SoMeT - A Formal Verification Approach of Conversations in Composite Web Services Using NuSMV

Web service composition is currently a very focused-on topic of research, with many studies being proposed by academic and industrial research groups. This paper discusses the design and verification of behavior of composite Web services. We model composite Web services based on two behaviors, namely control and operational. These behaviors communicate through conversation messages. We use state charts to model composite Web services and verify the synchronization of the conversations among them using symbolic model checking with NuSMV

A formal verification approach of conversations in composite web services using NuSMV

Web service composition is currently a very focused-on topic of research, with many studies being proposed by academic and industrial research groups. This paper discusses the design and verification of behavior of composite Web services. We model composite Web services based on two behaviors, namely control and operational. These behaviors communicate through conversation messages. We use state charts to model composite Web services and verify the synchronization of the conversations among them using symbolic model checking with NuSMV. © 2009 IOS Press. All rights reserved

Symbolic model checking composite Web services using operational and control behaviors

This paper addresses the issue of verifying if composite Web services design meets some desirable properties in terms of deadlock freedom, safety (something bad never happens), and reachability (something good will eventually happen). Composite Web services are modeled based on a separation of concerns between business and control aspects of Web services. This separation is achieved through the design of an operational behavior, which defines the composition functioning according to the Web services\u27 business logic, and a control behavior, which identifies the valid sequences of actions that the operational behavior should follow. These two behaviors are formally defined using automata-based techniques. The proposed approach is model checking-based where the operational behavior is the model to be checked against properties defined in the control behavior. The paper proves that the proposed technique allows checking the soundness and completeness of the design model with respect to the operational and control behaviors. Moreover, automatic translation procedures from the design models to the NuSMV model checker\u27s code and a verification tool are reported in the paper. © 2012 Elsevier Ltd. All rights reserved

A formal verification approach of conversations in compostie Web services

Web service composition is nowadays a very focused-on topic of research by academic and industrial research groups. This thesis discusses the design and verification of behaviors of composite web services. To model composite web services, two behaviors are proposed, namely control and operational. The operational behavior shows the business logic of the process functionality for a composite web service. The control behavior shows the constraints that the operational behavior should satisfy and specifies the states that this behavior should be in. The idea behind this separation is to promote the design, verification and reusability of web services in composite settings. To guarantee their compatibility, these two behaviors communicate and synchronize through conversation messages. State charts are used to model composite web services and symbolic model checking with NuSMV model checker is used to verify their conversations. The properties to be verified are expressed in two logics: Linear Temporal Logic (LTL) and Computation Tree Logic (CTL). A Java-based translation procedure from the design model to SMV program used by NuSMV has been developed and tested in two case studie

Model Checking Commitment-Governed Compositions of Web Services

We propose a new approach towards verifying compositions of web services using model checking. In order to perform such a verification, we transform the web service composition into a Multi-Agent System (MAS) model where the process in charge of the composition and the participating services are represented by agents. We model the behavior of the resulting MAS using the extended Interpreted Systems Programming Language (ISPL+), the dedicated language of the MCMAS+ model checker for MAS. We use commitments between agents to regulate and reason about messages between composite web services. The properties against which the compositions are verified are expressed in the Computation Tree Logic of Commitments (CTLC), an extension of the branching logic CTL that supports commitment modalities. We describe BPEL2ISPL+, a tool we developed to perform the automatic transformation from the web service composition described in Business Process Execution Language (BPEL) into a verifiable MAS model described in ISPL+. The BPEL2ISPL+ tool is applied to a concrete BPEL web service composition and its accurate representation in ISPL+ is obtained. The CTLC properties used to verify the compositions regulated by commitments are represented along with the agents abstracting the participating web services. The MCMAS+ model checker is used to verify the model against these properties, providing thus a new approach to model check agent-based web service compositions governed by commitments

