Towards architecture-level middleware-enabled exception handling of component-based systems

Exception handling is a practical and important way to improve the availability and reliability of a component-based system. The classical code-level exception handling approach is usually applied to the inside of a component, while some exceptions can only or properly be handled outside of the components. In this paper, we propose a middleware-enabled approach for exception handling at architecture level. Developers specify what exceptions should be handled and how to handle them with the support of middleware in an exception handling model, which is complementary to software architecture of the target system. This model will be interpreted at runtime by a middleware-enabled exception handling framework, which is responsible for catching and handling the specified exceptions mainly based on the common mechanisms provided by the middleware. The approach is demonstrated in JEE application servers and benchmarks. ? 2011 ACM.EI

Software Architecture and Dependability

International audienceDependable systems are characterized by a number of attributes including: reliability, availability, safety and security. For some attributes (namely for reliability, availability, safety), there exist probability- based theoretic foundations, enabling the application of dependability analysis techniques. The goal of dependability analysis is to forecast the values of dependability attributes, based on certain properties (e.g. failure rate, MTBF, etc.) that characterize the system's constituent elements. Nowadays, architects, designers and developers build systems based on an architecture-driven approach. They specify the system's software architecture using Architecture Description Languages or other standard modeling notations like UML. Given the previous, we examine what we need to specify at the architectural level to enable the automated generation of models for dependability analysis. In this paper, we further present a prototype implementation of the proposed approach, which relies on UML specifications of dependable systems' software architectures. Moreover, we exemplify our approach using a case study system

Exception handling in the development of fault-tolerant component-based systems

Orientador: Cecilia Mary Fischer RubiraTese (doutorado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Mecanismos de tratamento de exceções foram concebidos com o intuito de facilitar o gerenciamento da complexidade de sistemas de software tolerantes a falhas. Eles promovem uma separação textual explícita entre o código normal e o código que lida com situações anormais, afim de dar suporte a construção de programas que são mais concisos fáceis de evoluir e confáveis. Diversas linguagens de programação modernas e a maioria dos modelos de componentes implementam mecanismos de tratamento de exceções. Apesar de seus muitos benefícios, tratamento de exceções pode ser a fonte de diversas falhas de projeto se usado de maneira indisciplinada. Estudos recentes mostram que desenvolvedores de sistemas de grande escala baseados em infra-estruturas de componentes têm hábitos, no tocante ao uso de tratamento de exceções, que tornam suas aplicações vulneráveis a falhas e difíceis de se manter. Componentes de software criam novos desafios com os quais mecanismos de tratamento de exceções tradicionais não lidam, o que aumenta a probabilidade de que problemas ocorram. Alguns exemplos são indisponibilidade de código fonte e incompatibilidades arquiteturais. Neste trabalho propomos duas técnicas complementares centradas em tratamento de exceções para a construção de sistemas tolerantes a falhas baseados em componentes. Ambas têm ênfase na estrutura do sistema como um meio para se reduzir o impacto de mecanismos de tolerância a falhas em sua complexidade total e o número de falhas de projeto decorrentes dessa complexidade. A primeira é uma abordagem para o projeto arquitetural dos mecanismos de recuperação de erros de um sistema. Ela trata do problema de verificar se uma arquitetura de software satisfaz certas propriedades relativas ao fluxo de exceções entre componentes arquiteturais, por exemplo, se todas as exceções lançadas no nível arquitetural são tratadas. A abordagem proposta lança de diversas ferramentas existentes para automatizar ao máximo esse processo. A segunda consiste em aplicar programação orientada a aspectos (AOP) afim de melhorar a modularização de código de tratamento de exceções. Conduzimos um estudo aprofundado com o objetivo de melhorar o entendimento geral sobre o efeitos de AOP no código de tratamento de exceções e identificar as situações onde seu uso é vantajoso e onde não éAbstract: Exception handling mechanisms were conceived as a means to help managing the complexity of fault-tolerant software. They promote an explicit textual separation between normal code and the code that deals with abnormal situations, in order to support the construction of programs that are more concise, evolvable, and reliable. Several mainstream programming languages and most of the existing component models implement exception handling mechanisms. In spite of its many bene?ts, exception handling can be a source of many design faults if used in an ad hoc fashion. Recent studies show that developers of large-scale software systems based on component infrastructures have habits concerning the use of exception handling that make applications vulnerable to faults and hard to maintain. Software components introduce new challenges which are not addressed by traditional exception handling mechanisms and increase the chances of problems occurring. Examples include unavailability of source code and architectural mismatches. In this work, we propose two complementary techniques centered on exception handling for the construction of fault-tolerant component-based systems. Both of them emphasize system structure as a means to reduce the impactof fault tolerance mechanisms on the overall complexity of a software system and the number of design faults that stem from complexity. The ?rst one is an approach for the architectural design of a system?s error handling capabilities. It addresses the problem of verifying whether a software architecture satis?es certain properties of interest pertaining the ?ow of exceptions between architectural components, e.g., if all the exceptions signaled at the architectural level are eventually handled. The proposed approach is based on a set of existing tools that automate this process as much as possible. The second one consists in applying aspect-oriented programming (AOP) to better modularize exception handling code. We have conducted a through study aimed at improving our understanding of the efects of AOP on exception handling code and identifying the situations where its use is advantageous and the ones where it is notDoutoradoDoutor em Ciência da Computaçã

