Compatibility Checking for Asynchronously Communicating Software

International audienceCompatibility is a crucial problem that is encountered while constructing new software by reusing and composing existing components. A set of software components is called compatible if their composition preserves certain properties, such as deadlock freedom. However, checking compatibility for systems communicating asynchronously is an undecidable problem, and asynchronous communication is a common interaction mechanism used in building software systems. A typical approach in analyzing such systems is to bound the state space. In this paper, we take a different approach and do not impose any bounds on the number of participants or the sizes of the message buffers. Instead, we present a sufficient condition for checking compatibility of a set of asynchronously communicating components. Our approach relies on the synchronizability property which identifies systems for which interaction behavior remains the same when asynchronous communication is replaced with synchronous communication. Using the synchronizability property, we can check the compatibility of systems with unbounded message buffers by analyzing only a finite part of their behavior. We have implemented a prototype tool to automate our approach and we have applied it to many examples

Towards correct Evolution of Conversation Protocols

Distributed software systems change dynamically due to the evolution of their environment and/or requirements, their internal designing policies, and/or their specification bugs which must be fixed. Hence, checking system changes must be run continuously. Such systems are usually composed of distributed software entities (called peers) interacting with each other through message exchanges, and this is to fulfil a common goal. The goal is often specified by a conversation protocol (CP), i.e. sequences of sent messages. If there exists a set of peers implementing CP, then CP is said to be realisable. In this paper, we propose a stepwise approach for checking whether an evolution, i.e. adding and/or removing messages and/or peers, can be applied to a CP that was realisable before updating it.We define a set of correct evolution patterns and we suggest an algebra of CP evolution. Our approach ensures that CP evolution preserves the realisability condition

Comparator: A Tool for Quantifying Behavioural Compatibility

International audienceWe present Comparator, a tool that measures the compatibility between two behavioural interfaces. Comparator can be used as a stand-alone Web application, and is also integrated into a model-based adaptation toolbox

Interactive specification and verification of behavioral adaptation contracts

International audienceContext. Adaptation is a crucial issue when building new applications by reusing existing software services which were not initially designed to interoperate with each other. Adaptation contracts describe composition constraints and adaptation requirements among these services. The writing of this specification by a designer is a difficult and error-prone task, especially when interaction protocols are considered in service interfaces. Objective. In this article, we propose a tool-based, interactive approach to support the contract design process. Method. Our approach includes: (i) a graphical notation to define port bindings, and an interface compatibility measure to compare protocols and suggest some port connections to the designer, (ii) compositional and hierarchical techniques to facilitate the specification of adaptation contracts by building them incrementally, (iii) validation and verification techniques to check that the contract will make the involved services work correctly and as expected by the designer. Results. Our results show a reduction both in the amount of effort that the designer has to put into building the contract, as well as in the number of errors present in the final result (noticeably higher in the case of manual specification). Conclusion. We conclude that it is important to provide integrated tool support for the specification and verification of adaptation contracts, since their incorrect specification induces erroneous executions of the system. To the best of our knowledge, such tool support has not been provided by any other approach so far, and hence we consider the techniques described in this paper as an important contribution to the area of behavioral software adaptation

Flooding-Based Algorithm for Behavioural Compatibility Measuring

Nowadays, large software systems are mostly built using existing services. These are not always designed to interact, i.e., their public interfaces often present some mismatches. Checking compatibility of service interfaces allows one to avoid erroneous executions when composing the services and ensures correct reuse and interaction. Service compatibility has been intensively studied, in particular for discovery purposes, but most of existing approaches return a Boolean result. In this paper, we present a quantitative approach for measuring the compatibility degree of service interfaces. Our method is generic and flooding-based, and fully automated by a prototype tool

