Automatic test case generation for WS-Agreements using combinatorial testing

In the scope of the applications developed under the service-based paradigm, Service Level Agreements (SLAs) are a standard mechanism used to flexibly specify the Quality of Service (QoS) that must be delivered. These agreements contain the conditions negotiated between the service provider and consumers as well as the potential penalties derived from the violation of such conditions. In this context, it is important to assure that the service based application (SBA) behaves as expected in order to avoid potential consequences like penalties or dissatisfaction between the stakeholders that have negotiated and signed the SLA. In this article we address the testing of SLAs specified using the WS-Agreement standard by means of applying testing techniques such as the Classification Tree Method and Combinatorial Testing to generate test cases. From the content of the individual terms of the SLA, we identify situations that need to be tested. We also obtain a set of constraints based on the SLA specification and the behavior of the SBA in order to guarantee the testability of the test cases. Furthermore, we define three different coverage strategies with the aim at grading the intensity of the tests. Finally, we have developed a tool named SLACT (SLA Combinatorial Testing) in order to automate the process and we have applied the whole approach to an eHealth case study

Formal certification and compliance for run-time service environments

With the increased awareness of security and safety of services in on-demand distributed service provisioning (such as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of service properties and tend not to support the run-time monitoring and progressive certification in the service execution environment. In this paper we discuss an approach which provides both design-time and runtime behavioural compliance checking for a services architecture, through enabling a progressive event-driven model-checking technique. Providing an integrated approach to certification and compliance is a challenge however using analysis and monitoring techniques we present such an approach for on-going compliance checking

Context constraint integration and validation in dynamic web service compositions

System architectures that cross organisational boundaries are usually implemented based on Web service technologies due to their inherent interoperability benets. With increasing exibility requirements, such as on-demand service provision, a dynamic approach to service architecture focussing on composition at runtime is needed. The possibility of technical faults, but also violations of functional and semantic constraints require a comprehensive notion of context that captures composition-relevant aspects. Context-aware techniques are consequently required to support constraint validation for dynamic service composition. We present techniques to respond to problems occurring during the execution of dynamically composed Web services implemented in WS-BPEL. A notion of context { covering physical and contractual faults and violations { is used to safeguard composed service executions dynamically. Our aim is to present an architectural framework from an application-oriented perspective, addressing practical considerations of a technical framework

Comprehensive Explanation of SLA Violations at Runtime

Service Level Agreements (SLAs) establish the Quality of Service (QoS) agreed between service-based systems consumers and providers. Since the violation of such SLAs may involve penalties, quality assurance techniques have been developed to supervise the SLAs fulfillment at runtime. However, existing proposals present some drawbacks: the SLAs they support are not expressive enough to model real-world scenarios, they couple the monitoring configuration to a given SLA specification, the explanations of the violations are difficult to understand and even potentially inaccurate, some proposals either do not provide an architecture, or present low cohesion within their elements. In this paper, we propose a comprehensive solution, from a conceptual reference model to its design and implementation, that overcomes these drawbacks. The resulting platform, SALMonADA, receives the SLA agreed between the parties as input and reports the explanations of SLA violations in a timely and highly understandable way. SALMonADA performs an automated monitoring configuration and it analyses highly expressive SLAs by means of a constraint satisfaction problems based technique. We have evaluated the impact of SALMonADA over the resulting service consumption time performance. The results are satisfactory enough to consider SALMonADA for SLA supervision because of its low intrusiveness

Coverage Based Testing for Service Level Agreements

Service level agreements (SLAs) are typically used to specify rules regarding the consumption of services that are agreed between the providers of the service-based applications (SBAs) and their consumers. An SLA includes a list of terms that contain the guarantees that must be fulfilled during the provisioning and consumption of the services. Since the violation of such guarantees may lead to the application of potential penalties, it is important to assure that the SBA behaves as expected. In this paper, we propose a proactive approach to test SLA-aware SBAs by means of identifying test requirements, which represent situations that are relevant to be tested. To address this issue, we define a four-valued logic that allows evaluating both the individual guarantee terms and their logical relationships. Grounded in this logic, we devise a test criterion based on the modified condition decision coverage (MCDC) in order to obtain a cost-effective set of test requirements from the structure of the SLA. Furthermore by analyzing the syntax and semantics of the agreement, we define specific rules to avoid non-feasible test requirements. The whole approach has been automated and applied over an eHealth case study

