Tisa: A Language Design and Modular Verification Technique for Temporal Policies in Web Services

Rajan, Hridesh; Tao, Jia; Shaner, Steve M.; Leavens, Gary T.

doi:10.1007/978-3-642-00590-9_24

Cited by 10 publications

(9 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We model histicated global variable, it is modified between a do not attempt to specify focus on correctness and cts after a service call. posed in [13] employs a ormal methods techniques es. Policies include nony rules that should be mentation.…”

Section: A Contracting Framewo Web Servicmentioning

confidence: 99%

Formal Methods for Data-centric Web Services: From Model to Implementation

Saleh

Kulczycki

Blake

et al. 2013

2013 IEEE 20th International Conference on Web Services

View full text Add to dashboard Cite

Web services allow organizations to capture their human and software-based capabilities as modular software components that are called remotely over a network. In such service-oriented settings, it is important to establish an agreement that sets the obligations of the service provider and the expectations of the service consumer. Since traditional approaches such as Service Level Agreements (SLAs) are loosely defined with respect to data integrity aspects, in previous work, we proposed a formal model for specifying data-centric Web services. The goal is to formally and unambiguously specify the service behavior in terms of its underlying data model and data interactions. In this paper, we present our model and our effort in specifying and verifying data-centric Web services using three state-of-the-art specification languages: JML, Dafny and RESOLVE. Our goal is to study the feasibility of our proposed model and also to pinpoint the challenges and limitations of current specification and verification tools.

show abstract

Section: A Contracting Framewo Web Servicmentioning

confidence: 99%

Formal Methods for Data-centric Web Services: From Model to Implementation

Saleh

Kulczycki

Blake

et al. 2013

2013 IEEE 20th International Conference on Web Services

View full text Add to dashboard Cite

show abstract

“…The Tisa language recently proposed in (Rajan et al 2009) employs a similar methodology by applying formal methods techniques to specify temporal service policies. Policies include non-functional regulations and privacy rules that should be maintained by a service implementation.…”

Section: Related Workmentioning

confidence: 99%

Formal Methods for the Specification and Testing of Data‐centric Web Services: A Case Study

Saleh¹,

Kulczycki²,

Blake³

et al. 2013

STSC

View full text Add to dashboard Cite

Web services allow organizations to capture their human and software-based capabilities as modular software components that are called remotely over a network. In such service-oriented settings, it is important to establish an agreement that sets the obligations of the service provider and the expectations of the service consumer. Since traditional approaches such as Service Level Agreements (SLAs) are loosely defined with respect to data integrity aspects, in previous work, we proposed a formal model for specifying data-centric Web services. The goal is to formally and unambiguously specify the service behavior in terms of its underlying data model and data interactions. In this paper, we present a case study where we use our model to specify and verify data-centric Web services. We demonstrate our proposed methodology using three state-of-the-art specification languages: JML, Dafny and RESOLVE. We also explore the use of our specification to automatically generate test cases for data-centric services. Our goal is to study the feasibility of our proposed model and also to pinpoint the challenges and limitations of current specification and verification tools.

show abstract

“…If a method runs when an event of type p is announced, then its implementation must refine the contract se of the event type p. For example, in Figure 2 the method update on lines 21-26 must refine the contract of the event type Changed on lines 12-17. There are four new expression forms that only appear in contracts: specification expressions, next expressions, abstract invoke expressions, and choice expressions. A specification expression (spec) hides implementation details (i.e., algorithms) and thus abstracts from a piece of code in a conforming implementation [22,24]. The most general form of specification expression is requires sp1 ensures sp2, where sp1 is a precondition expression and sp2 is a postcondition.…”

Section: Figure 4: Syntax For Writing Translucid Contractsmentioning

confidence: 99%

“…The most general form of specification expression is requires sp1 ensures sp2, where sp1 is a precondition expression and sp2 is a postcondition. Such a specification expression hides program details by specifying that a correct implementation contains a refining expression whose body expression, when started in a state that satisfies sp1, will terminate in a state that satisfies sp2 [22,24]. In examples we use the following syntactic sugars: preserves sp for requires sp ensures sp, and establishes sp for requires 1 ensures sp [22].…”

Section: Figure 4: Syntax For Writing Translucid Contractsmentioning

confidence: 99%

“…Among others, Barnett and Schulte have used grey box specifications written in AsmL [5] for verifying contracts for .NET, Wasserman and Blum [29] also use a restricted form of grey box specifications for verification, Tyler and Soundarajan [28] and most recently Shaner et al [24] have used grey box specifications for verification of methods that make mandatory calls to other dynamically-dispatched methods. Rajan et al have used grey box specification to enable expressive assertions about web-services [22]. Compared to these ideas, our work is the first to consider grey box specification as a mechanism to enable modular reasoning about code that announces events and handles events, which is a common idiom of AO and II languages.…”

Section: Grey Box Specification and Verificationmentioning

confidence: 99%

See 1 more Smart Citation

Translucid contracts

Bagherzadeh

Rajan

Leavens

et al. 2011

Proceedings of the Tenth International Conference on Aspect-Oriented Software Development

Self Cite

View full text Add to dashboard Cite

As aspect-oriented (AO) programming techniques become more widely used, their use in critical systems such as aircraft and telephone networks, will become more widespread. However, careful reasoning about AO code seems difficult because: (1) advice may apply in too many places, and (2) standard specification techniques do not limit the control effects of advice. Commonly used black box specification techniques cannot easily specify control effects, such as advice that does not proceed to the advised code. In this work we avoid the first problem by using Ptolemy, a language with explicit event announcement. To solve the second problem we give a simple and understandable specification technique, translucid contracts, that not only allows programmers to write modular specifications for advice and advised code, but also allows them to reason about the code's control effects. We show that translucid contracts support sound modular verification of typical interaction patterns used in AO code. We also show that translucid contracts allow interesting control effects to be specified and enforced.

show abstract

Tisa: A Language Design and Modular Verification Technique for Temporal Policies in Web Services

Cited by 10 publications

References 46 publications

Formal Methods for Data-centric Web Services: From Model to Implementation

Formal Methods for Data-centric Web Services: From Model to Implementation

Formal Methods for the Specification and Testing of Data‐centric Web Services: A Case Study

Translucid contracts

Contact Info

Product

Resources

About