Dongmei Liu, Hong Zhu and Ian Bayley 09 November 2012 Applying Algebraic Specification To Cloud...
36
Dongmei Liu, Hong Zhu and Ian Bayley 09 November 2012 Applying Algebraic Specification To Cloud Computing
Transcript of Dongmei Liu, Hong Zhu and Ian Bayley 09 November 2012 Applying Algebraic Specification To Cloud...
Dongmei Liu, Hong Zhu and Ian Bayley
09 November 2012
Applying Algebraic Specification To Cloud Computing
Outline
Motivation and Related works
Our Algebraic Specification Language
Case Study of IaaS GoGrid
Discussion
Conclusion and Future work
Motivation
Formal Specification Merits Limitation
Classification of approaches
Algebraic Specification Heterogeneous algebras Signature Axioms Property-Oriented
Model-Oriented
axiomaticalgebraic
Encourage rigourWell-founded mathematical basis.Well-defined semanticsAutomating analysis
Difficult to learn and useLimited scopeLimited scalability
Motivation
RESTful Web Services Identification of resources (URIs) Manipulation of resources through representations HTTP methods Stateless
Cloud Computing Open API OCCI (Open Cloud Computing Interface)
REST: From Research to Practice (2011, Erik Wilde)
http://stage.vambenepe.com/archives/863
The OCCI Core specification The OCCI Rendering specifications The OCCI Extension specifications
Related Works
Description of RESTful WS Formats for annotating the syntax and semantics Graphic notation(UML state machine diagram)
Algebraic Specification Algebras Co-algebras Extend algebraic and co-algebraic Algebraic testing
WADLhRESTS/Micro WSMOSA-REST
O. Liskin,etc. Welcome to the Real World: A Notation for Modeling REST Services, IEEE Internet Computing, 2012
CASOCC-WS
Overall structure Sorts, operators and/or axioms that logically belong
together are grouped into a unit.
<Specification> ::= {<Spec Unit>}<Spec Unit> ::=
Spec <Sort Name> [<Observability>]; <Signature> [<Axioms>] End
<Sort Name> ::= <Identifier><Observability> ::= is observable by <Operator ID> | is unobservable<Operator ID> ::= <Identifier>
CASOCC-WS
Example Spec BOOL is observable by eqv; Operators: Creator: true: VOID -> BOOL; false: VOID -> BOOL; Transformer: and: BOOL, BOOL -> BOOL; or: Bool, BOOL -> BOOL; eqv: BOOL, BOOL -> BOOL; not: BOOL -> BOOL; Axioms: For b: BOOL that b and true == b; b or false == b; b and b == b; b or b == b; ... End…End
CASOCC-WS
Signature specify the syntactic aspect of the software entity defines a set of typed operations reuse
<Signature> ::= [<Imported Sorts>;] <Operations><Imported Sorts> ::= Sort <Imported Sort List><Imported Sort List> ::= <Sort Name>[, <Imported Sort List>]<Operations> ::= Operators: [<Creators>;][<Transformers>;][<Observers>;][<Definers>;]<Creators> ::= Creator: <OpList><Transformers> ::= Transformer: <OpList><Observers> ::= Observer: <OpList><Definers> ::= Definer: <OpList><OpList> ::= <Operation> [; <OpList>]
CASOCC-WS
Operator Function: identifier, domain and co-domain types have more than one domain sort and more than one co-
domain sort at the same timeSpec STACK; Sort BOOL, NAT; Operators: Creator: newStack: -> STACK; Transformer: push: STACK, NAT -> STACK; pop: STACK -> STACK; Observer: isNewStack: STACK -> BOOL; top: STACK -> NAT;End
Spec STREAM is unobservable; Sort NAT; Operators: Transformer: next: STREAM -> STREAM, NAT;End
CASOCC-WS
Operator Function: identifier, domain and co-domain types have more than one domain sort and more than one co-
domain sort at the same time
<Operation> ::= <Operator ID> :['['<Context Sort>']'] [<Domain Type>] -> <Co-domain Type><Context Sort> ::= <Sort Name><Domain Type> ::= <Type> | VOID<Co-domain Type> ::= <Type> | VOID<Type> ::= <Sort Name> [, <Type>]
CASOCC-WS
Axioms specify the semantics of the operators describing the properties that operators are required to
satisfy consists of a variable declarations block and a list of
