Behavior modeling and automated verification of Web services

doi:10.1016/j.ins.2012.09.016

Information Sciences

Volume 258, 10 February 2014, Pages 416-433

https://doi.org/10.1016/j.ins.2012.09.016 Get rights and content

Abstract

Cloud computing has been rapidly adopted over the last few years. However, techniques on Web services, one of the most important enabling technologies for cloud computing, are still not mature yet. In this paper, we propose a novel approach that supports dependable development of Web services. Our approach includes a new Web service model that separates service behaviors into operational and control behaviors. The coordination of operational and control behaviors at runtime is facilitated by conversational messages. We also propose an automated service verification approach based on symbolic model checking. In particular, our approach extracts the checking properties, in the form of temporal logic formulas, from control behaviors, and automatically verifies the properties in operational behaviors using the NuSMV model checker. The approach presented in this paper has been implemented using a number of state-of-the-art technologies. We conducted a number of experiments to study the performance of our proposed approach in detecting design problems in services. The results show that our automated approach can successfully detect service design problems. Our system offers a set of tools assisting service developers in specifying, debugging, and monitoring service behaviors.

Introduction

Over the past few years, cloud computing is gaining a considerable momentum as a new computing paradigm for providing flexible and dynamic services and infrastructures on demand [2], [33], [41]. Cloud computing holds the potential to transform the landscape of the IT industry by making software more attractive as services and shaping the way IT hardware is designed and purchased.

Service-oriented architecture (SOA) and Web services in general are one of the most important enabling technologies for cloud computing in the sense that resources (e.g., software, infrastructures, and platforms) are exposed in the clouds as services [37]. Most research in cloud computing so far focuses on topics such as virtulization, reliability, scalability, security and privacy of cloud services [28], [25], [20], [30]. Although these are all important, Web services, the fundamental topic that underpins the cloud computing paradigm, have not received enough attention. In fact, despite active research into, and development of, Web services over the last decade, Web services are still not fully mature yet. According to a recent study in Europe [11], the Web currently contains 30 billion Web pages, with 10 million new pages added each day. In contrast, only 12,000 Web services exist on the Web. Even worse, most of these Web services have been deployed with dependability problems (e.g., unexpected behaviors, delayed or even no responses) [36], [27], [40]. One significant challenge is that, to the best of our knowledge, there lacks of novel approaches and tools that would enable service developers to check the soundness and completeness of their services design so that the design problems can be identified and addressed at early stages, which ultimately ensuring the quality of the services released to clouds. Given the quick adoption of cloud computing in industry (e.g., Amazon Web Services, Google AppEngine, and Microsoft Azure), more and more cloud services will emerge, which support the development of numerous applications including mission-critical applications such as health care, air traffic control, and stock trading. This calls for the urgent need to develop novel techniques for producing highly dependable cloud services.

In this paper, we present our approach on modeling Web services so that design problems and errors can be early identified and addressed. In particular, we propose to divide Web service behaviors into two types: operational behaviors and control behaviors, based on the separation of concerns design principle [17]. The operational behavior, which is application dependent, illustrates the business logic that underpins the functioning of a Web service. The control behavior, which is application independent, acts as a controller over the operational behavior and guides its execution progress. The interactions between control and operational behaviors are modeled as conversation sessions (i.e., sequences of messages exchanged between the control and operational behaviors). By analyzing conversational messages and checking service behavior specifications, it is possible to verify the service design. The main contributions of this paper are as follows:

•
A service behavior model that decouples operational and control behaviors of Web services. This separation of Web service behaviors eases not only the development and maintenance, but the verification (e.g., soundness and completeness checking), testing, and debugging of Web services. To the best of our knowledge, this is the first effort that identifies two behaviors of Web services.
•
A service verification approach based on symbolic model checking [10]. Our approach extracts the checking properties, in the form of temporal logic formulas, from control behaviors, and automatically verifies the properties in operational behaviors.
•
A fully functional prototype system that offers a set of tools for the specification of Web services and automated verification of the service design.

The reminder of the paper is organized as follows. Section 2 describes the details of our new Web service behavior model. Section 3 presents a symbolic model checking approach for verifying service designs. Section 4 focuses on the implementation and validation of the proposed system. Finally, Section 5 overviews related work and Section 6 provides some concluding remarks.

Section snippets

Service behavior model

Cloud services are normally exposed as Web services that follow the industry standards such as Web Services Description Language (WSDL). Unfortunately, WSDL does not show how they function or how their executions can be overseen. As a result, Web services are still largely perceived as simple, passive components that react upon request only [8], [40]. In this section, we present a Web service behavior model using more richer description, which isolates a service from any orchestration scenario

Verification of control and operational behaviors

Our verification approach is based on the formal model checking of conversations of Web service behaviors. As shown in Fig. 4, we propose to verify that the operational behavior is well-designed and fits well with the control behavior in two ways. Firstly, we verify that the operational behavior and the control behavior are synchronized by checking the message sequences defined above. Secondly, we verify that the operational behavior fits well within the control behavior using a novel approach

System implementation and experiments

In this section, we describe a prototype implementation of our proposed approach for developing dependable cloud services. The implementation and experiments conducted have shown that the ideas proposed in this paper are realizable using existing technologies.

