This document summarizes Francis Palma's education and research experience. It provides background information on service-oriented architectures (SOA) and discusses the motivation and objectives of specifying and detecting SOA antipatterns to ease the maintenance and evolution of service-based systems. Examples of SOA antipatterns like Tiny Service and Multi Service are also presented.
Just a few years ago all software systems were designed to be monoliths running on a single big and powerful machine. But nowadays most companies desire to scale out instead of scaling up, because it is much easier to buy or rent a large cluster of commodity hardware then to get a single machine that is powerful enough. In the database area scaling out is realized by utilizing a combination of polyglot persistence and sharding of data. On the application level scaling out is realized by microservices. In this talk I will briefly introduce the concepts and ideas of microservices and discuss their benefits and drawbacks. Afterwards I will focus on the point of intersection of a microservice based application talking to one or many NoSQL databases. We will try and find answers to these questions: Are the differences to a monolithic application? How to scale the whole system properly? What about polyglot persistence? Is there a data-centric way to split microservices?
What is a Blockchain?
Why do we need such technology? What can it do for us…
How does Blockchain work…
Python Implementation of a Blockchain.
Intro to IBM Hyperledger.
Use case scenarios and real world usage, besides digital money .
Just a few years ago all software systems were designed to be monoliths running on a single big and powerful machine. But nowadays most companies desire to scale out instead of scaling up, because it is much easier to buy or rent a large cluster of commodity hardware then to get a single machine that is powerful enough. In the database area scaling out is realized by utilizing a combination of polyglot persistence and sharding of data. On the application level scaling out is realized by microservices. In this talk I will briefly introduce the concepts and ideas of microservices and discuss their benefits and drawbacks. Afterwards I will focus on the point of intersection of a microservice based application talking to one or many NoSQL databases. We will try and find answers to these questions: Are the differences to a monolithic application? How to scale the whole system properly? What about polyglot persistence? Is there a data-centric way to split microservices?
What is a Blockchain?
Why do we need such technology? What can it do for us…
How does Blockchain work…
Python Implementation of a Blockchain.
Intro to IBM Hyperledger.
Use case scenarios and real world usage, besides digital money .
Mobile App Performance: Getting the Most from APIs (MBL203) | AWS re:Invent ...Amazon Web Services
(Presented by New Relic) Too often, developers think of a mobile app as simply code running on the device. A mobile app is much more than that. Every web API used by an app becomes as much a part of the app as the code running on the device. But while mobile developers have control over their code, they don't always have control over the APIs they use. Web APIs and their infrastructure impact app performance and ultimately the user experience.
This presentation covers some of the essential aspects of app performance management when web APIs are present, including:
-HTTP headers are your friend--stop ignoring all they have to tell you
-Control your network connections on the device—don't just leave things to the OS
-Configure all your caches and use them
-Whatever you do, measure early and often
The session includes a customer story from the CTO of Mirego, and demos of New Relic mobile app performance monitoring, where you see how to drill down into specific requests to see performance by response time, throughput, and data transfer size.
This presentation was given to the Dublin Node (JS) Community on May 29th 2014.
Presented by: Chris Lawless, Kevin Yu Wei Xia, Fergal Carroll @phergalkarl, Ciarán Ó hUallacháin, and Aman Kohli @akohli
This talk was given at the Online Kubernetes Meetup July 2020 as well as DevOps Fusion 2020. The talk discusses 3 major problems in current delivery and operations: too much time spent in delivery, hard to maintain monolithic delivery pipelines and a lack of auto-remediation of production problems
The talk focuses on new approaches to solve these problems inspired by SRE practices and event-driven architectures.
As an implementation for a new approach we use Keptn (www.keptn.sh) - a CNCF Open Source project.
Monitoring as an entry point for collaborationJulien Pivotto
In the last years, we have been building complex stacks, made from lots of components. All of this backed by multiple teams. This talk will present how you can use monitoring to look at the business side and have everyone looking at the same dashboards, making cooperation a reality.
[DSC Europe 22] Smart approach in development and deployment process for vari...DataScienceConferenc1
During development of machine learning model about 80% of time is used for data preparation and due to data quality issues, especially when there is a need to combine data from structured and unstructured data sources. Development of smart generic data mart can reduce go to production time for new ML models. We will share creative solutions for challenges we encountered during data transfer between DWH and Data Lake, furthermore data preprocessing, development, deployment/orchestration of ML models, using python/pyspark scripts.
