1

Ivan LaneseComputer Science Department

University of BolognaItaly

Towards a Unifying Theory for Web Services Composition

Manuel MazzaraFaculty of Computer Science

Free University of Bozen - BolzanoItaly

Roadmap

Service Oriented Computing

Webπ∞ as a model for SOC

How to compute process

equivalence

Conclusions

Roadmap

Service Oriented Computing

Webπ∞ as a model for SOC

How to compute process

equivalence

Conclusions

Web services

Set of technologies– to facilitate B2B integration

– using a standard web-messaging infrastructure

– support Service Oriented Computing

There is no web services revolution– an evolution based on already existing Internet protocols

Service Oriented Computing

Emerging paradigm for distributed computing and e-business processing– Based on web services composition

Finds its origin in object-oriented and component computing

Goal: – Enabling developers to build networks of integrated and

collaborative applications, regardless of » the platform where the application runs

» the used programming language

Web services composition

Allows to build complex services and business processes out of simpler ones

Called web services composition or orchestration Web services composition transparent to the final

consumer Many industrial proposals to deal with web services

orchestration– WSFL (IBM): graph-oriented

– XLANG (Microsoft): block-structured

– WS-BPEL (OASIS): tries to unify both

WS-BPEL

The most credited candidate to become a future standard for web services composition

Workflow-based programming language Describes sophisticated business processes by

orchestrating web services Allows for a mixture of block and graph-structured

process models– We are mostly interested in the first style

It is expressive at the price of being complex

Error handling

An important aspect of web services orchestration Many things can go wrong in a web service execution

– Broken connections

– Server crashes

– Unsatisfied requirements

Usually treated by transactions ACID transactions

– From database field

– If a transaction commits then its

complete effect is granted

– If a transaction fails all its effects are annulled

Long-running transactions

ACID transactions not practical in SOC– Web services are loosely coupled

– Transactions can last long-time (e.g., shipping good)

– Some actions cannot be simply undone (e.g., message communication)

Non ACID transactions are usually called long-running Based on the idea of compensations

– If a transaction fails then execute the compensation for it

– Should be explicitly programmed since application-dependent» Send annul communication to partners

» Ask for refunding

» Mark order as no more valid

Transactions in WS-BPEL

WS-BPEL has three different mechanisms for error handling – fault handling, compensation handling, event handling

Able to deal with many possibilities Complex and difficult to use Informal and unclear documentation

Towards formal methods

Need of a formal framework– To provide a clear and rigorous semantics

– To prove properties of web services composition

We start from π-calculus– Many languages (included WS-BPEL) claim being based on it

(but the connection is not always evident)

We add a transaction operator to easily deal with error handling

Roadmap

Service Oriented Computing

Webπ∞ as a model for SOC

How to compute process

equivalence

Conclusions

Webπ∞

Extension of asynchronous π-calculus– To deal with asynchronous communications among loose

coupled web services

With an operator of transaction to deal with compensations

Originally proposed as the timed language Webπ [Laneve, Zavattaro FOSSACS’05]

We are interested in the untimed version

Webπ∞ syntax

Execute P.

If a message arrives at x then start executing Q instead

P;Q ::= 0 (nil)j x eu (output)j

Pi 2 I xi ( eui ):Pi (guarded choice)

j (x)P (restriction)j P jQ (parallel composition)j !x(eu):P (guarded replication)j hjP ; Qjix (workunit)

The semantics

We give a reduction semantics in Milner style– Structural congruence + reduction rules

Weak barbed congruence as abstract semantics– Barbs allow to observe basic process behaviours

– Weak to abstract from internal activities

– Congruence to ensure preservation under composition» Two equivalent web services remain equivalent also when composed

in two complex business processes

Structural congruence

Standard rules for parallel composition and restriction

Structural congruence

Standard rules for parallel composition and restriction Commit of a workunit

hj0 ; Qjix ´ 0

Structural congruence

Standard rules for parallel composition and restriction Commit of a workunit

Flattening of workunit nesting [different e.g. w.r.t. c-

join]

hj0 ; Qjix ´ 0

hjhjP ; Qjiy j R ; Sjix ´ hjP ; Qjiy j hjR ; Sjix

Structural congruence

Standard rules for parallel composition and restriction Commit of a workunit

Flattening of workunit nesting [different e.g. w.r.t. c-

join]

