[PDF] SOAQM: Quality Model for SOA Applications based on ISO 25010

View - Download SOAQM: Quality Model for SOA Applications based on ISO 25010

Previous PDF

Next PDF

SOAQM: Quality Model for SOA Applications based on ISO 25010 J oyce M. S. Franc¸a

1,2and Michel S. Soares3

1 Federal University of Uberlˆandia, Faculty of Computing, Uberlˆandia, Brazil

2Federal Institute of Education, Science and Technology of Norte de Minas Gerais, Janu´aria, Brazil

3Federal University of Sergipe, Department of Computing, S˜ao Crist´ov˜ao, Brazil

Keywords:

Software Quality, Service Oriented Architecture, ISO 25010, Quality Model.

Abstract:

Service-Oriented Architecture (SOA) has been widely adopted to develop distributed applications with the

promise of legacy systems integration and better agility to build applications by reusing services. Considering

the important role of SOA in organizations, quality should be treated as a key issue. By observing the works

proposed in the literature, it is possible to notice that there is a need for development of a specific quality

model for SOA based on the latest ISO 25010. One of the proposals of this paper is to analyze which important

contributions were aggregated into the new ISO 25010 regarding SOA applications when compared with ISO

9126. Thispaper provides thedefinition of aspecific quality model for SOA based on qualityattributesdefined

by ISO 25010. As a result, most quality attributes proposed by ISO 25010 may be applicable to SOA at some

degree level. However, some of these quality attributes should be adapted when applied to SOA projects.

1 INTRODUCTION

Software systems are becomingincreasinglycomplex

over time and, thus, quality assurance is becomingin- creasingly important as well (Boehm, 2006) (Huang et al., 2012). To ensure adequatesoftware quality, rel- evant quality characteristics must be specified, taking into account the intended use of a software product. In orderto make a properevaluationof software, rele- vant quality characteristics of a software producthave been proposedin manyqualitymodels, includingISO standards.

Many software systems were developed in past

years in an isolated manner, with little concerns about their integration (Erl, 2007), which leads to increas- ing complexity. Service-Oriented Computing is a paradigm that utilizes services as fundamental el- ements for developing applications/solutions (Papa- zoglou, 2003). A service is a capability of the busi- ness organizationthatis implementedandmadeavail- able on the Internet so that other applications can ac- cess it. Service-OrientedArchitectures(SOA)emerge as an attempt to integrate legacy systems by using

Web Services. Within SOA, developers can combine

and integrate internal legacy software assets with fur- plications.

Several authors warn that activities related to soft-ware quality are fundamental to software productsuccess (Sanders and Curran, 1994) (Sommerville,

2010). Evaluation of software quality is an extremely

important activity in the software development pro- cess. Factors that affect quality, and can be directly ample, lines of code). Factors that can only be indi- rectly measured are called external quality attributes such as maintainability.

ISO 9126 (ISO/IEC, 1991) has inspired several

quality models. In 2011, ISO 9126 was replaced by

ISO 25010 (ISO/IEC, 2011). There are many spe-

cific quality models for SOA already proposed in the literature. A systematic review proposed by Oriol et al. (Oriol et al., 2014) presented 47 quality models specific to Web services. However, most of these pro- posals did not take into consideration ISO standards. Only 6 out of 47 models were based on an ISO stan- dard. In addition, none of these 47 models is based on ISO 25010. In a systematic mapping performed by the authors, Quality of SOA applications has been hardly mentioned.

One of the proposals of this paper is to analyze

which important contributions were aggregated into the new ISO 25010 regarding SOA applications. In addition, this analysis aims to determine if limitations perceived in ISO 9126 were solved in the most recent

ISO 25010. Anotherproposalofthis paperis toinves-

M. S. França J. and S. Soares M..

SOAQM: Quality Model for SOA Applications based on ISO 25010.

DOI: 10.5220/0005369100600070

InProceedings of the 17th International Conference on Enterprise Information Systems(ICEIS-2015), pages 60-70

ISBN: 978-989-758-097-0

Copyright

c

2015 SCITEPRESS (Science and Technology Publications, Lda.)

tigate the applicability of ISO 25010 to SOA applica-tions. The aim is to analyze all the quality attributes(characteristics and sub-characteristics) proposed byISO 25010 and determine which of them are directlyapplicable to dene quality in SOA. In this direction,the research question is dened as follows:

RQ1 - What quality attributes proposed by ISO

25010 are relevant to SOA applications?

The answer to this question in this paper is the

denition of a quality model specic for SOA based on quality attributes dened by ISO 25010.

2 BRIEF INTRODUCTION TO ISO

25010

Product quality model dened in ISO 25010 com-

prises eight quality characteristics: Functional Suit- ability, Reliability, Performance Efciency, Usability, Security, Compatibility, Maintainability and Portabil- ity, and 31 sub-characteristics as depicted in Figure

1. Compared to ISO 9126, ISO 25010 is more com-

prehensive and complete. ISO 9126 (ISO/IEC, 1991) provides 6 characteristics and 27 sub-characteristics, while ISO 25010 provides 8 characteristics and 31 sub-characteristics. According to (Botella et al.,

2004), ISO 9126 has some limitations due to its

generic nature. Some concepts presented in ISO 9126 need to be rened before they can be actually applied in a real project. In addition, elements of software metrics were not clear when dening the standard.

New characteristics were inserted in ISO 25010

such as security and compatibility. Both characteris- tics were not dened in ISO 9126. In addition, the hi- erarchy of characteristics and sub-characteristics was reorganized with the purpose of improving under- standingofrelatedconcepts. This effortof ISO25010 to reorganizeand create new features and improvethe understanding of denitions is an attempt to address the limitations of ISO 9126 with respect to the ab- stract nature, incompleteness and lack of clarity as other authors have warned (Al-Kilidar et al., 2005).

Each ISO 25010 characteristic is composed of a

set of related sub-characteristics, as depicted in Fig- ure 1. A brief summary of the denition of each char- acteristic is presented in this section as follows.

Functional Suitability represents the degree to

which a product or system provides functions that meet stated and implied needs when used under spec- ied conditions. This characteristic is composed of sub-characteristics Functional Completeness, Func- tional Correctness, and Functional Appropriateness.

Performance efciency represents the perfor-

mance relative to the amount of resources used un-der stated conditions. This characteristic is composedof sub-characteristics Time Behaviour, Resource Uti-lization, and Capacity.

Compatibility is the degree to which a product,

system or component can exchange information with other products, systems or components, and/or per- form its required functions, while sharing the same hardware or software environment. This character- istic is composed of sub-characteristics Co-existence and Interoperability. Usability is the degree to which a product or sys- goals with effectiveness, efciency and satisfaction in a specied context of use. This characteristic is com- posed of sub-characteristics Appropriateness Recog- nizability, Learnability, Operability, User Error Pro- tection, User Interface Aesthetics, and Accessibility. Reliability is the degree to which a system, prod- uct or component performs specied functions under specied conditions for a specied period of time. This characteristic is composed of sub-characteristics Maturity, Availability, Fault Tolerance, and Recover- ability. protects information and data so that persons or other products or systems have the degree of data access appropriate to their types and levels of authorization. This characteristic is composed of sub-characteristics Condentiality, Integrity, Non-repudiation, Account- ability, and Authenticity. Maintainability represents the degree of effective- ness and efciency with which a product or system can be modied to improve it, correct it or adapt it to changes in environment, and in requirements. This characteristic is composed of sub-characteristics Modularity, Reusability, Analyzability, Modiability, and Testability. Portability is the degree of effectiveness and ef- ciency with which a system, product or component can be transferred from one hardware, software or other operational or usage environment to another. This characteristic is composed of sub-characteristics

Adaptability, Installability, and Replaceability.

3 SOAQM MODEL

ISO 25010 quality characteristics need to be stud- ied and adapted in order to be applied to SOA ap- plications. All characteristics and sub-characteristics proposed by ISO 25010 were analyzed regarding the real applicability to SOA. Accordingly, we establish for each characteristics the degree of applicability to SOA. Then, the next step of this analysis is to dene62$404XDOLW\0RGHOIRU62$$SSOLFDWLRQVEDVHGRQ,62 Figure 1: Quality model for external and internal quality byISO 25010. how these characteristics can be adapted to the SOA context.

We propose a degree of importance that denes

which characteristics are more relevant during the

SOA application development process. Seven volun-

teers answered a questionnaire to dene the degree of importance. Two of them work in academia as re- searchers and also in industry projects, and the other ve work only in industry, as developers, software ar- chitects or project managers. Each question repre- sents a quality sub-characteristic and each volunteer answered how important this sub-characteristic is for

SOA. The answer varies from 1 to 5 following the

Likert Scale (1-Not Important, 2-Less Important, 3- Neutral, 4-Important, 5-Very Important). The results to this survey are described in Table 1. Table 2 presents the results of the analysis of ISO

25010 characteristics and their applicability to SOA

projects. First two columns of Table 2 shows all char- acteristics and sub-characteristics proposed by ISO

25010. Third column presents the degree of im-

portance of each sub-characteristic with relation to the SOA context. Highlighted sub-characteristics in green are important or very important quality at- tributes for SOA applications. Sub-characteristics highlighted in yellow are not so important, but they are relevant for SOA and can not be disregarded. On the other hand, there are quality sub-characteristics considered less important or even irrelevant to SOA applications and therefore were highlighted in red . Finally, the last column presents the likely reasons that justies the results. The remainder of this section is divided into eight subsections. Each of the eight subsections addresses one ISO quality characteristic and also discusses how one can suit them in the context of SOA. These sub- sections are also important to present the reasoning

behind each denition described in Table 2.3.1 Functional SuitabilitySub-characteristic Functional Completeness meansthe degree to which the set of functions covers all thespecied tasks and user objectives. Observing fromthe SOA perspective,services must coverall the spec-ied tasks and user objectives for which they weredesigned. The rst activity during the developmentof SOA applications include dening requirements todevelop services. This phase is commonly knownas service-oriented analysis. Service-oriented anal-ysis (Erl, 2005) is a process of determining require-ments, scope of service and which services will bedeveloped. These important denitions are incorpo-rated into a documentknown as functional document,which is used to software validation.

Sub-characteristic Functional Correctness means

the degree to which a product or system provides cor- rect results with the needed degree of precision. This sub-characteristic can be applied in SOA by the fact that services should providethe correct response with the needed degree of precision. A service requests some information and a service provider is respon- sible to send the correct response. Service-oriented analysis (Erl, 2005), as mentioned in previous para- graph, is also very important to Functional correct- ness due to the relationship between what was re- quested by the customer and what the service offers as response.

Sub-characteristic Functional Appropriateness is

the degreetowhichthe functionsfacilitate theaccom- plishment of specied tasks and objectives. In the SOA context, services are designed to facilitate ac- complishment of specied tasks, more precisely, the execution of a business process. Services perform functions that can be simple requests for activities or complex business processes. Therefore, services can be of simple nature or composite (Papazoglou,2003).

Composite services are construct of the orchestration,&(,6WK,QWHUQDWLRQDO&RQIHUHQFHRQ(QWHUSULVH,QIRUPDWLRQ6\VWHPV

Table 1: Volunteers Opinion about importance of ISO 25010 for SOA - Likert Scale.

Volunteers OpinionStatistics

CharacteristicSub-characteristics#1#2#3#4#5#6#7AverageStand. Dev.

Functional Suitability

Functional completeness54553524.11.1

Functional correctness45544554.60.5

Functional appropriateness55544524.31.0

Performance efciency

Time behaviour55454524.31.0

Resource utilization35444544.10.6

Capacity15343513.11.6

CompatibilityCo-existence35353544.00.9

Interoperability55354554.60.7

Usability

Appropriateness recognizability52443413.31.3

Learnability52444433.70.9

Operability55424534.01.1

User error protection55443413.71.3

User interface aesthetics43423112.61.2

Accessibility42443112.71.3

Reliability

Maturity45444544.30.5

Availability55455554.90.3

Fault tolerance55454544.60.5

Recoverability55454554.70.5

Security

Condentiality55444554.60.5

Integrity55444554.60.5

Non-repudiation43444443.90.3

Accountability55444444.30.5

Authenticity55444554.60.5

Maintainability

Modularity55444554.60.5

Reusability55444554.60.5

Analyzability54425523.91.2

Modiability55444554.60.5

Testability55444554.60.5

Portability

Adaptability52324553.71.3

Installability41324553.41.4

Replaceability42343553.71.0

process, which allows services to be composed of other services to automating business processes.

3.2 Performance Efciency

Performance efciency characteristic can be applied in SOA applications to evaluate performanceof a ser- vice.

Sub-characteristic Time-behaviour analyzes the

response and processing times and throughput rates of a system, when performing its functions. Contex- tualizingfor SOA, we can say responsetime is related to time spent by services to process a request and re- turn a response. Generally, a service requests an in- formation for a providerapplication and then this ser- vice provides responses for a consumer application. Thus, it is possible to measure response and process- ing times and throughput rates of this transaction.

Sub-characteristic Resource Utilization addresses

the amounts and types of resources used by a prod- uct or system, when performing its functions. Gen-

erally, software should make a best use of resourcessuch as processor capacity, memory usage, disk ca-pacity and network bandwidth. With regard to SOA,service based applications interact with other systemsexchanging messages over the network. Therefore,we can consider that services use resources such asserver to access information of other applications.

Sub-characteristic Capacity means the degree to

which the maximum limits of a product or sys- tem parameter meet requirements. This quality sub- characteristic was vaguely dened by ISO. It is dif- cult to set the real meaning of this concept. We suppose that capacity can be the application ability to supportseveral accesses at the same time without per- formance variation. In this sense, capacity is related with availability of a service even with many access at the same time.

Performance efciency is an important quality

characteristic which must be constantly observed in

SOA applications. According to O'Brien (O'Brien

et al., 2007), performance is negatively affected in SOA. Therefore, the architecture should be carefully designed and evaluated prior to implementation to62$404XDOLW\0RGHOIRU62$$SSOLFDWLRQVEDVHGRQ,62 Table 2: ISO 25010 characteristics mapped to SOA quality characteristics. CharacteristicSub-characteristicsImportance for SOASOA Perspective

Functional Suitability

Functional completeness4.1Services must cover all the specied tasks and user objectives which were designed Functional correctness4.6Services should provide the correct results with the neededdegree of precision Functional appropriateness4.3Services are designed to facilitate accomplishment of specied tasks, more precisely, the execution of a business process.

Performance efciency

Time behaviour4.3Time spent by a service to process a request and return a response. Resource utilization4.1Services use resources such as servers to access information of other applications. Capacity3.1Service capacity can be dened as the ability to remain working even with large number of accesses at the same time. CompatibilityCo-existence4.0Different composite services can share the use of same service opera- tions. Interoperability4.6Services are interoperable. Services allow interaction between systems through the use of interfaces (WSDL) and communication protocols (SOAP).

Usability

Appropriateness recognizability3.3Users can recognize whether this service is appropriate fortheir needs

through service description that relate information such as service functionality and data types transmitted. Learnability3.7Degree to which a service can facilitate the understanding of its oper- ation. Operability4.0A service has a WSDL document that allows exchange messages be- tween services. User error protection3.7The WSDL structure of a service should not allow making errors from wrong inputs.

User interface aesthetics2.6Not the focus of SOA.

Accessibility2.7Not the focus of SOA.

Reliability

Maturity4.3Whenever a service consumer requests some information, it is ex- pected that a response is returned. Availability4.9Services must be available when they are requested. Fault tolerance4.6Services can create strategies that may be performed when a failure happens on some hardware or software. Recoverability4.7Service ability to recover data when occurs some interruption or fail- ure.

Security

Condentiality4.6Information shared by a service provider can be accessed only to an authorized service client. Integrity4.6Services must be developed to prevent unauthorized accessto, or mod- ication of private data. Non-repudiation3.9Service provider constructsstrategies to prove that aninformation have been delivered to a service consumer

Accountability4.3Service are autonomous.

Authenticity4.6The identity of the external service provider should be authenticated.

Maintainability

Modularity4.6Service provider hosts a network accessible software module.

Reusability4.6Services are reusable.

Analyzability3.9Analyze change impact when services need to be modied Modiability4.6Services are loosely coupled. This characteristic reducesthe depen- dency between services, increasing modiability. Testability4.6services can be tested, for instance, through automated tools for func- tional testing

Portability

Adaptability3.7Although webservicesrun remotelyon aserver,itcanhappenachange of platform. Installability3.4Although webservicesrun remotelyon aserver,itcanhappenachange of platform. Replaceability3.7Although webservicesrun remotelyon aserver,itcanhappenachange of platform. avoid performance pitfalls.

Service application performance depends on thecombined performance of cooperating componentsand their interactions. Beyond consumers and,&(,6WK,QWHUQDWLRQDO&RQIHUHQFHRQ(QWHUSULVH,QIRUPDWLRQ6\VWHPV

providers applications and the need to communicateover the network, services can be composed. Com-posite services allows services to be composed ofotherservices,insuchawaythelogicoftheprocessiscentralized by orchestration that enables extensibility(composition of new services). Thus, time behaviourdepends on several factors. To deal with so many fac-tors that can affect system performance, companiesneed constantly to monitor the health of their SOAapplications (Papazoglou et al., 2008).3.3 CompatibilitySub-characteristic Co-existence is concernedwith thedegree to which a product can perform its requiredfunctions efciently while sharing a common envi-ronment and resources with other products, withoutdetrimental impact on any other product. From theSOA perspective, co-existence concept can be re-dened/extended as follows. A composite servicematches a set of services that perform operations andtogether form a specic task. As a service can bereusedbyseveralcompositeservices, someeffortsareneeded to ensure what some authors have been calledservice conformance (Papazoglou et al., 2008). Ser-vice conformanceensuresthe integrityofa compositeservice matching its operations with those of its con-stituent component services, imposes semantic con-straints on the component services and ensures thatconstraints on data exchangedby component servicesare satised. This meansthe co-existenceconceptcanbe extended to SOA due to different composite ser-vices that share the use of same service operations.

Sub-characteristic Interoperability refers to the

degree to which two or more systems can exchange information and use the information that has been exchanged. Services are interoperable (Papazoglou et al., 2008). SOA utilizes services to construct an application that allows exchanging messages through networking protocol. This means services are inter- operable and they allow interaction between systems throughtheuse ofinterface(WSDL)andcommunica- tion protocols (SOAP). To allow increased interoper- ability is the most prominentbenetof SOA (O'Brien et al., 2007).

3.4 Usability

Within the SOA context, usability is a measure of the mation or services. Usability as a concept has been rarely addressed in the context of SOA. Few studies havebeenpublishedaddressingthis issue (Liu, 2009).

One research named this issue as service oriented us-ability (Liu, 2009), suggesting that some proceduresmay increase usability of services, such as develop-ment of diagrams for service and denition of life cy-cle and lifetime of services.

Sub-characteristic Appropriateness recognizabil-

ity refers to the degree to which users can recog- nize whether a system is appropriate for their needs. In this sense, it is important to have access to some description that relate the service operations. Rela- tionship between services is based on an understand- ing that for the services to interact, they must be aware of each other and this awareness is achieved through the use of service descriptions (Erl, 2005). A service description establishes the name and loca- tion of the service, and data exchange requirements. SOA uses a standard format for service description known as WSDL (Web Services Description Lan- guage) (WSDL, 2014). Therefore, sub-characteristic

Appropriateness recognizability can be applied in

SOA because service description relates service func- tionality and data types transmitted, and so users can recognize whether this service is appropriate for their needs. gree to which a system can be used by specied users to achieve specied goals of learning to use the sys- tem in an easy way. From the SOA perspective, this sub-characteristic refers to the degree to which a ser- vice can facilitate the understanding of its operation. Sub-characteristic Operability refers to the degree to which a product or system has attributes that make it easy to operate and control. A service has a WSDL document that allows exchanging messages between services. These messages are transmitted through a standard protocol called SOAP (Simple Object Ac- cess Protocol) (SOAP, 2014). The standards dened for SOA make it easy to develop, operate and control services. Sub-characteristic User error protection is related to the degree to which a system protects users against making errors. Within the SOA context, this qual- ity sub-characteristics may be appropriate to SOA by the fact that a service has a description document (WSDL) and its structure should not allow different inputs from the specied ones. Sub-characteristic User interface aesthetics refers to the degree to which a user interface enables pleas- ing and satisfying interaction for the user. User in- terface aesthetics or graphical interface is not the fo- cus of SOA. Researches in SOA are hardly concerned with this sub-characteristic. Probably, the reason is attributed to the fact that there it is research in other areas such as human computer interaction that can be leveraged to SOA applications.62$404XDOLW\0RGHOIRU62$$SSOLFDWLRQVEDVHGRQ,62 Sub-characteristic Accessibility is related to the degree to which a product or system can be used by people with the widest range of characteristics and capabilities to achieve a specied goal in a specied context of use. Accessibility is not very important to services because this issue is not the focus of SOA knowledge and research.

3.5 Reliability

Sub-characteristic Maturity is related to the degree to which a system meets needs for reliability under nor- mal operation. Clearly, maturity can be applied in

SOA because whenever a service consumer requests

some information it is expected that a response is re- turned. Therefore, Maturity is a very important sub- characteristic that can be addressed in SOA applica- tions to maintain quality. Availability is a very important sub-characteristic in SOA applications. Availability consists in dening the degree to which a system, product or component is operational and accessible when required for use. This concept can be associated with SOA by the fact that a service provider must be available when a ser- vice consumer requests some information. Downtime could affect the provider's nances and reputation. According to O'Brien (O'Brien et al., 2007), exter- nal serviceprovidersusuallyagreetoprovideservices under a service level agreement (SLA), which denes the contract for the provision of the service with de- tails such as who provides the service, the guaranteed availability of the service, the escalation process, and the penalties to the provider if a service level is not met. gree to which a system operates as intended despite the presence of hardware or software faults. From the SOA perspective, fault tolerance can be applied in SOA applications as meaning that strategies must be performed when a failure happens on some hardware or software. This ability is not SOA native and should be designed and implemented by SOA developers. Sub-characteristic Recoverability is related to the degree to which, in the event of an interruption or a failure, a product or system can recover data directly affected and re-establish the desired state of the sys- tem. This quality sub-characteristic can be adjusted to SOA as regards the service ability to recover data when any interruption or failure occurs. Auto recov- ery tools have been developed to provide the func- tionality of recover the faulted instances and Invoke and Callback messages during business process exe-

cution.3.6 SecurityServices are designed to limit information in theservice contract to what is really necessary for theservice to be functionally useful to consumers (Erl,2007). Information beyond that is published in a ser-vice contract, is considered private, and should notbe made available for creating potential consumers ofservice.

Condentiality is the degree to which a system

ensures data are accessible only to those authorized to have access. This quality sub-characteristic mustquotesdbs_dbs14.pdfusesText_20

[PDF] iso 9126 pdf

[PDF] iso abréviation

[PDF] iso budget définition

[PDF] iso dis 9001 2015

[PDF] iso square

[PDF] iso/cei 14598

[PDF] iso/dis 22000

[PDF] iso/iec 25010:2011 pdf

[PDF] iso/tc 176 pdf

[PDF] iso/tc 176/sc 2 pdf

[PDF] iso26000

[PDF] isobarycentre quadrilatere

[PDF] isocout

[PDF] isocout définition

[PDF] isolationnisme