一种模型驱动的WS-CDL服务组合可靠性预测方法

WS-CDL是一种主流的Web服务组合标准,描述了基于编排机制的端对端服务组件的组合方式。对基于WS-CDL的服务组合进行可靠性预测,能帮助Web服务的使用和管理者定量考察服务的可信性,并帮助他们从功能相同的服务组件中择优选取以优化整体服务流程的可靠性。然而,学术界对WS-CDL可靠性研究非常匮乏。提出了一种模型驱动的方法来预测基于WS-CDL的组合服务的可靠性。该方法首先引入一系列的转换规则,将WS-CDL中的各种活动和结构转换为等效的NMSPN网描述。在生成的NMSPN网基础上,引入了一个预测算法以分析组合服务的“流程正常结束概率”。为了对理论模型和结果进行检验,还通过WS-CDL+执行引擎对服务组合的实例进行执行并获得了流程正常结束率的实验数据。比较发现,由实验数据导出的95%置信区间完好地覆盖了理论分析结果,表明了该方法的正确性和精确性。     

A formal and visual modeling approach to choreography based web services composition and conformance verification

Web services have emerged as the building blocks of a service-oriented architecture that supports not only enterprise application integration (EAI) and business process management (BPM) within an organization but also B2B collaboration based on business process integration. The web services choreography approach to B2B process integration allows business partners to orchestrate their own web services privately, while conforming with an agreed specification of the common ordering conditions and constraints under which messages are exchanged among partners’ web services. In this approach, choreography conformance is an essential requirement for the successful implementation of collaborative processes. A formal approach to web services composition and conformance verification based on WS-CDL and WS-BPEL is presented. This approach involves model checking as an automated means of verifying choreography conformance. The main contributions include a precise notion of choreography conformance on which verification is based as well as support for the complementary use of visual modeling (e.g. UML) and standard WS-¹ notations in composition.     

支持Web服务组合与验证的形式化模型

针对Web服务的组合与验证问题,在范畴理论描述框架的基础上,引入进程代数描述服务组件的外部行为,为Web服务系统的架构描述建立了一种形式化的语义模型。Web服务作为范畴理论中的对象节点,服务间的交互和组合关系作为态射,从而以范畴图表的形式来描述服务网络。在形式化定义服务接口、Web服务、服务组合等概念的基础上,进一步分析讨论了服务组合和交互过程中的语义特性,给出了Web服务可替代性和服务请求可满足性的形式化定义。实例研究表明,该框架增强了Web服务架构的语义描述能力。     

A formal approach for run-time verification of web applications using scope-extended LTL

ContextIn the past decade, the World Wide Web has been subject to rapid changes. Web sites have evolved from static information pages to dynamic and service-oriented applications that are used for a broad range of activities on a daily basis. For this reason, thorough analysis and verification of Web Applications help assure the deployment of high quality applications.ObjectivesIn this paper, an approach is presented to the formal verification and validation of existing web applications. The approach consists of using execution traces of a web application to automatically generate a communicating automata model. The obtained model is used to model checking the application against predefined properties, to perform regression testing, and for documentation.MethodsTraces used in the proposed approach are collected by monitoring a web application while it is explored by a user or a program. An automata-based model is derived from the collected traces by mapping the pages of the application under test into states and the links and forms used to browse the application into transitions between the states. Properties, meanwhile, express correctness and quality requirements on web applications and might concern all states of the model; in many cases, these properties concern only a proper subset of the states, in which case the model is refined to designate the subset of the global states of interest. A related problem of property specification in Linear Temporal Logic (LTL) over only a subset of states of a system is solved by means of specialized operators that facilitate specifying properties over propositional scopes in a concise and intuitive way. Each scope constitutes a subset of states that satisfy a propositional logic formula.ResultsAn implementation of the verification approach that uses the model checker Spin is presented where an integrated toolset is developed and empirical results are shown. Also, Linear Temporal Logic is extended with propositional scopes.Conclusiona formal approach is developed to build a finite automata model tuned to features of web applications that have to be validated, while delegating the task of property verification to an existing model checker. Also, the problem of property specification in LTL over a subset of the states of a given system is addressed, and a generic and practical solution is proposed which does not require any changes in the system model by defining specialized operators in LTL using scopes.     

大型复杂协议的形式化分析方法研究

大型复杂协议的形式化分析是目前研究的一个热点和难点.根据所采用技术的特点,将大型复杂协议的形式化分析方法分为基于逻辑推理的方法、基于模型检测的方法、基于定理证明的方法和基于进程代数的方法,并简要介绍了各类方法的代表性方法及验证器,最后对各类方法的特点进行分析和比较.指出迭式大型复杂协议的形式化分析方法未来的一个研究重点,修改原有方法或设计一种新的方法,使其既易自动化实现,又能用于复合协议的分析和验证.     

