hosting services, but the repository should be checked carefully for any information that could reveal the author’s identity, and it could be helpful to warn the reader that accessing the repository could reveal the author’s identity. In any case, you will be able to submit supplementary material through the EasyChair submission site, but check the material carefully for anything that can reveal the author’s identity. Here are some additional tips on anonymization from ACM.

Authors having further questions on double blind reviewing are encouraged to contact the Program Chairs by email. Papers that do not comply to the double blind review process will be desk-rejected.


If a submission is accepted, at least one author of the paper is required to attend the conference and present the paper in person.

Production of artifacts

After the notification, the authors of accepted papers will be invited to submit artifacts related to the paper to be evaluated by the Artifact Evaluation Committee.

Foundation Track (main section)

A Compositional Framework for Systematic Modeling Language Reuse

Authors: Arvid Butting, Jerome Pfeiffer, Bernhard Rumpe and Andreas Wortmann

Many engineering domains started using generic modeling languages, such as SysML, to describe or prescribe the systems under development. This raises a gap between the generic modeling languages and the domains of experience of the engineers using these. Engineering truly domain-specific languages (DSLs) for experts of these domains still is too challenging for their wide-spread adoption. One major obstacle, the inability to reuse multi-dimensional (encapsulating constituents of syntax and semantics) language components in a black-box fashion prevents the effective engineering of novel DSLs. To facilitate engineering DSLs, we devised a concept of 3D components for textual, external, and translational DSLs that relies on systematic reuse through systematic closed and open variability in which DSL syntaxes can be embedded, well-formedness rules joined, and code generators integrated in a black-box fashion. We present this concept, a method for its systematic application, an integrated collection of modeling languages supporting systematic language reuse, and an extensible framework that leverages these languages to derive novel DSLs from language product lines. These can greatly mitigate many of the challenges in DSL reuse and, hence, can advance the engineering of truly domain-specific modeling languages.

Variability Representations in Class Models: An Empirical Assessment

Authors: Daniel Strüber, Anthony Anjorin and Thorsten Berger

Owing to the ever-growing need for customization, software systems often exist in many different variants. To avoid the need to maintain many different copies of the same model, developers of modeling languages and tools have recently started to provide representations for such variant-rich systems, notably variability mechanisms that support the implementation of differences between model variants. Available mechanisms either follow the annotative or the compositional paradigm, each of them having unique benefits and drawbacks. Language and tool designers select the used variability mechanism often solely based on intuition. A better empirical understanding of the comprehension of variability mechanisms would help them in improving support for effective modeling.
In this paper, we present an empirical assessment of annotative and compositional variability mechanisms for class models. We report and discuss findings from an experiment with 73 participants, in which we studied the impact of the chosen variability mechanisms during model comprehension tasks. We find that, compared to the baseline of listing all model variants separately, the annotative technique did not affect developer performance. Use of the compositional mechanism correlated with impaired performance. For a subset of our tasks the annotative mechanism is preferred to the compositional one and the baseline. We present actionable commendations concerning support of flexible, tasks-specific solutions, and the transfer of best established best practices from the code domain to models.

Synthesis of State Machine Models

Authors: Nafiseh Kahani, Mojtaba Bagherzadeh and James R. Cordy

The automated synthesis of behavioural models in the form of state machines (SMs) from higher-level specifications has a high potential impact on the efficiency and accuracy of software development using models. In this paper, inspired by program synthesis techniques, we propose a model synthesis approach that takes as input a structural model of a system and its desired system properties, and automatically synthesizes executable SMs for its components. To this end, we first generate a synthesis formula for each component, consistent with the system properties, and then perform a State Space Exploration (SSE) of each component, based on its synthesis formula. Each step of the SSE involves simply solving the synthesis formula in different contexts, based on input messages and the current execution state. The result of the SSE is saved in a Labeled Transition System (LTS), for which we then synthesize detailed actions for each of its transitions. Finally, we transform the LTSs into UML-RT (UML real-time profile) SMs, and integrate them with the original structural models. We assess the applicability, performance, and scalability of our approach using several different use cases extracted from the literature.

Detecting Quality Problems in Research Data: A Model-Driven Approach

Authors: Arno Kesper, Viola Wenz and Gabriele Taentzer

As scientific progress highly depends on the quality of research data, there are strict requirements for data quality coming from the scientific community. A major challenge in data quality assurance is to localise quality problems that are inherent to data collections. In this paper, we present the results of a qualitative study on quality problems occurring in cultural heritage data. To cope with the dynamic digitalisation of the humanities, we present a model-driven approach to analyse the quality of research data. It allows abstracting from the underlying database technology. Based on the observation that many of the identified quality problems show anti-patterns, a data engineer formulates analysis patterns that are generic concerning the database format and technology. A domain expert chooses a pattern that has been adapted to a specific database technology and concretises it for a domain-specific database format. The resulting concrete patterns are used by data analysts to locate quality problems in their databases. As a proof of concept, we implemented tool support that realises this approach for XML databases. We evaluated our approach concerning expressiveness and performance.