Overcoming (organizational) scalability issues in your Prometheus ecosystemQAware GmbH
Cloud Native Night, July 2020, online: Talk of Jürgen Etzlstorfer (@jetzlstorfer, Dynatrace)
== Please download slides if blurred! ==
Abstract:
Prometheus is considered a foundational building block when running applications on Kubernetes and has become the de-facto open-source standard for visibility and monitoring in Kubernetes environments.
Your first starting points when operating Prometheus are most probably configuring scraping to pull your metrics from your services, building dashboards on top of your data with Grafana, or defining alerts for important metrics breaching thresholds in your production environment. in your production environment.
As soon as you are comfortable with Prometheus as your weapon of choice, your next challenges will be scaling and managing Prometheus for your whole fleet of applications and environments. As the journey “From Zero to Prometheus Hero” is not trivial you will find obstacles on the way. In this talk we are highlighting the most common challenges we have seen and provide guidance on how to overcome them. Finally, we are discussing a solution to get you there more quickly to build automated, future-proof observability with Prometheus showing Keptn as one possible implementation.
About Jürgen:
Jürgen is a core contributor to the Keptn open-source project and responsible for the strategy and integration of self-healing techniques and tools into the Keptn framework. He also loves to share his experience, most recently at conferences on Kubernetes based technologies and automation.
More information:
Overview: https://github.com/keptn/community
Github: https://github.com/keptn/keptn
Website: https://keptn.sh
Google Group: https://groups.google.com/forum/#!forum/keptn
Twitter: https://twitter.com/keptnProject
________________________________________________
Follow us on:
https://twitter.com/qaware
https://www.linkedin.com/company/qaware-gmbh
https://github.com/qaware
www.qaware.de
Overcoming scalability issues in your prometheus ecosystemNebulaworks
Jurgen Etzlstorfer, a Technology Strategist from Dynatrace cover the most common challenges in the Prometheus ecosystem and provide guidance on how to overcome them. Finally, we will discuss a solution to get you there more quickly to build automated, future-proof observability with Prometheus showing Keptn as one possible implementation.
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGEEditor IJCTER
In without internet connection. this paper we have implemented private cloud data
storage server in Microsoft windows server 2K12operating system which provides software as a
services with mailing system for private cloud consumers & clients, through private cloud server
services clients can access web services, centralized data storage services , software as services and can also send and receive mails in entire network without internet connectivity. This paper is the implementation of cloud software as service, centralized remote accessibility and private mails system.
AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. Learn how to use X-Ray to analyze both applications in development and in production, from simple three-tier applications to complex microservices applications consisting of thousands of services.
Webinar: Architecting Secure and Compliant Applications with MongoDBMongoDB
High-profile security breaches have become embarrassingly common, but ultimately avoidable. Now more than ever, database security is a critical component of any production application. In this talk you'll learn to secure your deployment in accordance with best practices and compliance regulations. We'll explore the MongoDB Enterprise features which ensure HIPAA and PCI compliance, and protect you against attack, data exposure and a damaged reputation.
New to MongoDB? We'll provide an overview of installation, high availability through replication, scale out through sharding, and options for monitoring and backup. No prior knowledge of MongoDB is assumed. This session will jumpstart your knowledge of MongoDB operations, providing you with context for the rest of the day's content.
Mobile App Performance: Getting the Most from APIs (MBL203) | AWS re:Invent ...Amazon Web Services
(Presented by New Relic) Too often, developers think of a mobile app as simply code running on the device. A mobile app is much more than that. Every web API used by an app becomes as much a part of the app as the code running on the device. But while mobile developers have control over their code, they don't always have control over the APIs they use. Web APIs and their infrastructure impact app performance and ultimately the user experience.
This presentation covers some of the essential aspects of app performance management when web APIs are present, including:
-HTTP headers are your friend--stop ignoring all they have to tell you
-Control your network connections on the device—don't just leave things to the OS
-Configure all your caches and use them
-Whatever you do, measure early and often
The session includes a customer story from the CTO of Mirego, and demos of New Relic mobile app performance monitoring, where you see how to drill down into specific requests to see performance by response time, throughput, and data transfer size.
This presentation was given to the Dublin Node (JS) Community on May 29th 2014.
Presented by: Chris Lawless, Kevin Yu Wei Xia, Fergal Carroll @phergalkarl, Ciarán Ó hUallacháin, and Aman Kohli @akohli
This talk was given at the Online Kubernetes Meetup July 2020 as well as DevOps Fusion 2020. The talk discusses 3 major problems in current delivery and operations: too much time spent in delivery, hard to maintain monolithic delivery pipelines and a lack of auto-remediation of production problems
The talk focuses on new approaches to solve these problems inspired by SRE practices and event-driven architectures.
