[ramadan] From Secure BPM to Design-Level Security Verification

[grammarware]

Submitted by @QRamadan to https://github.com/grammarware/models17/tree/master/ramadan

[iovinoludovico]

Following the usage instructions I downloaded a complete-clean eclipse installation as suggested:

• downloaded the CARISMA and Henshin Plugin from update sites
• Correctly imported the provided project

I receive an error for the initial CARISMA plugin at the eclipse startup saying " Error CARiSMA VisiOn launcher is not configured." I will look into the installation and configuration problems of carisma.

[dstrueber]

@iovinoludovico Sorry for these difficulties. During the CARiSMA installation, did you install the VisiOn plug-in? There seem to be some issues with that plug-in and we don't require it, so it would be best to deinstall it, using Help -> About Eclipse -> Installation Details -> type "Vision" -> Uninstall. From the CARiSMA update site, you only need the BPMN and UML plug-ins (which is mentioned a bit tersely in the instructions).

Update: we emphasized the remark about the required BPMN and UML plug-ins in the instructions.

[ahmadsalim]

I followed the instructions which seemed to work fine, but when I look at the analysis output I get:

------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
Running check : UMLsec secure dependency Check
------------------------------------------------------------------------------------
Processing dependency 'null' between 'null' and 'null'
Processing dependency 'null' between 'null' and 'null'
- not in scope of <> -> nothing to check!
Processing dependency 'null' between 'null' and 'null'
- not in scope of <> -> nothing to check!
Processing dependency 'null' between 'null' and 'null'
- not in scope of <> -> nothing to check!
Processing dependency 'null' between 'null' and 'null'
- not in scope of <> -> nothing to check!
Processing dependency 'null' between 'null' and 'null'
- not in scope of <> -> nothing to check!
Processing dependency 'null' between 'null' and 'null'
Processing dependency 'null' between 'null' and 'null'
Processing dependency 'null' between 'null' and 'null'
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
Running check : UMLsec secure links Check
------------------------------------------------------------------------------------

This output looks suspicious because of all the null's. Could you kindly suggest how to further troubleshoot this, and what possible errors there are?

[ahmadsalim]

@dstrueber @QRamadan I forgot to mention you above, thanks.

[dstrueber]

@ahmadsalim We can reproduce this behavior, and will try to address it shortly. We'll keep you posted.

[iovinoludovico]

Thanks @dstrueber , now it seems to start correctly. Same 'null' in the processing console as @ahmadsalim , but at the end Saved result in 'example1-generated-result.uml' model seems to be generated

[iovinoludovico]

I suggest to change the line of the tutorial instruction from: The results of the transformation process (.uml file) will be stored to the myexample directory to The results of the transformation process (.uml file) will be stored to the project root directory

[iovinoludovico]

For the analysis part I correctly completed it and I created reports for my security checks. So I only suggest the above improvement of the readme text.

ps: I received some of the alerts mentioned so try to improve the compatibility between the installated plugins.

[rhebig]

Hi, I was wondering about this anyways. The setup is depending on a lot of tools and their versions (Eclipse, Henshin, Carisma ...), which is a threat to long-term usage and reproducibility of your results. What about adding a virtual machine that includes a running configuration of eclipse with your workspace?

[dstrueber]

@ahmadsalim @iovinoludovico OK, some progress:

1. The "null" entries in secure dependency come from the fact that we didn't assign a name for the root element in the output models, so the Fully Qualified Names of all elements are "null". We will shortly add a small fix to the transformation to change that.
2. The lack of feedback for secure links comes from a lazy implementation in the CARiSMA tool. We will fix the implementation so it gives more informative feedback. Both of these fixes should happen within 1-2 days.

[dstrueber]

@iovinoludovico Thanks, we did the proposed change to the readme file. We'll try our best about the warnings during the transformation - unfortunately, they're very hard to debug. But at least they don't affect the transformation result.