SLA-Driven Cloud Computing Domain Representation and Management

The assurance of Quality of Service (QoS) to the applications, although identified as a key feature since long ago [1], is one of the fundamental challenges that remain unsolved. In the Cloud Computing context, Quality of Service is defined as the measure of the compliance of certain user requirement in the delivery of a cloud resource, such as CPU or memory load for a virtual machine, or more abstract and higher level concepts such as response time or availability. Several research groups, both from academia and industry, have started working on describing the QoS levels that define the conditions under which the service need to be delivered, as well as on developing the necessary means to effectively manage and evaluate the state of these conditions. [2] propose Service Level Agreements (SLAs) as the vehicle for the definition of QoS guarantees, and the provision and management of resources. A Service Level Agreement (SLA) is a formal contract between providers and consumers, which defines the quality of service, the obligations and the guarantees in the delivery of a specific good. In the context of Cloud computing, SLAs are considered to be machine readable documents, which are automatically managed by the provider's platform. SLAs need to be dynamically adapted to the variable conditions of resources and applications. In a multilayer architecture, different parts of an SLA may refer to different resources. SLAs may therefore express complex relationship between entities in a changing environment, and be applied to resource selection to implement intelligent scheduling algorithms. Therefore SLAs are widely regarded as a key feature for the future development of Cloud platforms. However, the application of SLAs for Grid and Cloud systems has many open research lines. One of these challenges, the modeling of the landscape, lies at the core of the objectives of the Ph. D. Thesis.García García, A. (2014). SLA-Driven Cloud Computing Domain Representation and Management [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/36579TESI

Une architecture de cloud broker basée sur la sémantique pour l'optimisation de la satisfaction des utilisateurs

Cloud Computing is a dynamic new technology that has huge potentials in enterprises and markets. The dynamicity and the increasing complexity of Cloud architectures involve several management challenges. In this work, we are interested in Service Level Agreement (SLA) management. Actually, there is no standard to express Cloud SLA, so, providers describe their SLAs in different manner and different languages, which leaves the user puzzled about the choice of its Cloud provider. To overcome these problems, we introduce a Cloud Broker Architecture managing the SLA between providers and consumers. It aims to assist users in establishing and negotiating SLA contracts and to help them in finding the best provider that satisfies their service level expectations. Our broker SLA contracts are formalized as OWL ontologies as they allow hiding the heterogeneity in the distributed Cloud environment and enabling interoperability between Cloud actors. Besides, by combining our ontology with our proposed inference rules, we contribute to detect violations in the SLA contract assuring thereby the sustainability of the user satisfaction. Based on the requirements specified in the SLA contract, our Cloud Broker assists users in selecting the right provider using a multi attribute utility theory method. This method is based on utility functions representing the user satisfaction degree. To obtain accurate results, we have modelled both functional and non functional attributes utilities. We have used personalized utilities for each criterion under negotiation so that our cloud broker satisfies the best consumer requirements from functional and non functional point of viewLe Cloud Computing est un nouveau modèle économique hébergeant les applications de la technologie de l’information. Le passage au Cloud devient un enjeu important des entreprises pour des raisons économiques. La nature dynamique et la complexité croissante des architectures de Cloud impliquent plusieurs défis de gestion. Dans ce travail, nous nous intéressons à la gestion des contrats SLA. Vu le manque de standardisation, chaque fournisseur de service décrit les contrats SLA avec son propre langage, ce qui laisse l'utilisateur perplexe concernant le choix de son fournisseur de services. Dans ce travail, nous proposons une architecture de Cloud Broker permettant d’établir et de négocier les contrats SLA entre les fournisseurs et les consommateurs du Cloud. L’objectif de cette architecture est d’aider l’utilisateur à trouver le meilleur fournisseur en utilisant une méthode multi-critère. Cette méthode considère chaque critère comme une fonction d’utilité à intégrer dans une super-fonction d’utilité. Nous proposons d’illustrer chaque fonction d’utilité par une courbe spécifique à lui représentant bien le critère de choix. Nous essayons de cerner la plupart des critères qui contribuent dans le choix du meilleurs service et de les classer en critères fonctionnels et critères non fonctionnels. Les contrats SLA établit par notre broker sont formalisés sous forme d’ontologies qui permettent de masquer l'hétérogénéité et d’assurer l'interopérabilité entre les acteurs du Cloud. En outre, l’utilisation des règles d'inférence nous a permis de détecter les violations dans le contrat SLA établit et de garantir ainsi le respect de la satisfaction client dans le temp

