The problem area addressed in this thesis is searching approaches to developing reverse engineering metrics. The purpose of this is to provide a systematic understanding of the development of software metrics for reverse engineering so as to support reverse engineering projects and to meet the great demand of reverse engineering.

Software metrics are critical to all software development and software re-engineering is no exception. Nowadays, there is a huge number of legacy systems awaiting re-engineering, which is a combination of reverse engineering and forward engineering. Software metrics for forward engineering can be thought of as a relatively ``developed'' area in software metrics. But there is a lack of systematic research into and development of useful software metrics for reverse engineering. There is a great need for developing software metrics to support re-engineering, reverse engineering activities in particular.

An approach to developing software metrics for reverse engineering is proposed in this thesis. At the heart of the work is the development of a new classification of software metrics for reverse engineering, which includes complexity measures, abstractness measures, object orientedness measures, economics measures and reusability measures. Complexity measures are used to indicate how complex the reverse engineering of a piece of existing code is; Abstractness measures indicate at what level of abstraction the existing code is and whether the code is abstract enough to understand; Object orientedness measures indicate how object oriented the code is for those re-engineers who are hoping not only to reverse engineer their object oriented legacy systems, but also reverse engineer their huge number of conventional procedural systems into object-oriented systems; Economics (cost estimation) measures indicate the cost of reverse engineering the existing code; and Reusability measures indicate to what extent the reverse engineered existing code can be reused. Based on these classifications, measures for reverse engineering have been adapted and developed.

The experimental environment for developing reverse engineering metrics in his research is a re-engineering tool, Re-engineering Assistant (RA). Under this environment, a metric tool, the Metric Facility of the Re-engineering Assistant, was used to implement the five categories of measures. Meanwhile, the metric tool has been developed during implementing those five categories of measures.

The major contribution of the thesis is the presentation of a systematic research base and a hierarchical approach to the development of software metrics for reverse engineering. Also, a metric tool has been developed not only to implement measures for reverse engineering but also to support re-engineering activities practically.

The importance and popularity of software re-engineering increase as more and more successful computing systems become legacy systems. However, one prominent problem hinders software engineers from effective and efficient re-engineering of legacy systems, that is, the difficulty of comprehension of the original system.

This difficulty is due to constant system evolution and incomplete or obsolete documents which legacy systems tend to have. It is proved that the most or only reliable information on a legacy system is source code itself. However, source code is difficult to understand, especially when in a large amount. Since program design or specification is at a higher abstraction level, which is more concise and easier to understand, successful extraction of semantics-oriented specification from legacy source code will facilitate the comprehension and therefore re-engineering of legacy systems greatly.

The thesis first proposes a unified approach for software re-engineering based on the characteristics of legacy systems. The approach is based on the construction of a wide spectrum language, known as RWSL, which enjoys a sound formal semantics. The architecture and working flow of the approach are proposed, and the structure of RWSL is defined to provide a spectrum of abstractions of the re-engineered system, from source code to specification.

Based on this framework, the thesis then focuses on engaging abstraction technology to extract formal specification from legacy source code. A taxonomy of abstraction is developed to identify diverse kinds of abstractions. Monotonicity and relations between these abstractions are formally described. For practical reverse engineering, a set of abstraction rules are developed to solve how to conduct abstraction. All these rules are formally defined and proved sound. Healthiness obligations are developed as axioms to guarantee correct and sensible abstraction during reverse engineering.

A formal notation is adopted widely to provide a solid unambiguous semantic foundation of the proposed approach. The extracted specification is set to be formal to give the re-engineered systems a rigorous description. An automatic tool would benefit from the use of formalism. Due to its distinct advantage for both time critical and non-time systems, Interval Temporal Logic (ITL) is adopted to be the specification layer of RWSL, and to define formal semantics of other layers of RWSL. Furthermore, the abstraction taxonomy and rules, monotonicity and relations between abstractions, and healthiness obligations are all formally defined and proved sound (if applicable) within ITL.

The proposed approach aims at time critical systems with parallelism as well as sequential non-time systems. This is a particular challenging research area because within such a system the functional behaviour and non-functional timing requirement are combined, implicit and can be very difficult to recover.

A prototype tool is developed for three purposes: to test the approach, to speed and to scale up re-engineering based on the proposed approach. A number of case studies are used for experiments with the approach and the prototype tool.

Conclusion is drawn based on analysis, which shows that the proposed approach is feasible and promising in its domain. Further research directions are also discussed.

Real-time systems are hard to model as their correctness depends on satisfying not only functional requirements, as in most information processing systems, but also on non-functional requirements, such as timing, limited resources and dependability.

Traditional real-time system development has been a somewhat ad-hoc affair. A system is designed from an informal requirement specification as a number of tasks with associated deadlines, execution periods, and resource requirements. The worst-case execution time is calculated for those tasks, and a resource allocation and schedule is computed which guarantees deadlines. Worst-case execution time, allocation, and scheduling are all complex procedures and research is still active in these areas; in the two latter cases the problems are known to be NP-complete. Correctness of systems developed in this way can only be performed by testing and detailed code inspection. However, when the consequence of system failure is catastrophic such as loss of life and/or damage to the environment, testing and code inspection can not alone be relied upon.

Therefore, there is clearly scope for formalising some of the development process, particularly in the area of requirements specification and design. For this purpose, a large number of formalisms have been developed.

However, we have shown that there are a significant number of limitations with existing real-time development formalisms. Most important of these is the lack of method or guidance on how to use a formalism for both specification writing and proving correctness. In addition, it is not clear how such formalisms can cope in the development of large scale real-time systems.

In real-time systems development we would benefit from a method which assists in the derivation of concrete designs from informal requirements specifications through a `temporal' refinement notion.

A number of refinement calculi already exist for real-time systems, but they are either incomplete or use an unrealistic computational model. In this thesis we have developed a refinement calculus together with a development method that manage to solve these problems. In particular, our refinement calculus will derive concrete concurrent systems suitable for OO programs. Hence the development technique is suitable for large scale systems.

Legacy systems are increasingly acknowledged as major problems for most large corporations. Re-engineering is probably the best way to solve the problems.

A typical component-based re-engineering process is: to use reverse engineering methodology to extract components form the existing system, and to use a repository to store and manage the components, to restructure the old system, and to integrate the new system with reuseable generic components and new-produced components by forward engineering.

The problem to be studied is an efficient and feasible way to extract components from legacy systems. In our approach software components are mined from legacy systems, and made potentially reusable. New systems can be developed by integration of both mined and newly built components.

In this thesis, a component is explicitly defined; a practical method is proposed; a detailed algorithm is described and case studies are carried out.

This work has been directed at the problem of developing practical means of supporting those involved in a problem situation in designing their own information systems.

The research is underpinned by an interpretive stance and assumes that information systems are created to support purposeful action in continuously socially constructed organizational settings. It is argued that the initial phase of information system design necessitates undertaking sense making to create a shared appreciation of the situation amongst those involved. One of the main difficulties of designing technology-based information systems is that the methods and techniques that have been employed to marshal knowledge into a suitable format to facilitate software design.

The work offers the notion of navigating an inquiry process from a focus on creating ideas for purposeful action, to creating a logical specification for a technology based information system. To facilitate this shift in focus, some explicit intellectual devises, or navigational devices, are offered, to structure and support further debate. These Navigational devices enable those involved in the situation of concern, the clients, to conceptualise how purposeful action might unfold in the real world, so that some idea's for a serving system can be considered.

Previous work addressing this problem area has been criticised for failing to provide a coherent movement from any ideas for purposeful action, to a logical specification for a supporting technology-based information system. By regarding the process of client led information system design as a collaborative sense making effort, the design process can be regarded as a learning system, or an appreciative system in Vickers' sense. By employing the same principles of inquiry throughout the design process and by using devices that maintain a similar view of any potential action, it is argued that a sense of coherence can be maintained and this is supported by experiences from practice.

This thesis will give an introduction to specification methods for real-time safety-critical systems including formal methods. While formal methods offer various benefits for developing systems and software by virtue of their precise semantics, their uptake by a wider spectrum of users, including system and software engineers, is hampered by various drawbacks. The mathematical notations of formalisms form the main stumbling block in their comprehension and hence lead to associated accessibility problems. Visual languages are excellent candidates as a means to overcome this problem. However, most visual languages lack a well-defined formal semantics. Hence, the creation of a visual development suite supporting refinement and abstraction based on a well-defined formalism has been attempted. The Interval Temporal Logic (ITL) formalism is described in detail as it forms the basis for our development method. A study was conducted to see how visualisation helps in various domains in fostering increased accessibility of information, language and technology. Identifying a design rationale, a simple, intuitive and readable visual language, called VisITL with a well-defined formal semantics was designed. A supporting visual framework of refinement and abstraction rules was also devised. Examples are given depicting the application of these rules to VisITL specifications. Case studies undertaken to illustrate the use of this visual framework are described. The VisITL tool demonstrates the realisability of this approach. Comparisons to related work are made and suggestions are given for future efforts in this area.

This study examines the adoption and dissemination of software patterns amongst individuals and into organizations. Patterns and pattern languages are a new contribution to the area of software reuse and are becoming the tool of a growing community that is attempting to capture best practices in the software development industry. This study traces the roots of the patterns philosophy from the work of C. Alexander in the architectural built environment to the present, conflicting views of patterns in the software industry. It then presents a critical assessment of patterns in terms of a structure for documenting knowledge, a process for using that knowledge, and a community that is involved in the effort. The research is prompted by the scarcity of resources for individuals who wish to introduce patterns into their organizations, and the almost complete lack of theory concerning patterns use. It is therefore an exploratory study for the purpose of building theory in this relatively unexplored area. The study borrows from diffusion of innovation (DOI) theory to build a theoretical framework proposing fifteen factors that are likely to influence individual use of patterns, and then utilizes three research operations, providing both quantitative and qualitative data, to examine and explain these factors. Findings show that ten of the fifteen proposed factors appear to have a direct influence on use, while four more are added as an indirect influence. Analysis of the findings offers guidelines for industry practitioners who wish to encourage pattern use in organizations and for researchers who wish to use this study as a foundation for ongoing research.

This thesis reports the work done in a three-year research project entitled "System Re-engineering using Artificial Intelligence (AI)" carried out by the author at De Montfort University and British Telecommunication plc in the U.K.

The main theme of this thesis is to find a way to automatically recover domain knowledge from legacy software code, which is a key step towards program understanding and system re-engineering. After a brief introduction of major issues covered by this thesis, the state of the art of the area coined by the author as "information elicitation from software code", in particular, the kinds of information that can be elicited from source code and their corresponding technical solutions are presented.

Based on this, it is found that existing research work on the area of information elicitation from source code is mainly capable of extracting information up to structural or algorithmic level from source code. For the few research work on assigning human concept to source code, heavy-weight techniques are often used to automate the process. As a result, these methods are not capable of dealing with large-scale program understanding tasks in the real world efficiently. To address this issue, a new solution is proposed to break down both domain knowledge and source program into smaller pieces so that the domain knowledge recovery task can be carried out in smaller scale. In particular, monolithic domain knowledge is partitioned into domain knowledge slices; a source program is partitioned into domain-oriented program modules; domain knowledge slices are recovered from program modules and recovered domain knowledge slices are further fused together.

Several new techniques are invented to pave the way towards realising this approach and make it light-weight. In particular, a programming-style-based method is proposed to partition a source program into domain-oriented program modules in a linear time scale; concept recovery rules are defined to recover concepts from the names embedded in the source code; heuristics knowledge is used to map the structural information embedded in the source code to domain relationships; an uncertainty reasoning mechanism is introduced to evaluate the belief of a recovered domain concept or a domain relationship and the authenticity of recovered domain knowledge slices in the presence of ambiguity; and a social-psychology-motivated method is invented to enhance the reliability of the authenticity of fused domain knowledge slices in a dual-way belief propagation process.

A prototype tool for recovering domain knowledge from legacy C software code and database schemas is then presented, followed by three case studies giving evaluation on the approach in different aspects.

Finally conclusions are drawn. Original contributions of this research work to the fields of software maintenance and AI are made explicit and future opportunities are explored.

ATM is an attractive choice for future military communication systems because it can provide high throughput and support multi-service applications. Furthermore its use is consistent with the ?off the shelf? technology policy that is currently operated by the Defense Engineering Research Agency of Great Britain. However, ATM has been developed as a civil standard and is designed to operate in network infra structures with very low failure rates. In contrast, tactical networks are much less reliable. Indeed tactical networks operate on the premise that failures, particularly node failures, are expected. Hence, efficient, automatic failure restoration schemes are essential if the network is to remain operational. The main objective of this research was therefore the specification of one or more new restoration algorithms that meet the specific requirements of tactical networks.

The aspects of ATM networks that influence restoration algorithms? implementation are presented first. In particular, the features of ATM networks such as the VP/VC concept and OAM mechanisms that facilitate implementation of efficient restoration techniques are explained. The unique characteristics of tactical networks and their impact on restoration are also presented.

A significant part of the research was the study and evaluation of existing approaches to failure restoration in civil networks. A critical analysis of the suitability of these approaches to tactical environment shows that there is no one restoration algorithm fully meeting the needs of tactical networks. Consequently, two restoration algorithms for tactical ATM networks, DRA-TN and PPR-TN, are proposed and described in detail. Since the primary concern of restoration in tactical networks is the recovery of high priority connections, because these have greater importance, the proposed algorithms attempt to restore high-priority connections by disrupting low-priority calls. Also, a number of additional mechanisms are proposed to reduce the use of bandwidth, which is a scarce resource in tactical networks.

It is argued next that software simulations is the most appropriate method to prove the convergence of the proposed algorithms, assess their performance characteristics, and test them on different network topologies as well as traffic and failure conditions.

For that reason a simulation software package was designed and built specifically to model the proposed restoration algorithms. It is presented in details and the most important implementation issues are discussed. The proposed restoration algorithms were modelled on three network topologies under various traffic loads, and their performance was compared against performance of known algorithms proposed for civil networks. It is shown that DRA-TN and PPR-TN provide better restoration of higher priority traffic. Furthermore, as the traffic load increases the performance of the proposed algorithms increases compared with the existing algorithms. Two proposed algorithms are also compared against each other. Due to their different characteristics they have their own advantages and disadvantages.

Recommendations are given about the applicability of the proposed algorithms, and some practical implementation issues are discussed. The number of problems that need further study are indicated and briefly described.

The design and analysis of embedded, mixed hardware/software systems, such as PC cards, application specific hardware, m- and e-commerce devices, mobile telecommunication infrastructure and associated software drivers, is hard.

An important issue for correct codesign is the search for a highly compositional and unifying formal approach that crosses the hardware/software boundaries and enables us to keep up with the fast growth in the complexity and variety of electronic devices and their associated software.

Hardware/software codesign is a relatively new discipline interconnecting several other fields of research such as Electronics Engineering and Computer Science with the earliest reference to codesign dated back to 1992.

In this thesis, I describe an integrated compositional framework for codesign of mixed hardware/software systems, together with its underpinning theory of semantics and refinement.

My work integrates formal methods into the design process and the focus of the thesis is on refinement from a formal specification into a formal hardware part and a formal software part.

Central to my methodology is that the synthesis and design start with a single high-level abstract specification which captures the desired behaviour(s) of the system. Decisions are then taken through correctness preserving refinement steps.

I have given formal semantics to Verilog --- a Hardware Description Language (HDL) conceived in and extensively used by the hardware industry --- in both denotational (in specification-oriented style) and operational terms and my work on Verilog enables me to blend existing and commercially available hardware synthesis tools and methodologies into my formal framework. This has the benefit of linking software development with hardware development in an integrated fashion and therefore span the gap between hardware and software formally.

The equivalence between the two forms of semantics is proven and a set of generic refinement laws is presented. A detailed case-study of a smart card application of the Rivest Shamir Adleman (RSA) encryption algorithm is provided to evaluate my approach.

Most of the time-critical computer systems are special-purpose and complex, and are typically embedded in larger systems, such as avionics and robotics control systems. The engineering of time-critical systems poses significant challenges to their 'correct' specification, design, development and evolution. Because of the complexity of time-critical systems, the likehood of subtle errors is much greater than other computer systems and some of these errors could have catastrophic consequences such as loss of life, money, time or damage to the environment. It has been recognised that the use of formal methods, in the life-cycle of time-critical systems, is fundamental.

The thesis proposes an approach, based on a formal method (known as Interval Temporal Logic (ITL)), for engineering time-critical systems, rapidly, efficiently and above all, correctly. The approach uses an integrated framework to deal with the life-cycle of time-critical systems. The proposed framework integrates conventional approaches and formal technologies for engineering time-critical systems.

Based on this framework, the thesis then focuses on using ITL and its executable subset, Tempura, for the development and evolution of time-critical systems development and evolution. An important issue during this evolution is to manage 'change', as well as to cope with its propagation. This is called guided evolution in the thesis. The proposed approach aims to validate and analyse time-critical system's behaviours of interest, such safety, liveness, as well as analyse timing behaviours and ensure the correctness of the timing properties. The validation and analysis are performed at run-time. The assumption/commitment paradigm has been adopted in the thesis. The assumption/commitment technique is valuable as a compositional principle to be used during time-critical systems development and evolution. Behavioural properties expressed in ITL can be validated and tested compositionally. The framework presented in the thesis is language independent.

The proposed approach can deal with both sequential and parallel time critical systems. This is a particular challenging research area because within such a system the functional behaviour and non-functional timing requirements are combined, implicit and can be difficult to validate and analyse.

A prototype tool is developed for three purposes: to test the approach, to speed and to scale up time-critical systems development and evolution based on the proposed approach. Two case studies, including a post office letter sorting system and an assembly line control system, are used for experiments with the approach and the prototype tool.

Conclusion is drawn based on analysis of experiments, which shows that the proposed approach is feasible and promising in its domain. Further research directions are also discussed.

The goal of software component development in general, and component-based reengineering in particular, is to develop a set of reusable software components that satisfy particular asset specifications. In our proposed mining method the work focuses on the process of identifying, extracting and developing the components through "reuse-based" reengineering of legacy artefacts. The processes employed emphasise good software engineering practices and principles such as separation of concerns and observe general guidelines for reusability and quality. Generally, a component is anything that can be composed; we select our definition of a software component that is suitable to our domain of work. Our reengineering approach in mining is being done in a more reuse-based manner, to improve the reusability (and quality, maintainability, etc.) of the legacy components so that they apply not only to a single new system, but also to a variety of other potential systems. This approach often involves substantial restructuring of the legacy system for code understanding and acquiring domain knowledge.

Service-based computing is a new computing paradigm where computing is seen as a utility, similar to gas, electricity, etc. An application is not physically shipped to the customer but made available for remote usage. A service-based application consists of services executed from all over the world on the machines where they are installed. This brings a number of design problems into being compared to traditional local execution. This thesis addresses some of these including naming, searching, accounting, binding different services to form new services and finally guaranteeing the quality of service a user would expect, whereby the focus is set on performance monitoring in such a large scale global distributed system. It is an important requirement for Quality of Service (QoS). Since the distribution of services is supposed to be transparent from the user, any kind of delay in the interaction of these services needs to be kept to a minimum. To achieve a control of these interactions the performance needs to be monitored and in case of under-performing a reconfiguration needs to be triggered. Three different architectures for performance monitoring have been designed, whereby the difference between these architectures is the location of the performance monitor within the distributed system. Each of these is able to detect and reconfigure hardware failures and delay in the execution. A hardware failure means a complete shut down of either a network connection or a machine where services are being executed. A delay on the other hand, results in the application not being able to terminate within the time that the user has originally agreed with the service provider.

The algorithms discussed in this thesis estimate the start and end times of application parts running on an heterogeneous Network Of Workstations (NOW) taking into account that the executing machines are slowing down with the increasing load of parallel tasks. Additionally to the estimated execution times information about instructions during which two application parts share same resources are stored. This information is then used to optimise the distribution of the application parts using a dynamic algorithm which has similarities to Ant Colony Optimization algorithms (ACO-algorithms) and is also described in this thesis.

Finally a Grid Performance Software (GriPS) has been designed, developed and tested. It is written in Java and has been used to create experimental results to compare and analyse the different performance monitoring architectures. GriPS simulates a large global distributed system by using connection data collected from CAIDA's skitter initiative. Within the simulation there exist actually three different distributed systems. One for the application itself, one for the performance monitoring within the models, additionally the location broker can be located on a different machine as well.

Grammar-oriented Object Design was shown to be a potent combination of extending methods, incorporating DSLs from a given business domain (BDSLs) and Variation-oriented Design in order to provide a seamless transition from business models to component-based software architectures. GOOD starts by extending current object modeling techniques to include the discovery and explicit modeling of higher levels of reuse, starting from subsystems, defining their manners using a domain-specific business language, i.e., using use-case grammars, that describe the rules governing the creation, dynamic configuration and collaboration of large-grained, business-process-scale, adaptive software components with pluggable behavior, through the application of architectural patterns and representation of component manners in the BDSL. This presents immense potential for applications in the domains of grid services, services on demand and a utility-based model of computing where a business need initiates the convergence of application components based on/from the manners of services they provide and require.

In terms of technology Component Based Development (CBD) is a reality. A number of Component Execution Environments such as J2EE, .NET and the CORBA Component Model are well established and industry surveys report increasing engagement in CBD. However, the software crisis that CBD was envisaged to resolve is still with us. Components appear to have increased software development productivity but not necessarily quality in terms of fitness for purpose.

This thesis asserts that the impressive research to date on components has been almost wholly focused on technical concerns without the issues of ensuring that components are usefully deployed being addressed.

It presents a preliminary research model, called the K-Mediator Framework, which rests on the notion of three generic stakeholders (Business User, Application Developer, and Component Developer) their different viewpoints and, importantly, their different areas of expertise. It proposes that `three plus one' types of knowledge are required to give rational support to the build versus buy versus reuse decisions of component provisioning. These types of knowledge are encapsulated in the decision-making framework for stakeholder negotiation.

Finally, the thesis describes a K-Mediator tool and its use in a case-based experiment using an established CBD framework to validate the preliminary model and lay the groundwork for future research in this critical area.

Automated data mining and modelling software gives marketing managers a tool to perform analyses that otherwise would need to be handled by a highly trained researcher. This is accomplished by establishing a predetermined analysis methodology. An algorithm is developed that attempts to reflect the step by step decision making process that a trained data miner would follow. At each step in the process, preset criteria are used to select analysis options.

Traditionally in data mining and modelling, there are many parts of the process that cannot be automated, including accessing a data set, transforming the data set into desired format, quality checking and preparing the data for analysis, evaluating a methodology to match the research or business problem, and interpreting and presenting the results.