@rhebig Indeed, that's a good point. We could improve long-term use by adding frozen versions of the CARiSMA and Henshin plug-ins to the artifact. The Eclipse build archive, in turn, is very solid, not tied to a specific OS, and we believe it can enable better reusability than a VM-based solution. Would this be OK?

[rhebig]

Sounds good to me!

[rhebig]

I have another question: Following your README, you have 4 examples from the case study. However, there are bpmn files in folder “testing” and folder “src”. Maybe it is possible to add a paragraph in the README that clarifies the role of all files in the submission?

[dstrueber]

@rhebig Excellent, thanks! We added a section in which the main contents of the artifact are listed and explained (will be updated when we add the frozen CARiSMA/Henshin versions, of course).

[QRamadan]

@ahmadsalim @iovinoludovico Regarding the "null" entries in secure dependency we added a small fix to the transformation to change that. An updated version of our project package is uploaded. We also fixed the lack of feedback problem after executing secure links check. Now the implementation gives more informative feedback.

@rhebig For the purpose of long-term usage for our artifacts, we have mirrored the Henshin and CARiSMA update sites and uploaded them to the GitHub and ReMoDD entries.

[ahmadsalim]

@QRamadan Thanks for the update:

When I run the RABAC: use input transformation, I get the following result:

INFO: Loaded sessions

User Subject has access to the following protected items:

INFO: Verified CHECK_ID constraints, view report for details

------------------------------------------------------------------------------------
No errors have been detected.
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------

This is different then what I get from the instructions, which states that I should get:

Airplane role has access to Notify local authority operation.

Is there a step I did wrongly, here?

[QRamadan]

@ahmadsalim Thank you for the question. It took me some time to figure out what is the problem. I think you followed the instructions correctly. But in the step before executing RABACsec: Create transformation input check you assigned the rights to the Airplane role by copy-paste the following: {(Airplane, Modify_Flight planRead_Flight plan)}. However, this contains a white space between the comma after Airplane and Modify_Flight planRead_Flight plan which indeed will prevent a matching between the specified right to access Notifylocalauthority operation and the one assigned to the role. Please remove this white space or copy-paste the following: {(Airplane,Modify_Flight planRead_Flight plan)}. I will edit this also in the readme file.

[ahmadsalim]

@QRamadan I got it to work now. Perhaps, it is a good idea to mention that whitespace is important in the README as well, if you did not do it already. I will provide the assessment shortly.

[iovinoludovico]

re-imported the project now i receive an error when I start the JUNIT test plugin as in the attachment

[QRamadan]

@ahmadsalim Great!. Actually, I just modified the example in README, but yes I agree with you, we need to add a hint to highlight this whitespace problem.

[ahmadsalim]

@QRamadan How is it possible to actually view the models?

I tried installing the BPMN2 plug-in, but I get an error regarding the SecBPMN extension which is not available. Due to time constraints, I will do the assessment without viewing the models, but I think it would be good to describe the required process to view and edit the models as well in the README.

[ahmadsalim]

When I run the UMLsec analyses on flight plan I get:

------------------------------------------------------------------------------------
The analysis detected 4 errors.
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------

ERROR: ATSU1 provides {integrity} for operations for which ATSU2 does not!
ERROR: ATSU1 provides {secrecy} for operations for which ATSU2 does not!
ERROR: ATSU1 provides {integrity} for operations for which Flyingobjectmanager(airplane) does not!
ERROR: ATSU1 provides {secrecy} for operations for which Flyingobjectmanager(airplane) does not!
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------

[ahmadsalim]

@QRamadan @dstrueber Could you kindly look into the above?

[QRamadan]

@iovinoludovico Thank you for the question. Actually, I do not have this problem, but I would suggest deleting the run configuration (run->run configurations->from the left side of the run configuration window delete all the run configurations under the Junit plug-in test). I hope this will solve the problem. However, as I can see from the figure you still able to generate the UML file. Is this right?

[QRamadan]

@ahmadsalim Good question. Actually, SecBPMN2 is not part of CARiSMA. If you are interested to see and modify the SecBPMN2 models, you need to install STS tool from http://www.sts-tool.eu/. We can also describe this in the README

[ahmadsalim]

@QRamadan I tried to install the STS tool before I asked, but I did not know how to import the models. I could not open them if I just dragged and dropped them.

