Compatibility checking of heterogeneous Web service policies using VDM++

Web service policies capture the capabilities and requirements of Web services from both functional and nonfunctional perspectives. Policies of a Web service govern and ensure the runtime consistency of the service, i.e., people or services interacting with this service are only allowed to perform legitimate actions. When composing Web services, policies of the participated Web services have to be compatible in order to make sensible compositions. Unfortunately, due to heterogeneity of policy specification languages, it is difficult to compare policies of different Web services directly. In this paper, we propose an approach for compatibility checking of Web service policies specified in difference languages. In particular, our approach applies the model-oriented specification from the Vienna Development Method (VDM++). An executable formal model of policy languages is represented in VDM++ and different policies are then translated to this VDM++ model for compatibility checking. Our approach has been validated by a prototype with different Web service policy languages such as WSPL and WS-Policy. © 2009 IEEE

The 14th Overture Workshop: Towards Analytical Tool Chains

This report contains the proceedings from the 14th Overture workshop organized in connection with the Formal Methods 2016 symposium. This includes nine papers describing different technological progress in relation to the Overture/VDM tool support and its connection with other tools such as Crescendo, Symphony, INTO-CPS, TASTE and ViennaTalk

Towards a user-centric social approach to web services composition, execution, and monitoring

This paper discusses the intertwine of social networks of users and social networks of Web services to compose, execute, and monitor Web services. Each network provides details that permit achieving this intertwine and thus, completing the three operations. A user social-network is used to advise users on the next Web services to select based on their peers’ experiences, whereas a Web service social network is used to advise users on the substitutes to select in case a Web service fails, for example. To make the intertwine of these social networks happen, three components are developed: composer, executor, and monitor. The social composer develops composite Web services considering relations between users and the ones between Web services. The social executor assesses the impact of these relations on these compositeWeb services execution progress. Finally, the social monitor replaces failing Web services to guarantee the execution continuity of these composite Web services. A running example and a prototype illustrate and demonstrate the intertwine of these social networks, respectively.Zakaria Maamar, Noura Faci, Quan Z. Sheng and Lina Ya

Dependable compositions : a formal approach

Design processes for most engineering disciplines are based on component reuse. In much the same way as the need for customizable reuse of software fueled the growth and development of object-oriented programming languages over module-based languages, the same driving force for component-based solutions is leading to object-oriented languages being transcended by component-based composition languages. Existing declarative programming languages are ideally suited to the construction of software components, but are inappropriate for specifying compositions of components in a high level manner. Indeed several composition environments exist that are built on top of object-oriented languages though they fail to supply the level of abstraction required to specify compositions of components. This is particularly true when the components are black boxes. In order to reuse a black box component, an accurate and unambiguous description of the component's functionality must exist. It is doubtful that natural language can fulfil this requirement. This thesis advocates a formal approach to specifying a component and demonstrates that this approach will aid in the composition and verification of component based systems. The thesis presents a general solution to the problem by defining the formal semantics for a composition of components. Building on this work, a formal definition of exceptional component behaviour is provided along with a formal reasoning about component dependability. These then form the basis for the formal definition of a composition specification language and theoretical declarative compositional programming language. Such a language would afford the programmer the tools required to construct a dynamic composition of components.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

The Adoption and Effectiveness of Automation in Health Evidence Synthesis

Background: Health systems worldwide are often informed by evidence-based guidelines which in turn rely heavily on systematic reviews. Systematic reviews are currently hindered by the increasing volume of new research and by its variable quality. Automation has potential to alleviate this problem but is not widely used in health evidence synthesis. This thesis sought to address the following: why is automation adopted (or not), and what effects does it have when it is put into use? / Methods: Roger’s Diffusion of Innovations theory, as a well-established and widely used framework, informed the study design and analysis. Adoption barriers and facilitators were explored through a thematic analysis of guideline developers’ opinions towards automation, and by mapping the adoption journey of a machine learning (ML) tool among Cochrane Information Specialists (CISs). A randomised trial of ML assistance in Risk of Bias (RoB) assessments and a cost-effectiveness analysis of a semi-automated workflow in the maintenance of a living evidence map each evaluated the effects of automation in practice. / Results: Adoption decisions are most strongly informed by the professional cultural expectations of health evidence synthesis. The stringent expectations of systematic reviewers and their users must be met before any other characteristic of an automation technology is considered by potential adopters. Ease-of-use increases in importance as a tool becomes more diffused across a population. Results of the randomised trial showed that ML-assisted RoB assessments were non-inferior to assessments completed entirely by human researcher effort. The cost-effectiveness analysis showed that a semi-automated workflow identified more relevant studies than the manual workflow and was less costly. / Conclusions: Automation can have substantial benefits when integrated into health evidence workflows. Wider adoption of automation tools will be facilitated by ensuring they are aligned with professional values of the field and limited in technical complexity

Proceedings of the RESOLVE Workshop 2002

Proceedings of the RESOLVE Workshop 200

Middleware for Large-scale Distributed Systems

Nos últimos anos o aumento exponencial da utilização de dispositivos móveis e serviços disponibilizados na “Cloud” levou a que a forma como os sistemas são desenhados e implementados mudasse, numa perspectiva de tentar alcançar requisitos que até então não eram essenciais. Analisando esta evolução, com o enorme aumento dos dispositivos móveis, como os “smartphones” e “tablets” fez com que o desenho e implementação de sistemas distribuidos fossem ainda mais importantes nesta área, na tentativa de promover sistemas e aplicações que fossem mais flexíveis, robutos, escaláveis e acima de tudo interoperáveis. A menor capacidade de processamento ou armazenamento destes dispositivos tornou essencial o aparecimento e crescimento de tecnologias que prometem solucionar muitos dos problemas identificados. O aparecimento do conceito de Middleware visa solucionar estas lacunas nos sistemas distribuidos mais evoluídos, promovendo uma solução a nível de organização e desenho da arquitetura dos sistemas, ao memo tempo que fornece comunicações extremamente rápidas, seguras e de confiança. Uma arquitetura baseada em Middleware visa dotar os sistemas de um canal de comunicação que fornece uma forte interoperabilidade, escalabilidade, e segurança na troca de mensagens, entre outras vantagens. Nesta tese vários tipos e exemplos de sistemas distribuídos e são descritos e analisados, assim como uma descrição em detalhe de três protocolos (XMPP, AMQP e DDS) de comunicação, sendo dois deles (XMPP e AMQP) utilzados em projecto reais que serão descritos ao longo desta tese. O principal objetivo da escrita desta tese é demonstrar o estudo e o levantamento do estado da arte relativamente ao conceito de Middleware aplicado a sistemas distribuídos de larga escala, provando que a utilização de um Middleware pode facilitar e agilizar o desenho e desenvolvimento de um sistema distribuído e traz enormes vantagens num futuro próximo.Over the last few years the designing and implementation of applications have evolved to a new breed of applications that are used by a huge number of users at the same time and are capable of being executed in up to thousands of machines physically distributed, even geographically, such as the cloud computing systems, the new concept of “big data” and smart cities. The existence of several components of these systems, distributed in independent machines, brings inevitable issues in terms of designing and implementation of those systems in order to achieve flexible, scalable, robust, reliable and interoperable systems. It is extremely important to design and implement systems that can be capable of providing a communication and coordination among all the components of the system. The concept of implementing a Middleware seems to be a great option to solve most of these issues, allowing a system to communicate with other systems in a really fast, robust and secure way. This thesis pretends to demonstrate that the usage of Middleware technologies to ensure the communication in distributed systems brings a huge number of advantages, such as interoperability between systems, robustness regarding the communication layer, scalability and high speed communications

Integrating Security into the Undergraduate Software Engineering Curriculum

This research included a thorough examination of the existing software assurance or what is commonly called software security knowledge, methodologies and what information security technologies is currently being recommended by the information technology community. Finally it is demonstrated how this security knowledge could be incorporated into the curriculum for undergraduate software engineering

On Modularity In Abstract State Machines

In the field of model based formal methods we investigate the Abstract State Machine (ASM) modularity features. With the growing complexity of systems and the experience gained in more than thirty years of ASM method application a need for more manageable models emerged. We mainly investigate the notion of modules in ASMs as independent interacting components and the ability to identify portions of the machine state with the aim of improving the modelling process. In this thesis we provide a language level semantically well defined solution for (1) the definition of ASM modules as independent services and their communication behaviour; (2) a new construct that operates on the global state of an ASM machine that ease the management of state partitions and their identification; (3) a novel transition rule for the management of computations providing different execution strategies and putting termination condition for the machine inside the specification; (4) a data definition convention along with a new transition rule for their manipulation via pattern matching. In our work we build upon CoreASM, a well-known extensible modelling framework and tool environment for ASMs. The semantic of our modularity constructs is compatible with the one defined for the CoreASM interpreter. This ease the implementation of extension plugins for tool support of modularity features. A real world system use case ground model ends the thesis exemplifying the practical usage of our modularity constructs