FLACOS08Malta November 2008

Olaf Owe, Cristian Prisacariu,, Gerardo Schneider, Oslo UniversityGordon Pace, University of MaltaSeif Haridi, Pablo Giambiagi, Björn Bjurling,Swedish Institute of Computer ScienceJoseph C. Okika, and Anders P. Ravn, Aalborg University

www.ifi.uio.no/cosodis/

NorduNet3 Project 2006 - 2010

Contract-Oriented Software Developmentfor Internet Services - Where is the project now?

Why Contracts ?

Collaboration across organizational domains presumes trust, but…

When trust is insufficient, use contracts

SOA and contracts• The consumer either trusts the provider…• … or they sign a contract which:– Determines the rights and obligations of each signatory– Usually states how the contract is to be monitored– Specify functional but also extra-functional qualities of the

service: e.g. security, performance

How ?• Developers need language support to program

services that are:

– Distributed– Interoperable– Discoverable– Contract-aware

COSoDIS Mission1. develop novel approaches to implement and

reason about contracts in a service oriented architecture.

2. design and give proof of usefulness of system modeling tools and programming language tools

3. to empower SOA developers to deploy highly-dynamic, negotiable and monitorable Internet services.

1. Pablo Giambiagi, Olaf Owe, Anders P. Ravn, and Gerardo Schneider, Language-Based Support for Service Oriented Architectures: Future Directions

2. Pablo Giambiagi , Olaf Owe, Anders P. Ravn and Gerardo Schneider, Contract-Oriented Software Development for Internet Services

Key Issues for Contracts

• Definition• Feasibility checking• Compatibility checking• Conformance checking• Monitoring

C

C ≠Ø

C1 ≤ C2

P |= C

P || I(C)

Is SOA really New? (Wolfgang Reisig)

Application Area

Aspect Enterprise Computing Embedded Systems Service Oriented

Interface DataBase Schema RT-profile ? Dist. Objects

Functionality Queries Control algorithms ? Components

Protocol Workflow Reactive processes ? Orchestration

Dependability Integrity Timeliness ? Availability

Fault Tolerance Transactions Replicated Processes ? Compensation

QoS Performance Firm/Hard R-T ? Reliability

The Marketplace

Language/Approach

Aspect Web Services (WS-*)

Semantic Web (*-S)

Electronic Business (eb-*)

Interface WSDL OWL-S ebBSI

Functionality WS-BPEL, WSOL OWL-S (IOPE), WSMO

ebBPSS

Protocol WS-BPEL, WS-CDL WSMO, OWL-S ebBPSS

Security WS-Security OWL-S ebCPA(SecurityPolicy)

QoS WS-PolicyWS-TrustWSOLWSLA

OWL-SWSMOWSML

ebCPP(XMLDSIG)ebCPA

P,C

1. Joseph C. Okika and Anders P. Ravn, Classification of SOA Contract Specification Languages

1. Formal modelling of contracts

• develop a model of contracts in a SOA • A minimum requirement is to combine QoS specification and

behavioral models (essential to constrain protocol implementation and to enforce confidentiality).

• develop practical and efficient methods to enforce information flow properties of realistic code, including cryptographic protocol implementations.

1. Johs H. Hammer and Gerardo Schneider, On the definition and policies of confidentiality2. Cristian Prisacariu and Gerardo Schneider, A Formal Language for Electronic Contracts3. ...

C

2. Programming language support for contracts

• extend Creol with “wrapper” primitives for correct-by-construction wrapped code.

• contracts for QoS and confidentiality will be modeled as first-class entities

• develop techniques for constructing monitors from contracts.

1. A. Torjusen, Olaf Owe, and Gerardo Schneider, Towards integration of XML in the Creol object-oriented language

2. Olaf Owe, Gerardo Schneider, and Martin Steffen, Components, Objects, and Contracts

P |= C P || I(C)

3. Reasoning about contracts

• extraction of models to facilitate reasoning about contracts.

• timing constraints will be mapped to timed automata • using the Maude tools for model checking and

exhaustive search.

1. Emilia Cambronero, Joseph C. Okika, and Anders P. Ravn, Analyzing Web Service Contracts - An Aspect Oriented Approach

2. Gordon Pace, Cristian Prisacariu, and Gerardo Schneider, Model Checking Contracts -a case study

C ≠ØC1 ≤ C2

Contract Patterns and Case Studies

• establishing representative examples, equipping them with suitable contracts.

• distill some useful contract patterns • provide corresponding verification patterns.

1. Zhenbang Chen, Zhiming Liu, Volker Stolz, Lu Yang, and Anders P. Ravn, A refinement driven component-based design

2. Sakyibea Darko-Ampem, Maria Katsoufi, and Pablo Giambiagi, Secure Negotiation in Virtual Organizations

3. Bjørn Burling,

Fitting it Together

Verification certificatesRV -> monitors

Applications

Models WS-CDL

Implement-ations.

Creol, Java, etc

WS-BPEL

Platform

Policies(Contract templates)

Service-Level Agreement

Contracts (e.g. CL)

Logics.

Expected Results - 2010• A modal logic for defining high level contracts

• Model checking tools for checking WS*-style contracts

• Larger Case Study? CoCoME

• Monitoring?

C C ≠Ø

C1 ≤ C2

P |= C

P || I(C)

Applications

Models WS-CDL

Implement-ations.

Creol, Java, etc WS-BPEL

Platform

Logics.

Is SOA really New? (Wolfgang Reisig)

Application Area

Aspect Enterprise Computing Embedded Systems Service Oriented

Interface DataBase Schema RT-profile ? Dist. Objects

Functionality Queries Control algorithms ? Components

Protocol Workflow Reactive processes ? Orchestration

Dependability Integrity Timeliness ? Availability

Fault Tolerance Transactions Replicated Processes ? Compensation

QoS Performance Firm/Hard R-T ? Reliability