Formal Languages and Analysis of Contract-Oriented Software



Similar documents
A Spam Message Filtering Method: focus on run time

Queueing systems with scheduled arrivals, i.e., appointment systems, are typical for frontal service systems,

Software Engineering Management: strategic choices in a new decade

Two Dimensional FEM Simulation of Ultrasonic Wave Propagation in Isotropic Solid Media using COMSOL


Pekka Helkiö, 58490K Antti Seppälä, 63212W Ossi Syd, 63513T

A Note on Profit Maximization and Monotonicity for Inbound Call Centers

DISTRIBUTED DATA PARALLEL TECHNIQUES FOR CONTENT-MATCHING INTRUSION DETECTION SYSTEMS

CHARACTERISTICS OF WAITING LINE MODELS THE INDICATORS OF THE CUSTOMER FLOW MANAGEMENT SYSTEMS EFFICIENCY

Bidding for Representative Allocations for Display Advertising

A note on profit maximization and monotonicity for inbound call centers

DISTRIBUTED DATA PARALLEL TECHNIQUES FOR CONTENT-MATCHING INTRUSION DETECTION SYSTEMS. G. Chapman J. Cleese E. Idle

HUMAN CAPITAL AND THE FUTURE OF TRANSITION ECONOMIES * Michael Spagat Royal Holloway, University of London, CEPR and Davidson Institute.

Thank you for attending the MDM for the Enterprise Seminar Series!

A technical guide to 2014 key stage 2 to key stage 4 value added measures

FEDERATION OF ARAB SCIENTIFIC RESEARCH COUNCILS

How Enterprises Can Build Integrated Digital Marketing Experiences Using Drupal

A Review On Software Testing In SDlC And Testing Tools

Availability of WDM Multi Ring Networks

Scheduling of Jobs and Maintenance Activities on Parallel Machines

Progress 8 measure in 2016, 2017, and Guide for maintained secondary schools, academies and free schools

Project Management Basics

CASE STUDY BRIDGE.

Profitability of Loyalty Programs in the Presence of Uncertainty in Customers Valuations

SELF-MANAGING PERFORMANCE IN APPLICATION SERVERS MODELLING AND DATA ARCHITECTURE

A Resolution Approach to a Hierarchical Multiobjective Routing Model for MPLS Networks

Laureate Network Products & Services Copyright 2013 Laureate Education, Inc.

Apigee Edge: Apigee Cloud vs. Private Cloud. Evaluating deployment models for API management

REDUCTION OF TOTAL SUPPLY CHAIN CYCLE TIME IN INTERNAL BUSINESS PROCESS OF REAMER USING DOE AND TAGUCHI METHODOLOGY. Abstract. 1.

Benchmarking Bottom-Up and Top-Down Strategies for SPARQL-to-SQL Query Translation

Bi-Objective Optimization for the Clinical Trial Supply Chain Management

Algorithms for Advance Bandwidth Reservation in Media Production Networks

Mixed Method of Model Reduction for Uncertain Systems

SRA SOLOMON : MUC-4 TEST RESULTS AND ANALYSI S

Return on Investment and Effort Expenditure in the Software Development Environment

Chapter 10 Stocks and Their Valuation ANSWERS TO END-OF-CHAPTER QUESTIONS

Control Theory based Approach for the Improvement of Integrated Business Process Interoperability

License & SW Asset Management at CES Design Services

Redesigning Ratings: Assessing the Discriminatory Power of Credit Scores under Censoring

Simulation of Power Systems Dynamics using Dynamic Phasor Models. Power Systems Laboratory. ETH Zürich Switzerland

Proofs for Traffic Safety

Linear Momentum and Collisions

TRADING rules are widely used in financial market as

EVALUATING SERVICE QUALITY OF MOBILE APPLICATION STORES: A COMPARISON OF THREE TELECOMMUNICATION COMPANIES IN TAIWAN

A Novel Web-Based Student Academic Records Information System

1 Introduction. Reza Shokri* Privacy Games: Optimal User-Centric Data Obfuscation

The Cash Flow Statement: Problems with the Current Rules

Risk Management for a Global Supply Chain Planning under Uncertainty: Models and Algorithms

