Browsing by Author "Freudenthal, Margus"
Now showing 1 - 2 of 2
- Results Per Page
- Sort Options
Item Simpl: A toolkit for domain-specific language development in enterprise information systems(2013-09-26) Freudenthal, MargusDomain specific languages (DSLs) are languages designed with the specific purpose of developing or configuring part of a software system using concepts that are close to those of the system's application domain. Documented benefits of DSLs include increased development productivity, flexibility and maintainability, as well as separation of business and technical aspects allowing in some cases non-technical stakeholders to closely partake in the software development process. DSLs however comes at a potentially non-negligible cost, that of creating and maintaining DSL implementations. These costs can be reduced by means of specialized tools that support the creation of parsers, analyzers, code generators, pretty-printers, and other functions associated with a DSL. This thesis deals with the problem of enabling cost-effective DSL-based development in the context of Enterprise Information Systems (EIS). EISs are generally built using application frameworks and middleware. Accordingly, it must be possible to package the DSL implementation as a module that can be called from either the build system or from the enterprise system itself. Additionally, the DSL tool should be accessible to enterprise system developers with little or no expertise in development of programming languages and supporting tools, such as Integrated Development Environments. The central contribution of the thesis is Simpl, a DSL toolkit designed to meet the needs of enterprise software development. Simpl builds up on top of existing tools and programming languages, and introduces the following features: a grammar description language that supports the generation of both the parser and the data types for representing abstract syntax trees; support for lexer states that add context-sensitivity to lexer in a controlled manner; a pretty-printing library; an IDE framework; and an integration layer that combines all components into a single whole and minimizes the need for boilerplate code.Item Turvatestimise metoodika rakendamine: juhtumiuuring(2016) Klooster, Karin; Roos, Meelis; Freudenthal, MargusTurvatestimine on tarkvara testimise haru, mille eesmärgiks on kontrollida, kas tarkvara on haavatav rünnete suhtes ning kas andmed, mida tarkvara töötleb, on kaitstud. Tarkvara turvalisuse standardeid töötatakse välja selleks, et tekitada ühine arusaam turvanõuetest, mida turvaline tarkvara peab täitma. Selles bakalaureusetöös kirjeldatakse ja rakendatakse tegevusi, mis on vajalikud veebirakenduse turvalisuse kindlakstegemiseks. Kombineerides OWASP ASVS veebirakenduste turvastandardit ja OWASP Top 10 riskide nimekirja, töötati välja turvanõuete nimekiri. Turvanõuete testimiseks töötati välja testjuhtumid ning testiti veebirakendust UXP Portal. Turvatestimise tulemusena tuvastati arvukalt turvaprobleeme. Juhtumiuuringu läbiviimise kogemuse põhjal vormistati õpitust lähtuvad soovitused.