Transforming between Visual and Textual Representations of Programs

Visualisations are used to assist developers with many aspects of software development. For example, graphical user interfaces are almost always constructed using GUI builders which allow the programmer to directly manipulate interface objects on the screen. Modelling languages such as UML are use to build diagrammatic representations of the high-level structure of an application, from which code can be generated. Various code visualisation tools are used for program comprehension and reverse engineering. It is clear that such tools are crucial to managing complexity of the software development process, improving the productivity of programmers, and the maintainability and reliability of software products.

Considerable research, both academic and industrial, has gone into visual programming tools that allow the programmer to work with visualisations at the level of algorithms. Although studies and practical experiences have shown that such tools offer benefits at the coding level similar to the benefits of the higher-level tools mentioned in the previous paragraph, they have not been adopted by the software development industry. One reason for this is a natural resistance to the overhead involved in adopting new tools. A second, more compelling reason is that developers of software for industrial or commercial purposes usually adhere to accepted programming standards, so in order for a new tool to be adopted, it needs to comply with such a standard. In particular, if a visual language were to be embraced by professional developers, it would have to be possible to move fluidly between a visual representation of a program and a textual representation in some standard language, such as Java.

A recent MCS thesis investigated the correspondance between Java and JGraph, a visual data flow language for general purpose programming, incorporating most of the features of Java. In this work, translations from JGraph programs into Java and vice versa were proposed. Because of some fundamental mismatches between the computational models of the two languages, however, these translations neither produced clean, readable code, nor were they inverses of each other.

The aim of this project is to investigate this problem further. For example, one might examine the feasibility of a "language-less" representation of algorithms that can be rendered and edited in different forms, both visual and textual, including some standard language.

The Programmability of Spreadsheets

Spreadsheet languages, of which Microsoft Excel is the prototypical example, are arguably the most successful and widely used visual programming languages. The programming facilities provided by spreadsheets, however, are severely limited, forcing users who need more complex computations to resort to convoluted arrangements of arrays of intermediate results, textual languages such as Basic, built-in functions, and various other ad hoc devices that have been added over the years. One of the consequences of this deficiency is that, despite their usefulness and widespread application to critical problems, spreadsheets are among the most error-prone of programming tools.

Some researchers are addressing this problem by investigating methodologies and tools to systematically test and debug spreadsheets. Another approach is to add more powerful, less error-prone programming mechanisms to spreadsheets. A recent suggestion is an enhancement to the standard spreadsheet computational model (hidden data flow), in which sheets can be programmed using logic programming. Replacing lists, the fundamental data structures of logic languages, with arrays, the fundamental structures of spreadsheets, achieves a natural integration of logic-based and sheet-based computation, providing a concrete visualisation of operations that divide and assemble arrays of cells.

This project involves furthering the implementation of the existing prototype of this proposed enhanced spreadsheet and using it to explore the idea further, possibly running tests with users.

Using Visualisation to Control Complexity of Software Security Policies

In recent years, concern has mounted over software failures caused by insecure execution, insecure handling of data and files, unauthorised access to data and systems, and so forth. The consequences of such failures range from inconvenient to catastrophic. In order to produce secure software, developers employ security policies, collections of rules with which software must comply.

Until the late 90's, various standard security policies evolved in different countries, with the result that determining whether a particular software system complied with the standards of a particular region became problematic. In response, an international effort has developed the Common Criteria, a sequence of seven increasingly stringent sets of security policies. Countries that recognise these criteria are signatories to the Common Criteria Recognition Arrangement, an agreement to accept each other's certificates of compliance.

The higher CC levels are complex, consisting of thousands of rules which are not independent, but can interact in ways which make compliance very difficult to achieve and to check.

This project involves thoroughly researching the work done to date on specifying and enforcing security policies, and in particular, the extent to which visualisation has been applied to security policy specifications, with a view to devising visual representations that may reduce or control the complexity of sets of security rules.