This thesis provides a specification of the implementation of the automation approach in data mining and modelling. This framework presents following techniques:

• The approach of streamlined controls for data extraction, cleansing and transformation, giving data miners the flexibility to access the data sets whenever they want, and go back and restructure data to accommodate the research or business problems at hand.
• The proposal of an integrated suite of advanced models and algorithms, including clustering, decision trees, neural networks, memory based reasoning, linear and logistic regression and associations, offering people with certain analytical depth.
• The capability of integrated assessment providing a common platform for comparing different modelling techniques in research or business terms and for testing the predictive strength of the models to determine which is the most applicable to the data sets.
• The design of an intuitive graphical user interface helping the researchers to navigate easily through the data mining process and to view the report of data analysis results.

The proposed framework in this thesis consists of integrated procedures of automatic data mining process and analysis. A software tool FEPS (Future Event Prediction Solution) is implemented by using Visual studio .NET to demonstrate the features of the framework. A case study is finally applied to the framework to verify its performance and accuracy in terms of future event prediction.

Software engineering has evolved into a relatively mature engineering subject over the last 20 years. It has changed software development from a haphazard to a more disciplined approach. There are many different software engineering models available, almost all of them, however, are based on experiences of large corporations and require substantial resources and many qualified software engineers.

In comparison to large corporations, small organisations are more likely to change or modify business processes to survive; hence the need for frequent and rapid updates or revisions of the organisations' core software. Yet software engineering in small organisations are often faced with financial restrains and shortage of experienced engineers.

A modified software engineering model is proposed in this study. The proposed model combines a conventional linear software engineering process with a cyclic software reengineering process, in particular the inclusion of an inventory analysis in routine software engineering process. The inventory analysis assists routing of engineering process into reengineering. It is believed that this extra step will be cost-effective in the long-term, since it offers the opportunity to utilise existing systems in an organisation. The proposed model is applied to produce a wildlife management system for a small organisation, the Northants Forest District.

The disciplines of software development have been using patterns since at least 1994, and more recently the Patterns Movement has become interested in the idea of generative pattern languages as espoused by the radical architect Christopher Alexander. However, pattern languages in the software domain do not work. One possible explanation is that the history and use of patterns and pattern languages has caused the software development community to be blind to some fundamental properties of pattern languages.

This research study therefore re-examines pattern 'theory', and explores its applicability to software development. Patterns present a general solution to a recurring problem, adapted to fit the problem's context and forces. Generic solutions can be found to solve common problems in the design field, which can then be written down in a usable form so that hard-won lessons can be readily applied by practitioners. Generative pattern languages are systems of patterns which, when applied in a certain order, generate successful, integrated systems or solutions. The study answers the questions of whether generative pattern languages for the software domain are feasible, and what are the structural features of pattern languages that are required for them to be usable by non-experts. An example pattern language for modelling business processes, called APPLE, is developed as proof of concept.

The thesis which follows describes a successful piece of independent research which began with the aim of developing a usable pattern language for business process modelling, but in the process of which discovered some more general principles which will be of significant interest to the software development community. The study used both quantitative and qualitative research methods to provide preliminary validation of its findings. As such, it has added to our store of knowledge in a number of ways. Substantial contributions to knowledge have been made, and new areas for further research have been opened up. These contributions to knowledge include:

The establishment of the key notion of the 'focus' - the subjective lens through which designers perceive the problems they need to solve and its application to the design, as well as the use of, pattern languages The first systematic application to date of Christopher Alexander's notion of centres and patterns as rules for creating centres to the software development domain A clarification of the theory of pattern languages in regard to sequences. The study establishes clearly, for the first time, that the choice of the sequences of patterns to be used in construction are constrained by the centres identified in the system being built A candidate generative process pattern language called APPLE (A (business) Process Pattern LanguagE) which already includes 48 patterns

These novel contributions, together with a number of suggestions for concrete lines of research, are now placed in the public domain to be freely assessed and, hopefully, built upon by other researchers. It has been shown that a pattern language for business processes is feasible (and indeed, a reasonable start has been made in mining such a language) and that it can be made usable. A small contribution has thus been made to the rather larger problem of how to bridge the gap between models of business processes and models of software solutions, by reusing the hard-won gains of experts in the field. While the study could not possibly hope to resolve this fundamental problem of Computer Science and Software Engineering, it has achieved all of its stated goals, and a good deal more, that were set within its scope boundaries.

Developing software still needs research. Broadly, there are two approaches to software development: masterplan and piecemeal growth. This thesis investigates how a system pattern can help software development according to a piecemeal growth approach.

A new concept for software development, a system pattern, is proposed firstly. It describes a particular recurring system development problem that arises in specific application contexts, and presents a well-proven generic framework for its solution. The solution framework is specified by describing its constituent components, their responsibilities and relationships, the ways in which they collaborate and the approach of construction.

Secondly, a unified pattern is defined as a system pattern, Tri-Integration pattern, to build an integrated, secure and expandable network application system. The pattern has three elements: Service, Component and Data. It presents a system-level solution through services integration, components integration and data integration. Services integration represents a mechanism that can integrate various services into one application system; components integration supports the development and deployment of application components using well-designed construction methods; data integration can compose all separate data in a resources repository that may be distributed between different machines.

Thirdly, several instantiations of the Tri-Integration pattern are provided. Through comparison with typical existing systems, it proves that the design of a Tri-Integration pattern is successful and that the application systems based on the pattern are effective and applicable.

It is concluded that the system pattern can assist software development, especially helping to support the development of complex, large-scale systems and also supporting effective industrial software production, and promises to be effective in the integration of application systems.

Security requirements deal with the protection of assets against unauthorised access (disclosure or modification) and their availability to authorised users. Traditionally, security concerns are considered as an add-on to be implemented at a later stage of system development. Nowadays, it is well understood that adopting such belief can be difficult and error-prone. Therefore security must be considered as an integral part of the system requirements right from the early stages of the system development life cycle.

In this thesis, we develop a unified compositional formal framework for the specification of the functional, temporal and security requirements of systems. The framework uses a single formalism, Interval Temporal Logic (ITL in short), for expressing the three types of requirements and for reasoning about them in a uniform manner. This provides an effective way of integrating security concerns into the system requirements and to address them early (high level specifications) in the system development process so that security holes can be detected and fixed timely.

We propose a language for expressing access control policies and their composition. Especially, a set of operators is defined for expressing policies that can change dynamically in response to time or events. The resulting model provides a high flexibility to support the specification of several protection requirements that cannot be expressed in traditional access control models. We investigate the algebraic properties of the operators and develop sound algebraic laws for the comparison and the refinement of security policies.

We take the view that a system is developed starting from a high level specification and transformed by a sequence of correctness preserving refinement steps down to a low level implementation. The low level system must implement a mechanism for enforcing security policies. In this respect, we develop a computational model, Secure Action System (SAS), that allows the enforcement of dynamically changing security policies. It is an extension of the traditional action system paradigm to cater for security. SASs can be composed into a large system. We propose a rich set of sound compositional rules for the design and verification of SASs.

We develop a tool, SPAT, to animate security policy specifications and to analyse them. We evaluate our approach with a detailed case-study of a secure exam system and the formalisation of the British Medical Association's security policy for Electronic Patient Records (EPRs).

The Specification and validation/verification of behavioural properties has remained one of the most widely researched themes in the domain of Web services. Current efforts however consider only "static" aspects of service behaviours. XML-based standards/Ontologies for services are limited to specifying interface predicates as precondition, effect or postcondition. These properties do not support specification of "ongoing behaviour" which is as important as the initial/final state properties, especially in the context of reactive Web services. Secondly, the development of most specification languages is based on an informal model of computation. The semantics are buried in the execution engines which are bundled with the languages. Further, most of the research in the area of validation/verification has been directed towards design time model checking of services. Little attention has been paid to asserting useful properties about service composition at runtime.

In this thesis, we propose an architecture based on a "Compositional" approach, for the specification, verification and runtime validation of reactive services and their composition. We present a sound computational model and a wide spectrum language, Abstract Service Design Language (ASDL), with well defined semantics in terms of our underlying logical framework, for designing service oriented systems. Fundamental to our approach is the notion of Compositionality. To achieve this, we augment Web service specifications with properties called assumption and commitment. We show how runtime validation of service composition can be achieved using an interpreter for, Tempura, an executable subset of Interval Temporal Logic (ITL). Finally we present "TeSCO-S": Temporal SemantiCs for OWL enabled Services, a framework along with tool support for enriching Web service interface specifications, described as OWL ontologies with the temporal assertions of assumption and commitment.

The complexity and size of commercial Web-based systems present a grand challenge to the traditional methodology of software evolution. However, compared to the huge advance of software development technology over the last two decades, the progress of software evolution research and practice, especially for Web-based systems, is still very limited.

Modern software development is built on a number of principles, paradigms, and tools. Those building blocks provide a standard, flexible and integrated way to develop and deliver a definite product.

From programming language to operating system, from Integrated Development Environment (IDE) to software process model, many alternatives can coexist and be regarded as "standards" due to their popularity or authority. To build a commercial web application, it is completely up to the development team to choose the operating system, programming language, IDE and development process. Thanks to standards built on techniques such as XML and UML, those building blocks could be integrated seamlessly and flexibly no matter how or by whom they were created. Finally, regardless of the technology adopted for development, the product of any software development should be always a working system, an instantiation of the requirement specification.

However, when it comes to software evolution, there is no standard, flexible and integrated way to evolve and deliver a definite product. The booming development of Web related technologies only complicates the situation. This research presents a unified solution to Web-based system evolution, which consists of three components: Web-based systems understanding, Web-based systems representation and evolvable Web Application Framework:

• Web-based systems understanding. A successful evolution of a legacy system relies on an appropriate understanding of its functionality, context and architecture. Traditionally software reverse engineering techniques, ether formal or cognitive, have been used for this purpose. This research presents a unified method for understanding Web-based systems, where a formal method and a data mining technique are developed to decipher program logic and the relationships between different components.
• Web-based systems representation. The information hidden in Web-based systems can be divided into five categories: source code of control logic, source code of presentation logic, configuration information, input/output files and data model. Each category of the information has its value in evolving the related Web-based system. While source code and configuration files are vital for understanding the whole system, the input/output files and data model determine the flexibility for maintenance and future development. To effectively manipulate the information hidden in Web-based systems, representations for each of those categories are defined in this research.
• Evolvable Web Application Framework. Web-based systems are built upon a certain software infrastructure. An infrastructure provides services such as resource pooling, thread management, service lookup and data access layer. This research will look at existing frameworks and develop an alternative infrastructure that we believe is essential to successful evolution of Web-based systems.

Case studies will be given to evaluate the proposed solution in different aspects. Conclusion is drawn based on analysis, which verifies the feasibility of the proposed solution. Further research areas are also discussed.

Throughout the world, there are many legacy systems that fulfil critical business functions but often require new functionality to comply with new business rules or require redeployment to another platform. Legacy systems vary tremendously in size, functionality, type (such as batch-oriented or real-time), programming language source code, and many other factors. Furthermore, many of these legacy systems have missing or obsolete documentation which makes it difficult for developers to re-develop the system to meet any new functionality. Moreover, the high cost of whole scale redevelopment and high switchover costs preclude any replacement systems for these legacy systems. Reengineering is often proposed as a solution to this dilemma of high re-development and switchover costs.

However, reengineering a legacy system often entails restructuring and re-documenting a system. Once these restructuring and re-documentation processes have been completed, the developers are better able to redevelop the parts of the systems that are required to meet any new functionality. This thesis introduces a number of methods to restructure a procedurally-structured, batch-oriented COBOL system into an object-oriented, event-driven system through the use of an intermediate mathematical language, the Wide Spectrum Language (WSL), using system source code as the only documentation artefact. This restructuring process is accomplished through the application of several algorithms of object identification, independent task evaluation, and event identification that are provided in the thesis. Once these transformations are complete, method(s) are specified to extract a series of UML diagrams from this code in order to provide documentation of this system. This thesis outlines which of the UML diagrams, as specified in the UML Specifications version 1.5, can be extracted using the specified methods and under what conditions this extraction, using system source code only, can occur in a batch-oriented system. These UML diagrams are first expressed through a WSL-UML notation; a notation which follows the semantics and structure of UML Specifications version 1.5 in order to ensure compatibility with UML but is written as an extension of WSL in order to enable WSL to represent abstract modelling concepts and diagrams. This WSL-UML notation is then imported into a visual UML diagramming tool for the generation of UML diagrams to represent this system.

The variety of legacy systems precludes any universal approach to reengineering. Even if a legacy system shares a common programming language, such as COBOL, the large number of COBOL constructs and the huge number of possible dialects prevents any universal translator of the original program code to another. It is hoped that by focusing on one particular type of legacy system with constraints, in this case a batch-oriented COBOL system with its source code its only surviving artefact, and by providing validated algorithms to restructure and re-document these legacy systems in the Unified Modelling Language, an industry system modelling standard, and by determining which of these Unified Modelling Language can be extracted practically from such a system, some of the parameters and uncertainties, such as program understanding of an undocumented system, in reengineering this type of system can be reduced.

Microarray technology has provided researchers with a tool to analyse the expression of thousand of genes simultaneously. The consequence of deploying such technology is to produce a huge amount of data, which needs to be stored and analysed. There are many microarray related database applications for holding the gene expression data. Some microarray databases are generic and some are targeted at more specific areas of research. Toxicogenomics is the result of the integration of toxicology and genomics and therefore a database for toxicogenomics will have specific requirements. While the generic microarray databases are useful, especially for the public repository, there are always specific requirements for what the microarray experiment data needs to be recorded and how to be recorded in different areas of research.

The aim of this study was to develop a microarray database management system to meet the needs of local microarray laboratory at MRC Toxicology Unit. As more and more information has been produced by local researchers, a database was required to store the information and allow easy retrieval on demand. A Toxicology MicroArray Database (TOXMAD) management system has been designed to host microarray experiment related information. Database design was based on BioArray Software Environment (BASE) schema adapted Minimum Information About a Microarray Experiment (MIAME) recommendation, its aim is to have well annotated data and therefore enable the experiment to be analysed or reanalysed at later date. It will also help to transfer data from the local database to republic repositories.

A Web-based system - Toxicology Microarray Database on Web (TMDW) with three-tier client server architecture which includes user interface, application server and database as backend, has been developed based on the techniques from this study. It also acts as a LIMS (Laboratory Information Management System) to enable users to manage and track their project, experiment, sample and array etc. from microarray experiments. Active Server Page (ASP) technology with its underlying techniques and Internet Information Server (IIS) as Web server are used to develop TMDW.

A traditional representation of aerodynamic characteristics based on the concept of aerodynamic derivatives fails to be accurate at high angles of attack due to significant dynamic effects generated from separated and vortical flow. As the possibility of performing controlled flight at high angles of attack has already become a common requirement for modern combat aircraft, the problem of an adequate model for aerodynamic loads at high incidences is the issue of the day.

This thesis presents a phenomenological approach to modeling of unsteady aerodynamics characteristics of high angles of attack. In this approach aerodynamic characteristics are considered as a combination of two components having different characteristic time scales which describe the contribution to the total aerodynamic load from the different flow structures. It is assumed that all dynamic properties of the flow are amassed in the slow component. To describe its behavior specially designed nonlinear differential equations are used. Depending on the parameters, this model can reproduce both "weak" and "strong" nonlinear effects including static hysteresis. A special idenitification technique has been developed for the estimation of the model parameters using dynamic wind tunnel test data.

To verify the propsed technique, mathematical models of unsteady aerodynamic loads of a 65 degree delta wing and a high aspect ratio rectangular wing which has hysteresis in the static dependence of its normal force have been developed. These models demonstrate good qantitive and qualitative coincidence with the experimental data.

The limitations of a conventional aerodynamic model based on the aero dynamical derivatives concept are analyzed considering the longitudinal motion of a hypothetical aircraft with the 65 degree delta wing and thrust vectoring control. A dynamic unsteady aerodynamic model approximating the vortical and separated floe time lag effects is considered along with the conventional aerodynamic model and their impact on aircraft dynamics and control law design is discussed.

The topic work of this thesis is an approach to online data collection and construction of a database to support a data mining system.

Data mining is also called KDD (Knowledge discovery in Database) It is at the intersection of multiple research areas including Machine Learning, Statistics, Pattern Recognition, Databases, and Visualisation. From the literal meaning it can be seen that data is the source of needed knowledge, so obtaining the necessary data is an important part of the data mining process.

The internet is an abundant data depository, where data produced by some organisations or companies are published on websites and are open to the public. These data items exist in multifarious forms (including HTML, XLS, XML, etc). A data mining system cannot operate upon them directly; it needs data stored in a unique store.

At the moment, there is a lack of a powerful tool which can convert the online data into a standard database for a data mining system. XML is a new standard for data exchange over the network. The core work of this thesis is contributing research which tries to give user the biggest convenience to automatically build an XML database. Finally a software tool was designed, and the functions that this tool provide include accessing the website and using relevant to download the data, automatically recognize the type of data file and read the data file, extract the useful parts and transfer the data into XML documents and build an XML based database and predict the risk of enterprise loan approval.

World-Wide Web is one of the primary applications of Internet today. Web-caches can decrease bandwidth consumed by HTTP traffic and improve user experience decreasing Web object retrieval latencies. Transparent web-caches can be used by organisations to intercept and cache all HTTP traffic without significant administrative expenses and therefore minimize traffic costs and improve filtering and monitoring capabilities. Internet Service Providers use en-route transparent Web-caching on their backbone communication links to decrease amount of HTTP traffic, which currently represents a major part of overall traffic. Web-caches are used in content delivery Networks to push content closer to end user, greatly improving latencies of object retrieval and reducing overall internet traffic, at the same time offloading original Web-server. Web-caches are used in accelerator mode in high volume websites, decreasing overall cost of the web site and/or improving its scalability and performance. Though web-caches are often invisible at first glance, modern internet in the form we see it today would probably not be possible without wide deployment of Web-caching technology.

Deployment of Web-caching technology gives immediate effect: performance of properly designed web-caching system can be improved step by step as needed.

In this thesis a particular implementation of web-caching cluster is proposed which is capable of handling 500Mbps of HTTP traffic at the cost less than $20000 using cheap PC hardware, high quality open source software. As shown below proposed solution has a number of advantages to other methods of solving web-cache scalability problems.

First, the proposed cluster scheme is designed from very beginning to take into account the properties and characteristics of web-caching application as distinct from universal approach to clustering. One of the most important differences between cached content and, say, database records is the fact that cached data can be discarded at any moment and this will not have any grave consequences in contrast to lost database records.

Second, proposed approach to cluster building does not require any additional hardware changes to application web-caching software or changes to operating system. Proposed cluster architecture is entirely software based.

Third, this particular implementation of cluster uses transparent web-caches (therefore any configuration at users side is not needed), and cluster control software is easy to install and operate, require only minimal effort from network administrator, at the same time providing good performance, excellent scalability and automatic fault detection and failover capabilities

In this thesis novel numerical algorithms are developed to solve some problems of analysis and control design for input constrained linear dynamical systems. Although the obtained results are of a general nature, all the considered problems are induced by flight control applications. Moreover, all these problems are stated in terms of geometry, and because of this their solution in the thesis was effectively achieved by geometrically-orientated methods.

More specifically, during the solution of the problems mentioned above we consider modern geometric optimality criterion. We either maximize the size of some set in Euclidean n-dimensional space, or we have to somehow estimate its size. Considering this optimality criteria, we apply operations on polytopes, boundary points location, etc. to solve the problems. The thesis therefore might be considered as an intersection between flight control and computational geometry fields.

For validation of the developed algorithms we perform simulation of the original system on the grid of state-space points, investigating some realistic and publicly available mathematical models. The problem of controllability region computation and constraint stabilization of unstable aircraft dynamics have been addressed. Special MATLAB toolset has been developed.

The main goal of network management systems is to ensure the quality of the services that networked elements provide. The management of a network involves co-ordinating and responding to alarms, performance indicators, traffic and accounting statistics and various other pieces of information which are needed to keep the network operating efficiently. The current network management systems suffers from the difficulty of integrating new technologies and standards into the shared network infrastructure, poor performance and complexity in accommodating new services in the existing architectural model. Active networks represent a new approach to network architecture. Active networks visualise the network as a collection of active nodes that can perform any computations, and a collection of active packets that carry code and are indeed programs. Active Networks will provide that the functions of the network nodes will not be longer be rigidly built-in by vendors who must follow designs dictated by slow and intractable standards committees. Also, network integrity will not be vulnerable against various ad hoc approaches toward network programming, as is the case today. This thesis will present the application of Active Networks technology as a solution to the current network management problems.

Grid computing is a new technology for the intent of sharing distributed resources and coordinated problem solving. On the other hand, legacy software systems can not be simply discarded as they are critical to business they support and because they encapsulate a great deal of knowledge and expertise about the applications. This research proposes an approach for evolving legacy software systems into Grid environment. The aim of this approach is to use legacy systems into Grid environment which enables the integration of legacy resources with Grid across distributed, dynamic environment and communities.

The methodology consists of multiple phases, include: using reverse engineering techniques to comprehend and decompose legacy system, employing AST, DTD and XSLT to transform and represent legacy system by XML as Grid components, and integrating these Grid components into Grid service environments. Also, the proposed approach is extended to the semantic Grid environment to carry out the initial step of the semantic Grid oriented legacy system evolution. As last, a legacy bank system case study is given. The purpose of this case study is to demonstrate that the proposed approach has the ability to evolve legacy systems into Grid service environments.

Different from related work, the approach proposed in this thesis provide an unified framework for Grid oriented legacy software system evolution. Through this research experience, it is argued that the detailed component mining approach needs to be tailored according to the features of a particular legacy system, and the legacy system evolution can assist Grid application development. The proposed approach is powerful for utilising reusable legacy resources into Grid environment to build Grid applications across distributed, dynamic environment and service oriented architecture communities.

Security requirements must be addressed early and throughout the development of the system. They cannot be left to a late stage in the development process, as otherwise functional design-decisions may undermine security requirements. Honouring this principle we developed the SANTA framework which integrates the specification of security, functional and temporal requirements of Multi-Agent Systems (MAS) within a unifying and formal framework.

