The academic site of Saverio Giallorenzo
Assistant Professor at Università di Bologna
Department of Computer Science and Engineering

Publications

2024
Giallorenzo, S., Montesi, F., & Peressotti, M. (2024). Choral: Object-oriented Choreographic Programming. ACM Trans. Program. Lang. Syst., 46(1).
Abstract

Choreographies are coordination plans for concurrent and distributed systems, which define the roles of the involved participants and how they are supposed to work together. In the paradigm of choreographic programming, choreographies are programs that can be compiled into executable implementations. In this article, we present Choral, the first choreographic programming language based on mainstream abstractions. The key idea in Choral is a new notion of data type, which allows for expressing that data is distributed over different roles. We use this idea to reconstruct the paradigm of choreographic programming through object-oriented abstractions. Choreographies are classes, and instances of choreographies are objects with states and behaviours implemented collaboratively by roles. Choral comes with a compiler that, given a choreography, generates an implementation for each of its roles. These implementations are libraries in pure Java, whose types are under the control of the Choral programmer. Developers can then modularly compose these libraries in their programs, to participate correctly in choreographies. Choral is the first incarnation of choreographic programming offering such modularity, which finally connects more than a decade of research on the paradigm to practical software development. The integration of choreographic and object-oriented programming yields other powerful advantages, where the features of one paradigm benefit the other in ways that go beyond the sum of the parts. On the one hand, the high-level abstractions and static checks from the world of choreographies can be used to write concurrent and distributed object-oriented software more concisely and correctly. On the other hand, we obtain a much more expressive choreographic language from object-oriented abstractions than in previous work. This expressivity allows for writing more reusable and flexible choreographies. For example, object passing makes Choral the first higher-order choreographic programming language, whereby choreographies can be parameterised over other choreographies without any need for central coordination. We also extend method overloading to a new dimension: specialisation based on data location. Together with subtyping and generics, this allows Choral to elegantly support user-defined communication mechanisms and middleware.

@article{GMP24,
  author = {Giallorenzo, Saverio and Montesi, Fabrizio and Peressotti, Marco},
  title = {Choral: Object-oriented Choreographic Programming},
  year = {2024},
  issue_date = {March 2024},
  publisher = {Association for Computing Machinery},
  address = {New York, NY, USA},
  volume = {46},
  number = {1},
  issn = {0164-0925},
  doi = {10.1145/3632398},
  journal = {ACM Trans. Program. Lang. Syst.},
  month = {jan},
  articleno = {1},
  numpages = {59},
  keywords = {higher-kinded types, communication, Choreographies}
}
Berardi, D., Giallorenzo, S., Melis, A., Melloni, S., & Prandini, M. (2024). Ranflood: A mitigation tool based on the principles of data flooding against ransomware. SoftwareX, 25, 101605.
Abstract

Crypto-ransomware aims at extorting money from users by encrypting their files and asking them to pay for the decryption key. We present Ranflood; a configurable drop-in solution that contrasts ransomware attacks with a deluge of decoy files at specific locations (e.g., sensitive folders of the user, the attack site), deceiving the attacker into encrypting sacrificial files. Ranflood further slows down the attack by contending with the malware access to IO and computation resources of the targeted machine. The aim is to buy time for the defence team to take action (e.g., manually shutting down an unresponsive machine). We show how the extensibility and modularity of Ranflood’s software architecture (1) can accommodate a wide spectrum of flooding strategies, easing the process of improving its effectiveness also against future ransomware families and (2) strive to maximise the tool’s efficiency by exploiting the highest level of parallelism afforded by the attacked machine.

@article{BGAMP2024,
  title   = {Ranflood: A mitigation tool based on the principles of data flooding against ransomware},
  author  = {Davide Berardi and Saverio Giallorenzo and Andrea Melis and Simone Melloni and Marco Prandini},
  journal = {SoftwareX},
  volume  = {25},
  pages   = {101605},
  year    = {2024},
  issn    = {2352-7110},
  doi     = {https://doi.org/10.1016/j.softx.2023.101605}
}
Bacchiani, L., Bravetti, M., Giallorenzo, S., Mauro, J., & Zavattaro, G. (2024). Integrated Timed Architectural Modeling/Execution Language. In F. S. de Boer, F. Damiani, R. Hähnle, E. B. Johnsen, & E. Kamburjan (Eds.), Active Object Languages: Current Research Trends (pp. 169–198). Springer.
Abstract

We discuss an integrated approach for the design, specification, automatic deployment and simulation of microservice-based applications based on the ABS language. In particular, the integration of architectural modeling inspired by TOSCA (component types/port dependencies/architectural invariants) into the ABS language (static and dynamic aspects of ABS, including component properties, e.g., speed, and their use in timed/probabilistic simulations) via dedicated annotations. This is realized by the integration of the ABS toolchain with a dedicated tool, called Timed SmartDepl. Such a tool, at ABS code compile time, solves (starting from the provided architectural specification) the optimal deployment problem and produces ABS deployment orchestrations to be used in the context of timed simulations. Moreover, the potentialities and the expressive power of this approach are confirmed by further integration with external tools, e.g.: the Zephyrus tool, used by Timed SmartDepl to solve the optimal deployment problem via constraint solving, and a machine learning-based predictive module, that generates in advance data to be used in a timed ABS simulation exploiting such predicted data (e.g., simulating the usage, during the day, of predicted data generated during the preceding night).

@incollection{BBGMZ24,
  author       = {Lorenzo Bacchiani and
                  Mario Bravetti and
                  Saverio Giallorenzo and
                  Jacopo Mauro and
                  Gianluigi Zavattaro},
  editor       = {Frank S. de Boer and
                  Ferruccio Damiani and
                  Reiner H{\"{a}}hnle and
                  Einar Broch Johnsen and
                  Eduard Kamburjan},
  title        = {Integrated Timed Architectural Modeling/Execution Language},
  booktitle    = {Active Object Languages: Current Research Trends},
  series       = {Lecture Notes in Computer Science},
  volume       = {14360},
  pages        = {169--198},
  publisher    = {Springer},
  year         = {2024},
  doi          = {10.1007/978-3-031-51060-1\_7}
}
2023
De Palma, G., Giallorenzo, S., Mauro, J., Trentin, M., & Zavattaro, G. (2023). Formally Verifying Function Scheduling Properties in Serverless Applications. IT Professional, 25(06), 94–99.
Abstract

Function as a service (FaaS) is a serverless cloud execution model offering cost-efficiency, scalability, and simplified development by enabling developers to focus on code and delegate server management and application scaling to the serverless platform. Early FaaS implementations provided no control to users over function placement, but raising data locality-bound scenarios motivated new implementations with user-defined constraints over function allocations, e.g., to keep functions accessing a database close to the latter, with the aim of reducing latency, enhancing security, or complying with regulations. In this article, we show how, by leveraging the Allocation Priority Policies language—used for controlling function scheduling—and state-of-the-art planning tools, it is possible to enforce security properties and data-locality constraints, thereby guiding the definition of fine-grained serverless scheduling policies.

@article{DGMTZ23,
  author = {Giuseppe {De Palma} and Saverio Giallorenzo and Jacopo Mauro and Matteo Trentin and Gianluigi Zavattaro},
  journal = {IT Professional},
  title = {Formally Verifying Function Scheduling Properties in Serverless Applications},
  month = {nov},
  year = {2023},
  volume = {25},
  number = {06},
  issn = {1941-045X},
  pages = {94-99},
  doi = {10.1109/MITP.2023.3333071},
  publisher = {IEEE Computer Society},
  address = {Los Alamitos, CA, USA}
}
De Palma, G., Giallorenzo, S., Mauro, J., Trentin, M., & Zavattaro, G. (2023). Custom Serverless Function Scheduling Policies: An APP Tutorial. In G. Dorai, M. Gabbrielli, G. Manzonetto, A. Osmani, M. Prandini, G. Zavattaro, & O. Zimmermann (Eds.), Joint Post-proceedings of the Third and Fourth International Conference on Microservices (Microservices 2020/2022) (pp. 5:1–5:16). Dagstuhl, Germany: Schloss Dagstuhl – Leibniz-Zentrum für Informatik.
Abstract

State-of-the-art serverless platforms use hard-coded scheduling policies that hardly accommodate users in implementing functional or performance-related scheduling logic of their functions, e.g., preserving the execution of critical functions within some geographical boundaries or minimising data-access latencies. We addressed this problem by introducing {APP}: a declarative language for defining per-function scheduling policies which we also implemented as an extension of the open-source OpenWhisk serverless platform. Here, we present a gentle introduction to {APP} through an illustrative application developed over several incremental steps.

