Campus Grids Meet Applications: Modeling, Metascheduling and Integration

Air Quality Forecasting (AQF) is a new discipline that attempts to reliably predict atmospheric pollution. An AQF application has complex workflows and in order to produce timely and reliable forecast results, each execution requires access to diverse and distributed computational and storage resources. Deploying AQF on Grids is one option to satisfy such needs, but requires the related Grid middleware to support automated workflow scheduling and execution on Grid resources. In this paper, we analyze the challenges in deploying an AQF application in a campus Grid environment and present our current efforts to develop a general solution for Grid-enabling scientific workflow applications in the GRACCE project. In GRACCE, an application’s workflow is described using GAMDL, a powerful dataflow language for describing application logic. The GRACCE metascheduling architecture provides the functionalities required for co-allocating Grid resources for workflow tasks, scheduling the workflows and monitoring their execution. By providing an integrated framework for modeling and metascheduling scientific workflow applications on Grid resources, we make it easy to build a customized environment with end-to-end support for application Grid deployment, from the management of an application and its dataset, to the automatic execution and analysis of its results.The work has been performed as part of the University of Houston’s Sun Microsystems Center of Excellence in Geosciences [38].     

A framework for early design and prototyping of service-oriented applications with design patterns

Service-oriented computing is playing an important role in several domains. Today the biggest shift in mainstream design and programming is toward service-oriented applications. However, the service paradigm raises a bundle of problems that did not exist in traditional component-based development where abstraction, encapsulation, and modularity were the only main concerns. Due to their distributed, dynamic, and heterogeneous nature, service-oriented software applications require us to discover, document, and share new design patterns at the service- and architecture-level. Moreover, service-oriented applications are hard to design and validate, and demand for new foundational theories, modeling notations and analysis techniques.In line to such a vision, this article presents a framework, called SCA-PatternBox, to design and prototype service-oriented applications with design patterns. The framework relies on the OASIS standard Service Component Architecture (SCA) and on SCA component implementation types, such as SCA-Java, for supporting an “implementation-oriented” approach to service-oriented architecture modeling and to the definition and instantiation of design patterns. Moreover, in order to provide formally verified design patterns, SCA-PatternBox allows the formal specification and analysis of the functional behavioral aspects of a design pattern using a formal service specification language called SCA-ASM (Service Component Architecture-Abstract State Machine). As major evaluation of the framework, two case studies and lessons learned are presented. A final comparison of existing design pattern languages is also reported.     

Software model checking without source code

We present a framework, called air, for verifying safety properties of assembly language programs via software model checking. air extends the applicability of predicate abstraction and counterexample guided abstraction refinement to the automated verification of low-level software. By working at the assembly level, air allows verification of programs for which source code is unavailable—such as legacy and COTS software—and programs that use features—such as pointers, structures, and object-orientation—that are problematic for source-level software verification tools. In addition, air makes no assumptions about the underlying compiler technology. We have implemented a prototype of air and present encouraging results on several non-trivial examples.     

XPECT: a framework for electronic commerce

Electronic commerce is emerging as one of the most important applications on the Internet, with the potential to revolutionize the whole structure of retail merchandising and shopping. There is already a need for an information technology infrastructure that goes well beyond the simple capabilities offered by the current development environments for Internet applications. For electronic commerce to really take off, however, it will have to give shoppers options not available through traditional commercial channels. This implies the further need for an infrastructure that can support complex and flexible services to manage customer tailored requests in the context of highly dynamic networks and federations of providers. To achieve this level of support will mean using the functionalities now considered to be whole applications as the elementary building blocks of e-commerce applications. Among these functionalities are: transactional payment; workflow; and multiparty agreement. To address these issues, we developed XPect, a generic framework for electronic commerce. The XPect framework supports the integration of multiple component functionalities. It is implemented in the Coordination Language Facility, an object based distributed application development tool. CLF assumes an object model of autonomous agents that can engage in interactions, more sophisticated than those in the traditional object paradigm. In addition, CLF allows for dynamically adding new services and for coordinating the access to multiple services     