The specification and implementation of MAS is supported by the SANTA Wide-Spectrum Language (SANTA-WSL). SANTA-WSL allows for the expression of specifications and their implementations within the same language. The specification-oriented semantics of SANTA-WSL is given in Interval Temporal Logic (ITL), that is the formal foundation of all components in the framework. A formal foundation is key to the certification of MAS deployed in security critical environments where a breach in security may result in serious harm to people, equipment or missions. A SANTA-WSL specification comprises agents, objects, policies and enforcement mechanisms. Agents are active entities in the system; objects represent passive resources; policies express security requirements; and enforcement mechanisms define the effect of a policy on the execution. Policies can change dynamically according to time or events and can express history-dependent constraints. They are compositional, that is policies can be composed out of small, easier to comprehend components along a temporal and structural axis.

We show the advantages of policy composition for the specification and enforcement of policies. Compositionality is also important for verification, as properties of the overall policy can be inferred from the properties of its components. We show how abstract policy and enforcement specifications can be refined into concrete and implementable enforcement code that guarantees the compliance with original specification. On one hand policies depend on the history of the system's execution, on the other hand the execution of the system depend on the outcome of policy decisions. By addressing security, functional and temporal requirements in a unifying framework we are able to formalise and study their interactions.

Rules give structure to knowledge. Programs use rules to dictate or constrain specific decisions or actions. Rules are incorporated into these programs based on either the experiences or expectations of the organization or a subset of knowledgeable individuals, so that all users are guided by the same knowledge and constrained to identical behaviors. Because rules are tested, revised, and updated continuously, they represent a substantial and valuable intellectual asset. Unfortunately, rule revisions are often made only within the program code. When it becomes necessary to re-engineer these systems, these valuable rules are frequently not reused because the legacy code is the only valid source of these rules, and their extraction is thought to be too difficult, especially if this involves rule recovery from complex systems employing multiple programs in multiple languages.

To address this problem, a formal rule model and rule algebra are developed to allow the extraction, analysis, and manipulation of rules from a diversity of specifications, languages, programming paradigms, and system representations. Using Interval Temporal Logic (ITL), a rule is defined formally as a conjunctive relationship between a state sequence and a future state sequence. Using this formal rule model, a rule algebra is developed that describes the set of operations that can be applied to compose, decompose, or transform rules. Various compositional paradigms are demonstrated with this rule algebra. Using these compositional paradigms, rule-based representations of typical legacy code structures are developed. Using this rule algebra, rules are extracted from a diverse group of rule-based systems. Based on this rule algebra, the application of statecharts to legacy code analysis is demonstrated. The rule algebra is applied to the forward engineering of rule-based systems. This rule algebra is demonstrated to be a robust, flexible, and expressive tool for the analysis and manipulation of rules and rule-based systems.

Constant innovation of information technology and ever-changing market requirements relegate more and more existing software to legacy status. Generating software through reusing legacy systems has been a primary solution and software re-engineering has the potential to improve software productivity and quality across the entire software life cycle. The classical re-engineering technology starts at the level of program source code which is the most or only reliable information on a legacy system. The program specification derived from legacy source code will then facilitate the migration of legacy systems in the subsequent forward engineering steps. A recent research trend in re-engineering area carries this idea further and moves into model driven perspective that the specification is presented with models.

The thesis focuses on engaging model technology to modernise legacy systems. A unified approach, REMOST (Re-Engineering through MOdel conStruction and Transformation), is proposed in the context of Model Driven Architecture (MDA). The theoretical foundation is the construction of a WSL-based Modelling Language, known as WML, which is an extension of WSL (Wide Spectrum Language). WML is defined to provide a spectrum of models for the system re-engineering, including Common Modelling Language (CML), Architecture Description Language (ADL) and Domain Specific Modelling Language (DSML). MetaWML is designed for model transformation, providing query facilities, action primitives and metrics functions. A set of transformation rules are defined in MetaWML to conduct system abstraction and refactoring. Model transformation for unifying WML and UML is also provided, which can bridge the legacy systems to MDA. The architecture and working flow of the REMOST approach are proposed and a prototype tool environment is developed for testing the approach. A number of case studies are used for experiments with the approach and the prototype tool, which show that the proposed approach is feasible and promising in its domain. Conclusion is drawn based on analysis and further research directions are also discussed.

The importance and popularity of software evolution increase as more and more successful software systems become legacy systems. On the one hand, software evolution has become an important characteristic in the software life cycle. On the other hand, software processes play an important role in increasing efficiency and quality of software evolution. Therefore, the software evolution process, the inter-discipline of software process and software evolution, becomes a key area in software engineering. A well-managed software evolution process can effectively support a successful software evolution; however, a poor software evolution process will lead to the failure of the corresponding software evolution.

This thesis aims to model and describe formal software processes that effectively support software evolution. For this purpose, progress has been made in five main aspects:

Firstly, five important properties of software evolution processes are analysed. It is indicated that iteration, concurrency, interleaving of continuous and discontinuous change, feedback-driven systems and multi-level frameworks play important roles in software evolution processes.

Secondly, a Petri Net is extended with object-oriented technology and Hoare Logic. Based on the extended Petri Net and according to the preceding properties, a formal evolution process meta-model (EPMM for short) is proposed. EPMM can define software evolution process models (EPMs for short) with a four-level framework and can embody some important properties, such as iteration, concurrency, interleaving of continuous and discontinuous change and feedback-driven systems.

Thirdly, based on EPMM, an object-based evolution process description language EPDL is designed. It is more detailed and easier to implement in computers than EPMM.

Fourthly, based on EPMM, the framework of software evolution processes is discussed. According to the framework, a semi-formal approach to modelling and describing software evolution processes is proposed. The approach is used to design software evolution processes at the global level (designing global models), at the process level (designing software processes), at the activity level (designing activities) and at the task level (designing tasks), each corresponding to the levels in the framework. At the process level, the approach supports top-down white box modelling and top-down black box modelling, which are proved to preserve the interface consistency over refinement hierarchies. The approach also supports process reuse by means of three different reuse methods. At the task level, by repeatedly decomposing the function of a task into one of three basic control structures, the function can be decomposed into a code segment consisting of finer functions, which can be easily realised. If the executions of all the decomposed finer functions terminate, the decomposition is proved to be totally correct. Using EPDL, software evolution processes can be described in detail.

Fifthly, according to the dependence analysis between activities and between tasks in an EPM, an approach is proposed to capture and extend concurrency in an inefficient process segment dug down from an EPM. After its efficiency is improved, the process segment is put back into the original EPM to improve its efficiency.

In addition, a support environment EPT is also designed. Four case studies indicate that the proposed approach is feasible and effective.

In summary, this thesis proposes a semi-formal approach to effectively support software evolution by constructing formal software evolution process models and the corresponding descriptions.

An increasing number of the research publications devoted to the lossless compression methods indicates growing interest to this area of the engineering design. This interest is explained by the rapid development of the communication and data storage facilities. Compression theory has a long history and the subject is explored in depth. However its application is always limited by the characteristics of the existing equipment. Compression techniques are widely used in multimedia data transmission and storage systems. Quality of the multimedia data and its size represent a trade-off that drives so called lossy compression algorithms. These algorithms provide good compression ratio at the cost of the information loss. Recently a set of lossless compression techniques are introduced for image, video and audio data compression. Lossless methods are less effective when compared with their lossy counterparts, but they provide perfect quality and still offer compression ratio in range from 1.5 to 10. With increasing of available bandwidth of communication channels and capacity of storage devices lossless compression methods are positioned as a replacement of the lossy multimedia compression algorithms. The aim of this research is to investigate the lossless compression technique for the telemetry information that is a type of the multimedia information. The work starts from the examination of the telemetry data format and statistical characteristics. This study provides background for further exploring of the data decorrelation and entropy coding methods that is aimed to design an effective lossless telemetry compression algorithm. As a result, basic architecture of the lossless telemetry compression system is proposed, and its performance evaluation is introduced.

Distributed systems have become a vital tool in today's computing environments. They have been available for many decades and a number of application architectures and implementations are based on them, for instance Web services, GRIDs. A successful approach to build distributed systems is constructing them based on middleware technologies, for instance CORBA implementations. Although middleware standards and technologies have solved many of the distribution complexities, nevertheless the demand for more and enhanced services of middleware is increasing.

Management and control of distributed systems is an important area, where much development is needed. In spite of its importance, it is not a widely researched area and no standards are produced to address distributed systems management as a separate requirement. In this thesis a distributed systems management service architecture is proposed. The architecture aims to distribute the management activities across a distributed system to facilitate dynamic and automated management.

In particular, the management service can be invoked on the hosts where distributed application objects are executing. Thus, it can manage the application objects running on the same host. In addition, the management service components, which are located remotely, have the capability of coordinating their actions to alter a distributed application's behaviour. Effectively, the architecture is designed to be a middleware service that provides management functionality in a flexible, reusable and systematic manner, as is the case with most middleware services. The aspects of management considered by the management service are based on the functional model of the OSI management reference standard.

Furthermore, the architecture uses the Policy-Driven Management strategy, which is the new approach in distributed systems management. As a result, the management service can provide dynamic or agile management for distributed applications.

The issue of management information representation and exchange between the managed application and the management service is also addressed in this research. The change of state of the running application is represented as a management event. Additionally, to structure the set of management events defined, a hierarchy tree of management events is proposed. Similarly a management action hierarchy tree is proposed to define and publish the set of actions required for management in general.

An implementation of the Distributed Systems Management Service (DSMS) is presented, including its interaction with an external policy service and receiving and interpreting its policies. As a case study the area of fault tolerance is chosen. Some of the well-known fault tolerance techniques are selected to demonstrate their enforcement using the DSMS service. Finally, the evaluation of DSMS management service is discussed.

The essence of software reengineering is to improve or transform existing software so that it can be understood, controlled and used anew. Program transformation is used as a core technique for fulfilling the various needs in the context of software reengineering. The improvement of the automation and efficiency of program transformations for reengineering is a concern in both research and industrial areas. The proposed research aims to achieve the goal by providing an appropriate mechanism to predict the transformation steps to fulfil specific reengineering targets to enhance the efficiency and correctness of reengineering through program transformations.

In this thesis, a Target Driven Program Transformation Step Prediction approach (TDPTSP) is proposed to assist the process of transformation in software reengineering. The proposed approach is explored by using a transformation-intensive language Wide Spectrum Language (WSL) as an intermediate language and its toolset which provides a well-developed transformation bank containing a large number of proven transformations. The predication of transformations is an intelligent means to guide the transformation process towards reengineering targets. In order to make the identified targets tangible, the concept of Target Model (TM) is introduced for the target representation and evaluation. In the model, software metrics selected from a reengineering intensive metrics catalogue are correlated to the corresponding targets.

With the quantitative measurement and the tangible target representation, the program transformation step prediction algorithm is constructed as a heuristic based search approach. Expertise for applying program transformations in the practical work is essential for the prediction operation. The prediction approach incorporates the expertise rules in addition to the metrics based approach. When predicting the transformations on domain specific applications, domain features are the vital factors. Therefore, the approach needs to be augmented to deal with such applications. To explore how to utilise the transformation prediction for the applications in specific domain, multimedia domain is chosen for the study. In order to exploit the proposed approach, WSL is extended with object-oriented features and multimedia domain features consistently based on the existing language levels of WSL. Correspondingly, the existing transformation bank is extended for the needs of the transformation prediction driven by reengineering targets. A prototype tool and three case studies are presented for the experiments to show the proposed approach is feasible and promising. Conclusions are drawn based on analysis, and further research directions are discussed at the end of the thesis.

Computing systems are becoming more and more complex and assuming more and more responsibilities in all sectors of human activity. Applications do not run locally on a single computer any more. A lot of today's applications are built as distributed system where services on different computers are communicating. Distributed systems arise everywhere. The Internet is one of the best-known distributed systems and used by nearly everyone today. It is obvious that we are more and more dependant on computer services. Many people expect to be able to buy things like clothing or electronic equipment even at night on the Internet. Computers are expected to be operational and available 7 days a week, 24 hours a day. Downtime, even for maintenance, is no longer acceptable.

The thesis presents a framework for the development of highly available software services. The research focuses on failover functionality and heterogeneous distributed systems that are based on client/server architecture. Failover is the migration of services from one server to another. If one server in the distributed system fails, another server takes over the services of the failed one.

The thesis shows how failover functionality can be expressed by attributes and how higher availability of services can be achieved by transparent failover with state replication in heterogeneous distributed systems. Failover requirements are expressed as attributes by using meta information. The advantage is that failover requirements are seamlessly integrated in the development process of a service or system. Furthermore the meta information with the failover requirements have initially no influence on the behaviour of a service or system and can be specified in an easy and efficient way. Meta information with the failover requirements are analysed, processed and transformed in a further process. The advantage is that the specification of functional requirements is easier to read since failover functionality does not become tangled with the basic functionality.

The thesis offers a High Availability and Failover Framework (HAFF) that simplifies the development of available services with failover functionality. The designed HAFF is a complete software solution. The framework can be used on simple distributed system with conventional computers. The research is based on the motivation that failover can increase the availability of services dramatically. Today's development of available systems is very expensive, since every component of the system must be reliable. The proposed framework can decrease the costs to implement availability radically, so that even small business companies will be able to offer highly available services. In comparison to other failover approaches the thesis shows how failover can be achieved by software and used for services in heterogeneous distributed systems. The system is seen in a holistic way and hardware and software failures are tolerated by the proposed framework.

The thesis outlines the motivation and objectives of the research, describes the developed framework and reviews literature on distributed systems, availability and meta information. Meta information is used in the framework to increase the efficiency of developers. The thesis presents a generic meta information facility to be able to define and process meta information. A so called Meta Information Definition Language (MIDL) has been designed to define meta information within models (e.g. source code) of different programming languages. A Meta Information Processing Tool (MIPT) and an Abstract Syntax Language Tree (ASLT) have been designed for the processing of meta information and manipulation of the model (e.g. code transformations). The designed meta information facility can be seen as a framework to define macro languages for a programming language. Any language that supports comments can be extended by MIDL specifications.

The meta information facility has been designed to simplify the development of failover for services with state replication. Developers only define some attributes to ensure failover. The attributes are specified by a FailOver Point Definition Language (FOPDL), based on MIDL. Code needed in software will be generated automatically by processing the FOPDL specifications.

HAFF offers a High Availability and Failover Environment (HAFE) that observes and manages a heterogeneous distribute system. It gives knowledge about alternative available service instances and is used in case of failover.

Furthermore, a reference implementation of the proposed HAFF with it's underlying meta information facility has been designed, developed and tested during research. The reference implementation can be used to demonstrate most of the designed features. It is used in the thesis in order to evaluate the approach by simulations.

Wireless Mobile Ad hoc NETwork (WMANET) is a group of an independent wireless (mobile/semi-mobile) nodes communicating on a peer-to-peer basis without a pre-established infrastructure. The unique characteristics of WMANETs make such networks highly vulnerable to security attacks when compared with wired or infrastructure-based wireless networks.

The contributions of this research are threefold. Firstly, a new, specialised Architectural Framework for WMANETs (AF-WMANETs) has been built, independent of any existing network architectures such as OSI or TCP/IP, using two reference architectural models: RM-ODP and TINA. AF-WMANET presents a full description for WMANETs from the viewpoints of Enterprise, Information and Computational. This description improves the understanding of WMANET's properties, requirements and needs. The current challenges such as routing, security, scalability and Quality of Service (QoS) that face WMANETs can thus be easily defined and their solution realised.

Second, based upon AF-WMANET and exploiting X.800, and X.805, two ITU-T security-related recommendations, a technology-independent Security Architecture for WMANETs has been defined. The Security Architecture provides the specification of a comprehensive, top-down, end-to-end security solution for WMANETs that could be applied to every wireless service provisioning scenario using such networks in order to detect, predict, and correct security vulnerabilities. The security architecture identifies the security requirements needed, their objectives and how they could be applied throughout AF-WMANETs, taking into consideration the various security attacks it could face.

Third, a technology-dependent implementation of some of the security requirements identified in the Security Architecture such as authentication, availability, data confidentiality, data integrity and non-repudiation has been proposed by means of defining a novel Security Mechanism for Managing the Digital Certificates in WMANETs. Where WMANETs are operating in heterogeneous wireless environments, two algorithms are defined for two possible scenarios.

The first algorithm, called FM-WMANET, tackles the issue of managing the digital certificates in a fully managed WMANET. In this scenario, all WMANET nodes participate simultaneously with other infrastructure-based wireless networks such as WLANs or cellular systems. The key management system in this algorithm uses the hierarchical trust model provided by these wireless networks' different Public Key Infrastructures (PKIs). FM-WMANET deals with real CAs with a high level of security and availability, rather than the virtual CAs applied in previous work using threshold cryptography, the latter entails a higher maintenance overhead than is the case with real CAs. Additionally, all nodes in FM-WMANET are treated equally; there are no servers or combiner nodes.

The second algorithm, PM-WMANET, assumes as a part of it network model that some of the WMANET nodes belong to other extant wireless networks. The trust model in this case will be a combination between the hierarchical trust model used by the PKIs of these wireless networks and the web of trust model used between the WMANET nodes. This combination improves the security level by using PKI, and simultaneously giving WMANET nodes the opportunity to participate in key management system services.

FM-WMANET and PM-WMANET algorithms are both evaluated using graph theory and the NS-2 network simulator. The graph theory-based evaluation studies the certification graphs resulting from the two algorithms and evaluates them according to some evaluation metrics such as certification graph connectivity and security level. The NS-2 based evaluation tests the two proposed algorithms in real network environments and measures their communication costs using other evaluation metrics such as success ratio, delay, average number of retries and overhead. The results of the two evaluation studies prove that both FM-WMANET and PM-WMANET are fully distributed security protocols that provide a high level of secure, available, scalable, flexible and efficient key management services for WMANETs. A comparative analysis between FM-WMANET and PM-WMANET is also provided.

Voice over Internet Protocol (VoIP) is an active area of research in the world of communication. The high revenue made by the telecommunication companies is a motivation to develop solutions that transmit voice over other media rather than the traditional, circuit switching network.

However, while IP networks can carry data traffic very well due to their best effort nature, they are not designed to carry real-time applications such as voice. As such several degradations can happen to the speech signal before it reaches its destination. Therefore, it is important for legal, commercial, and technical reasons to measure the quality of VoIP applications accurately and non-intrusively.

Several methods were proposed to measure the speech quality: some of these methods are subjective, others are intrusive-based while others are non-intrusive. One of the non-intrusive methods for measuring the speech quality is the E-model standardised by the International Telecommunication Union-Telecommunication Standardisation Sector (ITU-T).

Although the E-model is a non-intrusive method for measuring the speech quality, but it depends on the time-consuming, expensive and hard to conduct subjective tests to calibrate its parameters, consequently it is applicable to a limited number of conditions and speech coders. Also, it is less accurate than the intrusive methods such as Perceptual Evaluation of Speech Quality (PESQ) because it does not consider the contents of the received signal.

In this thesis an approach to extend the E-model based on PESQ is proposed. Using this method the E-model can be extended to new network conditions and applied to new speech coders without the need for the subjective tests. The modified E-model calibrated using PESQ is compared with the E-model calibrated using subjective tests to prove its effectiveness.

During the above extension the relation between quality estimation using the E-model and PESQ is investigated and a correction formula is proposed to correct the deviation in speech quality estimation.

Another extension to the E-model to improve its accuracy in comparison with the PESQ looks into the content of the degraded signal and classifies packet loss into either Voiced or Unvoiced based on the received surrounding packets. The accuracy of the proposed method is evaluated by comparing the estimation of the new method that takes packet class into consideration with the measurement provided by PESQ as a more accurate, intrusive method for measuring the speech quality.

The above two extensions for quality estimation of the E-model are combined to offer a method for estimating the quality of VoIP applications accurately, nonintrusively without the need for the time-consuming, expensive, and hard to conduct subjective tests.

Finally, the applicability of the E-model or the modified E-model in measuring the quality of services in Service Oriented Computing (SOC) is illustrated.

Software composition systems are systems that concentrate on the composition of components. These systems represent a growing subfield of software engineering. Traditional software composition approaches define components as black-boxes. Black-boxes are characterised by their visible behaviour, but not their visible structure. They describe what can be done, rather than how it can be done. Basically, black-boxes are structurally monolithic units that can be composed together via provided interfaces. Growing complexity of software systems and dynamically changing requirements to these systems demand better parameterisation of components. State of the art approaches have tried to increase parameterisation of systems with so-called grey-box components (grey-boxes). These types of components introduced a structural configurability of components. Greyboxes could improve composability, reusability, extensibility and adaptability of software systems. However, there is still there is a big gap between grey-box approaches and business.

We see two main reasons for this. Firstly, a structurally non-monolithic nature of grey-boxes results in a significantly increased number of components and relationships that may form a software system. This makes grey-box approaches more complex and their development more expensive. There is a lack of tools to decrease the complexity of grey-box approaches. Secondly, grey-box composition approaches are oriented to the experts with a technical background in programming languages and software architectures. Up to now, state-of-the-art approaches have not addressed the question of their efficient applicability by domain experts with no technical background in programming languages. We consider a structural visibility of grey-boxes gives a chance to provide better externalisation of business logic, so that even a non-expert in programming language could design a software system for his/her special domain.

In this thesis, we propose a holistic approach, called Neurath Composition Framework, to compose software systems according to well-defined requirements which have been externalised, giving the ownership of the design to the end-user. We show how externalisation of business logic can be achieved using grey-box composition systems augmented with the domain-specific visual interfaces. We define our own grey-box composition system based on the Parametric Code Templates component model and Molecular Operations composition technique. With this composition system awareness of a design, comprehensive development and the reuse of program code templates can be achieved. Finally, we present a sample implementation that shows the applicability of the composition framework to solve real-life business tasks.

The aim of this research is to improve routing fault tolerance in Mobile Ad hoc Networks (MANETs) by optimising multipath routing in a well-studied reactive and single path routing protocol known as Ad hoc On-demand Distance Vector (AODV). The research also aims to prove the effect of varying waiting time of Route Reply (RREP) procedure and utilising the concept of efficient routes on the performance of multipath extensions to AODV. Two novel multipath routing approaches are developed in this thesis as new extensions to AODV to optimise routing overhead by improving Route Discovery Process (RDP) and Route Maintenance Process (RMP) of multipath AODV. The first approach is a link-disjoint multipath extension called "Threshold efficient Routes in multipath AODV" (TRAODV) that optimises routing packets overhead by improving the RDP of AODV which is achieved by detecting the waiting time required for RREP procedure to receive a threshold number of efficient routes. The second approach is also a link-disjoint multipath extension called "On-demand Route maintenance in Multipath AoDv" (ORMAD) which is an extension to TRAODV that optimises routing packets and delay overhead by improving the RMP of TRAODV. ORMAD applies the concepts of threshold waiting time and efficient routes to both phases RDP and RMP. It also applies RMP only to efficient routes which are selected in the RDP and when a route fails, it invokes a local repair procedure between upstream and downstream nodes of the broken link. This mechanism produces a set of alternative subroutes with less number of hops which enhances route efficiency and consequently minimises the routing overhead.

