Title: From the Linux Kernel to Cryptography APIs: Supporting and
Leveraging Software Product Lines

Abstract:
---------
Software has become increasingly pervasive in every aspect of our
lives, and a one size fits all strategy is no longer sustainable. The
same software system often needs to be customized to support a wide
range of hardware, improve performance, reduce memory footprints, or
simply satisfy different user needs. Software Product Lines (SPLs)
provide a systematic way of developing such highly configurable
systems where different, yet similar, products can be produced based
on a given feature selection. Variability models lie at the heart of
SPLs and help document the commonalities and differences between the
supported products, as well as the configuration constraints that
dictate valid feature combinations.

In this talk, I will present automated techniques that address several
of the challenges faced in maintaining and creating SPLs. In terms of
maintenance support, I will show how configuration knowledge from the
build system can be used to detect inconsistencies leading to
variability anomalies. To support creating SPLs from existing
implementation artifacts, I will present an automated technique to
reverse-engineer configuration constraints that can later be used to
create variability models. I will discuss how these techniques have
been applied in the systems domain with a particular focus on the
Linux kernel, one of the largest open-source software systems with
over 12,000 configurable options. I will then show that concepts of
variability modeling and highly configurable software can also be
applied to other domains. Specifically, I will discuss how leveraging
these concepts in the cryptography domain can help application
developers write more secure software.