Veröffentlichungen und wissenschaftliche Arbeiten
2020
-
Sebastian Stigler and Marina Burdack.
A Practical Approach of Different Programming Techniques to Implement a Real-time Application using Django.
ATHENS JOURNAL OF SCIENCES, 7(1):43–66, March 2020.
doi:10.30958/ajs.7-1-4.
[abstract▼] [details] [full text] [slides] [BibTeX▼]Real-time web-applications surround our daily life. The most popular are shopping platforms like Amazon or Zalando. Behind these websites huge and complex shop-systems are typically used. These systems manage and handle thousands of parallel synchronous and asynchronous tasks like user interactions, user authentications, communication with an ERP system (enterprise resource planning), or the handling of the website visualization in the background. Through the independence of the computer system and the portability on other devices, like touch panels or mobile phones the web-technology is also used for industry 4.0 applications. The applications can be e. g. predictive maintenance dashboards or monitoring dashboards for the production line. The key task for these dashboards are the visualization and analyzing of a huge amount of data in real-time. For both scenarios, the data have to be preprocessed continuously in different steps. In summary, the industry 4.0 application has to manage a different kind of tasks compared to a typical webshop. These tasks contain for example big data preprocessing tasks, which are mostly CPU bound, in contrast to the typically I/O bound task of a webshop (e.g. database access). The main problem with web application frameworks is, that they are not designed to execute a lot of CPU bound tasks and handle webrequests at the same time. The purpose of this paper is to compare two different programming techniques for the work with CPU bound tasks in a real-time web application for the use in industry 4.0 without the use of third-part software like Spark. The research employed two approaches: on the one hand multiprocessing and on the other hand task queues. In this work, two kinds of web-applications on the base of python’s web framework Django are implemented. The first application uses multiprocessing and the second application uses the Celery task queue to organize different tasks. The general building blocks are the sensor data streaming via MQTT and the data transformation in various steps. The result of this transformation can be used to visualize the data in real-time charts for example. The implemented web-applications are evaluated by the following criteria: Performance while working with a huge amount of streaming data. Possibilities to optimize the load distribution and avoid overloading. Possibilities to scale up and down hardware.
@article{Stigler2020, Author = "Stigler, Sebastian and Burdack, Marina", Title = "{A Practical Approach of Different Programming Techniques to Implement a Real-time Application using Django}", Journal = "ATHENS JOURNAL OF SCIENCES", Year = "2020", Month = "March", Number = "1", Pages = "43-66", Volume = "7", Abstract = "Real-time web-applications surround our daily life. The most popular are shopping platforms like Amazon or Zalando. Behind these websites huge and complex shop-systems are typically used. These systems manage and handle thousands of parallel synchronous and asynchronous tasks like user interactions, user authentications, communication with an ERP system (enterprise resource planning), or the handling of the website visualization in the background. Through the independence of the computer system and the portability on other devices, like touch panels or mobile phones the web-technology is also used for industry 4.0 applications. The applications can be e. g. predictive maintenance dashboards or monitoring dashboards for the production line. The key task for these dashboards are the visualization and analyzing of a huge amount of data in real-time. For both scenarios, the data have to be preprocessed continuously in different steps. In summary, the industry 4.0 application has to manage a different kind of tasks compared to a typical webshop. These tasks contain for example big data preprocessing tasks, which are mostly CPU bound, in contrast to the typically I/O bound task of a webshop (e.g. database access). The main problem with web application frameworks is, that they are not designed to execute a lot of CPU bound tasks and handle webrequests at the same time. The purpose of this paper is to compare two different programming techniques for the work with CPU bound tasks in a real-time web application for the use in industry 4.0 without the use of third-part software like Spark. The research employed two approaches: on the one hand multiprocessing and on the other hand task queues. In this work, two kinds of web-applications on the base of python’s web framework Django are implemented. The first application uses multiprocessing and the second application uses the Celery task queue to organize different tasks. The general building blocks are the sensor data streaming via MQTT and the data transformation in various steps. The result of this transformation can be used to visualize the data in real-time charts for example. The implemented web-applications are evaluated by the following criteria: Performance while working with a huge amount of streaming data. Possibilities to optimize the load distribution and avoid overloading. Possibilities to scale up and down hardware.", Doi = "10.30958/ajs.7-1-4", Owner = "sebastian", Timestamp = "2019.11.27", customlinkslides = "/papers/Stigler2020.slides.pdf" }
2018
-
Sebastian Stigler, Gulshat Karzhaubekova, and Christoph Karg.
An Approach for the Automated Detection of XSS Vulnerabilities in Web Templates.
ATHENS JOURNAL OF SCIENCES, 5(3):261–280, September 2018.
doi:10.30958/ajs.5-3-4.
[abstract▼] [details] [full text] [slides] [BibTeX▼]Web sites are exposed to various threats such as injections or denial of service attacks. Hence, the protection of the web site and the underlying system components is of major importance in order to deploy a reliable and secure web application. The task of securing a web application is quite complex. It requires the hardening of the system components and installation of security patches on a regular basis. Furthermore, the web application should be checked against vulnerabilities by using penetration testing methods. From a developer’s point of view, security aspects should be considered in the early stage of web application’s development life cycle already. Of special interest is the web template which is used to generate the user interface of the web page. This component connects the web application to the outside world. Hence, it is the main entrance point to inject malicious things into the web application. In this paper, we present an approach to check web templates against cross site scripting (XSS) attacks in an automatic manner. The basic idea is inspired by the LLVM compiler which uses an internal representation to optimize the machine code independently from the used programming language. Instead of searching for vulnerabilities selectively in the template code itself, the web template is converted into an internal representation. This representation decouples the structure of the web template from the syntax of the template engine. The internal representation is analysed with respect to exploitable parts. The results of the analysis are potentially vulnerable code snippets. These snippets are coded back into the template format and are used within unit tests to check whether they can be exploited with actual attack vectors. The advantage of our approach is its universality; it works with any kind of web template engine.
@article{Stigler2018, Author = "Stigler, Sebastian and Karzhaubekova, Gulshat and Karg, Christoph", Title = "{An Approach for the Automated Detection of XSS Vulnerabilities in Web Templates}", Journal = "ATHENS JOURNAL OF SCIENCES", Year = "2018", Month = "September", Number = "3", Pages = "261-280", Volume = "5", Abstract = "Web sites are exposed to various threats such as injections or denial of service attacks. Hence, the protection of the web site and the underlying system components is of major importance in order to deploy a reliable and secure web application. The task of securing a web application is quite complex. It requires the hardening of the system components and installation of security patches on a regular basis. Furthermore, the web application should be checked against vulnerabilities by using penetration testing methods. From a developer’s point of view, security aspects should be considered in the early stage of web application’s development life cycle already. Of special interest is the web template which is used to generate the user interface of the web page. This component connects the web application to the outside world. Hence, it is the main entrance point to inject malicious things into the web application. In this paper, we present an approach to check web templates against cross site scripting (XSS) attacks in an automatic manner. The basic idea is inspired by the LLVM compiler which uses an internal representation to optimize the machine code independently from the used programming language. Instead of searching for vulnerabilities selectively in the template code itself, the web template is converted into an internal representation. This representation decouples the structure of the web template from the syntax of the template engine. The internal representation is analysed with respect to exploitable parts. The results of the analysis are potentially vulnerable code snippets. These snippets are coded back into the template format and are used within unit tests to check whether they can be exploited with actual attack vectors. The advantage of our approach is its universality; it works with any kind of web template engine.", Doi = "10.30958/ajs.5-3-4", Owner = "sebastian", Timestamp = "2019.07.06", customlinkslides = "/papers/Stigler2018.slides.pdf" } - Roy Oberhauser and Sebastian Stigler.
Microflows: Leveraging Process Mining and an Automated Constraint Recommender for Microflow Modeling.
In Boris Shishkov, editor, Business Modeling and Software Design, 25–48. Cham, 2018. Springer International Publishing.
[abstract▼] [details] [BibTeX▼]Businesses and software development processes alike are being challenged by the digital transformation and agility trend. Business processes are increasingly being automated yet are also expected to be agile. Current business process modeling is typically labor-intensive and results in rigid process models. For larger processes it becomes arduous to consider all possible process variations and enactment circumstances. Contemporaneously, in software development microservices have become a popular software architectural style for partitioning business logic into fine-grained services accessible via lightweight protocols which can be rapidly and individually developed by small teams and flexibly (re)deployed. This results in an increasing number of available services and a much more dynamic IT service landscape. Thus, a more dynamic form of modeling, integration, and orchestration of these microservices with business processes is needed. This paper describes agile business process modeling with Microflows, an automatic lightweight declarative approach for the workflow-centric orchestration of semantically-annotated microservices using agent-based clients, graph-based methods, and the lightweight semantic vocabularies JSON-LD and Hydra. A graphical modeling tool supports Microflow modeling and provides dynamic constraint and microservice recommendations via a recommender service using machine learning of domain-categorized Microflows. To be able to utilize existing process model knowledge, a case study shows how Microflow constraints can be automatically extracted from existing Business Process Modeling Notation (BPMN) process files and transformed into flexible Microflow constraints, which can then be used to train the recommendation service. Further, it describes process mining of Microflow execution logs to automatically extract BPMN models and automated recovery for errors occurring during enactment.
