Dependability analysis of web services

Web Services form the basis of the web based eCommerce eScience applications so it is vital that robust services are developed. Traditional validation and verification techniques are centred around the concept of removing all faults to guarantee correct operation whereas Dependability gives an assessment of how dependably a system can deliver the required functionality by assessing attributes, and by eliminating threats via means attempts to improve dependability. Fault injection is a well-proven dependability assessment method. Although much work has been done in the area of fault injection and distributed systems in general, there appears to have been little research carried out on applying this to middleware systems and Web Services in particular. There are additional problems associated with applying existing fault injection technologies to Web Services running in a virtual machine environment since most are either invasive or work at a machine level. The Fault Injection Technology (FIT) method has been devised to address these problems for middleware systems. The Web Service-Fault Injection Technology (WS-FIT) implementation applies the FIT method, based on network level fault injection, to Web Services to create a non-invasive dependability assessment method. It allows targeted perturbation of Web Service RFC parameters as well as more traditional network level fault injection operations. The WS-FIT tool includes taxonomies that define a system under test, fault models to apply and failure modes to be detected, and uses these taxonomies to generate fault injection campaigns. WS-FIT has been applied to a number of case studies and has successfully demonstrated its effectiveness. It has also been successfully applied to a third-party system to evaluate dependability means. It performed this dependability assessment as well as allowing debugging of the means to be undertaken uncovering unknown faults

Fault injection testing method of software implemented fault tolerance mechanisms of web service systems

Testing Web Services applications and their Fault Tolerance Mechanisms (FTMs) is crucial for the development of today's applications. The performance and FTMs of composed service systems are hard to measure at design time because service instability is often caused by the nature of the network. Testing in a real internet environment is difficult to set up and control. However, the adequacy of FTMs and the performance of Web Service applications can be tested efficiently by injecting faults and observing how the target system performs under faulty conditions. This thesis investigates what is involved in testing the software-implemented fault tolerance mechanisms of Web Service systems through fault injection. We have developed a fault injection toolkit that emulates a WAN within a LAN environment between composed service components and offers full control over the emulated environments, in addition to the ability to inject communication and specific software faults. The tool also generates background workloads on the tested system for producing more realistic results. The testing method requires that the target system be constructed as a collection of Web Services applications interacting via messages. This enables the insertion of faults into the target system to emulate the incorrect behaviour of faulty conditions by injecting communication faults and manipulating messages. This approach allows the injection of faults while not requiring any significant changes to the target system. This testing method injects two classes of faults, manly communication and interface faults due to their big impact on Web service system dependability. The method differs from the previous work not only by injecting communication faults based on a Wide Area Network emulator, but also in its ability to inject a combination of communication and interface faults, which could cause what are called Byzantine faults (Arbitrary faults) at the application level. The proposed fault injection method has been applied to test a Web Service system deploying what is called a WS-Mediator for improving the system reliability. The WS-Mediator claims to offer comprehensive off-the-shelf fault tolerance mechanisms to cope with various kinds of typical Web Service application scenarios. We chose to use the N-version programming mechanism offered by the WS-Mediator, which has been tested through out tool. The testing demonstrated the usefulness of the method and its capacity to test the target system under different circumstances and faulty conditions.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Web services robustness testing

Web services are a new paradigm for building software applications that has many advantages over the previous paradigms; however, Web Services are still not widely used because Service Requesters do not trust services that were built by others. Testing can assuage this problem because it can be used to assess the quality attributes of Web Services. This thesis proposes a framework and presents a proof of concept tool that can be used to test the robustness and other related attributes of a Web Service. The tool can be easily enhanced to assess other quality attributes. The framework is based on analyzing Web Services Description Language (WSDL) documents of Web Services to find what faults could affect the robustness quality attributes. After that using these faults to build test case generation rules to assess the robustness quality attribute of Web Services. This framework will give a better understanding of the faults that may affect the robustness quality attribute of Web Services, how these faults are related to the interface or the contract of a Web Service under test, and what testing techniques can be used to detect such faults. The approach used in this thesis for building test cases for Web Services was used with many examples in order to demonstrate its effectiveness; these examples have shown that the approach and the proof of concept tool are able to assess the robustness of Web Services implementation and Web Services platforms. Four hundred and two test clients were automatically built by the tool, based on the test cases rules, to assess the robustness of these Web Services examples. These test clients detected eleven robustness failures in the Web Services implementations and nine robustness failures in the Web Services platforms. Also the approach was able to help in comparing the robustness of two different Web Services platforms, namely Axis and GLUE. After deploying the same Web Services in both of these platforms; Axis showed less robustness and security failures than GLUE