Modeling Mechanical Functional Architectures in SysML

Authors: Imke Drave, Gregor Hoepfner, Thilo Zerwas, Joerg Berroth, Kathrin Spuetz, Christian Guist, Jens Kohl, Bernhard Rumpe, Georg Jacobs and Andreas Wortmann

Innovations in Cyber-Physical System (CPS) are driven by functionalities and features. Mechanical Engineering is mainly concerned with the physical product architecture that is not explicitly linked to these functions. A holistic model-driven engineering approach for CPS, therefore, needs to bridge the gap between functions and the physical product architecture. In mechanical design methodology, functional architectures describe the functionality of the system under development but are typically neither considered nor modeled in practice. Existing approaches utilizing mechanical functional architectures, however, do not formalize a relation between the functional architecture and the geometric design. Therefore, we conceived a meta-model that defines modeling-languages for modeling functional architectures of mechanical systems and physical solutions, i.e., interconnections of physical effects and geometries, as refinements of the functional components. We have encoded the meta-model as a SysML profile and applied it within an interdisciplinary, industrial project to model an automotive cooling system. Our contribution signposts the potential of functional structures to not only bridge the gap between function and geometry in mechanics but also to integrate the heterogeneous domains participating in CPS engineering.

Efficient Reordering and Replay of Execution Traces of Distributed Reactive Systems in the Context of Model-driven Development

Authors: Majid Babaei, Mojtaba Bagherzadeh and Juergen Dingel

Ordering and replaying of execution traces of distributed systems is a challenging problem. State-of-the-art approaches annotate the traces with logical or physical timestamps. However, both kinds of timestamps have their drawbacks, including increased trace size. We examine the problem of determining consistent orderings of execution traces in the context of model-driven development of reactive distributed systems, that is, systems whose code has been generated from communicating state machine models. By leveraging key concepts of state machines and existing model analysis and transformation techniques, we propose an approach to collecting and reordering execution traces that does not rely on timestamps. We describe a prototype implementation of our approach and an evaluation. The experimental results show that compared to reordering based on logical timestamps using vector time (clocks), our approach reduces the size of the trace information collected by more than half while incurring similar runtime overhead.

Template Based Model Engineering in UML

Authors: Gilles Vanwormhoudt, Matthieu Allon, Olivier Caron and Bernard Carré

Model-based engineering (MBE) contributes a lot to software reuse by abstracting technology independent models, their capitalization and then their reuse to produce systems, ensuring early composition and checking capabilities. One step further, it was recognized that models could be parameterized in order to capture recurrent modeling patterns. This led to the concept of "model template" as offered in UML. In this paper we concentrate on engineering practices and operators which derive from the adoption of this concept, specifically in the case of "aspectual templates", where parameters form full models. As a first step, we show the consequent partitioning of modeling spaces into two subspaces: one dedicated to template modelers ("model for reuse"), the other one dedicated to application modelers ("model by reuse"). Respective activities are identified, but also back-and-forth between them. From this, engineering operators are isolated and formally specified. Finally, reusable technology within Eclipse is offered.

Model-driven Digital Twin Construction: Synthesizing the Integration of Cyber-Physical Systems with Their Information Systems

Authors: Jörg Christian Kirchhof, Judith Michael, Bernhard Rumpe, Simon Varga and Andreas Wortmann

Digital twins emerge in many disciplines to support engineering, monitoring, controlling, and optimizing cyber-physical systems, such as airplanes, cars, factories, medical devices, or ships. There is an increasing demand to create digital twins as representation of cyber-physical systems and their related models, data traces, aggregated data, and services. Despite a plethora of digital twin applications, there are very few systematic methods to facilitate the modeling of digital twins for a given cyber-physical system. Existing methods focus only on the construction of specific digital twin models and do not consider the integration of these models with the observed cyber-physical system. To mitigate this, we present a fully model-driven method to describe the software of the cyber-physical system, its digital twin information system, and their integration. The integration method relies on MontiArc models of the cyber- physical system’s architecture and on UML/P class diagrams from which the digital twin information system is generated. We show the practical application and feasibility of our method on an IoT case study. Explicitly modeling the integration of digital twins and cyber-physical systems eliminates repetitive programming activities and can foster the systematic engineering of digital twins.

To build, or not to build: ModelFlow, a build solution for MDE projects

Authors: Beatriz A. Sanchez, Dimitris Kolovos and Richard Paige

Conservative execution, end-to-end traceability, and context-aware resource handling are desirable features in model management build processes. Yet, none of the existing MDE-dedicated build tools (e.g. MTC-Flow, MWE2) support such features. An initial investigation of general-purpose build tools (e.g. ANT, Gradle) to assess whether we could build a workflow engine with support for these desirable features on top of it revealed limitations that could act as roadblocks for our work. As such, we decided to design and implement a new MDE-focused build tool (ModelFlow) from scratch to avoid being constrained by assumptions and technical constraints of these tools. We evaluated whether this decision was sensible by attempting to replicate its behaviour with Gradle in a typical model-driven engineering scenario. The evaluation highlighted scenarios where Gradle could not be extended to achieve the desirable behaviour which validates the decision to not base ModelFlow on top of it.

