Dynamic Maintenance of Service Orchestrations

International audienceService-oriented architectures evolved rapidly as the solution to the latest requirements for loosely-coupled distributed computing. Into this broad context several approaches emerged towards the discovery and the systematic composition/orchestration of services. One of the next challenges in this field is the maintenance of service-oriented architectures towards accomplishing the ultimate goal of constructing eternal service-oriented systems out of loosely- coupled basic engineering elements. The particular problem we deal with in this paper is the dynamic maintenance of service orchestrations in the presence of unavailable services. Specifically, we focus on the dynamic substitution of stateful services that become unavailable during the execution of service orchestrations. As an answer to this problem, we propose the SIROCO middleware platform which is further detailed along with an experimental evaluation of our first prototype. Our findings show that SIROCO provides the necessary means for achieving dynamic maintenance with a reasonable expense on the execution of service orchestrations

Mobility management in B3G networks: a middleware-based approach

International audienceThe B3G (Beyond 3G) networking will enable mobile users to roam freely through heterogeneous networks on an all-IP platform. However, mobility handling in such an environment poses new challenges. Traditionally, mobility protocols such as Mobile IP, SIP and SCTP are used to manage mobility in B3G, but they require telecommunication companies to either modify existing network infrastructures or deploy central entities in the network core to handle mobility. This is not feasible in a fully distributed computing environment (e.g., P2P) and mobile ad hoc networks that are part of B3G networking. As an alternative, this paper introduces a middleware component with modularized functionalities to facilitate mobility management in a fully distributed B3G environment

Process and tool support for design patterns with safety requirements

The requirement for higher Security and Dependability (S&D) of systems is continuously increasing, even in domains tradi-tionally not deeply involved in such issues. Nowadays, many practitioners express their worries about current S&D software engineering practices. New recommendations should be considered to ground this discipline on two pillars: solid theory and proven principles. We took the second pillar towards software engineering for embedded system applications, focusing on the problem of integrating S&D by design to foster reuse. In this paper, we propose to combine design patterns and Model Driven Engineering (MDE) techniques for building component-based applications with safety requirements. The resulting modeling framework serves primarily to capture the basic concepts for specifying safety-oriented design patterns, building an S&D pattern system, and maintain safety properties, with existing modeling artifacts, during the engineering process based on the S&D pattern system. As a proof of concept, we are evaluating the feasibility of the framework through the example of the MooN pattern system for building systems having safety requirements: Communication Based Train Control (CBTC)

Reconfiguration dynamique des architectures orientées services

Runtime service reconfiguration is put forward as one of the means by which we may provide dependable service-oriented architectures (SOA), and more precisely, continuity in service provisioning, and robustness in the presence of change. Indeed, with the advent of wireless networks, computing environments are becoming highly dynamic. From a user-oriented point of view, this dynamics comes at the price of dependability, due to runtime variations in terms of (1) service availability, and (2) network connection/infrastructure availability, according to user/service mobility. In this context, the main focus of this thesis is to incorporate support for dynamic reconfiguration in SOA systems, in order to tolerate runtime variations and ensure continuity in service provisioning for the users. In particular, we focus on middleware support for runtime service reconfiguration. Our main contribution consists in enabling service continuity by (1) substituting a service that becomes unavailable at runtime with a semantically similar one, and (2) translating and transferring the current state of interaction to the substitute service in order to resume the execution after its interruption. The need for state translation is due to the environments' heterogeneity, since the unavailable and substitute services are not assumed to be identically implemented, nor are they identically described. However, state translation may not be sufficient to guarantee state compatibility between the substitute service and the unavailable one: in some cases, the substitute service may be compatible with an earlier state of interaction, instead of the last one. Hence, we need to invalidate a set of results performed by the unavailable service, in order to synchronize the state of the substitute service. Indeed, the execution of the substitute service may provide different results from those provided by the execution of the unavailable service. In the case of service composition, still-available services –involved in the SOA system– may be affected by the substitution due to their data dependencies with the substituted service. Thus, the middleware synchronizes the state of still-available services according to the state transferred to the substitute service. The outcome of our contribution is SIROCCO (ServIce Reconfiguration upOn serviCe unavailability and Connectivity lOss), a middleware infrastructure that enables transparent runtime reconfiguration of SOA systems upon service unavailability. The middleware discovers candidate substitute services that can be used in the place of the service that becomes unavailable. It then tries to identify the best service amongst these candidates that can be used as an actual substitute. In the best case, the selected substitute service must be such that its current state can be synchronized with the last state of the service that is substituted. In the case of service composition, the middleware also checks data dependencies with the still-available services and synchronizes their state with respect to the transferred state. The above concepts of SIROCCO are discussed along with an experimental evaluation of our prototype. Our findings show that SIROCCO provides the necessary means for achieving dynamic service reconfiguration, where the gain in close-to-seamless continuity in service provisioning outweighs the computing and communication overhead on the execution of the SOA system.Reconfiguration dynamique des architectures orientées service