Planning and Optimization During the Life-Cycle of Service Level Agreements for Cloud Computing

Ein Service Level Agreement (SLA) ist ein elektronischer Vertrag zwischen dem Kunden und dem Anbieter eines Services. Die beteiligten Partner kl aren ihre Erwartungen und Verp ichtungen in Bezug auf den Dienst und dessen Qualit at. SLAs werden bereits f ur die Beschreibung von Cloud-Computing-Diensten eingesetzt. Der Diensteanbieter stellt sicher, dass die Dienstqualit at erf ullt wird und mit den Anforderungen des Kunden bis zum Ende der vereinbarten Laufzeit ubereinstimmt. Die Durchf uhrung der SLAs erfordert einen erheblichen Aufwand, um Autonomie, Wirtschaftlichkeit und E zienz zu erreichen. Der gegenw artige Stand der Technik im SLA-Management begegnet Herausforderungen wie SLA-Darstellung f ur Cloud- Dienste, gesch aftsbezogene SLA-Optimierungen, Dienste-Outsourcing und Ressourcenmanagement. Diese Gebiete scha en zentrale und aktuelle Forschungsthemen. Das Management von SLAs in unterschiedlichen Phasen w ahrend ihrer Laufzeit erfordert eine daf ur entwickelte Methodik. Dadurch wird die Realisierung von Cloud SLAManagement vereinfacht. Ich pr asentiere ein breit gef achertes Modell im SLA-Laufzeitmanagement, das die genannten Herausforderungen adressiert. Diese Herangehensweise erm oglicht eine automatische Dienstemodellierung, sowie Aushandlung, Bereitstellung und Monitoring von SLAs. W ahrend der Erstellungsphase skizziere ich, wie die Modellierungsstrukturen verbessert und vereinfacht werden k onnen. Ein weiteres Ziel von meinem Ansatz ist die Minimierung von Implementierungs- und Outsourcingkosten zugunsten von Wettbewerbsf ahigkeit. In der SLA-Monitoringphase entwickle ich Strategien f ur die Auswahl und Zuweisung von virtuellen Cloud Ressourcen in Migrationsphasen. Anschlie end pr ufe ich mittels Monitoring eine gr o ere Zusammenstellung von SLAs, ob die vereinbarten Fehlertoleranzen eingehalten werden. Die vorliegende Arbeit leistet einen Beitrag zu einem Entwurf der GWDG und deren wissenschaftlichen Communities. Die Forschung, die zu dieser Doktorarbeit gef uhrt hat, wurde als Teil von dem SLA@SOI EU/FP7 integriertem Projekt durchgef uhrt (contract No. 216556)

Bringing social reality to multiagent and service architectures : practical reductions for monitoring of deontic-logic and constitutive norms