Efficient Generation of Graphical Model Views via Lazy Model-to-Text Transformation

Authors: Dimitris Kolovos, Alfonso de la Vega and Justin Cooper

Producing graphical views from software and system models is often desirable for communication and comprehension purposes, even when graphical model editing capabilities are not required - because the preferred editable concrete syntax of the models is text-based, or for models extracted via reverse engineering. To support such scenarios, we present a novel approach for efficient rule-based generation of transient graphical views from models using lazy model-to-text transformation, and an implementation of the proposed approach in the form of an open-source Eclipse plugin named Picto. Picto builds on top of mature visualisation software such as Graphviz and PlantUML and supports, among others, composite views, layers, and multi-model visualisation. We illustrate how Picto can be used to produce various forms of graphical views such as node-edge diagrams, tables and sequence-like diagrams, and we demonstrate the efficiency benefits of lazy view generation approach against batch model-to-text transformation for generating views from large models.

Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers

Authors: Thorsten Koch, Stefan Dziwok, Jörg Holtmann and Eric Bodden

Security protocols ensure secure communication between and within systems such as internet services, factories, and smartphones. As evidenced by numerous successful attacks against popular protocols such as TLS, designing protocols securely is a tedious and error-prone task. Model checkers greatly aid protocol verification, yet any single model checker is oftentimes insufficient to check a protocol’s security in full. Instead, engineers are forced to maintain multiple overlapping and hopefully non-contradicting and non-diverging specifications, one per model-checking tool—an error-prone task. To address this problem, this paper presents VICE, a scenario-based approach to security-protocol verification. It provides a visual modeling language based for specifying security protocols independent of the model checker. It then automatically transforms the relevant fragments of these models into equivalent inputs to multiple model checkers. In result, VICE completely relieves the security engineer from choosing and specifying queries via a fully automatic generation of all necessary queries. Through a case study involving real-world specifications of eight security protocols, we show that VICE is applicable in practice.

MAR: A structure-based search engine for models

Authors: José Antonio Hernández López and Jesús Sánchez Cuadrado

The availability of shared software models provides opportunities for reusing, adapting and learning from them. Public models are typically stored in a variety of locations, including model repositories, regular source code repositories, web pages, etc. To profit from them developers need effective search mechanisms to locate the models relevant for their tasks. However, to date, there has been little success in creating a generic and efficient search engine specially tailored to the modelling domain. In this paper we present MAR, a search engine for models. MAR is generic in the sense that it can index any type of model if its meta-model is known. Moreover, MAR takes the model structure into account in order to improve the precision of the search. We tackle the challenge of encoding the models' structure in an indexable manner by extracting paths between model elements. MAR is built over HBase which allows us to deal with large repositories offering a quick response to the queries. Our benchmarks show that the engine is efficient and has fast response times in most cases. We have also evaluated the precision of the search engine by creating model mutants which simulate user's queries. A REST API is available to perform queries and an Eclipse plug-in allows end users to connect to the search engine from model editors. We have currently indexed more than 50.000 models of different kind, including Ecore meta-models, BPMN diagrams and UML models.

Certifying Rule-Based Model Transformation Engines for Proof Preservation

Authors:Zheng Cheng, Massimo Tisi and Joachim Hotonnier

Executable engines for relational model-transformation languages evolve continuously because of language extension, performance improvement and bug fixes. While new versions generally change the engine semantics, end-users expect to get backward-compatibility guarantees, so that existing transformations do not need to be adapted at every engine update. The CoqTL model-transformation language allows users to define model transformations, theorems on their behavior and machine-checked proofs of these theorems in Coq. Backward-compatibility for CoqTL involves also the preservation of these proofs. However, proof preservation is challenging, as proofs are easily broken even by small refactorings of the code they verify. In this paper we present the solution we designed for the evolution of CoqTL, and by extension, of rule-based transformation engines. We provide a deep specification of the transformation engine, including a set of theorems that must hold against the engine implementation. Then, at each milestone in the engine development, we certify the new version of the engine against this specification, by providing proofs of the impacted theorems. The certification formally guarantees end-users that all the proofs they write using the provided theorems will be preserved through engine updates. We illustrate the structure of the deep specification theorems, we produce a machine-checked certification of three versions of CoqTL against it, and we show examples of user theorems that leverage this specification and are thus preserved through the updates.

An Exploratory Study on Performance Engineering in Model Transformations

Authors: Raffaela Groner, Luis Beaucamp, Matthias Tichy and Steffen Becker

Model-Driven Software Engineering (MDSE) is a widely used approach to deal with the increasing complexity in software. Model transformations are essential operations in MDSE. Due to the increasing complexity in software, corresponding input models and model transformations applied to them become larger and more complex as well. This means that the execution performance of model transformations is gaining in importance. While improving the performance of model transformation execution engines has been a focus of the MDSE-community in the past, there does not exist any empirical study on how developers of model transformation deal with performance issues. Consequently, we conducted an exploratory mixed method study consisting of a quantitative online survey and a qualitative interview study. We used a questionnaire to investigate whether the performance of a transformation is actually important for them and whether transformation engineers have already tried to improve the performance of a model transformation. Subsequently, we conducted semi-structured interviews based on the answers to the questionnaire to investigate how transformation engineers deal with performance issues, what causes and solutions they found and also what they think what could help them to easier find causes. The results of the quantitative online survey show that 43 of 81 participants have already tried to improve the performance of a transformation and 34 of the 81 are sometimes or only rarely satisfied with the execution performance. Based on the answers from our 13 interviews, we identified different strategies to prevent or find performance issues in model transformations as well as different types of causes of performance issues and solutions. Finally, we compiled a collection of additional tool features perceived helpful by the interviewees to address performance issues.

AC-ROS: Assurance Case Driven Adaptation for the Robot Operating System

Authors: Betty H.C. Cheng, Robert Clark, Jonathon Fleck, Michael Langford and Philip McKinley

Cyber-physical systems that implement self-adaptive behavior, such as autonomous robots, need to ensure that requirements remain satisfied across run-time adaptations. The Robot Operating System (ROS), a middleware infrastructure for robotic systems, is widely used in both research and industrial applications. However, ROS itself does not provide functionality to assure self-adaptive behavior. This paper introduces AC-ROS, which fills this gap by using assurance case models at run time to manage the self-adaptive operation of ROS-based software. Assurance cases provide structured arguments that a system satisfies requirements and can be specified graphically with Goal Structuring Notation (GSN) models. AC-ROS uses GSN models to instantiate and populate a ROS-based MAPE-K framework, which in turn uses these models at run time to assure system behavior adheres to requirements across adaptations. For this study, AC-ROS is implemented and tested on EvoRally, a 1:5-scale autonomous vehicle controlled by software based on ROS.

Automating the Early Detection of Security Design Flaws

Authors: Katja Tuma, Laurens Sion, Riccardo Scandariato and Koen Yskout

Security by design is a key principle for realizing secure software systems and it is advised to hunt for security flaws from the very early stages of software development. At design-time, security analysis is often performed manually by means of either threat modeling or expert-based design inspections. However, when leveraging the wide range of well-established knowledge bases on security design flaws (e.g., CWE, CAWE), these manual assessments become too time consuming, error-prone, and infeasible in the context of contemporary development practices which employ frequent iterations. This paper focuses on design inspection and explores the potential for automating the application of inspection rules to speed up the security analysis process. The contributions of this paper are: (i) the creation of a publicly available data set consisting of 26 design models annotated with security flaws, (ii) an automated approach for following inspection guidelines using model query patterns, and (iii) an empirical comparison of the results from this automated approach with those from manual inspection. Even though our results show that a complete automation of the security design flaw detection is hard to achieve, we find that some flaws (e.g., insecure data exposure) are more amenable to automation. Compared to manual analysis techniques, our results are encouraging and suggest that the automated technique could guide security analysts towards a more complete inspection of the software design, especially when analyzing large models.

Semantic Comparisons of Alloy Models

Authors: Jan Oliver Ringert and Syed Waqee Wali

Alloy is a textual modeling language for structures and behaviors of software designs. The Alloy Analyzer provides various analyses making it a popular light-weight formal methods tool. While Alloy models can be analyzed, explored, and tested there is little support for comparing different versions of Alloy models. We believe that these comparisons are crucial when trying to refactor, refine, or extend models. In this work we present an approach for the semantic comparisons of Alloy models. Our pair-wise comparisons include semantic model differencing and the checking of refactoring, refinement, and extension. We enable the semantic comparison of Alloy models by a translation of two versions into a single model that is able to simulate instances of either one or of both version. Semantic differencing and instance computation require only a single analyses of the combined model in the Alloy Analyzer. We implemented our work and evaluated it on over 600 Alloy models from different sources including version histories. Our evaluation examines the cost of semantic comparisons using the Alloy Analyzer.

An extensible framework for customizable model repair

Authors: Angela Barriga, Rogardt Heldal, Ludovico Iovino, Magnus Marthinsen and Adrian Rutle

In model-driven software engineering, models are used in all phases of the development process. These models may get broken due to various editions during the modeling process. There are a number of existing tools that reduce the burden of manually dealing with correctness issues in models, however, most of these tools do not prioritize customization to follow user requirements nor allow the extension of their components to adapt to different model types. In this paper, we present an extensible model repair framework which enable users to deal with different types of models and to add their own repair preferences to customize the results. The framework uses customizable learning algorithms to automatically find the best sequence of actions for repairing a broken model according to the user preferences. As an example, we customize the framework by including as a preference a model distance metric, which allows the user to choose a more or less conservative repair. Then, we evaluate how this preference extension affects the results of the repair by comparing different distance metric calculations. Our experiment proves that extending the framework makes it more precise and produces models with better quality characteristics.

