16 research outputs found
Analysis and Verification of Service Interaction Protocols - A Brief Survey
Modeling and analysis of interactions among services is a crucial issue in
Service-Oriented Computing. Composing Web services is a complicated task which
requires techniques and tools to verify that the new system will behave
correctly. In this paper, we first overview some formal models proposed in the
literature to describe services. Second, we give a brief survey of verification
techniques that can be used to analyse services and their interaction. Last, we
focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330
On the Automated Synthesis of Enterprise Integration Patterns to Adapt Choreography-based Distributed Systems
The Future Internet is becoming a reality, providing a large-scale computing
environments where a virtually infinite number of available services can be
composed so to fit users' needs. Modern service-oriented applications will be
more and more often built by reusing and assembling distributed services. A key
enabler for this vision is then the ability to automatically compose and
dynamically coordinate software services. Service choreographies are an
emergent Service Engineering (SE) approach to compose together and coordinate
services in a distributed way. When mismatching third-party services are to be
composed, obtaining the distributed coordination and adaptation logic required
to suitably realize a choreography is a non-trivial and error prone task.
Automatic support is then needed. In this direction, this paper leverages
previous work on the automatic synthesis of choreography-based systems, and
describes our preliminary steps towards exploiting Enterprise Integration
Patterns to deal with a form of choreography adaptation.Comment: In Proceedings FOCLASA 2015, arXiv:1512.0694
A Local Logic for Realizability in Web Service Choreographies
Web service choreographies specify conditions on observable interactions
among the services. An important question in this regard is realizability:
given a choreography C, does there exist a set of service implementations I
that conform to C ? Further, if C is realizable, is there an algorithm to
construct implementations in I ? We propose a local temporal logic in which
choreographies can be specified, and for specifications in the logic, we solve
the realizability problem by constructing service implementations (when they
exist) as communicating automata. These are nondeterministic finite state
automata with a coupling relation. We also report on an implementation of the
realizability algorithm and discuss experimental results.Comment: In Proceedings WWV 2014, arXiv:1409.229
Resolving Non-Determinism in Choreographies
Resolving non-deterministic choices of choreographies is a crucial task. We introduce a novel notion of realisability for choreographies –called whole-spectrum implementation– that rules out deterministic implementations of roles that, no matter which context they are placed in, will never follow one of the branches of a non-deterministic choice. We show that, under some conditions, it is decidable whether an implementation is whole-spectrum. As a case study, we analyse the POP protocol under the lens of whole-spectrum implementation
Automated verification of automata communicating via FIFO and bag buffers
International audienceThis article presents new results for the automated verification of automata communicating asynchronously via FIFO or bag buffers. The analysis of such systems is possible by comparing bounded asynchronous compositions using equivalence checking. When the composition exhibits the same behavior for a specific buffer bound, the behavior remains the same for larger bounds. This enables one to check temporal properties on the system for that bound and this ensures that the system will preserve them whatever larger bounds are used for buffers. In this article, we present several decidability results and a semi-algorithm for this problem considering FIFO and bag buffers, respectively, as communication model. We also study various equivalence notions used for comparing the bounded asynchronous systems
Stability of Asynchronously Communicating Systems
Recent software is mostly constructed by reusing and composing existing components. Software components are usually stateful and therefore described using behavioral models such as finite state machines. Asynchronous communication is a classic interaction mechanism used for such software systems. However, analysing communicating systems interacting asynchronously via reliable FIFO buffers is an undecidable problem. A typical approach is to check whether the system is bounded, and if not, the corresponding state space can be made finite by limiting the presence of communication cycles in behavioral models or by fixing buffer sizes. In this paper, we focus on infinite systems and we do not restrict the system by imposing any arbitrary bounds. We introduce a notion of stability and prove that once the system is stable for a specific buffer bound, it remains stable whatever larger bounds are chosen for buffers. This enables us to check certain properties on the system for that bound and to ensure that the system will preserve them whatever larger bounds are used for buffers. We also prove that computing this bound is undecidable but show how we succeed in computing these bounds for many typical examples using heuristics and equivalence checking
Collaboration vs. choreography conformance in BPMN
The BPMN 2.0 standard is a widely used semi-formal notation to model
distributed information systems from different perspectives. The standard makes
available a set of diagrams to represent such perspectives. Choreography
diagrams represent global constraints concerning the interactions among system
components without exposing their internal structure. Collaboration diagrams
instead permit to depict the internal behaviour of a component, also referred
as process, when integrated with others so to represent a possible
implementation of the distributed system.
This paper proposes a design methodology and a formal framework for checking
conformance of choreographies against collaborations. In particular, the paper
presents a direct formal operational semantics for both BPMN choreography and
collaboration diagrams. Conformance aspects are proposed through two relations
defined on top of the defined semantics. The approach benefits from the
availability of a tool we have developed, named C4, that permits to experiment
the theoretical framework in practical contexts. The objective here is to make
the exploited formal methods transparent to system designers, thus fostering a
wider adoption by practitioners
Avoiding diamonds in desynchronisation
The design of concurrent systems often assumes synchronous communication between different parts of a system. When system components are physically apart, this assumption becomes inappropriate. Desynchronisation is a technique that aims to implement a synchronous design in an asynchronous manner by placing buffers between the components of the synchronous design. When queues are used as buffers, the so-called ‘diamond property’ (among others) ensures correct operation of the desynchronised design. However, this property is difficult to establish in practice.
In this paper, we give sufficient and necessary conditions under which a concrete synchronous design (i.e., without the unobservable action) is equivalent to an asynchronous design and formally prove that the diamond property is no longer needed for desynchronisation when half-duplex queues are used as a communication buffer. Furthermore, we discuss how the half-duplex condition can be further relaxed when the diamond property can be partially guaranteed. To illustrate how this theory may be applied, we desynchronise the synchronous systems that are synthesised using supervisory control theory
Dynamic Choreographies: Theory And Implementation
Programming distributed applications free from communication deadlocks and
race conditions is complex. Preserving these properties when applications are
updated at runtime is even harder. We present a choreographic approach for
programming updatable, distributed applications. We define a choreography
language, called Dynamic Interaction-Oriented Choreography (AIOC), that allows
the programmer to specify, from a global viewpoint, which parts of the
application can be updated. At runtime, these parts may be replaced by new AIOC
fragments from outside the application. AIOC programs are compiled, generating
code for each participant in a process-level language called Dynamic
Process-Oriented Choreographies (APOC). We prove that APOC distributed
applications generated from AIOC specifications are deadlock free and race free
and that these properties hold also after any runtime update. We instantiate
the theoretical model above into a programming framework called Adaptable
Interaction-Oriented Choreographies in Jolie (AIOCJ) that comprises an
integrated development environment, a compiler from an extension of AIOCs to
distributed Jolie programs, and a runtime environment to support their
execution.Comment: arXiv admin note: text overlap with arXiv:1407.097
On Resolving Non-determinism in Choreographies
Choreographies specify multiparty interactions via message passing. A realisation of a choreography is a composition of independent processes that behave as specified by the choreography. Existing relations of correctness/completeness between choreographies and realisations are based on models where choices are non-deterministic. Resolving non-deterministic choices into deterministic choices (e.g., conditional statements) is necessary to correctly characterise the relationship between choreographies and their implementations with concrete programming languages. We introduce a notion of realisability for choreographies - called whole-spectrum implementation - where choices are still non-deterministic in choreographies, but are deterministic in their implementations. Our notion of whole spectrum implementation rules out deterministic implementations of roles that, no matter which context they are placed in, will never follow one of the branches of a non-deterministic choice. We give a type discipline for checking whole-spectrum implementations. As a case study, we analyse the POP protocol under the lens of whole-spectrum implementation