Tanwir Ahmad

Tanwir Ahmad
Åbo Akademi University · Department of Information Technologies

Doctor of Technology in Software Engineering

About

22
Publications
8,478
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
125
Citations

Publications

Publications (22)
Preprint
Full-text available
The Internet has become a prime subject to security attacks and intrusions by attackers. These attacks can lead to system malfunction, network breakdown, data corruption or theft. A network intrusion detection system (IDS) is a tool used for identifying unauthorized and malicious behavior by observing the network traffic. State-of-the-art intrusion...
Thesis
Full-text available
Modern society relies heavily on a wide range of inter-connected software systems for finance, energy distribution, communication, and transportation. Due to the adoption of the Internet, almost all financial, government, and social sectors rely heavily on web-based information systems. These systems need to be very fast and reliable, and should be...
Article
Full-text available
During exploratory performance testing, software testers evaluate the performance of a software system with different input combinations in order to identify combinations that cause performance problems in the system under test. Performance problems such as low throughput, high response times, hangs, or crashes in software applications have an adve...
Chapter
Full-text available
Grading student assignments and projects in software development courses is a time-consuming task. The lecturer has to download individually each assignment, compile it and manually check that the implementation satisfies the requirements. In addition, the students would like to get early feedback on their solutions, not only as guidelines on wheth...
Conference Paper
Full-text available
Grading software projects submitted by students can become a heavy and time-consuming task, which for many students, can result in delayed feedback provided to them. Additionally, one would like to allow students to evaluate themselves early their projects before submitting the final version for grading. This paper presents a solution that improves...
Conference Paper
Full-text available
Performance bottlenecks resulting in high response times and low throughput of software systems can ruin the reputation of the companies that rely on them. Almost two-thirds of performance bottlenecks are triggered on specific input values. However, finding the input values for performance test cases that can identify performance bottlenecks in a l...
Article
Full-text available
Context: The Unified Modeling Language (UML) has become the de facto standard for software modeling. UML models are often used to visualize, understand, and communicate the structure and behavior of a system. UML activity diagrams (ADs) are often used to elaborate and visualize individual use cases. Due to their higher level of abstraction and proc...
Article
Full-text available
The poor performance of web-based systems can negatively impact the profitability and reputation of the companies that rely on them. Finding those user scenarios which can significantly degrade the performance of a web application is very important in order to take necessary countermeasures, for instance, allocating additional resources. Furthermor...
Conference Paper
Full-text available
We describe a tool-supported performance exploration approach in which we use genetic algorithms to find a potential user behavioural pattern that maximizes the resource utilization of the system under test. This work is built upon our previous work in which we generate load from workload models that describe the expected behaviour of the users. In...
Conference Paper
Full-text available
We present a tool-supported approach where we used data mining techniques for automatically inferring workload models from historical web access log data. The workload models are represented as Probabilistic Timed Automata (PTA) and describe how users interact with the system. Via their stochastic nature, PTAs have more advantages over traditional...
Conference Paper
Full-text available
Web applications have become crucial components of current service-oriented business applications. Therefore, it is very important for the company’s reputation that the performance of a web application has been tested thoroughly before deployment. We present a tool-supported performance exploration approach to investigate how potential user behavio...
Conference Paper
Full-text available
We present our experience in applying runtime verification to a real-time system using UPPAAL timed automata and a set of related tools. We discuss the benefits and limitations, and propose a concrete solution to address the latter. Using the resulting solution we are able to run quick validation cycles as well as more thorough ones depending on th...
Conference Paper
Full-text available
We present a tool-supported approach for creating workload models from historical web access log data. The resulting workload models are stochastic, represented as Probabilistic Timed Automata (PTA), and describe how users interact with the system. Such models allow one to analyze different user profiles and to mimic real user behavior as closely a...
Technical Report
Full-text available
We present a tool-supported approach on creating load models that can be used for performance testing. The models are created automatically from historical web access log data. The result is a stochastic model represented by Probabilistic Timed Automata (PTA) and describes how users interact with a system. Stochastic models have more advantages ove...
Conference Paper
Full-text available
In this paper, we present an approach for performance testing of web services in which we use abstract models, specified using Probabilistic Timed Automata, to describe how users interact with the system. The models are used in the load generation process to generate load against the system. The abstract actions from the model are sent in real-time...
Chapter
Full-text available
We present a model-based performance testing approach using the MBPeT tool. We use of probabilistic timed automata to model the user profiles and to generate synthetic workload. The MBPeT generates the load in a distributed fashion and applies it in real-time to the system under test, while measuring several key performance indicators, such as resp...
Conference Paper
Full-text available
We present our approach on combining model-based testing with the continuous integration process. The main benefits of this combination lie in the ability to automatically check the conformance of the implementation with respect to its specification, while shortening the feedback cycles and providing increased test coverage. A case study on develop...
Conference Paper
Full-text available
In this paper, we present an approach for performance testing of software services. In our approach, we use Probabilistic Timed Automata (PTA) to model the workload of the system, by describing how different user types interact with the system. We use these models to generate load in real-time and we measure different performance indicators. An in-...
Technical Report
Full-text available
This document describes a model-based performance testing tool, called MBPeT, used for generating synthetic workload from probabilistic models. The purpose of the tool is two fold: (a) to simplify the creation and updating of test specifications by using abstract models for the user profiles and (b) to create, based on a certain level of randomness...
Conference Paper
Full-text available
In recent years, cloud computing has become increasingly common. Verifying that applications deployed in the cloud meet their performance requirements is not simple. There are three different techniques for performance evaluation: analytical modeling, simulation, and measurement. While analytical modeling and simulation are good techniques for gett...

Projects

Projects (2)
Project
VeriDevOps is about fast, flexible system engineering that efficiently integrates development, delivery, and operations, thus aiming at quality deliveries with short cycle time to address ever evolving challenges. Current system development practices are increasingly based on using both off-the-shelf and legacy components which make such systems prone to security vulnerabilities. Since DevOps is promoting frequent software deliveries, verification methods artifacts should be updated in a timely fashion to cope with the pace of the process. VeriDevOps aims at providing faster feedback loop for verifying the security requirements i.e. confidentiality, integrity, availability, authentication, authorization and other quality attributes of large scale cyber-physical systems. VeriDevOps is focusing on optimizing the security verification activities, by automatically creating verifiable models directly from security requirements, and using these models to check security properties on design models and generate artefacts (such as tests or monitors) that can be used (later on) in the DevOps process. More concretely, we will develop methods and tools for: 1) creating security models from textual specifications using natural language processing, 2) automatic security test creation from security models using model-based testing and model-based mutation testing techniques and 3) generating (intelligent/adaptive, ML-based) security monitors for the operational phases. This brings together early security verification through formal modelling as well as test generation, selection, execution and analysis capabilities to enable companies to deliver quality systems with confidence in a fast-paced DevOps environment. Overall, VeriDevOps is using the results of formal verification of security requirements and design models created during the analysis and design phase for test and monitor generation to be used to enhance the feedback mechanisms during development and operation phases.
Project
The overall approach of MegaM@Rt is to scale up the use of model-based techniques by offering proper methods and related tooling interacting between both design time and run-time, as well as to validate the designed and developed approach in concrete industrial cases involving complex systems. More details: https://megamart2-ecsel.eu/