As an implementation for a new approach we use Keptn (www.keptn.sh) - a CNCF Open Source project.
Monitoring as an entry point for collaborationJulien Pivotto
In the last years, we have been building complex stacks, made from lots of components. All of this backed by multiple teams. This talk will present how you can use monitoring to look at the business side and have everyone looking at the same dashboards, making cooperation a reality.
[DSC Europe 22] Smart approach in development and deployment process for vari...DataScienceConferenc1
During development of machine learning model about 80% of time is used for data preparation and due to data quality issues, especially when there is a need to combine data from structured and unstructured data sources. Development of smart generic data mart can reduce go to production time for new ML models. We will share creative solutions for challenges we encountered during data transfer between DWH and Data Lake, furthermore data preprocessing, development, deployment/orchestration of ML models, using python/pyspark scripts.
Overcoming (organizational) scalability issues in your Prometheus ecosystemQAware GmbH
Cloud Native Night, July 2020, online: Talk of Jürgen Etzlstorfer (@jetzlstorfer, Dynatrace)
== Please download slides if blurred! ==
Abstract:
Prometheus is considered a foundational building block when running applications on Kubernetes and has become the de-facto open-source standard for visibility and monitoring in Kubernetes environments.
Your first starting points when operating Prometheus are most probably configuring scraping to pull your metrics from your services, building dashboards on top of your data with Grafana, or defining alerts for important metrics breaching thresholds in your production environment. in your production environment.
As soon as you are comfortable with Prometheus as your weapon of choice, your next challenges will be scaling and managing Prometheus for your whole fleet of applications and environments. As the journey “From Zero to Prometheus Hero” is not trivial you will find obstacles on the way. In this talk we are highlighting the most common challenges we have seen and provide guidance on how to overcome them. Finally, we are discussing a solution to get you there more quickly to build automated, future-proof observability with Prometheus showing Keptn as one possible implementation.
About Jürgen:
Jürgen is a core contributor to the Keptn open-source project and responsible for the strategy and integration of self-healing techniques and tools into the Keptn framework. He also loves to share his experience, most recently at conferences on Kubernetes based technologies and automation.
More information:
Overview: https://github.com/keptn/community
Github: https://github.com/keptn/keptn
Website: https://keptn.sh
Google Group: https://groups.google.com/forum/#!forum/keptn
Twitter: https://twitter.com/keptnProject
________________________________________________
Follow us on:
https://twitter.com/qaware
https://www.linkedin.com/company/qaware-gmbh
https://github.com/qaware
www.qaware.de
Overcoming scalability issues in your prometheus ecosystemNebulaworks
Jurgen Etzlstorfer, a Technology Strategist from Dynatrace cover the most common challenges in the Prometheus ecosystem and provide guidance on how to overcome them. Finally, we will discuss a solution to get you there more quickly to build automated, future-proof observability with Prometheus showing Keptn as one possible implementation.
PRIVATE CLOUD SERVER IMPLEMENTATIONS FOR DATA STORAGEEditor IJCTER
In without internet connection. this paper we have implemented private cloud data
storage server in Microsoft windows server 2K12operating system which provides software as a
services with mailing system for private cloud consumers & clients, through private cloud server
services clients can access web services, centralized data storage services , software as services and can also send and receive mails in entire network without internet connectivity. This paper is the implementation of cloud software as service, centralized remote accessibility and private mails system.
AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. Learn how to use X-Ray to analyze both applications in development and in production, from simple three-tier applications to complex microservices applications consisting of thousands of services.
Webinar: Architecting Secure and Compliant Applications with MongoDBMongoDB
High-profile security breaches have become embarrassingly common, but ultimately avoidable. Now more than ever, database security is a critical component of any production application. In this talk you'll learn to secure your deployment in accordance with best practices and compliance regulations. We'll explore the MongoDB Enterprise features which ensure HIPAA and PCI compliance, and protect you against attack, data exposure and a damaged reputation.
New to MongoDB? We'll provide an overview of installation, high availability through replication, scale out through sharding, and options for monitoring and backup. No prior knowledge of MongoDB is assumed. This session will jumpstart your knowledge of MongoDB operations, providing you with context for the rest of the day's content.