Graph Analyi I Network Meaure of the Networked Adaptive Agents

Socially Optimal Pricing of Cloud Computing Resources

Control of Wireless Networks with Flow Level Dynamics under Constant Time Scheduling

Mobile Network Configuration for Large-scale Multimedia Delivery on a Single WLAN

Differences and Common Aspects of POG and EMR Energy-Based Graphical Techniques

Performance of Multiple TFRC in Heterogeneous Wireless Networks

Utility-Based Flow Control for Sequential Imagery over Wireless Networks

Improving the Performance of Web Service Recommenders Using Semantic Similarity

Research Article An (s, S) Production Inventory Controlled Self-Service Queuing System

TIME SERIES ANALYSIS AND TRENDS BY USING SPSS PROGRAMME

Optical Illusion. Sara Bolouki, Roger Grosse, Honglak Lee, Andrew Ng

DUE to the small size and low cost of a sensor node, a

SHARESYNC SECURITY FEATURES

AN OVERVIEW ON CLUSTERING METHODS

CASE STUDY ALLOCATE SOFTWARE

THE IMPACT OF MULTIFACTORIAL GENETIC DISORDERS ON CRITICAL ILLNESS INSURANCE: A SIMULATION STUDY BASED ON UK BIOBANK ABSTRACT KEYWORDS

TRID Technology Implementation

Linking Example-Based and Rule-Based Machine Translation. Michael Carl, Catherine Pease and Oliver Streiter

Report b Measurement report. Sylomer - field test

RISK MANAGEMENT POLICY

Development Progress

Simulation of Sensorless Speed Control of Induction Motor Using APFO Technique

Brand Equity Net Promoter Scores Versus Mean Scores. Which Presents a Clearer Picture For Action? A Non-Elite Branded University Example.

Forest Lake Local Plan

SPECIFICATIONS FOR PERIMETER FIREWALL. APPENDIX-24 Complied (Yes / No) Remark s. S.No Functional Requirements :

Acceleration-Displacement Crash Pulse Optimisation A New Methodology to Optimise Vehicle Response for Multiple Impact Speeds

Auction Mechanisms Toward Efficient Resource Sharing for Cloudlets in Mobile Cloud Computing

6. Friction, Experiment and Theory

Transcription:

Antonio Brogi, Roberto Bruni, Gerardo Schneider (Ed.) Formal Language and Analyi of Contract-Oriented Software 4th International Workhop, FLACOS 2010 Pia, Italy, September 17 18, 2010 Electronic Proceeding

Table of Content On the formal repreentation of norm and contract... 1 Marek Sergot Contract-baed Slicing... 3 Daniela da Cruz, Pedro Henrique and Jorge Soua Pinto A Calculu of Contracting Procee... 11 Maimo Bartoletti and Roberto Zunino Contract-baed Reaoning about Progre: Application to Reource Sharing in a Network... 19 Imene Ben-Hafaiedh, Suanne Graf and Sophie Quinton Contract-Baed Dicovery and Adaptation of Web Service... 27 Luca Padovani A Survey of Formal Language for Contract... 29 Tom Hvitved On the Formal Specification of Buine Contract and Regulatory Compliance... 33 Amal Elgammal, Oktay Turetken, Willem-Jan van den Heuvel and Mike Papazoglou Formal Model for Buine-aware Tranaction Management... 37 Francoi Hantry, Mohand-Said Hacid and Mike Papazoglou Autonomou and yet Secure Evolution for Smart Card Application uing Self-Certification... 41 Olga Gadyatkaya and Fabio Maacci Synthei and Analyi of Adaptor through Security Contract... 49 Joé Antonio Martín and Erneto Pimentel Viual Specification of Formal e-contract... 55 Enrique Martínez, Gregorio Díaz and M. Emilia Cambronero A Trace-baed Model for Multi-party Contract... 63 Tom Hvitved Viual Behavioural Modelling with Contract... 71 Nuno Amálio and Pierre Kelen Controllability and Abtraction in Buine Procee... 75 Maria Grazia Bucemi and Hernán Melgratti Leveraging a Contract-baed Synchronization Framework for Deign and Analyi of Service... 79 Laura K. Dillon, Yi Huang and R.E.K. Stirewalt

