browser-based enforcement of interface contracts in web applications with beepbeep (talk @ cav 2009)

Sylvain Hallé

Sylvain Hallé, Roger Villemaire

Browser-based Enforcement ofInterface Contracts in Web Applications

with BeepBeep

University of CaliforniaSanta Barbara, USA

Université du Québec à MontréalMontréal, CANADA

Sylvain Hallé

Some web services

E-Commerce ServiceCompute Cloud

PayPal API: billing, express checkout

Shopping: like AmazonGoogle Search, Google Maps, GMail, ...

Sylvain Hallé

MyApplication.com

Using web applications

Sylvain Hallé

MyApplication.com

Using web applications

Sylvain Hallé

MyApplication.comi ?

Using web applications

Sylvain Hallé

MyApplication.com

1.

2.

...

i ?

Using web applications

Sylvain Hallé

<ListItems>

</ListItems> birds<title> </title>

<Items>

</Items>

1

abc

<Item> </ID> <Title> </Title> </Item> ...

<ID>

MyApplication.com

XML request

XMLresponse

Using web applications

Sylvain Hallé

Using web applications

MyApplication.com

2

Sylvain Hallé

Using web applications

MyApplication.com

c

2

Sylvain Hallé

<cart>

</cart>

<id> </id><items>

</items>

c

2 <item> </item>

<cartCreate>

</cartCreate> 2<item> </item>

XML request

MyApplication.com

XMLresponse

Using web applications

Sylvain Hallé

Using web applications

MyApplication.com

2

c

Sylvain Hallé

Using web applications

MyApplication.com

2

c

Sylvain Hallé

Constraints on the message trace

Sylvain Hallé

i ?

Constraints on the message trace

Sylvain Hallé

i ?

1.

2.

...

Constraints on the message trace

Sylvain Hallé

i ?

1.

2.

...

2

c

Constraints on the message trace

Sylvain Hallé

i ?

1.

2.

...

2

c

2

c

Constraints on the message trace

Sylvain Hallé

i ?

1.

2.

...

2

c

2

c

You cannot add the same item twiceto the shopping cart

Constraints on the message trace

Sylvain Hallé

i ?

1.

2.

...

2

c

2

c

You cannot add the same item twiceto the shopping cart

Constraints on the message trace

???

Sylvain Hallé

Constraints on the message trace

???

Sylvain Hallé

Constraints on the message trace

???

Sylvain Hallé

2 2

c

You cannot add the same item twiceto the shopping cart

! Atoms are properties over messages...

Constraints on the message trace

Sylvain Hallé

2 2

cG F( (Þ Ø

You cannot add the same item twiceto the shopping cart

! Atoms are properties over messages...! + LTL operators...

Constraints on the message trace

Sylvain Hallé

i i

cG( (Þ"i FØ

You cannot add the same item twiceto the shopping cart

! Atoms are properties over messages...! + LTL operators...! + quantification on elements

Constraints on the message trace

Sylvain Hallé

i i

cG( (Þ"i FØ

You cannot add the same item twiceto the shopping cart

! Atoms are properties over messages...! + LTL operators...! + quantification on elements } LTL-FO+

Constraints on the message trace

Sylvain Hallé

Enter BeepBeep

MyApplication.com

Sylvain Hallé

MyApplication.com

Enter BeepBeep

Sylvain Hallé

MyApplication.com

ii ii

ccGG(( ((ÞÞ""ii FFØØ

Enter BeepBeep

Sylvain Hallé

Enter BeepBeep

MyApplication.com

2

Sylvain Hallé

MyApplication.com

Enter BeepBeep

Sylvain Hallé

Enter BeepBeep

MyApplication.com

2

Sylvain Hallé

Enter BeepBeep

MyApplication.com

2

Sylvain Hallé

MyApplication.com

Enter BeepBeep

Sylvain Hallé

MyApplication.com

Enter BeepBeep

Sylvain Hallé

Adding BeepBeep to a real application

Sylvain Hallé

Adding BeepBeep to a real application

Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net

�

Sylvain Hallé

Adding BeepBeep to a real application

Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net

Include BeepBeep

�

�

Sylvain Hallé

Adding BeepBeep to a real application

myapplication.html

<html><head><title></title><script type=" " href=" "/>

</head><body>

</body></html>

My Application

...

