Bad Experience with Afian File Manager

I recently installed the Afian File Manager for a customer.  All they needed was a simple way for safely sharing large files with customers.  There are plenty of web file managers available (free and commercial), but surprisingly few support uploads beyond what the web server allows.  Afian was one of them.

Turns out they realized the big file upload with a Java Applet that chops the file into small chunks that are sent one by one and then reassembled by a PHP-Script on the back end.  So far so good.  It worked in their life demo, but it didn’t work on our server.  The difference?  We used SSL.  I didn’t consider this an issue, as the Q&A page stated:

"Does it work with SSL?
Yes, you can use it with SSL, and there’s no configuration involved. It’s just a matter of running Afian under a https (secure http) address. Our personal opinion is that this method would be a bit excessive. But we all know that it puts people at ease about security…"

When I contacted tech support, they told me that the Applet-Upload doesn’t work with SSL.  What the… didn’t I just read something else?  So I revisited their Q&A page, which now read:

"Does it work with SSL?
Yes, you can use it with SSL, and there’s no configuration involved. It’s just a matter of running Afian under a https (secure http) address. The drag&drop upload method however, will still be using HTTP."

In fact, they changed  this within minutes of my support question regarding SSL. But fortunately, the Google Cache still held the original text.

Afian has a strict refund policy (something that actually made me nervous before the purchase).  But I thought okay, let’s give them the benefit of a doubt.  So I requested a refund without mentioning the Google cache page.  Had they just refunded the money, then I wouldn’t have written this blog entry.  Instead I got this:

"Please review the agreed refund policy:
We did not claim that the drag&drop upload feature works over HTTPS."

After I pointed out that the feature was offered at the time of purchase (proving it with the Google Cache link), they withdrew and issued the refund.

But this left a sour aftertaste, that is just no way to treat customers.  They are free to do business as they see fit – even though changing the web site for not having to issue a refund is borderline, to say the least.  But ultimately they are hurting themselves.  With a little more generosity, they may trigger positive blog entries.  And let’s face it, with a product like this, positive reviews are by far the best marketing – and bad reviews are poison.

Running Rodin 1.1 with Ubuntu 9.10

I had a few issues getting Rodin 1.1 to work properly after Updating Ubuntu to 9.10.  The main issue is the HTML-Viewer that Eclipse uses.  It wraps Firefox/xulrunner in an SWT-Control.  Unfortunately, Firefox 3.5 (xulrunner 1.9.1) is incompatible with Eclipse 3.4, on which Rodin is based.

To work around this problem, you need to install xulrunner 1.9.0.  I installed it locally at ~/opt/xulrunner-

Next, you need to edit your rodin.ini (in the Rodin installation directory) and add the following line:


That’s it!  This also works for running Eclipse 3.4 (in that case, you have to edit eclipse.ini).

Good luck!

Building a GWT app that is an Eclipse Plug-In

For my own reference:

  • Create a new GWT-Project
  • Give it a standard Plug-In name (e.g. de.jastram.gwtexample)
  • Give the Project the Plug-In Nature (Right-click on Project > Configure > Convert to Plug-in Projects…)
  • Add Dependency to de.jastram.jettyrunner
  • Add Extension de.jastram.jettyrunner.warrunner
  • Add a war-element
  • That’s it – don’t forget to compile.

Using Map Requirements Modelling with the B-Method

A colleague recommended a paper by Babar, Tosic and Potter, entitled "Aligning the Map Requirements Modelling with the B-method for Formal Software Development."  There is certainly some overlap with my research, and it’s interesting for me to see Problem Frames being integrated in the approach presented as well.

To be honest, I was a little disapointed.  The most crucial part of the method is how to get from the requirements to the formal model.  This is described in Sec. 3, but in such an informal manner that I don’t see that much value.  It shows that the methods are compatible, but little beyond that.  I guess that’s what the authors mean by "aligning" the methods.

Independent Verification and Validation of Software pays of (big time!)

Just finished a paper Evaluating the effectiveness of independent verification andvalidation by Arthur  What the authors state is not that surprising: independent verification and validation (V&V) efforts result in significantly better results than V&V done by the same team.  This paper is interesting for a number of reasons:

  • The result stem from a controlled study of two identical projects, one realized with "normal" V&V (done by the team), the other using independent V&V
  • The independent V&V group detected significantly more critical faults (97 vs. 58).  Why? The authors conclude that a new class of faults was identified by the IV&V group: "The IV&V team from Group 1 identified an additional class of critical faults not found by Group 2. More specifically, a substantial number of the critical faults reported by Group 1 stem from the detection and recording of ambiguous or unclear statements in the requirement specifications and design documents. (…) Group 1 reported 40 such faults. (…) Group 2 reported only one such fault."
  • Even though both projects were completed and considered a success, things during acceptance testing looked different.  An independent acceptance test suite consisting of 36 tests was provided.  The non-independent V&V group’s software passed only 11 tests, while the independent V&V group’s software passed 33.