A Scalable Querying Scheme for Memory-efficient Runtime Models with History

Authors: Lucas Sakizloglou, Sona Ghahremani, Matthias Barkowsky and Holger Giese

The increasing need for adaptability of software systems has blurred the boundary between development-time and runtime. Runtime models, as a snapshot of the system at runtime, provide a global view of the system at a desired level of abstraction. Moreover, models support further analysis and reasoning by employing model-driven engineering techniques at runtime. Although runtime models, model queries, and adaptation based on model changes have been the focus of extensive research, schemes that treat the evolution of the runtime model over time as a first-class citizen have only lately received attention. Consequently, there is a lack of sophisticated technology for such runtime models with history. We present an approach where the integration of temporal requirements into model queries enables the scalable querying of runtime models with history. Moreover, our approach provides for a memory-efficient storage of such models. By integrating these two elements into an adaptation loop, we enable efficient history-aware self-adaptation via runtime models. We present a tool prototype for our approach and evaluate the scalability of the approach regarding time and memory based on real data from the medical domain.

Automated Generation of Consistent Models with Structural and Attribute Constraints

Authors: Oszkár Semeráth, Aren Babikian, Anqi Li, Kristóf Marussy and Dániel Varró

Automatically synthesizing consistent models is a key prerequisite for many testing scenarios in autonomous driving or software tool validation where model-based systems engineering techniques are frequently used to ensure a designated coverage of critical cornercases. From a practical perspective, an inconsistent model is irrelevant as a test case (e.g. false positive), thus each synthetic model needs to simultaneously satisfy various structural and attribute well-formedness constraints. While different logic solvers or dedicated graph solvers have recently been developed, they fail to handle either structural or attribute constraints in a scalable way. In the current paper, we combine a structural graph solver that uses partial models with an SMT-solver to automatically derive models with which simultaneously fulfill structural and attribute constraints while key theoretical properties of model generation like completeness or diversity are still ensured. This necessitates a sophisticated bidirectional interaction between different solvers which carry out consistency checks, decision, unit propagation, concretization steps. We evaluate the scalability and diversity of our approach in the context of three complex case studies.

"Union is Power": Analyzing Families of Goal Models using Union Models

Authors: Sanaa Alwidian and Daniel Amyot

A goal model family is a set of related goal models that conform to the same metamodel, with commonalities and variabilities between models. Goal model families stem from the evolution of initial models into several versions over time and/or the variation of models over the space dimension (e.g., products). In contexts where there are several versions/variations of a goal model, analyzing a set of related models with typical similarities, one model at a time, often involves redundant computations and may require repeated user assistance (e.g., for interactive analysis) and laborious activities. This paper proposes the use of union models as first-class artifacts to analyze families of goal models, in order to improve performance of language-specific analysis procedures. The paper empirically evaluates the performance gain resulting from adapting (or lifting) an existing analysis technique specific to the Goal-oriented Requirement Language (GRL) on a family of GRL models, all at once using a union model, compared to analyzing individual models, one model at a time. Our experiments demonstrate, based on the use of the IBM CPLEX optimizer, the usefulness and performance gains of using union models to perform a computationally expensive analysis, namely quantitative backward propagation, on a family of GRL models.

mel - Model Extractor Language for Extracting Facts from Models

Authors: Robert Hackman, Joanne M. Atlee, Alistair Finn Hackett and Michael W. Godfrey

There is a large body of research on extracting models from code-related artifacts to enable model-based analyses of large software systems. However, engineers do not always have access to the entire code base of a system: some components may be procured from third-party suppliers based on a Model specification or their code may be generated automatically from Models. This paper introduces mel - a model extraction language and interpreter for extracting facts from Models represented in XMI; these facts can be combined with facts extracted from other system components to form a lightweight model of an entire software system. We provide preliminary evidence that mel is sufficient to specify fact extraction from Models that have very different XMI representations. We also show that it can be easier to use mel to create a fact extractor for a particular Model representation, than to develop a specialized fact extractor for the Model from scratch.

Interactive Metamodel/Model Co-Evolution: A Clustering-based Multi-Objective Approach

Authors: Wael Kessentini and Vahid Alizadeh

Metamodels evolve even more frequently than programming languages. This evolution process may result in a large number of instance models that are no longer conforming to the revised metamodel. On the one hand, the manual adaptation of models after the metamodels’ evolution can be tedious, error-prone, and timeconsuming. On the other hand, the automated co-evolution of metamodels/models is challenging, especially when new semantics is introduced to the metamodels. While some interactive techniques have been proposed, designers still need to explore a large number of possible revised models, which makes the interaction timeconsuming. In this paper, we propose an interactive multi-objective approach that dynamically adapts and interactively suggests edit operations to designers based on three objectives: minimizing the deviation with the initial model, the number of non-conformities with the revised metamodel and the number of changes. The proposed approach takes their feedback into consideration by clustering the set of recommended co-evolution solutions of the multi-objective search. Thus, users can quickly select their preferred cluster and give feedback on a smaller number of solutions by eliminating similar ones. This feedback is then used to guide the search for the next iterations if the user is still not satisfied.We evaluated our approach on a set of metamodel/model co-evolution case studies and compared it to existing fully automated and interactive co-evolution techniques.

