Skip to main content
SpringerLink
Log in

Monitoring and recovery for web service applications

  • Published:
Computing Aims and scope Submit manuscript

Abstract

Web service applications are distributed processes that are composed of dynamically bounded services. In this paper, we give a definitive description of a framework for performing runtime monitoring of web service applications against behavioural correctness properties described as finite state automata. These properties specify forbidden and desired interactions between service partners. Finite execution traces of web service applications described in BPEL are checked for conformance at runtime. When violations are discovered, our framework automatically proposes adaptation strategies, in the form of plans, which users can select for execution. Our framework also allows verification of stated pre- and post-conditions of service partners and provides guarantees of correctness of the generated recovery plans.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16

Similar content being viewed by others

Notes

  1. Formally, mixed properties are either finitary liveness properties or a mixture of finitary liveness and safety properties.

  2. Foster’s translation includes partner, activity and variable names in the labels, in order to include traceability information, but we omit these in this paper for simplicity.

  3. In [38], \(t_3\) and \(t_4\) are called \(t^{\mathtt{TBS }}_1\) and \(t^{\mathtt{TBS }}_2\), respectively.

    Table 1 Results of adding filtering and the adequate compensation check to our framework
    Full size table

References

  1. van der Aalst WMP, Weske M (2005) Case handling: a new paradigm for business process support. Data Knowl Eng 53(2):129–162

    Article  Google Scholar 

  2. Alur R, Henzinger TA (1998) Finitary fairness. ACM Trans Program Lang Syst 20:1171–1194

    Article  Google Scholar 

  3. Ball T, Rajamani S (2001) The SLAM toolkit. In: Proceedings of 13th international conference on computer-aided verification (CAV’01). LNCS, vol 2102. Springer, Berlin, pp 260–264

  4. Baresi L, Guinea S (2007) Dynamo and self-healing BPEL compositions (research demonstration). In: Proceedings of the 29th international conference on software engineering (ICSE’07). IEEE Computer Society (2007). Companion Volume, pp 69–70

  5. Baresi L, Guinea S (2011) Self-supervising BPEL processes. IEEE Trans Softw Eng 37(2):247–263

    Article  Google Scholar 

  6. Baresi L, Guinea S, Plebani P (2006) WS-Policy for service monitoring. In: 6th VLDB international workshop on technologies for E-services. LNCS, vol 3811. Springer, Berlin, pp 72–83

  7. Baresi L, Pasquale L (2010) Adaptive goals for self-adaptive service compositions. In: Proceedings of the (2010) IEEE international conference on web services (ICWS ’10). IEEE Computer Society, Washington, DC, USA, pp 353–360

  8. Berre DL, Parrain A (2012) SAT4J. http://www.sat4j.org/

  9. Biancullia D, Ghezzi C (2012) DynamoAOP–user manual. http://plastic.isti.cnr.it/download/tools/dynamo-aop/dynamoaop-manual.pdf

  10. Burdy L, Cheon Y, Cok DR, Ernst MD, Kiniry JR, Leavens GT, Leino KRM, Poll E (2005) An overview of JML tools and applications. Int J Softw Tools Technol Transf 7:212–232

    Article  Google Scholar 

  11. Carzaniga A, Gorla A, Perino N, Pezzè M (2010) Automatic workarounds for web applications. In: Proceedings of eighteenth international symposium on the foundations of, software engineering (FSE’10), pp 237–246

  12. Carzaniga A, Gorla A, Pezzè M (2008) Healing web applications through automatic workarounds. Int J Softw Tools Technol Transf 10(6):493–502

    Article  Google Scholar 

  13. Charfi A, Dinkelaker T, Mezini M (2009) A plug-in architecture for self-adaptive web service compositions. In: Proceedings of the (2009) IEEE international conference on web services (ICWS ’09). IEEE Computer Society, Washington, DC, USA, pp 35–42

