Reliable deployment, reconfiguration, and control of cloud applications

Cloud applications consist of a set of interconnected software components distributed over several virtual machines. Setting up, (re)configuring, and monitoring these applications are difficult tasks, and involve complex management protocols. In this talk, I will first present two protocols for deploying and dynamically reconfiguring cloud applications, respectively. I will also present synthesis techniques for generating controllers in charge of coordinating autonomic managers and cloud applications. These approaches have been devised with the support of formal techniques and tools.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

Model-Based Adaptation of Software Communicating via FIFO Buffers

Software Adaptation is a non-intrusive solution for composing black-box components or services (peers) whose individual functionality is as required for the new system, but that present interface mismatch, which leads to deadlock or other undesirable behaviour when combined. Adaptation techniques aim at automatically generating new components called adapters. All the interactions among peers pass through the adapter, which acts as an orchestrator and makes the involved peers work correctly together by compensating for mismatch. Most of the existing solutions in this field assume that peers interact synchronously using rendezvous communication. However, many application areas rely on asynchronous communication models where peers interact exchanging messages via buffers. Generating adapters in this context becomes a difficult problem because peers may exhibit cyclic behaviour, and their composition often results in infinite systems. In this paper, we present a method for automatically generating adapters in asynchronous environments where peers interact using FIFO buffers.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

Robust and reliable reconfiguration of cloud applications

International audienceCloud applications involve a set of interconnected software components running on remote virtual machines. The deployment and dynamic reconfigu-ration of cloud applications, involving the addition/removal of virtual machines and components hosted on these virtual machines, are error-prone tasks. They must preserve the application consistency and respect important architectural invariants related to software dependencies. In this paper, we introduce a protocol for automating these reconfiguration tasks. In order to ensure its correctness and robustness, we implement the protocol with the support of the Maude system for rapid prototyping purposes, and we verify it with its formal analysis tools

Special Section on Formal Methods for Industrial Critical Systems (Selected Papers from FMICS'11)

International audienceThis section contains extended versions of selected papers from the 16th International Workshop on Formal Methods for Industrial Critical Systems (FMICS'11)

Adaptation of Asynchronously Communicating Software

International audienceSoftware adaptation techniques aim at generating new components called adapters, which make a set of services work correctly together by compensating for existing mismatch. Most approaches assume that services interact synchronously using rendez-vous communication. In this paper, we focus on asynchronous communication, where services interact exchanging messages via buffers. We overview a method for automatically generating adapters in such asynchronous environments

Robust Reconfiguration of Cloud Applications

International audienceCloud applications involve a set of interconnected software components running on remote virtual machines. Once cloud applications are deployed, one may need to reconfigure them by adding/removing virtual machines or components hosted on these machines. These tasks are error-prone since they must preserve the application consistency and respect important architectural invariants related to software dependencies. We present in this paper a protocol for automating these reconfiguration tasks

Debugging Process Algebra Specifications

International audienceDesigning and developing distributed and concurrent applications has always been a tedious and error-prone task. In this context, formal techniques and tools are of great help in order to specify such concurrent systems and detect bugs in the corresponding models. In this paper, we propose a new framework for debugging value-passing process algebra through coverage analysis. We illustrate our approach with LNT, which is a recent specification language designed for formally modelling concurrent systems. We define several coverage notions before showing how to instrument the specification without affecting original behaviors. Our approach helps one to improve the quality of a dataset of examples used for validation purposes, but also to find ill-formed decisions, dead code, and other errors in the specification. We have implemented a tool for automating our debugging approach, and applied it to several real-world case studies in different application areas

Handling Data-Based Concurrency in Context-Aware Service Protocols

Dependency analysis is a technique to identify and determine data dependencies between service protocols. Protocols evolving concurrently in the service composition need to impose an order in their execution if there exist data dependencies. In this work, we describe a model to formalise context-aware service protocols. We also present a composition language to handle dynamically the concurrent execution of protocols. This language addresses data dependency issues among several protocols concurrently executed on the same user device, using mechanisms based on data semantic matching. Our approach aims at assisting the user in establishing priorities between these dependencies, avoiding the occurrence of deadlock situations. Nevertheless, this process is error-prone, since it requires human intervention. Therefore, we also propose verification techniques to automatically detect possible inconsistencies specified by the user while building the data dependency set. Our approach is supported by a prototype tool we have implemented.Comment: In Proceedings FOCLASA 2010, arXiv:1007.499

Stability of Asynchronously Communicating Systems

Recent software is mostly constructed by reusing and composing existing components. Software components are usually stateful and therefore described using behavioral models such as finite state machines. Asynchronous communication is a classic interaction mechanism used for such software systems. However, analysing communicating systems interacting asynchronously via reliable FIFO buffers is an undecidable problem. A typical approach is to check whether the system is bounded, and if not, the corresponding state space can be made finite by limiting the presence of communication cycles in behavioral models or by fixing buffer sizes. In this paper, we focus on infinite systems and we do not restrict the system by imposing any arbitrary bounds. We introduce a notion of stability and prove that once the system is stable for a specific buffer bound, it remains stable whatever larger bounds are chosen for buffers. This enables us to check certain properties on the system for that bound and to ensure that the system will preserve them whatever larger bounds are used for buffers. We also prove that computing this bound is undecidable but show how we succeed in computing these bounds for many typical examples using heuristics and equivalence checking

Quantifying the Similarity of Non-bisimilar Labelled Transition Systems

International audienceEquivalence checking is an established technique for automatically verifying that two behavioural models (Labelled Transition Systems, LTSs) are equivalent from the point of view of an external observer. When these models are not equivalent, the checker returns a Boolean result with a counterexample, which is a sequence of actions leading to a state where the equivalence relation is not satisfied. However, this counterexample does not give any indication of how far the two LTSs are one from another. One can wonder whether they are almost identical or totally different, which is quite different from a design or debugging point of view. In this paper, we present an approach for measuring the similarity between two LTS models. The set of metrics is computed automatically using a tool we implemented. Beyond presenting the foundations of the proposed solution, we will show how it can be applied to two concrete application domains for supporting the construction of IoT applications on the one hand and for contributing to the process model matching problem on the other