Generic fault tolerant software architecture: Modeling, customization and verification

Ph.DDOCTOR OF PHILOSOPH

An Architectural-level Exception-handling System For Component-based Applications

Component-based software systems built out of reusable software components are being used in a wide range of applications which have high dependability requirements. In order to accomplish the required levels of dependability, it is necessary to incorporate into these complex systems means for to cope with software faults. Exception handling is a well-known technique for adding forward error recovery to software systems supported by various mainstream programming languages. However, exception handling for component-based applications at the architectural level introduces new challenges which are not addressed by traditional exception handling systems, such as unavailability of source code, specially when off-the-shelf components are employed. In this paper, we present an exception handling system which adds fault tolerance to component-based systems at the architectural level. Our solution considers issues which are specific to component-based applications, such as unavailability of source code. We also present a framework which implements the proposed exception handling system for applications built using the C2 architectural style. © Springer-Verlag Berlin Heidelberg 2003.2847321340Anderson, T., Lee, P.A., (1990) Fault Tolerance: Principles and Practice, 2nd Edition, , Prentice-HallBrown, A.W., Wallnau, K.C., The Current State of CBSE (1998) IEEE Software, 15 (5), pp. 37-46. , IEEE Computer Society PressPaul, C., (1996) Clements and Linda Northrop: Software Architecture: An Executive Overview, , Technical Report CMU/SEI-96-TR-003. Software Engineering Institute, Carnegie Mellon UniversityCook, J.E., Dage, J.A., Highly Reliable Upgrading of Components (1999) Proceedings of the 21st International Conference on Software Engineering, pp. 203-212Cristian, F., Exception Handling (1989) Dependability of Resilient Computers, , T. Anderson (ed.): BSP Professional BooksDashofy, E.M., Medvidovic, N., Taylor, R.N., Using Off-The-Shelf Middleware to Implement Connectors in Distributed Software Architectures (1999) Proceedings of the 21st International Conference on Software Engineering (ICSE '99), pp. 3-12Garcia, A., Beder, D., Rubira, C., An Exception Handling Mechanism for Developing Dependable Object-Oriented Software Based on a Meta-Level Approach (1999) Proceedings of the 10th International Symposium on Software Reliability Engineering - ISSRE'99, pp. 52-61. , IEEE Computer Society PressGarcia, A., Rubira, C., Romanovsky, A., Xu, J., A Comparative Study of Exception Handling Mechanisms for Building Dependable Object-Oriented Software (2001) Journal of Systems and Software, 59 (2), pp. 197-222. , ElsevierGarlan, D., Monroe, R.T., Wile, D., Acme: Architectural Description of Component-Based Systems (2000) Foundations of Component -Based Systems, pp. 47-67. , Gary T. Levens and Murali Sitaraman (eds.): Cambridge University PressGoodenough, J.B., Exception Handling: Issues and a Proposed Notation (1975) Communications of the ACM, 18 (12), pp. 683-696. , ACM Press, New York, NYGosling, J., Joy, B., Steele, G., (1996) The Java Language Specification, , Addison-WesleyGuerra, P., Rubira, C., De Lemos, R., An Idealized Fault-Tolerant Architectural Component (2002) Proceedings of the 24th International Conference on Software Engineering - Workshop on Architecting Dependable SystemsGuerra, P.A.C., Rubira, C.M.F., De Lemos, R., A Fault-Tolerant Architecture for Component-Based Software Systems (2003) Lecture Notes in Computer Science, , R. de Lemos and C. Gracek and A. Romanosvsky (eds.): Architecting Dependable Systems. to appear. Springer-Verlag, Berlin Heidelberg New YorkGuerra, P., Rubira, C., Romanovsky, A., De Lemos, R., Integrating COTS Software Componentes into Dependable Software Architectures (2003) Proceedings of the 6th International Symposium on Object-Oriented Real-Time Distributed Computing, , IEEE Computer Society PressIssarny, V., Banatre, J.P., Architecture-Based Exception Handling (2001) Proceedings of the 34th Annual Hawaii International Conference on System Sciences, , IEEE Society PressKiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C., Lingtier, J., Irwin, J., Aspect-Oriented Programming (1997) Lecture Notes in Computer Science, 1241. , Proceedings of the European Conference on Object-Oriented Programming. Springer-Verlag, Berlin Heidelberg New YorkKoening, A., Stroustrup, B., Exception Handling for C++ (1990) Jornal of Object-Oriented Programmings, 3 (2), pp. 16-33Lacourte, S., Exceptions in Guide, an Object-Oriented Language for Distributed Applications (1991) Lecture Notes in Computer Science, 512, pp. 268-287. , Springer-Verlag, Berlin Heidelberg New YorkMaes, P., Concepts and Experiments in Computational Reflection (1987) ACM SIGPLAN Notices, 22 (12), pp. 147-155. , ACM PressMedvidovic, N., Oreizy, P., Taylor, R.N., Reuse of Off-the-Shelf Components in C2-Style Architectures (1997) Proceedings of the 1997 Symposium on Software Reusability, pp. 190-198Rakic, M., Medvidovic, N., Increasing the Confidence in Off-the-Shelf Components: A Software Connector-Based Approach (2001) Proceedings of the 2001 Symposium on Software Reusability, pp. 11-18Saridakis, T., Issarny, V., (1999) Fault-Tolerant Software Architectures, , Technical Report 3350. INRIASloman, M., Kramer, J., (1987) Distributed Systems and Computer Networks, , Prentice HallSprott, D., Componentizing the Enterprise Application Packages (2000) Communications of the ACM, 43 (4), pp. 63-69. , ACM Press, New York, NYStavridou, V., Riemenschneider, A., Provably Dependable Software Architectures (1998) Proceedings of the Third ACM SIGPLAN International Software Architecture Workshop, pp. 133-136. , ACM Press(2002) Enterprise Javabeans Specification v2.1, , http://java.sun.com/products/ejb/, Proposed Final DraftTaft, S.T., Duff, R.A., Ada 95 Reference Manual: Language and Standard Libraries, International Standard Iso/Iec 8652:1995(e) (1997) Lecture Notes in Computer Science, 1246. , Springer-Verlag, Berlin Heidelberg New YorkTaylor, R.N., Medvidovic, N., Anderson, K.M., Whitehead Jr., E.J., Robbins, J.E., A Component- and Message- Based Architectural Style for GUI Software (1995) Proceedings of the 17th International Conference on Software Engineering, pp. 295-304ArchStudio 3.0, , http://www.isr.uci.edu/projects/archstudio, Homepag

Architecture-centric Fault Tolerance With Exception Handling

When building dependable systems by integrating untrusted software components that were not originally designed to interact with each other, it is inevitable the occurrence of architectural mismatches related to assumptions in the failure behaviours. These mismatches if not prevented during system design have to be tolerated during runtime. This paper presents an architectural abstraction based on exception handling for structuring fault-tolerant software systems. This abstraction comprises several components and connectors that transform an existing untrusted software element into an idealised fault-tolerant architectural element. The proposed rigorous approach relies on a formal representation for analysing exception propagation, and verifying important dependability properties. Beyond this, the formal models are also used for generating unit and integration test cases that would be used for validating the final software product. The feasibility of the proposed approach was evaluated on an embedded critical case study. © Springer-Verlag Berlin Heidelberg 2007.4746 LNCS7594Abrial, J.-R., (1996) The B-book: Assigning programs to meanings, , Cambridge University Press, New YorkAmnell, T., Behrmann, G., Bengtsson, J., D'Argenio, P.R., David, A., Fehnker, A., Hune, T., Yi, W., Uppaal - Now, Next, and Future (2001) LNCS, 2067, pp. 100-125. , Cassez, F, Jard, C, Rozoy, B, Ryan, M, eds, MOVEP 2000, Springer, HeidelbergAnderson, T., Lee, P.A., (1981) Fault Tolerance: Principles and Practice, , Prentice-Hall, Englewood CliffsBass, L., Clements, P.C., Kazman, R., (2003) Software Architecture in Practice, , 2nd edn. Addison-Wesley, ReadingBertolino, A., Marchetti, E., Muccini, H.: Introducing a reasonably complete and coherent approach for model-based testing. Electr. Notes Theor. Comput. Sci. 116, 85-97 (2005)Binder, R.V., (1999) Testing object-oriented systems: Models, patterns, and tools, , Addison-Wesley Longman Publishing Co, Inc, Redwood City, CA, USABrito, P.H.S., de Lemos, R., Martins, E., Rubira, C.M.F., Verification and validation of a fault-tolerant architectural abstraction (2007) DSN Workshop on Architecting Dependable Systems (WADS, , Edinburgh, Scotland, UK Accepted for publicationBrookes, S.D., Hoare, C.A.R., Roscoe, A.W., A theory of communicating sequential processes (1984) J. ACM, 31 (3), pp. 560-599Castor Filho, F., Cacho, N., Figueiredo, E., Ferreira, R., Garcia, A., Rubira, C.M.F., Exceptions and aspects: The devil is in the details (2006) Proceedings of the 14th ACM SIGSOFT FSE, pp. 152-162. , NovemberCastor Filho, F., da Silva Brito, P.H., Rubira, C.M.F., Specification of exception flow in software architectures (2006) Journal of Systems and Software, , OctoberCastor Filho, F., de Castro Guerra, P.A., Rubira, C.M.F.: An architectural-level exception-handling system for component-based applications. In: de Lemos, R., Weber, T.S., Camargo Jr., J.B. (eds.) LADC 2003. LNCS, 2847, pp. 321-340. Springer, Heidelberg (2003)Clements, P., (2003) Documenting Software Architectures: Views and Beyond, , Addison-Wesley, ReadingCristian, F., Exception