Model transformation, in a simple definition, is a program that accepts a model as input and generates another model as output. Model transformations are the cornerstone of model-driven engineering (MDE), hence testing them and ensuring the correctness of their implementation is a critical task. A challenging aspect of testing model transformations is to generate test models that both conform to their meta-model and satisfy the defined constraints. There exist several solutions for generating test models. Epsilon Model Generation (EMG) is a language for generating appropriate test models. EMG uses random operations for producing test models, hence it is possible that some tests have the same structure and the same value, i.e., they are redundant. In this paper, we propose an approach for generating appropriate test models, i.e., test models which are valuable from the tester's point of view. In this approach, the tester specifies the number of model elements that should be generated in the test model, as well as how they are linked. Our approach is based on the idea of enriching the EMG language with equivalence partitioning technique. The idea of partitioning is that testing a member in an equivalence class is as good as testing the whole class. We have evaluated the proposed method via a case study. The results show the superiority of the proposed approach over EMG.
Due to the increasing occurrence of unexpected events and the need for pre-crisis planning to reduce risks and losses, modeling emergency response environments (ERE) is needed more than ever. Modeling may lead to more careful planning for crisis-response operations, such as team formation, task assignment, and doing the task by teams. ERE-ML is a model-driven framework which allows a crisis manager to model an ERE, and to automatically generate the executable code of a multi-agent system (MAS) for that environment. However, the application generated by ERE-ML lacks the capability of supporting interactions among the agents and the organizations involved in the crisis management. In this paper, we propose ERE-ML 2.0 as an upgrade of the previous framework. The ERE-ML 2.0 framework supports the interactions by adding new features to the ERE-ML language, modifying the transformation code, and extending the platform. To evaluate the upgraded framework, the Plasco Tower Collapse incident is modeled, and then the model is transformed into the executable code of a MAS to visualize the run-time scenarios.
VAnDroid: A framework for vulnerability analysis of Android applications using a model‐driven reverse engineering technique
Android is extensively used worldwide by mobile application developers. Android provides applications with a message passing system to communicate within and between them. Due to the risks associated with this system, it is vital to detect its unsafe operations and potential vulnerabilities. To achieve this goal, a new framework, called VAnDroid, based on Model Driven Reverse Engineering (MDRE), is presented that identifies security risks and vulnerabilities related to the Android application communication model. In the proposed framework, some security‐related information included in an Android app is automatically extracted and represented as a domain‐specific model. Then, it is used for analyzing security configurations and identifying vulnerabilities in the corresponding application. The proposed framework is implemented as an Eclipse‐based tool, which automatically identifies the Intent Spoofing and Unauthorized Intent Receipt as two attacks related to the Android application communication model. To evaluate the tool, it has been applied to several real‐world Android applications, including 20 apps from Google Play and 110 apps from the F‐Droid repository. VAnDroid is also compared with several existing analysis tools, and it is shown that it has a number of key advantages over those tools specifically regarding its high correctness, scalability, and usability in discovering vulnerabilities. The results well indicate the effectiveness and capacity of the VAnDroid as a promising approach in the field of Android security.