Dimitris Dranidis

Run-time Verification of Behavioural Conformance for Conversational Web Services

Web services exposing run-time behaviour that deviates from their behavioural specifications represent a major threat to the sustainability of a service-oriented ecosystem. It is therefore critical to verify the behavioural conformance of services during run-time. This paper discusses a novel approach for run-time verification of Web services. It proposes the utilisation of Stream X-machines for constructing formal behavioural specifications of Web services which can be exploited for verifying that a service’s run-time behaviour does not deviate from what is defined in the specification. Our approach allows for checking both the control flow of a Web service and the values of the data in the generated responses. The paper also proposes a classification of Web services and discusses how different types of services can be verified at run-time. Finally, it presents a run-time monitoring and verification architecture and discusses how it can be integrated into different types of service-oriented infrastructures.

Increased reliability in SOA environments through registry-based conformance testing of Web services

Organisations wishing to engage in industrial collaborative networks will typically seek some guarantees concerning the reliability of their prospective partners before committing to cooperation. Evaluating reliability can encompass several aspects, but one of the most crucial things to consider from a cooperation perspective is whether the software systems that support the business processes of some collaborator actually behave as expected. For organisations that rely on a service-oriented computing infrastructure, this amounts to checking whether the functionality of the respective services is conformant to a given behavioural specification. Todays state of the art lacks standardised methods for creating behavioural specifications of Web services, and also lacks tools for automating the process of behavioural conformance checking through testing. This paper presents a concrete method for creating formal specifications of Web service behaviour and utilising them within service registries for automated testing of service implementations in order to verify and certify their conformance.

An extensible architecture for run-time monitoring of conversational web services

Trust in Web services will be greatly enhanced if these are subject to run-time verification, even if they were previously tested, since their context of execution is subject to continuous change; and services may also be upgraded without notifying their consumers in advance. Conversational Web services introduce added complexity when it comes to run-time verification, since they follow a conversation protocol and they have a state bound to the session of each consumer accessing them. Furthermore, conversational Web services have different policies on how they maintain their state. Access to states can be private or shared; and states may be transient or persistent. These differences must be taken into account when building a scalable architecture for run-time verification through monitoring. This paper, building on a previously proposed theoretical framework for run-time verification of conversational Web services, presents the design, implementation and validation of a novel run-time monitoring architecture for conversational services, which aims to provide a holistic monitoring framework enabling the integration of different verification tools. The architecture is validated by running a sequence of test scenarios, based on a realistic example. The experimental results revealed that the monitoring activities have a tolerable overhead on the operation of a Web service.

Discovery and Selection of Certified Web Services Through Registry-Based Testing and Verification

Reliability and trust are fundamental prerequisites for the establishment of functional relationships among peers in a Collaborative Networked Organisation (CNO), especially in the context of Virtual Enterprises where economic benefits can be directly at stake. This paper presents a novel approach towards effective service discovery and selection that is no longer based on informal, ambiguous and potentially unreliable service descriptions, but on formal specifications that can be used to verify and certify the actual Web service implementations. We propose the use of Stream X-machines (SXMs) as a powerful modelling formalism for constructing the behavioural specification of a Web service, for performing verification through the generation of exhaustive test cases, and for performing validation through animation or model checking during service selection.

Leveraging Semantic Web Service Descriptions for Validation by Automated Functional Testing

Recent years have seen the utilisation of Semantic Web Service descriptions for automating a wide range of service-related activities, with a primary focus on service discovery, composition, execution and mediation. An important area which so far has received less attention is service validation, whereby advertised services are proven to conform to required behavioural specifications. This paper proposes a method for validation of service-oriented systems through automated functional testing. The method leverages ontology-based and rule-based descriptions of service inputs, outputs, preconditions and effects (IOPE) for constructing a stateful EFSM specification. The specification is subsequently utilised for functional testing and validation using the proven Stream X-machine (SXM) testing methodology. Complete functional test sets are generated automatically at an abstract level and are then applied to concrete Web services, using test drivers created from the Web service descriptions. The testing method comes with completeness guarantees and provides a strong method for validating the behaviour of Web services.

JSXM: a tool for automated test generation

The Stream X-machine (SXM) is an intuitive and powerful modelling formalism that extends finite state machines with a memory (data) structure and function-labelled transitions. One of the main strengths of the SXM is its associated testing strategy: this guarantees that, under well defined conditions, all functional inconsistencies between the system under test and the model are revealed. Unfortunately, despite the evident strength of SXM based testing, no tool that convincingly implements this strategy exists. This paper presents such a tool, called JSXM. The JSXM tool supports the animation of SXM models for the purpose of model validation, the automatic generation of abstract test cases from SXM specifications and the transformation of abstract test cases into concrete test cases in the implementation language of the system under test. A special characteristic of the modelling language and of the tool is that it supports the specifications of flat SXM models as well as the integration of interacting SXM models.

Cloud e-Learning: A New Challenge for Multi-Agent Systems

The developments of pedagogical models in e-learning together with the advances of learning technologies and cloud computing give us confidence to believe that the traditional e-learning will evolve into a process which will put the learner in the center of educational provision. This paper proposes that Cloud e-Learning, a new approach to e-learning, will open opportunities for learners, by allowing personalisation, enhancing self-motivation and collaboration. The learners should be able to choose what to learn, what sources to use, with and by whom, how and in what pace, what services and tools to use, how to be assessed, whether to get credits towards a degree etc. In such a dynamic environment, the need for Multi-Agents Systems is necessary. Actors in Cloud e-Learning would need automated facilitation in all services involved. We outline few indicative scenaria for Cloud E-Learning in which smart agents will act on behalf of the learners, teachers and institution in order to maximise the benefit of the proposed concept.

SLAs for cross-layer adaptation and monitoring of service-based applications: a case study

Cross-layer adaptation and monitoring (CLAM) is an approach to the run-time quality assurance of service-based applications (SBAs). The aim of CLAM is to monitor the different layers of an SBA and correlate the monitoring results, such that in the event that a problem occurs an effective adaptation strategy is inferred for enacting a coordinated adaptation across all layers of the SBA. An important aspect of CLAM is the definition of the appropriate Service-Level Agreements (SLAs) for third party services utilised in the different layers of the SBAs. In this paper, we present insights into how to define SLAs for CLAM, by analysing SBAs in order to differentiate the third party business, software and infrastructure services utilised by the SBA. As a case study, we apply the analytical approach to an existing platform-as-a-service framework, which has been developed as an SBA and could benefit from CLAM. The analysis reveals the different third party services and their characteristics, as a precursor to defining SLAs. The case study successfully demonstrates how distinct SLAs for business, software and infrastructure services may be applied respectively in the BPM, SCC and SI layers of an SBA, to provide a flexible monitoring and adaptation response across layers.

Towards run-time monitoring of web services conformance to business-level agreements

Web service behaviour is currently specified in a mixture of ways, often using methods that are only partially complete. These range from static functional specifications, based on interfaces in WSDL and preconditions in RIF, to business process simulations using executable process-based models such as BPEL, to detailed quality of service (QoS) agreements laid down in a service level agreement (SLA).This paper recognises that something similar to a SLA is required at the higher business level to govern the contract between service producers, brokers and consumers. We call this a business level agreement (BLA) and within this framework, seek to unify disparate aspects of functional specification, QoS and runtime verification. We propose that the method for validating a web service with respect to its advertised BLA should be based on run-time service monitoring. This is a position paper towards defining these goals.

A unified integration and component testing approach from deterministic stream X-machine specifications

One of the great benefits of using a stream X-machine to specify a system is its associated testing method. Under certain design for test conditions, this method produces a test suite that can determine the correctness of the implementation under test (IUT), provided that the basic components of the stream X-machine model have been correctly implemented. However, such an approach implies that each component can be tested in isolation from the rest of the system. This is a limitation that, in practice, can be resolved by developing stubs and drivers. However, this adds complexity to the testing process and, furthermore, these new pieces of software can introduce faults that can invalidate the theoretical results of the aforementioned testing method. This paper extends the approach by allowing component testing to be performed in parallel with integration testing, while still guaranteeing the IUT correctness under the given design for test conditions. It also shows how the integration test suite, produced in previous publications, can be reduced.