@InProceedings{DGMTZ23,
  author    = {De Palma, Giuseppe and Giallorenzo, Saverio and Mauro, Jacopo and Trentin, Matteo and Zavattaro, Gianluigi},
  title     = {{Custom Serverless Function Scheduling Policies: An APP Tutorial}},
  booktitle = {Joint Post-proceedings of the Third and Fourth International Conference on Microservices (Microservices 2020/2022)},
  pages     =	{5:1--5:16},
  series    =	{Open Access Series in Informatics (OASIcs)},
  ISBN      = {978-3-95977-306-5},
  ISSN      = {2190-6807},
  year      = {2023},
  volume    =	{111},
  editor    = {Dorai, Gokila and Gabbrielli, Maurizio and Manzonetto, Giulio and Osmani, Aomar and Prandini, Marco and Zavattaro, Gianluigi and Zimmermann, Olaf},
  publisher = {Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address   = {Dagstuhl, Germany},
  doi       = {10.4230/OASIcs.Microservices.2020-2022.5}
}
Giallorenzo, S., Montesi, F., Peressotti, M., & Rademacher, F. (2023). Model-Driven Code Generation for Microservices: Service Models. In G. Dorai, M. Gabbrielli, G. Manzonetto, A. Osmani, M. Prandini, G. Zavattaro, & O. Zimmermann (Eds.), Joint Post-proceedings of the Third and Fourth International Conference on Microservices (Microservices 2020/2022) (pp. 6:1–6:17). Dagstuhl, Germany: Schloss Dagstuhl – Leibniz-Zentrum für Informatik.
Abstract

We formally define and implement a translation of domain and service models expressed in the LEMMA modelling ecosystem for microservice architectures to source code in the Jolie microservice programming language. Specifically, our work extends previous efforts on the generation of Jolie code to the inclusion of the LEMMA service modelling layer. We also contribute an implementation of our translation, given as an extension of the LEMMA2Jolie tool, which enables the practical application of our encoding. As a result, LEMMA2Jolie now supports a software development process whereby microservice architectures can first be designed by microservice developers in collaboration with domain experts in LEMMA, and then be automatically translated into Jolie APIs. Our tool can thus be used to enhance productivity and improve design adherence.

@InProceedings{GMPR23,
  author    = {Giallorenzo, Saverio and Montesi, Fabrizio and Peressotti, Marco and Rademacher, Florian},
  title     = {{Model-Driven Code Generation for Microservices: Service Models}},
  booktitle = {Joint Post-proceedings of the Third and Fourth International Conference on Microservices (Microservices 2020/2022)},
  pages     = {6:1--6:17},
  series    = {Open Access Series in Informatics (OASIcs)},
  ISBN      = {978-3-95977-306-5},
  ISSN      = {2190-6807},
  year      = {2023},
  volume    = {111},
  editor    = {Dorai, Gokila and Gabbrielli, Maurizio and Manzonetto, Giulio and Osmani, Aomar and Prandini, Marco and Zavattaro, Gianluigi and Zimmermann, Olaf},
  publisher = {Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address   = {Dagstuhl, Germany},
  URN       = {urn:nbn:de:0030-drops-194688},
  doi       = {10.4230/OASIcs.Microservices.2020-2022.6}
}
Gabbrielli, M., Martini, S., & Giallorenzo, S. (2023). Programming Languages: Principles and Paradigms, Second Edition. Springer.
Abstract

This textbook is a thorough, up-to-date introduction to the principles and techniques that guide the design and implementation of modern programming languages.

The goal of the book is to provide the basis for a critical understanding of most modern programming languages. Thus, rather than focusing on a specific language, the book identifies the most important principles shared by large classes of languages. The notion of ‘abstract machine’ is a unifying concept that helps to maintain an accurate and elementary treatment. The book introduces, analyses in depth, and compares the imperative, object-oriented, functional, logic, concurrent, constraint-based, and service-oriented programming paradigms. All material coming from the first English edition has been updated and extended, clarifying some tricky points, and discussing newer programming languages. This second edition contains new chapters dedicated to constraint, concurrent, and service-oriented programming.

Topics and features:

Requires familiarity with one programming language is a prerequisite Provides a chapter on history offering context for most of the constructs in use today

  • Presents an elementary account of semantical approaches and of computability
  • Introduces new examples in modern programming languages like Python or Scala
  • Offers a chapter that opens a perspective on applications in artificial intelligence Conceived as a university textbook, this unique volume will also be suitable for IT specialists who want to deepen their knowledge of the mechanisms behind the languages they use. The choice of themes and the presentation style are largely influenced by the experience of teaching the content as part of a bachelor’s degree in computer science.
@book{GMG23,
  author    = {Maurizio Gabbrielli and Simone Martini and Saverio Giallorenzo},
  title     = {Programming Languages: Principles and Paradigms, Second Edition},
  series    = {Undergraduate Topics in Computer Science},
  publisher = {Springer},
  year      = {2023},
  doi       = {10.1007/978-3-031-34144-1},
  isbn      = {978-3-031-34143-4}
}
De Palma, G., Giallorenzo, S., Trentin, M., & Vjerdha, G. (2023). A Framework for Bridging the Gap between Monolithic and Serverless Programming. Best Student Paper Award.
Abstract

The serverless paradigm offers benefits such as time savings and cost efficiency by delegating resource allocation and scaling to the platform. However, as the number of functions and interactions grows, the complexity of reasoning about the implementation correctness increases. Traditional monolithic development provides a more linear and simpler programming experience, with established best practices and tools for various development phases. From this observation, we propose Fenrir, an open-source programming framework for programming serverless applications managed as a monolithic codebase. Developers write applications in a monolithic style and then annotate specific parts that should be deployed as separate serverless functions, along with their corresponding call events. The Fenrir compiler uses these annotations to generate a correct-by-construction deployable serverless codebase that adheres to the source program’s execution semantics. This approach enables quick development and testing cycles, ensuring that the serverless application behaves as intended. We outline the main features of the Fenrir framework, including its annotation constructors and compilation pipeline, and briefly illustrate how Fenrir works with examples.

@unpublished{DGVT23,
  author = {Giuseppe {De Palma} and Saverio Giallorenzo and Matteo Trentin and Gejsi Vjerdha},
  note   = {Presented at 4th International Conference on Microservices, Microservices 2023, Pisa, Italy, 10--11 October 2023},
  title  = {A Framework for Bridging the Gap between Monolithic and Serverless Programming},
  year   = {2023}
}
Palma, G. D., Giallorenzo, S., Laneve, C., Mauro, J., Trentin, M., & Zavattaro, G. (2023). Serverless Scheduling Policies based on Cost Analysis. In M. H. ter Beek & C. Dubslaff (Eds.), Proceedings of the First Workshop on Trends in Configurable Systems Analysis, TiCSA@ETAPS 2023, Paris, France, 23rd April 2023 (pp. 40–52).
Abstract

Current proprietary and open-source serverless platforms follow opinionated, hardcoded scheduling policies to deploy the functions to be executed over the available workers. Such policies may decrease the performance and the security of the application due to locality issues (e.g., functions executed by workers far from the databases to be accessed). These limitations are partially overcome by the adoption of APP, a new platform-agnostic declarative language that allows serverless platforms to support multiple scheduling logics. Defining the “right” scheduling policy in APP is far from being a trivial task since it often requires rounds of refinement involving knowledge of the underlying infrastructure, guesswork, and empirical testing. In this paper, we start investigating how information derived from static analysis could be incorporated into APP scheduling function policies to help users select the best-performing workers at function allocation. We substantiate our proposal by presenting a pipeline able to extract cost equations from functions’ code, synthesising cost expressions through the usage of off-the-shelf solvers, and extending APP allocation policies to consider this information.