conditional equations.<Axioms> ::= Axiom: <Axiom List><Axiom List> ::= <Axiom> [<Axiom List>]<Axiom> ::= <Var Declarations> <Equations> End<Var Declarations> ::= For all <Var-Sort Pairs> that<Var-Sort Pairs> ::= <Var IDs> : <Sort Name> [, <Var-Sort Pairs>]<Var IDs> ::= <Var ID> [, <Var IDs>]<Var ID> ::= <Identifier>
CASOCC-WS
Equation conditional equation local variable and Let… in
For all s: STACK, n: NAT that Let s1 = push(s,n) in isNewStack(s1) == False; pop(s1) == s; top(s1) == n; EndEnd
For all SLR: ServerListRequest that SLR.num_items>=0; SLR.page>=0, if SLR.num_items> 0;End
For all s: STACK, n: NAT that isNewStack(push(s,n))== False; pop(push(s, n))== s; top(push(s, n))== n;End
CASOCC-WS
Equation conditional equation local variable and Let… in
<Equation> ::= [<Label>:] <Condition> [, if <Conditions>]; | Let <Var Definitions> in <Equations> End<Conditions> ::= <Condition> [(,|or) <Conditions>]<Condition> ::= <Bool Term> | <Term> <Relation OP> <Term> | "(" <Condition> ")" | "~" <Condition><Bool Term> ::= True | False | <Term><Relation OP> ::= "==" | "<>" | ">" | "<" | ">=" | "<=" | "IS“<Term> ::= <Var ID> | "(" <Term> ")“ | "<" <Term List> ">" | <Operator ID> ["(" [<Parameters>] ")"] | "[" <Term> "]" | <Term> "." <Term> | <Term> "#" <Term> | <numeric_expression> | <string_expression> | <literal_expression> | NULL
CASOCC-WS
Modular software entity: abstract data type, class, component, WS
Algebraic and co-algebraic
Op : [s] s1, … , sn s'1, … , s'k
Kinds of operators Creator Transformer Observer
Conditional equations Relation Operation Let … in …
Case Study: GoGird
GoGrid world's largest pure-play Infrastructure-as-a-Service
provider specializing in Cloud infrastructure solutions
API a REST-like query interface
Object List Get Add Delete Edit Other Ops
Server Yes Yes Yes Yes Yes Power
Server image Yes Yes Yes Yes Save, Restore
Load Balancer Yes Yes Yes Yes Yes
Job Yes Yes IP Yes
Password Yes Yes
Billing Yes
Option Yes
Case Study: GoGrid
Overall Structure of the Specification First, for each object, specifying the requests and
responses of the operations, defining their structures and the constraints on the values of the elements.
Then, specify the semantics of the operators on the type of objects by defining the relationships between the requests and the responses.
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Spec Server; Sort Option, IP, ServerImage; Operators: Observer: id: Server -> long; name: Server -> string; description: Server -> string; ip: Server -> IP; image: Server -> ServerImage; ram: Server -> Option; state: Server -> Option; type: Server -> Option; os: Server -> Option; isSandbox: Server -> boolean; datacenter: Server -> Option; Axiom: For all SO: Server that SO.id <> null; EndEnd
Spec ListofServer; Sort Server; Operators: Observer: items: ListofServer,int -> Server; length: ListofServer -> int;End
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Spec CommonParameter; Operators: Observer: api_key: CommonParameter -> string; sig: CommonParameter -> string; v: CommonParameter -> string; format: CommonParameter -> string; Axiom: For all CP: CommonParameter that CP.api_key <> NULL; CP.sig <> NULL; CP.v <> NULL; EndEnd
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Spec ServerListRequest; Sort CommonParameter, ListofString; Operators: Observer: para: ServerListRequest -> CommonParameter; num_items: ServerListRequest -> int; page: ServerListRequest -> int; server_type: ServerListRequest -> string; isSandbox: ServerListRequest -> boolean; datacenter: ServerListRequest -> ListofString; timestamp: ServerListRequest -> int; Axiom: For all SLR: ServerListRequest that SLR.num_items >=0; SLR.page >=0, if SLR.num_items > 0; EndEnd
