Published September 5, 2016 | Version v1
Conference paper

Envisage: Developing SLA-aware Deployed Services with Formal Methods

Description

Insufficient scalability and bad resource management of software services can easily eat up any potential savings from cloud deployment. Failed service-level agreements (SLAs) cause penalties for the provider, while oversized SLAs waste resources on the customer's side. IBM Systems Sciences Institute estimates that a defect which costs one unit to fix in design, costs 15 units to fix in testing (system/acceptance) and 100 units or more to fix in production [6]; this cost estimation does not even consider the impact cost due to, for example, delayed time to market, lost revenue, lost customers, and bad public relations. The Envisage project aims at shifting deployment decisions from the end of the software engineering process to become an integral part of software design [2]. Deployment on the cloud gives software designers far reaching control over the resource parameters of the execution environment, such as the number and kind of processors, the amount of memory and storage capacity, and the bandwidth. In this context, designers can also control their software's trade-offs between the incurred cost and the delivered quality-of-service. SLA-aware services, which are designed for scalability, can even change these parameters dynamically, at runtime, to meet their service contracts. Envisage permits to design and validate these services by connecting executable models to formal service contracts and an API that is an abstraction of the cloud environment, see Fig. 1. This approach enables new kinds of analysis: – Simulation (" Early modeling "): The formally defined modeling language ABS [10] realizes a separation of concerns between the cost of execution and the capacity of dynamically provisioned cloud resources [11]. Models are executable; a simulation tool supports rapid prototyping and visualization. – Formal methods (" Early analysis "): as ABS was designed for analysis, it enables a range of tool-supported formal techniques, including behavioral types for deadlock analysis and SLA compliance [8], worst-case cost analysis [1], deductive verification [7], and automated test-case generation [4]. – Monitoring (" Late analysis "): ABS supports code generation backends [5] that preserve upper bounds on cost and permit performance monitoring of the provisioned cloud resources after deployment [13].

Abstract

International audience

Additional details

Created:
March 25, 2023
Modified:
December 1, 2023