TRAODV and ORMAD are implemented and evaluated against two existing multipath extensions to AODV protocol and two traditional multipath protocols. The existing extensions to AODV used in the evaluation are a well-known protocol called Ad hoc On-demand Multipath Distance Vector (AOMDV) and a recent extension called Multiple Route AODV (MRAODV) protocol which is extended in this thesis to the new approach TRAODV while the traditional multipath protocols used in the evaluation are Dynamic Source Routing (DSR) and Temporally Ordered Routing Algorithm (TORA). Protocols are implemented using NS2 and evaluated under the same simulation environment in terms of four performance metrics; packet delivery fraction, average end-to-end delay, routing packets overhead, and throughput.

Simulation results of TRAODV evaluation show that the average number of routes stored in a routing table of MRAODV protocol is always larger than the average number of routes in TRAODV. Simulation results show that TRAODV reduces the overall routing packets overhead compared to both extensions AOMDV and MRAODV, especially for large network size and high mobility. A vital drawback of TRAODV is that its performance is reduced compared to AOMDV and MRAODV in terms of average end-to-end delay. Additionally, TORA still outperforms TRAODV and the other extensions to AODV in terms of routing packets overhead.

In order to overcome the drawbacks of TRAODV, ORMAD is developed by improving the RDP of TRAODV. The performance of ORMAD is evaluated against RREP waiting time using the idea of utilising the efficient routes in both phases RDP and RMP. Simulation results of ORMAD show that the performance is affected by varying the two RREP waiting times of both RDP and RMP in different scenarios. As shown by the simulation results, applying the short and long waiting times in both phases tends to less performance in terms of routing packets overhead while applying the moderate waiting times tends to better performance. ORMAD enhances routing packets overhead and the average end-to-end delay compared to TRAODV, especially in high mobility scenarios. ORMAD has the closest performance to TORA protocol in terms of routing packets overhead compared to AOMDV and MRAODV.

Relevant concepts are formalised for ORMAD approach and conducted as an analytical model in this thesis involving the whole process of multipath routing in AODV extensions. ORMAD analytical model describes how the two phases RDP and RMP interact with each other with regard to two performance metrics; total number of detected routes and Route Efficiency.

The future Heterogeneous Wireless Network (HWN) is composed of multiple Radio Access Technologies (RATs), therefore new Radio Resource Management (RRM) schemes and mechanisms are necessary to benefit from the individual characteristics of each RAT and to exploit the gain resulting from jointly considering the whole set of the available radio resources in each RAT. These new RRM schemes have to support mobile users who can access more than one RAT alternatively or simultaneously using a multi-mode terminal. An important RRM consideration for overall HWN stability, resource utilization, user satisfaction, and Quality of Service (QoS) provisioning is the selection of the most optimal and promising Access Network (AN) for a new service request. The RRM mechanism that is responsible for selecting the most optimal and promising AN for a new service request in the HWN is called the initial Access Network Selection (ANS). This thesis explores the issue of ANS in the HWN. Several ANS solutions that attempt to increase the user satisfaction, the operator benefits, and the QoS are designed, implemented, and evaluated.

The thesis first presents a comprehensive foundation for the initial ANS in the HWN. Then, the thesis analyses and develops a generic framework for solving the ANS problem and any other similar optimized selection problem. The advantages and strengths of the developed framework are discussed. Combined Fuzzy Logic (FL), Multiple Criteria Decision Making (MCDM) and Genetic Algorithms (GA) are used to give the developed framework the required scalability, flexibility, and simplicity.

The developed framework is used to present and design several novel ANS algorithms that consider the user, the operator, and the QoS view points. Different numbers of RATs, MCDM tools, and FL inference system types are used in each algorithm. A suitable simulation models over the HWN with a new set of performance evolution metrics for the ANS solution are designed and implemented. The simulation results show that the new algorithms have better and more robust performance over the random, the service type, and the terminal speed based selection algorithms that are used as reference algorithms. Our novel algorithms outperform the reference algorithms in terms of the percentage of the satisfied users who are assigned to the network of their preferences and the percentage of the users who are assigned to networks with stronger signal strength. The new algorithms maximize the operator benefits by saving the high cost network resources and utilizing the usage of the low cost network resources. Usually better results are achieved by assigning the weights using the GA optional component in the implemented algorithms.

With advances in communication technology and the Internet, grid computing offers a new paradigm for distributed computing. It emerged as a mechanism for allowing a collection of connected computer systems to form a large-scale data and computing network. It promotes the sharing of distributed resources that may be heterogeneous in nature, so as to enable different application domains including science, industry, engineering, finance and even government to solve large-scale computing problems. This brings many challenges to grid resource brokering such as acting fast enough to meet the needs of new application domains. This research has therefore developed a grid resource broker that insulates users from the complexities of grids. In order to do this it executes their jobs by migrating application software, jobs and data from one site (node) to another depending on policies. It also enables advance reservation and fault tolerance. The grid resource broker combines both user-centric and systemcentric to achieve certain performance goals such as the minimisation of execution time, the optimal use of resources and minimising of the number of rejected jobs and the maximisation of resource utilisation and reliability.

To request resources from the grid environment and achieve a good level of resource management and brokering within a grid environment requires languages that can specify the required resources and describe how to run jobs on them. These requests are made by users submitting jobs to the resource broker, from the resource broker to the resources, and between the resources themselves.

Several languages have been developed for describing grid jobs, the latest of these languages is Job Submission Description Language (JSDL). None of the current job description languages deals with applications or events, and all have limitations with regard to issues of time; that's because all of them deals with individual job only and allow describing fixed time to execute the job. We propose an extension of JSDL to cope with jobs granularity, their composition, event and time. This extension will enable JSDL to support the descriptions of applications and their jobs flows, and allow users to control their jobs at run time by describing events. It will also give users the flexibility to determine job execution times that help complete their jobs.

The need for a language to facilitate communication between resource broker and resources, and between resources themselves, stimulated us to create a new language to perform this task. This language, called Ground-JSDL, expresses how a job should run on the resources and supports mobility, advance reservation and input and output data.

The findings of our research have been evaluated using grid simulation tool. The simulation results have demonstrated that these features significantly improve the performance of grid environments and provide excellent scheduling results.

Computing systems are becoming more and more complex and are assuming more and more responsibilities in all sectors of human activity. Science and technology information present a rich resource, essential for managing research and development programs. Many of today's applications are built as distribution systems. The Internet is one of the best-known distribution systems and is used by nearly everyone today. With a great deal of available data on the net in different languages, it is essential to use efficient methods to extract useful information from the data. Fortunately, the parallel growth of information and of analytical tools offer the promise of advanced decision aids to support research and development more effectively. Data mining, information retrieval and other information-based technologies especially nowadays, are receiving increased attention.

The importance of English is well established in every field. Likewise, Arabic is also a major natural language, spoken by over 250 millions people in 21 Arab countries as the first language, and in Islamic countries it is used as a second language. It is one of the languages of the Semitic family and thus preserves the complexity of this group. Arabic is highly derivated, as well as being an inflected language, so it requires good stemming for effective text mining. Yet no standard approach to stemming has emerged. This work investigates some of the issues involved in achieving bilingual text mining from large bodies of electronic Arabic-English datasets.

The main aim of this thesis is to address the above issues and provide the best framework. To address this aim, this thesis evaluates the current proposed preprocessing and SOM clustering algorithms. Our proposed MLTextMAES approach has the ability to perform the four main stages of standard text mining, taking into account pre-processing, clustering (via SOM) and test of quality. Thus we have employed SOM as a tool for the clustering of documents into groups with similar categories.

To the author's knowledge there is no significant literature available regarding the SOM technique applied to Arabic-English text mining. The model is found to be useful in strategic decision-making settings. The results indicate that SOM is a feasible tool for multilingual languages, and presents several advantages over current methods. Our experimental results show improved clustering performance when using Arabic-English language documents for our datasets.

Service technology geared by its SOA architecture and enabling Web services is rapidly gaining in maturity and acceptance. Consequently, most worldwide (private and corporate) cross-organizations are embracing this paradigm by publishing, requesting and composing their businesses and applications in the form of (web-)services. Nevertheless, to face harsh competitiveness such serviceoriented cross-organizational applications are increasingly pressed to be highly composite, adaptive, knowledge-intensive and very reliable. In contrast to that, Web service standards such as WSDL, WSBPEL, WS-CDL and many others offer just static, manual, purely process-centric and ad-hoc techniques to deploy such services.

The main objective of this thesis consists therefore in leveraging the development of service-driven applications towards more reliability, dynamically and adaptable knowledge-intensiveness. This thesis puts forward an innovative framework based on distributed high-level Petri nets and event-driven business rules. More precisely, we developed a new variant of high-level Petri Nets formalism called Service-based Petri nets (CSrv-Nets), that exhibits the following potential characteristics. Firstly, the framework is supported by a stepwise methodology that starts with diagrammatical UML-class diagrams and business rules and leads to dynamically adaptive services specifications. Secondly, the framework soundly integrates behavioural event-driven business rules and stateful services both at the type and instance level and with an inherent distribution. Thirdly, the framework intrinsically permits validation through guided graphical animation. Fourthly, the framework explicitly separates between orchestration for modelling rule-intensive single services and choreography for cooperating several services through their governing interactive business rules. Fifthly, the framework is based on a two-level conceptualization: (1) the modelling of any rule-centric service with CSrv-Nets; (2) the smooth upgrading of this service modelling with an adaptability-level that allows for dynamically shifting up and down any rule-centric behavior of the running business activities.

One of the most difficult tasks a programmer can be confronted with is the migration of a legacy system. Usually, these systems are unstructured, poorly documented and contain complex program logic. The reason for this, in most cases, is an emphasis on raw performance rather than on clean and structured code as well as a long period of applying quick fixes and enhancements rather than doing a proper software reengineering process including a full redesign during major enhancements. Nowadays, the old programming paradigms are becoming an increasingly serious problem. It has been identified that 90% of the costs of a typical software system arise in the maintenance phase. Many companies are simply too afraid of changing their software infrastructure and prefer to continue with principles like "never touch a running system". These companies experience growing pressure to migrate their legacy systems onto newer platforms because the maintenance of such systems is expensive and dangerous as the risk of losing vital parts of sources code or its documentation increases drastically over time. The FermaT transformation system has shown the ability to automatically or semi-automatically restructure and abstract legacy code within a special intermediate language called WSL (Wide Spectrum Language). Unfortunately, the current transformation process only supports the migration of assembler as WSL lacks the ability to handle data types properly. The data structures in assembler are currently directly translated into C data types which involves many assumptional "hard coded" conversions. The absence of an adequate type system for WSL caused several flaws for the whole transformation process and limits its abilities significantly.

The main aim of the presented research is to tackle these problems by investigating and formulating how a type system can contribute to a safe and reliable migration of legacy systems. The described research includes the definition of key aspects of type related problems in the FermaT migration process and how to solve them with a suitable type system approach. Since software migration often includes a change in programming language the type system for WSL has to be able to support various type system approaches including the representation of all relevant details to avoid assumptions. This is especially difficult as most programming languages are designed for a special purpose which means that their possible programming constructs and data types differ significantly. This ranges from languages with simple type systems whose programs are prone to unintended side-effects, to languages with strict type systems which are constrained in their flexibility. It is important to include as many type related details as necessary to avoid making assumptions during language to language translation.

The result of the investigation is a novel multi layered type system specifically designed to satisfy the needs of WSL for a sophisticated solution without imposing too many limitations on its abilities. The type system has an adjustable expressiveness, able to represent a wide spectrum of typing approaches ranging from weak typing which allows direct memory access and down casting, via very strict typing with a high diversity of data types to object oriented typing which supports encapsulation and data hiding. Looking at the majority of commercial relevant statically typed programming languages, two fundamental properties of type strictness and safety can be identified. A type system can be either weakly or strongly typed and may or may not allow unsafe features such as direct memory access. Each layer of the Wide Spectrum Type System has a different combination of these properties. The approach also includes special Type System Transformations which can be used to move a given WSL program among these layers. Other emphasised key features are explicit typing and scalability.

The whole approach is based on a sound mathematical foundation which assures correctness and integrates seamlessly into the present mathematical definition of WSL. The type system is formally introduced to WSL by constructing an attribute grammar for the language. Type checking and type inference are used to annotate the Abstract Syntax Tree of a given WSL program with type derivations which can be used to reveal and indicate possible typing errors or to infer types if the program did not feature explicit type declarations in the first place. Notable in this approach is also the fact that object orientation is introduced to a procedural programming language without the introduction of new semantics. It is shown that object orientation can be introduced just by adjusting type checking rules and adding some syntactical notations. The approach was implemented and tested on two case studies. The thesis describes and discusses both cases in detail and shows how a migration which ignores type systems could accidentally introduce errors due to assumptions during translation. Both case studies use all important aspects of the approach, including type transformations and object identification. The thesis finalises by summarising the whole work, identifying limitations, presenting future perspectives and drawing conclusions.

The "Software as a Service" model in service-oriented computing allows loosely coupled software components to be designed and integrated with other software systems. Web services, together with service-oriented architectures, are promising integration technology to facilitate legacy system Webification. However, since most components in a legacy system were not designed and developed as services, the current software systems need to be converted into a set of loosely coupled services. Therefore, a service-oriented software reengineering process is essential for legacy systems to survive in the service-oriented computing environment. In this service-oriented software reengineering process, understanding, decomposing and reusing legacy code turn to be important activities.

In this thesis, a methodology for Service-Oriented Software Reengineering (SOSR) is proposed to support the identification, extraction and integration of reusable legacy code. According to both the result of legacy system assessment and a service-oriented analysis and design process, a reengineering decision is made by proposed rules. Based on the service-oriented software reengineering decision, ontologies for SOSR, which consists of Domain Concept Ontology (DCO), Functionality Ontology (FO) and Software Component Ontology (SCO), are developed by the ontology development methodologies. These ontologies store knowledge on both application domain and code entities, which support further legacy code analysis. The identification of service candidates in legacy systems is achieved by mapping FO and SCO via a novel method combining Formal Concept Analysis (FCA) and Relational Concept Analysis (RCA). After the service candidates are identified, the reusable legacy code is extracted by dependency analysis and program slicing. Some rules are defined in code query language for the detection of dead code. Program slicing techniques are applied as main reverse engineering techniques to recover executable legacy code. An Executable Union Slicing (EUS) algorithm is defined to generate executable legacy components with high cohesion and low coupling properties. In the integration phase, extracted legacy components with core legacy code can either be wrapped into Web services for the service orchestration in the business layer, or be composed in a software service provider.

The proposed SOSR methodology is proved flexible and practical to migrate legacy applications to service-oriented architectures by the case studies. It can be customised according to different legacy systems. This methodology can help software developers and maintainers to reengineer the tightly coupled legacy information systems to the loosely coupled and agile information systems.

Using the Internet for teaching and learning has become a trend in modern higher education, facilitated through the exploitation of advanced computing technologies. Virtual Learning Environment (VLE) applications support online learning over the Internet, and VLEs have thus emerged as e-learning domains that are essential prerequisites in cutting edge design and implementation technologies in education.

Service Oriented Computing (SOC), as a novel software development and implementation approach, has become an active area of research and development. Web services, as an example of SOC, support the integration of software applications in an incremental way, using existing platforms and languages that utilize and adopt existing legacy systems. Thus, VLEs should be particularly well suited to Web ser- vices through the SOC approach. VLE services is a field subjected to continuous development but VLEs as Web services are still not generally accessible for academic institutions, although they have been adopted by some scientific projects. The next generation of VLEs should address the limitations of the current online systems by providing a richer context for online learning, one that is sensitive to the specific domain requirements of e-learning.

Web Services Matching and Selection (WSMS), as a part of the functional requirements of Web services, has received less attention from SOC researchers. It involves discovering a set of semantically equivalent services by filtering a set of availableservices based on service metadata, and instantaneously selecting the best possible service. WSMS is the discovery of a service by a user, where correspondence is established between the objectives of the consumer and the capabilities of the service. It thereby aims to match and select the optimal service that best meets the requestor's needs.

The main aim of this doctoral work is to explore novel architectural designs for VLEs, based on the SOC paradigm and its related techniques. In addition, this investigation aims to extend the core ideas behind VLE tools, which are gradually becoming dominant within academic institutes. Another aim is to devise a policy- based technique to enforce security requirements for VLEs and to build a test-bed for VLE security based on Modular Moodle.

The fundamental contribution of this thesis that it demonstrates that VLEs can be considered as services, which can be published, discovered and composed as perceived in the SOC paradigm. An additional contribution to the knowledge is that it has built a new extension to the structure of Web services: the Web Services Matching and Selection (WSMS) system. Another contribution to the knowledge is that traditional security requirements have been modified to cater for the highly mobile and changeable environment of VLEs; this has been achieved through policy- based techniques. These contributions to the body of knowledge have been published in learned journals and at conferences.

Mobile Ad hoc Network of Networks (MANoN) are a group of large autonomous wireless nodes communicating on a peer-to-peer basis in a heterogeneous environment with no pre-defined infrastructure. In fact, each node by itself is an ad hoc network with its own management. MANoNs are evolvable systems, which mean each ad hoc network has the ability to perform separately under its own policies and management without affecting the main system; therefore, new ad hoc networks can emerge and disconnect from the MANoN without conflicting with the policies of other networks. The unique characteristics of MANoN makes such networks highly vulnerable to security attacks compared with wired networks or even normal mobile ad hoc networks.

This thesis presents a novel security-management system based upon the Recommendation ITU-T M.3400, which is used to evaluate, report on the behaviour of our MANoN and then support complex services our system might need to accomplish. Our security management will concentrate on three essential components:

• Security Administration
• Prevention and Detection
• Containment and Recovery

In any system, providing one of those components is a problem; consequently, dealing with an infrastructure-less MANoN will be a dilemma, yet we approached each set group of these essentials independently, providing unusual solutions for each one of them but concentrating mainly on the prevention and detection category.

The contributions of this research are threefold. First, we defined MANoN Security Architecture based upon the ITU-T Recommendations: X.800 and X.805. This security architecture provides a comprehensive, end-to-end security solution for MANoN that could be applied to every wireless network that satisfies a similar scenario, using such networks in order to predict, detect and correct security vulnerabilities. The security architecture identifies the security requirements needed, their objectives and the means by which they could be applied to every part of the MANoN, taking into consideration the different security attacks it could face.

Second, realising the prevention component by implementing some of the security requirements identified in the Security Architecture, such as authentication, authorisation, availability, data confidentiality, data integrity and non-repudiation has been proposed by means of defining a novel Security Access Control Mechanism based on Threshold Cryptography Digital Certificates in MANoN.

Network Simulator (NS-2) is a real network environment simulator, which is used to test the performance of the proposed security mechanism and demonstrate its effectiveness. Our ACM-MANoN results provide a fully distributed security protocol that provides a high level of secure, available, scalable, flexible and efficient management services for MANoN.

The third contribution is realising the detection component, which is represented by providing a Behavioural Detection Mechanism based on nodes behavioural observation engaged with policies. This behaviour mechanism will be used to detect malicious nodes acting to bring the system down. This approach has been validated using an attacks case study in an unknown military environment to cope with misbehaving nodes.

Ontology has been developed to offer a commonly agreed understanding of a domain that is required for knowledge representation, knowledge exchange and reuse across domains. Therefore, ontology organizes information into taxonomies of terms (i.e., concepts, attributes) and shows the relationships between them. In fact, it is considered to be helpful in reducing conceptual confusion for users who need to share applications of different kinds, so it is widely used to capture and organize knowledge in a given domain.

Although ontologies are considered to provide a solution to data heterogeneity, from another point of view, the available ontologies could themselves introduce heterogeneity problems.

In order to deal with these problems, ontologies must be available for sharing or reusing; therefore, semantic heterogeneity and structural differences need to be resolved among ontologies. This can be done, in some cases, by aligning or matching heterogeneous ontologies. Thus, establishing the relationships between terms in the different ontologies is needed throughout ontology alignment.

Semantic interoperability can be established in ontology reconciliation. The original problem is called the "ontology alignment". The alignment of ontologies is concerned with the identification of the semantic relationships (subsumption, equivalence, etc.) that hold between the constituent entities (which can be classes, properties, etc.) of two ontologies.

In this thesis, an ontology alignment technique has been developed in orderd to facilitate communication and build a bridge between ontologies. An efficient mechanism has been developed in order to align entities from ontologies in different description languages (e.g. OWL, RDF) or in the same language. This approach tries to use all the features of ontologies (concept, attributes, relations, structure, etc.) in order to obtain efficiency and high quality results. For this purpose, several matching techniques have been used such as string, structure, heuristic and linguistic matching techniques with thesaurus support, as well as human intervention in certain cases, to obtain high quality results.

The main aim of the work is to introduce a method for finding semantic correspondences among heterogeneous ontologies, with the intention of supporting interoperability over given domains.

The approach brings together techniques in modelling, string matching, computation linguistics, structure matching and heuristic matching, in order to provide a semi-automatic alignment framework and prototype alignment system to support the procedure of ontology alignment in order to improve semantic interoperability in heterogeneous systems.

This technique integrates some important features in matching in order to achieve high quality results, which will help when searching and exchanging information between ontologies. Moreover, an ontology alignment system illustrates the solving of the key issues related to heterogeneous ontologies, which uses combination-matching strategies to execute the ontology-matching task. Therefore, it can be used to discover the matching between ontologies.

This thesis also describes a prototype implementation of this approach in many real-world case studies extracted from various Web resources. Evaluating our system is done throughout the experiments provided by the Ontology Alignment Evaluation Initiative. The system successfully achieved 93% accuracy for ontology matching. Finally, a comparison between our system and well-known tools is achieved so that our system can be evaluated.

Computer Numerical Control - CNC - machine is a system in which a control microcomputer is an integral part of the machine that controls the movements of the machine components. Coded instructions are directly inserted into the system in the form of letters and numbers. The system automatically interprets these data and converts them to output signals. These signals, in turn, control various machine components, such as turning spindles on and off, changing tools, moving the tool along specific paths, or turning cutting fluids on and off.

