Title: Conversation Specification: A New Approach to Design and Specification of E-Service Composition
1Conversation SpecificationA New Approach to
Design and Specification of E-Service Composition
- T. Bultan X. Fu R. Hull J. Su
- University of California at Santa Barbara
- Bell Labs, Lucent Technologies
2The E-Services Paradigm
- E-services network-resident software services
accessible via standardized protocols - In e-commerce, telecom, science
- Possibility of automatic discovery, composition,
invocation, monitoring - Primary roots
- Process description formalisms, including
automata and workflow - Data management (including models, transforms,
mediation, transactions) - Distributed computing middleware
3E-Services Composition
- Web ? very flexible forms of distributed
computing (SOAP, WSDL) - Composition distributed, flexible, and complex
- More flexible, less structured than CORBA
- Data management plays a large role
- Increased structure helps understanding
fundamental issues - Glue languages WSFL, XLANG, BPEL4WS, BPML
- Behavioral signatures automata-based, WSCL,
session types - Formalisms to describe e-services DAML-S pre-
and post-conditions
4Fundamental Issues in Composition
- How to build composite e-services from atomic
ones? - Various standards proposed different disciplines
addressed - Most pursue a procedural approach
- Approaches to synthesize (automatic
composition) e-compositions from desired global
properties - How to analyze composite e-services?
- Correctness, behaviors, composable?
compatibility? - Tools for analysis of compositions
- Formal foundations not yet clear
5Summary of Contributions
- Propose a model of global behaviors for composite
e-services - E-service interactions via messaging (e.g. in the
spirit of JMS, BizTalk) asynchronous FIFO
queue - Use formal language techniques
- Technical results concerning Mealy machines as
participating e-services - Global behaviors are not always regular languages
- The prepone and join closure of every regular
language global behavior of some composite
e-service - The converse of 2. is not true
- Implications to composition design
- Top-down is better than bottom-up
- Bounded queues vs unbounded
6Outline
- A Model for E-services Compositions
- Conversations
- Mealy Peers/Implementations
- Conversation Specifications (Top-Down)
- Related work
- Conclusions
7E-Composition Schema
- An E-C schema is a triple (M, P, C )
- Specifies the infrastructure of composition
conservative aggressive
8Composition Infrastructure
- Possible models
- Peer-to-peer (distributed control)
- Hub-and-spoke (centralized control)
9Communication Channels
- Channels are assumed to be reliable
- Asynchronous, for example, the following channel
send Order1
- Queues are FIFO, unbounded length
- Can simulate synchronousand also bounded queues
send Order1 receive Receipt1
10Messages
- Messages are classified into classes
- Each class is associated with one channel
- Each message class may have additional attributes
which can carry the contents of messages - For this paper, analysis involves no contents
- Results immediately apply to finite domain
contents
11Peers (E-services)
- In the most general case, a peer can be a Turing
machine
- Essence of BPEL4WS, BPML, etc. standards
- Finite control data structures
- Infinite state system and thus difficult to
analyze - Our approach
- Finite control (finite number of) message
classes( finite domain contents) - Open to extend to allow data structures (not in
this paper)
12Outline
- A Model for E-services Compositions
- Conversations
- Mealy Peers/Implementations
- Conversation Specifications (Top-Down)
- Related work
- Conclusions
13Global Behaviors of Composition
- Center around composition (collaboration)
- Rather than individual E-services
- Behavioral type checking composability is an
important issue - Our focusIs the specification of a composite
E-service correct? - How, when, and what do peers communicate?
