Verification of communication protocols in web-services

The last decade has seen a massive migration towards the service oriented paradigm that has resulted in 1) resolving the software interoperability issues, 2) increased re-usability of the code, 3) easy inter-application communications, and 4) significant cost reduction. However, individual web-services seldom meet the business requirements of an application. Usually an application life-cycle involves interacting with several web-services based on its workflow. Considering that this might require 1) sharing data with multiple services, 2) tracking the response for each service request, 3) tracking and compensating the service failures, etc., usually a domain-specific language is used for service composition. Each service has an interface to outline its functionality and they are composed based on these interfaces. Nevertheless, any error or omission in these exposed interfaces could result in a myriad of glitches in the composition and the overlying application. This is further exacerbated by dynamic service composition techniques wherein services could be added, removed or updated at runtime. Consequently service consuming applications heavily depend on the verification techniques to vouch for their reliability and usability. The scope of applications based on service composition is rapidly expanding into critical domains where the stakes are high (e.g. stock markets). Consequently their reliability cannot be solely based on testing, wherein educated guesses are involved. Model-checking is a formal method that has an unprecedented ability to endorse the correctness of a system. It involves modeling a system before verifying it for a set of properties using a model-checking tool. However it has hitherto been sparingly used because of the associated time and memory requirements. This thesis proposes novel solutions to deal with these limitations in verifying a service composition. We propose a technique for modeling a service composition prior to verifying it using a model-checking tool. Compared to existing techniques that are ad-hoc and temporary, our solution streamlines the transformation by introducing a generic framework that transforms the composition into intermediate data transfer objects (DTOs) before the actual modeling. These DTOs help in automating the transformation by allowing access to the required information programmatically. The experimental results indicate that the framework takes less than a second (on average) in transforming BPEL specifications. The solution is made more appealing by further reducing the aforementioned time and memory requirements for model-checking. The additional reduction in memory is attributed to storing the states as the difference from an adjoining state. The reduction in time is realized by exploring the modules of a hierarchical model concurrently. These techniques offer up to 95% reduction in memory requirements and 86% reduction in time requirements. Furthermore, the time reduction technique is also extended to non-hierarchical models. This involves introducing hierarchy into a flat model in linear time before applying the time reduction techniques. As compared to other techniques, our method ensures that the transformed model is equivalent to the original model