Similar to Specification and Detection of SOA Antipatterns (20)
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
Specification and Detection of SOA Antipatterns
1. Specification and Detection of
SOA Antipatterns
Francis Palma
francis.palma@polymtl.ca
Ptidej Team, DGIGL, École Polytechnique de Montréal
Latece, Département d'informatique, Université du Québec à Montréal
Supervisors: Dr. Naouel Moha and Dr. Yann-Gaël Guéhéneuc
3. B.Sc. in Computer Science and Engineering
2005
M.Sc. in Software Engineering
2010
2
4. B.Sc. in Computer Science and Engineering
2005
M.Sc. in Software Engineering
2010
Research Collaborator
2011 Jan – 2011 Aug
2
5. B.Sc. in Computer Science and Engineering
2005
M.Sc. in Software Engineering
2010
Research Collaborator
2011 Jan – 2011 Aug
PhD Candidate…
2011 Fall to present
2
10. Background
• Traditional architectural models vs. Service-Oriented Architecture (SOA)
• Service-based Systems (SBSs) [Palma et al. 2013]
• Different SOA technological/architectural choices:
o SOAP-based Web service
o SCA (Service Component Architecture)
o REST-style (REpresentational State Transfer), etc.
Specification and Detection of SOA Antipatterns 3
11. SOA Technologies
XML-RPC-based Web services SOAP-based Web services
Service Component Architecture REST-style
Specification and Detection of SOA Antipatterns 4
12. An Example
SBSs evolve to fit new user requirements, execution contexts:
- may degrade design and quality of service (QoS)
- may cause the appearance of common poor solutions: Antipatterns
Specification and Detection of SOA Antipatterns 5
13. Motivation
• Maintenance and evolution phase consumes resources of more than 60%
(Harrison and Cook, 1990)
• SOA antipatterns:
- evolution may introduce antipatterns or
- existing antipatterns might hinder evolution
Main objective:
To ease the maintenance and evolution of SBSs by detecting SOA antipatterns
• Detection of SOA antipatterns
- assessing statically: the design quality
- assessing dynamically: the QoS
Specification and Detection of SOA Antipatterns 6
15. Antipatterns Example
Tiny Service Multi Service
Many Methods
Very Low Cohesion
High Response Time
Low Availability
Few Methods
Low Cohesion
Very High Coupling
Specification and Detection of SOA Antipatterns 7
21. Alchemy Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[access.alchemyapi.com],
accept=[application/xml],
path=/calls/url/URLGetRankedNamedEntities?...
get /calls/url/urlgetrankednamedentities?...
user-agent=[Apache CXF 2.7.5],
pragma=[no-cache]
}
Alchemy Server Response:
Header: {
content-type=[application/xml; charset=utf-8],
cache-control=[no-cache],
connection=[keep-alive],
access-control-allow-origin=[*],
content-length=[506],
server=[nginx],
date=[Fri, 15 Aug 2014 19:30:28 GMT]
}
Body:
<?xml version="1.0" encoding="UTF-8"?>
<results>
<status>OK</status>
<usage>By accessing AlchemyAPI or using
information generated by AlchemyAPI, you are
agreeing to be bound by the AlchemyAPI Terms of
Use:http://www.alchemyapi.com/company/terms.html
</usage>
<url>http://www.cnn.com/2011/09/28/us/...</url>
<language>english</language>
<microformats>
<a href="/cnn" rel="tag">cnn</a>
</microformats>
</results>
More Examples…
9
22. Alchemy Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[access.alchemyapi.com],
accept=[application/xml],
path=/calls/url/URLGetRankedNamedEntities?...
get /calls/url/urlgetrankednamedentities?...
user-agent=[Apache CXF 2.7.5],
pragma=[no-cache]
}
Alchemy Server Response:
Header: {
content-type=[application/xml; charset=utf-8],
cache-control=[no-cache],
connection=[keep-alive],
access-control-allow-origin=[*],
content-length=[506],
server=[nginx],
date=[Fri, 15 Aug 2014 19:30:28 GMT]
}
Body:
<?xml version="1.0" encoding="UTF-8"?>
<results>
<status>OK</status>
<usage>By accessing AlchemyAPI or using
information generated by AlchemyAPI, you are
agreeing to be bound by the AlchemyAPI Terms of
Use:http://www.alchemyapi.com/company/terms.html
</usage>
<url>http://www.cnn.com/2011/09/28/us/...</url>
<language>english</language>
<microformats>
<a href="/cnn" rel="tag">cnn</a>
</microformats>
</results>
More Examples…
9
23. Alchemy Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[access.alchemyapi.com],
accept=[application/xml],
path=/calls/url/URLGetRankedNamedEntities?...
get /calls/url/urlgetrankednamedentities?...
