Papers by Jean-bernard Stefani
Models, Languages, and Tools for Concurrent and Distributed Programming, 2019
We present a research trajectory of the authors and colleagues dealing with the correctness and m... more We present a research trajectory of the authors and colleagues dealing with the correctness and meaningful composition of software components, trajectory that incrementally traverses successive paradigms and approaches: open distributed processing, contract based reasoning, behavioural typing and session types. This research is grounded on the foundational work of Robin Milner on processes and observation equivalence, and the followup work by De Nicola and Hennessy on testing relations. Indeed, these initial works have set benchmarks that define the meaning of behaviour, which has fostered a full body of research in concurrency and verification. Behavioural typing is one of the avenues opened by these early contributions. This paper is a brief and staged report of the research accomplished by the authors and colleagues, presented in chronological order, starting with their work on the computational model of open distributed processing and ending at their latest work on sessions for web services.
The multiplication of models, languages, APIs and tools for cloud and network configuration manag... more The multiplication of models, languages, APIs and tools for cloud and network configuration management raises heterogeneity issues that can be tackled by introducing a reference model. A reference model provides a common basis for interpretation for various models and languages, and for bridging different APIs and tools. This report formally specifies, in the Alloy specification language, a reference model for cloud configuration management, we call the Cloudnet Computational Model. We show how to formally interpret several configuration languages in it, including the TOSCA configuration language, the OpenStack Heat Orchestration Template, the Docker Compose configuration language, and the Aeolus cloud deployment model. We show in particular how the formal operational semantics of our Cloudnet computation model allows us to extend the TOSCA standard with Aeolus concepts for deployment lifecycle, and how the Alloy formalization allowed us to discover several classes of errors in the ...
We present in this paper a novel framework for the definition of formal software component models... more We present in this paper a novel framework for the definition of formal software component models, called the Hypercell framework. Models in this framework (hypercell models) allow the definition of dynamic software architectures featuring shared components, and different forms of encapsulation policies. Encapsulation policies in an hypercell model are enforced by means of runtime checks that prevent a component, in a given context, to evolve in violation of these policies. We present the main elements of the framework, its operational semantics and the first elements of its behavioral theory. We give some results concerning its ability to express different forms of composition, and show by means of examples its ability to deal with sharing and different forms of encapsulation.
Lecture Notes in Computer Science, 2005
Component-oriented programming yields a tension between higherorder features (deployment, reconfi... more Component-oriented programming yields a tension between higherorder features (deployment, reconfiguration, passivation), encapsulation, and component sharing. We propose a discipline for component-oriented programming to address this issue, and we define a process calculus whose operational semantics embodies this programming discipline. We present several examples that illustrate how the calculus supports component sharing, while allowing strong encapsulation and higher-order primitives.
Lecture Notes in Computer Science, 2005
This paper presents the Kell calculus, a family of distributed process calculi, parameterized by ... more This paper presents the Kell calculus, a family of distributed process calculi, parameterized by languages for input patterns, that is intended as a basis for studying component-based distributed programming. The Kell calculus is built around a π-calculus core, and follows five design principles which are essential for a foundational model of distributed and mobile programming: hierarchical localities, local actions, higher-order communication, programmable membranes, and dynamic binding. The paper discusses these principles, and defines the syntax and operational semantics common to all calculi in the Kell calculus family. The paper provides a co-inductive characterization of contextual equivalence for Kell calculi, under sufficient conditions on pattern languages, by means of a form of higher-order bisimulation called strong context bisimulation. The paper also contains several examples that illustrate the expressive power of Kell calculi.
32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06)
Dynamic reconfiguration allows modifying a system during its execution, and can be used to apply ... more Dynamic reconfiguration allows modifying a system during its execution, and can be used to apply patches and updates, to implement adaptive systems, dynamic instrumentation, or to support third-party modules. Dynamic reconfiguration is important in embedded systems, where one does not necessarily have the luxury to stop a running system. While several proposals have been presented in the litterature supporting dynamic reconfiguration in operating system kernels, these proposals in general hardwire a fixed reconfiguration mechanism, which may be far from optimal in certain configurations. In this paper, we present a software-architecture-based approach to the construction of operating systems, and we show that it allows us 1/ to support different mechanisms for dynamic reconfiguration, and 2/ to select between them at build time, with little or no changes in operating system and application components. Our approach relies on the use of a reflective component model and of its associated architecture description language.
Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC - EW11, 2004
Clustering has become a de facto standard to scale distributed systems and applications. However,... more Clustering has become a de facto standard to scale distributed systems and applications. However, the administration and management of such systems still use ad-hoc techniques that partially fulfill the needs. The expertise needed to configure and tune these systems goes beyond the capacity of a single system administrator or software developer. We present a modular software infrastructure to build command and control loops to manage large scale distributed systems. Our approach uses a reflective component model in a systematic way for building a system model and every single stage in the supervision loop. This approach offers modularity, easy configuration, dynamic reconfiguration, as well as reusability. We illustrate how this architecture can be used to build self-manageable J2EE application server clusters.
Lecture Notes in Computer Science, 2008
As Internet applications become larger and more complex, the task of managing them becomes overwh... more As Internet applications become larger and more complex, the task of managing them becomes overwhelming. "Abnormal" events such as software updates, failures, attacks, and hotspots become frequent. The SELFMAN project is tackling this problem by combining two technologies, namely structured overlay networks and advanced component models, to make the system self managing. Structured overlay networks (SONs) developed out of peer-to-peer systems and provide robustness, scalability, communication guarantees, and efficiency. Component models provide the framework to extend the self-managing properties of SONs over the whole system. SELFMAN is building a self-managing transactional storage and using it for two application demonstrators: a distributed Wiki and an on-demand media streaming service. This paper provides an introduction and motivation for the ideas underlying SELF-MAN and a snapshot of its contributions midway through the project. We explain our methodology for building self-managing systems as networks of interacting feedback loops. We then summarize the work we have done to make SONs a practical basis for our architecture: using an advanced component model, handling network partitions, handling failure suspicions, and doing range queries with load balancing. Finally, we show the design of a self-managing transactional storage on a SON.
Lecture Notes in Computer Science
Supporting dynamic reconfiguration is required even in highly constrained embedded systems, to al... more Supporting dynamic reconfiguration is required even in highly constrained embedded systems, to allow patches and updates to the embedded systems software, and to allow adaptations to changes in environmental and operating conditions without service interruption. Dynamic reconfiguration, however, is a complex and error prone process. In this paper we report our experience in implementing safe dynamic reconfigurations in embedded devices with limited resources. Our approach relies on a component-based framework for building minimal and reconfigurable operating systems and the use of a domain specific language (DSL) for reconfiguration.
Proceedings of the 3rd workshop on Adaptive and reflective middleware -, 2004
In this paper, we present Dream, a component-based software framework for the construction of res... more In this paper, we present Dream, a component-based software framework for the construction of resource-aware message-oriented middleware that can be assembled statically or dynamically. Dream is based on Fractal, a recent component model featuring hierarchical composition, component sharing and component binding. Dream allows building different forms of message-oriented middleware, from distributed message queues to content-based publish/subscribe systems. This paper describes the main elements of the Dream framework, discusses its implementation, and evaluates its effectiveness. We show that message-oriented middleware built using Dream compare very favorably with non-configurable, functionally equivalent middleware, while allowing finer-grain control over resource consumptions and providing run-time configurability.
Lecture Notes in Computer Science, 2005
This paper describes a case study of enhancing the deployment process in J2EE application servers... more This paper describes a case study of enhancing the deployment process in J2EE application servers (AS), and more precisely the services building such servers and the applications executing on the servers. We show how, by following a component-based approach to the design of the server, we address the versioning and licensing issues raised by the fact that a J2EE server is built out of heterogeneous, third-party software. As a proof of concept, we present a re-engineered version of the JOnAS J2EE server implemented using Fractal, a component model providing flexible control capabilities and hierarchical composition. We describe how Fractal packaging together with a JOnAS-specific deployment system are used to deploy and reconfigure our Fractal-based version of the JOnAS server. Finally, we show how the same model and packaging can be used to deploy applications executing on the server.
29th International Conference on Software Engineering (ICSE'07), 2007
Many architecture description languages (ADLs) have been proposed to model, analyze, configure, a... more Many architecture description languages (ADLs) have been proposed to model, analyze, configure, and deploy complex software systems. To face this diversity, extensible ADLs (or ADL interchange formats) have been proposed. These ADLs provide linguistic support for integrating various architectural aspects within the same description. Nevertheless, they do not support extensibility at the tool level, i.e. they do not provide an extensible toolset for processing ADL descriptions. In this paper, we present an extensible toolset for easing the development of architecture-based software systems. This toolset is not bound to a specific ADL, but rather uses a grammar description mechanism to accept various input languages, e.g. ADLs, Interface Definition Languages (IDLs), Domain Specific Languages (DSLs). Moreover, it can easily be extended to implement many different features, such as behavioral analysis, code generation, deployment, etc. Its extensibility is obtained by designing its core functionalities using fine-grained components that implement flexible design patterns. Experiments are presented to illustrate both the functionalities implemented by the toolset and the way it can be extended.
24th IEEE Symposium on Reliable Distributed Systems (SRDS'05)
This paper presents a component-based architecture for autonomous repair management in distribute... more This paper presents a component-based architecture for autonomous repair management in distributed systems, and a prototype implementation of this architecture, called JADE, which provides repair management for J2EE application server clusters. The JADE architecture features three major elements, which we believe to be of wide relevance for the construction of autonomic distributed systems: (1) a dynamically configurable, component-based structure that exploits the reflective features of the FRACTAL component model; (2) an explicit and configurable feedback control loop structure, that manifests the relationship between the managed system and repair management functions; (3) an original replication structure for the management subsystem itself, which makes it fault-tolerant and self-healing.
Building complex component-based software systems, for instance communication systems based on th... more Building complex component-based software systems, for instance communication systems based on the Click, Coyote, Appia, or Dream frameworks, can lead to subtle assemblage errors. We present a novel type system and type inference algorithm that prevent interconnection and message-handling errors when assembling component-based communication systems. These errors are typically not captured by classical type systems of host programming languages such as Java or ML. We have implemented our approach by extending the architecture description language (ADL) toolset used by the Dream framework, and used it to check Dream-based communication systems.
2009 IEEE International Conference on Services Computing, 2009
The Service Component Architecture (SCA) is a technology agnostic standard for developing and dep... more The Service Component Architecture (SCA) is a technology agnostic standard for developing and deploying distributed service-oriented applications. However, SCA does not define standard means for runtime manageability (including introspection and reconfiguration) of SOA applications and of their supporting environment. This paper presents the FraSCAti platform, which brings runtime management features to SCA, and discusses key principles in its design: the adoption of an extended SCA component model for the implementation of SOA applications and of the FraSCAti platform itself; the use of component-based interception techniques for dynamically weaving non-functional services such as transaction management with components. The paper presents microbenchmarks that show that runtime manageability in the FraSCAti platform is achieved without hindering its performance relative to the de facto reference SCA implementation, Apache's Tuscany.
Lecture Notes in Computer Science, 1999
Middleware has emerged as an important architectural component in supporting distributed applicat... more Middleware has emerged as an important architectural component in supporting distributed applications. With the expanding role of middleware, however, a number of problems are emerging. Most significantly, it is becoming difficult for a single solution to meet the requirements of a range of application domains. Hence, the paper argues that the next generation of middleware platforms should be both configurable and re-configurable. Furthermore, it is claimed that reflection offers a principled means of achieving these goals. The paper then presents an architecture for reflective middleware based on a multi-model approach. The main emphasis of the paper is on resource management within this architecture (accessible through one of the meta-models). Through a number of worked examples, we demonstrate that the approach can support introspection, and fine-and coarse-grained adaptation of the resource management framework. We also illustrate how we can achieve multi-faceted adaptation, spanning multiple meta-models.
Proceedings of the 2005 conference on Specification and verification of component-based systems - SAVCBS '05, 2005
SAVCBS 2005 P. Bidinger et al. DREAM types Motivations DREAM types Use case Conclusion Outline 1 ... more SAVCBS 2005 P. Bidinger et al. DREAM types Motivations DREAM types Use case Conclusion Outline 1 Motivations Component-based programming The DREAM framework Problem statement 2 DREAM types Overview Message types Component types Checking a configuration 3 Use case 4 Conclusion P. Bidinger et al. DREAM types Motivations DREAM types Use case Conclusion Component-based programming The DREAM framework Problem statement Outline 1 Motivations Component-based programming The DREAM framework Problem statement 2 DREAM types Overview Message types Component types Checking a configuration 3 Use case 4 Conclusion P. Bidinger et al. DREAM types Motivations DREAM types Use case Conclusion Component-based programming The DREAM framework Problem statement Component-based programming Component-based frameworks have emerged in the past two decades: applications (EJB, CCM) middleware (dynamicTAO, OpenORB) operating systems (OSKit, THINK) A component: is independently deployable is configurable (attributes) has interfaces (client, server) communicate through bindings between interfaces P. Bidinger et al. DREAM types Motivations DREAM types Use case Conclusion Component-based programming The DREAM framework Problem statement Outline 1 Motivations Component-based programming The DREAM framework Problem statement 2 DREAM types Overview Message types Component types Checking a configuration 3 Use case 4 Conclusion P. Bidinger et al. DREAM types Motivations DREAM types Use case Conclusion Component-based programming The DREAM framework Problem statement The DREAM framework Component framework for constructing message-oriented middleware (MOM) General component model Component library Message queues, serializer, channels, routers,. . .
This document presents a set of requirements for a global computing programming model. Requiremen... more This document presents a set of requirements for a global computing programming model. Requirements are grouped into eight classes covering issues ranging from implementability and effectiveness to support for high-level coordination and atomic activities abstractions. Name: This item gives a short name to the requirement. Description This item provides a short, one or two sentence long, description of the requirement. Rationale This item provides a detailed explanation of the requirement and the reasons that motivate it. Discussion: This item provides additional discussion concerning the requirement, such as perceived consequences in term of programming model design, examples of relevant constructs in existing calculi, typical occurrences, relevant references, etc. The eight classes of requirements are as follows: Target: This class gathers requirements that pertain to the nature and intent of the targeted programming model. Effectiveness: This class gathers requirements that pertain to the degree to which the targeted programming model can be effectively (and efficiently) implemented. Domains: This class gather requirements that pertain to the support of domains as first-class computational abstractions. Reconfiguration: This class gathers requirements that pertain to the support of dynamic reconfiguration activities. Communications: This class gathers requirements that pertain to the support of different communication abstractions.
Software: Practice and Experience, 2011
The Service Component Architecture (SCA) is a technology-independent standard for developing dist... more The Service Component Architecture (SCA) is a technology-independent standard for developing distributed Service-Oriented Architectures (SOA). The SCA standard promotes the use of components and architecture descriptors, and mostly covers the life-cycle steps of implementation and deployment. Unfortunately, SCA does not address the governance of SCA applications and provides no support for the maintenance of deployed components. This article covers this issue and introduces the FRASCATI platform, a run-time support for SCA with dynamic reconfiguration capabilities and run-time management features. The article presents the internal component-based architecture of the FRASCATI platform, and highlights its key features. The component-based design of the FRASCATI platform introduces many degrees of flexibility and configurability in the platform itself and for the SOA applications it can host. The article reports on micro-benchmarks highlighting that run-time manageability in the FRASCATI platform does not decrease its performance when compared to the de facto reference SCA implementation: Apache TUSCANY. Finally, a smart home scenario illustrates the extension capabilities and the various reconfigurations of the FRASCATI platform.
annals of telecommunications - annales des télécommunications, 2009
Component-based software engineering (CBSE) [32] and software architecture [30] have become matur... more Component-based software engineering (CBSE) [32] and software architecture [30] have become mature and very active fields of study. 1 Both can be traced back to an early vision of systematically produced software [24] and are primarily concerned with the construction of software systems by composition or assembly of software components, with well-defined interfaces and explicit dependencies. Nowadays, it is generally recognized that component-based software engineering and software architecture approaches are crucial to the development, deployment, management, and maintenance of large, dependable software systems [6]. Several component models and associated architecture description languages (i.e., notations for defining components and component assemblages) have been defined in the past
Uploads
Papers by Jean-bernard Stefani