- Correctness properties of communication during
possible executions - Ignore port-level details
14Conversations
- Watcher records the messages (classes) as they
are sent
authorize
ok
order2
payment1
payment2
receipt2
order1
receipt1
bill2
bill1
a
k
o1
b1
o2
p1
r1
r2
b2
p2
- A conversation is a sequence of messages the
watcher sees in a successful run (or session) - E-composition (ec) language the set of all
possible conversations
15Outline
- A Model for E-services Compositions
- Conversations
- Mealy Peers/Implementations
- Conversation Specifications (Top-Down)
- Related work
- Conclusions
16Peers Revisited
Do until halt nondeterministic choice
read an input send an output to some
other peer halt end choice
inputmessages
to othere-services
- Again, ports and storages are ignored
- Internal logic of peers finite state control
17Mealy Peers
- Mealy machines Finite state machines with input
(incoming messages) output (outgoing messages)
warehouse2
18Executing a Mealy Composition
?o2
!r2
?a
!a
!b2
!b2
?o1
!k
?k
!r2
!o1
?p2
?p2
!o2
a
k
o2
!r2
null
warehouse2
bank
store
w1
- Execution halts if
- All mealy peers are in final states
- All queues are empty
19Outline
- A Model for E-services Compositions
- Conversations
- Mealy Peers/Implementations
- Conversation Specifications (Top-Down)
- Related work
- Conclusions
20E-Composition Language ? Regular
- E-C languages are not always regular
- Example ECL ? ab anbn
?a
a
!a
?b
!b
b
p1
p2
- Not context free for some Mealy compositions
- Causes asynchronous communication unbounded
queue - Bounded queues or synchronous ECL always regular
21Practical Implications
- Simply composing peers without a global sense can
make the E-composition behaviors very complicated - Non regular means many model checking tools are
out of reach (for correctness) - Bottom up wont always work well
22An Alternative
- Given a regular language L as the global
behavior, find Mealy peers so that the ECL L - A quick answer no
- But, wait
23Local Views
- Local view of a conversation for a peer part of
the execution that is related to the peer - Defined as projection pp(w) for a conversation w
- Two conversations cannot be distinguished if they
have exactly the same set of local views - If abc is a part of a conversation, so are bac
and bca - ppi(abc) ppi (bac) ppi (bca) a for i
1, 2 - ppi(abc) ppi (bac) ppi (bca) bc for i 3,
4
b
a
p2
p1
p4
p3
c
24Join
- Given languages Li over Si, ? ? i ? n
- Conversations (ECLs) L are closed under
projection-join
25Local Prepone
!a
a
b
!b
c
local view at p
a peer p
- ppeer(w) should also allow
a
b
26A Synthesis Result
- Given a regular language L, we can find a Mealy
composition such that its ECL is the closure
- Intuitively given a regular L (e.g., ako1), we
can find Mealy peers whose conversations are not
arbitrary - Opportunity for automatic composition
- But some Mealy compositions do not relate to any
regular languages in this way
27The Converse (General Case)
- There is an Mealy compositions whose ECL is
notfor every regular languages L
ECL aibci i ?0
28The Tree Case
- When the peer-channel graph is a tree, then the
Mealy composition has an ECL equal tofor some
regular languages L - Intuitively the global behavior of bottom-up
composition is still predictable if the
composition infrastructure is a tree - In particular, adding an mediator (hub-spoke)
isnt a bad idea!
29Hub-and-spoke
- For every star-shaped E-composition
infrastructure, and every regular language L, we
can construct an Mealy composition whose ECL L - Good news for hub-and-spoke!
30Summary of Technical Results
- ECLs of some Mealy compositions are not
regular,some others not context free - The prepone and join closure of every regular
language ECL of some composite Mealy E-services - The converse of 2. is not true in general, true
in special cases
- However if bounded queue or synchronous
- ECL of every Mealy composition is regular
- Design time decision! Need to be explicit in
specifications (BPEL4WS, BPLM, )
31Outline
- A Model for E-services Compositions
- Conversations
- Mealy Peers/Implementations
- Conversation Specifications (Top-Down)
- Related work
- Conclusions
32Related Work
- Similar E-service models
- BPEL4WS (WSFL, XLANG), BPML, WSCL
- Workflow, 1-safe Petri-nets
- p-calculus synchronous but can simulate
unbounded buffer effect - Other synchronous models
- CSP Hoare 85, I/O automata Lynch-Tuttle 87,
interface automata Henzinger et al 01 - Other asynchronous models
- Communicating FSA Brand-Zafiropulo 82, Message
Sequence Charts Alur et al 00
33Conclusions
- Conversations are an interesting model for global
behaviors - Only a beginning, more need to be understood (see
also Hull et al PODS 03) - Would like ECLs to be regular, some sufficient
conditions are given in Fu-Bultan-S. CIAA 03 - Infinite domain message contents?
- Design tools, e.g., verification tools?
- Spawning new processes?
-