Design and implementation of a framework for building distributed smart object systems

A smart object system encompasses the synergy between computationally augmented everyday objects and external applications. This paper presents a software framework for building smart object systems following a declarative programming approach centered around custom written documents that glue the smart objects together. More specifically, in the proposed framework, applications’ requirements and smart objects’ services are objectified through structured documents. A runtime infrastructure provides the spontaneous federation between smart objects and applications through structural type matching of these documents. There are three primary advantages of our approach: firstly, it allows developers to write applications in a generic way without prior knowledge of the smart objects that could be used by the applications. Secondly, smart object management (locating, accessing, etc.) issues are completely handled by the infrastructure; thus application development becomes rapid and simple. Finally, the programming abstraction used in the framework allows extension of functionalities of smart objects and applications very easily. We describe an implemented prototype of our framework and show examples of its use in a real life scenario to illustrate its feasibility.     

CaPiTo: protocol stacks for services

CaPiTo allows the modelling of service-oriented applications using process algebras at three levels of abstraction. The abstract level focuses on the key functionality of the services; the plug-in level shows how to obtain security using standardised protocol stacks; finally, the concrete level allows to consider how security is obtained using asymmetric and symmetric cryptographic primitives. The CaPiTo approach therefore caters for a variety of developers that need to cooperate on designing and implementing service-oriented applications. We show how to formally analyse CaPiTo specifications for ensuring the absence of security flaws. The method used is based on static analysis of the corresponding LySa specifications. We illustrate the development on two industrial case studies; one taken from the banking sector and the other a single sign-on protocol.     

Program verification with interacting analysis plugins

In this paper we propose and argue for a modular framework for interprocedural program analysis, where multiple program analysis tools are combined in order to exploit the particular advantages of each. This allows for “plugging together” such tools as required by each verification task and makes it easy to integrate new analyses. Our framework automates the sharing of information between plugins using a first order logic with transitive closure, in a way inspired by the open product of Cortesi et al. We describe a prototype implementation of our framework, which performs static assertion checking on a simple language for heap-manipulating programs. This implementation includes plugins for three existing approaches—predicate abstraction, 3-valued shape analysis and a decidable pointer analysis—and for a simple type system. We demonstrate through a detailed example the increase in precision that our approach can provide. Finally we discuss the design decisions we have taken, in particular the tradeoffs involved in the choice of language by which the plugins communicate, and identify some future directions for our work. R. Lazic, R. Nagarajan and J. C. P. Woodcock     

CA-PLAN,a service-oriented workflow

Workflow management systems (WfMSs) are accepted worldwide due to their ability to model and control business processes. Previously, we defined an intra-organizational workflow specification model, Process LANguage (PLAN). PLAN, with associated tools, allowed a user to describe a graph specification for processes, artifacts, and participants in an organization. PLAN has been successfully implemented in Agentflow to support workflow (Agentflow) applications. PLAN, and most current WfMSs are designed to adopt a centralized architecture so that they can be applied to a single organization. However, in such a structure, participants in Agentflow applications in different organizations cannot serve each other with workflows. In this paper, a service-oriented cooperative workflow model, Cooperative Agentflow Process LANguage (CA-PLAN) is presented. CA-PLAN proposes a workflow component model to model inter-organizational processes. In CA-PLAN, an inter-organizational process is partitioned into several intra-organizational processes. Each workflow system inside an organization is modeled as an Integrated Workflow Component (IWC). Each IWC contains a process service interface, specifying process services provided by an organization, in conjunction with a remote process interface specifying what remote processes are used to refer to remote process services provided by other organizations, and intra-organizational processes. An IWC is a workflow node and participant. An inter-organizational process is made up of connections among these process services and remote processes with respect to different IWCs. In this paper, the related service techniques and supporting tools provided in Agentflow systems are presented.     