ViualSpecificationofFormale-Contract Enrique Martínez Gregorio Díaz M. Emilia Cambronero Department of Computer Science Univerity of Catilla-La Mancha, Spain {emartinez,gregorio,emicp}@di.uclm.e In thi work we preent a viual model called C-O Diagram for the pecification of e-contract. Thi model include pecification of obligation, permiion, prohibition, reparation and retriction ucharealtimecontraint.wealodefineaformalemanticoftheviualmodelintendedforthe analyi and verification of the modeled contract. 1 Introduction We conider e-contract a a et of claue that mut be atified by everal partie participating in a ytem. Thee claue regulate how participant hould behave, what are the penaltie in cae of mibehavior, and under which condition uch claue mut be enacted. We alo have that when a claue i violated, if the claue define a reparation (econdary claue that come into force when the main claue i not atified), and thi reparation i fulfilled, then the claue i eventually fulfilled. Recently ome work about pecifying e-contract in a formal manner have been releaed[2, 3, 10], but thee approache conit of formal language which are hard to tudy and manipulate by untrained final uer of thi technology, a buine proce developer. Thegoalofthiworkitointroduceanewapproachforthepecificationofe-contractinauer friendly way. E-contract may be complex, coniting of compoite claue making reference to other claue in the ame or in another contract. Furthermore, we conider contract with timed retriction and condition under which the contract claue mut be applied. Hence, our approach i baed on a viual model that we call Contract-Oriented Diagram or C-O Diagram for hort, ince it i wellknownthattheueofviual modelmakeeaiertheperception ofknowledge, andinthiway, the intuitive undertanding, reading and maintenance of complex problem[6]. Thi approach can be ueful in ervice-oriented architecture, component-baed ytem, requirement acquiition, oftware product line, etc. In the following ection we firt informally define the element and tructure of our viual model,nextweformallydefinetheyntaxofthediagram,andfinallywepreentafirtverionofthe formal emantic of thee diagram, baed on timed automaton. 2 Viual Model Inourviualmodelwedefineahierarchicaltreediagramuedtopecifythecontractclauethatwecall C-ODiagram. InFigure1wehowthebaicelement. Itcorrepondtoacontractclaueandwecall itbox. Thiboxconitoffourfield,allowingutopecifynormativeapectorimplenorm(P), reparation(r),condition(g)andtimeretriction(tr).eachboxhaanameandanagent.thenamei uefulbothtodecribetheclaueandtoreferencetheboxfromotherclaue,oitmutbeunique.the PartiallyupportedbytheSpanihgovernment(cofinancedbyFEDERfound)withtheprojectTIN2009-14312-C02-02 and the JCCLM regional project PEII09-0232-7745. The firt author i upported by the European Social Fund and the JCCLM. Preliminary Report. Final verion to appear in: FLACOS 2010 55

agent name Figure 1: Box tructure Claue Claue Claue Seq-refinement SubClaue1 SubClaue2 SubClaue1 SubClaue2 SubClaue1 SubClaue2 Figure 2: AND/OR/SEQ refinement agentindicatewhoitheperformeroftheaction(whichcanbeaervice,acomponentoromething ele, depending on the field where we are applying C-O Diagram). Ontheleft-handideoftheboxwepecifytheconditionandretriction.Theguardgpecifiethe condition under which the contract claue mut be taken into account. The time retriction tr pecifie the time frame in which the contract claue mut be atified. Thepropoitional content P,onthecenter, ithemainfieldofthebox,anditiuedtopecify normative apect(obligation, permiion and prohibition) that are applied over action, and/or the action themelve. The lat field of thee boxe, on the right-hand ide, i the reparation R. Thi reparation, if pecified bythecontractclaue,ianothercontractthatmutbeatifiedincaethemainnorminotatified, conidering the claue eventually atified if thi reparation i atified. Thee baic element of a C-O Diagram can be refined by uing AND/OR/SEQ refinement, a hown in Figure 2. The aim of thee refinement i to capture the hierarchical claue tructure followed by mot contract. An AND-refinement mean that all the ubclaue mut be atified in order to atify the parent claue. An OR-refinement mean that it i only neceary to atify one of the ubclaue in order to atify the parent claue. A SEQ-refinement mean that the norm pecified in the target box (SubClaue2 in Figure 2) mut be fulfilled after atifying the norm pecified in the ource box (SubClaue1inFigure2). Inthiway,wecanbuildahierarchicaltreewiththeclauedefinedbythe contract, where the leaf claue correpond to the atomic claue, that i, to the claue that cannot be divided into ubclaue. There i another tructure that can be ued to model repetition. Thi tructure irepreentedaanarrowgoingfromaubclauetooneofitancetorclaue(ortoitelf),meaning the repetitive application of all the ubclaue of the target claue after atifying the ource ubclaue. In thi work, we follow an ought-to-do approach, i.e., the normative apect of obligation, permiion and prohibition, a defined in deontic logic[9], are applied over action performed by the participantinthecontract. WeonlyallowthepecificationofatomicactioninthePfieldoftheleaf claueofourdiagram.theeactionaredenotedbylowercaelatinletter( a, b, c,...).weue adah( - )todenotethatthereinoactionpecifiedinthenoleafclaue.thecompoitionofaction canbeachievedbymeanofthedifferentkindofrefinement. Inthiway,anAND-refinementcanbe uedtomodelconcurrency & betweenaction,anor-refinementcanbeuedtomodelachoice + betweenaction,andaseq-refinementcanbeuedtomodelequence ; ofaction. InFigure3we can ee an example about how to model thee compound action through refinement, given two atomic actionaandb. 56

- - - Seq-refinement a a + b b a b a b a & b a ; b Figure 3: Compoition of action in C-O Diagram - - - Seq-refinement O a O b O a O b O a O b O(a) O(b) O(a) O(b) O(a) ; O(b) Figure 4: Compoition of deontic norm in C-O Diagram The deontic norm(obligation, permiion and prohibition) that are applied over thee action canbepecifiedinanyclaueofourc-odiagram,affectingalltheactionintheleafclauethatare ubclaueofthiclaue,butatleatoneandonlyonedeonticnormmutbepecifiedineachoneof thebrancheofourdiagram.ifitithecaethattheclauewherewepecifythedeonticnormialeaf claue,thenormonlyaffecttheatomicactionwehaveinthiclaue.weueanuppercae O todenote anobligation,anuppercae P todenoteapermiion,andanuppercae F todenoteaprohibition (forbidden).theeletterarewritteninthetopleftcorneroffieldp.thecompoitionofdeonticnormi alo achieved by mean of the different refinement we have in C-O Diagram. Thu, an AND-refinement correpond to the conjunction operator between norm, an OR-refinement correpond to the choice operator + between norm, and a SEQ-refinement correpond to the equence operator ; between norm. For example, we can imagine having a leaf claue pecifying the obligation of performing an action a, written a O(a), and another leaf claue pecifying the obligation of performing an action b, written a O(b). Thee two norm can be combined in the three different way mentioned before through the different kind of refinement(figure 4). ThefieldRionlyallowedintheboxeofourdiagramwherewepecifyadeonticnormofobligationorprohibitioninfieldP,beingalwayemptyintheotherboxe. Thireparationianewcontract thatcanbejutanobligationoveranatomicaction,butitcanalobeamorecomplexdiagram,including theirownreparation. Inthiway,weareabletopecifynetedreparationinourC-ODiagram. Let uconideraimplecontractctatingthatwehavetheobligationofperforminganatomicactionaand the prohibition of performing an atomic action b. However, if we do not perform the obligatory action a, wecancompenateitbyfulfillinganothercontract(modeledbyanotherdiagram)calledc 1,coniting ofperforminganactioncoranactiond,andifweperformtheforbiddenactionb,wecancompenateit jutbyperforminganactione.thiituationcanbemodeledinourdiagramahowninfigure5. Whenwepecifyaguardgand/oratimeretriction trinaclauethatinotaleafclaue, they affect all the ubclaue, i.e., all the ubclaue neceary to atify the parent claue mut fulfilled the condition and time retriction pecified in thi parent claue. Otherwie, the parent claue i unfulfilled. 1 1 AmoredetaildecriptionofC-ODiagramcanbefoundin[8],includingacaetudyhowinghowtopecifyaconcrete e-contract and a evaluation of the model. 57

AND OR Figure 5: Reparation in C-O Diagram 3 Formal Grammar InthiectionweformallydefinetheyntaxofC-ODiagraminordertomakethemuceptible to formal analyi. Definition 1 (C-O Diagram Syntax) We conider a finite et of real-valued variable C tanding for clock, a finite et of non-negative integer-valued variable V, a finite alphabet Σ for atomic action, a finite et of identifier A for agent, andafiniteetofidentifier N forname.thegreekletter εmeanthatanexpreioniempty. WeueCtodenotethecontractmodeledbyaC-ODiagram.Thediagramyntaxidefinedbythe following EBNF grammar: C := (agent,name,g,tr,o(c 2 ),R) (agent,name,g,tr,p(c 2 ),ε) (agent,name,g,tr,f(c 2 ),R) (ε,name,g,tr,c 1,ε) C 1 := C(AndC) + C(OrC) + C(SeqC) + C 2 := a C 3 (AndC 3 ) + C 3 (OrC 3 ) + C 3 (SeqC 3 ) + C 3 := (ε,name,g,tr,c 2,ε) R := C ε wherea Σ,agent A andname N.Guardgi εoraconjunctiveformulaofatomiccontraintof theform: v norv w n,forv,w V, {,<,=,>, }andn IN,whereatimedretriction tr i ε oraconjunctive formulaofatomiccontraint oftheform: x norx y n, forx,y C, {,<,=,>, }andn IN. O, PandF arethedeontic operator correponding toobligation, permiion andprohibition, repectively, whereo(c 2 )tate theobligation ofperformingc 2, F(C 2 ) tateprohibition ofperformingc 2,andP(C 2 )tatethepermiionofperformingc 2. And,Orand Seq are the operator correponding to the refinement we have in C-O Diagram, AND-refinement, OR-refinement and SEQ-refinement, repectively. ThemotimplecontractwecanhaveinC-ODiagramithatcompoedofonlyoneboxincluding theelementagent andname. Optionally,wecanpecifyaguardgandatimeretrictiontr. Wealo have adeontic operator (O, PorF)applied overan atomicaction a, and inthecae ofobligation and prohibition it i poible to pecify another general contract C a a reparation. For example, C:= (Buyer,Example1,ε,ε,O(pay),C )iavery implecontract pecifying forabuyer the obligation of paying,otherwiecontractc comeintoeffect. WeueC 1 todefineamorecomplexcontractwherewecombinedifferentdeonticnormbymean ofanyofthedifferentrefinementwehaveinc-odiagram.intheboxwherewehavetherefinement 58

intoc 1 wecannotpecifyanagentnorareparationbecauetheeelementarealwayrelatedtoaingle deonticnorm,butwetillcanpecifyaguardgandatimeretrictiontrthataffectallthedeonticnorm wecombine. Forintance,C:= (ε,example2,ε,x <5,C OrC,ε)iacompoedcontractpecifying thatcontractc orcontractc mutbeatifiedinordertoatifycbeforeclockxreachthevalue5. Once wewrite adeontic operator in abox ofour diagram, wehave twopoibilitie awecan eeinthepecification ofc 2 : wecanjutwriteaimpleactionainthebox, beingthedeontic operator applied only over it, or we can refine thi box in order to apply the deontic operator over a compound action. Inthicaewehavethattheubboxe (C 3 )cannotdefineanewdeontic operator a it ha already been defined in the parent box (affecting all the ubboxe). Then, thee ubboxe cannotpecifyanagentnorareparation, butitipoibletopecifyaguardgandatimeretriction tr affecting only the action in the ubbox or the action compoed in it refinement. For example, C:= (Buyer,Example3,ε,ε,O(C OrC ),ε), where wehave thatc := (ε,option1,ε,ε,paycah,ε) andc :=(ε,option2,ε,ε,paycard,ε),iacontractpecifyingforabuyertheobligationofpayingby cahorbycreditcard. 4 Formal Semantic The C-O Diagram formal emantic i given by mean of a atifaction function. To define thi atifaction function we follow the C-O Diagram yntax given in Definition 1. The atifiability of a contract i defined baed on the tate of a timed labelled tranition ytem aociated to a timed automaton. Baically,atimedautomaton(TA)[1]iatuple (N,n 0,E,I),whereNiafiniteetoflocation(node), n 0 Nitheinitiallocation,Eitheetofedge,andIiafunctionthataigninvariantcondition (whichcouldbeempty)tolocation. Wewriten g,a,r n todenote (n,g,a,,r,n ) E,wheren,n N, giaguard,aianaction,riaetofclockwewanttoreet,andiaetofvariableaignment. Theemanticofatimedautomatonidefinedaatimedlabelledtranitionytem (Q,q 0, ),whereq iaetoftate,q 0 Qitheinitialtate,and itheetoftranition.duetothelackofpace,refer to[4] for a complete definition of timed automaton and it emantic. Definition 2 (C-O Diagram Semantic) Let A = (N,n 0,E,I)beatimedautomaton, withtheaociated timedlabelled tranition ytem (Q,q 0, )and q Q. GivenaC-ODiagramC, one can define (A,q) =C (A in tate qatifie contract C) a follow: (1) (A,q) =(agent,name,g,tr,o(a),r)iff q 1 q 2... q j forq=q1 : a Themainclauehold,thati, i [1,j 1]uchthatq i q i+1 with n i g,a,r n i+1 where (g tr) g andagent(a) Themainclauedoenotholdbutreparationhold,thati,R εand (A,q i+1 ) =Rfor thefirti [1,j 1]uchthatq i d q i+1 with d (n i,u) (n i,u+d)and (u+d) tr (2) (A,q) =(agent,name,g,tr,p(a),ε)iff q 1 q 2... q j forq=q1 wherethemain a g,a,r clauehold,thati, i [1,j 1]uchthatq i q i+1 withn i n i+1 where (g tr) g and agent(a) 59

(3) (A,q) =(agent,name,g,tr,f(a),r)iff q 1 q 2... q j forq=q1 : Themainclauehold,thati, i [1,j 1]uchthatq i a q i+1 with g,a,r n i n i+1 where (g tr) g andagent(a), Themainclauedoenotholdbutreparationhold,thati,R εand (A,q i+1 ) =Rfor a g,a,r thefirti [1,j 1]uchthatq i q i+1 withn i n i+1 where(g tr) g andagent(a) (4) (A,q) =(agent,name,g,tr,d((ε,name 1,g 1,tr 1,C 1,ε)RE (ε,name 2,g 2,tr 2,C 2,ε)RE...RE (ε,name k,g k,tr k,c k,ε)),r)iff (A,q) =(ε,name,g,tr,(agent,name 1,g 1,tr 1,D(C 1 ),R)RE (agent,name 2,g 2,tr 2,D(C 2 ),R)RE...RE (agent,name k,g k,tr k,d(c k ),R),ε) (5) (A,q) =(ε,name,g,tr,(agent 1,name 1,g 1,tr 1,C 1,R 1 )RE (agent 2,name 2,g 2,tr 2,C 2,R 2 )RE...RE (agent k,name k,g k,tr k,c k,r k ),ε)iff (A,q) =(agent 1,name 1,g g 1,tr tr 1,C 1,R 1 ) (A,q) =(agent 2,name 2,g g 2,tr tr 2,C 2,R 2 )... (A,q) =(agent k,name k,g g k,tr tr k,c k,r k ) Line(1) (3) correpond to the emantic of applying an obligation, a permiion or a prohibition overanatomicactiona. Inthecaeofobligation,forallthepoiblepathinourautomatonwemut have the performance of a by the pecified agent(denoted by agent(a)) and fulfilling alo any condition ortimeretrictionwehavepecified(denotedby (g tr) g ).Iftheobligedactioninotperformedin the expected time frame, we have the alternative poibility of atifying reparation R from the moment at whichtimedretrictioninotfulfilledanymore(denotedby(u+d) tr).inpermiionweconiderthat the performance of a i only neceary in one of the path. Thi interpretation of permiion i becaue we think that an automaton atifying a contract mut offer the poibility of performing a permitted actioninatleatoneofitpath. Prohibitionitheoppoiteofpermiion,owecannothaveapath whereweperformtheforbiddenactiona,butincaeweperformtheactionwetillhavethepoibility of atifying reparation R after that. Inline(4) (5)wehavethat D {O,P,F}, RE {And,Or}and {, }.Line(4)correpond to the emantic of applying a deontic norm over an AND-refinement or an OR-refinement. For all the deontic operator we jut propagate them into each one of the ubcontract, a well a reparation R and agent, and the atifaction of the main contract conit of the atifaction of the refinement RE of thee new ubcontract. Line(5) correpond to the emantic of thee refinement when no deontic operator i applied over them(they will be pecified in the ubcontract). In thee cae, the atifaction of the main contract conit of the conjunction( for AND-refinement) or dijunction( for OR-refinement) of the atifaction of each one of the ubcontract, propagating any condition or time retriction in the maincontractintotheeubcontract(denotedbyg g k andtr tr k ). In thi C-O Diagram emantic we deliberately omit SEQ-refinement. The emantic of thi refinementimorecomplexbecauewehavetoguaranteethattheubcontractnotonlyarefulfilledbutthey arealofulfilledinthecorrectorder. Forthatpurpoewearenowworkingonnewemanticruleto apply ditributivity of SEQ-refinement over the other refinement, o we can finally have equence of deonticnormappliedoveratomicaction. Inthiway,wecandetermineifinthelocationwereach after atifying the firt element of the equence the remaining equence i fulfilled. 60

5 Concluion and Future Work In thi paper we have preented C-O Diagram, a new viual formalim for electronic contract. To thebetofourknowledge, thereinotanyotherviualmodelpecially createdforthedefinitionof e-contract. There are everal work in the literature that define a meta-model for the pecification of e-contract baed on ome already exiting viual pecification like UML or entity-relationhip diagram [5,7],buttheyalllackofomeofthecapabilitie wehaveinc-odiagram(realtimecontraint, reparation,...). A future work, apart from complete C-O Diagram emantic, we are planning to apply thi model to different cae tudie in order to evaluate it uefulne in different field. We alo enviage the poibility of pecifying a different C-O Diagram for each one of the partie involved in an e-contract intead of having a global C-O Diagram with multiple agent. Thi compoitional approach can be ueful if we define a compoition operator, pecifying when two of thee new C-O Diagram can be compoed and the reult of the compoition. Reference [1] R. Alur& D.L. Dill(1990): Automata For Modeling Real-Time Sytem. Proceeding of 17th International Colloquium on Automata, Language, and Programming, pp. 322 335. [2] M. Bravetti& G. Zavattaro(2007): Toward a unifying theory for choreography conformance and contract compliance. Proceeding of the Sixth International Sympoium on Software Compoition, pp. 34 50. [3] M.G. Bucemi& U. Montanari(2008): Cc-Pi: A Contraint-Baed Language for Contract with Service Level Agreement. Proceeding of Second International Workhop on Formal Language and Analyi of Contract-Oriented Software, pp. 1 8. [4] M.E. Cambronero, G. Díaz, V. Valero& E. Martínez(2010): Validation and Verification of Web Service Choreographie by Uing Timed Automata. Article in Pre, Corrected Proof. [5] D. Cambronero, S. Cheung& S. Till(2003): A Three-Layer Architecture for E-Contract Enforcement in an E-Service Environment. Proceeding of the 36th Hawaii International Conference on Sytem Science (HICSS-36), pp. 74 83. [6] D. Harel(1988): On Viual Formalim. Communication of the ACM 31(5), pp. 514 530. [7] P.R. Krihna, K. Karlapalem& A.R. Dani(2005): From Contract to E-Contract: Modeling and Enactment. Information Technology and Management 6(4), pp. 363 387. [8] E. Martínez, G. Díaz, M.E. Cambronero& G. Schneider(2010): A Formal Model for Viual Specification of e-contract. The 7th IEEE 2010 International Conference on Service Computing(SCC 2010). To appear. Available at http://folk.uio.no/gerardo/cc2010.pdf. [9] P. McNamara(2006): Deontic Logic. Gabbay, D.M., Wood, J., ed.: Handbook of the Hitory of Logic 7, pp. 197 289. North-Holland Publihing. [10] C. Priacariu& G. Schneider(2007): A formal language for electronic contract. Proceeding of 9th IFIP International Conference on Formal Method for Open Object-Baed Ditributed Sytem, pp. 174 189. 61

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information