@inproceedings{DGLMTZ23,
  author    = {Giuseppe De Palma and Saverio Giallorenzo and Cosimo Laneve and Jacopo Mauro and Matteo Trentin and Gianluigi Zavattaro},
  editor    = {Maurice H. ter Beek and Clemens Dubslaff},
  title     = {Serverless Scheduling Policies based on Cost Analysis},
  booktitle = {Proceedings of the First Workshop on Trends in Configurable Systems
                  Analysis, TiCSA@ETAPS 2023, Paris, France, 23rd April 2023},
  series    = {{EPTCS}},
  volume    = {392},
  pages     = {40--52},
  year      = {2023},
  doi       = {10.4204/EPTCS.392.3}
}
Berardi, D., Giallorenzo, S., Melis, A., Melloni, S., Onori, L., & Prandini, M. (2023). Data Flooding against Ransomware: Concepts and Implementations. Computers & Security, 103295.
Abstract

Ransomware is one of the most infamous kinds of malware, particularly the “crypto” subclass, which encrypts users’ files, asking for some monetary ransom in exchange for the decryption key. Recently, crypto-ransomware grew into a scourge for enterprises and governmental institutions. The most recent and impactful cases include an oil company in the US, an international Danish shipping company, and many hospitals and health departments in Europe. Attacks result in production lockdowns, shipping delays, and even risks to human lives. To contrast ransomware attacks (crypto, in particular), we propose a family of solutions, called Data Flooding against Ransomware, tackling the main phases of detection, mitigation, and restoration, based on a mix of honeypots, resource contention, and moving target defence. These solutions hinge on detecting and contrasting the action of ransomware by flooding specific locations (e.g., the attack location, sensible folders, etc.) of the victim’s disk with files. Besides the abstract definition of this family of solutions, we present an open-source tool that implements the mitigation and restoration phases, called Ranflood. In particular, Ranflood supports three flooding strategies, apt for different attack scenarios. At its core, Ranflood buys time for the user to counteract the attack, e.g., to access an unresponsive, attacked server and shut it down manually. We benchmark the efficacy of Ranflood by performing a thorough evaluation over 6 crypto-ransomware (e.g., WannaCry, LockBit) for a total of 78 different attack scenarios, showing that Ranflood consistently lowers the amount of files lost to encryption.

@article{BGMMOP23,
  title   = {Data Flooding against Ransomware: Concepts and Implementations},
  author  = {Davide Berardi and Saverio Giallorenzo and Andrea Melis and Simone Melloni and Loris Onori and Marco Prandini},
  journal = {Computers & Security},
  pages   = {103295},
  year    = {2023},
  issn    = {0167-4048},
  doi     = {https://doi.org/10.1016/j.cose.2023.103295},
}
Giallorenzo, S., Montesi, F., Peressotti, M., & Rademacher, F. (2023). LEMMA2Jolie: A tool to generate microservice APIs from domain models. Sci. Comput. Program., 228, 102956.
Abstract

We introduce LEMMA2Jolie, a tool for translating domain models of microservice architectures given in LEMMA into concrete APIs of microservices in the Jolie programming language. Our tool combines the state of the art for the design and implementation of microservices: developers can use Domain-Driven Design (DDD) for the construction of the domain models of a microservice architecture, and then automatically transition to a service-oriented programming language that provides native linguistic support for implementing the behaviour of each microservice.

@article{GMPR23,
  author  = {Saverio Giallorenzo and Fabrizio Montesi and Marco Peressotti and Florian Rademacher},
  title   = {LEMMA2Jolie: {A} tool to generate microservice APIs from domain models},
  journal = {Sci. Comput. Program.},
  volume  = {228},
  pages   = {102956},
  year    = {2023},
  doi     = {10.1016/j.scico.2023.102956}
}
Giallorenzo, S., Montesi, F., Peressotti, M., Rademacher, F., & Unwerawattana, N. (2023). JoT: A Jolie Framework for Testing Microservices. In S.-S. Jongmans & A. Lopes (Eds.), Coordination Models and Languages - 25th IFIP WG 6.1 International Conference, COORDINATION 2023, Held as Part of the 18th International Federated Conference on Distributed Computing Techniques, DisCoTec 2023, Lisbon, Portugal, June 19-23, 2023, Proceedings (pp. 172–191). Springer. Best Artefact Award.
Abstract

We present JoT, a testing framework for Microservice Architectures (MSAs) based on technology agnosticism, a core principle of microservices. The main advantage of JoT is that it reduces the amount of work for a) testing for MSAs whose services use different technology stacks, b) writing tests that involve multiple services, and c) reusing tests of the same MSA under different deployment configurations or after changing some of its components (e.g., when, for performance, one reimplements a service with a different technology). In JoT, tests are orchestrators that can both consume or offer operations from/to the MSA under test. The language for writing JoT tests is Jolie, which provides constructs that support technology agnosticism and the definition of terse test behaviours. We present the methodology we envision for testing MSAs with JoT and we validate it by implementing non-trivial test scenarios taken from a reference MSA from the literature (Lakeside Mutual).

@inproceedings{GMPRU23,
  author    = {Saverio Giallorenzo and Fabrizio Montesi and Marco Peressotti and Florian Rademacher and Narongrit Unwerawattana},
  editor    = {Sung{-}Shik Jongmans and Ant{\'{o}}nia Lopes},
  title     = {JoT: {A} Jolie Framework for Testing Microservices},
  booktitle = {Coordination Models and Languages - 25th {IFIP} {WG} 6.1 International
                  Conference, {COORDINATION} 2023, Held as Part of the 18th International
                  Federated Conference on Distributed Computing Techniques, DisCoTec
                  2023, Lisbon, Portugal, June 19-23, 2023, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {13908},
  pages     = {172--191},
  publisher = {Springer},
  year      = {2023},
  doi       = {10.1007/978-3-031-35361-1\_10}
}
2022
Bacchiani, L., Bravetti, M., Gabbrielli, M., Giallorenzo, S., Zavattaro, G., & Zingaro, S. P. (2022). Proactive-Reactive Global Scaling, with Analytics. In J. Troya, B. Medjahed, M. Piattini, L. Yao, P. Fernández, & A. Ruiz-Cortés (Eds.), Service-Oriented Computing - 20th International Conference, ICSOC 2022, Seville, Spain, November 29 - December 2, 2022, Proceedings (pp. 237–254). Springer.
Abstract

In this work, we focus on by-design global scaling, a technique that, given a functional specification of a microservice architecture, orchestrates the scaling of all its components, avoiding cascading slowdowns typical of uncoordinated, mainstream autoscaling. State-of-the-art by-design global scaling adopts a reactive approach to traffic fluctuations, undergoing inefficiencies due to the reaction overhead. Here, we tackle this problem by proposing a proactive version of by-design global scaling able to anticipate future scaling actions. We provide four contributions in this direction: i) a platform able to host both reactive and proactive global scaling; ii) a proactive implementation based on data analytics; iii) a hybrid solution that mixes reactive and proactive scaling; iv) use cases and empirical benchmarks, obtained through our platform, that compare reactive, proactive, and hybrid global scaling performance. From our comparison, proactive global scaling consistently outperforms reactive, while the hybrid solution is the best-performing one.

@inproceedings{BBGGZZ22,
  author    = {Lorenzo Bacchiani and Mario Bravetti and Maurizio Gabbrielli and Saverio Giallorenzo and Gianluigi Zavattaro and Stefano Pio Zingaro},
  editor    = {Javier Troya and Brahim Medjahed and Mario Piattini and Lina Yao and Pablo Fern{\'{a}}ndez and Antonio Ruiz{-}Cort{\'{e}}s},
  title     = {Proactive-Reactive Global Scaling, with Analytics},
  booktitle = {Service-Oriented Computing - 20th International Conference, {ICSOC}
              2022, Seville, Spain, November 29 - December 2, 2022, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {13740},
  pages     = {237--254},
  publisher = {Springer},
  year      = {2022},
  doi       = {10.1007/978-3-031-20984-0\_16}
}
Giallorenzo, S., Montesi, F., Safina, L., & Zingaro, S. P. (2022). Ephemeral data handling in microservices with Tquery. PeerJ Comput. Sci., 8, e1037.
Abstract

The adoption of edge and fog systems, along with the introduction of privacy-preserving regulations, compel the usage of tools for expressing complex data queries in an ephemeral way. That is, queried data should not persist. Database engines partially address this need, as they provide domain-specific languages for querying data. Unfortunately, using a database in an ephemeral setting has inessential issues related to throughput bottlenecks, scalability, dependency management, and security (e.g., query injection). Moreover, databases can impose specific data structures and data formats, which can hinder the development of microservice architectures that integrate heterogeneous systems and handle semi-structured data. In this article, we present Jolie/Tquery, the first query framework designed for ephemeral data handling in microservices. Jolie/Tquery joins the benefits of a technology-agnostic, microservice-oriented programming language, Jolie, and of one of the most widely-used query languages for semi-structured data in microservices, the MongoDB aggregation framework. To make Jolie/Tquery reliable for the users, we follow a cleanroom software engineering process. First, we define Tquery, a theory for querying semi-structured data compatible with Jolie and inspired by a consistent variant of the key operators of the MongoDB aggregation framework. Then, we describe how we implemented Jolie/Tquery following Tquery and how the Jolie type system naturally captures the syntax of Tquery and helps to preserve its invariants. To both illustrate Tquery and Jolie/Tquery, we present the use case of a medical algorithm and build our way to a microservice that implements it using Jolie/Tquery. Finally, we report microbenchmarks that validate the expectation that, in the ephemeral case, using Jolie/Tquery outperforms using an external database (MongoDB, specifically).