text/javascriptmyapplication.js

Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net

Include BeepBeep

�

�

Sylvain Hallé

Adding BeepBeep to a real application

myapplication.html

<html><head><title></title><script type=" " href=" "/>

</head><body>

</body></html>

My Application

...

text/javascriptmyapplication.js

<script type="text/javascript" href="beepbeep.js"/>

Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net

Include BeepBeep

�

�

Sylvain Hallé

Adding BeepBeep to a real application

myapplication.html myapplication.js

<html><head><title></title><script type=" " href=" "/>

</head><body>

</body></html>

My Application

...

text/javascriptmyapplication.js

<script type="text/javascript" href="beepbeep.js"/>

// Initializations

= ();

(){

( );}

...

req XMLHttpRequest

...

abc

... req. some_message

new

function

send

Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net

Include BeepBeep

�

�

Sylvain Hallé

Adding BeepBeep to a real application

myapplication.html myapplication.js

<html><head><title></title><script type=" " href=" "/>

</head><body>

</body></html>

My Application

...

text/javascriptmyapplication.js

<script type="text/javascript" href="beepbeep.js"/>

// Initializations

= ();

(){

( );}

...

req

...

abc

... req. some_message

new

function

send

XMLHttpRequestBB

Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net

Include BeepBeep

�

�

Sylvain Hallé

Obtain (or create) a with LTL-FO+ formulaecontract file�

Adding BeepBeep to a real application

# ---------------------------------------------------------------# BeepBeep contract file for the Amazon ECS# ---------------------------------------------------------------

% To create a cart, you must put at least one item

% You can only create a cart once

% No CartAdd can occur before a CartCreate

% You cannot add the same item twice to the shopping cart

; G ([x1 /CartCreate/Operation] (((x1) = ({CartCreate})) -> (<x2 /CartCreate/Items/Item/ASIN> ({TRUE}))))

; G ([x1 /CartCreate/Operation] (((x1) = ({CartCreate})) -> (X (G (!(<x2 /CartCreate/Operation> ((x2) = ({CartCreate}))))))))

; (!(<x1 /CartAdd/Operation> ((x1) = ({CartAdd})))) U (<x2 /CartCreate/Operation> ((x2) = ({CartCreate})))

; G ([i /CartCreate/Items/Item/ASIN] (X (G ([j /CartAdd/Items/Item/ASIN] (!((i) = (j)))))))

Sylvain Hallé

Quick demo

Sylvain Hallé

Sample property: "each car entering in a parking lot must exit before entering again"

Tim

e pe

r m

essa

ge (

ms)

Trace length

Experimental results

Hallé & Villemaire, EDOC 2008

< 5 ms/msg.

Sylvain Hallé

Simultaneous monitoring of 11 properties (Amazon example)

Experimental results

-20

0 20 40 60 80 100 120 140 160 180 200

-10

0

10

20

Moyenne

Tim

e d

iffe

ren

ce (

%)

< 5%

Trace length

Sylvain Hallé

Simultaneous monitoring of 11 properties (Amazon example)

Experimental results

Tim

e pe

r m

essa

ge (

ms)

Trace length

Data domain

00 20 40 60 80 100 120 140 160

2

4

14

6

8

10

12

200

25

Sylvain Hallé

Take-home points

Sylvain Hallé

1. Constraints involving operators and on message contents arise naturally in web applications

temporal quantificationreal

Take-home points

Sylvain Hallé

1. Constraints involving operators and on message contents arise naturally in web applications

2. An extension of LTL can formalize them:

temporal quantificationreal

LTL-FO+

Take-home points

Sylvain Hallé

1. Constraints involving operators and on message contents arise naturally in web applications

2. An extension of LTL can formalize them:

3. of these constraints can be doneefficiently, even with quantification

temporal quantificationreal

LTL-FO+

Runtime monitoring

Take-home points

Sylvain Hallé

1. Constraints involving operators and on message contents arise naturally in web applications

2. An extension of LTL can formalize them:

3. of these constraints can be doneefficiently, even with quantification

4. BeepBeep is a tool that allows it with on real applications

temporal quantificationreal

LTL-FO+

Runtime monitoring

minimal modifications

http://beepbeep.sourceforge.net/

Take-home points