Dependable IPTV Hosting

This research focuses on the challenges of hosting 3rd party RESTful applications that have to meet specific dependability standards. To provide a proof of concept I have implemented an architecture and framework for the use case of internet protocol television. Delivering TV services via internet protocols over high-speed connections is commonly referred to as IPTV (internet protocol television). Similar to the app-stores of smartphones, IPTV platforms enable the emergence of IPTV services in which 3rd party developers provide services to consumer that add value to the IPTV experience. A key issue in the IPTV ecosystem is that currently telecommunications IPTV providers do not have a system that allows 3rd party developers to create applications that meet their standards. The main challenges are that the 3rd party applications must be dependable, scalable and adhere to service level agreements. This research provides an architecture and framework to overcome these challenges

WS-mediator for improving dependability of service composition

Web Services and service-oriented architectures (SOAs) represent a new paradigm for building distributed computing applications. In recent years, they have started to play a critical role in numerous e-Science and e-Commerce applications. The advantages of Web Services, such as their loosely coupled architecture and standardized interoperability, make them a desirable platform, especially for developing large-scale applications such as those based on cross-organizational service composition. However, the Web Service technology is now facing many serious issues that need to be addressed, one of the most important ones being the dependability of their composition. Web Service composition relies on individual component services and computer networks, particularly the Internet. As the component services are autonomous, prior to use their dependability is unknown. In addition to that, computer networks are inherently unreliable media: from the user's perspective, network failures may undermine the dependability of Web Services. Consequently, failures of individual component services and of the network can undermine the dependability of the entire application relying on service composition. Our research is intended to contribute to achieving higher dependability of Web Service composition. We have developed a novel solution, called WS-Mediator system, implementing resilience-explicit computing and fault tolerance mechanisms to improve the dependability of Web Service composition. It consists of a number of subsystems, called Sub-Mediators, which are deployed at various geographical locations across the Internet to monitor Web Services and dynamically generate Web Service dependability metadata in order to make resilience-explicit decisions. In addition to applying the fault tolerance mechanisms that deal with various kinds of faults during the service composition, the resilience-explicit reconfiguration mechanism dynamically selects the most dependable Web Services to achieve higher service composition dependability fault tolerance. A specific instance of the WS-Mediator architecture has been developed in the Java Web Service technology. A series of experiments with real-world Web Services, in particular in the bioinformatics domain, have been carried out using the Java WS- Mediator. The results of the experiments have demonstrated the applicability of the WS-Mediator approach.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Conception et mise en oeuvre d'une plate-forme pour la sûreté de fonctionnement des services Web