[QRamadan]

@ahmadsalim Yes, you are right there are some specific steps needed to be able to see the models using STS tool. Just before few minutes, I have uploaded a new file called "projects.exp". This file contains the SecBPMN2 models used in our case study. Please first download this file to your desktop. To open this file from the STS tool select File --> Import--> project--> next ---> select the "projects.exp".

[ahmadsalim]

@QRamadan Great, I got the viewing and editing of models working now.

I think if you just got resolve the above stated errors, I can finish writing the assessment.

[QRamadan]

@ahmadsalim Thanks for pointing us to this issue, it seems to be related to a problem with different versions of the underlying CARiSMA tool. We're working on the fix right now and will hopefully provide it very soon.

[ahmadsalim]

@QRamadan OK, I will provide a preliminary assessment below then.

[ahmadsalim]

Summary

The artifact represents a transformation (written in Henshin) that converts models with security policies written in the business process language SecBPMN to UMLsec models, which allows verification of specified policies at business level by existing tools like CARiSMA. The artifact is evaluated on a case study, where an Air Traffic Management System (ATM) is modelled using BPMN with security policies in four different models describing three different aspects (Landing, Flight, External Services).

Assessment

Consistency

• All the transformations in the case study are included in the provided zip file.
• I was able to successfully run the transformation and verification using the provided instructions with most things working as expected (except the issue mentioned above that is being fixed)

Completeness

• The artefact is as far as I can see uploaded to ReMoDD. I think it would be good to also have the STS project there if it is not already.

Documentation

• The required 2-page abstract is included and it was straightforward following most instructions to get the artifact working from the README.
• As someone who is not familiar with the modelled ATM system, I would have liked that there were scenarios/parameters provided for RABAC policies of the models in case study, so that it was possible to run the analysis on them in addition to the example.
• After I got some help here, I was able to open and edit the BPMN files using STS studio. I think the documentation should include instructions on how to open and edit the files, and then reimport them in the transformation project.

Reusability

• For short term, I think the reusability aspects are fine since everything is open source, and the instructions provide sufficient detail on how run the transformations and verifications.
• For long term, I am somewhat worried that the SecBPMN models rely on the proprietary STS studio to open and edit (graphically), which could pose a problem if the product was discontinued.

[QRamadan]

@ahmadsalim Thank you indeed for your efforts and the assessment. For your information, we have uploaded an updated version of our project package that includes a fix to the problem that you have faced during the execution of the secure dependency check. We have also updated our README file by including the following information: first, a hint to avoid whitespaces entries which the case in RABAC check. Second, we added a section that describes the instructions on how to open and edit the BPMN files, and then how to reimport them in the transformation project. We have also uploaded the projects.exp to the ReMoDD repository together with an updated version of our project package. By these fixes, I hope we addressed the consistency, completeness and documentation limitations that are mentioned in your preliminary assessments.

[dstrueber]

@ahmadsalim Thanks for your review. Regaring long-term use, a solution would be to mirror the current version of the STS tool (available from here) at FigShare. We will ask the STS tool developers if that's OK for them.

[iovinoludovico]

Yes @QRamadan I'm still able to generate it, so I guess it is a problem of ui. I'll write the final review in few hours.

[iovinoludovico]

This submission is coupled with the models paper “From Secure Business Process Modeling to Design-Level Security Verification”. The artefacts submission includes an Artifact paper, the model transformation from SecBPMN2 to UMLsec and four examples including SecBPMN2 models from the Air Traffic Management System case study. In this artifact paper the process of using the transformation, and the verification of the generated models using the CARiSMA tool is well explained using a picture of the overall architecture.

(1) Is the artifact consistent with the paper?

The artifacts are consistent with the paper and the artifact paper provided. All the artefacts in the case study are included in the zip file uploaded on GitHub.

(2) Is the artifact as complete as possible? I asked the authors to clarify the documentation in some points, e.g., The results of the transformation process (.uml file) will be stored to the myexample directory —> The results of the transformation process (.uml file) will be stored to the project root directory. The authors followed the suggestions.

(3) Is the artifact well-documented?

I was able to run the transformation and verify with the CARISMA tool following the provided instructions. In the first round I uploaded some screenshots with errors and the authors immediately provided instructions to fix them or at least identified the possible source of the error.

(4) Is the artifact easy to (re)use?

The artefacts are easy to use and install as indicated in the tutorial section of the artefacts paper. The only problem the authors and reviewers noticed is linked to the CARISMA versions so it would be great to provide a way to have the complete working environment, e.g., virtual machine, in alternative to the current installation instructions.

[QRamadan]

@iovinoludovico Thanks for your review and for your time to check our artifacts. Yes, we agree with your last comment about CARiSMA which is also similar to an earlier comment from @rhebig. To address this issue, we have already mirrored the Henshin and CARiSMA update sites and uploaded them to the GitHub and ReMoDD entries. We also provided instructions in README file on how to install these tools from the mirror files. By this, we can guarantee the long-term usage for our artifacts.

[iovinoludovico]

That's great. I checked the updated readme and I guess this a good solution for the mentioned warning. Thanks

[ahmadsalim]

@QRamadan @dstrueber Thanks for the update, I think that the changes sound good. It would be good if it was possible to archive the STS tool; I do not think it is an issue with regards to acceptance of the artifact if it was not possible.

[mschoettle]

Is there a way to visualize the UML model? I tried to open it with Papyrus but got some errors about a missing .notation file.

[QRamadan]

@mschoettle Thanks for highlighting this issue. To create a Papyrus UML diagram initialized with the contents of a given .uml model file, one need first to create a new Papyrus model by right-clicking the UML model (i.e., Transformed_serialized_profile.uml) --> New--> Other--> select Papyrus Model--> Select UML --> save the model to the root directory of our project (i.e., myexample) --> Finish. From the Repair Streotypes and some profiles have changed pop-up windows press OK. After that, the .di and .notation files are created. By following the previous instructions, the required files to work with the UML model in Papyrus can be initialized. Now make sure that you are working on the Papyrus modeling perspective --> open the created Papyrus model --> create view --> select the root element of our UML model --> and then select the desired type of UML diagrams that you want to create (Please note that our .uml file only contains elements related to the Deployment and Class diagrams) --> enter a name to the diagram. After opening the created diagram you will see nothing but a blank window. This because in general .uml file has no information regarding any diagram. All you have is the model elements, but no diagrams. Therefore, you have to create the diagrams manually by dragging and dropping the model elements to the desired diagram view (e.g., class ). To do so, make sure that you are working in Papyrus modeling perspective view and the "Model Explorer" view is visible.

Since one can see that dragging and dropping the UML elements to the diagram view manually is a time and efforts consuming, we can suggest another way to perform this task. After creating the desired UML diagram, select Diagram from the menu bar of your Eclipse -->Filters -- >Synchronized with Model. Then all the UML classifiers elements will be automatically inserted to your diagram. However, personally speaking, this suggestion is useless since you need to remove all the classifiers that are not related to your diagram. For example, if you want to create a class diagram, by following the last suggestion not only the classes will be inserted into your class diagram view but also the UML nodes and artifacts which are part of our deployment diagram. Moreover, you still need to drag and drop the missing details such as the operations, dependencies, and associations manually from the Model explorer view. For further discussion about this issue please see https://www.eclipse.org/forums/index.php/t/1071157/. I hope my answer will help you.

[QRamadan]

@iovinoludovico @ahmadsalim Thanks for your comments which indeed help us to improve our artifacts.

[mschoettle]

This artifact accompanies a paper on a novel model transformation from the extensions SecBPMN2 to UMLsec, allowing security requirements specified in SecBPMN2 to be transformed to UMLsec. Once the UMLsec model is refined, it can be verified against security policies.