Vision & New Ideas (subsection)

SceML - A Graphical Modeling Framework for Scenario-based Testing of Autonomous Vehicles

Authors: Barbara Schuett, Thilo Braun and Eric Sax

Ensuring the functional correctness and safety of autonomous vehicles is a major challenge for the automotive industry. However, exhaustive physical test drives are not feasible, as billions of driven kilometers would be required to obtain reliable results. Scenario-based testing is an approach to tackle this problem and reduce necessary test drives by replacing driven kilometers with simulations of relevant or interesting scenarios. These scenarios can be generated or extracted from recorded data with machine learning algorithms or created by experts. In this paper, we propose a novel graphical scenario modeling language. The graphical framework allows experts to create new scenarios or review ones designed by other experts or generated by machine learning algorithms. The scenario description is is modeled as a graph and based on behavior trees. It supports different abstraction levels of scenario description during software and test development. Additionally, the graph-based structure provides modularity and reusable sub-scenarios, an important use case in scenario modeling. A graphical visualization of the scenario enhances comprehensibility for different users. The presented approach eases the scenario creation process and increases the usage of scenarios within development and testing processes.

A Model-driven Alternative to Programming in Blocks using Rule-based Transformations

Authors: Huseyin Ergin, Wenjun Shi, Herart Dominggus Nurue and Jeff Gray

The recent surge in computer science (CS) education for children has led to the popularization of blocks-based programming languages (BBPLs), which offer a syntax-directed approach to teach fundamental programming concepts. Most BBPL environments are designed with imperative programming in mind. The primary building blocks represent the key constructs that support sequencing, iteration, and selection, all in an imperative style. Some BBPL environments support bi-directionality and can show the source code of the same program represented as either blocks or in a general-purpose textual language. There have been few alternatives to the imperative primitives used in these environments. In this Vision paper, we propose a paradigmatic change to the underlying and front-facing structures of BBPL environments by replacing them with Model-driven Engineering (MDE) primitives, such as declarative transformation rules and metamodels. We have implemented a prototype of our envisioned system in a modeling environment to show the feasibility of the approach, which we believe could be used by young children. The contribution of our vision is a demonstration of the potential for a new thread of research that lies at the intersection of modeling and CS education for children. We aim to spark an interest in MDE among CS education researchers, while encouraging the modeling community to consider how MDE might be taught to younger students.

Designing, Animating, and Verifying Partial UML Models

Authors: Frédéric Jouault, Valentin Besnard, Théo Le Calvar, Ciprian Teodorov, Matthias Brun and Jérôme Delatour

Models have been shown to be useful during virtually all stages of the software lifecycle. They can be reverse engineered from existing artifacts, or created as part of a system’s execution, but in many cases models are created by designers from informal specifications. In the latter case, such design models are typically used as means of communication between designers, and developers. They can also in some cases be validated by simulation over test cases, or even by formal verification. However, most existing model simulation or verification approaches require relatively consistent and complete models, whereas design models often start small, incomplete, and inconsistent. Moreover, few design models actually reach the stage where they can be simulated, and even fewer the stage where they can be formally verified. In order to address this issue, we propose a partial modeling approach that makes it possible to animate incomplete and inconsistent models. This approach makes it possible to incrementally improve testable models, and can also help designers reach the stage where their models can be formally verified. A proof-of-concept tool called AnimUML has been created in order to provide means to evaluate the approach on several examples. They are all executable, and some can even undergo model-checking.

Practice & Innovation Track (main section)

Is Automated Grading of Models Effective? Assessing Automated Grading of Class Diagrams

Authors: Weiyi Bian, Omar Alam and Jörg Kienzle

Learning how to model the structural properties of a problem domain or an object-oriented design in form of a class diagram is an essential learning task in many software engineering courses. Since the grading of models is a time-consuming activity, automated grading approaches have been developed to assist the instructor by speeding up the grading process, as well as ensuring consistency and fairness for large classrooms. This paper empirically evaluates the efficacy of one such automated grading approach when applied in two real world settings: a beginner undergraduate class of 103 students required to create a object-oriented design model, and an advanced undergraduate class of 89 students elaborating a domain model. The results of the experiment highlight a) the need to adapt the grading strategy and strictness to the level of the students and the grading style of the instructor, and b) the importance of considering multiple solution variants when grading. Modifications to the grading algorithm are proposed and validated experimentally.

