Ubiquitous computing poses a number of challenges for software architecture.

Increasingly systems are composed of parts: software components, and the interaction mechanisms (connectors) that enable them to communicate. When assembling sys-tems from independently developed and potentially mis-matched parts, wrappers may be used to overcome mis-match as well as to remedy extra-functional de£ciencies. Unfortunately the current practice of wrapper creation and use is ad hoc, resulting in artifacts that are often hard to reuse or compose, and whose impact is dif£cult to analyze. What is needed is a more principled basis for creating, un-derstanding, and applying wrappers. Focusing on the class of connector wrappers (wrappers that address issues related to communication and compatibility), we present a means of characterizing connector wrappers as protocol transforma-tions, modularizing them, and reasoning about their prop-erties. Examples are drawn from commonly practiced de-pendability enhancing techniques. 1.

Some "non-' or "extra-functional" features, such as reliability, security, and tracing, defy modularization mechanisms in programming languages. This makes such features hard to design, implement, and maintain. Implementing such features within a single platform, using a single language, is hard enough. With distributed, heterogeneous (DH) systems, these features induce complex implementations which cross-cut different languages, OSs, and hardware platforms, while still needing to share data and events. Worse still, the precise requirements for such features are often locality-dependent and discovered late (e.g., security policies). The DADO approach helps program cross-cutting features by improving middleware. A DADO service comprises pairs of adaplets which are explicitly modeled in IDL. Adaplets may be implemented in any language compatible with the target application, and attached to stubs and skeletons of application objects in a variety of ways. DADO supports flexible and type-checked interactions (using generated stubs and skeletons) between adaplets and between adaplets and objects. Adaplets can be attached at run-time to an application object. We describe the approach and illustrate its use for several cross-cutting features, including performance monitoring, caching, and security. We also discuss software engineering process, as well as run-time performance implications.

Abstract: Software architectures provide high-level abstractions for representing the structure, behavior, and key properties of software systems. Various architecture description languages, styles, tools, and technologies have emerged over the past decade. At the same time, there has been comparatively little focus on techniques and technologies for transforming architectural models into running systems. This often results in significant differences between conceptual and concrete architectures, rendering system evolution and maintenance difficult. Furthermore, it calls into question the ability of developers to consistently transfer the key architectural properties into system implementations. One solution to this problem is to employ architectural frameworks. Architectural frameworks provide support for implementing, deploying, executing, and evolving software architectures. This paper describes the design of and our experience with a family of architectural frameworks that support implementation of systems in a specific architectural style-C2. To date, the C2 frameworks have been used in the development of over 100 applications by several academic and industrial organizations. The paper discusses the issues we have encountered in implementing and using the frameworks, as well as the approaches adopted to resolve these issues.

Security is a very important concern for software architecture and software components. Previous modeling approaches provide insufficient support for an in-depth treatment of security. This paper argues for a more comprehensive treatment based on software connectors. Connectors provide a suitable vehicle to model, capture, and enforce security. Our approach models security principal, privilege, trust, and context of architectural constituents. Extending our existing architecture description language and support tools, our approach can facilitate describing the security characteristics of an architecture generating enabling infrastructure, and monitoring run-time conformance. Initial results of applying this approach are illustrated through a case study. The contribution of this research is a deeper and more comprehensive treatment of architectural security through software connectors.

We develop a notion of higher-order connector towards supporting the systematic construction of architectural connectors for software design. A higherorder connector takes connectors as parameters and allows for services such as security protocols and fault-tolerance mechanisms to be superposed over the interactions that are handled by the connectors passed as actual arguments. The notion is first illustrated over a Unity-like parallel program design language that we have been using for formalising aspects of architectural design. A formal, algebraic semantics is then presented which is independent of any Architectural Description Language. Finally, we show how higher-order connectors can be composed. 1

CWI is a founding member of ERCIM, the European Research Consortium for Informatics and Mathematics. CWI's research has a theme-oriented structure and is grouped into four clusters. Listed below are the names of the clusters and in parentheses their acronyms.

Security is becoming a more and more important concern for software architecture and software components. Previous modeling approaches provide insufficient support for an indepth treatment of security. This paper argues for a more comprehensive treatment of an important security aspect, access control, at the architecture level. Our approach models security subject, resource, privilege, safeguard, and policy of architectural constituents. The modeling language, Secure xADL, is based on our existing modular and extensible architecture description language. Our modeling is centered around software connectors that provides a suitable vehicle to model, capture, and enforce access control. Combined with security contracts of components, connectors facilitate describing the security characteristics of software architecture, generating enabling infrastructure, and monitoring run-time conformance. This paper presents the design of the language and initial results of applying this approach. This research contributes to deeper and more comprehensive modeling of architectural security, and facilitates detecting architectural vulnerabilities and assuring correct access control at an early design stage.

With the advances in middleware and Web services technologies, network services are evolving from simple clientserver applications to self-configuring services that can compose primitive components distributed in the Internet into a value-added service configuration that provides rich functionalities to users. A resulting research problem is how to continuously adapt such composite service configurations at run time in order to cope with the increasingly dynamic and heterogeneous network environments and computing platforms. In this paper, we propose a selfadaptation architecture that allows service developers to specify their service-specific adaptation knowledge as "externalized " adaptation strategies. These adaptation strategies are used by a general, shared adaptation framework to perform run-time adaptation operations that automatically incorporate service-specific knowledge. In addition to the strategies, we also identify another aspect of adaptation knowledge that is not addressed by previous solutions: adaptation coordination. Our framework provides integrated support for the specification and execution of both aspects of developers' adaptation knowledge.

To my father John, who passed before he was able to see me finish this long journey. To Chica, our favorite pup who is now roaming the heavens. And most of all, to my beautiful, patient, caring wife Lisa, my best friend, whose personal sacrifice over the past five years will never be forgotten. ii Acknowledgments There are many people to thank, so I’ll jump right to it. I am especially indebted to my advisor, Dr. Nenad Medvidovic. His guidance and tutelage has empowered me to enjoy writing, to strive for excellence and scholarly merit, and to always work hard. Neno was always was willing to stay up late into the night with me working on papers and proposals. This type of effort from an advisor was infinitely inspiring. Not only do I appreciate his guidance, but I have grown quite fond of Neno outside of the work arena. I am sure we’ll spend time watching USC football in the years to come and I look forward to maintaining our friendship. Thanks, Neno! I am grateful to the members of my dissertation committee. To Dr. Horowitz and Dr. Boehm and Dr. Gupta, I appreciate your willingness to understand my research, and to help me revise my thesis. Its quality was no doubt greatly improved by your suggestions and feedback. I’ve had the pleasure of working with numerous world-class researchers during my time at USC and I’m glad to call them my friends. Thanks to the members of