The artifact consists of a case study of an Air Traffic Management System (ATM) including three BPMN models, as well as a small example. Furthermore, the henshin transformations and Java code to invoke the transformations is included as well as a metrics printer allowing to print the metrics for all transformations.

Consistency with paper

• All the artifacts mentioned in the paper are provided through the example project in this repository
• The artifacts corresponding to phase 1 to 4 of Fig. 3 (showing the process) are included or can be produced by following the instructions, the checks to verify the security policies can be obtained through the required plug-ins (Carisma checks)

I do have the following comments about some inconsistencies:

• The paper mentions a trace model. As far as I understand it, it is a separate model which is also created during the transformation. However, I could not find this model after performing the transformation.
• The metrics printed out by the metrics printer are not fully consistent with what Table II shows in the paper. I added the file names to the print out, my results are shown below.
  • I am not totally sure what pools and dataObjects refers to (they must be refer to processes and participants), for FlightPlan and Landing one of those two does not match.
  • for UMLsec models, the Secrecy (ST.) and Integrity (IT.) metrics are inconsistent
  • for consistency, I suggest to change/add the names of the print out to match those metrics in the paper. It is not immediately clear for all of them what the mapping between them is.

example1.bpmn
pools:2 dataObjects:1 tasks:5 events:5 dataAssociations:4 messageFlows:1 securityAssociation:3 accountability:1 confidentiality:1 integrity:1
Flightplan.bpmn
pools:3 dataObjects:6 tasks:23 events:16 dataAssociations:29 messageFlows:14 securityAssociation:22 accountability:5 confidentiality:7 integrity:10
Landing.bpmn
pools:4 dataObjects:5 tasks:31 events:24 dataAssociations:24 messageFlows:15 securityAssociation:19 accountability:5 confidentiality:5 integrity:9
Externalservices1.bpmn
pools:4 dataObjects:4 tasks:18 events:11 dataAssociations:19 messageFlows:5 securityAssociation:9 accountability:3 confidentiality:2 integrity:4
Externalservices2.bpmn
pools:5 dataObjects:5 tasks:39 events:21 dataAssociations:47 messageFlows:17 securityAssociation:21 accountability:4 confidentiality:3 integrity:14

example1.uml
nodes:4 artifacts:5 paths:3 classes:6 operations:6 associations:4 dependencies:4 abacrequires:2 criticals:2 secrecyTags:2 integrityTags:2 ecnryptedPaths:3 secrecyDep:4 integrityDep:4
Flightplan.uml
nodes:6 artifacts:12 paths:6 classes:12 operations:34 associations:17 dependencies:11 abacrequires:10 criticals:3 secrecyTags:17 integrityTags:26 ecnryptedPaths:5 secrecyDep:11 integrityDep:11
Landing.uml
nodes:8 artifacts:13 paths:7 classes:12 operations:43 associations:14 dependencies:16 abacrequires:10 criticals:4 secrecyTags:16 integrityTags:24 ecnryptedPaths:7 secrecyDep:14 integrityDep:16
Externalservices1.uml
nodes:8 artifacts:12 paths:8 classes:11 operations:22 associations:12 dependencies:10 abacrequires:6 criticals:4 secrecyTags:6 integrityTags:11 ecnryptedPaths:7 secrecyDep:7 integrityDep:10
Externalservices2.uml
nodes:10 artifacts:15 paths:14 classes:13 operations:52 associations:24 dependencies:21 abacrequires:18 criticals:5 secrecyTags:8 integrityTags:42 ecnryptedPaths:10 secrecyDep:11 integrityDep:21

• Minor suggestion: To be consistent between README and paper, I suggest to refer to the transformation result as a UMLsec model

Completeness

The project contains the required files and transformations. A two page artifact paper and ReMoDD upload is also present.

For the RABAC checks, from my understanding the data to add (to the uml model) or choose (in the RBAC transformation dialog) given in the README applies to one of the example files. It would be helpful to provide for each of the BPMN files, which ABAC rights need to be added to the RBAC class in the .uml file, and which role to choose within the RBACsec transformation input dialog.

Additionally, it would then be helpful to know whether all checks should pass or which ones might fail.

I do get two UMLsec secure dependency check errors when performing the validation for Externalservices2. If this is not intended, please resolve it.

* ERROR: Dependency 'SWIM governance_ATM service provider' misses stereotype <<secrecy>>!
* ERROR: Dependency 'SWIM_ATM service provider' misses stereotype <<secrecy>>!

Well-documented

Following the instructions provided in the README and using the example project with the case study, it is possible to set up Eclipse, perform the transformations and do the verifications against security policies for the ATM case study.

I have some minor suggestions:

• Please add instructions on how to run the metrics printer and its requirements
  • for instance, first all example BPMN models have to be transformed
  • I had to rename the transformation result to match those names specified in the code. For this, it would actually be helpful to either adjust the generated file names or change the file names in the code to match.
  • in the metrics printer code, example.bpmn needs to be changed to example1.bpmn
• I suggest to improve the formatting of the second bullet point under Performing the validation to improve readability. It contains several different steps.
• The example project should use example1.bpmn by default as described in the README. It currently uses Exampleservice2.bpmn.
• the console output refers to the saved result file name as -generated-result.uml (within src/my.example) whereas the README refers to Transformed_serialized_profile.uml (in the root of the project). Please address this inconsistency. It seems to me that the latter is a copy of the former and will be overwritten the next time a transformation is performed. Is it then even necessary?
• Thank you for the instructions on visualizing UML models. It would be good to have that as part of the README as well for the future.

Easy (re)use

The documentation, Eclipse build archive and archived plug-in versions in this repository allow future use. The only benefit of a virtual machine image I see is for (very) long-term use in case the Eclipse version becomes incompatible with newer operating systems.

[dstrueber]

@mschoettle Thanks for your very detailed and accurate review. Comments regarding some of the remaining issues:

• The trace model currently only exists in-memory during and after the transformation - the code to persist is missing since we didn't need it for our evaluation. However, from the user perspective, we definitely agree that it makes sense to persist the trace model. Actually, in EMF, persisting the in-memory representation of a model is simple, so we'll shortly add the remaining code.

• Some metric values have changed since the accepted version of the paper, after we had to change a couple of details in our transformation implementation to keep up with changes of the CARiSMA implementation (as discussed above). Fortunately, we can still consider the updated metrics values in the camera-ready version of the paper, and will do so. Thanks again for pointing out these inconsistencies.

[QRamadan]

@mschoettle Thanks for your review. It helped us indeed for improving our artifacts. The following are the comments from your last review. At the end of each comment, we discussed whether the comment is fixed (i.e.., Status) together and where a fix is added (Reference).

Consistency with paper

• The paper mentions a trace model. As far as I understand it, it is a separate model which is also created during the transformation. However, I could not find this model after performing the transformation. (Status: Done, Reference: we implemented the trace model persisting. The new additions are in lines 4723-4748 of BpmnToUml.java file. Also we added information about this output at the end of Performing the transformation section.)

• The metrics printed out by the metrics printer are not fully consistent with what Table II shows in the paper:

  • I am not totally sure what pools and dataObjects refers to (they must be refer to processes and participants), for FlightPlan and Landing one of those two does not match. (Status: Done, Reference: Table II in the paper is adjusted to match the correct metric values)
  • for UMLsec models, the Secrecy (ST.) and Integrity (IT.) metrics are inconsistent. (Status: Done, Reference: Table II in the paper is adjusted to match the correct metric values)
  • For consistency, I suggest to change/add the names of the print out to match those metrics in the paper. It is not immediately clear for all of them what the mapping between them is. (Status: Done, Reference: the output of BpmnToUmlMetricsPrinter.java is adjusted to be comparable to the Table II in the paper).
  • Minor suggestion: To be consistent between README and paper, I suggest to refer to the transformation result as a UMLsec model. (Status: Done, Reference: at the end of performing the transformation section in README file)

Completeness

• It would be helpful to provide for each of the BPMN files, which ABAC rights need to be added to the RBAC class in the .uml file, and which role to choose within the RBACsec transformation input dialog. (Status: Not totally fixed, Reference: we implemented a partial fix in our transformation that generates a .txt file. The file name is the name of the .bpmn model followed by -generated-result-rights.txt. This file can help the user to know which operation has an access restrection and what are the rights that a role should has to be able to access this operation. However, we cannot automatically identify which role to choose when berforming abac check and this should be remain as human-based decicsion. An information about our new implementation is also at the end of both performing the transformation and RABAC (Role Attribute-based Access Control) sections in README file)

• It would then be helpful to know whether all checks should pass or which ones might fail. (Status: Done, Reference: A sentence that clarifies this issue is added to the end of the Performing the verification section in README file).

• I do get two UMLsec secure dependency check errors when performing the validation for Externalservices2. If this is not intended, please resolve it. (Status: Done, Reference: a new version of our project package with a fix to the mentioned errors is uploaded to both GitHub and ReMoDD repositories).

Well-documented

• Please add instructions on how to run the metrics printer and its requirements. (Status: Done, Reference: a new section called Computing the metric values for the input and output models is added to the end of README file)

  • I had to rename the transformation result to match those names specified in the code. For this, it would actually be helpful to either adjust the generated file names or change the file names in the code to match. (Status: Done, Reference: we adjust the file names in the code).
  • in the metrics printer code, example.bpmn needs to be changed to example1.bpmn (Status: Done)
  • I suggest to improve the formatting of the second bullet point under Performing the validation to improve readability. It contains several different steps. (Status: Done, we seperated the mentioned bullet into two bullets to allow better readability)

• The example project should use example1.bpmn by default as described in the README. It currently uses Exampleservice2.bpmn. (Status: Done)

• the console output refers to the saved result file name as -generated-result.uml (within src/my.example) whereas the README refers to Transformed_serialized_profile.uml (in the root of the project). Please address this inconsistency. (Status: Done. We adjusted the README file to handel this inconsistency, Reference: at the end of performing the transformation section and other places in README file).

• Thank you for the instructions on visualizing UML models. It would be good to have that as part of the README as well for the future. (Status: Done, Reference: new section called Viewing the resulted UMLsec model is added to the of README file)

By these fixes, we hope that we addressed the consistency, completeness and documentation limitations that are mentioned in your assessments.

[QRamadan]

@ahmadsalim Regarding long-term use issue, @dstrueber suggested last time to mirror the current version of the STS tool and make it available at FigShare, please see the previous discussion. We have discussed this with the STS tool developers and they agreed about this. We have uploaded the mirror files for the current version of the STS-tool to the FigShare (available from here).

We also added this link to the information of our project in ReMoDD and to the README file.

[grammarware]

Dear @QRamadan @dstrueber et al,

The Artifact Evaluation Committee of MoDELS 2017 has reached the conclusion during the closed committee meeting that this artifact conforms to the expectations and is hereby approved. Please use the badge instructions page to add the badge of approval to your article, and add the link to the FigShare entry with DOI https://doi.org/10.6084/m9.figshare.5220640.v1 as well as to the ReMoDD entry http://www.remodd.org/v1/content/project-transforming-secbpmn-umlsec-models to the camera ready version of the paper.

Thank you very much for putting extra effort into the preparation and finalising of the artifact. If any of the comments above are still not addressed, please try to accommodate them before the conference.

[QRamadan]

@grammarware Thank you very much for the positive information.

[QRamadan]

@grammarware since as I understood from your last message that we have to refer only to the figshare and ReMoDD repositories in our camera ready submission, I have moved all our artifacts to the figshare and the links to our artifacts from the ReMoDD are updated. Moreover, I have updated all the links in our README file.

[grammarware]

Great, @QRamadan, thanks! Indeed, our vision is to try to depend on in-community archival services first (ReMoDD), then on third party mature platforms intended to be used for archiving purposes (like FigShare), and only then on general purpose things that can be accidentally used for archiving as well (like GitHub). GitHub is great for open review, though.