Analyzing Natural Language Requirements – automatically?

QuARS is a tool for analyzing Natural Language Requirements – although it would be an exaggeration to call it "automatic".  The tool performs a morphological and syntactical analysis on plain text requirements and attempts to measure vagueness, subjectivity, weakness, and a few more.

Natural Language Requirements (NLRs) won’t go away any time soon – that’s why this kind of research makes a lot of sense.  But it’s unbelievable tricky to work with NLRs in an automated way.  There are three main approaches to deal with the richness of natural languge:

Restrictive: constrain the form of the NLRs, e.g. using templates.  Very convenient for the Requiremens Engineer, but not that nice for the stakeholder.

Inductive: This is mainly theory about writing styles, without going into detail on how to do things better.

Analytic: In this approach, we accept the NLRs, but provide feedback for fixing them.  These have the hightest chance of adaption, because they are the least invasive.  This is also the route of QuARS: Analyze the requirements and provide some feedback on how to improve them.

The biggest catch (in my opinion) is that many analyses require well-maintained dictionaries to be effective.  I wanted to try the tool out, but they didn’t provide a download link (or information about a commercial version, for that matter).  I wrote them an email, if I get an answer, I’ll update here.

Fluents: Events or Ticks?

Imagine you have a system that can have a number of states, and "events" for state transitions.  Fluents are then the constructs that help to reason about state transitions.

Here is an example inspired by [Queins et. al. 2000] that got picked up by [Letier 2005]: Assume that you have the task of building a light controller.  By pushing a button, light is turned out and will switch off after some time.  pushing the button when the light is on will reset the timer.

In this example, we may have the state variables light ∈ {on, off} and timer ∈ {0..n}.  For now, the timer simply counts ticks.  To set these state variables, we may have the events "pushButton", "switchOn", "switchOff", and "tick".

A Fluent is a proposition defined by a pair of sets of events.  Events from the first set the fluent to true, the second to false, e.g.:

fluent LightOn = <switchOn, switchOff>

We can use the Fluent in  temporal logic (e.g. LTL):

â—» (pushButton X LightOn)

The box means "always", and X means "next". So the above means "When pushing the button, next the fluent LightOn must be true".

Quite a bit is fishy here.  For instance, what exactly does "next" mean?  This is where Letier’s contribution comes from: it could be the next event (which he calls asynchronous) or the next tick (which he calls synchronous).  Also check out how restrictive the statement is in the asqnchronous case: It is not allowed to insert any events after pushButton, which would make refinement through stuttering impossible.

Aspects in Requirements Engineering

After Aspect Oriented Programming (AOP) became popular, people started to think about Aspect Oriented Requirements Engineering (AORE).  Kaindl published a neat article trying to figure out what exactly was meant by that. Amongst other things, he points out that there is confusion about whether "Aspect" is meant as a synonym for crosscutting concern or a solution to it (in his opinion, the first doesn’t make much sense, and I agree; even the secion he doesn’t like to much, but the term is established, and we’re stuck with it now).

So Aspects solve cross-cutting concerns; in Software Development, typicall cross-cutting concerns are authorization, authentication, transaction management and more.  Aspects provide a means to modularize these concerns.

Kaindl points out that almost always there is the hidden assumption that crosscutting concerns in software are the same as crosscutting concerns in requirements – but there is no foundation for that assumption!  In fact, I would consider this a dangerous assumption.

So where does that leave us? Kaindl’s point is that we should avoid falling into the trap that cross-cutting concerns in requirements are not necessarily the same as in software.  But what are the cross-cutting concerns in requirements?  That’s a question that needs more research, but I am sure that it depends on the representation of the requirements, amongst other things.  In a plain text specification, every entity (noun) or every action (verb) could be considered a cross-cutting concern.  Consider a specification for a simple traffic light.  Many requirements may refer to the same,  traffic light in the specification.  In the specification, the traffic light is a crosscutting concern.  But not in the implementation – there, the traffic light may be one neatly capsuled object.  Other representations don’t have this problem.  KAOS, for instance, explicitly models objects.

Food for thought.

The Hunt for Gollum

This weekend an amazing film got released: The Hunt for Gollum, a side plot from the Lord of the Rings.  Watch it for free online.  This movie shows how the whole can be so much more than the sum of the parts, and that the Internet is an amazing enabler.  Enjoy.