Research On Defect Pattern And Corresponding Static Analyzing Technology Of BPEL Processes

Web services have become a vital part of our lives.Service Oriented Computing (SOC) is aimed at providing the bases for building software by assembling independent, loosely coupled services. As any software development activity, also building a composite service requires strategies for performing quality assessment of applications and, in particular, verification and testing. The correctness and verification of web service orchestration is very important.Service composition can provide a lot of funchtions, such as composition language, specification and so on; it is a current trend of SOA. It characterized by heterogeneous, open, distributed and other distinctive. The emergence and development portfolio of services propose the direction for the future evolution of software development, and also put forward new tasks and challenges for the industry and academia.With the growing populariy of BPEL-based service composition, many of today’s enterprises construct their IT in such a way that individual applications are encapsulated as services which has become an important component in the enterprise applications. However, there is no guarantee that a composition of even very good services will always work, showing a weak and incredible features and event impose an irreversible economic loss. For the security-critical BPEL process, perhaps a small error can cause a significant economic loss. So improving the redibility of composition service becomes a top priority problem.Currently, service composition is far from being mature, in order to achieve large-scale commerce application, there are many key technologies and specific problem need to be break through. Any enterprise or individual can not guarantee that the development of the business process is correct, if we can find the errors during the development phase, it can reduce the probability of orrurrence of serious errors during the running phase. Modeling checking and variety of dynamic testing methods have emerged, which validating and certificating the process from part of aspects, but these methods have some liminations to some extent, such as the size of process under test and the testing cost. In the defect-based software testing technology, there is no need to run the system under test, and can also avoids the state exposition problem of model checking. Through the detecting algorithm and defect model, it can detect the corresponding defects in the process. So it can further enhance the credibility of the process reliability. In this context, this dissertation makes deep and systematic research on the defects, which is the core in the static analysis, and made a series of valuable research results, the main contributions are as follows:Firstly, on the basis of understanding and analyzing BPEL specification、 syntax、semantics, combined with the existing fault classification for service composition, firstly proposed the defect-based static detecting method of BPEL This method can ensure the comprehensive detection priori to deployment and reduce the risk of failure. In addition to the94defects, we give16defects specially.Secondly, we propose a common method to defect the110defects given above—using the extened finite state machine (EFSM) to model the defects and detecting the BPEL source code along the transidion condition of EFSM. In order to express the semantic of concurrency and synchronization, the tranditional control flow graph is expanded. During the analysis, based on the overall consideration, we attempt to combine the path consition and link complete semantic, which can effectively improve the accuracy.Thirdly, datarace is a factor that puzzles the correntness of concurrent language. On the basis of timestamp, we use the vector clock to compare the happen-before relation. To ensure that the activities of process can occur actually, reduce the number of false positive, we add the weighted value of events which further improve the efficiency of detection.Fourthly, In addition to intra-process control dependcy deadlock, inter-processes can also generate deadlock. The "process summary" is proposed to resove this problem, which records the execution information of process and related to concrete defect, so when analyzing the defects among the inter-process, only through the "process summary" is able to detect communication problems and reduce the overall cost of the process dependence graph of the system.In addition, for the purpose of keeping an overall understanding and grasping to the composition defects, some important issues with regard to composition defects are also described.