Behavior modeling and automated verification of Web services
Introduction
Over the past few years, cloud computing is gaining a considerable momentum as a new computing paradigm for providing flexible and dynamic services and infrastructures on demand [2], [33], [41]. Cloud computing holds the potential to transform the landscape of the IT industry by making software more attractive as services and shaping the way IT hardware is designed and purchased.
Service-oriented architecture (SOA) and Web services in general are one of the most important enabling technologies for cloud computing in the sense that resources (e.g., software, infrastructures, and platforms) are exposed in the clouds as services [37]. Most research in cloud computing so far focuses on topics such as virtulization, reliability, scalability, security and privacy of cloud services [28], [25], [20], [30]. Although these are all important, Web services, the fundamental topic that underpins the cloud computing paradigm, have not received enough attention. In fact, despite active research into, and development of, Web services over the last decade, Web services are still not fully mature yet. According to a recent study in Europe [11], the Web currently contains 30 billion Web pages, with 10 million new pages added each day. In contrast, only 12,000 Web services exist on the Web. Even worse, most of these Web services have been deployed with dependability problems (e.g., unexpected behaviors, delayed or even no responses) [36], [27], [40]. One significant challenge is that, to the best of our knowledge, there lacks of novel approaches and tools that would enable service developers to check the soundness and completeness of their services design so that the design problems can be identified and addressed at early stages, which ultimately ensuring the quality of the services released to clouds. Given the quick adoption of cloud computing in industry (e.g., Amazon Web Services, Google AppEngine, and Microsoft Azure), more and more cloud services will emerge, which support the development of numerous applications including mission-critical applications such as health care, air traffic control, and stock trading. This calls for the urgent need to develop novel techniques for producing highly dependable cloud services.
In this paper, we present our approach on modeling Web services so that design problems and errors can be early identified and addressed. In particular, we propose to divide Web service behaviors into two types: operational behaviors and control behaviors, based on the separation of concerns design principle [17]. The operational behavior, which is application dependent, illustrates the business logic that underpins the functioning of a Web service. The control behavior, which is application independent, acts as a controller over the operational behavior and guides its execution progress. The interactions between control and operational behaviors are modeled as conversation sessions (i.e., sequences of messages exchanged between the control and operational behaviors). By analyzing conversational messages and checking service behavior specifications, it is possible to verify the service design. The main contributions of this paper are as follows:
- •
A service behavior model that decouples operational and control behaviors of Web services. This separation of Web service behaviors eases not only the development and maintenance, but the verification (e.g., soundness and completeness checking), testing, and debugging of Web services. To the best of our knowledge, this is the first effort that identifies two behaviors of Web services.
- •
A service verification approach based on symbolic model checking [10]. Our approach extracts the checking properties, in the form of temporal logic formulas, from control behaviors, and automatically verifies the properties in operational behaviors.
- •
A fully functional prototype system that offers a set of tools for the specification of Web services and automated verification of the service design.
The reminder of the paper is organized as follows. Section 2 describes the details of our new Web service behavior model. Section 3 presents a symbolic model checking approach for verifying service designs. Section 4 focuses on the implementation and validation of the proposed system. Finally, Section 5 overviews related work and Section 6 provides some concluding remarks.
Section snippets
Service behavior model
Cloud services are normally exposed as Web services that follow the industry standards such as Web Services Description Language (WSDL). Unfortunately, WSDL does not show how they function or how their executions can be overseen. As a result, Web services are still largely perceived as simple, passive components that react upon request only [8], [40]. In this section, we present a Web service behavior model using more richer description, which isolates a service from any orchestration scenario
Verification of control and operational behaviors
Our verification approach is based on the formal model checking of conversations of Web service behaviors. As shown in Fig. 4, we propose to verify that the operational behavior is well-designed and fits well with the control behavior in two ways. Firstly, we verify that the operational behavior and the control behavior are synchronized by checking the message sequences defined above. Secondly, we verify that the operational behavior fits well within the control behavior using a novel approach
System implementation and experiments
In this section, we describe a prototype implementation of our proposed approach for developing dependable cloud services. The implementation and experiments conducted have shown that the ideas proposed in this paper are realizable using existing technologies.