Les Services Web (SW) constituent la technologie de base pour le développement d'Architectures Orientées Services (AOS). Ces architectures, de plus en plus répandues sur le Net, permettent de mettre en place des applications semi-critiques à échelle planétaire. Elles se basent sur la notion de relation de "service" formalisée par un contrat qui unit le client et le prestataire de services. Dans ce type d'applications, les développeurs d'applications orientées services regardent les Services Web comme des COTS (Component Off-The Shell) et ignorent donc leurs implémentations et leurs comportements en présence de fautes. Dans ce but, cette thèse introduit, dans ce nouveau contexte, la notion de « connecteurs spécifiques de tolérance aux fautes » (SFTC – Specific Fault Tolerance Connectors) capable d'implémenter des applications sûres de fonctionnement à partir de Services Web supposés non-fiables. Composants logiciels insérés entre les clients et les prestataires, les SFTC implémentent des filtres et différentes techniques de détection d'erreurs ainsi que des mécanismes de recouvrement qui sont déclenchés quand les Services Web ne satisfont plus les caractéristiques de sûreté demandées. L'originalité de cette approche est d'utilisé une particularité intéressante du Web qui est la redondance inhérente des services qui s'y trouvent. Cette propriété a permis de définir le concept de Services Web Abstrait (SWA) et de mettre en place des stratégies de recouvrement à l'aide de services équivalents. Ainsi, les « connecteurs » et les « SWA », introduits dans les architectures orientées services, fournissent une approche plus adaptable pour permettre, à des mécanismes de sûreté, d'être définis au cas par cas pour une utilisation donnée du Service Web et d'être modifiés selon la criticité de l'application. Ainsi, mes travaux de recherches ont permis de fournir aux développeurs d'Architectures Orientées Services : 1) le langage nommé DeWeL pour décrire les caractéristiques de sûreté de fonctionnement du connecteur. Ce langage dédié à la réalisation de connecteur impose de fortes restrictions inspirées du monde des logiciels critiques du ferroviaire et de l'avionique afin de diminuer de façon drastique des fautes de développement. 2) l'infrastructure IWSD pour dynamiquement contrôler et exécuter les connecteurs dans des applications critiques. Cette plateforme, réalisé en mode duplex pour tolérer les fautes matérielles et logicielles, permet d'exécuter de façon sûres les connecteurs crées et d'obtenir également des informations sur le caractère non-fonctionnel et opérationnel des Services Web ciblés. Ces informations sont capitales pour permettre aux développeurs de connecteurs d'affiner leurs actions de tolérances aux fautes pour l'application ciblée. Environ deux cents connecteurs ont été implémentés afin de réaliser des tests sur la performance et la robustesse du langage et de la plate-forme permettant ainsi de valider cette approche capable de déployer des applications orientées services semi-critiques tolérant les fautes à l'aide de SWA. ABSTRACT : Web Services (WS) technology is the basis for the development of Service Oriented Architectures (SOA). These architectures are increasingly widespread on the Net and enable developers to implement semi-critical planetary applications. Such applications are based on the notion of service and its attached contract. The contract links a client and a service provider. In this kind of applications, application developers look at Web Services as COTS (Commercial Off-The- Shelf) components, consequently they ignore their implementation and their behaviour in the presence of faults. The thesis proposes the notion of Specific Fault Tolerance Connectors (SFTC) to implement dependable applications out of unreliable Web Services. The connectors intercept client-provider requests and implement filtering, error detection techniques (e.g. runtime assertions) together with recovery mechanisms that are triggered when the WS does not satisfy anymore the dependability specifications. The originality of this approach relies on using an interesting feature of the Web that is the inherent redundancy of services. To take advantage of this, we define the concept of Abstract Web Services (AWS) to implement recovery strategies using equivalent services. Thus, "connectors” and “AWS” allow dependability mechanisms to be defined on a case-by-case basis for a given WS usage and possibly dynamically changed according to the needs. Two specific techniques and tools have been designed and implemented to help developers of Services Oriented Architectures : 1) A domain specific language named DeWeL (DEpendable Web services Language) describing the dependability features of a connector. This language is devoted to the realization of connectors. It imposes strong restrictions enforced by standards for critical railway and avionics software in order to reduce software development faults. 2) A support infrastructure named IWSD (Infrastructure for Web Services Dependability) to dynamically manage and run connectors in real applications. This platform is implemented in duplex mode to tolerate crash faults and provides core services. In particular, it provides support to run connectors and get information on the non-functional and operational behaviour of the targeted Web Services. This information is essential to help developers of connector to adjust their fault-tolerance actions to specific application needs. Approximately two hundred connectors have been implemented in order to realize performance and robustness tests of the language and the platform. These experiments show the interest of our approach to deploy fault-tolerant service oriented applications using AW

Dependability Assessment of Android OS

In this brave new world of smartphone-dependent society, dependability is a strong requirement and needs to be addressed properly. Assessing the dependability of these mobile system is still an open issue, and companies should have the tools to improve their devices and beat the competition against other vendors. The main objective of this dissertation is to provide the methods to assess the dependability of mobile OS, fundamental for further improvements. Mobile OS are threatened mainly by traditional residual faults (when errors spread across components as failures), aging-related faults (when errors accumulate over time), and misuses by users and applications. This thesis faces these three aspects. First, it presents a qualitative method to define the fault model of a mobile OS, and an exhaustive fault model for Android. I designed and developed AndroFIT, a novel fault injection tool for Android smartphone, and performed an extensive fault injection campaign on three Android devices from different vendors to analyze the impact of component failure on the mobile OS. Second, it presents an experimental methodology to analyze the software aging phenomenon in mobile OS. I performed a software aging analysis campaign on Android devices to identify the impacting factors on performance degradation and resource consumption. Third, it presents the design and implementation of a novel fuzzing tool, namely Chizpurfle, able to automatically test Android vendor customizations by leveraging code coverage information at run-time

How Practical Are Intrusion-Tolerant Distributed Systems?

Building secure, inviolable systems using traditional mechanisms is becoming increasingly an unattainable goal. The recognition of this fact has fostered the interest in alternative approaches to security such as intrusion tolerance, which applies fault tolerance concepts and techniques to security problems. Albeit this area is quite promising, intrusion-tolerant distributed systems typically rely on the assumption that the system components fail or are compromised independently. This is a strong assumption that has been repeatedly questioned. In this paper we discuss how this assumption can be implemented in practice using diversity of system components. We present a taxonomy of axes of diversity and discuss how they provide failure independence. Furthermore, we provide a practical example of an intrusion-tolerant system built using diversity

Robustness testing of a reliable infrastructure for web service-based architectures

Orientador: Eliane MartinsDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Os sistemas baseados em serviços Web estão suscetíveis a diversos tipos de falhas, entre elas, as causadas pelo ambiente em que operam, a Internet, que está sujeita a sofrer com problemas como, atrasos de entrega de mensagem, queda de conexão, mensagens inválidas entre outros. Para que estas falhas não causem um problema maior para quem está interagindo com o serviço Web, existem soluções, como é o caso do Archmeds, que fornece uma infraestrutura confiável que melhora a confiabilidade e disponibilidade dos sistemas baseados em serviços Web. Mas, para o Archmeds ser uma solução confiável, ele também deve ser testado, pois ele também é um sistema que está sujeito a ter defeitos. Por isso, este trabalho propõe uma abordagem para teste de robustez no Archmeds e para isso, contou com o desenvolvimento de uma ferramenta de injeção de falhas chamada WSInject, que utiliza falhas de comunicação e dados de entrada inválidos nos parâmetros das chamadas aos serviços. Com isso espera-se emular as falhas do ambiente real de operação dos serviços Web e revelar os defeitos do sistema sob teste. Este trabalho também levou em conta que o Archmeds é uma composição de serviços Web, por isso também propõe uma abordagem para testar composições de serviços. Com os resultados deste estudo de caso, espera-se que esta abordagem de teste de robustez possa ser reutilizada para outros sistemas baseados em serviços WebAbstract: Web service-based systems are subject to different types of faults, among them, the ones caused by the environment in which they work, which is the Internet. These faults could be problems like delay of message, connection loss, invalid message request, and others. To avoid that these faults do not become a bigger problem for the clients who are interacting with the Web service, a solution can be the use of a reliable infrastructure, like Archmeds, to increases the reliability and availability of the Web-service-based systems. Although Archmeds is a solution with the aim to increase the reliability of Web services, it is also subject to faults and for this reason, it should also be tested. This work proposes an approach to test the robustness of Archmeds and to reach this goal, a fault injection tool, called WSInject, was developed. It uses communication faults and invalid inputs into services calls. In order to reveal the failures, these faults aim to emulate the real ones that affect the Web services in the real operational environment. This work also took into account that Archmeds is a Web service composition and for this reason, it was created an approach to test it. With the results of this case study, it is expected that this approach can be adapted to others applications based in Web services technologyMestradoCiência da ComputaçãoMestre em Ciência da Computaçã