Skip to main content
SpringerLink
Log in

Guaranteeing Type Consistency in Collective Adaptive Systems

  • Conference paper
  • First Online:
Leveraging Applications of Formal Methods, Verification and Validation: Engineering Principles (ISoLA 2020)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12477))

Included in the following conference series:

Abstract

Collective adaptive systems whose entities are loosely coupled by their exchange of complex data structures became a very common architecture for distributed web-based systems. As HTTP-based APIs transfer data as plain text, this exchange is very error prone: API changes and malicious data modifications may remain unnoticed. GraphQL addresses this concern at the server side with strong typing but leaves the clients untouched. In this paper we present an approach to align the type schemas provided by GraphQL and type definitions at the client side on three levels during the systems’ life cycles: At generation time by verifying queries against the GraphQL schema, at compile time by leveraging TypeScript’s type system, and at run time by using decoders to validate payloads. Key to our solution are a functional, type-safe domain-specific language for the definition of GraphQL queries and a corresponding generator implementation providing the GraphQL queries and TypeScript artefacts. Together they ensure that clients become aware of and are able to react to changes of the (evolving) GraphQL schema, a precondition for maintaining the consistency of the overall collective adaptive system. We will illustrate our approach along a popular GitHub-based, collaborative development scenario.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://docs.github.com.

  2. 2.

    https://www.typescriptlang.org.

  3. 3.

    https://gitlab.com/scce/typesafe-functional-graphql.

  4. 4.

    https://github.blog/2009-10-20-how-we-made-github-fast.

  5. 5.

    https://octoverse.github.com/.

  6. 6.

    Other approaches to reuse based on auxiliary technologies like templating at run time, won’t be discussed in this paper. Due to their missing type safety and error-proneness, we don’t consider them resilient solutions.

  7. 7.

    https://www.antlr.org/.

  8. 8.

    https://gitlab.com/scce/typesafe-functional-graphql/-/blob/d63df0ed1146eabd66432c4115a86534c6b03772/src/main/antlr/GraphQLSelection.g4.

  9. 9.

    https://gitlab.com/MazeChaZer/json-bouncer.

  10. 10.

    https://github.com/apollographql/apollo-tooling.

  11. 11.

    https://github.com/dotansimha/graphql-code-generator.

  12. 12.

    https://github.com/MichalLytek/type-graphql.

References

  1. Bass, L., Weber, I.M., Zhu, L.: DevOps: A Software Architect’s Perspective. The SEI Series in Software Engineering. Addison-Wesley, Boston (2015)

    Google Scholar 

  2. Boswell, D., Foucher, T.: The Art of Readable Code. O’Reilly Series. O’Reilly Media Incorporated, Sebastopol (2011)

    Google Scholar 

  3. Brown, A., Forsgren, N., Humble, J., Kersten, N., Kim, G.: 2016 state of DevOps report. Technical report (2016). https://services.google.com/fh/files/misc/state-of-devops-2016.pdf

  4. Bugayenko, Y.: Elegant Objects. No. v. 2 in Elegant Objects, CreateSpace Independent Publishing Platform, Scotts Valley (2017)

    Google Scholar 

  5. Bures, T., Gerostathopoulos, I., Hnetynka, P., Keznikl, J., Kit, M., Plasil, F.: DEECO: an ensemble-based component system. In: Proceedings of the 16th International ACM Sigsoft Symposium on Component-Based Software Engineering, CBSE 2013, pp. 81–90. Association for Computing Machinery, New York (2013)

    Google Scholar 

  6. Bures, T., et al.: A language and framework for dynamic component ensembles in smart systems. Int. J. Softw. Tools Technol. Transf. 22(4), 497–509 (2020). https://doi.org/10.1007/s10009-020-00558-z

  7. Callegati, F., Cerroni, W., Ramilli, M.: Man-in-the-middle attack to the HTTPS protocol. IEEE Secur. Priv. 7(1), 78–81 (2009)

    Article  Google Scholar 

  8. Campinhos, J., Seco, J.C., Cunha, J.: Type-safe evolution of web services. In: 2017 IEEE/ACM 2nd International Workshop on Variability and Complexity in Software Design (VACE), pp. 20–26 (2017)

    Google Scholar 

  9. Chaudhuri, A., Vekris, P., Goldman, S., Roch, M., Levi, G.: Fast and precise type checking for JavaScript. Proc. ACM Program. Lang. 1(OOPSLA) (2017)

    Google Scholar 

  10. Cohn, M.: Succeeding with Agile: Software Development Using Scrum, 1st edn. Addison-Wesley Professional, Boston (2009)

    Google Scholar 

  11. Costantini, G., Ferrara, P., Cortesi, A.: A suite of abstract domains for static analysis of string values. Softw. Pract. Exper. 45(2), 245–287 (2015)

    Article  Google Scholar 

  12. De Nicola, R., et al.: The SCEL language: design, implementation, verification. In: Wirsing, M., Hölzl, M., Koch, N., Mayer, P. (eds.) Software Engineering for Collective Autonomic Systems. LNCS, vol. 8998, pp. 3–71. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16310-9_1

    Chapter  Google Scholar 

  13. Dhar, A., Purandare, R., Dhawan, M., Rangaswamy, S.: CLOTHO: saving programs from malformed strings and incorrect string-handling. In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, pp. 555–566. Association for Computing Machinery (2015)

    Google Scholar 

  14. Fowler, M.: Domain-Specific Languages. Addison-Wesley Signature Series (Fowler). Pearson Education, Boston (2010)

    Google Scholar 

  15. Gao, Z., Bird, C., Barr, E.T.: To type or not to type: quantifying detectable bugs in JavaScript. In: 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE), pp. 758–769 (2017)

    Google Scholar 

  16. Hartig, O., Perez, J.: Semantics and complexity of GraphQL. In: Proceedings of the 2018 World Wide Web Conference, WWW 2018, International World Wide Web Conferences Steering Committee, pp. 1155–1164 (2018)

    Google Scholar 

  17. Kizza, J.M.: Internet of Things (IoT): growth, challenges, and security. Guide to Computer Network Security. TCS, pp. 517–531. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38141-7_24

    Chapter  Google Scholar 

  18. Kula, R.G., Ouni, A., German, D.M., Inoue, K.: On the impact of micro-packages: an empirical study of the NPM JavaScript ecosystem. CoRR abs/1709.04638 (2017)

    Google Scholar 

  19. Margaria, T., Hinchey, M.: Simplicity in it: the power of less. Computer 46(11), 23–25 (2013)

    Article  Google Scholar 

  20. Margaria, T., Steffen, B.: Simplicity as a driver for agile innovation. Computer 43(6), 90–92 (2010)

    Article  Google Scholar 

  21. Margaria, T., Steffen, B., Reitenspieß, M.: Service-oriented design: the roots. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 450–464. Springer, Heidelberg (2005). https://doi.org/10.1007/11596141_34

    Chapter  Google Scholar 

  22. Merten, M., Steffen, B.: Simplicity driven application development. J. Integr. Des. Process Sci. 17, 9–23 (2013)

    Google Scholar 

  23. Parr, T.: The definitive ANTLR 4 reference. In: Pragmatic Bookshelf (2013)

    Google Scholar 

  24. Schiavio, F., Sun, H., Bonetta, D., Rosa, A., Binder, W.: NodeMOP: runtime verification for Node.js applications. In: Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, SAC 2019, pp. 1794–1801. Association for Computing Machinery (2019)

    Google Scholar 

  25. Stahl, D., Martensson, T., Bosch, J.: Continuous practices and DevOps: beyond the buzz, what does it all mean? In: 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA), pp. 440–448 (2017)

    Google Scholar 

  26. Taskula, T.: Advanced data fetching with GraphQL: case bakery service. Master’s thesis, Aalto University, 11 March 2019

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Chair for Programming Systems, TU Dortmund University, Dortmund, Germany

    Jonas Schürmann, Tim Tegeler & Bernhard Steffen

Authors
  1. Jonas Schürmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tim Tegeler
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bernhard Steffen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tim Tegeler .

Editor information

Editors and Affiliations

  1. University of Limerick and Lero, Limerick, Ireland

    Tiziana Margaria

  2. TU Dortmund, Dortmund, Germany

    Bernhard Steffen

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Schürmann, J., Tegeler, T., Steffen, B. (2020). Guaranteeing Type Consistency in Collective Adaptive Systems. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation: Engineering Principles. ISoLA 2020. Lecture Notes in Computer Science(), vol 12477. Springer, Cham. https://doi.org/10.1007/978-3-030-61470-6_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-61470-6_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-61469-0

  • Online ISBN: 978-3-030-61470-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation