Feeds

Firing up the Erudine engine

Building with behaviour

Combat fraud and increase customer satisfaction

This is the next article in our occasional series on new, more formal (mathematically-based) approaches to system development. The first article (here), looked at Bayesian analysis and formal methods (which are only "new" to the general development space, of course).

This article looks at a tool, the Erudine executable behaviour engine, which uses the mathematical modelling of behaviour as a basis for systems development. Unfortunately (or, perhaps, fortunately), Erudine keeps its math a secret, so I can't say much about it – it usually sells by solving intractable development problems in a proof-of-concept, so one can probably assume that the math works.

Erudine automates the elucidation of system behaviours (expressed in the form of rules) and builds up a model of a system, which incorporates automatic consistency and completeness testing, and which can be executed in production. It suits problems with well-defined inputs and outputs (rather than algorithmic problems, although algorithms can be plugged in to the model).

It doesn't do automated Rule Induction - it's all human-steered. However, it can simplify rules for input to rule induction software and it's useful for pre and post-massaging of the inputs to and outputs from other systems.

Erudine Process

From a developer's point-of-view, Erudine claims to be particularly useful for legacy replacement; even if the legacy application is undocumented and its programmers are no longer around. This is because it models the behaviour of the legacy application as a "black box" and completely reproduces this behaviour, as validated by current domain experts, on a new platform. Legacy replacement is a known "pain point" (where traditional approaches often don't work effectively) and is therefore a good place to get new technology deployment accepted. However, the Erudine approach should work on new developments too.

Erudine development follows a reasonably straightforward process:

Stage 1: This is a basic RUP (Rational Unified Process) inception process with domain experts supplying the input – even outside Erudine, this can be quite "agile", see here. Access to real business experts at this stage is important.

Stage 2: At this stage, the developers decide on the partitioning - morphology - of the system. An architectural framework is being built.

Stage 3: A significant piece of the system is chosen - a particular case (not "use case" exactly, it's all data driven) or set of dataflows. The scope of the Erudine model is defined in terms of physical input/output docs; reference data; or (at last resort) by hooking into the system and identifying the outputs from key dataflows. This stage delivers the "mental model" of the problem domain inside developer's heads together with a semantic glossary (usually, just a simple document) for use with the model.

This is where the basic computer model of the system dataflows is built; the developers pull out meanings and put placeholders in the model for scenario-based tests. Conceptual graphs are used to represent real system or domain knowledge – Erudine does this better than most other approaches can.

Stage 4: Now the developers add "behaviour" to the system, module by module – attacking the "low hanging fruit" first. They start with the bits that are easy to replace - or those that the client desperately wants to replace. They need to manage the delivery gap – the period when they're asking questions and nothing is being delivered. However, once delivery starts it is rapid because the most likely cases are being handled first. The end users of the system should also buy into the process early on, because of the focus on business behaviours and the involvement of domain experts from inception.

As each piece of behaviour is added, inconsistencies with early behaviours are highlighted and addressed – which is a form of continuous and automated unit testing.

Stage 4A: The complete model can be executed – the integration process – there is no need for a translation into code or switch over to conventional coding.

SANS - Survey on application security programs

Next page: Issues

More from The Register

next story
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.