@book{TessenowFelgentreffBrachaetal.2016,
  author    = {Tessenow, Philipp and Felgentreff, Tim and Bracha, Gilad and Hirschfeld, Robert},
  title     = {Extending a dynamic programming language and runtime environment with access control},
  number    = {107},
  publisher = {Universit{\"a}tsverlag Potsdam},
  address   = {Potsdam},
  isbn      = {978-3-86956-373-2},
  issn      = {1613-5652},
  url       = {http://nbn-resolving.de/urn:nbn:de:kobv:517-opus4-92560},
  publisher      = {Universit{\"a}t Potsdam},
  pages     = {83},
  year      = {2016},
  abstract  = {Complexity in software systems is a major factor driving development and maintenance costs. To master this complexity, software is divided into modules that can be developed and tested separately. In order to support this separation of modules, each module should provide a clean and concise public interface. Therefore, the ability to selectively hide functionality using access control is an important feature in a programming language intended for complex software systems. Software systems are increasingly distributed, adding not only to their inherent complexity, but also presenting security challenges. The object-capability approach addresses these challenges by defining language properties providing only minimal capabilities to objects. One programming language that is based on the object-capability approach is Newspeak, a dynamic programming language designed for modularity and security. The Newspeak specification describes access control as one of Newspeak's properties, because it is a requirement for the object-capability approach. However, access control, as defined in the Newspeak specification, is currently not enforced in its implementation. This work introduces an access control implementation for Newspeak, enabling the security of object-capabilities and enhancing modularity. We describe our implementation of access control for Newspeak. We adapted the runtime environment, the reflective system, the compiler toolchain, and the virtual machine. Finally, we describe a migration strategy for the existing Newspeak code base, so that our access control implementation can be integrated with minimal effort.},
  language  = {en}
}
@article{FelgentreffPerscheidHirschfeld2017,
  author    = {Felgentreff, Tim and Perscheid, Michael and Hirschfeld, Robert},
  title     = {Implementing record and refinement for debugging timing-dependent communication},
  series = {Science of computer programming},
  volume    = {134},
  journal   = {Science of computer programming},
  publisher = {Elsevier},
  address   = {Amsterdam},
  issn      = {0167-6423},
  doi       = {10.1016/j.scico.2015.11.006},
  pages     = {4 -- 18},
  year      = {2017},
  abstract  = {Distributed applications are hard to debug because timing-dependent network communication is a source of non-deterministic behavior. Current approaches to debug non deterministic failures include post-mortem debugging as well as record and replay. However, the first impairs system performance to gather data, whereas the latter requires developers to understand the timing-dependent communication at a lower level of abstraction than they develop at. Furthermore, both approaches require intrusive core library modifications to gather data from live systems. In this paper, we present the Peek-At-Talk debugger for investigating non-deterministic failures with low overhead in a systematic, top-down method, with a particular focus on tool-building issues in the following areas: First, we show how our debugging framework Path Tools guides developers from failures to their root causes and gathers run-time data with low overhead. Second, we present Peek-At-Talk, an extension to our Path Tools framework to record non-deterministic communication and refine behavioral data that connects source code with network events. Finally, we scope changes to the core library to record network communication without impacting other network applications.},
  language  = {en}
}
@book{WeyandChromikWolfetal.2017,
  author    = {Weyand, Christopher and Chromik, Jonas and Wolf, Lennard and K{\"o}tte, Steffen and Haase, Konstantin and Felgentreff, Tim and Lincke, Jens and Hirschfeld, Robert},
  title     = {Improving hosted continuous integration services},
  number    = {108},
  publisher = {Universit{\"a}tsverlag Potsdam},
  address   = {Potsdam},
  isbn      = {978-3-86956-377-0},
  issn      = {1613-5652},
  url       = {http://nbn-resolving.de/urn:nbn:de:kobv:517-opus4-94251},
  publisher      = {Universit{\"a}t Potsdam},
  pages     = {viii, 114},
  year      = {2017},
  abstract  = {Developing large software projects is a complicated task and can be demanding for developers. Continuous integration is common practice for reducing complexity. By integrating and testing changes often, changesets are kept small and therefore easily comprehensible. Travis CI is a service that offers continuous integration and continuous deployment in the cloud. Software projects are build, tested, and deployed using the Travis CI infrastructure without interrupting the development process. This report describes how Travis CI works, presents how time-driven, periodic building is implemented as well as how CI data visualization can be done, and proposes a way of dealing with dependency problems.},
  language  = {en}
}
@article{MattisBeckmannReinetal.2022,
  author    = {Mattis, Toni and Beckmann, Tom and Rein, Patrick and Hirschfeld, Robert},
  title     = {First-class concepts},
  series = {Journal of object technology : JOT / ETH Z{\"u}rich, Department of Computer Science},
  volume    = {21},
  journal   = {Journal of object technology : JOT / ETH Z{\"u}rich, Department of Computer Science},
  number    = {2},
  publisher = {ETH Z{\"u}rich, Department of Computer Science},
  address   = {Z{\"u}rich},
  issn      = {1660-1769},
  doi       = {10.5381/jot.2022.21.2.a6},
  pages     = {1 -- 15},
  year      = {2022},
  abstract  = {Ideally, programs are partitioned into independently maintainable and understandable modules. As a system grows, its architecture gradually loses the capability to accommodate new concepts in a modular way. While refactoring is expensive and not always possible, and the programming language might lack dedicated primary language constructs to express certain cross-cutting concerns, programmers are still able to explain and delineate convoluted concepts through secondary means: code comments, use of whitespace and arrangement of code, documentation, or communicating tacit knowledge. <br /> Secondary constructs are easy to change and provide high flexibility in communicating cross-cutting concerns and other concepts among programmers. However, such secondary constructs usually have no reified representation that can be explored and manipulated as first-class entities through the programming environment. <br /> In this exploratory work, we discuss novel ways to express a wide range of concepts, including cross-cutting concerns, patterns, and lifecycle artifacts independently of the dominant decomposition imposed by an existing architecture. We propose the representation of concepts as first-class objects inside the programming environment that retain the capability to change as easily as code comments. We explore new tools that allow programmers to view, navigate, and change programs based on conceptual perspectives. In a small case study, we demonstrate how such views can be created and how the programming experience changes from draining programmers' attention by stretching it across multiple modules toward focusing it on cohesively presented concepts. Our designs are geared toward facilitating multiple secondary perspectives on a system to co-exist in symbiosis with the original architecture, hence making it easier to explore, understand, and explain complex contexts and narratives that are hard or impossible to express using primary modularity constructs.},
  language  = {en}
}