1
A model-based validation framework for web services
V. Pretre, F. Bouquet, C. Lang
Laboratoire d’informatique de l’université de Franche-Comté
Besançon, France
STV’07 - Paris, december 5, 2007STV’07 - Paris, december 5, 2007
2
Table of contents
Web services qualityWS overview / Relations between WS / Quality of WS
A theoritical solutionModeling / Testing / Certifying quality
The validation frameworkRelations discovery / Pool generation / Tests execution …
Conclusion & future work
3
Table of contents
Web services qualityA web services overview
Relations between web services
Quality of web services
A theoritical solution
The validation framework
Conclusion & future work
4
Web services qualityAn overview of web services
Principles:client-server application
XML messages
In practice:SOAP encapsulation
http[s]
Linked technologies:WSDL
UDDI
…customer
UDDI
declaration
searchXML messages
Internet
Web service
5
Web services qualityRelations between operations
Compositions
A web service operation acts as a client of another one
Several kind of compositions:local/distributed
synchronous/asynchronous
static/dynamic
travel agency
customer
bank hotelairline company
6
Web services qualityRelations between operations
Temporal dependencies
An operation can be called only if another one has been called previously
Due to shared datas:server side (database …)
client side
Two types:each time
at least once
database
insertion reading
Customer
results reuse
7
Web services qualityQuality of web services
Many definitions:quality of service (accessibility, response time …)
confidentiality of datas
quality of results
Sources of the problem:quality of development
hosting
network
relations between operations
8
Table of contents
Web services quality
A theoritical solutionModeling web services behaviour
Test generation and execution
Certification of quality
The validation framework
Conclusion & future work
9
A theoritical solutionModeling WS - data used & interface
Done in the class diagram
Two types of classes:datas used by web services
web services interface
Methods used in tests have to be accessible for tester
operations
10
A theoritical solutionModeling WS - behaviour of operations
Written in OCL
Defensive modeling:no pre-conditions
errors raised in post-conditions
allows security testing
All behaviours must be modeled
Pre-condition:
self.mission.status = waitingValidationand
self.mission.employee != self.user
Post-condition:
if answer then self.mission.status = validatedelse self.mission.status = refusedendif
if thenif then
result = ok else result = autoValidation endif else result = unvalidableMissionendif
11
A theoritical solutionModeling WS - temporal evolution
State-chart diagram
Visual representation of temporal evolution
Complets OCL
userLoggedIn
wsDeployed
validateOk
errorType1 errorType6
errorType2 errorType5
errorType3 errorType4
errorType7
granted
12
A theoritical solutionModeling WS - initial state
Instance diagram
At least one instance for each class
Data chosen to:help test generation
cover all possible cases
be representative
Real data needed
Mission::mission1status = waitingValidation
Mission::mission2status = empty
Mission::mission3status = emptyEmployee::fakeEmployee
level=0
Employee::blueLeaderlevel=3
Group::blue
Employee::blueMember1level=4
ValidationRight::blue
13
A theoritical solutionTest generation and execution
Tests generated from the model
Tests executed in normal conditions of use
Who executes tests ?customers: many test execution, quality ensured
vendor: only one test execution, customers may not trust in test results
third party: tests results easily shared with customers, but their trust must be obtained
14
A theoritical solutionCertification of quality
Two solutions known:only web services that have passed tests are published
The audition framework for testing web services interoperability (Bertolino, Polini )
a mark is given according to tests results Quality attribute for a component quality model (Alvaro, Santana de Almeida,
Romero)
We chose the second solution:one mark by operation
represents the percentage of passed tests
15
Table of contents
Web services quality
A theoritical solution
The validation frameworkOverview
Discovering dependencies from model
Computing pools of dependencies
Tests execution
Certification to customers
Conclusion & future work
16
The validation frameworkOverview
2 - declaration
3 - treatments of model
4 - test generation5 - creation of test agents
6 - execution
7 - mark computation
8 - WS search
1 - modeling9 - results & marks
Agentcreator
17
The validation frameworkDiscovering dependencies
Needed for pools computing
Composition:found in OCL codeonly synchronous
Temporal dependencies:can not be automatically discoveredno common patterns in the state-chartcreation of sequence diagram to describe them
serviceStarted
userLoggedIn
userRegisteredregister()
login() login()
opened
open()save() create()
Client Self
1: register
2: login
18
The validation frameworkPools of dependencies
One pool by operationall operations on which it depends
Used to:compute marksplanify test execution
Produced in three stepscreation of the dependency graphcomputation of transitive enclosureeach neighbour of an operation belongs to its pool
open tag categorize publish
save prePublish
create
login
register ping
open tag categorize publish
save prePublish
create
login
register ping
19
The validation frameworkTests execution
Tests splitted into waves:operations without dependencies
operations depending on previously tested operations
….
Possible because dependency graph is a DAG
Executed by agents dispatched on the Internet
open tag categorize publish
save prePublish
create
login
register ping
5
1
2
3
4
open tag categorize publish
save prePublish
create
login
register ping
20
The validation frameworkMark computing
A temporary mark obtained from tests
Final mark based on pools of dependencies (lowest mark of the pool)
shows problems not raised by tests
quick update of mark with new versions
open tag categorize publish
save prePublish
create
login
register ping95
100
100
50
90 90 95 100
80
100
95
95
95
50
50 80 80 80
80
100
open tag categorize publish
save prePublish
create
login
register ping
21
Table of contents
Web services quality
A theoritical solution
The validation framework
Conclusion & future workConclusion
Known issues
22
Conclusion
The theoritical approach:based on an UML modeling solution (wide spread language)
unique model for behaviour, compositions & temporal dependencies
The framework :Concrete application of the theoritical approach
easy to use for vendors and customers:• based on a norm (UDDI)• marks easy to understand• no modification for the web services or deploiment framework
any kind of web service can be found on the UDDI server
23
Known issues & future work
The framework is not completly implemented:missing links between UDDI server and test generator
tool for model merging in case of distributed composition
The mark may not be fully representative3 tests and one fail => 66%
100 tests and 34 fails => 66%
All web services can not be tested and certified