Date: Oct 23, 2020

Time: 20:00 - 21:00

Location: Zoom

DSRC Seminar | Model-Driven Engineering and Its Application to Static Code Analysis

Model-Driven Engineering is a software development technique that advocates the use of models as primary artifacts in the development process. In this context, a model is any structured specification that follows a well-defined language, thus including graphical models like UML as well as textual specifications. Following this philosophy, developers “program” using models, and artifacts are  automatically generated from such abstract representations of the intended product. This requires ad-hoc languages that are able to describe concepts of the involved domain, that is, Domain-Specific Languages (DSLs). In this talk, I will first introduce first the basic concepts behind MDE, and then discuss their application to static code analysis. Static code analysis is a popular technique to detect known bugs and vulnerabilities in source code. Many tools exist nowadays, e.g., SonarQube, PMD, CheckStyle. They are however difficult to extend, and configuring them to verify customized rules is often challenging. Furthermore, rules are often described in natural language, leaving a gap between the rule and the checker that is supposed to verify it. Based on our ongoing research, I will discuss how a DSL for the specification of coding rules can fill this gap.

Speaker Bio:
Leonardo Montecchi is Assistant Professor at the University of Campinas (Unicamp), Brazil. Previously, he was a post-doc researcher in the Resilient Computing Lab (RCL) research group of the University of Florence, Italy. He received the PhD in Computer Science, Systems and Telecommunications in 2014 from the same university, under the supervision of Prof. Andrea Bondavalli. His expertise and research interests revolve around different aspect of the modeling of complex systems, including formal models, probabilistic models, and model-driven engineering. Currently, he focuses on the application of model-driven engineering techniques to support the development and V&V of systems, with a special focus on critical systems and infrastructures. He regularly serves as a reviewer for international conferences and journals in the area of dependable systems and he was the Chair of the Program Committee of the 9th Latin-American Symposium on Dependable Computing (LADC 2019). He has participated in several International research projects, such as ARTEMIS-2008-1-100022 “CHESS”, ARTEMIS-2012-1-333053 “CONCERTO”, FP7-PEOPLE-2013-IRSES-612569 “DEVASSES” and FP7-ICT- 2013-10-610535 “AMADEOS”. He is currently coordinating the Unicamp team on the H2020-MSCA-RISE-2018-823788 “ADVANCE” mobility project.