A methodology for automated service level agreement compliance prediction

PhD ThesisService Level Agreement (SLA) specification languages express monitorable contracts between service providers and consumers. It is of interest to determine if predictive models can be derived for SLAs expressed in such languages, if possible in a fashion that is as automated as possible. Assuming that the service developer or user uses some SLA specification languages during the service development or deployment process,the Service level agreement Compliance Prediction(SlaCP) methodology is proposed as a general engineering methodology for predicting SLA compliance.This methodology helps contractual parties to assess the probability of SLA compliance,as automatically as is feasible,by mapping an existing SLA on a stochastic model of the service and using existing numerical solution algorithms or discrete event simulation to solve the model.The SlaCP methodology is generic, but the methodology is mostly described,in this thesis,assuming the use of the Web Service Level Agreement(WSLA)and the Stochastic Discrete Event Systems (SDES)formalism.The approach taken in this methodology is firstly to associate formal semantics with WSLA elements in order to be understood mathematically precise.Then,a five-step mapping process between the source and the target formalisms is conducted.These steps include:mapping into model primitives,reward metrics,expressions for functions of the semetrics,the time at which the prediction occurs,and the ultimate probability of SLA compliance.The proposed methodology is implemented in a software tool that automates most of its steps using Mobius and SPNP.The methodology is evaluated using a case study which shows the methodology’s feasibility and limitations in both theoretical and practical terms.Tishreen University, Ministry of Higher Education in Syri

Model Checking Probabilistic Real-Time Properties for Service-Oriented Systems with Service Level Agreements

The assurance of quality of service properties is an important aspect of service-oriented software engineering. Notations for so-called service level agreements (SLAs), such as the Web Service Level Agreement (WSLA) language, provide a formal syntax to specify such assurances in terms of (legally binding) contracts between a service provider and a customer. On the other hand, formal methods for verification of probabilistic real-time behavior have reached a level of expressiveness and efficiency which allows to apply them in real-world scenarios. In this paper, we suggest to employ the recently introduced model of Interval Probabilistic Timed Automata (IPTA) for formal verification of QoS properties of service-oriented systems. Specifically, we show that IPTA in contrast to Probabilistic Timed Automata (PTA) are able to capture the guarantees specified in SLAs directly. A particular challenge in the analysis of IPTA is the fact that their naive semantics usually yields an infinite set of states and infinitely-branching transitions. However, using symbolic representations, IPTA can be analyzed rather efficiently. We have developed the first implementation of an IPTA model checker by extending the PRISM tool and show that model checking IPTA is only slightly more expensive than model checking comparable PTA.Comment: In Proceedings INFINITY 2011, arXiv:1111.267

Monotony in Service Orchestrations

Web Service orchestrations are compositions of different Web Services to form a new service. The services called during the orchestration guarantee a given performance to the orchestrater, usually in the form of contracts. These contracts can be used by the orchestrater to deduce the contract it can offer to its own clients, by performing contract composition. An implicit assumption in contract based QoS management is: "the better the component services perform, the better the orchestration's performance will be". Thus, contract based QoS management for Web services orchestrations implicitly assumes monotony. In some orchestrations, however, monotony can be violated, i.e., the performance of the orchestration improves when the performance of a component service degrades. This is highly undesirable since it can render the process of contract composition inconsistent. In this paper we define monotony for orchestrations modelled by Colored Occurrence Nets (CO-nets) and we characterize the classes of monotonic orchestrations. We show that few orchestrations are indeed monotonic, mostly since latency can be traded for quality of data. We also propose a sound refinement of monotony, called conditional monotony, which forbids this kind of cheating and show that conditional monotony is widely satisfied by orchestrations. This finding leads to reconsidering the way SLAs should be formulated