Dynamic reconfiguration of service-oriented architectures

La reconfiguration de service pendant l'exécution est mise en avant comme étant l'un des moyens par lesquels nous permettons d améliorer la fiabilité des architectures orientées services (SOA), et plus précisément, la continuité d'approvisionnement de services, et la robustesse en présence du changement.En effet, avec l'avènement des réseaux sans fil, les environnements informatiques deviennent hautement dynamiques. D'un point de vue utilisateur, cette dynamique se fait au prix de la fiabilité, en raison des changements pendant l'exécution en termes de disponibilité (1) de services, et (2) de la connexion/infrastructures réseau, selon la mobilité de l'utilisateur ou des services. Dans ce contexte, l'objectif principal de cette thèse est d'inclure un soutien pour la reconfiguration dynamique aux systèmes SOA, afin de tolérer les changements pendant l'exécution, et d assurer la continuité d'approvisionnement de services pour les utilisateurs. En particulier, nous nous concentrons sur le support intergiciel pour la reconfiguration des services pendant l'exécution. Notre principale contribution consiste à permettre la continuité du service (1) en substituant un service qui devient indisponible pendant l'exécution par un autre service, sémantiquement similaire, et (2) en traduisant et transférant l'état actuel de l'interaction au service substitut, afin de reprendre l'exécution après son interruption. Le besoin de traduction d'état est dû à l'hétérogénéité des environnements, puisque les services indisponibles et leurs substituts ne sont censés être ni identiquement implantés, ni identiquement décrits. Cependant, la traduction d'état peut ne pas suffire à assurer la compatibilité d'état entre le service substitut et celui qui est devenu indisponible: dans certains cas, le service substitut peut être compatible avec un état de l'interaction qui est antérieur à son état lors de la perte de service. Par conséquent, nous avons besoin d'invalider un nombre de résultats fournis par le service indisponible, pour pouvoir synchroniser l'état du service substitut. L'exécution du service substitut peut fournir des résultats différents de ceux déjà fournis par l'exécution du service indisponible. Dans le cas d'une composition de services, les services encore disponibles -intervenant dans le système SOA- peuvent être affectés par la substitution en raison de leurs dépendances de données avec le service de remplacement. Ainsi, l'intergiciel synchronise l'état de ces services en fonction à l'état transféré au service substitut. De notre contribution résulte SIROCCO (ServIce Reconfiguration upOn serviCe unavailability and Connectivity lOss), une infrastructure intergiciel qui permet la reconfiguration transparente pendant l'exécution des systèmes SOA pour faire face à l'indisponibilité du service. L'intergiciel découvre les services candidats, susceptibles de substituer le service qui devient indisponible. Il essaie ensuite d'identifier le meilleur service parmi ces candidats qui peut être utilisé comme un substitut réel. Dans le meilleur des cas, le service substitut choisi doit être tel que son état actuel peut être synchronisé avec le dernier état du service qui est substitué. Dans le cas de la composition de service, l'intergiciel vérifie également les dépendances de données avec les services encore disponibles et synchronise leur état selon l'état transféré. Les concepts de SIROCCO sont examinés à travers une évaluation expérimentale de notre prototype. Nos résultats montrent que SIROCCO fournit les moyens nécessaires pour réaliser la reconfiguration dynamique des services, où le gain en continuité de service est plus important que le calcul et la communication supplémentaires induits par la reconfiguration.PARIS-BIUSJ-Mathématiques rech (751052111) / SudocSudocFranceF

Process and tool support for design patterns with safety requirements

International audienceThe requirement for higher Security and Dependability (S&D) of systems is continuously increasing, even in domains tradi-tionally not deeply involved in such issues. Nowadays, many practitioners express their worries about current S&D software engineering practices. New recommendations should be considered to ground this discipline on two pillars: solid theory and proven principles. We took the second pillar towards software engineering for embedded system applications, focusing on the problem of integrating S&D by design to foster reuse. In this paper, we propose to combine design patterns and Model Driven Engineering (MDE) techniques for building component-based applications with safety requirements. The resulting modeling framework serves primarily to capture the basic concepts for specifying safety-oriented design patterns, building an S&D pattern system, and maintain safety properties, with existing modeling artifacts, during the engineering process based on the S&D pattern system. As a proof of concept, we are evaluating the feasibility of the framework through the example of the MooN pattern system for building systems having safety requirements: Communication Based Train Control (CBTC)