1 / 58

Comparing Two Approaches to Compensable Flow Composition

Roberto Bruni - Dipartimento di Informatica, Università di Pisa. joint work with Michael Butler Carla Ferreira Tony Hoare Hern á n Melgratti Ugo Montanari. Comparing Two Approaches to Compensable Flow Composition. CONCUR 2005, San Francisco (CA) USA, 23-26 August 2005. Roadmap.

nonnie
Download Presentation

Comparing Two Approaches to Compensable Flow Composition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Roberto Bruni - Dipartimento di Informatica, Università di Pisa joint work with Michael Butler Carla Ferreira Tony Hoare Hernán Melgratti Ugo Montanari Comparing Two Approaches to Compensable Flow Composition CONCUR 2005, San Francisco (CA) USA, 23-26 August 2005

  2. Roadmap • Introduction • Background • cCSP • Sagas • Informal Discussion • Sequential Sagas • Parallel Sagas • Concluding Remarks & Future Work Comparing Two Approaches to Compensable Flow Composition

  3. Roadmap • Introduction • Background • cCSP • Sagas • Informal Discussion • Sequential Sagas • Parallel Sagas • Concluding Remarks & Future Work Comparing Two Approaches to Compensable Flow Composition

  4. Technological Scenario • WS composition is an emerging paradigm for application integration within and across organization boundaries • WS is primarily an integration technology and it must bridge the gap between technologists and business people • each WS handles a specific taskdesigned and built by technical people • like a whole car engine, car frame, transmission • tasks arecombinedby business peopleto solve business level problems • like assembling the engine, the frame and the transmission without having to look at the many pieces within them • Business collaborations can require long-running interactions • a key issue in business processes languages • Design of such business processes calls for • graphical presentation • rigorous mathematical foundations • well-disciplined service composition principles • modular implementation Comparing Two Approaches to Compensable Flow Composition

  5. Long-Running Transactions and Compensations • When the transaction is long lasting and interactive, familiar automatic techniques of locking, check-pointing and rollback are not always adequate • partial agreements can be reached and locally committed by parties • to be confirmed on success • to be compensated in case of failure • to Compensate (Merriam-Webster OnLine) • to neutralize the effect of - to supply an equivalent to - to provide with means of counteracting variation - to offset an error, defect, or undesired effect • compensation is not rollback Comparing Two Approaches to Compensable Flow Composition

  6. Compensations: Examples • A client buys books in an on-line bookstore • the bookstore debits client's account as the payment for the order • the bookstore later realizes that one of the book in the client's order is out of print. To compensate the client for this problem: • the bookstore can credit back the account with the amount wrongfully debited and send an apologise letter • Failures on credit checks can cause the abort of parallel activities, e.g. • to unpackage the goods to be sent and to cancel the courier booking • Late cancelling of hotel reservations can involve fees • The most important fact:Compensations have a cost! Comparing Two Approaches to Compensable Flow Composition

  7. Contribution • Take two recent formalizations • Discover the analogies / differences on their core fragment • (hence the current title of the paper) • Show that each presentation style can recover the semantics of the other formalization... • (hence the original title: ReconcilingTwo Approaches to Compensable Flow Composition) • ...but they are not quite the same: • From the comparison Four Different Policies for Handling Compensable Concurrent Processesemerged (yet another possible title...) • three already formalised + a new one • the four semantics form a partial order Comparing Two Approaches to Compensable Flow Composition

  8. Roadmap • Introduction • Background • cCSP • Sagas • Informal Discussion • Sequential Sagas • Parallel Sagas • Concluding Remarks & Future Work Comparing Two Approaches to Compensable Flow Composition

  9. CHOREOGRAPHY Graphical Design (Diagram enthusiasts) Compensable Flows (PA enthusiasts) FORMAL INFORMAL StAC WS Standards (XML enthusiasts) cCSP cJoin (Pisa) t (Bologna) web (Bologna) Interaction Patterns (PC enthusiasts) Sagas Calculus ORCHESTRATION A Coarse-Grain (Partial) View • Two main approaches • Interaction based Composition or Conversational Patterns • services describe the ways they can be engaged in larger processes • separately designed services interact to reach their goals • Two main approaches • Flow Composition or Hierarchical Patterns • a process describes the control and data flows among WS • a flowengine invokes the services according to the application logic • A landscape of languages and techniques has emerged • WSFL, BPML, WSCI, XLANG, BPEL4WS, BTP, WS-AT, WS-BP, ... • continuously enriched with new proposals from different vendor coalitions • a babel of ad hoc proposals for standard • poorly disciplined provision of "accessory" features • informal (textual) description of "behaviour" • Formal models are needed • to reason rigorously • to find specification bugs • to run simulations • to ease verification Comparing Two Approaches to Compensable Flow Composition