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Spec ListResSummary; Operators: Observer: total: ListResSummary -> int; start: ListResSummary -> int; returned: ListResSummary -> int; numpages: ListResSummary -> int;Axiom: For all LRS: ListResSummary that LRS.total >= 0; LRS.start >= 0; LRS.returned >= 0; LRS.numpages >= 0; EndEnd
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Spec ServerListResponse; Sort ListResSummary, ListofServer, ListofString; Operators: Observer: status: ServerListResponse -> string; request_method: ServerListResponse -> string; summary: ServerListResponse -> ListResSummary; objects: ServerListResponse -> ListofServer; statusCode: ServerListResponse -> int; Axiom: For all SLR: ServerListResponse that SLR.request_method == "/grid/server/list"; End For all SLR:ServerListResponse, i,j:int that SLR.objects.items(i).id <> SLR.objects.items(j).id, if status == "success", i <> j, 0 <= i, i <= SLR.summary.returned, 0 <= j, j <= SLR.summary.returned; End ...End
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Spec ServerGrid; Sort CommonParameter, Server, ListofServer, … ListofString, ServerListRequest, ListResSummary, ServerListResponse, …; Operators: Observer: clockTime: ServerGrid -> int; sharedSecret: ServerGrid, string -> string; List: [ServerGrid] ServerListRequest -> ServerListResponse; Get: [ServerGrid] ServerGetRequest -> ServerGetResponse; Transformer: Add: [ServerGrid] ServerAddRequest -> ServerAddResponse; Delete: [ServerGrid] ServerDeleteRequest -> ServerDeleteResponse; Edit: [ServerGrid] ServerEditRequest -> ServerEditResponse; Power: [ServerGrid] ServerPowerRequest -> ServerPowerResponse;End
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Axiom <Authentication>:For all G:ServerGrid, X:ServerListRequest that Let key = X.para.api_key, sig_Re = MD5(key, G.sharedSecret(key), X.timeStamp) in G.List(X).statusCode == 403, If X.para.sig <> sig_Re or abs(X.timeStamp - G.clockTime) > 600; EndEnd
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Axiom <List-XOp>:For all G: ServerGrid, X: ServerListRequest, X1: ServerXOpRequest that [G.List(X)].XOp(X1) == G.XOp(X1);End
Case Study: GoGrid
The Specification of Server Objects and Collections Requests and Responses Semantics of the Operations
Axiom <Add-List>:For all G: ServerGrid, X1: ServerAddRequest, X2: ServerListRequest that [G.Add(X1)].List(X2).objects == insert(G.List(X2).objects, G.Add(X1).objects), If X2.num_items == 0, X2.server_type == NULL, X2.isSandbox == NULL, X2.datacenter == NULL, G.Add(X1).statusCode == 200, G.List(X2).statusCode == 200;End
Case Study: GoGrid
Results
Parser Tool
JavaCC (Compiler Compiler) parser generator for use with Java applications a tool that reads a grammar specification and converts it
to a Java program that can recognize matches to the grammar.
generates top-down parsers, which limits it to the LL(k)
<numeric_expression> ::= <Term> <Arithmetic OP> <Term>
<numeric_expression> ::= <numeric_p> [ (*|/) <numeric_p> ]<numeric_p> ::= <numeric_v> [ (+|-) <numeric_v> ]<numeric_v>] ::= <integer_literal> | <float_literal> | ( <Term> )
Parser Tool
JavaCC (Compiler Compiler)
Parser Tool
JavaCC (Compiler Compiler)
Parser Tool
JavaCC (Compiler Compiler)
Parser Tool
JavaCC (Compiler Compiler)
Parser Tool
GUI
Discussion
Improving Document Preciseness
Detecting Incompleteness
Checking Consistency
Reducing Redundancy
Understandability of Document
Conclusion
apply the CASOCC-WS specification language to cloud computing interface with a case study on GoGrid System
demonstrate that CASOCC-WS can be used for RESTful WS detect non-trivial errors including ambiguity, inconsistency and incompletenessdemonstrate that algebraic specifications can be easy to understand
Further work
More case study for cloud computing, OCCI
Extend the algebraic specification language
Combine Ontology to describe RESTful WS
Develop a tool to support automated testing of a
cloud computing interface
Thanks
Questions?