面向服务的工作流访问控制模型研究

随着企业全球化、企业业务联合与分化的发展,企业组织结构更加动态化,企业业务流程经常发生变更,这都增加了工作流访问控制的复杂性.针对此问题,从工作流访问控制模型与流程模型分离的角度,提出一种面向服务的工作流访问控制模型——SOWAC模型.服务是流程任务的抽象执行和实施访问控制的基本单元,用服务的访问控制替代流程任务的访问控制.说明了SOWAC模型的组成元素及实施实例,提出一种基于服务授权历史的动态责任分离约束方法,并给出SOWAC模型在工作流系统中的实际应用.     

Semantic enrichment process: An approach to software component reuse in modernizing enterprise systems

In today’s dynamic business environments, organizations are under pressure to modernize their existing software systems in order to respond to changing business demands. Service oriented architectures provide a composition framework to create new business functionalities from autonomous building blocks called services, enabling organizations to quickly adapt to changing conditions and requirements. Characteristics of services offer the promise of leveraging the value of enterprise systems through source code reuse. In this respect, existing system components can be used as the foundation of newly created services. However, one problem to overcome is the lack of business semantics to support the reuse of existing source code. Without sufficient semantic knowledge about the code in the context of business functionality, it would be impossible to utilize source code components in services development. In this paper, we present an automated approach to enrich source code components with business semantics. Our approach is based on the idea that the gap between the two ends of an enterprise system—(1) services as processes and (2) source code—can be bridged via similarity of data definitions used in both ends. We evaluate our approach in the framework of a commercial enterprise systems application. Initial results indicate that the proposed approach is useful for annotating source code components with business specific knowledge.     

Abstraction-guided synthesis of synchronization

We present a novel framework for automatic inference of efficient synchronization in concurrent programs, a task known to be difficult and error-prone when done manually. Our framework is based on abstract interpretation and can infer synchronization for infinite state programs. Given a program, a specification, and an abstraction, we infer synchronization that avoids all (abstract) interleavings that may violate the specification, but permits as many valid interleavings as possible. Combined with abstraction refinement, our framework can be viewed as a new approach for verification where both the program and the abstraction can be modified on-the-fly during the verification process. The ability to modify the program, and not only the abstraction, allows us to remove program interleavings not only when they are known to be invalid, but also when they cannot be verified using the given abstraction. We implemented a prototype of our approach using numerical abstractions and applied it to verify several example programs.     

Enforcing spatio-temporal access control in mobile applications

Mobile application technology is quickly evolving and being progressively utilized in the commercial and public sectors. Such applications make use of spatio-temporal information to provide better services and functionalities. Authorization to such services often depends on the credentials of the user and also on the location and time. Although researchers have proposed spatio-temporal access control models for such applications, not much has been done with respect to enforcement of spatio-temporal access control. Towards this end, we provide a practical framework that allows one to enforce spatio-temporal policies in mobile applications. Our policy enforcement mechanism illustrates the practical viability of spatio-temporal authorization models and discusses potential challenges with possible solutions. Specifically, we propose an architecture for enforcing spatio-temporal access control and demonstrate its feasibility by developing a prototype. We also provide a number of protocols for granting and revoking access and formally analyze these protocols using the Alloy constraint solver to provide assurance that our proposed approach is indeed secure.     

Managing heterogeneous multi-system tasks to support enterprise-wide operations

The computing environment in most medium-sized and large enterprises involves old main-frame based (legacy) applications and systems as well as new workstation-based distributed computing systems. The objective of the METEOR project is to support multi-system workflow applications that automate enterprise operations. This paper deals with the modeling and specification of workflows in such applications. Tasks in our heterogeneous environment can be submitted through different types of interfaces on different processing entities. We first present a computational model for workflows that captures the behavior of both transactional and non-transactional tasks of different types. We then develop two languages for specifying a workflow at different levels of abstraction: the Workflow Specification Language (WFSL) is a declarative rule-based language used to express the application-level interactions between multiple tasks, while the Task Specification Language (TSL) focuses on the issues related to individual tasks. These languages are designed to address the important issues of inter-task dependencies, data formatting, data exchange, error handling, and recovery. The paper also presents an architecture for the workflow management system that supports the model and the languages. Recommended by: Omran Bukhres and e. Kühn     