  10. Orchestration &Choreography • Orchestration • is about describing and executing a single view point model • executable framework • Choreography • is about describing and guiding a global model (control is shared between domains that are responsible for their tasks) • abstract discipline • The entirely deliberate analogy is with • the way in which skilled musicians and dancers co-ordinate their actions while carrying out predetermined instructions • But the distinction can blur in many occasions On Demand Comparing Two Approaches to Compensable Flow Composition

  11. Sagas Calculi (Sagas) Compensating CSP (cCSP) inspired by SAGAS inspired by BPEL Bruni, Melgratti, Montanari Butler, Ferreira, Hoare Focus on Compensable Flows • Independently developed • Robust formalizations of compensable flow compositions with few key primitives • more abstract than StAC and closer to the spirit of Process Algebras Structured Activity Compensation (StAC) too many similar constructs semantics not entirely satisfactory several variants / improvements Butler, Ferreira, et al. Comparing Two Approaches to Compensable Flow Composition

  12. Flow Composition A2 A3 A1 A4 A5 A1; ( (A2; A3) | A5 ) ; A4 Comparing Two Approaches to Compensable Flow Composition

  13. Transactional Flows A2 A3 A1 A4 A5 [ A1 ; ( (A2 ; A3) | A5 ) ; A4] Comparing Two Approaches to Compensable Flow Composition

  14. CompensationPairs A2 A3 B2 B3 A1 A4 B1 B4 A5 B5 [ A1 % B1 ; ( (A2 % B2 ; A3 %B3) | A5 % B5 ) ; A4 %B4 ] Comparing Two Approaches to Compensable Flow Composition

  15. Compensation Flow A2 A3 B2 B3 A1 A4 B1 B4 A5 B5 [ A1 % B1 ; ( (A2 % B2 ; A3 %B3) | A5 % B5 ) ; A4 %B4 ] Note: compensations are to be executed in reverse order forward flow backward flow Comparing Two Approaches to Compensable Flow Composition

  16. cCSP: Syntax Standard processes P,Q ::= A | [PP] | P + Q | P ; Q | P | Q | SKIP | THROW | YIELD | P  Q Compensable processes PP,QQ::=P%Q |PP + QQ |PP ; QQ |PP | QQ |SKIPP |THROWW |YIELDD () atomic action transaction block compensation pair choice sequential composition parallel composition normal termination throw an interrupt yield to an interrupt interrupt handler Comparing Two Approaches to Compensable Flow Composition

  17. A RunningExample Comparing Two Approaches to Compensable Flow Composition

  18. A RunningExample Comparing Two Approaches to Compensable Flow Composition

  19. cCSP: RunningExample PackOrder = |iItems ( PackItem(i)%UnpackItem(i) ) FulfillOrder = BookCourier%CancelCourier | PackOrder | CreditCheck ; (SKIPP + THROWW ) OrderTransaction = [ ProcessOrder ] ProcessOrder = (AcceptOrder%RestockOrder) ; FulfillOrder Comparing Two Approaches to Compensable Flow Composition

  20. cCSP: Denotational Trace Semantics • each P is assigned a set of traces • set of special events  = { , !, ? } (disjoint from ) • traces p,q,... are -event-terminated sequences of actions in . Three possible shapes: • A,B,..., trace leading to normal termination • A,B,...,! trace leading to interrupt throw • A,B,...,? trace leading to interrupt yield • pq denotes concatenation • Note: unlike CSP, prefix traces are not considered • each PP is assigned a set of trace-pairs (p,q) where • p is the forward trace • q is the corresponding compensation trace Comparing Two Approaches to Compensable Flow Composition

  21. cCSP Semantics: Basic Processes & Sequential Cmp A =trace { A, }performs an atomic event and ends ok SKIP =trace {  }terminates successfully THROW =trace { ! }raises an interrupt YIELD =trace {? ,}either yields to an interrupt or ends ok P ; Q =trace { p;q | pP  qQ } where p ; q = pq p ; q = p if    Comparing Two Approaches to Compensable Flow Composition

  22. joint terminal event 1 2 1&2 ! ! ! ! ? ! !  ! ? ? ? ?  ?    cCSP Semantics:Parallel Composition P | Q =trace { r | rp||q  pP  qQ } where p1 || q2 = { r1&2 | rint(p,q) } • Processes running in parallel synchronise • on joint termination • or on joint interruption int(p,) = int(,p) = {p} int(Ap,Bq) = { Ar | rint(p,Bq) }  { Br | rint(Ap,q) } Comparing Two Approaches to Compensable Flow Composition

  23. cCSP Semantics: Transaction Block and Compensation Pairs [PP] =trace { p | (p,p')PP }  { pp' | (p!,p')PP } P %Q =trace{ p%q | pP  qQ } { (?,) } where p % q = (p,q) p % q = (p,)if    SKIPP =trace SKIP % SKIP THROWW =trace THROW % SKIP YIELDD =trace YIELDD % SKIP Comparing Two Approaches to Compensable Flow Composition

  24. cCSP Semantics:Compensable Sequential and Parallel PP ; QQ =trace { x;y | xPP  yQQ } where (p,p') ; (q,q') = (pq,q';p') (p,p') ; (q,q') = (p,p')if    PP | QQ =trace { z | zx||y  xPP  yQQ } where (p,p') || (q,q') = { (r,r') | rp||q  r'p'||q' } Comparing Two Approaches to Compensable Flow Composition

  25. cCSP: Core Fragment Standard processes P,Q ::= A | [PP] | P + Q | P ; Q | P | Q | SKIP | THROW | YIELD | P  Q Compensable processes PP,QQ::=A%B | PP + QQ |PP ; QQ |PP | QQ |SKIPP |THROWW |YIELDD atomic action transaction block compensation pair choice sequential composition parallel composition normal termination throw an interrupt yield to an interrupt interrupt handler Comparing Two Approaches to Compensable Flow Composition

  26. Sagas: Core Fragment Processes P,Q::= 0 |A %B | PQ | PQ |P ; Q |P | Q | S | try S with P | try S or P | S %P nil compensation pair • Any action can succeed or fail • THROW and YIELD are not explicit in the language • big-step SOS semantics • two different compensation policies devised for parallel processes internal choice discriminator sequential composition parallel composition nesting interrupt handler Sagas S,T ::= [P] forward recovery transaction block programmable compensation Comparing Two Approaches to Compensable Flow Composition

  27. A scenario • = {A1  ,…, An  } • A saga S in either • commits ( ) • aborts ( ) • fails ( ) • is the observable concurrentflow • abort = successfully compensated   S     S     S   * • A processPineither • commits ( ) • aborts ( ) • fails ( ) • ß, ß’ are installed compensations   <P,ß>  < ,ß’>    <P,ß>  < ,ß’>    <P,ß>  < ,ß’>  * NaiveSagas: SOS Semantics • An activity A either • commits (A ) • aborts (A ) Comparing Two Approaches to Compensable Flow Composition

  28. A scenario • = {A1  ,…, An  } • A saga S in either • commits ( ) • aborts ( ) • fails ( ) • is the observable concurrentflow • abort = successfully compensated   S     S     S   * * Revised Sagas: SOS Semantics • An activity A either • commits (A ) • aborts (A ) • A processPineither • commits ( ) • aborts ( ) + forced abort • fails ( ) + forced fail • ß, ß’ are installed compensations   <P,ß>  < ,ß’>    <P,ß>  < ,ß’>    <P,ß>  < ,ß’>  * Comparing Two Approaches to Compensable Flow Composition

  29. Sagas: RunningExample PackOrder = |iItems ( PackItem(i) % UnpackItem(i) ) FulfillOrder = BookCourier % CancelCourier | PackOrder | CreditCheck ; (SKIPP + THROWW ) OrderTransaction = [ ProcessOrder ] ProcessOrder = (AcceptOrder % RestockOrder) ; FulfillOrder Comparing Two Approaches to Compensable Flow Composition

  30.   <P,ß>  < , 0>  <ß,0>  < , 0>   (a-step’’) (f-cmp) *    <P;Q,ß>  < ,0>  A  ,  <A%B,ß>  < , 0>  * * A (s-act) A  ,  <A%B, ß>  < , B;ß>    <ß,0>  < , 0>  (s-cmp)  A  ,  <A%B,ß>  < , 0>   (a-step’)  <P,ß>  < , 0>  ’    <P,ß>  < ,ß’’>  <Q,ß’’>  < ,ß’>   <P;Q,ß>  < ,0>   (s-step) ;’  <P;Q, ß>  < ,ß’> (Sequential) Sagas: Semantics  0  <P,0>  < , ß>  (zero)  <0,ß>  < , ß> (saga)    [P]    On Demand Comparing Two Approaches to Compensable Flow Composition

  31. Roadmap • Introduction • Background • cCSP • Sagas • Informal Discussion • Sequential Sagas • Parallel Sagas • Concluding Remarks & Future Work Comparing Two Approaches to Compensable Flow Composition

  32. Sagas vs cCSP I • Trace models • interleaving in cCSP (centralizedflavour) • concurrent in Sagas (distributed flavour) • Executions of activities • always successful in cCSP • dependent on the context  in Sagas • Failures • raised by primitive THROW in cCSP • raised by activities that fail in  in Sagas • Yielding to interrupt • both explicit and implicit in cCSP • only implicit in Sagas Comparing Two Approaches to Compensable Flow Composition

  33. Sagas vs cCSP II • Abnormal termination • successful compensation and abnormal termination of a transaction block are silent to parent processes in cCSP • but not in Sagas • where e.g. try S or P can be introduced • Adequacy results • via self-cancelling in cCSP • simple and intuitive but imprecise • via complex adequacy theorems in Sagas • more precise but less intuitive • Compensation policy of parallel processes • coordinated interruption in cCSP • no interruption but distributed compensation in Sagas naive • distributed interruption in Sagas revised Comparing Two Approaches to Compensable Flow Composition

  34. Roadmap • Introduction • Background • cCSP • Sagas • Informal Discussion • Sequential Sagas • Parallel Sagas • Concluding Remarks & Future Work Comparing Two Approaches to Compensable Flow Composition

  35. Encoding cCSPseqand Sagasseq • Each cCSPseqprocess defines: • a Sagasseq process • a particular scenario of execution  • [ _ ] : cCSPseq  Sagasseq   • Each Sagasseqprocess defines: • a set of cCSPseq processes PP • one for each particular scenario of execution  • [ _ ]_ : Sagasseq    cCSPseq Comparing Two Approaches to Compensable Flow Composition

  36. Correspondence • Let[ PP ] =  P ,   • If , then  =traces [PP] • where  is obtained by removing all subscripts from the activities in  • Let[ P ] = PP • If , then  =traces [PP] • Remark:  is uniquely determined   {P}     {P}   Comparing Two Approaches to Compensable Flow Composition

  37. Encoding cCSPseq in Sagasseq • A subtlety: all activities must have different names • An auxiliary function is used to rename activities in PP • [ _ ]_ : cCSPseq  N* Sagasseq   • [ PP ] = [ PP ]0 • [ A%B ]s =  As%Bs , {As  , Bs  }  • [ SKIPP ]s =  0 ,   • [YIELDD]s =  0 ,   • [ THROWW ]s =  Ts , {Ts  }  • [ PP1;PP2]s =  P1;P2 , 1  2 • where [ PPi ]s.i =  Pi , i On Demand Comparing Two Approaches to Compensable Flow Composition

  38. Encoding Sagasseq in cCSPseq • [ 0 ] =SKIPP • [ A ] A  , =A • [ A ] A  , =THROWW • [ A%B ] A  , B  , =A%B • [ A%B ] A  ,  =THROWW • [ P1;P2] =[ P1] ; [ P2] • Note: The encoding for compensation pairs is defined only if B commits, because THROW is not allowed as compensation On Demand Comparing Two Approaches to Compensable Flow Composition

  39. Roadmap • Introduction • Background • cCSP • Sagas • Informal Discussion • Sequential Sagas • Parallel Sagas • Concluding Remarks & Future Work Comparing Two Approaches to Compensable Flow Composition

  40. Expected Encoding • [ PP1|PP2]s =  P1|P2 , 1  2 • where [ PPi ]s.i =  Pi , i • [ P1|P2] =[ P1] | [ P2] • Unfortunately the semantic correspondence does not work properly in this case! Comparing Two Approaches to Compensable Flow Composition

  41. Coordinated Interruption • The difference can be nicely illustrated in terms of semantic equivalence • [ A % A° | B % B° | THROWW ] =traces • (A|B) ; (A°|B°) • (A;A°) | (B;B°) • SKIP  (A;A°)  (B;B°)  (A|B);(A°|B°) • SKIP  (A;A°)  (B;B°)  (A;A°)|(B;B°) naive Sagas cCSP revised Sagas Processes can be stopped when siblings abort, but their compensations is activated only when all are stopped Comparing Two Approaches to Compensable Flow Composition

  42. Parallel Sagas in cCSP B1 Bj Bn B’1 B’j A1 A2 A’1 C1 Ck Cm C’1 C’k C’m A1; B1;…;Bj-1;B’j-1;…;B’1 ;A’1 A1; ((B1;…;Bj-1)|C1) ; ((B’j-1;…;B’1)|C’1) ;A’1 … A1; ((B1;…;Bj-1)|(C1;…;Cm)) ; ((B’j-1;…;B’1)|(C’m;…;C’1)) ;A’1 Comparing Two Approaches to Compensable Flow Composition

  43. No Interruption and Distributed Compensation • The difference can be nicely illustrated in terms of semantic equivalence • [ A % A° | B % B° | THROWW ] =traces • (A|B) ; (A°|B°) • (A;A°) | (B;B°) • SKIP  (A;A°)  (B;B°)  (A|B);(A°|B°) • SKIP  (A;A°)  (B;B°)  (A;A°)|(B;B°) naive Sagas cCSP revised Sagas Processes execute until completion, then they can compensate, without waiting for the completion of their siblings Comparing Two Approaches to Compensable Flow Composition

  44. Parallel Sagas: Naïvely B1 Bj Bn B’1 B’j A1 A2 A’1 C1 Ck Cm C’1 C’k C’m A1;(B1;…;Bj-1;B’j-1;…;B’1 | C1;…;Cm;C’m;…;C’1);A’1 Comparing Two Approaches to Compensable Flow Composition

  45. Distributed Interruption • The difference can be nicely illustrated in terms of semantic equivalence • [ A % A° | B % B° | THROWW ] =traces • (A|B) ; (A°|B°) • (A;A°) | (B;B°) • SKIP  (A;A°)  (B;B°)  (A|B);(A°|B°) • SKIP  (A;A°)  (B;B°)  (A;A°)|(B;B°) naive Sagas cCSP revised Sagas Processes can be interrupted and their compensations can be activated without waiting for the completion of their siblings Comparing Two Approaches to Compensable Flow Composition

  46. Parallel Sagas: Revised B1 Bj Bn B’1 B’j A1 A2 A’1 C1 Ck Cm C’1 C’k C’m A1;(B1;…;Bj-1;B’j-1;…;B’1 | 0);A’1 A1;(B1;…;Bj-1;B’j-1;…;B’1 | C1;C’1);A’1 … A1;(B1;…;Bj-1;B’j-1;…;B’1 | C1;…;Cm;C’m;…;C’1);A’1 Comparing Two Approaches to Compensable Flow Composition

  47. No Interruption and Centralised Compensation • The difference can be nicely illustrated in terms of semantic equivalence • [ A % A° | B % B° | THROWW ] =traces • (A|B) ; (A°|B°) • (A;A°) | (B;B°) • SKIP  (A;A°)  (B;B°)  (A|B);(A°|B°) • SKIP  (A;A°)  (B;B°)  (A;A°)|(B;B°) NEW! naive Sagas cCSP revised Sagas Processes execute until completion, then they are all compensated if some abort Comparing Two Approaches to Compensable Flow Composition

  48. Relating Emerged Policies naive Sagas NEW!  Sagaspar1 / cCSPpar1 Sagaspar2 / cCSPpar2    Sagaspar3 / cCSPpar3 Sagaspar4 / cCSPpar4 cCSP revised Sagas Comparing Two Approaches to Compensable Flow Composition

  49. cCSPpari, Sagaspari and Correspondence • cCSPpar1: no yielding • cCSPpar2: only parallel yielding • cCSPpar4: also parallel yielding • Sagaspar1 • only three outcomes of Sagaspar2 (commit, abort, fail) • different set of SOS rules • Sagaspar3 • outcomes of Sagaspar1 plus "forced termination" • rules of Sagaspar1 plus an additional one • Correspondence • par1: correspondence as for the sequential case • par2, par3, par4: slightly rephrased (no unique ) On Demand Comparing Two Approaches to Compensable Flow Composition

  50. cCSPpar1: No Yielding A%B =trace{ p%q | pA  qB }  { (?,) } =trace{ (A,,B,) }  { (?,) } YIELDD =traceSKIPP =trace { (,) , (?,)} THROWW =trace { (!,) , (?,)} p1 || q2 = { r1&2 | rint(p,q)  1,2{,!} } On Demand Comparing Two Approaches to Compensable Flow Composition

More Related