The advancement in computer technology has led to the development of new highly sophisticated CNC machines. Thus this advancement in modern CNC machines is characterised as costly and complex. The problem raised with these machines is in training, which can be unsafe and costly. New operators may injure themselves or cause damage to an expensive machine. It was obvious that there is a clear need for new technologies to assist in training on CNC machines. Virtual Reality - VR - is an effective technology to develop training modules where a virtual environment of the CNC machine replaces the actual one in the real world. Training in the virtual environment gives trainees the freedom to explore the CNC machine and make errors without the worry of injuries or damages. However, we found out that there is a clear need to test the virtual model for validation before applying it for training purposes. We also believed that formal methods make it possible to describe the virtual model to be developed in an accurate and unambiguous way.

In this thesis, we first developed a virtual training CNC machine system, with the milling machine being the chosen example. Then, we investigated and used formal methods (in particular the logic-base ITL and its executable subset) in specifying and verifying the elementary CNC system. This has been achieved by viewing the CNC system as a single mathematical function transforming points into machine tool displacement. As a result, we came up with a prototype system of the CNC milling machine that is self-validated. Finally, we evaluated our virtual CNC machine with several detailed case-studies of machining different engineering components with various shapes.

The theme of this thesis is to pave a path to recover business intelligence automatically from software system, which is reverse engineering task. It refers to technologies, applications and practices for the localisation, extraction, analysis of business intelligence in software system. Business intelligence recovery vertically elicits business intelligence from software system to business intelligence base. Such an approach naturally requires information transformation from software system to business intelligence base, and hence a novel set of automatic business intelligence recovery steps are needed.

After a brief introduction of major issues covered by this thesis, the state of art of the area coined by the author as "business intelligence elicitation from software system", in particular, the kinds of business intelligence that can be elicited from software system and their corresponding reverse engineering technical solutions are presented.

Several new techniques are invented to pave the way towards realising this approach and make it light-weight. In particular, a programming-style-based method is proposed to partition a source program into business intelligence oriented program modules; concept recovery rules are defined to recover business intelligence concepts from the names embedded in a program module; formal concept analysis is built to model the recovered business intelligence and present business logic. The future research of this task is viewed as "automating business intelligence accumulation in Web" which is defined to bridge work in this thesis to nowadays Web computing trends.

A prototype tool for recovering business intelligence from a Web-based mobile retailing system is then presented, followed by case study giving evaluation on the approach in different aspects.

Finally, conclusions are drawn. Original contributions of this research work to the field of software reverse engineering are made explicit and future opportunities are explored.

With the high demand for renovation of legacy systems, their evolution is becoming an urgent need. Although some approaches have been introduced to evolving legacy systems, they are not sufficient for understanding legacy code.

In this thesis, development/environment-specific models of domain-specific legacy systems are acquired, based on their characteristics and operations. The development/environment-specific model of COBOL legacy systems is based on the characteristics and operations of COBOL, and is a procedure-based model comprising a graph that describes the calling and being-called relationships of those procedures in COBOL legacy systems. It has four types: linear, branch, joint, and synthetic procedure-based models. The link-based model of HTML legacy systems uses a graph that describes the importing or imported relationships of webs in a legacy system. It has three types: sequential, cyclical, and compositive link-based models. The development/environment-specific model of the SQL legacy system comprises association, generation and composition database-based models based on the basic operations of SQL and the two main relationships of generation and association between the databases in an SQL legacy system.

The structural stage of UML extraction in this thesis contains class realisation. The classification of classes from COBOL legacy system is two, which are procedure class and variable class. Every procedure in COBOL legacy system is defined as one procedure class. Variable class is based on the program slicing techniques with two stages of pseudo class and real class extraction from COBOL legacy system. The variabl of the sliced criterion is defined as the class name, and the variables contained in its slicing criterion are defined as the attributes of that variable class. Because the behavioural analysis of domain-specific legacy systems is behind the analysis of structural analysis, the operations in variabl class are not described. The classification of classes of HTML legacy system is based on the web pages and their blocks. The classification of SQL legacy system is two, which is procedure class and database class. Selected UML diagrams are used to describe the static aspect of domain-specific legacy systems.

The behavioural stage of UML extraction in this thesis focuses on the operations and activities of domain-specific legacy systems. When understanding the operations and activities of domain-specific legacy code, their preconditions and post-conditions must be presented from the source code. Then those operations and activities are ordered according to the time and sequence they are executed by. At last, the operation and activity arraies are presented. Selected UML diagrams describing the dynamic aspect of domain-specific legacy systems are realised based on those operation and activity arraies.

The major contribution of this thesis is the presentation of development/ environment-specific models of domain-specific legacy systems and an approach towards software evolution of domain-specific legacy systems using UML diagrams.

Web sites are the online front of most of the companies and institutions, some of which undergo continuous changes to their structure, content or both due to changes in the services offered or any updates in the information to be imparted. The restructuring of web sites is normally undertaken to facilitate user access to similar pages. This is carried out by taking into account the preferences of the users when browsing the website. We investigate various methods of restructuring websites based on a combination of user's views and the existing structure of the site to make any recommendations of change. The user's views are incorporated by calculating the similarity between web pages based on the users traversal path on the site. The structural similarity of the pages are calculated by defining the distance of the web pages based to their position in the overall structure of the site. We propose a new similarity measure based on the combination of these i.e similarity according to the traversal path of the user and the similarity according to the structure of the site. These similarity measures are used to find clusters of similar pages using several clustering algorithm. Extensive computational efforts were undertaken using JAVA for preprocessing and cleaning of standard data sets from NASA and also local data files from the faculties web site, implementing several clustering algorithm using SAS platform. The result of the clustering process is used to give the recommendations for future changes to be made in the structure of the site.

The FermaT Transformation Engine is an industrial strength toolset for the migration of Assembler and Cobol based legacy systems to C. It uses an intermediate language and several dozen mathematical proven transformations to raise the abstraction level of a source code or to restructure and simplify it as needed. The actual program transformation process with the aid of this toolset is semi-automated which means that a maintainer has not only to apply one transformation after another but also to evaluate the transformation result. This can be a very difficult task especially if the given program is very large and if a lot of transformations have to be applied. Moreover, it cannot be assured that a transformation target will be achieved because it relies on the decisions taken by the respective maintainer which in turn are based on his personal knowledge. Even a small mistake can lead to a failure of the entire program transformation process which usually causes an extensive and time consuming backtrack. Furthermore, it is difficult to compare the results of different transformation sequences applied on the same program. To put it briefly, the manual approach is inflexible and often hard to use especially for maintainers with little knowledge about transformation theory.

There already exist different approaches to solve these well known problems and to simplify the accessibility of the FermaT Transformation Engine. One recently presented approach is based on a particular prediction technique whereas another is based on various search tactics. Both intend to automatise the program transformation process. However, the approaches solve some problems but not without introducing others. On the one hand, the prediction based approach is very fast but often not able to provide a transformation sequence which achieves the defined program transformation targets. The results depend a lot on the algorithms which analyse the given program and on the knowledge which is available to make the right decisions during the program transformation process. On the other hand, the search based approach usually finds suitable results in terms of the given target but only in combination with small programs and short transformation sequences. It is simply not possible to perform an extensive search on a large-scale program in reasonable time.

To solve the described problems and to extend the operating range of the FermaT Transformation Engine, this thesis proposes a constraint based program transformation system. The approach is semi-automated and provides the possibility to outline an entire program transformation process on the basis of constraints and transformation schemes. In this context, a constraint is a condition which has to be satisfied at some point during the application of a transformation sequence whereas a transformation scheme defines the search space which consists of a set of transformation sequences. After the constraints and the scheme have been defined, the system uses a unique knowledge-based prediction technique followed by a particular search tactic to reduce the number of transformation sequences within the search space and to find a transformation sequence which is applicable and which satisfies the given constraints. Moreover, it is possible to describe those transformation schemes with the aid of a formal language.

The presented thesis will provide a definition and a classification of constraints for program transformations. It will discuss capabilities and effects of transformations and their value to define transformation sets. The modelling of program transformation processes with the aid of transformation schemes which in turn are based on finite automata will be presented and the inclusion of constraints into these schemes will be explained. A formal language to describe transformation schemes will be introduced and the automated construction of these schemes from the language will be shown. Furthermore, the thesis will discuss a unique prediction technique which uses the capabilities of transformations, an evaluation of the transformation sequences on the basis of transformation effects and a particular search tactic which is related to linear and tree search tactics.

The practical value of the presented approach will be proven with the aid of three medium-scale case studies. The first one will show how to raise the abstraction level whereas the second one will show how to decrease the complexity of a particular program. The third one will show how to increase the execution speed of a selected program. Moreover, the work will be summarised and evaluated on the basis of the research questions. Its limitations will be disclosed and some suggestion for future work will be made.

Model Driven software development has been considered to be a further software construction technology following object-oriented software development methods and with the potential to bring new breakthroughs in the research of software development. With deepening research, a growing number of Model Driven software development methods have been proposed. The model is now widely used in all aspects of software development. One key element determining progress in Model Driven software development research is how to better express and describe the models required for various software components. From a study of current Model Driven development technologies and methods, Domain-Specific Modelling is suggested in the thesis as a Model Driven method to better realise the potential of Model-Driven Software Development.

Domain-specific modelling methods can be successfully applied to actual software development projects, which need a flexible and easy to extend, meta-modelling language to provide support. There is a particular requirement for modelling languages based on domain-specific modelling methods in Meta-modelling as most general modelling languages are not suitable. The thesis focuses on implementation of domain-specific modelling methods. The "domain" is stressed as a keystone of software design and development and this is what most differentiates the approach from general software development process and methods. Concerning the design of meta-modelling languages, the meta-modelling language based on XML is defined including its abstract syntax, concrete syntax and semantics. It can support description and construction of the domain meta-model and the domain application model. It can effectively realise visual descriptions, domain objects descriptions, relationships descriptions and rules relationships of domain model. In the area of supporting tools, a meta-meta model is given. The meta-meta model provides a group of general basic component meta-model elements together with the relationships between elements for the construction of the domain meta-model. It can support multi-view, multi-level description of the domain model. Developers or domain experts can complete the design and construction of the domain-specific meta-model and the domain application model in the integrated modelling environment. The thesis has laid the foundation necessary for research in descriptive languages through further study in key technologies of meta-modelling languages based on Model Driven development.

Grid computing was born in the 1990s, when researchers were looking for a way to share expensive computing resources and experiment equipment. Grid computing is becoming increasingly popular because it promotes the sharing of distributed resources that may be heterogeneous in nature, and it enables scientists and engineering professionals to solve large scale computing problems. In reality, there are already huge numbers of grid computing facilities distributed around the world, each one having been created to serve a particular group of scientists such as weather forecasters, or a group of users such as stock markets.

However, the need to extend the functionalities of current grid systems lends itself to the consideration of grid evolution. This allows the combination of many disjunct grids into a single powerful grid that can operate as one vast computational resource, as well as for grid environments to be flexible, to be able to change and to evolve. The rationale for grid evolution is the current rapid and increasing advances in both software and hardware.

Evolution means adding or removing capabilities. This research defines grid evolution as adding new functions and/or equipment and removing unusable resources that affect the performance of some nodes. This thesis produces a new technique for grid evolution, allowing it to be seamless and to operate at run time. Within grid computing, evolution is an integration of software and hardware and can be of two distinct types, external and internal. Internal evolution occurs inside the grid boundary by migrating special resources such as application software from node to node inside the grid. While external evolution occurs between grids.

This thesis develops a framework for grid evolution that insulates users from the complexities of grids. This framework has at its core a resource broker together with a grid monitor to cope with internal and external evolution, advance reservation, fault tolerance, the monitoring of the grid environment, increased resource utilisation and the high availability of grid resources.

The starting point for the present framework of grid evolution is when the grid receives a job whose requirements do not exist on the required node which triggers grid evolution. If the grid has all the requirements scattered across its nodes, internal evolution enabling the grid to migrate the required resources to the required node in order to satisfy job requirements ensues, but if the grid does not have these resources, external evolution enables the grid either to collect them from other grids (permanent evolution) or to send the job to other grids for execution (just in time) evolution.

Finally a simulation tool called (EVOSim) has been designed, developed and tested. It is written in Oracle 10g and has been used for the creation of four grids, each of which has a different setup including different nodes, application software, data and polices. Experiments were done by submitting jobs to the grid at run time, and then comparing the results and analysing the performance of those grids that use the approach of evolution with those that do not. The results of these experiments have demonstrated that these features significantly improve the performance of grid environments and provide excellent scheduling results, with a decreasing number of rejected jobs.

Agent-based computing has attracted much attention as a promising technique for application domains that are distributed, complex and heterogeneous. Current research on multi-agent systems (MAS) has become mature enough to be applied as a technology for solving problems in an increasingly wide range of complex applications. The main formal architectures used to describe the relationships between agents in MAS are centralised and distributed architectures.

In computational complexity theory, researchers have classified the problems into the followings categories: (i) P problems, (ii) NP problems, (iii) NP-complete problems, and (iv) NP-hard problems. A method for computing the solution to NP-hard problems, using the algorithms and computational power available nowadays in reasonable time frame remains undiscovered. And unfortunately, many practical problems belong to this very class. On the other hand, it is essential that these problems are solved, and the only possibility of doing this is to use approximation techniques.

Heuristic solution techniques are an alternative. A heuristic is a strategy that is powerful in general, but not absolutely guaranteed to provide the best (i.e. optimal) solutions or even find a solution. This demands adopting some optimisation techniques such as Evolutionary Algorithms (EA).

This research has been undertaken to investigate the feasibility of running computationally intensive algorithms on multi-agent architectures while preserving the ability of small agents to run on small devices, including mobile devices. To achieve this, the present work proposes a new Hybrid Multi-Agent Architecture (HMAA) that generates new heuristics for solving NP-hard problems. This architecture is hybrid because it is "semi-distributed/semi-centralised" architecture where variables and constraints are distributed among small agents exactly as in distributed architectures, but when the small agents become stuck, a centralised control becomes active where the variables are transferred to a super agent, that has a central view of the whole system, and possesses much more computational power and intensive algorithms to generate new heuristics for the small agents, which find optimal solution for the specified problem.

This research comes up with the followings: (1) Hybrid Multi-Agent Architecture (HMAA) that generates new heuristic for solving many NP-hard problems. (2) Two frameworks of HMAA have been implemented; search and optimisation frameworks. (3) New SMA meeting scheduling heuristic. (4) New SMA repair strategy for the scheduling process. (5) Small Agent (SMA) that is responsible for meeting scheduling has been developed. (6) “Local Search Programming” (LSP), a new concept for evolutionary approaches, has been introduced. (7) Two types of super-agent (LGP_SUA and LSP_SUA) have been implemented in the HMAA, and two SUAs (local and global optima) have been implemented for each type. (8) A prototype for HMAA has been implemented: this prototype employs the proposed meeting scheduling heuristic with the repair strategy on SMAs, and the four extensive algorithms on SUAs.

The results reveal that this architecture is applicable to many different application domains because of its simplicity and efficiency. Its performance was better than many existing meeting scheduling architectures. HMAA can be modified and altered to other types of evolutionary approaches.

There are two main defined classes of uncertainty namely: fuzziness and ambiguity, where ambiguity is 'one-to-many' relationship between syntax and semantic of a proposition. This definition seems that it ignores 'many-to-many' relationship ambiguity type of uncertainty. In this thesis, we shall use complex-uncertainty to term many-to-many relationship ambiguity type of uncertainty.

This research proposes a new approach for handling the complex ambiguity type of uncertainty that may exist in data, for software engineering of predictive Data Mining (DM) classification models. The proposed approach is based on Relative-Fuzzy Logic (RFL), a novel type of fuzzy logic. RFL defines a new formulation of the problem of ambiguity type of uncertainty in terms of States Of Proposition (SOP). RFL describes its membership (semantic) value by using the new definition of Domain of Proposition (DOP), which is based on the relativity principle as defined by possible-worlds logic.

To achieve the goal of proposing RFL, a question is needed to be answered, which is: how these two approaches; i.e fuzzy logic and possible-world, can be mixed to produce a new membership value set (and later logic) that able to handle fuzziness and multiple viewpoints at the same time? Achieving such goal comes via providing possible world logic the ability to quantifying multiple viewpoints and also model fuzziness in each of these multiple viewpoints and expressing that in a new set of membership value.

Furthermore, a new architecture of Hierarchical Neural Network (HNN) called ML/RFL-Based Net has been developed in this research, along with a new learning algorithm and new recalling algorithm. The architecture, learning algorithm and recalling algorithm of ML/RFL-Based Net follow the principles of RFL. This new type of HNN is considered to be a RFL computation machine.

The ability of the Relative Fuzzy-based DM prediction model to tackle the problem of complex ambiguity type of uncertainty has been tested. Special-purpose Integrated Development Environment (IDE) software, which generates a DM prediction model for speech recognition, has been developed in this research too, which is called RFL4ASR. This special purpose IDE is an extension of the definition of the traditional IDE.

Using multiple sets of TIMIT speech data, the prediction model of type ML/RFL-Based Net has classification accuracy of 69.2308%. This accuracy is higher than the best achievements of WEKA data mining machines given the same speech data.

The notion of `pattern' originates in the work of Christopher Alexander and, in recent years, patterns have become a popular part of software development. A pattern is defined as a `three-part rule': a relationship between a given context, a recurring system of forces peculiar to that context, and a specific spatial configuration that permits resolution of these forces. In essence, the `context' of a pattern is the whole system under construction and its state in the construction process at the point at which the pattern is being applied. The nature of the context, therefore, changes at every step of the process and this has significant implications for how patterns should be used. Specifically, applying each pattern changes the context by changing the state of the system under construction and creates both a new design problem and a new context for the next pattern to be applied. The next picked pattern must have a certain criteria in order for it to be applied successfully and this is will be determined by the characteristics of the new context just created. The issue of composing pattern sequences is therefore more temporal than it is static and structural (as provided currently via pattern maps). The decision as to which one to use is temporally constrained in the sense that the choice is made only at a particular point in the construction process of some specific system, and may well be determined, or at least further constrained, by the current state of that system.

The fundamental research question that is addressed here is: how is this dynamically changing context to be presented to guide pattern applications?

In this thesis, a framework is presented to provide a systematic analysis of composition of pattern applications in terms of the properties of their context. Such an approach will reveal the ordering of patterns in space and time dimensions. Examples of composition of pattern applications include:

• One pattern contains or generalises another smaller-scale pattern (this will be called in thesis refinement);
• Two patterns are complementary, i.e., one pattern needs the other to be applied before (Sequential Order);
• Two patterns solve different problems that overlap and coexist on the same level (Parallel Order);
• Two patterns solve the same problem in alternative, but equally valid ways (Choice in Order).

At the design phase, the framework provides mechanisms for analysing the choice of composition to ensure the correctness of a design or to compare between two different designs or to modify an existing design.

This framework describes a pattern's context via a pair of constraints, known as Assumption and Commitment. In general, the Assumption is a constraint placed on the context and the Commitment is what the solution provided by the pattern commits to after the pattern's application. In addition, the thesis provides a set of composition rules that can be applied to aid in the analysis of the application of pattern sequences.

The approach is domain independent as it does not depend on the nature of the catalogue from which the patterns originate. The work has been evaluated using various existing patterns from Ian Graham's web usability (WU) pattern bank and the User Interface (UI) patterns of Welie.

This thesis undertakes to provide an architecture and understanding of the incorporation of trust into the paradigm of mobile multi-agent systems. Trust deliberation is a soft security approach to the problem of mobile agent security whereby an agent is protected from the malicious behaviour of others within the system. Using a trust approach capitalises on observing malicious behaviour rather than preventing it.

We adopt an architectural approach to trust such than we do not provide a model in itself, numerous mathematical models for the calculation of trust based on a history of observations already exist. Rather we look to provide the framework enabling such models to be utilised by mobile agents. As trust is subjective we envisage a system whereby individual agents will use different trust models or different weighting mechanisms.

Three architectures are provided. Centralised whereby the platform itself provides all of the services needed by an agent to make observations and calculate trust. Decentralised in which each individual agent is responsible for making observations, communicating trust and the calculation of its own trust in others. A hybrid architecture such that trust mechanisms are provided by the platform and additionally are embedded within the agents themselves.

As an optimisation of the architectures proposed in this thesis, we introduce the notion of trust communities. A community is used as a means to represent the trust information in categorisations dependant upon various properties. Optimisation occurs in two ways; Firstly with subjective communities and secondly with system communities.

A customised implementation framework of the architectures is introduced in the form of our TEMPLE (Trust Enabled Mobile-agent PLatform Environment) and stands as the underpinning of a case-study implementation in order to provide empirical evidence in the form of scenario test-bed data as to the effectiveness of each architecture.

The case study chosen for use in a trust based system is that of a `Fish market' as given the number of interactions, entities, and migration of agents involved in the system thus, providing substantial output data based upon the trust decisions made by agents. Hence, a good indicator of the effectiveness of equipping agents with trust ability using our architectures.

In recent years program transformation technology has matured into a practical solution for many software reengineering and migration tasks.

FermaT, an industrial strength program transformation system, has demonstrated that legacy systems can be successfully transformed into efficient and maintainable structured C or COBOL code. Its core, a transformation engine, is based on mathematically proven program transformations and ensures that transformed programs are semantically equivalent to its original state. Its engine facilitates a Wide Spectrum Language (WSL), with low-level as well as high-level constructs, to capture as much information as possible during transformation steps. FermaT’s methodology and technique lack in provision of concurrent migration and analysis. This provision is crucial if the transformation process is to be further automated. As the constraint based program migration theory has demonstrated, it is inefficient and time consuming, trying to satisfy the enormous computation of the generated transformation sequence search-space and its constraints.

With the objective to solve the above problems and to extend the operating range of the FermaT transformation system, this thesis proposes a Parallel Transformations Framework which makes parallel transformations processing within the FermaT environment not only possible but also beneficial for its migration process. During a migration process, many thousands of program transformations have to be applied. For example a 1 million line of assembler to C migration takes over 21 hours to be computed on a single PC. Various approaches of search, prediction techniques and a constraint-based approach to address the presented issues already exist but they solve them unsatisfactorily. To remedy this situation, this dissertation proposes a framework to extend transformation processing systems with parallel processing capabilities. The parallel system can analyse specified parallel transformation tasks and produce appropriate parallel transformations processing outlines. To underpin an automated objective, a formal language is introduced. This language can be utilised to describe and outline parallel transformation tasks whereas parallel processing constraints underpin the parallel objective.

This thesis addresses and explains how transformation processing steps can be automatically parallelised within a reengineering domain. It presents search and prediction tactics within this field. The decomposition and parallelisation of transformation sequence search-spaces is outlined. At the end, the presented work is evaluated on practical case studies, to demonstrate different parallel transformations processing techniques and conclusions are drawn.