A correct-by-construction model for asynchronously communicating systems

The design and verification of distributed software systems is often hindered by their ever-increasing complexity and their asynchronous operational semantics. This article considers choreography specifications for distributed systems to reduce that complexity. We use labelled state-transitions systems as ground model for both choreographies and the corresponding distributed systems. Based on Event-B method, we propose a stepwise correct-by-construction model to build asynchronous distributed systems which a priori realise their choreographies. We rely on a sufficient and necessary realisability condition and we apply several refinement steps w.r.t. that condition to generate the distributed peers. The first refinement returns peer behaviours obtained by synchronous projection. The previously computed system is then refined into its asynchronous version using unbounded FIFO buffers. We prove, thanks to invariant preservation, that a sequence of exchanged messages is preserved at each refinement step. We provide a formalised proof of a realisability algorithm for deterministic choreographies. Besides that, our contribution is twofold: the approach is a priori and the problackposed solution scales up to any number of peers communicating with each other

Measuring the Compatibility of Service Interaction Protocols

International audienceChecking the compatibility of service interfaces allows one to avoid erroneous executions when composing the services together. This task is especially difficult when considering interaction protocols, that is messages and their application order, in service interfaces. Although service compatibility has been intensively studied, in particular for discovery purposes, most of existing works return a Boolean result. However, if two services are incompatible, these approaches do not indicate whether the services are almost compatible or totally incompatible. This information is crucial if one wants to apply adaptation techniques, for instance, to successfully compose these services in spite of existing mismatches. In this paper, we propose a generic flooding-based techniques for measuring the compatibility degree of service protocols. We illustrate our approach with two compatibility notions, namely unspecified receptions and unidirectional complementarity. Our solution is fully automated by a prototype tool we have implemented

Client Update: A Solution for Service Evolution

International audienceIn service-based systems, service evolution might raise critical communication issues since the client cannot be aware of the changes that have occurred on the black-box services side. In this paper, we propose an automated process to adapt the client to the changes that have occurred. Our approach relies on a compatibility measuring method, and changes the client interface to ensure the system compatibility. This solution is fully automated inside a prototype tool we have implemented

La composition de services dans le monde asynchrone Formalisation et vérification en TLA+

International audienceLes architectures orientées services (SOA) permettent de répondre à deux défis importants du génie logiciel : la rutilisabilité et la décomposition. Néanmoins elles amènent de nouveaux problème, notamment liés à la répartition des services et la non-centralisation du contrôle. Les services étant indépendants et autonomes, il faut s’assurer que mis ensemble ils sont capables de communiquer et que leurs interactions n’introduisent pas de mauvais fonctionnement global. Dans le monde asynchrone, plus proche de la réalité, cette vérification devient non triviale, et cela d’autant plus qu’il existe de multiples modèles asynchrones, plus ou moins libéraux dans ce qu’ils autorisent. Nous exposons dans ce papier nos travaux en cours autour des modèles asynchrones et de la vérification des compositions de services paramétrées par ces modèles

Interactive specification and verification of behavioral adaptation contracts

International audienceContext. Adaptation is a crucial issue when building new applications by reusing existing software services which were not initially designed to interoperate with each other. Adaptation contracts describe composition constraints and adaptation requirements among these services. The writing of this specification by a designer is a difficult and error-prone task, especially when interaction protocols are considered in service interfaces. Objective. In this article, we propose a tool-based, interactive approach to support the contract design process. Method. Our approach includes: (i) a graphical notation to define port bindings, and an interface compatibility measure to compare protocols and suggest some port connections to the designer, (ii) compositional and hierarchical techniques to facilitate the specification of adaptation contracts by building them incrementally, (iii) validation and verification techniques to check that the contract will make the involved services work correctly and as expected by the designer. Results. Our results show a reduction both in the amount of effort that the designer has to put into building the contract, as well as in the number of errors present in the final result (noticeably higher in the case of manual specification). Conclusion. We conclude that it is important to provide integrated tool support for the specification and verification of adaptation contracts, since their incorrect specification induces erroneous executions of the system. To the best of our knowledge, such tool support has not been provided by any other approach so far, and hence we consider the techniques described in this paper as an important contribution to the area of behavioral software adaptation