handling (1989) Dependability of Resilient Computers, pp. 68-97. , Blackwellda Silva Brito, P.H., de Lemos, R., Filho, F.C., Rubira, C.M.F., Architecturecentric fault tolerance with exception handling (2007), Technical Report IC-07-04. State University of Campinas FebruaryBrito, P.H.S., Rocha, C.R., Castor Filho, F., Martins, E., Rubira, C.M.F.: A method for modeling and testing exceptions in component-based software development. In: Maziero, C.A., Silva, J.G., Andrade, A.M.S., Assis Silva, F.M.d. (eds.) LADC 2005. LNCS, 3747, pp. 61-79. Springer, Heidelberg (2005)de Castro Guerra, P.A., Rubira, C., de Lemos, R., A fault-tolerant software architecture for component-based systems (2003) LNCS, 2677, pp. 129-149. , de Lemos, R, Gacek, C, Romanovsky, A, eds, Architecting Dependable Systems, Springer, Heidelbergde Lemos, R., de Castro Guerra, P.A., Rubira, C.M.F., A fault-tolerant architectural approach for dependable system (2006) IEEE Software, 23 (2), pp. 80-87McMillan, K.L., The SMV system (1992), Technical Report CMU-CS-92-131, Carnegie Mellon UniversityGray, J., Reuter, A., (1993) Transaction Processing: Concepts and Techniques, , Morgan Kaufmann, San FranciscoIssarny, V., Banatre, J.P., Architecture-based exception handling (2001) Proceedings of the 34th Annual Hawaii International Conference on System SciencesJackson, D., Alloy: A lightweight object modelling notation (2002) Software Engineering and Methodology, 11 (2), pp. 256-290Jackson, D., Schechter, I., Shlyahter, H., Alcoa: The alloy constraint analyzer (2000) ICSE '00: Proceedings of the 22nd international conference on Software engineering, pp. 730-733. , ACM Press, New YorkLee, P.A., Anderson, T., Fault Tolerance: Principles and Practice (1990) Dependable computing and fault-tolerant systems, , 2nd edn, Springer, Berlin, New YorkLeuschel, M., Butler, M.J.: Prob: A model checker for b. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, 2805, pp. 855-874. Springer, Heidelberg (2003)Parnas, D.L., Würges, H., Response to undesired events in software systems (1976) Proceedings of the 2nd International Conference on Software Engineering, pp. 437-446. , San Francisco, USA, pp, OctoberRandell, B., System structure for software fault tolerance (1975) IEEE Transactions on Software Engineering, 1 (2), pp. 221-232Reimer, D., Srinivasan, H., Analyzing exception usage in large java applications (2003) LNCS, 2743. , Cardelli, L, ed, ECOOP 2003, Springer, HeidelbergSchneider, S., Treharne, H., Communicating b machines (2002) LNCS, 2272, pp. 416-435. , Bert, D, Bowen, J.P, Henson, M.C, Robinson, K, eds, B 2002 and ZB 2002, Springer, HeidelbergSloman, M., Kramer, J., (1987) Distributed systems and computer networks, , Prentice Hall International (UK) Ltd, Hertfordshire, UKTaylor, R.N., Medvidovic, N., Anderson, K., Whitehead, J.E.J., Robbins, J., A component- and message- based architectural style for GUI software (1995) Proceedings of the 17th International Conference on Software Engineering, pp. 295-304. , AprilWeimer, W., Necula, G., Finding and preventing run-time error handling mistakes (2004) Proceedings of OOPSLA, pp. 419-433. , Vancouver, Canada, pp, Octobe