Co-evolution of Simulink Models in a Model-Based Product Line

Authors: Robbert Jongeling, Antonio Cicchetti, Federico Ciccozzi and Jan Carlson

Co-evolution of metamodels and conforming models is a known challenge in model-driven engineering. A variation of co-evolution occurs in model-based software product line engineering, where it is needed to efficiently co-evolve various products together with the single common platform from which they are derived. In this paper, we aim to alleviate this currently manual co-evolution process in an industrial setting where Simulink models are partially reused across various products. We propose and implement an approach providing support for the co-evolution of reusable model fragments. A demonstration on a realistic example model shows that our approach yields a correct co-evolution result and is feasible in practice. Furthermore, we discuss insights from applying the approach within the studied industrial setting.

A model-based approach for developing event-driven architectures with AsyncAPI

Authors: Abel Gómez, Markel Iglesias-Urkia, Aitor Urbieta and Jordi Cabot

In this Internet of Things (IoT) era, our everyday objects have evolved into the so-called cyber-physical systems (CPS). The use and deployment of CPS has especially penetrated the industry, giving rise to the Industry 4.0 or Industrial IoT (IIoT). Typically, architectures in IIoT environments are distributed and asynchronous, communication being guided by events such as the publication of (and corresponding subscription to) messages. While these architectures have some clear advantages (such as scalability and flexibility), they also raise interoperability challenges among the agents in the network. Indeed, the knowledge about the message content and its categorization (topics) gets diluted, leading to consistency problems, potential losses of information and complex processing requirements on the subscriber side to try to understand the received messages. In this paper, we present our proposal relying on AsyncAPI to automate the design and implementation of these architectures using model-based techniques for the generation of (part of) event-driven infrastructures. We have implemented our proposal as an open-source tool freely available online.

Model-Based Automatic Fleet Deployment of Edge Computing Applications

Authors: Hui Song, Rustem Dautov, Nicolas Ferry, Arnor Solberg and Franck Fleurey

Edge computing extends distributed cloud computing capabilities and brings them in close proximity to end-users and IoT devices. Given the increasing number of distributed Edge devices with various contexts, as well as the widely adopted continuous delivery practices, software developers often need to maintain multiple application versions and assign them to devices with respect to their context. Doing this correctly and efficiently goes beyond the manual capabilities and requires employing an intelligent and scalable automated approach. Accordingly, this paper reports a joint research collaboration with a Smart Healthcare application provider, on a model-based approach to automatically assign multiple software deployments to hundreds of Edge gateways. From a Platform-Specific Model obtained from the existing Edge computing platform, we extract a Platform-Independent Model that describes the device list and the deployment pool. Next, we use constraint solving to automatically assign deployments to devices at once. The resulting solution is transformed back to the PSM as an input for the platform to proceed with software deployment accordingly. We validate the approach with a Fleet Deployment prototype integrated into the DevOps toolchain currently used by the company. Initial experiments demonstrate the viability of the approach and its usefulness in supporting DevOps in Edge computing application scenarios.

Leveraging Natural-language Requirements for Deriving Better Acceptance Criteria from Models

Authors: Alvaro Veizaga, Mauricio Alferez, Damiano Torre, Mehrdad Sabetzadeh, Lionel Briand and Elene Pitskhelauri

In many software and systems development projects, analysts specify requirements using a combination of modeling and natural language (NL). In such situations, systematic acceptance testing poses a challenge because defining the acceptance criteria (AC) to be met by the system under test has to account not only for the information in the (requirements) model but also that in the NL requirements. In other words, neither models nor NL requirements per se provide a complete picture of the information content relevant to AC. Our work in this paper is prompted by the observation that a reconciliation of the information content in NL requirements and models is necessary for obtaining precise AC. We perform such reconciliation by devising an approach that automatically extracts AC-related information from NL requirements and helps modelers enrich their model with the extracted information. An existing AC derivation technique is then applied to the model that has now been enriched by the information extracted from NL requirements. Using a real case study from the financial domain, we evaluate the usefulness of the AC-related model enrichments recommended by our approach. Our evaluation results are very promising: Over our case study system, a group of five domain experts found 89% of the recommended enrichments relevant to AC and yet absent from the original model (precision of 89%). Furthermore, the experts could not pinpoint any additional information in the NL requirements which was relevant to AC but which had not already been brought to their attention by our approach (recall of 100%).

From Text to Visual BPMN Process Models: Design and Evaluation

Authors: Ana Ivanchikj, Souhaila Serbout and Cesare Pautasso

Most existing Business Process Model and Notation (BPMN) editing tools are graphical, and as such based on explicit modeling, requiring good knowledge of the notation and its semantics, as well as the ability to analyze and abstract business requirements and capture them by correctly using the notation. As a consequence, their use can be cumbersome for live modeling during interviews and design workshops, where participants should not only provide input but also give feedback on how it has been represented in a model. To overcome this, in this paper we present the design and evaluation of BPMN Sketch Miner, a tool which combines notes taking in constrained natural language with process mining to automatically produce BPMN diagrams in real time as interview participants describe them with stories. In this work we discuss the design decisions regarding the trade-off between using mining vs. modelling in order to: 1) support a larger number of BPMN constructs in the textual language; 2) target both BPMN beginners and business analysts, in addition to the process participants themselves. The evaluation of the new version of the tool in terms of how it balances the expressiveness and learnability of its DSL with the usability of the text-to-visual sketching environment shows encouraging results. Namely while BPMN beginners could model a non-trivial process with the tool in a relatively short time and with good accuracy, business analysts appreciated the usability of the tool and the expressiveness of the language in terms of supported BPMN constructs.