In this thesis, a mathematical model that describes a "Unique Constraint Domain" is defined. Following, the "Ordered Unique Constraint Domain" is also mathematically defined. With those definitions, a cross-domain ordering is also defined.

Then it is shown that relationships between tables in a Relational Database Management System can be defined in other forms than the usual ways, using cross-domain indexes, based in cross-domain ordering. It is shown that all foreign keys in a database can be transformed in indexes with the benefit of speeding data access. It is also shown that this technique is consistent with actual modeling techniques.

It is shown how the index structure, with indexes defined as functions, can provide support for relationship roles. In addition, it is also shown how this can provide support for more than two tables in one relationship and for supporting special sorting order. The addition of a mathematical function to a relation that could sort that relation, demonstrating that the closure property of relations are still kept, shows that this mathematical model can be used as extension of the base relational model.

Next, it is shown that with this new technique, commercial database engines should not degrade performance because all supporting structures are already present and, in some cases, a better performance might be achieved.

Code for a prototype based in a Commercial Database Engine has been added, as an annexe, to show how this new technique can be used.

Finally, future work can be done in this area considering that objects other than text and number need to be sorted (e.g. images, videos, audio data) developing new ways to find semantics to define order.

The major contribute is the mathematical definition of the "Unique Constraint Domain" and the "Ordered Unique Constraint Domain" since they are mathematical models for candidate and primary keys.

Analysing human creativity has always been a difficult undertaking. The reason for this is the vagueness of the term creativity itself. Philosophers and Researchers have tried to unveil the secrets behind creativity since centuries. Besides some principles e.g. defined by Finke, Ward, and Smith [45], there is no holistic understanding about term creativity and there will always be discussions between researchers of diffeerent disciplines about how creativity is achieved.

Current approaches try to understand creativity through studying the creative artefact or the creative human himself. These approaches have not lead to any promising results. Instead of focussing on creativity itself, it is more promising to look at the creative process of creators. Through this, it is possible to analyse what happened during the creation of an artefact. The aim of the analysis is the identification of certain behaviours within the creative process, which lead to very creative results or in opposite hinder creativity. The gained knowledge is used for the creation of patterns, describing this specific behaviour. The analysis of the creative process is not only interesting for artists, but also for engineers, researchers, students and many others. Important target groups for this approach are schools and universities. Being able to early recognise problems in the learning curve of a student will enable a directed support, in order to improve the student's performance.

Until now, the main problem for analysing the creative process of a creator is the lack of information on how an artefact was created. Most creators tend not to make many notes during their creative phase, even if there are famous exemptions like Beethoven who left behind a huge amount of notices and marked changes in his work. Hence, the challenge is the development of a powerful framework, which can cope effectively with the recording and presentation of this creative process, in order to enable detailed analyses.

Modern computer technology fosters the recording of the creative process of a person. Much of today's creative work is achieved with computers and powerful software applications. Computer networks and the internet enable new ways of collaboration. The creation of a flexible, collaborative tool-set is the ideal approach for the mapping and analysis of the creative process.

A novel approach, based on these ideas, was developed by the members of the Creative Technologies Research Programme at the Software Technology Research Laboratory (STRL). The central aim of the approach is the mapping of the human creativity with so-called creativity maps. A creativity map is basically transition system, which allows to store and represent the creative process as well as to hold each version of the artefact. The developed De Montfort Creativity Assistant (DMCA), is a collaborative, web-enabled state-of-the-art software framework, realising the theoretical concepts.

This thesis represents a substantial contribution to the research project. The focus of the presented work lies on the analysis and the support of the creative process. Several novel techniques for the analysis of massive data sets have been developed. The presented techniques enable a domain-independent analysis and support of the creative process. This is huge improvement over previous concepts, which are highly specialised and focus on the creative artefact itself. The presented approach required the development of several novel techniques.

The major contributions of the presented research are:

• Behavioural Patterns
  Enable the description of constructs inside the creativity map. These constructs represent the creative behaviour of the creator.
• Techniques for a Computer-supported Information Extraction
  A pattern description language enables the computer-supported information extraction from creativity maps.
• Knowledge Repository
  Knowledge, gained through the analysis processes, is stored centrally and shared with other creators in order to stimulate further growing of knowledge.
• Concepts for the Analysis and Support of the Creative Process
  Novel concepts allow the structured analysis and support of the creative process, regardless of the creator's domain.

All developed techniques have been implemented in several tools, which aim to enrich the DMCA with the ability of a computer-supported analysis and support of the creative process.

Creativity is a topic of high interest in a variety of domains; many innovations, discoveries and developments are the result of creative ideas. A prerequisite for the identification of creativity is an artefact, which needs to be evaluated by the domain that receives it. The involved actions during the creation of this artefact represent the creative process of a creator and include essential information about the involved creativity. Structuring and analysing this data are important steps for a better understanding of its nature. A domain independent framework, which allows to represent the mentioned structures and provides a set of sound mathematical rules for its study is used as a formal underpinning for the presented approach.

Each sequence of actions, which is included in a creative process describes a behaviour. It contains a rich set of information, like the particular order or duration of the creation steps and can be analysed to gain insight into the process. This data might then eventually be used for the creativity support. The creative process itself is usually non-linear, as previous stages or ideas can be revisited by the creator. It instead describes a complex structure with multiple branches, which is called a creativity map. This map builds the essential preliminaries for this thesis. The proposed research presents an approach for the recording of creative processes and construction of creativity maps.

Especially if an extensive observation of the creative process is undertaken, it is possible that a creativity map grows large. It might then contain information, which are irrelevant or even disturbing for the current view. This can include particular subsets or sequences of actions as well as insignificant time periods or other items that are related to the particular process. It would be beneficial for the support of an aim oriented analysis to conceal this information at least temporarily. The proposed approach therefore introduces the concept of a Partial Creativity Map (PCM), which allows to hide subsets of the originally recorded behaviours. A creativity map can then be modified with respect to the requirements of the analysis.

Each behaviour in a creativity map possesses a particular frequency, which allows for a detailed insight into the creator's preferences as well as common or uncommon activities. This range of frequency related information can be useful for the creativity support, for instance in situations where the creator is "stuck". Behaviours that were performed frequently in similar situations might be helpful in this case. The proposed research introduces a classification of frequent behaviours and explains its use for the description of their dynamics, which enable to reason about temporal properties of behaviours.

An initial version of the De Montfort Creativity Assistant (DMCA) is implemented for the prototype tool support of this research. Its aim is the construction of an open and extendible framework that allows to study the collected data and support creative processes. It is designed as a pluggable system which provides a convenient environment for the creation, sharing and communication of artefacts. Clear and domain-independent interfaces provide the required structures for a seamless integration of new components. The included tools and particularly the De Montfort Creativity Mapper (DMCM) are capable of observing, constructing and modifying the creative process and the corresponding creativity map.

The presented approach is evaluated with three case studies. They illustrate the recording of creative processes, construction of creativity maps and information hiding and extraction strategies. The thesis is finally summarised, limitations are explained and suggestions for future directions are presented.

Traditional software reengineering often involves a great deal of manual effort by software maintainers. This is time consuming and error prone. Due to the knowledge intensive properties of software reengineering, a knowledge-based solution is proposed in this thesis to semi-automate some of this manual effort. This thesis aims to explore the principle research question: "How can software systems be described by knowledge representation techniques in order to semi-automate the manual effort in software reengineering?"

The underlying research procedure of this thesis is scientific method, which consists of: observation, proposition, test and conclusion. Ontology and description logic are employed to model and represent the knowledge in different software systems, which is integrated with domain knowledge. Model transformation is used to support ontology development. Description logic is used to implement ontology mapping algorithms, in which the problem of detecting semantic relationships is converted into the problem of deducing the satisfiability of logical formulae. Operating system ontology has been built with a top-down approach, and it was deployed to support platform specific software migration [132] and portable software development [18]. Data-dominant software ontology has been built via a bottom-up approach, and it was deployed to support program comprehension [131] and modularisation [130].

This thesis suggests that software systems can be represented by ontology and description logic. Consequently, it will help in semi-automating some of the manual tasks in software reengineering. However, there are also limitations: bottom-up ontology development may sacrifice some complexity of systems; top-down ontology development may become time consuming and complicated. In terms of future work, a greater number of diverse software system categories could be involved and different software system knowledge could be explored.

Mark Wesier described his vision of Ubiquitous Computing (which now is also called Pervasive Computing) in a seminal paper in 1991. His vision is becoming a reality: the ever-increasing availability of inexpensive computation and storage has introduced computers into nearly every facet of our everyday lives, while a revolution in communications has brought high-bandwidth communications into our homes and offices. Wireless communications also have exploded, making digital services available nearly everywhere.

Pervasive Computing will be a fertile source of challenging research problems in computer systems for many years to come. Many research organisations represent a broad communal effort. There are many useful utilities can be used, both in enterprise and in research field, include ubiquitous devices, software for Pervasive Computing environment and infrastructure. But until today, there is less attention to the software evolution in Pervasive Computing environments.

This thesis focuses on an Agent-Based Service-Oriented approach to evolving legacy system into a Pervasive Computing environment. The methodology consists of multiple phases: using reverse engineering techniques to comprehend and decompose legacy systems, employing XML and Web Services to transform and represent a legacy system as pervasive services, and integrating these pervasive services into pervasive computing environments with agent based integration technology.

A legacy intelligent building system is used as a case study for experiments with the approach, which demonstrates that the proposed approach has the ability to evolve legacy systems into pervasive service environments seamlessly. Conclusion is drawn based on analysis and further research directions are also discussed.

Ad hoc wireless networking is a new approach to wireless communication with potential applications in very unpredictable and dynamic environments. In contrast to wired and cellular networks, an ad hoc wireless network does not depend on any established infrastructure or centralised administration such as a base station. It is an autonomous system of wireless mobile nodes that move freely and randomly, organising themselves arbitrarily. Therefore, its network topology is dynamic in nature and may change rapidly and unpredictably. Hence, the intercommunications among nodes will change continuously. Such networks have no infrastructure for achieving end-to-end routing of packets. The nodes communicate with each other without the intervention of a centralized administration; thus each acts both as a router and as a host.

The security of ad hoc wireless networks is becoming an increasingly complex issue. Many applications today, especially military and emergency ones, are based upon ad hoc wireless networks, where security requirements are harder to enforce than in traditional networks. Securing routing creates particular difficulties, since these networks have neither centrally administrated secure routers nor strict policies of use. The network topology is rapidly changing due to nodes in the networks being highly mobile, thus creating the presence or absence of links. Therefore, routing is especially difficult to accomplish securely, robustly and efficiently at the same time. Security requirements such as authentication, non-repudiation, data integrity and confidentiality, which would otherwise be provided by a central server, must be enabled and provided by all nodes.

The contributions of this research are threefold. First, it offers a new routing approach to ad hoc wireless network protocols: the Enhanced Heading-direction Angle Routing Protocol (EHARP), which is an enhancement of HARP based on an on-demand routing scheme. We have added important features to overcome its disadvantages and improve its performance, providing the stability and availability required to guarantee the selection of the best path. Each node in the network is able to classify its neighbouring nodes according to their heading directions into four different zone-direction groups. The zone direction is reduced until the node can select the strongest and most stable link and so increase availability in the network. Each node in the network has a counter for the stability of link (SL) to its neighbouring nodes, which indicates which nodes are active in the network, improving the performance of the network and increasing the likelihood of selecting the optimal path. EHARP is based on the time and acknowledgement message in order to guarantee the selection of the path and link stability.

The second contribution is to present a new Secure Enhanced Heading-direction Angle Routing Protocol (SEHARP) for ad hoc networks based on the integration of security mechanisms that could be applied to the EHARP routing protocol. It proposes a novel secure routing protocol to improve the security level in ad hoc networks, based on key management and a secure node-to-node path, which protects data to satisfy our security requirements: the detection of malicious nodes, authentication, authorisation, confidentiality, availability, data integrity and a guarantee of secure correct route discovery. SEHARP works as a group and has three stages:

• Distribution of keys and certificate stage.
• Secure path stage.
• Secure routing protocol stage.

Thirdly, we present a new approach to security of access in hostile environments based on the history and relationships among the nodes and on digital operation certificates. We also propose an access activity diagram which explains the steps taken by a node. Security depends on access to the history of each unit, which is used to calculate the cooperative values of each node in the environment. The calculated cooperative values are then used by the relationship estimator to determine the status of the nodes. Each node should be capable of making its own security decisions based on cooperation with other peer nodes.

The EHARP and SEHARP protocols are both evaluated using the NS-2 network simulator. The NS-2-based evaluation tests the two proposed protocols in real network environments and measures their communication costs using other evaluation metrics such as the data packet delivery ratio, the efficiency of data packet delivery, the average end-to-end-delay of data packets and overheads. The results of the evaluation study shows and prove that EHARP is a protocol that provides a high level of availability, scalability, flexibility and efficiently for Ad hoc Wireless Network. Also the evaluation study shows and proves that SEHARP is fully security protocol that provides a high level of secure, available, scalable, flexible and efficient for Ad hoc Wireless Network.

IT systems are attacked using computers and networks to facilitate their crimes and hide their identities, creating new challenges for corporate security investigations. There are two main types of attacker: insiders and outsiders. Insiders are trusted users who have gained authorised access to an organisation's IT resources in order to execute their job responsibilities. However, they deliberately abuse their authorised (i.e. insider) access in order to contravene an organisation's policies or to commit computer crimes. Outsiders gain insider access to an organisation's IT objects through their ability to bypass security mechanisms without prior knowledge of the insider's job responsibilities, an advanced method of attacking an organisation‟s resources in such a way as to prevent the abnormal behaviour typical of an outsider attack from being detected, and to hide the at-tacker‟s identity.

For a number of reasons, corporate security investigators face a major challenge in distinguishing between the two types of attack. Not only is there no definitive model of digital analysis for making such a distinction, but there has to date been no intensive research into methods of doing so. Identification of these differences is attempted by flawed investigative approaches to three aspects: location from which an attack is launched, attack from within the organisation's area of control, and authorised access. The results of such unsound investigations could render organisations subject to legal action and negative publicity.

To address the issue of the distinction between insider and outsider attacks, this research improves upon the first academic forensic analysis model, Digital Forensic Research Workshop (DFRWS) [63]. The outcome of this improvement is the creation of a Digital Analysis Model for Distinction between Insider and Outsider Attacks (DAMDIOA), a model that results in an improvement in the analysis investigation process, as well as the process of decision. This improvement is effected by two types of proposed decision: fixed and tailored. The first is based on a predetermined logical condition, the second on the proportion of suspicious activity. The advantage of the latter is that an organisation can adjust its threshold of tolerance for such activity based on its level of concern for the type of attack involved.

This research supports the possibility of distinguishing between insider and outsider attacks by running a network simulation which carried out a number of email attack experiments to test DAMDIOA. It found that, when DAMDIOA used predetermined decisions based on legitimate activities, it was able to differentiate the type of attack in seven of the eight experiments conducted. It was the tailored decisions with threshold levels Th=0.2 and 0.3 that conferred the ability to make such distinctions.

When the researcher compared legitimate activities, including users' job responsibilities, with the current methods of distinguishing between insider and outsider attacks,the criterion of authorised access failed three times to make that distinctions. This method of distinction is useless when there is a blank or shared password. He also discovered that both the location from which an attack was launched and attacks from areas within an organisation's control failed five times to differentiate between such attacks. There are no substantive differences between these methods. The single instance in which the proposed method failed to make these distinctions was because the number of legitimate activities equalled the number of suspicious ones.

DAMDIOA has been used by two organisations for dealing with the misuse of their computers, in both cases located in open areas and weakly protected by easily guessed passwords. IT policy was breached and two accounts moved from the restricted to the unlimited Internet policy group. This model was able to identify the insiders concerned by reviewing recorded activities and linking them with the insiders' job responsibilities.

This model also highlights users' job responsibilities as a valuable source of forensic evidence that may be used to distinguish between insider and outsider attacks. DAMDIOA may help corporate security investigators identify suspects accurately and avoid incurring financial loss for their organisations. This research also recommends many improvements to the process by which user activities are collected before the attack takes place, thereby enabling distinctions to be better drawn. It also proposes the creation of a physical and logical log management system, a centralised database for all employee activities that will reduce organisations' financial expenditures. Suggestions are also proposed for future research to classify legitimate and suspicious activities, evaluate them, identify the important ones and standardise the process of identifying and collecting users' job responsibilities. This work will remove some of the limitations of the proposed model.

Today's market competitiveness and globalisation are putting pressure on organisations to join their efforts, to focus more on cooperation and interaction and to add value to their businesses. That is, most information systems supporting these cross-organisations are characterised as service-oriented business applications, where all the emphasis is put on inter-service interactions rather than intra-service computations.

Unfortunately for the development of such inter-organisational service-oriented business systems, current service technology proposes only ad-hoc, manual and static standard web-service languages such as WSDL, BPEL and WS-CDL [3, 7].

The main objective of the work reported in this thesis is thus to leverage the development of service-oriented business applications towards more reliability and dynamic adaptability, placing emphasis on the use of business rules to govern activities, while composing services. The best available software-engineering techniques for adaptability, mainly aspect-oriented mechanisms, are also to be integrated with advanced formal techniques. More specifically, the proposed approach consists of the following incremental steps. First, it models any business activity behaviour governing any service-oriented business process as Event-Condition-Action (ECA) rules. Then such informal rules are made more interaction-centric, using adapted architectural connectors. Third, still at the conceptual-level, with the aim of adapting such ECA-driven connectors, this approach borrows aspect-oriented ideas and mechanisms, and proposes to intercept events, select the properties required for interacting entities, explicitly and separately execute such ECA-driven behavioural interactions and finally dynamically weave the results into the entities involved. To ensure compliance and to preserve the implementation of this architectural conceptualisation, the work adopts the Maude language as an executable operational formalisation. For that purpose, Maude is first endowed with the notions of components and interfaces. Further, the concept of ECA-driven behavioural interactions are specified and implemented as aspects. Finally, capitalising on Maude reflection, the thesis demonstrates how to weave such interaction executions into associated services.

Model-driven development has been considered to be the hope of improving software productivity significantly. However, it has not been achieved even after many years of research and application. Models are only and still used at the analysis and design stage, furthermore, models gradually deviate from system implementation.

The thesis integrates domain-specific modelling and web service techniques with model-driven development and proposes a unified approach, SODSMI (Service Oriented executable Domain-Specific Modelling and Implementation), to build the executable domain-specific model and to achieve the target of model-driven development. The approach is organised by domain space at architectural level which is the elementary unit of the domain-specific modelling and implementation framework. The research of SODSMI is made up of three main parts:

Firstly, xDSM (eXecutable Domain-Specific Model) is proposed as the core construction for domain-specific modelling. Behaviour scenario is adopted to build the meta-modelling framework for xDSM.

Secondly, XDML language (eXecutable Domain-specific Meta-modelling Language) is designed to describe the xDSM meta-model and its application model.

Thirdly, DSMEI (Domain-Specific Model Execution Infrastructure) is designed as the execution environment for xDSM. Web services are adopted as the implementation entities mapping to core functions of xDSM so as to achieve the service-oriented domain-specific application.

The thesis embodies the core value of model and provides a feasible approach to achieve real model-driven development from modelling to system implementation which makes domain-specific software development and reuse coming true.

In the software development process, project managers are always concerned about the triple constraints of their system which are cost, schedule and quality due to the inability to accurately quantify the trade-off process between them. Software cost estimation models like COCOMO and COQUALMO and software quality process standards like ISO 9126 are used to predict software effort and defects estimation and to assess the quality of software being built. However, those models are based on data analysis of many previous software projects which may incur difficulties for an organisation to tailor any of those models to itself. Moreover, these models have not addressed the trade-off problem between the software triple constraints.

Cost of software quality (CoSQ) is a pressing concern for project managers as it has been estimated that around 40% of the software budget is spent unwisely on the defect detection and removal processes. The investment of quality improvements needs to be optimised in a way that does not affect the cost and schedule aspects. However, as is currently practiced in the industry, software artifacts, with respect to quality improvement activities, are considered equal in their significance and risk to the software development life cycle. The investment in activities concerning the detection and removal of defects is distributed evenly on the software artifacts without taken into consideration the risk and significance factors of such artifacts.

Our model gives the project manager the ability to control the investment given to the software QA plan by implementing optimisation techniques that are based on the data manipulation of historical projects. In addition, the project managers and QA practitioners relying on our model can handle and cope with unforeseen constraints related to their software development process. They can get optimal QA decisions to deal with budget shortage, schedule reduction or to achieve targets like a target of defect removal success, a minimal quality cost, etc.

Many of the existing website evaluation methods and criteria for evaluating website quality are not able to sufficiently assess the performance and quality of a website, and most of them focus on usability and accessibility. This thesis aims at proposing the website quality metrics and methods to measure the website interface and reputation quality factors. The evaluation metrics has a framework which can be viewed as a hierarchical tree with three levels. The first level is composed of five quality characteristics: Aesthetics, Ease of Use, Multimedia, Rich Content and Reputation. The second level breaks down the first level quality characteristics into sub-characteristics and the third level further breaks down the second level sub-characteristics into measurable criteria. This thesis is particularly concerned with two major quality characteristics: Aesthetics and Reputation, and also the several website measurable criteria (indicators) that now apply to almost all live websites.

A website evaluation tool is provided by this study to measure website quality automatically. It includes a traversal unit, parsing unit, data metrics unit and user interface unit. Also some effective algorithms are used in each unit: data crawler, recursive, parser and data transmission. According to relative issues in previous research about website evaluation metrics, there are only a few of them that use same methods as this study to completely measure the website metrics, and highlight the entire website quality scores that meet the users' requirements.

This is a critical time for companies to bring technology and business together as never before. An accelerating competition demands businesses change at a pace that was inconceivable a decade ago. Business must respond with ever faster continuous improvement of existing operations and the constant introduction of new products. Only companies that master the required rhythm of change will persevere and prosper. Global collaboration and emerging corporate cultures are creating a new type of innovative enterprise: one based on services.

Enterprises can be empowered to live up to the potential of becoming dynamic, agile and real-time. Service orientation is emerging from the amalgamation of a number of key business, technology and cultural developments. Three essential trends in particular are coming together to create a new revolutionary breed of enterprise, the service-oriented enterprise (SOE): (1) the continuous performance management of the enterprise; (2) the emergence of business process management; and (3) advances in the standards-based service-oriented infrastructures.

