A Contract-Oriented Middleware

  • Massimo Bartoletti
  • Tiziana Cimoli
  • Maurizio Murgia
  • Alessandro Sebastian Podda
  • Livio Pompianu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9539)


Developing distributed applications typically requires to integrate new code with legacy third-party services, e.g., e-commerce facilities, maps, etc. These services cannot always be assumed to smoothly collaborate with each other; rather, they live in a “wild” environment where they must compete for resources, and possibly diverge from the expected behaviour if they find it convenient to do so. To overcome these issues, some recent works have proposed to discipline the interaction of mutually distrusting services through behavioural contracts. The idea is a dynamic composition, where only those services with compliant contracts can establish sessions through which they interact. Compliance between contracts guarantees that, if services behave honestly, they will enjoy safe interactions. We exploit a theory of timed behavioural contracts to formalise, design and implement a message-oriented middleware where distributed services can be dynamically composed, and their interaction monitored to detect contract violations. We show that the middleware allows to reduce the complexity of developing distributed applications, by relieving programmers from the need to explicitly deal with the misbehaviour of external services.


Reputation System Latent Contract Runtime Monitoring Live Sequence Chart Behavioural Contract 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The authors thank Maria Grazia Patteri, Mirko Joshua Mascia and Stefano Lande for their assistance in setting up the evalution and the case studies, and Alceste Scalas for the discussion about Java APIs. This work is partially supported by Aut. Reg. of Sardinia grants L.R.7/2007 CRP-17285 (TRICS), P.I.A. 2010 (“Social Glue”), P.O.R. F.S.E. Operational Programme of the Aut. Reg. of Sardinia, EU Social Fund 2007-13 – Axis IV Human Resources, Objective l.3, Line of Activity l.3.1), by MIUR PRIN 2010-11 project “Security Horizons”, and by EU COST Action IC1201 “Behavioural Types for Reliable Large-Scale Software Systems” (BETTY).


  1. 1.
    PayPal buyer protection. Accessed 8 July 2015
  2. 2.
    Alur, R., Dill, D.L.: A theory of timed automata. Theor. Comput. Sci. 126(2), 183–235 (1994)zbMATHMathSciNetCrossRefGoogle Scholar
  3. 3.
    Ardagna, D., Pernici, B.: Adaptive service composition in flexible processes. IEEE Trans. Software Eng. 33(6), 369–384 (2007)CrossRefGoogle Scholar
  4. 4.
    Banavar, G., Chandra, T., Strom, R.E., Sturman, D.: A case for message oriented middleware. In: Jayanti, P. (ed.) DISC 1999. LNCS, vol. 1693, pp. 1–17. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Bartoletti, M., Cimoli, T., Murgia, M., Patteri, M.G., Mascia, M.J., Podda, A.S., Pompianu, L., COREserve: a contract-oriented reservation marketplace (2015).
  6. 6.
    Bartoletti, M., Cimoli, T., Murgia, M., Podda, A.S., Pompianu, L.: Compliance and subtyping in timed session types. In: Graf, S., Viswanathan, M. (eds.) Formal Techniques for Distributed Objects, Components, and Systems. LNCS, vol. 9039, pp. 161–177. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  7. 7.
    Bartoletti, M., Cimoli,T., Murgia, M., Podda, A.S., Pompianu, L.: A contract-oriented middleware (2015).
  8. 8.
    Bartoletti, M., Cimoli, T., Zunino, R.: Compliance in behavioural contracts: a brief survey. In: Kahramanogullari, O., et al. (eds.) Degano Festschrift. LNCS, vol. 9465, pp. 103–121. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-25527-9_9 CrossRefGoogle Scholar
  9. 9.
    Bartoletti, M., Tuosto, E., Zunino, R.: Contract-oriented computing in \(CO_2\). Sci. Ann. Comp. Sci. 22(1), 5–60 (2012)MathSciNetGoogle Scholar
  10. 10.
    Bartoletti, M., Zunino, R.: A calculus of contracting processes. In: LICS (2010)Google Scholar
  11. 11.
    Behrmann, G., David, A., Larsen, K.G.: A tutorial on Uppaal. In: Bernardo, M., Corradini, F. (eds.) SFM-RT 2004. LNCS, vol. 3185, pp. 200–236. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Rueß, H., Schätz, B., Blech, J.O., Falcone, Y.: Behavioral specification based runtime monitors for OSGi services. In: Margaria, T., Steffen, B. (eds.) ISoLA 2012, Part I. LNCS, vol. 7609, pp. 405–419. Springer, Heidelberg (2012)Google Scholar
  13. 13.
    Tuosto, E., Bocchi, L., Yoshida, N., Honda, K.: A theory of design-by-contract for distributed multiparty interactions. In: Gastin, P., Laroussinie, F. (eds.) CONCUR 2010. LNCS, vol. 6269, pp. 162–176. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    Bocchi, L., Lange, J., Yoshida, N.: Meeting deadlines together. In: CONCUR (2015, to appear)Google Scholar
  15. 15.
    Yang, W., Yoshida, N., Bocchi, L.: Timed multiparty session types. In: Baldan, P., Gorla, D. (eds.) CONCUR 2014. LNCS, vol. 8704, pp. 419–434. Springer, Heidelberg (2014)Google Scholar
  16. 16.
    Brogi, A., Canal, C., Pimentel, E.: Behavioural types for service integration: achievements and challenges. ENTCS 180(2), 41–54 (2007)Google Scholar
  17. 17.
    Buscemi, M.G., Montanari, U.: CC-Pi: a constraint-based language for specifying service level agreements. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 18–32. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Göbel, J., Joschko, P., Koors, A., Page, B.: The discrete event simulation framework DESMO-J: review, comparison to other frameworks and latest development. In: Proceedings of ECMS, pp. 100–109 (2013)Google Scholar
  19. 19.
    Harel, D., Marelly, R.: Playing with time: on the specification and execution of time-enriched LSCs. In: MASCOTS, pp. 193–202 (2002)Google Scholar
  20. 20.
    Heckel, R., Lohmann, M.: Towards contract-based testing of Web services. Electr. Notes Theor. Comput. Sci. 116, 145–156 (2005)CrossRefGoogle Scholar
  21. 21.
    Hoffman, K.J., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Comput. Surv. 42(1), 1:1–1:31 (2009)CrossRefGoogle Scholar
  22. 22.
    Honda, K., Vasconcelos, V.T., Kubo, M.: Language primitives and type discipline for structured communication-based programming. In: Hankin, C. (ed.) ESOP 1998. LNCS, vol. 1381, pp. 122–138. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  23. 23.
    Honda, K., Yoshida, N., Carbone, M.: Multiparty asynchronous session types. In: POPL (2008)Google Scholar
  24. 24.
    Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. 12(3), 19:1–19:41 (2009)CrossRefGoogle Scholar
  25. 25.
    Milner, R., Parrow, P., Walker, D.: A calculus of mobile processes. I and II. Inf. Comput. 100(1), 1–77 (1992)zbMATHMathSciNetGoogle Scholar
  26. 26.
    Mukhija, A., Dingwall-Smith, A., Rosenblum, D.: QoS-aware service composition in Dino. In: ECOWS, pp. 3–12 (2007)Google Scholar
  27. 27.
    Neykova, R., Bocchi, L., Yoshida, N.: Timed runtime monitoring for multiparty conversations. In: BEAT, pp. 19–26 (2014)Google Scholar
  28. 28.
    Larsen, K.G., Skou, A.: An overview and synthesis on timed process algebras. In: Larsen, K.G., Skou, A. (eds.) CAV 1991. LNCS, vol. 575, pp. 376–398. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  29. 29.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)zbMATHMathSciNetCrossRefGoogle Scholar
  30. 30.
    Sahai, A., Machiraju, V., Sayal, M., van Moorsel, A.P.A., Casati, F.: Automated SLA monitoring for Web services. In: DSOM, pp. 28–41 (2002)Google Scholar
  31. 31.
    Saraswat, V.A., Rinard, M.C.: Concurrent constraint programming. In: POPL, pp. 232–245 (1990)Google Scholar
  32. 32.
    Sebastio, S., Vandin, A.: MultiVeStA: statistical model checking for discrete event simulators. In: Proceedings of ValueTools, pp. 310–315 (2013)Google Scholar
  33. 33.
    Srivatsa, M., Xiong, L., Liu, L.: TrustGuard: countering vulnerabilities in reputation management for decentralized overlay networks. In: WWW, pp. 422–431 (2005)Google Scholar
  34. 34.
    Strunk, A.: QoS-aware service composition: a survey. In: ECOWS, pp. 67–74. IEEE (2010)Google Scholar
  35. 35.
    Takeuchi, K., Honda, K., Kubo, M.: An interaction-based language and its typing system. In: Halatsis, C., Philokyprou, G., Maritsas, D., Theodoridis, S. (eds.) PARLE 1994. LNCS, vol. 817, pp. 398–413. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  36. 36.
    Tuosto, E.: Contract-oriented services. In: Beek, M.H., Lohmann, N. (eds.) WS-FM 2012. LNCS, vol. 7843, pp. 16–29. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  37. 37.
    Yu, T., Zhang, Y., Lin, K.-J.: Efficient algorithms for Web services selection with end-to-end QoS constraints. ACM Trans. Web 1(1), 6 (2007)CrossRefGoogle Scholar
  38. 38.
    Zeng, L., Benatallah, B., Ngu, A.H., Dumas, M., Kalagnanam, J., Chang, H.: QoS-aware middleware for Web services composition. IEEE Trans. Software Eng. 30(5), 311–327 (2004)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Massimo Bartoletti
    • 1
  • Tiziana Cimoli
    • 1
  • Maurizio Murgia
    • 1
  • Alessandro Sebastian Podda
    • 1
  • Livio Pompianu
    • 1
  1. 1.Università Degli Studi di CagliariCagliariItaly

Personalised recommendations