user-agent=[Apache CXF 2.7.5],
pragma=[no-cache]
}
Alchemy Server Response:
Header: {
content-type=[application/xml; charset=utf-8],
cache-control=[no-cache],
connection=[keep-alive],
access-control-allow-origin=[*],
content-length=[506],
server=[nginx],
date=[Fri, 15 Aug 2014 19:30:28 GMT]
}
Body:
<?xml version="1.0" encoding="UTF-8"?>
<results>
<status>OK</status>
<usage>By accessing AlchemyAPI or using
information generated by AlchemyAPI, you are
agreeing to be bound by the AlchemyAPI Terms of
Use:http://www.alchemyapi.com/company/terms.html
</usage>
<url>http://www.cnn.com/2011/09/28/us/...</url>
<language>english</language>
<microformats>
<a href="/cnn" rel="tag">cnn</a>
</microformats>
</results>
More Examples…
9
24. YouTube Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[www.googleapis.com],
accept=[application/xml],
get/youtube/v3/subscriptions?mine=true&part=snippet&access_token=..
http/1.1=[null],
user-agent=[Apache CXF 2.7.11],
pragma=[no-cache]
}
YouTube Server Response:
Header: {
x-frame-options=[SAMEORIGIN],
content-type=[application/json;
charset=UTF-8],
cache-control=[private, max-age=300,must-revalidate,no-transform],
x-xss-protection=[1; mode=block],
x-content-type-options=[nosniff],
expires=[Tue, 14 Oct 2014 17:57:26 GMT],
etag=["PSjn-HSKiX6orvNhGZvglLI2lvk/PZz4CABe3efkukxgHuo_yc_qoJs"],
content-length=[324],
server=[GSE],
alternate-protocol=[443:quic,p=0.01],
date=[Tue, 14 Oct 2014 17:57:26 GMT],
vary=[X-Origin, Referer, Origin]
}
Body: {
"kind": "youtube#videoListResponse",
"etag": ""PSjn-HSKiX6orvNhGZvglLI2lvk/PZz4CABe3efkukxgHuo_yc_qo",
"pageInfo": { "totalResults": 1, "resultsPerPage": 1 }, “
items": [ {
"kind": "youtube#video",
"etag": ""PSjn- HSKiX6orvNhGZvglLI2lvk/9hUt36nrZXNpfqDh...",
"id": "SRQtW-sjDGw"
} ]
}
More Examples…
Alchemy Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[access.alchemyapi.com],
accept=[application/xml],
path=/calls/url/URLGetRankedNamedEntities?...
get /calls/url/urlgetrankednamedentities?...
user-agent=[Apache CXF 2.7.5],
pragma=[no-cache]
}
Alchemy Server Response:
Header: {
content-type=[application/xml; charset=utf-8],
cache-control=[no-cache],
connection=[keep-alive],
access-control-allow-origin=[*],
content-length=[506],
server=[nginx],
date=[Fri, 15 Aug 2014 19:30:28 GMT]
}
Body:
<?xml version="1.0" encoding="UTF-8"?>
<results>
<status>OK</status>
<usage>By accessing AlchemyAPI or using
information generated by AlchemyAPI, you are
agreeing to be bound by the AlchemyAPI Terms of
Use:http://www.alchemyapi.com/company/terms.html
</usage>
<url>http://www.cnn.com/2011/09/28/us/...</url>
<language>english</language>
<microformats>
<a href="/cnn" rel="tag">cnn</a>
</microformats>
</results>
9
25. YouTube Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[www.googleapis.com],
accept=[application/xml],
get/youtube/v3/subscriptions?mine=true&part=snippet&access_token=..
http/1.1=[null],
user-agent=[Apache CXF 2.7.11],
pragma=[no-cache]
}
YouTube Server Response:
Header: {
x-frame-options=[SAMEORIGIN],
content-type=[application/json;
charset=UTF-8],
cache-control=[private, max-age=300,must-revalidate,no-transform],
x-xss-protection=[1; mode=block],
x-content-type-options=[nosniff],
expires=[Tue, 14 Oct 2014 17:57:26 GMT],
etag=["PSjn-HSKiX6orvNhGZvglLI2lvk/PZz4CABe3efkukxgHuo_yc_qoJs"],
content-length=[324],
server=[GSE],
alternate-protocol=[443:quic,p=0.01],
date=[Tue, 14 Oct 2014 17:57:26 GMT],
vary=[X-Origin, Referer, Origin]
}
Body: {
"kind": "youtube#videoListResponse",
"etag": ""PSjn-HSKiX6orvNhGZvglLI2lvk/PZz4CABe3efkukxgHuo_yc_qo",
"pageInfo": { "totalResults": 1, "resultsPerPage": 1 }, “
items": [ {
"kind": "youtube#video",
"etag": ""PSjn- HSKiX6orvNhGZvglLI2lvk/9hUt36nrZXNpfqDh...",
"id": "SRQtW-sjDGw"
} ]
}
More Examples…
Alchemy Client Request:
Header: {
cache-control=[no-cache],
content-type=[application/xml],
connection=[keep-alive],
host=[access.alchemyapi.com],
accept=[application/xml],
path=/calls/url/URLGetRankedNamedEntities?...