This thesis focuses on this emerging three-layered architecture that builds on a service-oriented architecture framework, with a process layer that brings technology and business together, and a corporate performance layer that continually monitors and improves the performance indicators of global enterprises provides a novel framework for the business context in which to apply the important technical idea of service orientation and moves it from being an interesting tool for engineers to a vehicle for business managers to fundamentally improve their businesses.

e-Learning is becoming an influential role as an economic method and a flexible mode of study in the institutions of higher education today which has a presence in an increasing number of college and university courses. e-Learning as system of systems is a dynamic and scalable environment. Within this environment, e-learning is still searching for a permanent, comfortable and serviceable position that is to be controlled, managed, flexible, accessible and continually up-to-date with the wider university structure. As most academic and business institutions and training centres around the world have adopted the e-learning concept and technology in order to create, deliver and manage their learning materials through the web, it has become the focus of investigation. However, management, monitoring and collaboration between these institutions and centres is limited.

Existing technologies such as grid, web services and agents are promising better results. In this research a new architecture has been developed and adopted to make the e-learning environment more dynamic and scalable by dividing it into regional data grids which are managed and monitored by agents. Multi-agent technology has been applied to integrate each regional data grid with others in order to produce an architecture which is more scalable, reliable, and efficient. The result we refer to as Regionally Distributed Architecture for Dynamic e-Learning Environment (RDADeLE).

Our RDADeLE architecture is an agent-based grid environment which is composed of components such as learners, staff, nodes, regional grids, grid services and Learning Objects (LOs). These components are built and organised as a multi-agent system (MAS) using the Java Agent Development (JADE) platform. The main role of the agents in our architecture is to control and monitor grid components in order to build an adaptable, extensible, and flexible grid-based e-learning system. Two techniques have been developed and adopted in the architecture to build LOs' information and grid services. The first technique is the XML-based Registries Technique (XRT). In this technique LOs' information is built using XML registries to be discovered by the learners. The registries are written in Dublin Core Metadata Initiative (DCMI) format. The second technique is the Registered-based Services Technique (RST). In this technique the services are grid services which are built using agents. The services are registered with the Directory Facilitator (DF) of a JADE platform in order to be discovered by all other components. All components of the RDADeLE system, including grid service, are built as a multi-agent system (MAS). Each regional grid in the first technique has only its own registry, whereas in the second technique the grid services of all regional grids have to be registered with the DF.

We have evaluated the RDADeLE system guided by both techniques by building a simulation of the prototype. The prototype has a main interface which consists of the name of the system (RDADeLE) and a specification table which includes Number of Regional Grids, Number of Nodes, Maximum Number of Learners connected to each node, and Number of Grid Services to be filled by the administrator of the RDADeLE system in order to create the prototype.

Using the RST technique shows that the RDADeLE system can be built with more regional grids with less memory consumption. Moreover, using the RST technique shows that more grid services can be registered in the RDADeLE system with a lower average search time and the search performance is increased compared with the XRT technique. Finally, using one or both techniques, the XRT or the RST, in the prototype does not affect the reliability of the RDADeLE system.

The evident progression of ubiquitous technologies has put forward the introduction of new features which software systems can sustain. Several of the ubiquitous technologies available today are regarded as fundamental elements of many software applications in various domains. The utilisation of ubiquitous technologies has an apparent impact on business processes that can grant organisations a competitive advantage and improve their productivity. The change in the business processes in such organisations typically leads to a change in the underlying software systems.

In addressing the need for change in the underlying software systems, this research is focused on establishing a general framework and methodology to facilitate the reengineering of software systems in order to allow the incorporation of new features which are introduced by the employment of ubiquitous technologies. Although this thesis aims to be general and not limited to a specific programming language or software development approach, the focus is on Object-Oriented software. The reengineering framework follows a systematic step-based approach, with greater focus on the reverse engineering aspect. The four stages of the framework are: program understanding, additional-requirement engineering, integration, and finally the testing and operation stage.

In its first stage, the proposed reengineering framework regards the source code as the starting point to understand the system using a static-analysis based method. The second stage is concerned with the elicitation of the user functional requirements resulting from the introduction of ubiquitous technologies. In the third stage, the goal is to integrate the system’s components and hardware handlers using a developed integration algorithm and available integration techniques. In the fourth and final stage, which is discussed in a general manner only in this thesis, the reengineered system is tested and put in the operation phase.

The proposed approach is demonstrated using a case study in Java to show that the proposed approach is feasible and promising in its domain. Conclusions are drawn based on analysis and further research directions are discussed at the end of the study.

Standard security mechanism such as Access control, Firewall and Encryption only focus on controlling the release of information but no limitations are placed on controlling the propagation of that confidential information. The principle problem of controlling sensitive information confidentiality starts after access is granted. The research described in this thesis belongs to the constructive research field where the constructive refers to knowledge contributions being developed as a new framework, theory, model or algorithm. The methodology of the proposed approach is made up of eight work packages. One addresses the research background and the research project requirements. Six are scientific research work packages. The last work package concentrates on the thesis writing up.

There is currently no monitoring mechanism for controlling information flow during runtime that support behaviour configurability and User interaction. Configurability is an important requirement because what is considered to be secure today can be insecure tomorrow. The interaction with users is very important in flexible and reliable security monitoring mechanism because different users may have different security requirements. The interaction with monitoring mechanism enables the user to change program behaviors or modify the way that information flows while the program is executing. One of the motivation for this research is the information flow policy in the hand of the end user.

The main objective of this research is to develop a usable security mechanism for controlling information flow within a software application during runtime. Usable security refers to enabling users to manage their systems security without defining elaborate security rules before starting the application. Our aim is to provide usable security that enables users to manage their systems' security without defining elaborate security rules before starting the application. Security will be achieved by an interactive process in which our framework will query the user for security requirements for specific pieces of information that are made available to the software and then continue to enforce these requirements on the application using a novel runtime verification technique for tracing information flow.

The main achievement of this research is a usable security mechanism for controlling information flow within a software application during runtime. Security will be achieved by an interactive process to enforce user requirements on the application using runtime verification technique for tracing information flow. The contributions are as following.

• Runtime Monitoring: The proposed runtime monitoring mechanism ensures that the program execution are contains only legal flows that are defined in the information flow policy or approved by the user.
• Runtime Management: The behaviour of a program that about to leak confidential information will be altered by the monitor according to the user decision.
• User interaction control: The achieved user interaction with the monitoring mechanism during runtime enable users to change the program behaviors while the program is executing.

Database integration is one of the research areas that have gained a lot of attention from researcher. It has the goal of representing the data from different database sources in one unified form.

To reach database integration we have to face two obstacles. The first one is the distribution of data, and the second is the heterogeneity. The Web ensures addressing the distribution problem, and for the case of heterogeneity there are many approaches that can be used to solve the database integration problem, such as data warehouse and federated databases. The problem in these two approaches is the lack of semantics. Therefore, our approach exploits the Semantic Web methodology. The hybrid ontology method can be facilitated in solving the database integration problem. In this method two elements are available; the source (database) and the domain ontology, however, the local ontology is missing. In fact, to ensure the success of this method the local ontologies should be produced. Our approach obtains the semantics from the logical model of database to generate local ontology. Then, the validation and the enhancement can be acquired from the semantics obtained from the conceptual model of the database.

Now, our approach can be applied in the generation phase and the validation-enrichment phase. In the generation phase in our approach, we utilise the reverse engineering techniques in order to catch the semantics hidden in the SQL language. Then, the approach reproduces the logical model of the database. Finally, our transformation system will be applied to generate an ontology.

In our transformation system, all the concepts of classes, relationships and axioms will be generated. Firstly, the process of class creation contains many rules participating together to produce classes. Our unique rules succeeded in solving problems such as fragmentation and hierarchy. Also, our rules eliminate the superfluous classes of multi-valued attribute relation as well as taking care of neglected cases such as: relationships with additional attributes. The final class creation rule is for generic relation cases. The rules of the relationship between concepts are generated with eliminating the relationships between integrated concepts. Finally, there are many rules that consider the relationship and the attributes constraints which should be transformed to axioms in the ontological model.

The formal rules of our approach are domain independent; also, it produces a generic ontology that is not restricted to a specific ontology language. The rules consider the gap between the database model and the ontological model. Therefore, some database constructs would not have an equivalent in the ontological model.

The second phase consists of the validation and the enrichment processes. The best way to validate the transformation result is to facilitate the semantics obtained from the conceptual model of the database. In the validation phase, the domain expert captures the missing or the superfluous concepts (classes or relationships). In the enrichment phase, the generalisation method can be applied to classes that share common attributes. Also, the concepts of complex or composite attributes can be represented as classes.

We implement the transformation system by a tool called SQL2OWL in order to show the correctness and the functionally of our approach.

The evaluation of our system showed the success of our proposed approach. The evaluation goes through many techniques. Firstly, a comparative study is held between the results produced by our approach and the similar approaches. The second evaluation technique is the weighting score system which specify the criteria that affect the transformation system. The final evaluation technique is the score scheme. We consider the quality of the transformation system by applying the compliance measure in order to show the strength of our approach compared to the existing approaches. Finally the measures of success that our approach considered are the system scalability and the completeness.

The Social Web, or Web 2.0, has recently gained popularity because of its low cost and ease of use. Social tagging sites (e.g. Flickr and YouTube) offer new principles for endusers to publish and classify their content (data). Tagging systems contain free-keywords (tags) generated by end-users to annotate and categorise data. Lack of semantics is the main drawback in social tagging due to the use of unstructured vocabulary. Therefore, tagging systems suffer from shortcomings such as low precision, lack of collocation, synonymy, multilinguality, and use of shorthands. Consequently, relevant contents are not visible, and thus not retrievable while searching in tag-based systems.

On the other hand, the Semantic Web, so-called Web 3.0, provides a rich semantic infrastructure. Ontologies are the key enabling technology for the Semantic Web. Ontologies can be integrated with the Social Web to overcome the lack of semantics in tagging systems.

In the work presented in this thesis, we build an architecture to address a number of tagging systems drawbacks. In particular, we make use of the controlled vocabularies presented by ontologies to improve the information retrieval in tag-based systems. Based on the tags provided by the end-users, we introduce the idea of adding "system tags" from semantic, as well as social, resources. The "system tags" are comprehensive and wide-ranging in comparison with the limited "user tags". The system tags are used to fill the gap between the user tags and the search terms used for searching in the tag-based systems. We restricted the scope of our work to tackle the following tagging systems shortcomings:

1. The lack of semantic relations between user tags and search terms (e.g. synonymy, hypernymy),
2. The lack of translation mediums between user tags and search terms (multilinguality),
3. The lack of context to define the emergent shorthand writing user tags.

To address the first shortcoming, we use the WordNet ontology as a semantic lingual resource from where system tags are extracted. For the second shortcoming, we use the MultiWordNet ontology to recognise the cross-languages linkages between different languages. Finally, to address the third shortcoming, we use tag clusters that are obtained from the Social Web to create a context for defining the meaning of shorthand writing tags.

A prototype for our architecture was implemented. In the prototype system, we built our own database to host videos that we imported from real tag-based system (YouTube). The user tags associated with these videos were also imported and stored in the database. For each user tag, our algorithm adds a number of system tags that came from either semantic ontologies (WordNet or MultiWordNet), or from tag clusters that are imported from the Flickr website. Therefore, each system tag added to annotate the imported videos has a relationship with one of the user tags on that video. The relationship might be one of the following: synonymy, hypernymy, similar term, related term, translation, or clustering relation.

To evaluate the suitability of our proposed system tags, we developed an online environment where participants submit search terms and retrieve two groups of videos to be evaluated. Each group is produced from one distinct type of tags; user tags or system tags. The videos in the two groups are produced from the same database and are evaluated by the same participants in order to have a consistent and reliable evaluation. Since the user tags are used nowadays for searching the real tag-based systems, we consider its efficiency as a criterion (reference) to which we compare the efficiency of the new system tags.

In order to compare the relevancy between the search terms and each group of retrieved videos, we carried out a statistical approach. According to Wilcoxon Signed-Rank test, there was no significant difference between using either system tags or user tags. The findings revealed that the use of the system tags in the search is as efficient as the use of the user tags; both types of tags produce different results, but at the same level of relevance to the submitted search terms.

Over the past few years information technology (IT) and business alignment has become a great concern to organizations. To achieve alignment has become a daunting task for organizations due to rapid changes in business environment and lack of IT support. In business organizations business processes and IT are interrelated and interact with each other where one entity influences to another entity i.e. evolution in business processes requires evolution in IT and vice versa. When this co-evolution is not well aligned, a gap is created due to wrong configuration between business requirements and IT deployment.

Organizations usually strive to bridge the gap by implementing business and IT strategies (i.e. top-down planning) and tend to ignore other aspects of the co-evolution. Alignment is a continuous co-evolutionary process in which all components of business and IT are interrelated and enhance organization performance. The co-evolution between business and IT is not restricted to a level but it occurs at all levels and therefore, it is necessary to understand and study co-evolution at all levels within organizations. This thesis presents a co-evolutionary framework that helps to study and understand the co-evolution at three levels i.e. strategic level, operational level and individual level in an integrated fashion. The three levels need to co-evolve so that all components at each level co-evolve. This framework will speed up the alignment in organizations. We argue that the lack of knowledge of business among IT people and IT knowledge among business executives may cause the gap; therefore, a need arises to have a knowledgeable mediator between the domains that could help in the co-evolution. A K-mediator (i.e. knowledge mediator) has been used in the proposed co-evolutionary framework that facilitates the co-evolution at each level. Finally the thesis presents a case study in financial domain in order to evaluate and validate the framework.

Pervasive (ubiquitous) computing is a new paradigm where the computers are submerged into the background of the everyday life. One important aspect of pervasive systems is context-awareness. Context-aware systems are those that can adapt their behaviours according to the current context. Context-aware applications are being integrated into our everyday activity aspects such as: health care, smart homes and transportations. There exist a wide range of context-aware applications such as: mobile phones, learning systems, smart vehicles.

Some context-aware systems are critical since the consequence of failing to identify a given context may be catastrophic. For example, an auto-pilot system is a critical context-aware system; it senses the humidity, clouds, wind speed and accordingly adjusts the altitude, throttle and other parameters. Being a critical context-aware system has to be provably correct.

Policy-based approaches has been used in many applications but not in context-aware systems. In this research, we want to discover the anatomy (i.e. architecture, structure and operational behaviour) of policy-based management as applied to context-aware systems, and how policies are managed within such a dynamic system.

We propose a novel computational model and its formalisation is presented using the Calculus of Context-aware Ambients (CCA). CCA has been proposed as a suitable mathematical notation to model mobile and context-aware systems. We decided to use CCA due to three reasons: (i) in CCA, mobility and context-awareness are primitive constructs and are treated as first-class citizens; (ii) properties of a system can be formally analysed; (iii) CCA specifications are executable, and thus, leading to rapid prototyping and early validation of the system properties. We, then show how policies can be expressed in CCA. For illustration, the specification of the event-condition-action (ECA) conceptual policy model is modelled in CCA in a natural fashion.

We also propose a policy-based architecture for context-aware systems, showing its different components, and how they interact. Furthermore, we give the specification of the policy enforcement mechanism used in our proposed architecture in CCA.

To evaluate our approach, a real-world case study of an infostation-based mobile learning (mLearning) system is chosen. This mLearning system is deployed across a university campus to enable mobile users to access mobile services (mServices) represented by course materials (lectures, tests and tutorials) and communication services (intelligent message notification and VoIP). Users can access the mServices through their mobile devices (Hand-set phones, PDAs and laptops) regardless of their device type or location within a university campus. We have specified the mLearning system in CCA (i.e. specification based on policies of the mServices), afterwards, the specification is simulated using the CCA interpreter tool.

We have developed an animation tool specially designed for the mLearning system. The animation tool provides graphical representation of the CCA processes. In terms of safety and liveness, some important properties of the mLearning system have been validated as a proof of concept.

If you think performance is expensive, try using a paralyzed system.

This thesis proposes a new methodology to extend the software performance engineering process. Common performance measurement and tuning principles mainly target to improve the software function itself. Hereby, the application source code is studied and improved independently of the overall system performance behavior. Moreover, the optimization of the software function has to be done without an estimation of the expected optimization gain. This often leads to an under- or over-optimization, and hence, does not utilize the system sufficiently.

The proposed performance improvement methodology and framework, called dynamic performance stubs, improves the before mentioned insufficiencies by evaluating the overall system performance improvement. This is achieved by simulating the performance behavior of the original software functionality depending on an adjustable optimization level prior to the real optimization. So, it enables the software performance analyst to determine the systems' overall performance behavior considering possible outcomes of different improvement approaches. Moreover, by using the dynamic performance stubs methodology, a cost-benefit analyses of different optimizations regarding the performance behavior can be done.

The approach of the dynamic performance stubs is to replace the software bottleneck by a stub. This stub combines the simulation of the software functionality with the possibility to adjust the performance behavior depending on one or more different performance aspects of the replaced software function. A general methodology for using dynamic performance stubs as well as several methodologies for simulating different performance aspects are discussed. Finally, several case studies to show the application and usability of the dynamic performance stubs approach are presented.

Vehicle Ad hoc Networks (VANET) emerged as a subset of the Mobile Ad hoc Network (MANET) application; it is considered to be a substantial approach to the ITS (Intelligent Transportation System). VANETs were introduced to support drivers and improve safety issues and driving comfort, as a step towards constructing a safer, cleaner and more intelligent environment. At the present time vehicles are equipped with a number of sensors and devices, including On Board Units (OBU); this enables vehicles to sense situations affecting other vehicles and manage communications, by exploiting infrastructures such as the Road Side Unit (RSU); creating a Vehicle to Infrastructure (V2I) pathway, or interacting directly with other vehicles creating a Vehicle to Vehicle (V2V) pathway. Owing to the lack of infrastructures and difficulties involved in providing comprehensive coverage for all roads because of the high expense associated with installation, the investigation in this research concentrates on the V2V communication type rather than the V2I communication type.

Many challenges have emerged in VANET, encouraging researchers to investigate their research in an attempt to meet these challenges. Routing protocol issues are considered to be a critical dilemma that needs to be tackled in VANET, particularly in a sparse environment, by designing an efficient routing mechanism that impacts on enhancing network performance in terms of disseminating messages to a desired destination, balancing the generated packet (overhead) on the network and increasing the ratio of packet delivery with a reduced time delay. VANET has some unique characteristics compared to MANET; specifically it includes high mobility and constrained patterns restricted by roads, which lead to generation of a disconnected area occurring continuously between vehicles creating a Delay Tolerant Network (DTN). This is in opposition to applying the multi-hope technique properly to deliver the packet to its desire destination.

The aim in this thesis comprises two main contributions. First developing novel routing protocols for a sparse environment in VANET with the context of utilising the mobility feature, with the aid of the equipped devices, such as Global Position System (GPS) and Navigation System (NS). This approach exploits the knowledge of Second Heading Direction (SHD), which represents the knowledge of the next road direction the vehicle is intending to take, in order to increase the packet delivery ratio, and to increase the route stability by decreasing instances of route breakage. This approach comprises two approaches; the first approach was designed for a highway scenario, by selecting the next hop node based on a filtration process, to forward the packet to the desired destination, while the second approach was developed for the intersection and roundabout scenario, in order to deliver the packet to the destination (unknown location).

The formalising and specification of the VSHDRP has been performed using the CCA (Calculus of Context-aware Ambient), in order to evaluate the protocols behaviours, the protocol has been validated using the ccaPL. In addition the performance of the VSHDRP has been evaluated using the NS-2 simulator; comparing it with Greedy Perimeter Stateless Routing (GPSR) protocol, to reveal the strengths and weaknesses of the protocol.

Second, developing a novel approach to broadcasting the HELLO beacon message adaptively in VANET based on the node's circumstances (direction and speed), in order to minimise the broadcasting of unnecessary HELLO beacon messages. A novel architecture has been built based on the adaptive HELLO beacon message, which clarifies how the OBU components are interacting with the connected sensors, in order to portray any changes in the vehicle's circumstances, so as to take the right decision to determine appropriate action. This architecture has been built based on the concept of a context aware system, which divides the architecture into three main phases; sensing processing and acting.

Biometrics is constantly evolving technology which has been widely used in many official and commercial identification applications. The increased concerns in security during recent years have essentially resulted in more attention being given to biometric-based authentication techniques. A biometric-based authentication is basically a pattern recognition problem which makes a personal identification decision in order to determine the authority based on specific physiological or behavioural features. Most biometric systems that are currently in use typically employ a single biometric trait. Such systems are called unibiometric systems. Despite considerable advances in recent years, there are still challenges in authentication based on a single biometric trait, such as noisy data, restricted degree of freedom, intra-class variability, non-universality, spoof attack and unacceptable error rates.

Some of the challenges can be handled by designing a multimodal biometric system. Multimodal biometric systems are those which utilise or are capable of utilising, more than one physiological or behavioural characteristic for enrolment, verification, or identification. A variety of multimodal biometrics strategies have been proposed and analysed in literature. In these works, the integration of various biometric features is suggested for achieving more accurate authentication rate. So far, most published work on multimodal biometric fusion techniques has dealt primarily with the fusion at the score matching level.

Here, we suggest a novel fusion approach of iris and online signature traits. Online signature and iris authentication techniques have been employed in a range of biometric applications. Besides improving the accuracy, the fusion of biometrics has several advantages such as increasing population coverage, deterring spoofing activities and reducing enrolment failure. In this doctoral thesis, we make a first attempt to combine online signature and iris biometrics. We principally explore the fusion of iris and online signature biometrics and their potential application as biometric identifiers. To address this issue, investigations is carried out into the relative performance of several statistical data fusion techniques for integrating the information in both unimodal and multimodal biometrics. We compare the results of the multimodal approach with the results of the individual online signature and iris authentication approaches. This thesis describes research into the feature and decision fusion levels in multimodal biometrics.

This research is novel in the following five ways. First, the performance of the iris recognition is improved due to using dual-tree complex wavelet transform features and support vector machine. Second, the accuracy of the online signature recognition is greatly increased with less number of features by combining global features with Rough set. Third, a decision-level fusion scheme between iris and online signature is introduced using binary particle swarm optimization; its performance is better than the conventional feature-level scheme. Fourth, this research deploy the particle swarm optimization scheme as a feature selection technique to enhance the performance of online signature and iris accuracy rates by eliminating redundant and irrelevant information. Fifth, a hybrid-level fusion technique combined by using ensemble of classifiers and the AND rule offers significant improvements to the accuracy of the suggested multimodal biometrics system.

Saudi Arabia is in the process of implementing Electronic Patient Records (EPR) throughout its National Health services. One of the key challenges during the adoption process is the security of EPR. This thesis investigates the current state of EPR security in Saudi Arabia’s National Health Services (SA NHS) both from a policy perspective and with regard to its implementation in SA NHS’s information systems.

