Study Of Software Quality And Security For Online And Offline Data Systems In ALICE Experiment

The LHC experiment at CERN marks a new TeV energy era of high energy physics, and ALICE experiment is one of the four LHC experiments at CERN. The quality of software systems to process large mount of data in ALICE experiment attract our attention. The source of data not only comes from the particle collisions which are collected by the detectors, but also comes from the results of data analysis results. There are two data systems to deal with the huge mount of data, one is Data Acquisition system which handles the data flow from the detector electronics to the permanent storage archiving, one is AliEn which has been used to provide the computing environment for simulation, reconstruction and analysis of the raw data. The challenges for each data system are different.The primary challenges of AliEn focus on the security of AliEn Services and access control to the storage distributed all over the world. AliEn is a grid environment based on web services.. Web Services are an XML based technology that allow applications to communicate with each other across disparate systems. Web Services are becoming the de facto standard that enable inter operability between heterogeneous processes and systems. The AliEn services can be divided in three categories:Central services, deployed once per organization; Site services, deployed on each of the participating centers; Job Agents running on the worker nodes automatically. To ensure the security of AliEn services, an authentication framework was proposed for AliEn services to have the ability to accept X.509certificates and proxy certificates. The authentication framework could also allow the generation of access control policies to limit access to the AliEn services.The file system of AliEn is based on a central File Catalogue together with a distributed set of storage systems and the possibility to register links to external data resources. The dissertation describes several identified vulnerabilities in the AliEn File Catalogue access protocol regarding fraud and unauthorized file alteration and presents a more secure and revised design:a new mechanism, called LFN Booking Table, is introduced in order to keep track of access authorization in the transient state of files entering or leaving the File Catalogue. Due to a simplification of the original Access Envelope mechanism for xrootd-protocol-based storage systems, fundamental computational improvements of the mechanism were achieved as well as an up to50%reduction of the credential’s size. By extending the access protocol with signed status messages from the underlying storage system, the File Catalogue receives trusted information about a file’s size and checksum and the protocol is no longer dependent on client trust. Altogether, the revised design complies with atomic and consistent transactions and allows for accountable, authentic, and traceable file operations.The software quality requirements of DAQ focus on the maintainability and under-standability of DAQ sources code. The DAQ system written in C language is large and complex, and as a consequence, understanding its structure is difficult. To understand the structure of source codes, many approaches in aspect mining and link analysis are adopted to analyze the software systems for software modularity and software architecture recovery. The Program Analysis Framework (PAF) is designed to analyze the call relationships of software source codes with techniques in aspect mining and link analysis for software archi-tecture recovery and software modularity. The basic idea about PAF is to extract the call relationships information from the source codes firstly and then use the different analysis algorithms to archive different goals, such as finding the crosscutting concerns which could destroy the modularity of the software from this recording information. The source codes of DAQ has been analyzed with PAF. The analysis results prove the effectiveness and effi-ciency of our framework. PAF could also be used for the analysis of other projects written in C language.Software architecture recovery is to gain the architectural level understanding of a soft-ware system while its architecture description does not exist. In recent years, researchers have adopted various software clustering techniques to detect hierarchical structure of soft-ware systems. Most graph clustering techniques focus on the connectivity between program elements, but unreasonably ignore the similarity which is also a key measure for finding elements of one module. In this dissertation, a novel hierarchy graph clustering algorithm DGHC is proposed, which considers both similarity and connectivity between program elements. During the transformation of program dependence graph edges representing sim-ilarity between elements are added. Then similar elements are grouped by density-based approaches. The alternative strategy is adopted to find groups of closely connected and similar elements. Meanwhile we adjust the contribution of connectivity and similarity by a flexible clustering algorithm based on short random walk model, which can obtain more structure information of software to find its multiple layers. Extensive experimental re-sults illustrate the effectiveness and efficiency of DGHC in detecting hierarchy structure of software through comparison with various software clustering methods.The contributions mentioned in this dissertation to the ALICE experiment are related with two research backgrounds which are software quality and grid security. The frameworks and approaches used to enhance the software quality and security of data systems in ALICE experiment could also be applied to the software systems which has the similar requirements.