get /calls/url/urlgetrankednamedentities?...
user-agent=[Apache CXF 2.7.5],
pragma=[no-cache]
}
Alchemy Server Response:
Header: {
content-type=[application/xml; charset=utf-8],
cache-control=[no-cache],
connection=[keep-alive],
access-control-allow-origin=[*],
content-length=[506],
server=[nginx],
date=[Fri, 15 Aug 2014 19:30:28 GMT]
}
Body:
<?xml version="1.0" encoding="UTF-8"?>
<results>
<status>OK</status>
<usage>By accessing AlchemyAPI or using
information generated by AlchemyAPI, you are
agreeing to be bound by the AlchemyAPI Terms of
Use:http://www.alchemyapi.com/company/terms.html
</usage>
<url>http://www.cnn.com/2011/09/28/us/...</url>
<language>english</language>
<microformats>
<a href="/cnn" rel="tag">cnn</a>
</microformats>
</results>
9
26. SBSs + Antipatterns = ?
An automatic approach to detect SOA antipatterns in SBSs may support their
easy maintenance and evolution.
Poor performance
Hard for comprehension
Low maintainability
Hard for evolution
Expensive maintenance life
Low reusability
+
Specification and Detection of SOA Antipatterns 10
27. Research Problems
• No specification of SOA antipatterns
• No dedicated approach and framework for the detection of SOA
antipatterns in SBSs
• Impact of SOA antipatterns is not yet verified in service-based systems
Specification and Detection of SOA Antipatterns 11
29. Research Questions
RQ1:
Do service-oriented antipatterns differ from the object-oriented antipatterns?
RQ2:
Do the service-oriented antipatterns vary in diverse SBSs developed using
different SOA technologies?
RQ3:
Can we efficiently specify and detect SOA antipatterns regardless of SOA
technologies?
RQ4:
How do the SOA antipatterns impact the maintenance and evolution of SBSs?
Specification and Detection of SOA Antipatterns 12
32. Related Work: Summary
What to Detect/
Technology OO CBSs SOA Other
Code Smells
Emden and Moonen, 2002
Khomh et al., 2009
Moha et al., 2010
Luo et al., 2010
Maneerat and Muenchaisri, 2011
X X X
Antipatterns
Correa et al., 2000
Marinescu, 2001, 2004
Boussaidi et al., 2005
Kreimer, 2005, Biehl, 2006
Salehie et al., 2006
Choinzon and Ueda, 2006
Rao and Reddy, 2007
Khomh et al., 2009, 2011
Llano and Pooley, 2009
Moha et al., 2010
Cortellessa et al., 2010
Luo et al., 2010, Settas et al., 2011
Stoianov and Sora, 2010
Kessentini et al., 2011
Parsons and Murphy, 2004
Parsons and Murphy, 2008
Chis, 2008 X Wong et al., 2010
Fourati et al., 2011
Design Patterns
Kramer and Prechelt, 1996
Antoniol et al., 1998
Heuzeroth et al., 2003
Tsantalis et al., 2006
Kaczor et al., 2006
Guéhéneuc and Antoniol, 2008
Stoianov and Sora, 2010
Maggioni and Arcelli, 2010
Kaczor et al., 2010
Rasool and Mäder, 2011
X Di Penta et al., 2007 X
Specification and Detection of SOA Antipatterns 14
34. Introduction: Contribution
With the goal to assess the design and QoS of SBSs:
• SODA (Service Oriented Detection for Antipatterns), a novel and
innovative approach
• SOFA (Service Oriented Framework for Antipatterns), a framework,
- to specify SOA antipatterns and detect them automatically
- to perform static and dynamic analyses
Specification and Detection of SOA Antipatterns 15
38. Domain Analysis
“Multi Service also known as God Object
corresponds to a service that implements a
multitude of methods related to different
business and technical abstractions. This
aggregates too much into a single service, such
a service is not easily reusable because of the
low cohesion of its methods and is often
unavailable to end-users because of its overload,
which may induce a high response time”
(Dudney et al., 2003)
Textual
Description of
Antipatterns
1.Specifications
Rule Card
2.Generation
Detection
Algorithms
3.Detection
SBSTemplate
Services
involved in
antipatterns
Specification and Detection of SOA Antipatterns 18
39. Antipatterns Specification Language
Textual
Description of
Antipatterns
1.Specifications
Rule Card
2.Generation
Detection
Algorithms
3.Detection
SBSTemplate
Services
involved in
antipatterns
Specification and Detection of SOA Antipatterns 19
40. Specification Examples
1 RULE_CARD: GodObjectWebService {
2 RULE: GodObjectWebService { INTER LowCohesion MultiOperation HighResponseTime LowAvailability };
3 RULE: LowCohesion { COH VERY_LOW };
4 RULE: MultiOperation { NOD HIGH };
5 RULE: HighResponseTime { RT VERY_HIGH };
6 RULE: LowAvailability { A LOW };
7 };
1 RULE_CARD: GodComponent {
2 RULE: GodComponent { INTER HighEncapsulatedService MultiMethod HighParameter };
3 RULE: HighEncapsulatedService { NOSE HIGH };
4 RULE: MultiMethod { NMD VERY_HIGH };
5 RULE: HighParameter { TNP VERY_HIGH };
6 };
Textual
Description of
Antipatterns
1.Specifications
Rule Card
2.Generation
Detection
Algorithms
3.Detection
SBSTemplate
Services
involved in
antipatterns
Specification and Detection of SOA Antipatterns 20
41. Algorithm Generation
Textual
Description of
Antipatterns
1.Specifications
Rule Card
2.Generation
Detection
Algorithms
3.Detection
SBSTemplate
Services
involved in
antipatterns
Model Driven Engineering (MDE)
Parsing
1
Visiting &
Replacing
2
Templates
Models of Rule Cards
Rule
Cards
Algorithms
Specification and Detection of SOA Antipatterns 21
42. SOFA Detection Framework
Textual
Description of
Antipatterns
1.Specifications
Rule Card
2.Generation
Detection
Algorithms
3.Detection
SBSTemplate
Services
involved in
antipatterns
Specification and Detection of SOA Antipatterns 22
44. Validation: Subjects
Service Component Architecture SOAP-based Web services
1. Multi Service
2. Tiny Service
3. Sand Pile
4. Chatty Service
5. The Knot
6. Nobody Home
7. Duplicated Service
8. Bottleneck Service
9. Service Chain
10. Data Service
11. God Component
12. Bloated Service
13. Stovepipe Service
1. God Object Web Service
2. Fine Grained Web Service
3. Ambiguous Name
4. Duplicated Web Service
5. Chatty Web Service
6. Low Cohesive Operations in the Same Port
7. Redundant Port
8. Maybe It is Not RPC
9. Data Web Service
10. CRUDy Interface
REST
1. Ignoring Status Code
2. Tunneling Everything Through GET
3. Tunneling Everything Through POST
4. Forgetting Hypermedia
5. Ignoring Caching
6. Misusing Cookies
7. Ignoring MIME Types
8. Breaking Self Descriptiveness
9. Contextless Resource Names
10. Singularised URI Nodes
Specification and Detection of SOA Antipatterns 23
45. Validation: Objects
Service Component Architecture
Home-Automation – an SCA-based demo system to automate household
FraSCAti – the largest open source SCA system and runtime library for SCA apps
REST APIs
12 REST APIs including BestBuy, DropBox, Facebook, Twitter, and YouTube
115 RESTful method calls
SOAP-based Web Services
120+ Weather- and Finance-related SOAP Web services
Specification and Detection of SOA Antipatterns 24
48. Partial Results on SCA (FraSCAti)
Antipattern
Name
Services
Involved
Metrics Time Precision Recall
Tiny Service sca-parser NMD=1; CPL=0.56 0.067s
[1/1]
100%
[1/1]
100%
Bottleneck
Service
sca-composite
sca-parser
RT=41ms;CPL=0.96;
NIR=16;NOR=8
RT=45ms;CPL=0.84;
NIR=16;NOR=5
0.086s
[1/2]
50%
[1/1]
100%
Specification and Detection of SOA Antipatterns 26
49. Summary Results on SCA
SCA Systems Average Precision Average Recall
Average
Detection Time
Home-Automation 92.5% 100% 0.387s
FraSCAti 89.17% 95% 0.089s
Average 90.84% 97.5% 0.238s
Specification and Detection of SOA Antipatterns 27
54. SODA-R approach for REST
SODA-R: Service Oriented Detection for Antipatterns in REST
Step 1
Analysis
Description of
REST patterns