Dynamic planning approach to automated web service composition

In this paper, novel ideas are presented for solving the automated web service composition problem. Some of the possible real world problems such as partial observability of the environment, nondeterministic effects of web services and service execution failures are solved through a dynamic planning approach. The proposed approach is based on a novel AI planner that is designed for working in highly dynamic environments under time constraints, namely Simplanner. World altering service calls are done according to the WS-Coordination and WS-Business Activity web service transaction specifications in order to physically recover from failure situations and prevent the undesired side effects of the aborted web service composition efforts.     

Towards a formal study of automatic failure recovery in protocol-based web service composition

In the protocol-based Web service composition, the runtime unavailability of component services may result in a failed execution of the composite. In literature, multiple recovery heuristics have been proposed. This work provides a formal study and focuses on the complexity issues of the recovery problem in the protocol-based Web service composition. A recovery is a process responsible of migrating the failed execution into an alternative execution of the composite that still has the ability to reach a final state. The alternative execution is called a recovery execution. Following failure occurrence, several recovery executions may be available. The problem of finding the best recovery execution(s) is called the recovery problem. Several criteria may be used to determine the best recovery execution(s). In this work, we define the best recovery execution as the one which is attainable from the failed execution with a maximal number of invisible compensations with respect to the client. We assume that all transitions are compensatable. For a given recovery execution, we prove that the decision problem associated with computing the number of invisibly compensated transitions is NP-complete, and thus, we conclude that deciding of the best recovery execution is in \(\Sigma _2^P\).     

A formal methodology for integral security design and verification of network protocols

In this work we propose a methodology for incorporating the verification of the security properties of network protocols as a fundamental component of their design. This methodology can be separated in two main parts: context and requirements analysis along with its informal verification; and formal representation of protocols and the corresponding procedural verification. Although the procedural verification phase does not require any specific tool or approach, automated tools for model checking and/or theorem proving offer a good trade-off between effort and results. In general, any security protocol design methodology should be an iterative process addressing in each step critical contexts of increasing complexity as result of the considered protocol goals and the underlying threats. The effort required for detecting flaws is proportional to the complexity of the critical context under evaluation, and thus our methodology avoids wasting valuable system resources by analyzing simple flaws in the first stages of the design process. In this work we provide a methodology in coherence with the step-by-step goals definition and threat analysis using informal and formal procedures, being our main concern to highlight the adequacy of such a methodology for promoting trust in the accordingly implemented communication protocols. Our proposal is illustrated by its application to three communication protocols: MANA III, WEP's Shared Key Authentication and CHAT-SRP.     

Process-context aware matchmaking for web service composition

Web service composition can help software developer design more powerful and flexible applications according to requirements of enterprise. But during compositing, how to discover suitable web services is a critical problem in design and implementing application-oriented web service technologies. The traditional keyword-based matchmaking approach is difficult to help developer to find suitable service. Current researches find that to attaching semantics to each registered service can help improve the precision of matchmaking. The improvement can help developer find more suitable service for business process. This paper proposes a novel approach of semantics-based matchmaking, which is named process-context aware matchmaking. The process-context aware matchmaking discovers the suitable service during web service composite modeling. During matchmaking, the approach utilizes not only semantics of technical process but also that of business process of a registered service, thus further improving the precision of matchmaking. We integrate the process-context aware matchmaking with business-process-driven web service composition in an integrated development environment based on Eclipse. The performance evaluation shows that performance overhead of this novel approach is acceptable.     

基于邻接矩阵的Web服务组合

针对当前Web服务组合方法在动态性和算法时间复杂度方面存在的不足,提出一种基于邻接矩阵的服务组合方法,使用邻接矩阵表示服务间的顺序及并发关系,在构建抽象服务基础上由领域专家初步建立抽象服务的组合关系,利用Warshall算法计算传递闭包来判定服务请求是否可满足,同时构建动态服务组合流程。方法操作简单,Warshall算法时间复杂度为O(n3),在服务组合中有较好的实用性。     

Semantic web service composition testbed

A huge amount of web services are deployed on the Web, nowadays. These services can be used to fulfill online requests. Requests are getting more and more complicated over time. So, there exists a lot of frequent request that cannot be fulfilled using just one web service. For using web services, composing individual services to create the added-value composite web service to fulfill the user request is necessary in most cases. Web services can be composed manually but it is a too tedious and time consuming task. The ability of automatic web service composition to create a new composite web service is one of the key enabling features for the future for the semantic web. There are some successful methods for automatic web service composition, but the lack of standard, open, and lightweight test environment makes the comparison and evaluation of these composition methods impossible. In this paper we propose an architecture for a light weight and scalable testbed to execute, test and evaluate automatic web service composition algorithms. The architecture provides mandatory components for implementing and evaluation of automatic web service composition algorithms. Also, this architecture provides some extension mechanisms to extend its default functionalities. We have also given reference implementations for web service matchmaking and composition. Also, some scenarios for testing and evaluating the testbed are given. We have found that the performance of the composition method will dramatically decrease as the number of web services increases.     

