Using formal methods to develop WS-BPEL applications

In recent years, WS-BPEL has become a de facto standard language for orchestration of Web Services. However, there are still some well-known difficulties that make programming in WS-BPEL a tricky task. In this paper, we firstly point out major loose points of the WS-BPEL specification by means of many examples, some of which are also exploited to test and compare the behaviour of three of the most known freely available WS-BPEL engines. We show that, as a matter of fact, these engines implement different semantics, which undermines portability of WS-BPEL programs over different platforms. Then we introduce Blite, a prototypical orchestration language equipped with a formal operational semantics, which is closely inspired by, but simpler than, WS-BPEL. Indeed, Blite is designed around some of WS-BPEL distinctive features like partner links, process termination, message correlation, long-running business transactions and compensation handlers. Finally, we present BliteC, a software tool supporting a rapid and easy development of WS-BPEL applications via translation of service orchestrations written in Blite into executable WS-BPEL programs. We illustrate our approach by means of a running example borrowed from the official specification of WS-BPEL

Modeling and verification of web service composition based interorganizational workflows

Interorganisationale Workflows sind Arbeitsabläufe, welche die Grenzen einer Organisation verlassen und einen Rahmen für Kooperationen der verschiedenen autonomen Organisationen zur Verfügung stellen. Ein wichtiger Punkt für den Entwurf solcher Workflows ist die Balance zwischen Offenheit und Abgrenzung, wobei erstere für Kooperationen und letztere die für den Schutz von Know-how benötigt wird. Workflow Sichten stellen ein effizientes Werkzeug für diesen Zweck zur Verfügung. Durch Offenlegung von bestimmten Teilen eines Prozesses, können Organisationen sowohl kooperieren als auch das Know-how schützen. Diese Dissertation präsentiert nun eine Methode für die korrekte Konstruktion von Workflow Sichten. Es wird angenommen, dass Organisationen Web Service orientierte Technologien zur Modellierung und Implementierung von interorganisationalen Workflows verwenden. Die Anwendung von Web Services bietet Organisationen viele Vorteile. Den eigentlichen Mehrwert von Web Services stellt aber die Kompositionsfähigkeit dar. Verfügbare Web Services können dadurch von anderen Choreographien und Orchestrationen (wieder-)verwendet werden. Die Notwendigkeit der Implementierung von Systemen von Null weg kann minimiert werden. Die zentralen Anforderungen sind einerseits eine Architektur mit adäquatem Potential, andererseits die Verifikation der Korrektheit. Diese Dissertation präsentiert nun eine Architektur zur Modellierung von Web Service Composition basierten interorganisationalen Workflows, genannt föderierte Choreographien, die verglichen mit anderen Architekturen verschiedene Vorteile anbieten. Darüber hinaus werden Algorithmen und Techniken zur Verifikation der strukturellen und temporalen Korrektheit vorgestellt. Strukturelle Korrektheit prüft, ob die Strukturen der beteiligten Prozesse zusammenpassen. Temporale Korrektheit überprüft, ob ein interorganisationaler Workflow, der aus mehreren Choreographien und Orchestrationen besteht hinsichtlich der lokalen und globalen Bedingungen fehlerfrei ist. Mit Hilfe dieser Techniken kann die strukturelle und temporale Konformität des Modells zur Designzeit überprüft werden. Falls das Modell nicht strukturell oder temporal konform ist, können nötige Änderungen durchgeführt werden, sodass die korrekte Ausführung zur Laufzeit garantiert werden kann. Die Überprüfung der Konformität zur Designzeit reduziert die Prozesskosten vor allem wegen den folgenden zwei Gründen: Erstens, die entdeckten Fehler zur Designzeit sind normalerweise billiger als jene, die zur Laufzeit entdeckt werden und zweitens, Fehlerbehandlungsmechanismen können verhindert werden, die wiederum Zusatzkosten verursachen. Zusätzlich zu der vorgestellten Architektur wird eine allgemeinere Architektur zusammen mit den passenden Konformitätsprüfungsalgorithmen präsentiert. Der Ansatz ist Platform- und sprachunabhängig und die Algorithmen sind verteilt.Interorganizational workflows are workflows that cross the boundaries of a single organization and provide a framework for cooperation of different autonomous organizations. An important issue when designing such workflows is the balance between the openness needed for cooperation and the privacy needed for protection of business know-how. Workflow views provide an efficient tool for this aim. By exposure of only selected parts of a process, organizations can both cooperate and protect their business logic. This dissertation presents a technique for a correct construction of workflow views. It is assumed that organizations and partners use web services and web service related technology to model and implement interorganizational workflows. Application of web services offers several advantages for organizations. The real surplus of web services is their capability of being composed to more complex systems. Available web services can be reused by other choreographies and orchestrations and the need for development of new systems from scratch can be minimized. The essential requirements are on the one hand an architecture with adequate capabilities and on the other hand, verification of correctness. This dissertation proposes an architecture for modeling web service composition based interorganizational workflows, called \emph{federated choreographies}, that provides several advantages compared to existing proposals. Moreover, algorithms and techniques for verification of structural and temporal correctness of interorganizational workflows are proposed. Structural conformance checks if the structures of the involved processes match. Temporal conformance checks if an interorganizational workflow composed of choreographies and orchestrations is temporally error-free with respect to local and global temporal constraints. The proposed algorithms can be applied for checking the structural and temporal conformance of the federated choreographies at design-time. If the model is not structurally or temporally conformant, necessary modifications can be done such that the correct execution of the flow at run-time can be guaranteed. The conformance checking at design time reduces the cost of process because of two reasons: first, errors detected at design time are normally cheaper than those detected at run time and second, exception handling mechanisms can be avoided which are, in turn, coupled with additional costs. In addition to the proposed architecture, a more general architecture together with the conformance checking algorithms and techniques for interorganizational workflows are presented. The presented approach is language and platform independent and algorithms work in a distributed manner