Real-time systems refinement : application to the verification of web services

Les services Web sont des applications distribuées qui sont conçus pour atteindre une tâche spécifique de l'entreprise sur le web. Afin d'augmenter la qualité et d'élever la sécurité des services Web, la vérification de BPEL, un service web langage de composition est considérée. Dans ce contexte, le model checking est une des techniques de vérification les plus utilisés en raison de son exhaustivité, son application facile et automatique. Cependant, un inconvénient majeur du model checking est l'explosion combinatoire en cas de grands modèles. Le raffinement est une des techniques utilisées pour combattre au problème d'explosion. Dans cette thèse, nous étudions le raffinement des systèmes temporisés et son application à des situations réelles, à savoir les modèles BPEL. Pour cela, nous proposons d'abord une technique automatique pour la vérification de la simulation faible temporisée entre des systèmes de transitions temporisé basée sur des modèles issus d'un langage de spécification formelle, FIACRE. La technique est une méthode basée sur l'observation, dans laquelle deux systèmes de transitions temporisés sont composées avec un observateur temporisé. Une propriété de mu-calcul qui capte la simulation faible temporisée est ensuite vérifiée sur le résultat de la composition. En deuxième étape, afin de valider les modèles BPEL, nous proposons une technique qui consiste dans les étapes suivantes: premièrement, les activités BPEL qui ont besoin d'être abstrait sont fournis avec leurs abstractions. Deuxièmement, la source BPEL est transformé en FIACRE en fonction des choix précédents. Troisièmement, les propriétés d'exigences sont vérifiées sur le modèle de FIACRE abstrait. Enfin, les relations de simulation sont prouvés entre les composants concrets et abstraits du modèle.Web services are distributed applications which are designed to achieve a specific business task over the web. In order to increase the security and to elevate the safety of web services, the verification of BPEL, a web services composition language is considered. In this context, model checking is one of the most used verification techniques because of its thoroughness, its easy application, and automatic approach. However, a major drawback of model checking is the combinatory explosion in case of large models. Refinement is one of the used techniques to alleviate the model checking problem. In this PhD, we study the refinement of timed systems and its application to real life scenarios, namely to BPEL models. For this, we first suggest an automatic technique for checking the timed weak simulation between timed transition systems based on models originating from a formal specification language, FIACRE. The technique is an observation-based method in which two timed transition systems are composed with a timed observer. A $\mu$-calculus property that captures the timed weak simulation is then verified upon the result of the composition. At the second stage, in order to validate BPEL models, we suggest a technique that consists in the following steps : first, BPEL activities to-be-abstracted are provided along with their abstractions. Second, the BPEL source is transformed to FIACRE according to the previous choices. Third, domain properties are verified on the abstract FIACRE model. Finally, simulation relations are proven between concrete and abstract parts of the model

Analysis and Verification of Service Interaction Protocols - A Brief Survey

Modeling and analysis of interactions among services is a crucial issue in Service-Oriented Computing. Composing Web services is a complicated task which requires techniques and tools to verify that the new system will behave correctly. In this paper, we first overview some formal models proposed in the literature to describe services. Second, we give a brief survey of verification techniques that can be used to analyse services and their interaction. Last, we focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330

Formal certification and compliance for run-time service environments

With the increased awareness of security and safety of services in on-demand distributed service provisioning (such as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of service properties and tend not to support the run-time monitoring and progressive certification in the service execution environment. In this paper we discuss an approach which provides both design-time and runtime behavioural compliance checking for a services architecture, through enabling a progressive event-driven model-checking technique. Providing an integrated approach to certification and compliance is a challenge however using analysis and monitoring techniques we present such an approach for on-going compliance checking

Specifying and Verifying Contract-driven Composite Web Services: a Model Checking Approach

As a promising computing paradigm in the new era of cross-enterprise e-applications, web services technology works as plugin mode to provide a value-added to applications using Service-Oriented Computing (SOC) and Service-Oriented Architecture (SOA). Verification is an important issue in this paradigm, which focuses on abstract business contracts and where services’ behaviors are generally classified in terms of compliance with / violation of their contracts. However, proposed approaches fail to describe in details both compliance and violation behaviors, how the system can distinguish between them, and how the system reacts after each violation. In this context, specifying and automatically generating verification properties are challenging key issues. This thesis proposes a novel approach towards verifying the compliance with contracts regulating the composition of web services. In this approach, properties against which the system is verified are generated automatically from the composition’s implementation. First, Business Process Execution Language (BPEL)that specifies actions within business processes with web services is extended to create custom activities, called labels. Those labels are used as means to represent the specifications and mark the points the developer aims to verify. A significant advantage of this labeling is the ability to target specific points in the design to be verified, which makes this verification very focused. Second, new translation rules from the extended BPEL into ISPL, the input language of the MCMAS model checker, are provided so that model checking the behavior of our contract-driven compositions is possible. The verification properties are expressed in the CTLC logic, which provides a powerful representation for modeling composition contracts using commitment-based multiagent interactions. A detailed case study with experimental results are also reported ins the thesis