As distributed systems grow in complexity, the interactions among individuals (agents, services) of such systems become increasingly more complex and therefore more difficult to constrain and monitor. We propose to view such systems as socio-technical systems, in which organisational and institutional concepts, such as norms, can be applied to improve not only control on the components but also their autonomy by the definition of soft rather than hard constraints. Norms can be described as rules that guide the behavior of individual agents pertaining to groups that abide to them, either by explicit or implicit support. The study of norms, and regulatory systems in general, in their many forms -e.g. social norms, conventions, laws, regulations- has been of interest since the beginning of philosophy, but has seen a lot of evolution during the 20th century due to the progress in the philosophy of language, especially concerning speech acts and deontic logic. Although there is a myriad of definitions and related terminologies about the concept of norm, and as such there are many perspectives on how to analyse their impact, a common denominator is that norms constrain the behaviour of groups of agents in a way that each individual agent can build, with a fair degree of confidence, expectations on how each of their counterparts will behave in the situations that the norms are meant to cover. For example, on a road each driver expects everybody else to drive on only one side of the road (right or left, depending on the country). Therefore, normative contexts, usually wrapped in the form of institutions, are effective mechanisms to ensure the stability of a complex system such as an organisation, a society, or even of electronic systems. The latter has been an object of interest in the field of Artificial Intelligence, and it has been seen as a paradigm of coordination among electronic agents either in multi-agent systems or in service-oriented architectures. In order to apply norms to electronic systems, research has come up with abstractions of normative systems. In some cases these abstractions are based on regimented systems with flexible definitions of the notion of norm, in order to include meanings of the concept with a coarse-grained level of logic formality such as conventions. Other approaches, on the other hand, propose the use of deontic logic for describing, from a more theoretical perspective, norm-governed interaction environments. In both cases, the purpose is to enable the monitoring and enforcement of norms on systems that include -although not limited to- electronic agents. In the present dissertation we will focus on the latter type, focusing on preserving the deontic aspect of norms. Monitoring in norm-governed systems requires making agents aware of: 1) what their normative context is, i.e. which obligations, permissions and prohibitions are applicable to each of them and how they are updated and triggered; and 2) what their current normative status is, i.e. which norms are active, and in what instances they are being fullfilled or violated, in order words, what their social -institutional- reality is. The current challenge is on designing systems that allow computational components to infer both the normative context and social reality in real-time, based on a theoretical formalism that makes such inferences sound and correct from a philosophical perspective. In the scope of multi-agent systems, many are the approaches proposed and implemented that full these requirements up to this date. However, the literature is still lacking a proposal that is suited to the current state-of-the-art in service-oriented architectures, more focused nowadays on automatically scalable, polyglot amalgams of lightweight services with extremely simple communication and coordination mechanisms- a trend that is being called “microservices”. This dissertation tackles this issue, by 1) studying what properties we can infer from distributed systems that allow us to treat them as part of a socio-technical system, and 2) analysing which mechanisms we can provide to distributed systems so that they can properly act as socio-technical systems. The main product of the thesis is therefore a collection of computational elements required for formally grounded and real-time e¬fficient understanding and monitoring of normative contexts, more specially: 1. An ontology of events to properly model the inputs from the external world and convert them into brute facts or institutional events; 2. A lightweight language for norms, suitable for its use in distributed systems; 3. An especially tailored formalism for the detection of social reality, based on and reducible to deontic logic with support for constitutive norms; 4. A reduction of such formalism to production rule systems; and 5. One or more implementations of this reduction, proven to e¬fficiently work on several scenarios. This document presents the related work, the rationale and the design/implementation of each one of these elements. By combining them, we are able to present novel, relevant work that enables the application of normative reasoning mechanisms in realworld systems in the form of a practical reasoner. Of special relevance is the fact that the work presented in this dissertation simplifies, while preserving formal soundness, theoretically complex forms of reasoning. Nonetheless, the use of production systems as the implementation-level materialisation of normative monitoring allows our work to be applied in any language and/or platform available, either in the form of rule engines, ECA rules or even if-then-else patterns. The work presented has been tested and successfully used in a wide range of domains and actual applications. The thesis also describes how our mechanisms have been applied to practical use cases based on their integration into distributed eldercare management and to commercial games.Con el incremento en la complejidad de los sistemas distribuidos, las interacciones entre los individuos (agentes, servicios) de dichos sistemas se vuelven más y más complejas y, por ello, más difíciles de restringir y monitorizar. Proponemos ver a estos sistemas como sistemas socio-técnicos, en los que conceptos