To facilitate the analysis of EPR security, an EPR model has been developed that captures the information that is stored as part of the electronic record system in conjunction with stated security requirements. This model is used in the analysis of policy consistency and to validate operational reality against stated policies at various levels within the SA NHS. The model is based on a comprehensive literature survey and structured interviews which established the current state of practice with respect to EPRs in a representative Saudi Arabian hospital.

The key contribution of this research is the development and evaluation of a structured and model-based analysis approach to EPR security at the early adoption stage in SA, based on types of information present in EPRs and the needs of the users of EPRs. The key findings show that the SA EPR adoption process is currently proceeding without serious consideration for security policy to protect EPR and a lack of awareness amongst hospital staff.

Software Quality Assurance is a popular concept in the software development environment. Increasing the Software Quality can be become the greatest demand on software developers through the imposed certification environment. Certification of software products; through current studies view, are feasible and demonstrate the practicality of the implementation of code design. Quality criteria are not independent which means they interrelate with each other and conflicts may arise between them such as optimised code in the software product leads to a decrease in portability (portability vs. efficiency attribute). The problems of software quality regarding the three elements of time, cost and product quality.

This thesis presents a framework for software quality auditing through achieving the criteria of a quality model. This framework, called Quality Profiling Auditing Framework (QPAF), provides assessment of software design and coding. Furthermore, it is based on software metrics that should be distinguished between their application in the design and implementation levels artifacts. Metrics for Unified Modeling Language (UML) Class Diagrams are considered to be Software Metrics that can apply at Design level artifacts . Moreover, early practical work in quality prediction must be based on intuitive concepts and/or an analysis of past experiences of different classes of systems development. A prediction of the impact of the results of metrics in Design level artifacts; on the results of metrics in Implementation level artifacts; is the main idea of this work. In addition, seeking the correlation between the software metrics at both levels artifacts (Design and Implementation) is an integral part of this work. Software Quality Prediction Tool (SQPT) as one of the research results, is to assess the quality of software design and implementation. It is a software measurement environment for analysing program design, class diagrams in particular, within XML file format and presented the results metrics in charts, figures and tabular forms.

Transactional memory (TM) is a promising lock-free synchronisation technique which offers a high-level abstract parallel programming model for future chip multiprocessor (CMP) systems. Moreover, it adapts the well established popular paradigm of transactions and thus provides a general and flexible way to allow programs to read and modify disparate memory locations atomically as a single operation. In this thesis, we propose a general framework for validating a TM design, starting from a formal specification into a hardware implementation, with its underpinning theory and refinement. A methodology in this work starts with a high-level and executable specification model for an abstract TM with verification for various correctness conditions of concurrent transactions. This model is constructed within a flexible transition framework that allows verifying correctness of a TM system with animation. Then, we present a formal executable specification for a chip-dual single-cycle MIPS processor with a cache coherence protocol and integrate the provable TM system. Finally, we transform the dual processors with the TM from a high-level description into a Hardware Description Language (VHDL), using some proposed refinement and restriction rules. Interval Temporal Logic (ITL) and its programming language subset AnaTempura are used to build, execute and test the model, since they together provide a powerful framework supporting logical reasoning about time intervals as well as programming and simulation.

An enhanced observer is model that observes behaviour of a service and then automatically reports any changes in the state of the service to evaluator model. The e-observer observes the state of a service to determine whether it conforms to and obeys its intended behaviour or policy rules. E-observer techniques address most problems, govern and provide a proven solution that is re-usable in a similar context. This leads to an organisation and formalisation policy which is the engine of the e-observer model. Policies are used to refer to specific security rules for particular systems. They are derived from the goals of management that describe the desired behaviour of distributed heterogeneous systems and networks. These policies should be defended by security which has become a coherent and crucial issue. Security aims to protect these policies whenever possible. It is the first line of protection for resources or assets against events such as loss of availability, unauthorised access or modification of data. The techniques devised to protect information from intruders are general purpose in nature and, therefore, cannot directly enforce security that has no universal definition, the high degree of assurance of security properties of systems used in security-critical areas, such as business, education and financial, is usually achieved by verification.

In addition, security policies express the protection requirements of a system in a precise and unambiguous form. They describe the requirements and mechanisms for securing the resources and assets between the sharing parties of a business transaction.

However, Service-Oriented Computing (SOC) is a new paradigm of computing that considers "services" as fundamental elements for developing applications/solutions. SOC has many advantages that support IT to improve and increase its capabilities. SOC allows flexibility to be integrated into application development. This allows services to be provided in a highly distributed manner by Web services. Many organisations and enterprises have undertaken developments using SOC. Web services (WSs) are examples of SOC. WSs have become more powerful and sophisticated in recent years and are being used successfully for inter-operable solutions across various networks. The main benefit of web services is that they use machine-to-machine interaction.

This leads initially to explore the "Quality" aspect of the services. Quality of Service (QoS) describes many techniques that prioritise one type of traffic or programme that operates across a network connection. Hence, QoS has rules to determine which requests have priority and uses these rules in order to specify their priority to real-time communications. In addition, these rules can be sophisticated and expressed as policies that constrain the behaviour of these services. The rules (policies) should be addressed and enforced by the security mechanism. Moreover, in SOC and in particular web services, services are black boxes where behaviour may be completely determined by its interaction with other services under confederation system.

Therefore, we propose the design and implementation of the "behaviour of services," which is constrained by QoS policies. We formulate and implement novel techniques for web service policy-based QoS, which leads to the development of a framework for observing services. These services interact with each other by verifying them in a formal and systematic manner. This framework can be used to specify security policies in a succinct and unambiguous manner; thus, we developed a set of rules that can be applied inductively to verify the set of traces generated by the specification of our model's policy. These rules could be also used for verifying the functionality of the system.

In order to demonstrate the protection features of information system that is able to specify and concisely describe a set of traces generated, we subsequently consider the design and management of Ponder policy language to express QoS and its associated based on criteria, such as, security. An algorithm was composed for analysing the observations that are constrained by policies, and then a prototype system for demonstrating the observation architecture within the education sector. Finally, an enforcement system was used to successfully deploy the prototype's infrastructure over Web services in order to define an optimisation model that would capture efficiency requirements.

Therefore, our assumption is, tracing and observing the communication between services and then takes the decision based on their behaviour and history. Hence, the big issue here is how do we ensure that some given security requirements are satisfied and enforced? The scenario here is under confederation system and based on the following:

• System's components are Web-services.
• These components are black boxes and designed/built by various vendors.
• Topology is highly changeable.

• The proposal, design and development of a prototype of observation system that manages security policy and its associated aspects by evaluating the outcome results via the evaluator model.
• Taming the design complexity of the observation system by leaving considerable degrees of freedom for their structure and behaviour and by bestowing upon them certain characteristics, and to learn and adapt with respect to dynamically changing environments.

In modern software development, the gap between software requirements and implementation is not always conciliated. Typically, for Web services-based context-aware systems, reconciling this gap is even harder. The aim of this research is to explore how software reengineering can facilitate the reconciliation between requirements and implementation for the said systems. The underlying research in this thesis comprises the following three components.

Firstly, the requirements recovery framework underpins the requirements elicitation approach on the proposed reengineering framework. This approach consists of three stages: 1) Hypothesis generation, where a list of hypothesis source code information is generated; 2) Segmentation, where the hypothesis list is grouped into segments; 3) Concept binding, where the segments turn into a list of concept bindings linking regions of source code.

Secondly, the derived viewpoints-based context-aware service requirements model is proposed to fully discover constraints, and the requirements evolution model is developed to maintain and specify the requirements evolution process for supporting context-aware services evolution.

Finally, inspired by context-oriented programming concepts and approaches, ContXFS is implemented as a COP-inspired conceptual library in F#, which enables developers to facilitate dynamic context adaption. This library along with context-aware requirements analyses mitigate the development of the said systems to a great extent, which in turn, achieves reconciliation between requirements and implementation.

Most text mining techniques have been proposed only for English text, and even here, most research has been conducted on specific texts related to special contexts within the English language, such as politics, medicine and crime. In contrast, although Arabic is a widely spoken language, few mining tools have been developed to process Arabic text, and some Arabic domains have not been studied at all. In fact, Arabic is a language with a very complex morphology because it is highly inflectional, and therefore, dealing with texts written in Arabic is highly complicated.

This research studies the crime domain in the Arabic language, exploiting unstructured text using text mining techniques. Developing a system for extracting important information from crime reports would be useful for police investigators, for accelerating the investigative process (instead of reading entire reports) as well as for conducting further or wider analyses. We propose the Crime Profiling System (CPS) to extract crime-related information (crime type, crime location and nationality of persons involved in the event), automatically construct dictionaries for the existing information, cluster crime documents based on certain attributes and utilise visualisation techniques to assist in crime data analysis.

The proposed information extraction approach is novel, and it relies on computational linguistic techniques to identify the abovementioned information, i.e. without using predefined dictionaries (e.g. lists of location names) and annotated corpus. The language used in crime reporting is studied to identify patterns of interest using a corpus-based approach. Frequency analysis, collocation analysis and concordance analysis are used to perform the syntactic analysis in order to discover the local grammar.

Moreover, the Self Organising Map (SOM) approach is adopted in order to perform the clustering and visualisation tasks for crime documents based on crime type, location or nationality. This clustering technique is improved because only refined data containing meaningful keywords extracted through the information extraction process are inputted into it, i.e. the data is cleaned by removing noise. As a result, a huge reduction in the quantity of data fed into the SOM is obtained, consequently, saving memory, data loading time and the execution time needed to perform the clustering. Therefore, the computation of the SOM is accelerated. Finally, the quantization error is reduced, which leads to high quality clustering. The outcome of the clustering stage is also visualised and the system is able to provide statistical information in the form of graphs and tables about crimes committed within certain periods of time and within a particular area.

The proposed model architecture is validated through experiments using a corpus collated from different sources; it was not used during system development. Precision, recall and F-measure are used to evaluate the performance of the proposed information extraction approach. Also, comparisons are conducted with other systems. In order to evaluate the clustering performance, four parameters are used: data size, loading time, execution time and quantization error.

Grid computing technology is used as inexpensive systems to gather and utilize computational capability. This technology enhances applications services by arranging machines and distributed resources in a single huge computational entity. A Grid is a system that has the ability to organize resources which are not under the subject of centralized domain, utilize protocols and interfaces, and supply high quality of service. The Grid should have the ability to enhance not only the systems performance and job throughput of the applications participated but also increase the utilization scale of resources by employing effective resource management methods to the huge amount of its resources. Grid mobility appears as a technology to facilitate the accomplishment of requirements for Grid jobs as well as Grid users. This idea depends on migrating or relocating jobs, data and application software among Grid nodes. However, making use of mobility technology leads to data confidentiality problems within the Grid. Data confidentiality is the protection of data from intruders' attacks. The data confidentiality can be addressed by limiting the mobility to trusted parts of the Grid, but this solution leads to the notion of Virtual Organizations (VOs). Also as a result of mobility technology the need for a tool to organize and enforce policies while applying the mobility has been increased. To date, not enough attention has been paid to policies that deal with data movements within the Grid. Most existing Grid systems have support only limited types of policies (e.g. CPU resources). A few designs consider enforcing data policies in their architecture. Therefore, we propose a policy-managed Grid environment that addresses these issues (user-submitted policy, data policy, and multiple VOs).

In this research, a new policy management tool has been introduced to solve the mobility limitation and data confidentiality especially in the case of mobile sharing and data movements within the Grid. We present a dynamic and heterogeneous policy management framework that can give a clear policy definition about the ability to move jobs, data and application software from nodes to nodes during jobs' execution in the Grid environment. This framework supports a multi-organization environment with different domains, supports the external Grid user preferences along with enforces policies for data movements and the mobility feature within different domains.

The results of our research have been evaluated using Jade simulator, which is a software framework fully implemented in Java language and allows agents to execute tasks defined according to the agent policy. The simulation results have verified that the research aims enhance the security and performance in the Grid environments. They also show enhanced control over data and services distribution and usage and present practical evidence in the form of scenario test-bed data as to the effectiveness of our architecture.

One of the most crucial factors that e-commerce protocols should address is a fair exchange. In this research, an advanced method of cryptography coupled with the pay per use technique is used. A new electronic commerce protocol for the exchange of commodities is introduced. The proposed new protocol guarantees both features while addressing the main drawbacks associated with other related protocols. The new suggested e-commerce protocol is composed of two stages: pre-exchange and exchange stages. When the suggested new protocol is analysed with scrupulous protocol analysis, it attains fair exchange and a secure method of payment. The suggested new e-commerce protocol is more efficient than other related existing protocols. In this research "protocol prototype" and "model checking" is used for the purpose of authentication. The protocol prototype verifies that the suggested new protocol is executable when it's used in a real context. By experimental designs, this research shows the length of asymmetric keys as the biggest element that affects the efficiency of the protocol. When model-checking is applied in this protocol, the outcome indicates that the suggested protocol achieves the required features of fairness. Protocol extensions give those involved in the protocol the capacity to be resilient to failure. By using three methods of authentication, this research confirms that the new proposed protocol is well formulated. The work reported in this thesis first study the existing fair exchange protocols that solve the fairness problem. Then, propose more efficient protocol to solve the fairness problem. The original idea in this thesis is to reduce the communication overheads, risks and solve the bottleneck problems in the protocols that involve an online TTP. The idea is to dividing the process to two phases, pre exchange phase and exchange phase. The proposed protocol has the characteristics: three messages are required between all parties, the protocol guarantee strong fairness for both customer and merchant. The new protocol let the customer to be sure about the merchant's item before he send his item and let the merchant to be sure about the customer‟s item before he send his item, online disputes are resolved by a Financial Service Provider (FSP).

Software products have been racing against aging problem for most of their lifecycles, and evolution is the most effective and efficient solution to this problem. Model-Driven Architecture (MDA) is a new technique for software product for evolving development and reengineering methods. The main steps for MDA are to establish models in different levels and phases, therefore to solve the challenges of requirement and technology change. However, there is only a standard established by Object Management Group (OMG) but without a formal method and approach. Presently, MDA is widely researched in both industrial and research areas, however, there is still without a smooth approach to realise it especially in electronic learning (e-learning) system due to the following reasons: (1) models' transformations are hard to realise because of lack of tools, (2) most of existing mature research results are working for business and government services but not education area, and (3) most of existing model-driven researches are based on Model-Driven Development (MDD) but not MDA because of OMG standard's preciseness.

Hence, it is worth to investigate an MDA-based method and approach to improve the existing software development approach for e-learning system. Due to the features of MDA actuality, a MDA-based evolution method and approach is proposed in this thesis. The fundamental theories of this research are OMG's MDA standard and education pedagogical knowledge. Unified Modelling Language (UML) and Unified Modelling Language Profile are hired to represent the information of software system from different aspects. This study can be divided into three main parts: MDA-based evolution method and approach research, Platform-Independent Model (PIM) to Platform-Specific Model (PSM) transformation development, and MDA-based electronic learning system evolution. Top-down approach is explored to develop models for e-learning system. A transformation approach is developed to generate Computation Independent Model (CIM), Platform-Independent Model (PIM), and Platform-Specific Model (PSM); while a set of transformation rules are defined following MDA standard to support PSM's generation. In addition, proposed method is applied in an e-learning system as a case study with the prototype rules support. In the end, conclusions are drawn based on analysis and further research directions are discussed as well. The kernel contributions are the proposed transformation rules and its application in electronic learning system.

Vehicular ad hoc networks (VANETs) are a subclass of mobile ad hoc networks (MANETs) in which the mobile nodes are vehicles; these vehicles are autonomous systems connected by wireless communication on a peer-to-peer basis. They are self-organized, self-configured and self-controlled infrastructure-less networks. This kind of network has the advantage of being able to be set-up and deployed anywhere and anytime because it has no infrastructure set-up and no central administration. Distributing information between these vehicles over long ranges in such networks, however, is a very challenging task, since sharing information always has a risk attached to it especially when the information is confidential. The disclosure of such information to anyone else other than the intended parties could be extremely damaging, particularly in military applications where controlling the dissemination of messages is essential.

This thesis therefore provides a review of the issue of security in VANET and MANET; it also surveys existing solutions for dissemination control. It highlights a particular area not adequately addressed until now: controlling information flow in VANETs. This thesis contributes a policy-based framework to control the dissemination of messages communicated between nodes in order to ensure that message remains confidential not only during transmission, but also after it has been communicated to another peer, and to keep the message contents private to an originator-defined subset of nodes in the VANET.

This thesis presents a novel framework to control data dissemination in vehicle ad hoc networks in which policies are attached to messages as they are sent between peers. This is done by automatically attaching policies along with messages to specify how the information can be used by the receiver, so as to prevent disclosure of the messages other than consistent with the requirements of the originator. These requirements are represented as a set of policy rules that explicitly instructs recipients how the information contained in messages can be disseminated to other nodes in order to avoid unintended disclosure.

This thesis describes the data dissemination policy language used in this work; and further describes the policy rules in order to be a suitable and understandable language for the framework to ensure the confidentiality requirement of the originator. This thesis also contributes a policy conflict resolution that allows the originator to be asked for upto- date policies and preferences.

The framework was evaluated using the Network Simulator (NS-2) to provide and check whether the privacy and confidentiality of the originators' messages were met. A policy-based agent protocol and a new packet structure were implemented in this work to manage and enforce the policies attached to packets at every node in the VANET. Some case studies are presented in this thesis to show how data dissemination can be controlled based on the policy of the originator. The results of these case studies show the feasibility of our research to control the data dissemination between nodes in VANETs. NS-2 is also used to test the performance of the proposed policy-based agent protocol and demonstrate its effectiveness using various network performance metrics (average delay and overhead).

Businesses do evolve. Their evolution necessitates the re-engineering of their existing "business processes", with the objectives of reducing costs, delivering services on time, and enhancing their profitability in a competitive market. This is generally true and particularly in domains such as manufacturing, pharmaceuticals and education).

The central objective of workflow technologies is to separate business policies (which normally are encoded in business logics) from the underlying business applications. Such a separation is desirable as it improves the evolution of business processes and, more often than not, facilitates the re-engineering at the organisation level without the need to detail knowledge or analyses of the application themselves. Workflow systems are currently used by many organisations with a wide range of interests and specialisations in many domains. These include, but not limited to, office automation, finance and banking sector, health-care, art, tele-communications, manufacturing and education.

We take the view that a workflow is a set of "activities", each performs a piece of functionality within a given "context" and may be constrained by some security requirements. These activities are coordinated to collectively achieve a required business objective. The specification of such coordination is presented as a set of "execution constraints" which include parallelisation (concurrency/distribution), serialisation, restriction, alternation, compensation and so on.

Activities within workflows could be carried out by humans, various software-based application programs, or processing entities according to the organisational rules, such as meeting deadlines or performance improvement. Workflow execution can involve a large number of different participants, services and devices which may cross the boundaries of various organisations and accessing variety of data. This raises the importance of

• context variations and context-awareness and
• security (e.g. access control and privacy).

The specification of precise rules, which prevent unauthorised participants from executing sensitive tasks and also to prevent tasks from accessing unauthorised services or (commercially) sensitive information, are crucially important. For example, medical scenarios will require that

• only authorised doctors are permitted to perform certain tasks,
• a patient medical records are not allowed to be accessed by anyone without the patient consent and
• that only specific machines are used to perform given tasks at a given time.

If a workflow execution cannot guarantee these requirements, then the flow will be rejected. Furthermore, features/characteristics of security requirement are both temporal- and/or event-related. However, most of the existing models are of a static nature -- for example, it is hard, if not impossible, to express security requirements which are

• time-dependent (e.g. A customer is allowed to be overdrawn by 100 pounds only up-to the first week of every month).
• event-dependent (e.g. A bank account can only be manipulated by its owner unless there is a change in the law or after six months of his/her death).

Currently, there is no commonly accepted model for secure and context-aware workflows or even a common agreement on which features a workflow security model should support. We have developed a novel approach to design, analyse and validate workflows. The approach has the following components:

• A modelling/design language (known as CS-Flow). The language has the following features:
  • support concurrency;
  • context and context awareness are first-class citizens;
  • supports mobility as activities can move from one context to another;
  • has the ability to express timing constrains: delay, deadlines, priority and schedulability;
  • allows the expressibility of security policies (e.g. access control and privacy) without the need for extra linguistic complexities; and
  • enjoy sound formal semantics that allows us to animate designs and compare various designs.
• An approach known as communication-closed layer is developed, that allows us to serialise a highly distributed workflow to produce a semantically equivalent quasi-sequential flow which is easier to understand and analyse. Such re-structuring, gives us a mechanism to design fault-tolerant workflows as layers are atomic activities and various existing forward and backward error recovery techniques can be deployed.
• Provide a reduction semantics to CS-Flow that allows us to build a tool support to animate a specifications and designs. This has been evaluated on a Health care scenario, namely the Context Aware Ward (CAW) system. Health care provides huge amounts of business workflows, which will benefit from workflow adaptation and support through pervasive computing systems. The evaluation takes two complementary strands:
  • provide CS-Flow's models and specifications and
  • formal verification of time-critical component of a workflow.

The Virtual Learning Environment (VLE) is a form of e-learning environment that is becoming widely adopted in higher educational institutions and universities. The term "Tracking" in relation to an e-learning context is the learner's observation process of any possible interaction with learning activities. Learning activities are a collection of objects designed within e-learning environments to support learners in better understanding and fulfilling the learning objectives during the learning process. A tracking tool is an essential tool fixed within e-learning environments. Most current VLEs (e.g. MOODLE and Blackboard) have utilized similar tracking functions, which aim at recording statistical data for each learner. The current e-learning environments are unable to track individual learning activities where the tracked information can be used to support and guide learners. In this thesis, we propose a policy-based runtime tracking system. Such a tracking system is implemented as an integral part of an e-learning environment (e.g. MOODLE). Our proposed approach does the following: 1) keeps track of and captures the learning activity events and learner interaction events within a learning activity; 2) enforces a set of policies at runtime that specify how to manage the learning activities and the way the learners behave during them; and 3) provides the learners with supportive feedback in a timely manner.

We present a computational model which defines the behaviour of the system's components and describes the tracking mechanism applied in our proposed approach. We designed architecture for our proposed approach with respect to the computational model. We present learning activity policies based on the ECA model to be enforced at runtime; this is done in response to the captured events about either the learning activities or the interactions of learners within the learning activities. A policy-based enforcement mechanism is proposed where learning activity policies are specified to support and guide learners to achieve the learning objective and thus to meet such requirements. Finally, we present a case study based on a current e-learning environment to evaluate our approach.