Related work
Over the last few years, Web services has been a very active area of research and development [36], [40], [8], [31], [4], [12], [18], [26]. Our work proposed in this paper is at the crossing point of several initiatives that examine Web services from different perspectives such as conversation, behavior modeling, management, and verification.
From the conversational perspective, two specifications back the added value of conversations to Web services: the Web Services Conversation Language [3],
Conclusion
With the increasingly rapid adoption of cloud computing during the past few years, more and more cloud services will be available in the near future. Unfortunately, techniques on developing dependable Web services, which underpin the development of flexible and reliable cloud services, are still not fully mature yet. In this paper, we have presented a novel approach that supports dependable development of Web services. In particular, we introduced a new Web service model that separates service
Acknowledgment
Quan Z. Sheng’s work has been partially supported by Australian Research Council (ARC) Discovery Grant DP0878367. The authors thank the anonymous reviewers for their valuable feedback on this work.
References (41)
- et al.
A secure collaboration service for dynamic virtual organizations
Information Sciences
(2010) - et al.
Identifying the security risks associated with governmental use of cloud computing
Government Information Quarterly
(2010) - A. Arkin, S. Askary, S. Fordin, W. Jekeli, K. Kawaguchi, D. Orchard, S. Pogliani, K. Riemer, S. Struble, P....
- et al.
A view of cloud computing
Communication of the ACM
(2010) - A. Banerji, C. Bartolini, D. Beringer, V. Chopella, K. Govindarajan, A. Karp, H. Kuno, M. Lemon, G. Pogossiants, S....
- et al.
Web service conversation modeling: a cornerstone for e-business automation
IEEE Internet Computing
(2004) - Beatrice Berard, Michel Bidoit, Alain Finkel, Francois Laroussinie, Antoine Petit, Laure Petrucci, Philippe...
- S. Bhiri, O. Perrin, C. Godart, Ensuring required failure atomicity of composite web services, in: Proc. of the 14th...
- S. Bourne, C. Szabo, Q.Z. Sheng, Ensuring well-formed conversations between control and operational behaviors of web...
- et al.
A theory of contracts for web services
ACM Transactions on Programming Languages and Systems
(2009)
Model Checking
Toward a service web: integrating the semantic web and service orientation
IEEE Intelligent Systems
Synchronizability of conversations among web services
IEEE Transactions on Software Engineering
The STATEMATE semantics of statecharts
ACM Transactions on Software Engineering and Methodology
The SPIN Model Checker: Primer and Reference Manual
Tools for composite web services: a short overview
ACM SIGMOD Record
The separation principle: a programming paradigm
IEEE Software
Cited by (25)
Research on public opinion effecting on stock price during crises based on model checking
2024, Expert Systems with ApplicationsType theory based semantic verification for service composition in cloud computing environments
2018, Information SciencesCitation Excerpt :In a cloud computing environment, software-as-a-service (SaaS) is an important software distribution model, in which the service as a basic computing entity plays a vital role in the cloud applications. With the increasing number of cloud services in different functions and performances, invoking multiple atomic services in a specific order is an efficient way of achieving much more application requirements [25,36]. However, it is quite challenging for service composition due to the consistent functional limitation (inputs/outputs) and uncertainty of cloud environments.
A formal approach for the specification and verification of a Trustworthy Human Resource Discovery mechanism in the Expert Cloud
2015, Expert Systems with ApplicationsSet partition and trace based verification of Web service composition
2015, Procedia Computer ScienceWeb services composition: A decade's overview
2014, Information SciencesCitation Excerpt :The components of a composite service are normally distributed and autonomously provided by different organizations. As indicated from our analysis in Section 5, providing reliable and dependable services composition still remains a significant challenge [22,94,75]. When composing services, particularly for mission-critical applications (e.g., health care, stock trading, and air traffic control), service developers should be able to check the soundness and completeness of compositions so that the design problems can be identified and addressed at early stages.