FLACOS’08 Workshop proceedings

The 2nd Workshop on Formal Languages and Analysis of Contract-Oriented Software (FLACOS’08) is held in Malta. The aim of the workshop is to bring together researchers and practitioners working on language-based solutions to contract-oriented software development. The workshop is partially funded by the Nordunet3 project “COSoDIS” (Contract-Oriented Software Development for Internet Services) and it attracted 25 participants. The program consists of 4 regular papers and 10 invited participant presentations

Correctness of services and their composition

We study correctness of services and their composition and investigate how the design of correct service compositions can be systematically supported. We thereby focus on the communication protocol of the service and approach these questions using formal methods and make contributions to three scenarios of SOC.Wir studieren die Korrektheit von Services und Servicekompositionen und untersuchen, wie der Entwurf von korrekten Servicekompositionen systematisch unterstützt werden kann. Wir legen dabei den Fokus auf das Kommunikationsprotokoll der Services. Mithilfe von formalen Methoden tragen wir zu drei Szenarien von SOC bei

Middleware to support accountability of business to business interactions

PhD ThesisEnabling technologies have driven standardisation efforts specifying B2B interactions between organisations including the information to be exchanged and its associated business level requirements. These interactions are encoded as conversations to which organisations agree and execute. It is pivotal to continued cooperation with these interactions that their regulation be supported; minimally, that all actions taken are held accountable and no participant is placed at a disadvantage having remained compliant. Technical protocols exist to support regulation (e.g., provide fairness and accountability). However, such protocols incur expertise, infrastructure and integration requirements, possibly diverting an organisation’s attention from fulfilling obligations to interactions in which they are involved. Guarantees provided by these protocols can be paired with functional properties, declaratively describing the support they provide. By encapsulating properties and protocols in intermediaries through which messages are routed, expertise, infrastructure and integration requirements can be alleviated from interacting organisations while their interactions are transparently provided with additional support. Previous work focused on supporting individual issues without tackling concerns of asynchronicity, transparency and loose coupling. This thesis develops on previous work by designing generalised intermediary middleware capable of intercepting messages and transparently satisfying supportive properties. By enforcing loose coupling and transparency, all interactions may be provided with additional support without modification, independent of the higher level (i.e., B2B) standards in use and existing work may be expressed as instances of the proposed generalised design. This support will be provided at lower levels, justified by a survey of B2B and messaging standards. Proof of concept implementations will demonstrate the suitability of the approach. The work will demonstrate that providing transparent, decoupled support at lower levels of abstraction is useful and can be applied to domains beyond B2B and message oriented interactions.EPSRC Hat’s Newcastle operation Dr. Mark Littl

Correctness of services and their composition

We study correctness of services and their composition and investigate how the design of correct service compositions can be systematically supported. We thereby focus on the communication protocol of the service and approach these questions using formal methods and make contributions to three scenarios of SOC.Wir studieren die Korrektheit von Services und Servicekompositionen und untersuchen, wie der Entwurf von korrekten Servicekompositionen systematisch unterstützt werden kann. Wir legen dabei den Fokus auf das Kommunikationsprotokoll der Services. Mithilfe von formalen Methoden tragen wir zu drei Szenarien von SOC bei

A programming system for process coordination in virtual organisations

PhD thesisDistributed business applications are increasingly being constructed by composing them from services provided by various online businesses. Typically, this leads to trading partners coming together to form virtual organizations (VOs). Each member of a VO maintains their autonomy, except with respect to their agreed goals. The structure of the Virtual Organisation may contain one dominant organisation who dictates the method of achieving the goals or the members may be considered peers of equal importance. The goals of VOs can be defined by the shared global business processes they contain. To be able to execute these business processes, VOs require a flexible enactment model as there may be no single ‘owner’ of the business process and therefore no natural place to enact the business processes. One solution is centralised enactment using a trusted third party, but in some cases this may not be acceptable (for instance because of security reasons). This thesis will present a programming system that allows centralised as well as distributed enactment where each organisation enacts part of the business process. To achieve distributed enactment we must address the problem of specifying the business process in a manner that is amenable to distribution. The first contribution of this thesis is the presentation of the Task Model, a set of languages and notations for describing workflows that can be enacted in a centralised or decentralised manner. The business processes that we specify will coordinate the services that each organisation owns. The second contribution of this thesis is the presentation of a method of describing the observable behaviour of these services. The language we present, SSDL, provides a flexible and extensible way of describing the messaging behaviour of Web Services. We present a method for checking that a set of services described in SSDL are compatible with each other and also that a workflow interacts with a service in the desired manner. The final contribution of this thesis is the presentation of an abstract architecture and prototype implementation of a decentralised workflow engine. The prototype is able to enact workflows described in the Task Model notation in either a centralised or decentralised scenario