browser-based enforcement of interface contracts in web applications with beepbeep (talk @ cav 2009)
DESCRIPTION
BeepBeep is a lightweight runtime monitor for AJAX web applications. It transparently checks in real time whether XML messages received and sent by the application satisfy a predefined interface specification.TRANSCRIPT
Sylvain Hallé
Sylvain Hallé, Roger Villemaire
Browser-based Enforcement ofInterface Contracts in Web Applications
with BeepBeep
University of CaliforniaSanta Barbara, USA
Université du Québec à MontréalMontréal, CANADA
Sylvain Hallé
Some web services
E-Commerce ServiceCompute Cloud
PayPal API: billing, express checkout
Shopping: like AmazonGoogle Search, Google Maps, GMail, ...
Sylvain Hallé
MyApplication.com
Using web applications
Sylvain Hallé
MyApplication.com
Using web applications
Sylvain Hallé
MyApplication.comi ?
Using web applications
Sylvain Hallé
MyApplication.com
1.
2.
...
i ?
Using web applications
Sylvain Hallé
<ListItems>
</ListItems> birds<title> </title>
<Items>
</Items>
1
abc
<Item> </ID> <Title> </Title> </Item> ...
<ID>
MyApplication.com
XML request
XMLresponse
Using web applications
Sylvain Hallé
Using web applications
MyApplication.com
2
Sylvain Hallé
Using web applications
MyApplication.com
c
2
Sylvain Hallé
<cart>
</cart>
<id> </id><items>
</items>
c
2 <item> </item>
<cartCreate>
</cartCreate> 2<item> </item>
XML request
MyApplication.com
XMLresponse
Using web applications
Sylvain Hallé
Using web applications
MyApplication.com
2
c
Sylvain Hallé
Using web applications
MyApplication.com
2
c
Sylvain Hallé
Constraints on the message trace
Sylvain Hallé
i ?
Constraints on the message trace
Sylvain Hallé
i ?
1.
2.
...
Constraints on the message trace
Sylvain Hallé
i ?
1.
2.
...
2
c
Constraints on the message trace
Sylvain Hallé
i ?
1.
2.
...
2
c
2
c
Constraints on the message trace
Sylvain Hallé
i ?
1.
2.
...
2
c
2
c
You cannot add the same item twiceto the shopping cart
Constraints on the message trace
Sylvain Hallé
i ?
1.
2.
...
2
c
2
c
You cannot add the same item twiceto the shopping cart
Constraints on the message trace
???
Sylvain Hallé
Constraints on the message trace
???
Sylvain Hallé
Constraints on the message trace
???
Sylvain Hallé
2 2
c
You cannot add the same item twiceto the shopping cart
! Atoms are properties over messages...
Constraints on the message trace
Sylvain Hallé
2 2
cG F( (Þ Ø
You cannot add the same item twiceto the shopping cart
! Atoms are properties over messages...! + LTL operators...
Constraints on the message trace
Sylvain Hallé
i i
cG( (Þ"i FØ
You cannot add the same item twiceto the shopping cart
! Atoms are properties over messages...! + LTL operators...! + quantification on elements
Constraints on the message trace
Sylvain Hallé
i i
cG( (Þ"i FØ
You cannot add the same item twiceto the shopping cart
! Atoms are properties over messages...! + LTL operators...! + quantification on elements } LTL-FO+
Constraints on the message trace
Sylvain Hallé
Enter BeepBeep
MyApplication.com
Sylvain Hallé
MyApplication.com
Enter BeepBeep
Sylvain Hallé
MyApplication.com
ii ii
ccGG(( ((ÞÞ""ii FFØØ
Enter BeepBeep
Sylvain Hallé
Enter BeepBeep
MyApplication.com
2
Sylvain Hallé
MyApplication.com
Enter BeepBeep
Sylvain Hallé
Enter BeepBeep
MyApplication.com
2
Sylvain Hallé
Enter BeepBeep
MyApplication.com
2
Sylvain Hallé
MyApplication.com
Enter BeepBeep
Sylvain Hallé
MyApplication.com
Enter BeepBeep
Sylvain Hallé
Adding BeepBeep to a real application
Sylvain Hallé
Adding BeepBeep to a real application
Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net
�
Sylvain Hallé
Adding BeepBeep to a real application
Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net
Include BeepBeep
�
�
Sylvain Hallé
Adding BeepBeep to a real application
myapplication.html
<html><head><title></title><script type=" " href=" "/>
</head><body>
</body></html>
My Application
...