SLA Calculus

For modeling Service-Oriented Architectures (SOAs) and validating worst-case performance guarantees a deterministic modeling method with efficient analysis is presented. Upper and lower bounds for delay and workload in systems are used to describe performance contracts. The SLA Calculus allows one to combine model descriptions for single systems and to derive bounds for reaction time and capacity of composed systems with analytic means. The intended, but not exclusive modeling domain for SLA Calculus are distributed software systems with reaction time constraints. SOAs are a system design paradigm that encapsulate software functions in service applications. Due to their standardized interfaces and accessibility via networks, large systems can be composed from smaller services and presented as services again. A well-known implementation of the service paradigm are Web Services that allow applications with components connected by the Internet. Own services and those rented from providers can be transparently combined by users. Performance guarantees for SOAs gain importance with more complex systems and applications in business environments When a service is rented by a customer the provider agrees upon a Service Level Agreement (SLA) with conditions concerning interface, pricing and performance. Service reaction time in form of delay is an important part in many SLAs and subject to performance models discussed in this work. With SLAs providers implicate a maximum delay for their products when the customer limits the workload to their systems. Hence customers expect the contracted service provider to deliver the performance figures unless the workload exceeds the SLA. Since contract penalties could apply, providers have a natural interest in dimensioning their service in regard to the SLA. Even for maximum workloads specified in the contracts the worst-case delay has to hold. Moreover, due to the compositional nature of Web Services, customers become providers themselves when they offer their service compositions to others. Again, worst-case performance bounds are of major interest here. Analyzing models of SOAs is an option to plan, dimension and validate service performance. For system modeling and analysis many methods exist. Queueing Systems and simulation are two well-known approaches in computer science. They provide average and thus long-term performance numbers quite easily using, probabilistic workload and service process descriptions. Deriving system behavior in worst-case situations for performance guarantees is elaborative and can be impossible for more complex systems. Receiving delay bounds usable in SLAs for SOAs by model analysis is still a research issue. A promising candidate to model SOA with SLAs is Network Calculus, an analytical method to derive performance bounds for network components. Given deterministic descriptions for arrival to and service in a network node hard bounds for network delay and the required buffer memory in routers are computed. A fine-granular separation between short- and long-term goals is possible. Network Calculus models also feature composition of elements and fast analytical analysis. When applied to SOAs with SLAs the problem arises that SLAs are not suitable as a system description and information source for Network Calculus models. Especially the internal service capacity is not exposed by SLAs, since providers consider them as a business secret. Without service process descriptions Network Calculus models cannot be analyzed. The SLA Calculus is presented as a solution to this problem. As a novel contribution for deterministic model analysis for SOAs, SLA Calculus is an extension to Network Calculus. Instead of service process descriptions, it uses information on latency to characterize a system. Delay of services is not a scalar analysis result anymore, it becomes a process over time that is bound with Network Calculus-style curves, the delay curves. Together with arrival curves the performance contracts in SLAs are formalized by so-called SLA Delay Properties (SDPs) as a description for the service performance in worst-case. Service composition can be modeled by serial and parallel combination of SDPs. The necessary theorems for the resulting worst-case bounds are given and proved. We will present a method to transfer these performance figures to the missing service process description again. Apart from basic theory we will also consider solutions for practical modeling situations. An algorithm to extract arrival and delay curves from measurements, enables the modeler to include already existing systems without given SLAs as model elements. Finally, we will sketch a selection method in form of an optimization problem for services to support the dynamic service selection in SOAs with a Service Broker. SLA Calculus model analysis will deliver deterministic upper and lower bounds for workload capacities and response times. For upper bounds the worst-case is assumed, thus bounds are pessimistic. The advantage of SLA Calculus is the ability to compute these bounds very fast and to give system modelers a quick overview on system characteristics considering extreme situations. In other modeling methods a lengthy transient analysis would be required. The strict perspective towards worst-case brought up another analysis target: Until now, relatively little attention was paid to contract conformance between subsequent services within service compositions. When services offer different workload capacities the arrival rate to the system needs to be adjusted to avoid bottlenecks. Additionally, for service compositions no response time contract can be guaranteed without internal buffering to enforce a common arrival rate. SLA Calculus unveils the necessary buffer delays and is able to bound them

Language support for service-level agreements for application-service provision

My thesis is that practical language support can be provided for Service-Level Agreements (SLAs) for Application-Service Provision (ASP), which is better than that provided by pre-existing languages in that: it provides greater assistance in expressing conditions that mitigate the risks inherent in ASP; and disputes related to agreements expressed in this manner may be more easily resolved in so as to respect the original intent of the parties. I support this thesis by establishing requirements for SLAs for ASP based on an account of a typical ASP infrastructure and business model. These identify the particular risks inherent in ASP, permit comparisons between ASP SLA languages, and guide the development of an abstract, extensible, domain-specific language, SLAng. SLAng is defined using a meta-modelling approach that allows a high degree of precision in the specification of its semantics, traceability from SLA to language specification, and the testing of the language and SLAs to ensure they capture the original intent of the parties. SLAng supports the expression of mutually-monitorable SLAs, for which the determination of compliance depends only on events visible to both client and provider of the service. I demonstrate that such SLAs are the most monitorable possible in a typical ASP scenario, given current monitoring technology, and describe an approximately-monitorable constraint on the accuracy of evidence used to administer such SLAs. SLAng is shown to be of practical use in a case study, evaluated against the original requirements, and compared with pre-existing languages. The evaluation of SLAng is enhanced using metrics developed to assist in assessing the contribution of a domain-specific language specification to encoding the meaning of statements in that language

A scalability analysis of grid allocation mechanisms

This article examines the broker's behavior with regard to a varying number of participating nodes and shows that incremental losses have to be accepted in central resource allocation when introducing new nodes. --Grid Computing

Flexible provisioning of Web service workflows

Web services promise to revolutionise the way computational resources and business processes are offered and invoked in open, distributed systems, such as the Internet. These services are described using machine-readable meta-data, which enables consumer applications to automatically discover and provision suitable services for their workflows at run-time. However, current approaches have typically assumed service descriptions are accurate and deterministic, and so have neglected to account for the fact that services in these open systems are inherently unreliable and uncertain. Specifically, network failures, software bugs and competition for services may regularly lead to execution delays or even service failures. To address this problem, the process of provisioning services needs to be performed in a more flexible manner than has so far been considered, in order to proactively deal with failures and to recover workflows that have partially failed. To this end, we devise and present a heuristic strategy that varies the provisioning of services according to their predicted performance. Using simulation, we then benchmark our algorithm and show that it leads to a 700% improvement in average utility, while successfully completing up to eight times as many workflows as approaches that do not consider service failures