Messages can float away

hj0 ; Qjix ´ 0

hjhjP ; Qjiy j R ; Sjix ´ hjP ; Qjiy j hjR ; Sjix

hjz euj P ; Qjix ´ z euj hjP ; Qjix

Reduction rules

Standard rules for communicationxi evj

Pi2 I xi ( eui ):Pi ! Pi

©ev=eui

ª

xevj !x(eu):P ! P©ev=eu

ªj !x(eu):P

Reduction rules

Standard rules for communication

Rule for transaction abort

only if P contains only (and at least one) inputs

xi evjP

i2 I xi ( eui ):Pi ! Pi

©ev=eui

ª

xevj !x(eu):P ! P©ev=eu

ªj !x(eu):P

x j hjP ; Qjix ! (y)hjQ ; 0jiy

Weak barbed congruence

Barbs: P ↓ x if P contains a message with subject x Weak reduction: P Q if P has a sequence of

reductions leading to Q Weak barb: P x if P P’↓ x Barbed bisimulation: relation S such that P S Q implies

– If P ↓ x then Q x

– If P → P’ then Q Q’ and P’ S Q’

Barbed congruence ≈: largest barbed bisimulation that is also a congruence

Properties of barbed congruence

Good abstraction of process behaviour Preserved by composition Problem: difficult to compute

– Requires quantification over all contexts

Solution: using an auxiliary labeled semantics that implies barbed congruence and is easier to compute

Roadmap

Service Oriented Computing

Webπ∞ as a model for SOC

How to compute process

equivalence

Conclusions

Labeled semantics

Most rules as in standard late π-calculus

Special rules to deal with transactions

Predicate inp(P): true if P contains at least an input

Function xtr(P): extracts messages and transactions inside P

P ¹¡! P 0 bn(¹ ) \ (fn(Q) [ fxg) = ;

hjP ; Qjix¹¡! hjP 0 ; Qjix

P x¡! P 0 inp(P ) y fresh

hjP ; Qjix¿¡! (y)hjxtr(P 0) j Q ; 0jiy

inp(P ) y fresh

hjP ; Qjixx()¡¡! (y)hjxtr(P ) jQ ; 0jiy

Deriving a suitable abstract semantics

We use weak asynchronous bisimilarity– Labels must be matched but …

– An action μ can be matched by a sequence τ…τ μ τ…τ (weak)

– An input can be matched by a τ which leaves the message available (asynchronous)

Weak asynchronous bisimilarity is not a congruence Closed bisimilarity: closed under inp and xtr Closed bisimilarity is a congruence Closed bisimilarity implies barbed congruence

– Useful tool to prove behavioural equivalence

Example: compensations reducibility

Example: compensations reducibility

Compensations can always be reduced to a single output

if x’,y fresh Proved using closed bisimulation

hjP ; Qjix ¼(x0;y)(hjP ; x0jix j hjx0():Q ; 0jiy)

Example: compensations reducibility

Compensations can always be reduced to a single output

if x’,y fresh Proved using closed bisimulation The following relation is a closed bisimulation

Note: property not valid in a strong or timed setting

hjP ; Qjix ¼(x0;y)(hjP ; x0jix j hjx0():Q ; 0jiy)

Á= f(P;P )g[ f (hjP ; Qjix;(x0;y)(hjP ; x0jix j hjx

0():Q ; 0jiy))g[ f ((z)hjP 0j Q ; 0ji z;(x

0;z;y)(hjP 0 ; 0jiz j hjQ ; 0jiy))g

Other applications

Other applications

Properties of web services composition can be proved– Decoupling of a service body

Webπ∞ has been used to formalize a simplification of BPEL recovery framework [Lucchi, Mazzara JLAP]

hj!z(u):P jQ ; vjix ¼(y)(hj!z(u):P ; yjix j hjQ j (w)w(u) ; vjiy)

Roadmap

Service Oriented Computing

Webπ∞ as a model for SOC

How to compute process

equivalence

Conclusions

Conclusions

Webπ∞ is a suitable formal framework

– For analyzing web services orchestration

– For reasoning about transactions

– Able to treat WS-BPEL

Labeled semantics makes it practically usable to prove

properties of web services

Next step: exploiting it via tools

Related work

Webπ: extension of Webπ∞ with time

– Similar semantic properties but different aim

– Allows to use timeouts

C-join: extends join instead of π

– The nesting of transactions matters

– When transactions interact are merged

Compensating CSP: extends CSP

– Analyze the composition of compensations

– No synchronization nor mobility

End of talk

hj!question(u):if u = calculi thenquestionans elsex ;

questionmanuel:mazzara@unibz:itjix