Related work

Over the last few years, Web services has been a very active area of research and development [36], [40], [8], [31], [4], [12], [18], [26]. Our work proposed in this paper is at the crossing point of several initiatives that examine Web services from different perspectives such as conversation, behavior modeling, management, and verification.

From the conversational perspective, two specifications back the added value of conversations to Web services: the Web Services Conversation Language [3],

Conclusion

With the increasingly rapid adoption of cloud computing during the past few years, more and more cloud services will be available in the near future. Unfortunately, techniques on developing dependable Web services, which underpin the development of flexible and reliable cloud services, are still not fully mature yet. In this paper, we have presented a novel approach that supports dependable development of Web services. In particular, we introduced a new Web service model that separates service

Acknowledgment

Quan Z. Sheng’s work has been partially supported by Australian Research Council (ARC) Discovery Grant DP0878367. The authors thank the anonymous reviewers for their valuable feedback on this work.

References (41)

J. Li et al.
A secure collaboration service for dynamic virtual organizations
Information Sciences
(2010)
S. Paquette et al.
Identifying the security risks associated with governmental use of cloud computing
Government Information Quarterly
(2010)
A. Arkin, S. Askary, S. Fordin, W. Jekeli, K. Kawaguchi, D. Orchard, S. Pogliani, K. Riemer, S. Struble, P....
M. Armbrust et al.
A view of cloud computing
Communication of the ACM
(2010)
A. Banerji, C. Bartolini, D. Beringer, V. Chopella, K. Govindarajan, A. Karp, H. Kuno, M. Lemon, G. Pogossiants, S....
B. Benatallah et al.
Web service conversation modeling: a cornerstone for e-business automation
IEEE Internet Computing
(2004)
Beatrice Berard, Michel Bidoit, Alain Finkel, Francois Laroussinie, Antoine Petit, Laure Petrucci, Philippe...
S. Bhiri, O. Perrin, C. Godart, Ensuring required failure atomicity of composite web services, in: Proc. of the 14th...
S. Bourne, C. Szabo, Q.Z. Sheng, Ensuring well-formed conversations between control and operational behaviors of web...
G. Castagna et al.
A theory of contracts for web services
ACM Transactions on Programming Languages and Systems
(2009)

A. Cimatti, E. Clarke, E. Giunchiglia, F. Giunchiglia, M. Pistore, M. Roveri, R. Sebastiani, A. Tacchella, Nusmv 2: an...

E.M. Clarke et al.

Model Checking

(1999)

J. Domingue et al.

Toward a service web: integrating the semantic web and service orientation

IEEE Intelligent Systems

(2009)

X. Fu, T. Bultan, J. Su, Analysis of interacting BPEL web services, in: Proc. of the 13th International World Wide Web...

X. Fu et al.

Synchronizability of conversations among web services

IEEE Transactions on Software Engineering

(2005)

D. Harel et al.

The STATEMATE semantics of statecharts

ACM Transactions on Software Engineering and Methodology

(1996)

G.J. Holzmann

The SPIN Model Checker: Primer and Reference Manual

(2003)

R. Hull et al.

Tools for composite web services: a short overview

ACM SIGMOD Record

(2005)

Y. Kambayashi et al.

The separation principle: a programming paradigm

IEEE Software

(2004)

M. Kovas, J. Bentahar, Z. Maamar, H. Yahyaoui, Formal verification of conversations in composite web services, in:...

Cited by (25)

Research on public opinion effecting on stock price during crises based on model checking
2024, Expert Systems with Applications
Recent studies have shown that news and investors’ comments on social media against listed companies significantly impact stock price movements. Listed companies suffer abnormal stock price movements and tremendous economic losses in public opinion crises. Most existing studies combine news and investors’ sentiments with technical indicators to predict stock price movements to help investors optimize investments. However, it is urgent for listed companies to predict stock price movements during crises and understand the impact of multiple factors on stock price movements during crises, thereby using effective response strategies to stabilize stock prices. This study proposes a method to predict stock price movements during crises based on model checking. We integrate the public opinion factors by considering the interaction among investors, media and listed companies as crisis managers based on the Situational Crisis Communication Theory. The explicable rules of stock price movements are extracted by random forest algorithm from objective data of previous crises and formalized as Computation Tree Logic formulas ( $φ$ ). The database is modeled into a verifiable formal model ( $M$ ) and formalized as a Kripke structure. The model checker NuSMV is used to verify the rules in actual situations to predict stock price movements and provide early warning automatically. The proposed method achieves superior performance with ACC of 77.53% and 78.43% in the victim and preventable crises, respectively. The response strategies of listed companies significantly impact stock price movements during crises in the Chinese stock market. The explicable rules of stock price movements provide decision support to develop proper crisis responses for listed companies during crises.
Type theory based semantic verification for service composition in cloud computing environments
2018, Information Sciences
Citation Excerpt :
In a cloud computing environment, software-as-a-service (SaaS) is an important software distribution model, in which the service as a basic computing entity plays a vital role in the cloud applications. With the increasing number of cloud services in different functions and performances, invoking multiple atomic services in a specific order is an efficient way of achieving much more application requirements [25,36]. However, it is quite challenging for service composition due to the consistent functional limitation (inputs/outputs) and uncertainty of cloud environments.
To ensure successful running of service composition in software-as-a-service (SaaS) applications under dynamic cloud computing environments, service semantic verification becomes essentially important and meaningful. Taking advantages from both semantic expression in dependence record types (DRT) and completeness of service description in session types (ST), this paper presents a novel method for service composition verification at semantic level. Based on the characteristics of DRT, an ontology approach is proposed to enrich DRTs semantic description and establish a set of subtyping rules to characterize relationships of transmitted messages among services. As a general service composition description and semantic verification method, message DRT extended multiparty session types (MDRT-MST) are then constructed. A theoretical justification on the main patterns of service composition models is given through the extended reduction rules. As a case study, an online payment system is implemented for evaluating the system performance in practice. Experimental results demonstrate the feasibility and effectiveness of the proposed method in service reduction and verification for the real-world SaaS applications.
A formal approach for the specification and verification of a Trustworthy Human Resource Discovery mechanism in the Expert Cloud
2015, Expert Systems with Applications
Expert Cloud as a new class of Cloud computing systems enables its users to request the skill, knowledge and expertise of people without any information of their location by employing Internet infrastructures and Cloud computing concepts. One of the most important service in Expert Cloud is to search trustworthy peoples in order to benefit from their knowledge and skills. In this paper we propose a new and applicable method for Trustworthy Human Resource Discovery (THRD) in Expert Cloud by introducing a resource discovery and trust evaluating method, implement the proposed method by using ASP.Net and SQL in Expert Cloud; verify the structures and compositions of THRD by describing the behavioral models and state diagrams; define a Kripke structure with marked states to provide the formal relationship between the expanded model and the original state diagram structures; define the expected properties of the structures and compositions of THRD by means of temporal logic languages; and implement the proposed model by NuSMV model checker. The results show that the proposed method can discover trustworthy people efficiently and is sound, complete, reachable, fair, deadlock-free and consistent.
Behavioral modeling and automated verification of a Cloud-based framework to share the knowledge and skills of human resources
2015, Computers in Industry
Expert Cloud as a new class of Cloud computing systems by employing the Internet infrastructures and Cloud computing concepts enables its users to request the skill, knowledge and expertise of human resources without any information about their location. It makes the communication between the HRs more efficient, reduces the cost of service, increases the variety of knowledge and information, facilitates employment of the HR in organizations, decreases customer response time and improves the service delivery methods. However, one facet that is still being less cared and that may introduce potential errors and faults regards the architectural problems and components analysis of Expert Cloud. Therefore, in this paper, we verify and check the specification, composition and architecture of the Expert Cloud via NuSMV model checker, Argo UML and Rebeca Verifier tools. The approach extracts the checking properties in the form of LTL and CTL formulas of control behaviors and automatically verifies the properties in operational behaviors. Also, experimental results indicate that the system is reachable, fair and deadlock-free.
Set partition and trace based verification of Web service composition
2015, Procedia Computer Science
De*signing and running Web services compositions are error-prone as it is difficult to determine the behavior of web services during execution and their conformance to functional requirements. Interaction among composite Web services may cause concurrency related issues. In this paper, we present a formal model for reasoning and verifying Web services composition at design level. We partition the candidate services being considered for composition into several subsets on the basis of their service invocation order. We arrange these subsets to form a Web services set partition graph and transform to a set of interacting traces. Then, we propose a novel methodology for service interaction verification that uses service description (from WSDL file) to extract the necessary information and facilitates the process of modeling, analyzing, and reasoning the composite services. As a part of verification technique, we use two levels of modeling. This includes abstract modeling that further leads to detailed modeling if required, thereby reducing the computation time and modeling complexity.
Web services composition: A decade's overview
2014, Information Sciences
Citation Excerpt :
The components of a composite service are normally distributed and autonomously provided by different organizations. As indicated from our analysis in Section 5, providing reliable and dependable services composition still remains a significant challenge [22,94,75]. When composing services, particularly for mission-critical applications (e.g., health care, stock trading, and air traffic control), service developers should be able to check the soundness and completeness of compositions so that the design problems can be identified and addressed at early stages.
Service-oriented computing (SOC) represents a paradigm for building distributed computing applications over the Internet. In the past decade, Web services composition has been an active area of research and development endeavors for application integration and interoperation. Although Web services composition has been heavily investigated, several issues related to dependability, ubiquity, personalization, among others, still need to be addressed, especially giving the recent rise of several new computing paradigms such as Cloud computing, social computing, and Web of Things. This article overviews the life cycle of Web services composition and surveys the main standards, research prototypes, and platforms. These standards, research prototypes, and platforms are assessed using a set of assessment criteria identified in the article. The paper also outlines several research opportunities and challenges for Web services composition.

View all citing articles on Scopus

View full text