Semantic verification of Behavior Conformance

This paper introduces a formal yet practical method to verify whether the behavior design of a distributed application conforms to the behavior design of the enterprise in which the application is embedded. The method allows both enterprise architects and application architects to talk about designs in their own terms, and introduces a common set of terms as the linking pin between enterprise and application designs. The formal semantics of these common terms allows us to verify the conformance between an enterprise and its applications formally and automatically

Advanced Design Concepts for Open Distributed Systems Development

Experience with the engineering of large scale open distributed systems has shown that their design should be specified at several well-defined levels of abstraction, in which each level aims at satisfying specific user, architectural, and implementation needs. Therefore, designers should dispose of a comprehensive design methodology, which allows them to conceive a specification at a certain abstraction level and transform this specification into a conforming specification at a lower abstraction level. The collection of these transformations should abridge the total design trajectory from initial user requirements to final implementation. The authors present and discuss some advanced design concepts that provide a basis for such a design methodolog

A model-based approach to service creation

This paper presents a model-based approach to support service creation. In this approach, services are assumed to be created from (available) software components. The creation process may involve multiple design steps in which the requested service is repeatedly decomposed into more detailed functional parts, until these parts can be mapped onto software components. A modelling language is used to express and enable analysis of the resulting designs, in particular the behaviour aspects. Methods are needed to verify the correctness of each design step. A technique called behaviour refinement is introduced to assess the conformance relation between an abstract behaviour and a more concrete (detailed) behaviour. This technique is based on the application of abstraction rules to determine the abstraction of the concrete behaviour such that the obtained abstraction can be compared to the original abstract behaviour. The application of this refinement technique throughout the creation process enforces the correctness of the created servic

Security policy refinement using data integration: a position paper.

In spite of the wide adoption of policy-based approaches for security management, and many existing treatments of policy verification and analysis, relatively little attention has been paid to policy refinement: the problem of deriving lower-level, runnable policies from higher-level policies, policy goals, and specifications. In this paper we present our initial ideas on this task, using and adapting concepts from data integration. We take a view of policies as governing the performance of an action on a target by a subject, possibly with certain conditions. Transformation rules are applied to these components of a policy in a structured way, in order to translate the policy into more refined terms; the transformation rules we use are similar to those of global-as-view database schema mappings, or to extensions thereof. We illustrate our ideas with an example. Copyright 2009 ACM

An Engineering Approach towards Action Refinement

In the abstract modelling of distributed systems we may need methods to replace abstract behaviours by more concrete behaviours which are closer to implementation mechanisms. Furthermore, we may want these methods to preserve the correctness of such a replacement. This paper introduces an approach towards action refinement in which an abstract action is replaced by a concrete activity. This approach is based on a careful consideration of the `action' and `causality relation' architectural concepts, which enable an abstract action to be replaced by many alternative concrete activities in a general way. This approach is based on the application of abstraction rules to determine whether a concrete activity conforms to an abstract action, considering the context in which the concrete activity and the abstract action are embedde