text/javascriptmyapplication.js
Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net
Include BeepBeep
�
�
Sylvain Hallé
Adding BeepBeep to a real application
myapplication.html
<html><head><title></title><script type=" " href=" "/>
</head><body>
</body></html>
My Application
...
text/javascriptmyapplication.js
<script type="text/javascript" href="beepbeep.js"/>
Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net
Include BeepBeep
�
�
Sylvain Hallé
Adding BeepBeep to a real application
myapplication.html myapplication.js
<html><head><title></title><script type=" " href=" "/>
</head><body>
</body></html>
My Application
...
text/javascriptmyapplication.js
<script type="text/javascript" href="beepbeep.js"/>
// Initializations
= ();
(){
( );}
...
req XMLHttpRequest
...
abc
... req. some_message
new
function
send
Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net
Include BeepBeep
�
�
Sylvain Hallé
Adding BeepBeep to a real application
myapplication.html myapplication.js
<html><head><title></title><script type=" " href=" "/>
</head><body>
</body></html>
My Application
...
text/javascriptmyapplication.js
<script type="text/javascript" href="beepbeep.js"/>
// Initializations
= ();
(){
( );}
...
req
...
abc
... req. some_message
new
function
send
XMLHttpRequestBB
Copy BeepBeep to application folderhttp://beepbeep.sourceforge.net
Include BeepBeep
�
�
Sylvain Hallé
Obtain (or create) a with LTL-FO+ formulaecontract file�
Adding BeepBeep to a real application
# ---------------------------------------------------------------# BeepBeep contract file for the Amazon ECS# ---------------------------------------------------------------
% To create a cart, you must put at least one item
% You can only create a cart once
% No CartAdd can occur before a CartCreate
% You cannot add the same item twice to the shopping cart
; G ([x1 /CartCreate/Operation] (((x1) = ({CartCreate})) -> (<x2 /CartCreate/Items/Item/ASIN> ({TRUE}))))
; G ([x1 /CartCreate/Operation] (((x1) = ({CartCreate})) -> (X (G (!(<x2 /CartCreate/Operation> ((x2) = ({CartCreate}))))))))
; (!(<x1 /CartAdd/Operation> ((x1) = ({CartAdd})))) U (<x2 /CartCreate/Operation> ((x2) = ({CartCreate})))
; G ([i /CartCreate/Items/Item/ASIN] (X (G ([j /CartAdd/Items/Item/ASIN] (!((i) = (j)))))))
Sylvain Hallé
Quick demo
Sylvain Hallé
Sample property: "each car entering in a parking lot must exit before entering again"
Tim
e pe
r m
essa
ge (
ms)
Trace length
Experimental results
Hallé & Villemaire, EDOC 2008
< 5 ms/msg.
Sylvain Hallé
Simultaneous monitoring of 11 properties (Amazon example)
Experimental results
-20
0 20 40 60 80 100 120 140 160 180 200
-10
0
10
20
Moyenne
Tim
e d
iffe
ren
ce (
%)
< 5%
Trace length
Sylvain Hallé
Simultaneous monitoring of 11 properties (Amazon example)
Experimental results
Tim
e pe
r m
essa
ge (
ms)
Trace length
Data domain
00 20 40 60 80 100 120 140 160
2
4
14
6
8
10
12
200
25
Sylvain Hallé
Take-home points
Sylvain Hallé
1. Constraints involving operators and on message contents arise naturally in web applications
temporal quantificationreal
Take-home points
Sylvain Hallé
1. Constraints involving operators and on message contents arise naturally in web applications
2. An extension of LTL can formalize them:
temporal quantificationreal
LTL-FO+
Take-home points
Sylvain Hallé
1. Constraints involving operators and on message contents arise naturally in web applications
2. An extension of LTL can formalize them:
3. of these constraints can be doneefficiently, even with quantification
temporal quantificationreal
LTL-FO+
Runtime monitoring
Take-home points
Sylvain Hallé
1. Constraints involving operators and on message contents arise naturally in web applications
2. An extension of LTL can formalize them:
3. of these constraints can be doneefficiently, even with quantification
4. BeepBeep is a tool that allows it with on real applications
temporal quantificationreal
LTL-FO+
Runtime monitoring
minimal modifications
http://beepbeep.sourceforge.net/
Take-home points