A framework for the deployment of adaptable web service compositions

The basic paradigm of service-oriented architectures—publication, discovery, and use—can be interpreted in different ways. Current technologies assume a static and rigid approach: UDDI was conceived with the idea of a centralized repository for service publication and BPEL only supports design–time bindings between the orchestrated workflow and the external services. The trend, however, is towards more flexibility and dynamism. The single centralized repository is being substituted by dedicated repositories that cooperate and exchange information about stored services on demand. Design–time compositions are complemented by mechanisms to allow for the selection and binding of services at runtime. This paper presents the research results of our group in delivering a framework for the deployment of adaptable Web service compositions. The publication infrastructure integrates existing heterogeneous repositories and makes them cooperate for service discovery. The deployment infrastructure supports BPEL-like compositions that can select services dynamically, and also adjust their behavior in response to detected changes and unforeseen events. The framework also provides a monitoring-based validation of running compositions: we provide suitable probes to oversee the execution of deployed compositions. The various parts of the framework are exemplified on a common case study taken from the automotive domain. This research is partially supported by the European IST project SeCSE (Service Centric System Engineering) and the Italian FIRB project ARTDECO (Adaptive infRasTructures for DECentralized Organizations).     

Towards Multiple Access in Generic Component Architectures

The paper introduces an abstract framework for the specification of components with multiple require and provide interfaces that allows the specification of multiple access to a single provide interface. This framework can be regarded as a generalization of abstract hierarchical and connector-based component specification approaches. The main ideas are clarified in a sample specification, a component architecture for a web browser suite. For this, elementary nets are applied and are shown to be an instantiation of the abstract framework.     

Time-constrained services: a framework for using real-time web services in industrial automation

The use of web services in industrial automation, e.g. in fully automated production processes like car manufacturing, promises simplified interaction among the manufacturing devices due to standardized protocols and increased flexibility with respect to process implementation and reengineering. Moreover, the adoption of web services as a seamless communication backbone within the overall industrial enterprise has additional benefits, such as simplified interaction with suppliers and customers (i.e. horizontal integration) and avoidance of a break in the communication paradigm within the enterprise (i.e. vertical integration). The Time-Constrained Services (TiCS) framework is a development and execution environment that empowers automation engineers to develop, deploy, publish, compose, and invoke time-constrained web services. TiCS consists of four functional layers—tool support layer, real-time infrastructural layer, real-time service layer, and hardware layer—which contain several components to meet the demands of a web service based automation infrastructure. This article gives an overview of the TiCS framework. More precisely, the general design considerations and an architectural blueprint of the TiCS framework are presented. Subsequently, selected key components of the TiCS framework are discussed in detail: the SOAP4PLC engine for equipping programmable logic controllers with a web service interface, the SOAP4IPC engine for processing web services in real-time on industrial PCs, the WS-TemporalPolicy language for describing time constraints, and the TiCS Modeler for composing time-constrained web services into a time-constrained BPEL4WS workflow.     

基于Web服务的动态工作流系统的研究与实现

分析了面向服务的计算环境及服务组合的新特征和新问题，并在此基础上从面向业务用户的角度对基于Web服务的动态工作流进行了探讨，提出一种基于Web服务的动态工作流模型。以该模型为基础，设计了具有三层结构的基于Web服务的动态工作流系统，按照该架构并基于J2EE平台实现了系统．对基于web服务的动态工作流应用提供了系统支撑与验证环境。     

Web services interoperability specifications

A proposed conceptual framework for analyzing Web services interoperability issues provides a context for studying existing standards and specifications and for identifying new opportunities to provide automated support, for this technology. Web services are becoming the technology of choice for realizing service-oriented architectures (SOAs). Web services simplify interoperability and, therefore, application integration. They provide a means for wrapping existing applications so developers can access them through standard languages and protocols.