and antipatterns
Heuristics
Step 2
Algorithms
Detection
Detected
REST patterns
and antipatterns
REST APIs
Implementation
Application
of Algorithms
Specification and Detection of SOA Antipatterns 30
55. Detection Heuristics
1: ENTITY-LINKING(response-header, response-body, http-method)
2: body-links[] EXTRACT-ENTITY-LINKS(response-body)
3: header-link response-header.getValue(“Link”)
4: if (http-method = GET and (LENGTH(body-links[]) = 1 or header-link NIL)) or
5: (http-method = POST and (“Location:” response-header.getKeys() or
6: LENGTH(body-links[]) = 1))) then
7: print “Entity Linking detected”
8: end if
Heuristic of Entity Linking pattern
1: FORGET-HYPER-MEDIA(response-header, response-body, http-method)
2: body-links[] EXTRACT-ENTITY-LINKS(response-body)
3: header-link response-header.getValue(“Link”)
4: if (http-method = GET and (LENGTH(body-links[]) = 0 or header-link = NIL)) or
5: (http-method = POST and (“Location:” response-header.getKeys() and
6: LENGTH(body-links[]) = 0))) then
7: print “Forgetting Hypermedia detected”
8: end if
Heuristic of Forgetting Hypermedia antipattern
Specification and Detection of SOA Antipatterns 31
67. H1: Generality
Our DSL allows the specification of various SOA antipatterns, from
simple to more complex ones
1 RULE_CARD: LowCohesiveOperations {
2 RULE: LowCohesiveOperations { INTER MultiOperation LowCohesivePT };
3 RULE: MultiOperation { NOD HIGH };
4 RULE: LowCohesivePT { ARIO LOW };
5 };
Specification and Detection of SOA Antipatterns 38
68. H1: Generality
Our DSL allows the specification of various SOA antipatterns, from
simple to more complex ones
1 RULE_CARD: CRUDyInterface {
2 RULE: CRUDyInterface { INTER ChattyInterface HighCRUDOperation };
3 RULE: ChattyInterface { RULE_CARD: ChattyWebService };
4 RULE: HighCRUDOperation { NCO > 1 };
5 };
1 RULE_CARD: ChattyWebService {
2 RULE: ChattyWebService { INTER LowCohesion HighDataAccessor
MultiOperation LowPerformance };
3 RULE: LowCohesion { COH LOW };
4 RULE: HighDataAccessor { ANAO VERY_HIGH };
5 RULE: MultiOperation { NOD HIGH };
6 RULE: LowPerformance { INTER HighRT LowA };
7 RULE: HighRT { RT HIGH };
8 RULE: LowA { A LOW };
9 };
1 RULE_CARD: LowCohesiveOperations {
2 RULE: LowCohesiveOperations { INTER MultiOperation LowCohesivePT };
3 RULE: MultiOperation { NOD HIGH };
4 RULE: LowCohesivePT { ARIO LOW };
5 };
Specification and Detection of SOA Antipatterns 38
69. H2: Accuracy
The detection algorithms have an average precision of more than
75% and a recall of 100%, i.e., more than three-quarters of
detected antipatterns are true positive and we do not miss any
existing antipatterns
Web Services 88.69% 100%
Average Precision Average Recall
SCA 90.84% 97.5%
REST 89.42% 94%
Specification and Detection of SOA Antipatterns 39
Average 89.65% 97.17%
70. H3: Extendibility
Our DSL and SOFA framework are extensible for adding new
metrics and new SOA antipatterns
Web Services 10 0 10
Antipatterns Patterns New Metrics
SCA 13 0 17
REST 8 5 -
Total 31 5 27
Specification and Detection of SOA Antipatterns 40
71. H4: Performance
The computation time required for the detection of antipatterns
using the generated algorithms is reasonably very low, i.e., in the
order of few seconds
Web Services 147.55s
Average Detection Time
SCA 0.238s
REST 21.43s
Average 51.41s
Specification and Detection of SOA Antipatterns 41
79. Current and Future Plan
• Antipatterns in service-oriented business processes, i.e., BPEL
• Semantic analysis of REST APIs based on dictionaries
(WordNet and Stanford Core NLP)
• A comprehensive tool support for the detection
• Further validation of the approach with more Web services and
RESTful APIs
Specification and Detection of SOA Antipatterns 44