Automating Test Schedule Generation with Domain-Specific Languages: A Configurable, Model-Driven Approach

Authors: Anthony Anjorin, Nils Weidmann, Robin Oppermann, Lars Fritsche and Andy Schürr

Solving scheduling problems is important for a wide range of application domains including home care in the health care domain, allocation engineering in the automotive domain, and virtual network embedding in the network virtualisation domain. Standard solution approaches assume that an initially given problem definition (e.g. a set of constraints and an objective function) can be fixed, and does not have to be constantly changed and validated by domain experts. In this paper, we investigate an application where this is not the case: at dSPACE GmbH, a developer of software and hardware for mechatronic control systems, recurring manual tests must be executed in every development and release cycle. To allocate human resources (developers and testers) to perform these tests, a test schedule must be created and maintained during the testing process. Prior to our work, test scheduling at dSPACE was performed manually by a test manager, requiring more than one working day to create the initial schedule, and several hours of tedious, error-prone work every week to maintain the schedule. The novel challenge here is that an acceptable automation must be highly configurable by the test manager (the domain expert), who should be able to easily adapt and validate the problem definition on a regular basis. We demonstrate that techniques and results from consistency maintenance via triple graph grammars, and constraint solving via linear programming can be synergetically combined to yield a highly configurable and fully automated approach to test schedule generation. We evaluate our solution at dSPACE and show that it not only reduces the effort required to create and maintain schedules of acceptable quality, but that it can also be understood, configured, and validated by the test manager.

A Parametric Model For Creating Customized Fabrication Machines

Authors: Frikk Fossdal, Rogardt Heldal, Jens Dyvik and Adrian Rutle

Digital fabrication tools such as 3D printers, computer-numerically controlled (CNC) milling machines, and laser cutters are becoming increasingly available, ranging from consumer to industrial versions. Although these tools have enabled a completely new crowd to take part in manufacturing, they are still limited in their use and the workflows they provide. As an answer to this, users are modifying and customizing their machines by changing the work envelope and adding different end-effectors. However, customizing, modifying and creating digital fabrication machines require extensive knowledge within multiple different engineering domains, and is non-trivial. In this paper, we present \textit{The Fabricatable Axis}, a high-level parametric model that aims to simplify the process of experimenting, customizing and implementing digital fabrication machines. This model encapsulates the knowledge of an experienced machine designer into a model that less experienced machine builders can use to design and customize linear and rotary motion axes which can be combined into different machines. The model receives high-level input parameters such as axis type, length and speed-parameters, and outputs a CAD model of a motion axis consisting of \textit{fabricatable} parts (parts that are readily available or parts that can be fabricated using accessible tools such as a CNC milling machines). To validate our contribution, we first present a constructed scenario were we use the model to implement a specific machine. Secondly, we present an evaluation of our tool through a series of interviews with users who have been using the model to create different types of machines.

Supporting Robotic Software Migration Using Static Analysis and Model-Driven Engineering

Authors: Sophie Wood, Nicholas Matragkas, Dimitris Kolovos, Richard Paige and Simos Gerasimou

The wide use of robotic systems in several application domains contributed to developing robotic software highly coupled to the hardware platform running the robotic system. Due to increased maintenance cost, lack of tacit knowledge or changing business priorities, the robotic hardware is infrequently upgraded, thus increasing the risk the robotic system to fall into technology stagnation. Reducing this risk entails migrating the system and its software to a new hardware platform. Conventional software engineering practices such as complete re-development and code-based migration, albeit useful in supporting the resolution of these obsolescence issues, they are time-consuming, error-prone and overly expensive. Our RoboSMi model-driven approach supports the migration of the software controlling a robotic system between hardware platforms. First, RoboSMi executes static analysis on the robotic software of the source hardware platform to identify platform-dependent and platform-agnostic software constructs. By analysing a model that expresses the architecture of robotic components on the target platform, RoboSMi establishes the hardware configuration of those components and suggests software libraries for each component whose execution will enable the robotic software to control the components. Finally, RoboSMi through code-generation produces software for the target platform and indicates areas that require manual intervention by robotic engineers to complete the migration. We evaluate the applicability of RoboSMi and analyse the level of automation and performance provided from its use by migrating two robotic systems deployed for an environmental monitoring and a line following mission from a Propeller Activity Board to an Arduino Uno.

Questions? Use the MODELS Technical Track contact form.