@article{GMSZ22,
  author    = {Saverio Giallorenzo and Fabrizio Montesi and Larisa Safina and Stefano Pio Zingaro},
  title     = {Ephemeral data handling in microservices with Tquery},
  journal   = {PeerJ Comput. Sci.},
  volume    = {8},
  pages     = {e1037},
  year      = {2022},
  doi       = {10.7717/peerj-cs.1037},
}
De Palma, G., Giallorenzo, S., Mauro, J., Trentin, M., & Zavattaro, G. (2022). A Declarative Approach to Topology-Aware Serverless Function-Execution Scheduling. In C. A. Ardagna, N. L. Atukorala, B. Benatallah, A. Bouguettaya, F. Casati, C. K. Chang, … J. Zhang (Eds.), IEEE International Conference on Web Services, ICWS 2022, Barcelona, Spain, July 10-16, 2022 (pp. 337–342). IEEE.
Abstract

State-of-the-art serverless platforms use hard-coded scheduling policies that are unaware of the possible topological constraints of functions. Considering these constraints when scheduling functions leads to sensible performance improvements, e.g., minimising loading times or data-access latencies. This issue becomes more pressing when considered in the emerging multi-cloud and edge-cloud-continuum systems, where only specific nodes can access specialised, local resources. To address this problem, we present a declarative language for defining serverless scheduling policies to express constraints on topologies of schedulers and execution nodes. We implement our approach as an extension of the OpenWhisk platform.

@inproceedings{DGMTZ22,
  author    = {Giuseppe {De Palma} and Saverio Giallorenzo and Jacopo Mauro and Matteo Trentin and Gianluigi Zavattaro},
  editor    = {Claudio Agostino Ardagna and Nimanthi L. Atukorala and Boualem Benatallah and Athman Bouguettaya and Fabio Casati and Carl K. Chang and Rong N. Chang and Ernesto Damiani and Chirine Ghedira Guegan and Robert Ward and Fatos Xhafa and Xiaofei Xu and Jia Zhang},
  title     = {A Declarative Approach to Topology-Aware Serverless Function-Execution Scheduling},
  booktitle = {{IEEE} International Conference on Web Services, {ICWS} 2022, Barcelona,
              Spain, July 10-16, 2022},
  pages     = {337--342},
  publisher = {{IEEE}},
  year      = {2022},
  doi       = {10.1109/ICWS55610.2022.00056},
}
Additional Material:
Giallorenzo, S., Montesi, F., Peressotti, M., & Rademacher, F. (2022). Model-Driven Generation of Microservice Interfaces: From LEMMA Domain Models to Jolie APIs. In M. H. ter Beek & M. Sirjani (Eds.), Coordination Models and Languages - 24th IFIP WG 6.1 International Conference, COORDINATION 2022, Held as Part of the 17th International Federated Conference on Distributed Computing Techniques, DisCoTec 2022, Lucca, Italy, June 13-17, 2022, Proceedings (pp. 223–240). Springer.
Abstract

We formally define and implement a translation from domain models in the LEMMA modelling framework to microservice APIs in the Jolie programming language. Our tool enables a software development process whereby microservice architectures can first be designed with the leading method of Domain-Driven Design, and then corresponding data types and service interfaces (APIs) in Jolie are automatically generated. Developers can extend and use these APIs as guides in order to produce compliant implementations. Our tool thus contributes to enhancing productivity and improving the design adherence of microservices.

@inproceedings{GMPR22,
  author    = {Saverio Giallorenzo and Fabrizio Montesi and Marco Peressotti and Florian Rademacher},
  editor    = {Maurice H. ter Beek and Marjan Sirjani},
  title     = {Model-Driven Generation of Microservice Interfaces: From {LEMMA} Domain
              Models to Jolie APIs},
  booktitle = {Coordination Models and Languages - 24th {IFIP} {WG} 6.1 International
              Conference, {COORDINATION} 2022, Held as Part of the 17th International
              Federated Conference on Distributed Computing Techniques, DisCoTec
              2022, Lucca, Italy, June 13-17, 2022, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {13271},
  pages     = {223--240},
  publisher = {Springer},
  year      = {2022},
  doi       = {10.1007/978-3-031-08143-9\_13},
}
Dalela, A., Giallorenzo, S., Kulyk, O., Mauro, J., & Paja, E. (2022). A Study on Security and Privacy Practices in Danish Companies. Usable Security and Privacy (USEC) Symposium 2022 - NDSS 2022 Workshops, San Diego, USA, April 28, 2022.
Abstract

Increased levels of digitalization in society expose companies to new security threats, requiring them to establish adequate security and privacy measures. Additionally, the presence of exogenous forces like new regulations, e.g., GDPR and the global COVID-19 pandemic, pose new challenges for companies that should preserve an adequate level of security while having to adapt to change. In this paper, we investigate such challenges through a two-phase study in companies located in Denmark—a country characterized by a high level of digitalization—focusing on software development and tech-related companies. Our results show a number of issues, most notably i) a misalignment between software developers and management when it comes to the implementation of security and privacy measures, ii) difficulties in adapting company practices in light of implementing GDPR compliance, and iii) different views on the need to adapt security measures to cope with the COVID-19 pandemic.

@inproceedings{DGKMP22,
  author    = {Asmita Dalela and Saverio Giallorenzo and Oksana Kulyk and Jacopo Mauro and Elda Paja},
  title     = {A Study on Security and Privacy Practices in Danish Companies},
  booktitle = {Usable Security and Privacy ({USEC}) Symposium 2022 - {NDSS} 2022 Workshops, San Diego, USA, April 28, 2022},
  year      = {2022},
}
Berardi, D., Giallorenzo, S., Mauro, J., Melis, A., Montesi, F., & Prandini, M. (2022). Microservice security: a systematic literature review. PeerJ Comput. Sci., 8, e779.
Abstract

Microservices is an emerging paradigm for developing distributed systems. With their widespread adoption, more and more work investigated the relation between microservices and security. Alas, the literature on this subject does not form a well-defined corpus: it is spread over many venues and composed of contributions mainly addressing specific scenarios or needs. In this work, we conduct a systematic review of the field, gathering 290 relevant publications—at the time of writing, the largest curated dataset on the topic. We analyse our dataset along two lines: (a) quantitatively, through publication metadata, which allows us to chart publication outlets, communities, approaches, and tackled issues; (b) qualitatively, through 20 research questions used to provide an aggregated overview of the literature and to spot gaps left open. We summarise our analyses in the conclusion in the form of a call for action to address the main open challenges.

@article{BGMMMP22,
  author    = {Davide Berardi and Saverio Giallorenzo and Jacopo Mauro and Andrea Melis and Fabrizio Montesi and Marco Prandini},
  title     = {Microservice security: a systematic literature review},
  journal   = {PeerJ Comput. Sci.},
  volume    = {8},
  pages     = {e779},
  year      = {2022},
  doi       = {10.7717/peerj-cs.779}
}
2021
Giallorenzo, S., Mauro, J., Poulsen, M. G., & Siroky, F. (2021). Virtualization Costs: Benchmarking Containers and Virtual Machines Against Bare-Metal. SN Comput. Sci., 2(5), 404.
Abstract

DevOps advocates the usage of Virtualization Technologies (VT), such as Virtual Machines and Containers. However, it is complex to predict how the usage of a given VT will impact on the performance of an application. In this paper, we present a collection of reference benchmarks that developers can use to orient when looking for the best-performing VT w.r.t their application profile. To gather our benchmarks in a resource-wise comprehensive and comparable way, we introduce VTmark: a semi-automatic open-source suite that assembles off-the-shelf tools for benchmarking the different resources used by applications (CPU, RAM, etc.). After performing a survey of VTs in the market, we use VTmark to report the benchmarks of 6 of the most widely adopted and popular ones, namely Docker, KVM, Podman, VMWare Workstation, VirtualBox, and Xen. To validate the accuracy of our reference benchmarks, we show how they correlate with the profile performance of a production-grade application ported and deployed on the considered VTs. Beyond our immediate results, VTmark let us shed light on some contradicting findings in the related literature and, by releasing VTmark , we provide DevOps with an open-source, extendable tool to assess the (resource-wise) costs of VTs.

@article{GMPS21,
  author    = {Saverio Giallorenzo and Jacopo Mauro and Martin Gyde Poulsen and Filip Siroky},
  title     = {Virtualization Costs: Benchmarking Containers and Virtual Machines
              Against Bare-Metal},
  journal   = {{SN} Comput. Sci.},
  volume    = {2},
  number    = {5},
  pages     = {404},
  year      = {2021},
  doi       = {10.1007/s42979-021-00781-8}
}
Giallorenzo, S., Montesi, F., Peressotti, M., Richter, D., Salvaneschi, G., & Weisenburger, P. (2021). Multiparty Languages: The Choreographic and Multitier Cases (Pearl). In A. Møller & M. Sridharan (Eds.), 35th European Conference on Object-Oriented Programming, ECOOP 2021, July 11-17, 2021, Aarhus, Denmark (Virtual Conference) (pp. 22:1–22:27). Schloss Dagstuhl - Leibniz-Zentrum für Informatik. Distinguished Paper Award.
Abstract

Choreographic languages aim to express multiparty communication protocols, by providing primitives that make interaction manifest. Multitier languages enable programming computation that spans across several tiers of a distributed system, by supporting primitives that allow computation to change the location of execution. Rooted into different theoretical underpinnings—respectively process calculi and lambda calculus—the two paradigms have been investigated independently by different research communities with little or no contact. As a result, the link between the two paradigms has remained hidden for long. In this paper, we show that choreographic languages and multitier languages are surprisingly similar. We substantiate our claim by isolating the core abstractions that differentiate the two approaches and by providing algorithms that translate one into the other in a straightforward way. We believe that this work paves the way for joint research and cross-fertilisation among the two communities.

@inproceedings{GMPRSW21,
  author    = {Saverio Giallorenzo and Fabrizio Montesi and Marco Peressotti and David Richter and Guido Salvaneschi and Pascal Weisenburger},
  editor    = {Anders M{\o}ller and Manu Sridharan},
  title     = {Multiparty Languages: The Choreographic and Multitier Cases (Pearl)},
  booktitle = {35th European Conference on Object-Oriented Programming, {ECOOP} 2021,
              July 11-17, 2021, Aarhus, Denmark (Virtual Conference)},
  series    = {LIPIcs},
  volume    = {194},
  pages     = {22:1--22:27},
  publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik},
  year      = {2021},
  doi       = {10.4230/LIPIcs.ECOOP.2021.22}
}
Giallorenzo, S., Montesi, F., Peressotti, M., Rademacher, F., & Sachweh, S. (2021). Jolie and LEMMA: Model-Driven Engineering and Programming Languages Meet on Microservices. In F. Damiani & O. Dardha (Eds.), Coordination Models and Languages - 23rd IFIP WG 6.1 International Conference, COORDINATION 2021, Held as Part of the 16th International Federated Conference on Distributed Computing Techniques, DisCoTec 2021, Valletta, Malta, June 14-18, 2021, Proceedings (pp. 276–284). Springer.
Abstract

In microservices, Model-Driven Engineering (MDE) has emerged as a powerful methodology for architectural design. Independently, the community of programming languages has investigated new linguistic abstractions for effective microservice development. Here, we present the first preliminary study of how the two approaches can cross-pollinate, taking the LEMMA framework and the Jolie programming language as respective representatives. We establish a common ground for comparing the two technologies in terms of metamodels, discuss practical enhancements that can be derived from the comparison, and present some directions for future work that arise from our new viewpoint.

@inproceedings{GMPRS21,
  author    = {Saverio Giallorenzo and Fabrizio Montesi and Marco Peressotti and Florian Rademacher and Sabine Sachweh},
  editor    = {Ferruccio Damiani and Ornela Dardha},
  title     = {Jolie and {LEMMA:} Model-Driven Engineering and Programming Languages
              Meet on Microservices},
  booktitle = {Coordination Models and Languages - 23rd {IFIP} {WG} 6.1 International
              Conference, {COORDINATION} 2021, Held as Part of the 16th International
              Federated Conference on Distributed Computing Techniques, DisCoTec
              2021, Valletta, Malta, June 14-18, 2021, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {12717},
  pages     = {276--284},
  publisher = {Springer},
  year      = {2021},
  doi       = {10.1007/978-3-030-78142-2\_17}
}
Bacchiani, L., Bravetti, M., Giallorenzo, S., Mauro, J., Talevi, I., & Zavattaro, G. (2021). Microservice Dynamic Architecture-Level Deployment Orchestration. In F. Damiani & O. Dardha (Eds.), Coordination Models and Languages - 23rd IFIP WG 6.1 International Conference, COORDINATION 2021, Held as Part of the 16th International Federated Conference on Distributed Computing Techniques, DisCoTec 2021, Valletta, Malta, June 14-18, 2021, Proceedings (pp. 257–275). Springer.
Abstract

We develop a novel approach for run-time global adaptation of microservice applications, based on synthesis of architecture-level reconfiguration orchestrations. More precisely, we devise an algorithm for automatic reconfiguration that reaches a target system Maximum Computational Load by performing optimal deployment orchestrations. To conceive and simulate our approach, we introduce a novel integrated timed architectural modeling/execution language based on an extension of the actor-based object-oriented Abstract Behavioral Specification (ABS) language. In particular, we realize a timed extension of SmartDeployer, whose ABS code annotations make it possible to express architectural properties. Our Timed SmartDeployer tool fully integrates time features of ABS and architectural annotations by generating timed deployment orchestrations. We evaluate the applicability of our approach on a realistic microservice application taken from the literature: an Email Pipeline Processing System. We prove its effectiveness by simulating such an application and by comparing architecture-level reconfiguration with traditional local scaling techniques (which detect scaling needs and enact replications at the level of single microservices). Our comparison results show that our approach avoids cascading slowdowns and consequent increased message loss and latency, which affect traditional local scaling.

@inproceedings{BBGMTZ21,
  author    = {Lorenzo Bacchiani and Mario Bravetti and Saverio Giallorenzo and Jacopo Mauro and Iacopo Talevi and Gianluigi Zavattaro},
  editor    = {Ferruccio Damiani and Ornela Dardha},
  title     = {Microservice Dynamic Architecture-Level Deployment Orchestration},
  booktitle = {Coordination Models and Languages - 23rd {IFIP} {WG} 6.1 International
              Conference, {COORDINATION} 2021, Held as Part of the 16th International
              Federated Conference on Distributed Computing Techniques, DisCoTec
              2021, Valletta, Malta, June 14-18, 2021, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {12717},
  pages     = {257--275},
  publisher = {Springer},
  year      = {2021},
  doi       = {10.1007/978-3-030-78142-2\_16}
}
2020
Giallorenzo, S., Lanese, I., Montesi, F., Sangiorgi, D., & Zingaro, S. P. (2020). The Servers of Serverless Computing: A Formal Revisitation of Functions as a Service. In F. S. de Boer & J. Mauro (Eds.), Recent Developments in the Design and Implementation of Programming Languages (pp. 5:1–5:21). Dagstuhl, Germany: Schloss Dagstuhl–Leibniz-Zentrum für Informatik.
Abstract

Serverless computing is a paradigm for programming cloud applications in terms of stateless functions, executed and scaled in proportion to inbound requests. Here, we revisit SKC, a calculus capturing the essential features of serverless programming. By exploring the design space of the language, we refined the integration between the fundamental features of the two calculi that inspire SKC: the λ- and the π-calculus. That investigation led us to a revised syntax and semantics, which support an increase in the expressiveness of the language. In particular, now function names are first-class citizens and can be passed around. To illustrate the new features, we present step-by-step examples and two non-trivial use cases from artificial intelligence, which model, respectively, a perceptron and an image tagging system into compositions of serverless functions. We also illustrate how SKC supports reasoning on serverless implementations, i.e., the underlying network of communicating, concurrent, and mobile processes which execute serverless functions in the cloud. To that aim, we show an encoding from SKC to the asynchronous π-calculus and prove it correct in terms of an operational correspondence.

@inproceedings{GLMSZ20,
  author    = {Saverio Giallorenzo and Ivan Lanese and Fabrizio Montesi and Davide Sangiorgi and Stefano Pio Zingaro},
  title     = {{The Servers of Serverless Computing: A Formal Revisitation of Functions as a Service}},
  booktitle = {Recent Developments in the Design and Implementation of Programming Languages},
  pages     = {5:1--5:21},
  series    = {OpenAccess Series in Informatics (OASIcs)},
  ISBN      = {978-3-95977-171-9},
  ISSN      = {2190-6807},
  year      = {2020},
  volume    = {86},
  editor    = {Frank S. de Boer and Jacopo Mauro},
  publisher = {Schloss Dagstuhl--Leibniz-Zentrum f{\"u}r Informatik},
  address   = {Dagstuhl, Germany},
  doi       = {10.4230/OASIcs.Gabbrielli.5}
}
Bravetti, M., Giallorenzo, S., Mauro, J., Talevi, I., & Zavattaro, G. (2020). A Formal Approach to Microservice Architecture Deployment. In Microservices, Science and Engineering (pp. 183–208). Springer.
Abstract

Following previous work on the automated deployment of component-based applications, we present a formal model specifically tailored for reasoning on the deployment of microservice architectures. The first result that we present is a formal proof of decidability of the problem of synthesizing optimal deployment plans for microservice architectures, a problem which was proved to be undecidable for generic component-based applications. Then, given that such proof translates the deployment problem into a constraint satisfaction problem, we present the implementation of a tool that, by exploiting state-of-the-art constraint solvers, can be used to actually synthesize optimal deployment plans. We evaluate the applicability of our tool on a realistic microservice architecture taken from the literature.

@incollection{BGMTZ20,
  author    = {Mario Bravetti and Saverio Giallorenzo and Jacopo Mauro and Iacopo Talevi and Gianluigi Zavattaro},
  title     = {A Formal Approach to Microservice Architecture Deployment},
  booktitle = {Microservices, Science and Engineering},
  pages     = {183--208},
  year      = {2020},
  doi       = {10.1007/978-3-030-31646-4\_8},
  publisher = {Springer}
}
De Palma, G., Giallorenzo, S., Mauro, J., & Zavattaro, G. (2020). Allocation Priority Policies for Serverless Function-Execution Scheduling Optimisation. In E. Kafeza, B. Benatallah, F. Martinelli, H. Hacid, A. Bouguettaya, & H. Motahari (Eds.), Service-Oriented Computing - 18th International Conference, ICSOC 2020, Dubai, United Arab Emirates, December 14-17, 2020, Proceedings (pp. 416–430). Springer.
Abstract

Serverless computing is a Cloud development paradigm where developers write and compose stateless functions, abstracting from their deployment and scaling. In this paper, we address the problem of function-execution scheduling, i.e., how to schedule the execution of Serverless functions to optimise their performance against some user-defined goals. We introduce a declarative language of Allocation Priority Policies (APP) to specify policies that inform the scheduling of function execution. We present a prototypical implementation of APP as an extension of Apache OpenWhisk and we validate it by i) implementing a use case combining IoT, Edge, and Cloud Computing and ii) by comparing its performance to an alternative implementation that uses vanilla OpenWhisk.

@inproceedings{PGMZ20,
  author    = {Giuseppe {De Palma} and Saverio Giallorenzo and Jacopo Mauro and Gianluigi Zavattaro},
  editor    = {Eleanna Kafeza and Boualem Benatallah and Fabio Martinelli and Hakim Hacid and Athman Bouguettaya and Hamid Motahari},
  title     = {Allocation Priority Policies for Serverless Function-Execution Scheduling Optimisation},
  booktitle = {Service-Oriented Computing - 18th International Conference, {ICSOC}
              2020, Dubai, United Arab Emirates, December 14-17, 2020, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {12571},
  pages     = {416--430},
  publisher = {Springer},
  year      = {2020},
  doi       = {10.1007/978-3-030-65310-1\_29},
}
Cruz-Filipe Luı́s, Giallorenzo, S., Montesi, F., Peressotti, M., Rademacher, F., & Sachweh, S. (Eds.). (2020). Joint Post-proceedings of the First and Second International Conference on Microservices, Microservices 2017/2019, October 23-27, 2017, Odense, Denmark / February 19-21, 2019, Dortmund, Germany. Schloss Dagstuhl - Leibniz-Zentrum für Informatik.
@proceedings{microservices2019,
  editor    = {{Lu{\'{\i}}s} {Cruz{-}Filipe} and Saverio Giallorenzo and Fabrizio Montesi and Marco Peressotti and Florian Rademacher and Sabine Sachweh},
  title     = {Joint Post-proceedings of the First and Second International Conference
              on Microservices, Microservices 2017/2019, October 23-27, 2017, Odense,
              Denmark / February 19-21, 2019, Dortmund, Germany},
  series    = {OASIcs},
  volume    = {78},
  publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik},
  year      = {2020},
  isbn      = {978-3-95977-137-5},
}
2019
Bravetti, M., Giallorenzo, S., Mauro, J., Talevi, I., & Zavattaro, G. (2019). Optimal and Automated Deployment for Microservices. Fundamental Approaches to Software Engineering - 22nd International Conference, FASE 2019, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019, Prague, Czech Republic, April 6-11, 2019, Proceedings, 351–368. Springer.
Abstract
@inproceedings{BGMTZ19,
  author    = {Bravetti, Mario and Giallorenzo, Saverio and Mauro, Jacopo and Talevi, Iacopo and Zavattaro, Gianluigi},
  title     = {Optimal and Automated Deployment for Microservices},
  booktitle = {Fundamental Approaches to Software Engineering - 22nd International  Conference, {FASE} 2019, Held as Part of the European Joint Conferences  on Theory and Practice of Software, {ETAPS} 2019, Prague, Czech Republic,  April 6-11, 2019, Proceedings},
  pages     = {351--368},
  year      = {2019},
  doi       = {10.1007/978-3-030-16722-6\_21},
  publisher = {Springer}
}
Gabbrielli, M., Giallorenzo, S., Lanese, I., & Zingaro, S. P. (2019). Linguistic Abstractions for Interoperability of IoT Platforms. In Towards Integrated Web, Mobile, and IoT Technology (pp. 83–114). Springer.
Abstract

The Internet of Things (IoT) advocates for multi-layered platforms—from edge devices to Cloud nodes—where each layer adopts its own communication standards (media and data formats). While this freedom is optimal for in-layer communication, it puzzles cross-layer integration due to incompatibilities among standards. Also enforcing a unique communication stack within the same IoT platform is not a solution, as it leads to the current phenomenon of “IoT islands”, where disparate platforms hardly interact with each other. In this paper we tackle the problem of IoT cross-layer and cross-platform integration following a language-based approach. We build on the Jolie programming language, which provides uniform linguistic abstractions to exploit heterogeneous communication stacks, allowing the programmer to specify in a declarative way the desired stack, and to easily change it, even at runtime. Jolie currently supports the main technologies from Service-Oriented Computing, such as TCP/IP, Bluetooth, and RMI at transport level, and HTTP and SOAP at application level. We integrate in Jolie the two most adopted protocols for IoT communication, i.e., CoAP and MQTT. We report our experience on a case study on Cloud-based home automation, and we present high-level concepts valuable both for the general implementation of interoperable systems and for the development of other language-based solutions.

@incollection{GGLZ19,
  author    = {Gabbrielli, Maurizio and Giallorenzo, Saverio and Lanese, Ivan and Zingaro, Stefano Pio},
  title     = {Linguistic Abstractions for Interoperability of IoT Platforms},
  booktitle = {Towards Integrated Web, Mobile, and IoT Technology},
  pages     = {83--114},
  year      = {2019},
  publisher = {Springer}
}
Callegati, F., Giallorenzo, S., Gabbrielli, M., Melis, A., & Prandini, M. (2019). Federated Platooning: Insider Threats and Mitigations. 52nd Hawaii International Conference on System Sciences, HICSS 2019, Grand Wailea, Maui, Hawaii, USA, January 8-11, 2019, 1–10. ScholarSpace / AIS Electronic Library (AISeL).
Abstract

Platoon formation is a freight organization system where a group of vehicles follows a predefined trajectory maintaining a desired spatial pattern. Benefits of platooning include fuel savings, reduction of carbon dioxide emissions, and efficient allocation of road capacity. While traditionally platooning has been an exclusive option limited to specific geographical areas managed by a single operator, recent technological developments and EU initiatives are directed at the creation of an international, federated market for platooning, i.e., a consortium of platoon operators that collaborate and coordinate their users to constitute freights covering international routes. In this paper, we look at federated platooning from an insiders’ perspective. In our development, first we outline the basic elements of platooning and federation of platooning operators. Then, we provide a comprehensive analysis to identify the possible insiders (employees, users, operators, and federated members) and the threats they pose. Finally, we propose two layered, composable technical solutions to mitigate those threats: a) a decentralized overlay network that regulates the interactions among the stakeholders, useful to mitigate issues linked to data safety and trustworthiness and b) a dynamic federation platform, needed to monitor and interrupt deviant behaviours of federated members.

@inproceedings{CGGMP19,
  author    = {Callegati, Franco and Giallorenzo, Saverio and Gabbrielli, Maurizio and Melis, Andrea and Prandini, Marco},
  title     = {Federated Platooning: Insider Threats and Mitigations},
  booktitle = {52nd Hawaii International Conference on System Sciences, {HICSS} 2019,  Grand Wailea, Maui, Hawaii, USA, January 8-11, 2019},
  pages     = {1--10},
  year      = {2019},
  publisher = {ScholarSpace / {AIS} Electronic Library (AISeL)}
}
Gabbrielli, M., Giallorenzo, S., Lanese, I., & Mauro, J. (2019). Guess Who’s Coming: Runtime Inclusion of Participants in Choreographies. The Art of Modelling Computational Systems: A Journey from Logic and Concurrency to Security and Privacy - Essays Dedicated to Catuscia Palamidessi on the Occasion of Her 60th Birthday, 118–138. Springer.
Abstract

In Choreographic Programming, a choreography specifies in a single artefact the expected behaviour of all the participants in a distributed system. The choreography is used to synthesise correct-by- construction programs for each participant. In previous work, we defined Dynamic Choreographies to support the update of distributed systems at runtime. In this work, we extend Dynamic Choreographies to include new participants at runtime, capturing those use cases where the system might be updated to interact with new, unforeseen stakeholders. We formalise our extension, prove its correctness, and present an implementation in the AIOCJ choreographic framework.

@inproceedings{GGLM19,
  author    = {Gabbrielli, Maurizio and Giallorenzo, Saverio and Lanese, Ivan and Mauro, Jacopo},
  title     = {Guess Who's Coming: Runtime Inclusion of Participants in Choreographies},
  booktitle = {The Art of Modelling Computational Systems: {A} Journey from Logic  and Concurrency to Security and Privacy - Essays Dedicated to Catuscia  Palamidessi on the Occasion of Her 60th Birthday},
  pages     = {118--138},
  year      = {2019},
  doi       = {10.1007/978-3-030-31175-9\_8},
  publisher = {Springer}
}
Gabbrielli, M., Giallorenzo, S., Lanese, I., Montesi, F., Peressotti, M., & Zingaro, S. P. (2019). No More, No Less - A Formal Model for Serverless Computing. In H. R. Nielson & E. Tuosto (Eds.), Coordination Models and Languages - 21st IFIP WG 6.1 International Conference, COORDINATION 2019, Held as Part of the 14th International Federated Conference on Distributed Computing Techniques, DisCoTec 2019, Kongens Lyngby, Denmark, June 17-21, 2019, Proceedings (pp. 148–157). Springer.
Abstract

Serverless computing, also known as Functions-as-a-Service, is a recent paradigm aimed at simplifying the programming of cloud applications. The idea is that developers design applications in terms of functions, which are then deployed on a cloud infrastructure. The infrastructure takes care of executing the functions whenever requested by remote clients, dealing automatically with distribution and scaling with respect to inbound traffic. While vendors already support a variety of programming languages for serverless computing (e.g. Go, Java, Javascript, Python), as far as we know there is no reference model yet to formally reason on this paradigm. In this paper, we propose the first core formal programming model for serverless computing, which combines ideas from both the λ-calculus (for functions) and the π-calculus (for communication). To illustrate our proposal, we model a real-world serverless system. Thanks to our model, we capture limitations of current vendors and formalise possible amendments.

@inproceedings{GGLMPZ19,
  author    = {Gabbrielli, Maurizio and Giallorenzo, Saverio and Lanese, Ivan and Montesi, Fabrizio and Peressotti, Marco and Zingaro, Stefano Pio},
  editor    = {Nielson, Hanne Riis and Tuosto, Emilio},
  title     = {No More, No Less - {A} Formal Model for Serverless Computing},
  booktitle = {Coordination Models and Languages - 21st {IFIP} {WG} 6.1 International  Conference, {COORDINATION} 2019, Held as Part of the 14th International  Federated Conference on Distributed Computing Techniques, DisCoTec  2019, Kongens Lyngby, Denmark, June 17-21, 2019, Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {11533},
  pages     = {148--157},
  publisher = {Springer},
  year      = {2019},
  doi       = {10.1007/978-3-030-22397-7\_9}
}
Giallorenzo, S., Montesi, F., Safina, L., & Zingaro, S. P. (2019). Ephemeral Data Handling in Microservices. In E. Bertino, C. K. Chang, P. Chen, E. Damiani, M. Goul, & K. Oyama (Eds.), 2019 IEEE International Conference on Services Computing, SCC 2019, Milan, Italy, July 8-13, 2019 (pp. 234–236). IEEE.
Abstract

Ephemeral data handling, whereby processed data do not persist, is an emerging requirement of connected IT systems, due to storage constraints (IoT) or regulatory demands (eHealth, GDPR). We present ongoing work on TQuery, a query language for ephemeral data handling in microservices.

@inproceedings{GMSZ19,
  author    = {Saverio Giallorenzo and Fabrizio Montesi and Larisa Safina and Stefano Pio Zingaro},
  editor    = {Elisa Bertino and Carl K. Chang and Peter Chen and Ernesto Damiani and Michael Goul and Katsunori Oyama},
  title     = {Ephemeral Data Handling in Microservices},
  booktitle = {2019 {IEEE} International Conference on Services Computing, {SCC} 2019, Milan, Italy, July 8-13, 2019},
  pages     = {234--236},
  publisher = {{IEEE}},
  year      = {2019},
  doi       = {10.1109/SCC.2019.00048},
}
Additional Material:
Liu, T., Callegati, F., Cerroni, W., Contoli, C., Gabbrielli, M., & Giallorenzo, S. (2019). Constraint Programming for Flexible Service Function Chaining Deployment. 52nd Hawaii International Conference on System Sciences, HICSS 2019, Grand Wailea, Maui, Hawaii, USA, January 8-11, 2019, 1–10. ScholarSpace / AIS Electronic Library (AISeL). Best Paper Nomination.
Abstract

Network Function Virtualization (NFV) and Software Defined Networking (SDN) are technologies that recently acquired a great momentum thanks to their promise of being a flexible and cost-effective solution for replacing hardware-based, vendor-dependent network middleboxes with software appliances running on general purpose hardware in the cloud. Delivering end-to-end networking services across multiple NFV/SDN network domains by implementing the so-called Service Function Chain (SFC) i.e., a sequence of Virtual Network Functions (VNF) that composes the service, is a challenging task. In this paper we address two crucial sub-problems of this task: i) the language to formalize the request of a given SFC to the network and ii) the solution of the SFC design problem, once the request is received. As for i) in our solution the request is built upon the intent-based approach, with a syntax that focuses on asking the user “what” she needs and not “how” it should be implemented, in a simple and high level language. Concerning ii) we define a formal model describing network architectures and VNF properties that is then used to solve the SFC design problem by means of Constraint Programming (CP), a programming paradigm which is often used in Artificial Intelligence applications. We argue that CP can be effectively used to address this kind of problems because it provides very expressive and flexible modelling languages which come with powerful solvers, thus providing efficient and scalable performance. We substantiate this claim by validating our tool on some typical and non trivial SFC design problems.

@inproceedings{LCCCGG19,
  author    = {Liu, Tong and Callegati, Franco and Cerroni, Walter and Contoli, Chiara and Gabbrielli, Maurizio and Giallorenzo, Saverio},
  title     = {Constraint Programming for Flexible Service Function Chaining Deployment},
  booktitle = {52nd Hawaii International Conference on System Sciences, {HICSS} 2019,  Grand Wailea, Maui, Hawaii, USA, January 8-11, 2019},
  pages     = {1--10},
  year      = {2019},
  publisher = {ScholarSpace / {AIS} Electronic Library (AISeL)}
}
2018
Callegati, F., Giallorenzo, S., Melis, A., & Prandini, M. (2018). Cloud-of-Things meets Mobility-as-a-Service: An insider threat perspective. Comput. Secur., 74, 277–295.
Abstract

Mobility-as-a-Service (MaaS) applies the everything-as-a-service paradigm of Cloud Computing to transportation: a MaaS provider offers to its users the dynamic composition of solutions of different travel agencies into a single, consistent interface. Traditionally, transits and data on mobility belong to a scattered plethora of operators. Thus, we argue that the economic model of MaaS is that of federations of providers, each trading its resources to coordinate multi-modal solutions for mobility. Such flexibility comes with many security and privacy concerns, of which insider threat is one of the most prominent. In this paper, we revise and extend previous work where we classified the potential threats of individual operators and markets of federated MaaS providers, proposing appropriate countermeasures to mitigate the problems. In addition, we consider the emerging case of Cloud-of-Things (CoT) for mobility, i.e., networks of ubiquitous, pervasive devices that provide real-time data on objects and people. Automation and pervasiveness of CoT make an additional attack surface for insiders. In an effort to limit such phenomenon, we present an overlay networking architecture, based on gossip protocols, that lets users share information on mobility with each other. A peculiarity of the architecture is that it both constrains the quality and quantity of data obtainable by insiders, optimizing the routing of requests to involve only users that are able to answer them.

@article{CGMP18,
  author    = {Franco Callegati and Saverio Giallorenzo and Andrea Melis and Marco Prandini},
  title     = {Cloud-of-Things meets Mobility-as-a-Service: An insider threat perspective},
  journal   = {Comput. Secur.},
  volume    = {74},
  pages     = {277--295},
  year      = {2018},
  doi       = {10.1016/j.cose.2017.10.006}
}
Gabbrielli, M., Giallorenzo, S., Lanese, I., & Zingaro, S. P. (2018). A Language-based Approach for Interoperability of IoT Platforms. 51st Hawaii International Conference on System Sciences, HICSS 2018, Hilton Waikoloa Village, Hawaii, USA, January 3-6, 2018, 1–10. ScholarSpace / AIS Electronic Library (AISeL).
Abstract

The Internet of Things (IoT) promotes the communication among heterogeneous entities, from small sensors to Cloud systems. However, this is realized using a wide range of communication media and data protocols, usually incompatible with each other. Thus, IoT systems tend to grow as homogeneous isolated platforms, which hardly interact. To achieve a higher degree of interoperability among disparate IoT platforms, we propose a language-based approach for communication technology integration. We build on the Jolie programming language, which allows programmers to easily make the same logic work over disparate communication stacks in a declarative, dynamic way. Jolie currently supports the main technologies from Service-Oriented Computing, such as TCP/IP, Bluetooth, and RMI at transport level, and HTTP and SOAP at application level. As technical result, we integrate in Jolie the two most adopted protocols for IoT communication, i.e., CoAP and MQTT. In this paper, we report our experience and we present high-level concepts valuable both for the general implementation of interoperable systems and for the development of other language-based solutions.

@inproceedings{GGLZ18,
  author    = {Maurizio Gabbrielli and Saverio Giallorenzo and Ivan Lanese and Stefano Pio Zingaro},
  title     = {A Language-based Approach for Interoperability of IoT Platforms},
  booktitle = {51st Hawaii International Conference on System Sciences, {HICSS} 2018,
              Hilton Waikoloa Village, Hawaii, USA, January 3-6, 2018},
  pages     = {1--10},
  year      = {2018},
  publisher = {ScholarSpace / {AIS} Electronic Library (AISeL)}
}
Giallorenzo, S., Lanese, I., & Russo, D. (2018). ChIP: A Choreographic Integration Process. On the Move to Meaningful Internet Systems. OTM 2018 Conferences - Confederated International Conferences: CoopIS, C&TC, and ODBASE 2018, Valletta, Malta, October 22-26, 2018, Proceedings, Part II, 22–40. Springer.
Abstract

Over the years, organizations acquired disparate software systems, each answering one specific need. Currently, the desirable outcomes of integrating these systems (higher degrees of automation and better system consistency) are often outbalanced by the complexity of mitigating their discrepancies. These problems are magnified in the decentralized setting (e.g., cross-organizational cases) where the integration is usually dealt with ad-hoc “glue” connectors, each integrating two or more systems. Since the overall logic of the integration is spread among many glue connectors, these solutions are difficult to program correctly (making them prone to misbehaviours and system blocks), maintain, and evolve. In response to these problems, we propose ChIP, an integration process advocating choreographic programs as intermediate artefacts to refine high-level global specifications (e.g., UML Sequence Diagrams), defined by the domain experts of each partner, into concrete, distributed implementations. In ChIP, once the stakeholders agree upon a choreographic integration design, they can automatically generate the respective local connectors, which are guaranteed to faithfully implement the described distributed logic. In the paper, we illustrate ChIP with a pilot from the EU EIT Digital project SMAll, aimed at integrating pre-existing systems from government, university, and transport industry.

@inproceedings{GLR18,
  author    = {Giallorenzo, Saverio and Lanese, Ivan and Russo, Daniel},
  title     = {ChIP: {A} Choreographic Integration Process},
  booktitle = {On the Move to Meaningful Internet Systems. {OTM} 2018 Conferences  - Confederated International Conferences: CoopIS, C{\&}TC, and  {ODBASE} 2018, Valletta, Malta, October 22-26, 2018, Proceedings,  Part {II}},
  pages     = {22--40},
  year      = {2018},
  publisher = {Springer},
  doi       = {10.1007/978-3-030-02671-4\_2}
}
Giallorenzo, S., Montesi, F., & Gabbrielli, M. (2018). Applied Choreographies. Formal Techniques for Distributed Objects, Components, and Systems - 38th IFIP WG 6.1 International Conference, FORTE 2018, Held as Part of the 13th International Federated Conference on Distributed Computing Techniques, DisCoTec 2018, Madrid, Spain, June 18-21, 2018, Proceedings, 21–40. Springer.
Abstract

Choreographic Programming is a paradigm for distributed programming, where high-level “Alice and Bob” descriptions of communications (choreographies) are used to synthesise correct-by-construction programs. However, implementations of choreographic models use message routing technologies distant from their related theoretical models (e.g., CCS/π channels). This drives implementers to mediate discrepancies with the theory through undocumented, unproven adaptations, weakening the reliability of their implementations. As a solution, we propose the framework of Applied Choreographies (AC). In AC, programmers write choreographies in a language that follows the standard syntax and semantics of previous works. Then, choreographies are compiled to a real-world execution model for Service-Oriented Computing (SOC). To manage the complexity of this task, our compilation happens in three steps, respectively dealing with: implementing name-based communications using the concrete mechanism found in SOC, projecting a choreography to a set of processes, and translating processes to a distributed implementation in terms of services.

@inproceedings{GMG18,
  author    = {Giallorenzo, Saverio and Montesi, Fabrizio and Gabbrielli, Maurizio},
  title     = {Applied Choreographies},
  booktitle = {Formal Techniques for Distributed Objects, