Conceptual modelling of adaptive web services based on high-level petri nets

Service technology geared by its SOA architecture and enabling Web services is rapidly gaining in maturity and acceptance. Consequently, most worldwide (private and corporate) cross-organizations are embracing this paradigm by publishing, requesting and composing their businesses and applications in the form of (web-)services. Nevertheless, to face harsh competitiveness such service oriented cross-organizational applications are increasingly pressed to be highly composite, adaptive, knowledge-intensive and very reliable. In contrast to that, Web service standards such as WSDL, WSBPEL, WS-CDL and many others offer just static, manual, purely process-centric and ad-hoc techniques to deploy such services. The main objective of this thesis consists therefore in leveraging the development of service-driven applications towards more reliability, dynamically and adaptable knowledge-intensiveness. This thesis puts forward an innovative framework based on distributed high-level Petri nets and event-driven business rules. More precisely, we developed a new variant of high-level Petri Nets formalism called Service-based Petri nets (CSrv-Nets), that exhibits the following potential characteristics. Firstly, the framework is supported by a stepwise methodology that starts with diagrammatical UML-class diagrams and business rules and leads to dynamically adaptive services specifications. Secondly, the framework soundly integrates behavioural event-driven business rules and stateful services both at the type and instance level and with an inherent distribution. Thirdly, the framework intrinsically permits validation through guided graphical animation. Fourthly, the framework explicitly separates between orchestrations for modelling rule-intensive single services and choreography for cooperating several services through their governing interactive business rules. Fifthly, the framework is based on a two-level conceptualization: (1) the modelling of any rule-centric service with CSrv-Nets; (2) the smooth upgrading of this service modelling with an adaptability-level that allows for dynamically shifting up and down any rule-centric behavior of the running business activities

Eighth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, Aarhus, Denmark, October 22-24, 2007

This booklet contains the proceedings of the Eighth Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, October 22-24, 2007. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop0

The Impact of Petri Nets on System-of-Systems Engineering

The successful engineering of a large-scale system-of-systems project towards deterministic behaviour depends on integrating autonomous components using international communications standards in accordance with dynamic requirements. To-date, their engineering has been unsuccessful: no combination of top-down and bottom-up engineering perspectives is adopted, and information exchange protocol and interfaces between components are not being precisely specified. Various approaches such as modelling, and architecture frameworks make positive contributions to system-of-systems specification but their successful implementation is still a problem. One of the most popular modelling notations available for specifying systems, UML, is intuitive and graphical but also ambiguous and imprecise. Supplying a range of diagrams to represent a system under development, UML lacks simulation and exhaustive verification capability. This shortfall in UML has received little attention in the context of system-of-systems and there are two major research issues: 1. Where the dynamic, behavioural diagrams of UML can and cannot be used to model and analyse system-of-systems 2. Determining how Petri nets can be used to improve the specification and analysis of the dynamic model of a system-of-systems specified using UML This thesis presents the strengths and weaknesses of Petri nets in relation to the specification of system-of-systems and shows how Petri net models can be used instead of conventional UML Activity Diagrams. The model of the system-of-systems can then be analysed and verified using Petri net theory. The Petri net formalism of behaviour is demonstrated using two case studies from the military domain. The first case study uses Petri nets to specify and analyse a close air support mission. This case study concludes by indicating the strengths, weaknesses, and shortfalls of the proposed formalism in system-of-systems specification. The second case study considers specification of a military exchange network parameters problem and the results are compared with the strengths and weaknesses identified in the first case study. Finally, the results of the research are formulated in the form of a Petri net enhancement to UML (mapping existing activity diagram elements to Petri net elements) to meet the needs of system-of-systems specification, verification and validation

A Linear Logic approach to RESTful web service modelling and composition

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophyRESTful Web Services are gaining increasing attention from both the service and the Web communities. The rising number of services being implemented and made available on the Web is creating a demand for modelling techniques that can abstract REST design from the implementation in order better to specify, analyse and implement large-scale RESTful Web systems. It can also help by providing suitable RESTful Web Service composition methods which can reduce costs by effi ciently re-using the large number of services that are already available and by exploiting existing services for complex business purposes. This research considers RESTful Web Services as state transition systems and proposes a novel Linear Logic based approach, the first of its kind, for both the modelling and the composition of RESTful Web Services. The thesis demonstrates the capabilities of resource-sensitive Linear Logic for modelling five key REST constraints and proposes a two-stage approach to service composition involving Linear Logic theorem proving and proof-as-process based on the π-calculus. Whereas previous approaches have focused on each aspect of the composition of RESTful Web Services individually (e.g. execution or high-level modelling), this work bridges the gap between abstract formal modelling and application-level execution in an efficient and effective way. The approach not only ensures the completeness and correctness of the resulting composed services but also produces their process models naturally, providing the possibility to translate them into executable business languages. Furthermore, the research encodes the proposed modelling and composition method into the Coq proof assistant, which enables both the Linear Logic theorem proving and the π-calculus extraction to be conducted semi-automatically. The feasibility and versatility studies performed in two disparate user scenarios (shopping and biomedical service composition) show that the proposed method provides a good level of scalability when the numbers of services and resources grow

Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -

The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. Technical processes within critical infrastructures also have to cope with these developments. To tackle the complexity of the security analysis, the application of models is becoming standard practice. However, model-based support for security analysis is not only needed in pre-operational phases but also during process execution, in order to provide situational security awareness at runtime. This cumulative thesis provides three major contributions to modelling methodology. Firstly, this thesis provides an approach for model-based analysis and verification of security and safety properties in order to support fault prevention and fault removal in system design or redesign. Furthermore, some construction principles for the design of well-behaved scalable systems are given. The second topic is the analysis of the exposition of vulnerabilities in the software components of networked systems to exploitation by internal or external threats. This kind of fault forecasting allows the security assessment of alternative system configurations and security policies. Validation and deployment of security policies that minimise the attack surface can now improve fault tolerance and mitigate the impact of successful attacks. Thirdly, the approach is extended to runtime applicability. An observing system monitors an event stream from the observed system with the aim to detect faults - deviations from the specified behaviour or security compliance violations - at runtime. Furthermore, knowledge about the expected behaviour given by an operational model is used to predict faults in the near future. Building on this, a holistic security management strategy is proposed. The architecture of the observing system is described and the applicability of model-based security analysis at runtime is demonstrated utilising processes from several industrial scenarios. The results of this cumulative thesis are provided by 19 selected peer-reviewed papers

The Language XChange

The research topic investigated by this thesis is reactivity on the Web. Reactivity on the Web is an emerging research issue covering: updating data on the Web, exchanging information about events (such as executed updates) between Web sites, and reacting to combinations of such events. Following a declarative approach to reactivity on the Web, a novel reactive language called XChange is proposed. Novelties of the language are represented by the proposed data metaphor intended to ease the language understanding and the supported reactive features tailored to the characteristics of the Web. Realising this pressuposed refining, extending, and adapting to a new medium some of the concepts on which active database systems are built upon. Reactivity is specified in XChange by means of reactive rules (or event-condition-action rules) having the following components: the event part is a query against events that occurred on the Web, the condition part is a query against Web resources (expressed in the Web query language Xcerpt), and the action part is a transaction specification (specifying updates to be executed and events to be raised in an all-or-nothing manner). Novel in XChange is its ability to detect composite events on the Web, i.e. possibly time related combinations of events that have occurred at (same or different) Web sites. XChange introduces a novel view over the Web data by stressing a clear separation between persistent data (data of Web resources, such as XML or HTML documents) and volatile data (event data communicated on the Web between XChange programs). Based on the differences between these kinds of data, the data metaphor is that of written text vs. speech. XChange's language design enforces this clear separation and entails new characteristics of event processing on the Web. After motivating the need for a solution to reactivity on the Web, this thesis introduces the design principles and syntax of the language XChange accompanied by use cases for demonstrating the practical applicability of its constructs. Important contributions of the thesis are the specification of the language semantics and the description of an algortihm for evaluating XChange programs

Towards Optimal IT Availability Planning: Methods and Tools

The availability of an organisation’s IT infrastructure is of vital importance for supporting business activities. IT outages are a cause of competitive liability, chipping away at a company financial performance and reputation. To achieve the maximum possible IT availability within the available budget, organisations need to carry out a set of analysis activities to prioritise efforts and take decisions based on the business needs. This set of analysis activities is called IT availability planning. Most (large) organisations address IT availability planning from one or more of the three main angles: information risk management, business continuity and service level management. Information risk management consists of identifying, analysing, evaluating and mitigating the risks that can affect the information processed by an organisation and the information-processing (IT) systems. Business continuity consists of creating a logistic plan, called business continuity plan, which contains the procedures and all the useful information needed to recover an organisations’ critical processes after major disruption. Service level management mainly consists of organising, documenting and ensuring a certain quality level (e.g. the availability level) for the services offered by IT systems to the business units of an organisation. There exist several standard documents that provide the guidelines to set up the processes of risk, business continuity and service level management. However, to be as generally applicable as possible, these standards do not include implementation details. Consequently, to do IT availability planning each organisation needs to develop the concrete techniques that suit its needs. To be of practical use, these techniques must be accurate enough to deal with the increasing complexity of IT infrastructures, but remain feasible within the budget available to organisations. As we argue in this dissertation, basic approaches currently adopted by organisations are feasible but often lack of accuracy. In this thesis we propose a graph-based framework for modelling the availability dependencies of the components of an IT infrastructure and we develop techniques based on this framework to support availability planning. In more detail we present: 1. the Time Dependency model, which is meant to support IT managers in the selection of a cost-optimal set of countermeasures to mitigate availability-related IT risks; 2. the Qualitative Time Dependency model, which is meant to be used to systematically assess availability-related IT risks in combination with existing risk assessment methods; 3. the Time Dependency and Recovery model, which provides a tool for IT managers to set or validate the recovery time objectives on the components of an IT architecture, which are then used to create the IT-related part of a business continuity plan; 4. A2THOS, to verify if availability SLAs, regulating the provisioning of IT services between business units of the same organisation, can be respected when the implementation of these services is partially outsourced to external companies, and to choose outsourcing offers accordingly. We run case studies with the data of a primary insurance company and a large multinational company to test the proposed techniques. The results indicate that organisations such as insurance or manufacturing companies, which use IT to support their business can benefit from the optimisation of the availability of their IT infrastructure: it is possible to develop techniques that support IT availability planning while guaranteeing feasibility within budget. The framework we propose shows that the structure of the IT architecture can be practically employed with such techniques to increase their accuracy over current practice

NEGOSEIO: framework for the sustainability of model-oriented enterprise interoperability

Dissertation to obtain the degree of Doctor of Philosophy in Electrical and Computer Engineering(Industrial Information Systems)This dissertation tackles the problematic of Enterprise Interoperability in the current globally connected world. The evolution of the Information and Communication Technologies has endorsed the establishment of fast, secure and robust data exchanges, promoting the development of networked solutions. This allowed the specialisation of enterprises (particularly SMEs) and favoured the development of complex and heterogeneous provider systems. Enterprises are abandoning their self-centrism and working together on the development of more complete solutions. Entire business solutions are built integrating several enterprises (e.g., in supply chains, enterprise nesting) towards a common objective. Additionally, technologies, platforms, trends, standards and regulations keep evolving and demanding enterprises compliance. This evolution needs to be continuous, and is naturally followed by a constant update of each networked enterprise’s interfaces, assets, methods and processes. This unstable environment of perpetual change is causing major concerns in both SMEs and customers as the current interoperability grounds are frail, easily leading to periods of downtime, where business is not possible. The pressure to restore interoperability rapidly often leads to patching and to the adoption of immature solutions, contributing to deteriorate even more the interoperable environment. This dissertation proposes the adoption of NEGOSEIO, a framework that tackles interoperability issues by developing strong model-based knowledge assets and promoting continuous improvement and adaptation for increasing the sustainability of interoperability on enterprise systems. It presents the research motivations and the developed framework’s main blocks, which include model-based knowledge management, collaboration service-oriented architectures implemented over a cloud-based solution, and focusing particularly on its negotiation core mechanism to handle inconsistencies and solutions for the detected interoperability problems. It concludes by validating the research and the proposed framework, presenting its application in a real business case of aerospace mission design on the European Space Agency (ESA).FP7 ENSEMBLE, UNITE, MSEE and IMAGINE project