organizacionales e institucionales (como las normas) pueden aplicarse para mejorar no solo el control sobre los componentes sino también su autonomía mediante la definición de restricciones débiles (en vez de fuertes). Las Normas se pueden describir como reglas que guían el comportamiento de agentes individuales que pertenecen a grupos que las siguen, ya sea con un apoyo explícito o implícito. El estudio de las normas y de los sistemas regulatorios en general y en sus formas diversas -normas sociales, convenciones, leyes, reglamentos- ha sido de interés para los eruditos desde los inicios de la filosofía, pero ha sufrido una evolución mayor durante el siglo 20 debido a los avances en filosofía del lenguaje, en especial los relacionados con los actos del habla -speech acts en inglés- y formas deónticas de la lógica modal. Aunque hay una gran variedad de definiciones y terminología asociadas al concepto de norma, y por ello existen varios puntos de vista sobre como analizar su impacto, el denominador común es que las normas restringen el comportamiento de grupos de agentes de forma que cada agente individual puede construir, con un buen nivel de confianza, expectativas sobre cómo cada uno de los otros actores se comportará en las situaciones que las normas han de cubrir. Por ejemplo, en una carretera cada conductor espera que los demás conduzcan solo en un lado de la carretera (derecha o izquierda, dependiendo del país). Por lo tanto, los contextos normativos, normalmente envueltos en la forma de instituciones, constituyen mecanismos efectivos para asegurar la estabilidad de un sistema complejo como una organización, una sociedad o incluso un sistema electrónico. Lo último ha sido objeto de estudio en el campo de la Inteligencia Artificial, y se ha visto como paradigma de coordinación entre agentes electrónicos, tanto en sistemas multiagentes como en arquitecturas orientadas a servicios. Para aplicar normas en sistemas electrónicos, los investigadores han creado abstracciones de sistemas normativos. En algunos casos estas abstracciones se basan en sistemas regimentados con definiciones flexibles del concepto de norma para poder influir algunos significados del concepto con un menor nivel de granularidad formal como es el caso de las convenciones. Otras aproximaciones proponen el uso de lógica deóntica para describir, desde un punto de vista más teórico, entornos de interacción gobernados por normas. En ambos casos el propósito es el permitir la monitorización y la aplicación de las normas en sistemas que incluyen -aunque no están limitados a- agentes electrónicos. En el presente documento nos centraremos en el segundo tipo, teniendo cuidado en mantener el aspecto deóntico de las normas. La monitorización en sistemas gobernados por normas requiere el hacer a los agentes conscientes de: 1) cual es su contexto normativo, es decir, que obligaciones permisos y prohibiciones se aplican a cada uno de ellos y cómo se actualizan y activan; y 2) cual es su estado normativo actual, esto es, que normas están activas, y que instancias están siendo cumplidas o violadas, en definitiva, cual es su realidad social -o institucional-. En la actualidad el reto consiste en diseñar sistemas que permiten inferir a componentes computacionales tanto el contexto normativo como la realidad social en tiempo real, basándose en un formalismo teórico que haga que dichas inferencias sean correctas y bien fundamentadas desde el punto de vista filosófico. En el ámbito de los sistemas multiagente existen muchas aproximaciones propuestas e implementadas que cubren estos requisitos. Sin embargo, esta literatura aun carece de una propuesta que sea adecuada para la tecnología de las arquitecturas orientadas a servicios, que están más centradas en amalgamas políglotas y escalables de servicios ligeros con mecanismos de coordinación y comunicación extremadamente simples, una tendencia moderna que lleva el nombre de microservicios. Esta tesis aborda esta problemática 1) estudiando que propiedades podemos inferir de los sistemas distribuidos que nos permitan tratarlos como parte de un sistema sociotécnico, y 2) analizando que mecanismos podemos proporcionar a los sistemas distribuidos de forma que puedan actuar de forma correcta como sistemas socio-técnicos. El producto principal de la tesis es, por tanto, una colección de elementos computacionales requeridos para la monitorización e interpretación e_cientes en tiempo real y con clara base formal. En concreto: 1. Una ontología de eventos para modelar adecuadamente las entradas del mundo exterior y convertirlas en hechos básicos o en eventos institucionales; 2. Un lenguaje de normas ligero y sencillo, adecuado para su uso en arquitecturas orientadas a servicios; 3. Un formalismo especialmente adaptado para la detección de la realidad social, basado en y reducible a lógica deóntica con soporte para normas constitutivas; 4. Una reducción de ese formalismo a sistemas de reglas de producción; y 5. Una o más implementaciones de esta reducción, de las que se ha probado que funcionan eficientemente en distintos escenarios. Este documento presenta el estado del arte relacionado, la justificación y el diseño/implementación para cada uno de esos elementos. Al combinarlos, somos capaces de presentar trabajo novedoso y relevante que permite la aplicación de mecanismos de razonamiento normativo en sistemas del mundo real bajo la forma de un razonador práctico. De especial relevancia es el hecho de que el trabajo presentado en este documento simplifica formas complejas y teóricas de razonamiento preservando la correctitud formal. El uso de sistemas de reglas de producción como la materialización a nivel de implementación del monitoreo normativo permite que nuestro trabajo se pueda aplicar a cualquier lenguaje o plataforma disponible, ya sea en la forma de motores de reglas, reglas ECA o incluso patrones si-entonces. El trabajo presentado ha sido probado y usado con éxito en un amplio rango de dominios y aplicaciones prácticas. La tesis describe como nuestros mecanismos se han aplicado a casos prácticos de uso basados en su integración en la gestión distribuida de pacientes de edad avanzada o en el sector de los videojuegos comerciales.Postprint (published version