@inproceedings{Oberhauser2018, Author = "Oberhauser, Roy and Stigler, Sebastian", Editor = "Shishkov, Boris", Title = "{Microflows: Leveraging Process Mining and an Automated Constraint Recommender for Microflow Modeling}", Booktitle = "Business Modeling and Software Design", Year = "2018", Address = "Cham", Pages = "25--48", Publisher = "Springer International Publishing", Abstract = "Businesses and software development processes alike are being challenged by the digital transformation and agility trend. Business processes are increasingly being automated yet are also expected to be agile. Current business process modeling is typically labor-intensive and results in rigid process models. For larger processes it becomes arduous to consider all possible process variations and enactment circumstances. Contemporaneously, in software development microservices have become a popular software architectural style for partitioning business logic into fine-grained services accessible via lightweight protocols which can be rapidly and individually developed by small teams and flexibly (re)deployed. This results in an increasing number of available services and a much more dynamic IT service landscape. Thus, a more dynamic form of modeling, integration, and orchestration of these microservices with business processes is needed. This paper describes agile business process modeling with Microflows, an automatic lightweight declarative approach for the workflow-centric orchestration of semantically-annotated microservices using agent-based clients, graph-based methods, and the lightweight semantic vocabularies JSON-LD and Hydra. A graphical modeling tool supports Microflow modeling and provides dynamic constraint and microservice recommendations via a recommender service using machine learning of domain-categorized Microflows. To be able to utilize existing process model knowledge, a case study shows how Microflow constraints can be automatically extracted from existing Business Process Modeling Notation (BPMN) process files and transformed into flexible Microflow constraints, which can then be used to train the recommendation service. Further, it describes process mining of Microflow execution logs to automatically extract BPMN models and automated recovery for errors occurring during enactment.", ISBN = "978-3-319-78428-1" }
2017
- Roy Oberhauser and Sebastian Stigler.
Microflows: Enabling Agile Business Process Modeling to Orchestrate Semantically-Annotated Microservices.
In Proceedings of the Seventh International Symposium on Business Modeling and Software Design - Volume 1: BMSD,, 19–28. INSTICC, SciTePress, 2017.
doi:10.5220/0006527100190028.
[abstract▼] [details] [BibTeX▼]Businesses and software development processes alike are being challenged by the digital transformation trend. Business processes are increasingly being automated yet are expected to be agile. Current business process modeling is typically labor-intensive and results in rigid process models, with larger process models unable to cope with all possible process variations and enactment circumstances. In software development, microservices have become a popular software architectural style for partitioning business logic into finegrained services that can be rapidly and individually developed and (re)deployed while accessed via lightweight protocols, resulting in many more services and a much more dynamic service landscape. Thus, a more dynamic form of modeling, integration, and orchestration of microservices with business processes is needed. This paper describes agile business process modeling with Microflows, an automatic lightweight declarative approach for the workflow-centric orchest ration of semantically-annotated microservices using agent-based clients, graph-based methods, and the lightweight semantic vocabularies JSON-LD and Hydra. A case study shows how Microflow constraints can be automatically extracted from existing Business Process Modeling Notation (BPMN) files, how Microflow execution log file process mining can be used to extract BPMN models, and demonstrates an automated error recovery capability during enactment.
@inproceedings{Oberhauser2017, Author = "Oberhauser, Roy and Stigler, Sebastian", Title = "{Microflows: Enabling Agile Business Process Modeling to Orchestrate Semantically-Annotated Microservices}", Booktitle = "Proceedings of the Seventh International Symposium on Business Modeling and Software Design - Volume 1: BMSD,", Year = "2017", Organization = "INSTICC", Pages = "19-28", Publisher = "SciTePress", Abstract = "Businesses and software development processes alike are being challenged by the digital transformation trend. Business processes are increasingly being automated yet are expected to be agile. Current business process modeling is typically labor-intensive and results in rigid process models, with larger process models unable to cope with all possible process variations and enactment circumstances. In software development, microservices have become a popular software architectural style for partitioning business logic into finegrained services that can be rapidly and individually developed and (re)deployed while accessed via lightweight protocols, resulting in many more services and a much more dynamic service landscape. Thus, a more dynamic form of modeling, integration, and orchestration of microservices with business processes is needed. This paper describes agile business process modeling with Microflows, an automatic lightweight declarative approach for the workflow-centric orchest ration of semantically-annotated microservices using agent-based clients, graph-based methods, and the lightweight semantic vocabularies JSON-LD and Hydra. A case study shows how Microflow constraints can be automatically extracted from existing Business Process Modeling Notation (BPMN) files, how Microflow execution log file process mining can be used to extract BPMN models, and demonstrates an automated error recovery capability during enactment.", Doi = "10.5220/0006527100190028", ISBN = "978-989-758-238-7" }
2007
-
Sebastian Stigler.
Frobenius-Schur-Indikatoren in Charakteristik 2.
Diplomarbeit, Fakultät für Mathematik, Informatik und Naturwissenschaften der Rheinisch-Westfälische Technische Hochschule Aachen, Lehrstuhl D für Mathematik, Prof. Dr. G. Hiß, März 2007.
Note 1,0.
[details] [full text] [BibTeX▼]@misc{Stigler2007, Author = "Stigler, Sebastian", Title = "{Frobenius-Schur-Indikatoren in Charakteristik 2}", HowPublished = "Diplomarbeit, Fakultät für Mathematik, Informatik und Naturwissenschaften der Rheinisch-Westfälische Technische Hochschule Aachen, Lehrstuhl D für Mathematik, Prof. Dr. G. Hiß", Month = "März", Note = "Note 1,0", Year = "2007", Owner = "sebastian", Timestamp = "2019.10.21" }