Model transformation and formal verification for Semantic Web Services composition

Web services composition is becoming more and more important in today’s service oriented business environment. We need to compose services from different providers together to fulfill the business goals that cannot be satisfied by any single service. However, different services often have semantic inconsistencies which may lead to the failure of the services composition. In order to verify the correctness of the Semantic Web Services composition, this paper proposed a composition model of Coloured Petri Nets which is transformed from OWL-S model. This model can express the logical relations among the sub-processes of the services composition explicitly, and verify the correctness of the services composition using formalized methods of Coloured Petri Nets. This paper presented the verification algorithms for the reachability, boundness and semantic consistency of composed services. Furthermore, an example of collaborating design process was given to simulate and execute the model.     

A formal approach to MpSoC performance verification

Multiprocessor system on chip designs use complex on-chip networks to integrate different programmable processor cores, specialized memories, and other components on a single chip. MpSoC have been become the architecture of choice in many industries. Their heterogeneity inevitably increases with intellectual-property integration and component specialization. System integration is becoming a major challenge in their design. Simulation is state of the art in MpSoC performance verification, but it has conceptual disadvantages that become disabling as complexity increases. Formal approaches offer a systematic alternative. The article presents a technology that uses event model interfaces and a novel event flow mechanism that extends formal analysis approaches from real-time system design into the multiprocessor system on chip domain.     

快速语义Web服务发现方法

针对现有的基于本体描述的语义Web服务发现方法发现效率较为低下的问题,提出一种新的服务发现方法.该方法在基于本体距离计算语义Web服务综合相似度的基础上,利用数据挖掘中的聚类算法AGNES对语义Web服务集合进行聚类预处理,形成若干服务簇,然后应用相应服务发现算法根据相似度阈值定位于某一服务簇内进行查找匹配,从而可减少搜索空间.理论与仿真实验结果表明,该方法既可保证服务发现的准确率,又可明显提高服务发现的效率.     

A novel formal verification approach for RTL hardware IP cores

We present a promising formal verification methodology based on the inductive approach using the imPROVE-HDL tool. This methodology is dedicated for RTL IPs or IP-based digital/logic hardware designs to prove the correctness of their temporal properties related to the control-dominated architecture model. Each temporal property can be checked through the IP interface where all properties have to be proved or disproved. We developed a new methodology to generate the appropriate environment of the IP interface according to the design context (master, slave, arbiter and decoder) before starting the verification of all properties one by one. When all temporal properties are verified, we generate some test sequences that contain a complex scenario to check the compatibility between all properties. We implemented our methodology to generate the appropriate environment and applied the inductive approach to verify various properties of two real IP designs using the imPROVE-HDL tool developed by TNI-Valiosys. The first design is an RTL IP-based digital hardware dedicated for real time video processing, where the second one performs an AHB to AHB Bridge. On these designs, we successfully proved few properties and discovered a design violation.     

Reliability-aware automatic composition approach for web services

In this paper,we study the reliability-aware synthesis problem for composing available services automatically and guaranteeing that the composed result satisfies the specification,such as temporal constraints of functionality and reliability,centered on a synthesis model for mediator of web services composition (CSM).This approach focuses on handling attributes and state relations,and permitting users and services to operate over them,i.e.,read /write their data values and compare them according to a dense state order.We show that the reliability-aware synthesis problem for the specification is EXPTIME-complete and we give an exponential-time algorithm (CSM-NSA) which for a given formula ψ and a synthesis model,synthesizes available services in the library satisfying ψ over the synthesis model (if they exist) or responds with "not satisfiable" (otherwise).The specification ψ is a fragment of PCTL (probabilistic computation tree logic),obtained from "ordinary" CTL (computation tree logic) by replacing the EX,AX,EU and AU operation with their quantitative counterparts X >p,X =1,U >p,and U =1,respectively.As opposed to NSA,we provide a more effective algorithm to replace the NSA algorithm called CSM-HSA (heuristic synthesis algorithm).Though HSA is an incomplete algorithm,the answer is correct.The experiments show that the HSA algorithm solves the problem of reliability-aware service synthesis effectively and efficiently.