  14. Charfi A, Mezini M (2007) AO4BPEL: an aspect-oriented extension to BPEL. World Wide Web 10:309–344

    Article  Google Scholar 

  15. Cheng BHC, de Lemos R, Garlan D, Giese H, Litoiu M, Magee J, Müller HA, Taylor R (2009) SEAMS 2009: Software engineering for adaptive and self-managing systems. In: 31st international conference on software engineering (ICSE’09), Companion Volume, pp 463–464

  16. DISI-UniTN/FBK-IRST (2012) The MathSAT 5 SMT Solver. http://mathsat.fbk.eu

  17. Dobson G (2006) Using WS-BPEL to implement software fault tolerance for web services. In: 32nd EUROMICRO conference on software engineering and advanced applications (EUROMICRO-SEAA’06), pp 126–133

  18. Fikes R, Nilsson NJ (1971) STRIPS: a new approach to the application of theorem proving to problem solving. J Artif Intell 2(3/4):189–208

    Article  MATH  Google Scholar 

  19. Foster H (2006) A rigorous approach to engineering web service compositions. PhD thesis, Imperial College

  20. Foster H, Emmerich W, Kramer J, Magee J, Rosenblum D, Uchitel S (2007) Model checking service compositions under resource constraints. In: Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on the foundations of software engineering (ESEC-FSE ’07). ACM, New York, pp 225–234

  21. Fu X, Bultan T, Su J (2004) Analysis of interacting BPEL web services. In: Proceedings of the 13th international conference on, world wide web (WWW’04), pp 621–630

  22. Fugini MG, Mussi E (2006) Recovery of faulty web applications through service discovery. In: Proceedings of the 1st SMR-VLDB workshop, matchmaking and approximate semantic-based retrieval: issues and perspectives. In: 32nd international conference on very large databases, pp 67–80

  23. Gurfinkel A, Wei O, Chechik M (2006) Yasm: a software model-checker for verification and refutation. In: Proceedings of 18th international conference on computer-aided verification (CAV’06). LNCS, vol 170–174. Springer, Seattle, p 4144

  24. Heckel R, Lohmann M (2005) Towards contract-based testing of web services. Electron Notes Theoret Comput Sci 116:145–156

    Article  Google Scholar 

  25. Hinz S, Schmidt K, Stahl C (2005) Transforming BPEL to Petri nets. In: Proceedings of the 3rd international conference on business process management (BPM’05). LNCS, vol 3649. Springer, Berlin, pp 220–235

  26. IBM (2012) WebSphere integration developer. http://www-01.ibm.com/software/integration/wid/

  27. Inverardi P, Mostarda L, Tivoli M, Autili M (2005) Synthesis of correct and distributed adaptors for component-based systems: an automatic approach. In: Proceedings of the 20th international conference on automated software engineering (ASE’05). ACM, New York, pp 405–409

  28. Kautz HA, Selman B (1999) Unifying SAT-based and graph-based planning. In: Proceedings of the 16th international joint conference on, artificial intelligence (IJCAI’99), pp 318–325

  29. McDermott DV (2002) Estimated-regression planning for interactions with web services. In: Proceedings of the sixth international conference on artificial intelligence planning systems (AIPS ’02). AAAI, pp 204–211

  30. McIlraith SA, Son TC (2002) Adapting golog for composition of semantic web services. In: Proceedings of the 8th international conference on principles and knowledge representation and reasoning (KR ’02). Morgan Kaufmann, San Francisco, pp 482–496

  31. Meyer B (1992) Applying “design by contract”. Computer 25:40–51

    Article  Google Scholar 

  32. Milner R (1989) Communication and concurrency. Prentice-Hall, New York

    MATH  Google Scholar 

  33. Narayanan S, McIlraith SA (2002) Simulation, verification and automated composition of web services. In: Proceedings of the 11th international conference on world wide web (WWW ’02). ACM, pp 77–88

  34. Nicola RD, Vaandrager F (1995) Three logics for branching bisimulation. J ACM 42(2):458–487

    Article  MATH  Google Scholar 

  35. OASIS (2012) Web Services Business Process Execution Language Version 2.0. http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.html

  36. Oracle (2012) Welcome to NetBeans. http://netbeans.org

  37. Ouyang C, Verbeek E, van der Aalst WMP, Breutel S, Dumas M, ter Hofstede AHM (2007) Formal semantics and analysis of control flow in WS-BPEL. Sci Comput Program 67(2–3):162–198

    Article  MATH  Google Scholar 

  38. Simmonds J (2011) Dynamic analysis of web services. Ph.D. thesis, University of Toronto, Toronto

  39. Simmonds J, Ben-David S, Chechik M (2010) Guided recovery for web service applications. In: Proceedings of eighteenth international symposium on the foundations of, software engineering (FSE’10), pp 247–256

  40. Simmonds J, Ben-David S, Chechik M (2010) Monitoring and recovery of web service applications. In: Ng JW, Chignell M, Cordy JR (eds) Smart internet. Lecture Notes in Computer Science, Springer, Berlin, pp 250–288

  41. Simmonds J, Ben-David S, Chechik M (2010) Optimizing computation of recovery plans for BPEL applications. In: Proceedings of 2010 workshop on testing, analysis and verification of web software (TAV-WEB’10), pp 3–14

  42. Simmonds J, Chechik M (2010) RuMoR: monitoring and recovery of BPEL applications. In: Proceedings of 25th IEEE/ACM international conference on, automated software engineering (ASE’10), pp 345–346

  43. Simmonds J, Gan Y, Chechik M, Nejati S, O’Farrell B, Litani E, Waterhouse J (2009) Runtime monitoring of web service conversations. IEEE Trans Service Comput 2(3):223–244

    Article  Google Scholar 

  44. Traverso P, Pistore M (2004) Automated composition of semantic web services into executable processes. In: Proceedings of the international semantic web conference (ISWC ’04), pp 380–394

  45. W3C (2012) Semantic Web. http://www.w3.org/standards/semanticweb/

  46. W3C (2012) Web Services Description Language (WSDL). http://www.w3.org/TR/wsdl

  47. Yan Y, Poizat P, Zhao L (2010) Self-adaptive service composition through graphplan repair. In: IEEE international conference on web services (ICWS ’10), pp 624–627

Download references

Acknowledgments

Several people contributed to the ideas presented in this paper: Shiva Nejati, Yuan Gan and Jonathan Amir were involved in various aspects of defining and building the runtime monitoring framework. Various people at IBM CAS Toronto, specifically, Bill O’Farrell, Julie Watermark, Elena Litani and Leho Nigel, have been working with us over the years, and Bill is responsible for shaping this project into its present form, including the suggestion that we work on recovery from runtime failure. We are also grateful to members of the IFIP Working Group 2.9 for their helpful feedback on this work. This research has been funded by NSERC, IBM Toronto, MITACS Accelerate, UTFSM DGIP and by the Ontario Post-Doctoral Fellowship program. We also thank reviewers of this special issue for many helpful comments.

Author information

Authors and Affiliations

  1. Departamento de Informática, Universidad Técnica Federico Santa María, Valparaiso, Chile

    Jocelyn Simmonds

  2. School of Computer Science, Hebrew University, Jerusalem, Israel

    Shoham Ben-David

  3. Department of Computer Science, University of Toronto, Toronto, Canada

    Marsha Chechik

Authors
  1. Jocelyn Simmonds
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shoham Ben-David
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marsha Chechik
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jocelyn Simmonds.

Appendix

Appendix

This appendix gives additional background information on BPEL’s activities and variables. We also provide an overview of the WSCoL subset used in this article.

1.1 BPEL activities and variables

The basic BPEL activities for interacting with partner web services are \(<\)receive\(>, <\)invoke\(>\) and \(<\)reply\(>\), which are used to receive messages, execute web services and return values, respectively. Conditional activities are used to define the control flow of the application: \(<\)while\(>,\,<\)if\(>\) and \(<\)pick\(>\). The \(<\)while\(>\) and \(<\)if\(>\) activities model internal choice, as conditions are expressions over process variables. The \(<\)pick\(>\) activity is used to model external choice: the application waits for the first occurrence of one of several possible events (specified using \(<\)onMessage\(>\)), executing the activities associated to the corresponding event. The \(<\)pick\(>\) activity completes once these activities are completed.

The structural activities \(<\)sequence\(>\) and \(<\)flow\(>\) are used to specify sequential and parallel composition of the enclosed activities, respectively. \(<\)scope\(>\) is used to define nested activities. In IBM WebSphere Integration Developer v7, developers can also add \(<\)collaboration\(>\) scopes, inspired by the work on dynamic workflows [1], which can be used to alter the application logic at runtime.

The \(<\)assign\(>\) activity is used to update the values of variables. Assignment activities consist of multiple \(<\)copy\(>\) rules, each with their own \(<\)from\(>\) and \(<\)to\(>\) parts, representing the source and destination data, respectively. \(<\)copy\(>\) rules can include data modification expressions, e.g., \(<\)copy\(><\)from\(> \mathtt{\$ i + 1} <\)/from\(><\)to\(> \mathtt{\$ i} <\)/to\(>\,<\)/copy\(>\) increments the value of \(\$\mathtt{i }\) by one, but can also be simple assignments.

BPEL has both global and local variables. Global variables are available throughout the process, while local variables are only available within the \(<\)scope\(>\) in which they are defined. Variable types can be simple or complex XSD (XML Schema Definition) types, schema elements, or WSDL message types, declared using the keywords type, element and messageType, respectively. Multiple schema elements can refer to the same complex XSD type.

Figure 17a shows the definition of the simple and complex XSD types used by the \(\mathtt{{TAS}}\) application. For example, \(\mathtt{fromDate }\) and \(\mathtt{sourceCity }\) are of the simple XSD types \(\mathtt{xsd:int }\) and \(\mathtt{xsd:string }\), respectively. On the other hand, \(\mathtt{tTripData }\) is a complex XSD type and includes a reference to every simple type declared in the same figure. These type definitions are then available from the BPEL process by importing the XSD file in which they are defined.

Fig. 17
figure 17

a Part of the schema file \(\mathtt{tas.xsd }\), showing the definition of the \(\mathtt{{TAS}}\) simple and complex XSD types; b part of the WSDL file \(\mathtt{tas.wsdl }\), showing the definition of the WSDL message types for the \(\mathsf{bc}\) service; and c the declaration of various BPEL global variables

Full size image

WSDL message types define abstract messages that can serve as the input or output of an operation, and are thus defined in the corresponding WSDL file. WSDL messages consist of one or more \(<\)part\(>\) elements, where each \(<\)part\(>\) is associated with an existing XSD element. For example, as shown in Fig. 17b (copy of Fig. 5a), the message type \(\mathtt{in }\_\mathtt{bc }\), which is the input message for the \(\mathsf{bc}\) service, consists of three parts: \(\mathtt{city },\,\mathtt{fromDate }\) and \(\mathtt{toDate }\).

Once the necessary variable types are defined and imported, we can declare the required BPEL variables. Figure 17c (copy of Fig. 5b) shows the definition of three variables of the \(\mathtt{{TAS}}\) system: \(\mathtt{tripData },\,\mathtt{inputBookCar }\) and \(\mathtt{outputBookCar }\). The first variable is used to maintain the state of the application, while the second two are the input and output variables of the \(\mathsf{bc}\) service. We have defined similar input and output variables for the rest of the services used by the \(\mathtt{{TAS}}\) application.

1.2 WSCoL

The grammar of the WSCoL subset used in this article is given in Fig. 18, where \(\mathtt{identifier }\) represents a valid BPEL variable identifier and \(\mathtt{xpath }\_\mathtt{expr }\) represents a valid XPath expression. \( LIT \) and \( NUM \) are sets of BPEL literals and numbers, respectively, while \(\mathbf{true}, \mathbf{false}, \backslash \mathbf{forall}, \backslash \mathbf{exists}, \backslash \mathbf{avg}, \backslash \mathbf{sum}, \backslash \mathbf{product}, \backslash \mathbf{min}, \backslash \mathbf{max}, \backslash \mathbf{returnInt}, \backslash \mathbf{returnBool}\), and \(\backslash \mathbf{returnString}\) are terminal symbols. The full WSCoL grammar is available in [9].

Fig. 18
figure 18

Grammar of the subset of the WSCoL language used in this work

Full size image

In WSCoL, we can write predicates about the state of a BPEL process by accessing its internal variables using XPath expressions. For example, the expression \( \$\mathtt{tripData/carBookingNo }\) retrieves the car booking number for the current trip, where \(\mathtt{tripData }\) is the associated BPEL identifier and \(\mathtt{/carBookingNo }\) is the XPath expression pointing to the XSD type to be queried.

External data is accessed by invoking other web services. For example, the expression

$$\begin{aligned} \begin{array}{l} \backslash \mathbf{returnInt} (\text{`}\mathtt{WSDL }\text{'}, \text{`}\mathtt{subtractDates }\text{'}, \\ \quad {(\$\mathtt{tripData/fromDate },\$\mathtt{tripData/toDate }), } \\ \quad \text{`}\mathtt{//parameters/subtractDatesResult/days \text{'}) } \end{array} \end{aligned}$$

returns the difference between the trip start and end dates as an integer. This is done by invoking the \(\mathtt{subtractDates }\) service with parameters \(\$\mathtt{tripData/fromDate }\) and \(\$\mathtt{tripData/toDate }\), corresponding to the trip start and end dates, respectively. The difference is stored in the variable \(\mathtt{//parameters/subtractDatesResult } \mathtt{/days }\), and the \(\mathtt{subtractDates }\) service definition is available in a preconfigured WSDL file.

The typical Boolean, relational and mathematical operators, as well as some pre-defined functions, are used to build more complex expressions. For example, the assertion

$$\begin{aligned}&{(\$\mathtt{tripData/carBookingNo }) >= 1000} \\&\quad \&\&~ \$\mathtt{tripData/fromDate } < \$\mathtt{tripData/toDate } \end{aligned}$$

checks that the car booking number is at least four digits long and that the trip end date occurs after the trip start date.

Predicates on sets of variables are defined through the use of general quantifiers of the form \(( \mathtt{Q }~ \$\mathtt{V }~ \mathtt{in }~ \mathtt{R };~ \mathtt{C })\), where \(\mathtt{Q }\) is one of the quantifiers listed in Fig. 18, \(\mathtt{R }\) is an XPath expression that represents a set of finite nodes, \(\$\mathtt{V }\) is the identifier used to access each node, and \(\mathtt{C }\) is a WSCoL predicate.

For example, the predicate

$$\begin{aligned}&(\backslash \mathbf{forall} \ \$\mathtt{L } \ \mathbf{in}\ \$ \mathtt{(outputGF/flights/flight/) }; \\&\quad \$\mathtt{(L/destCity) } == \$(\mathtt{tripData/destCity })) \end{aligned}$$

checks that all the flights returned by a \(\mathsf{getFlights}\) service have the same destination city as the one stored in \(\$\mathtt{tripData }\).

Rights and permissions

Reprints and permissions

About this article

Cite this article

Simmonds, J., Ben-David, S. & Chechik, M. Monitoring and recovery for web service applications. Computing 95, 223–267 (2013). https://doi.org/10.1007/s00607-012-0215-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-012-0215-y

Keywords

Mathematics Subject Classification

Search

Navigation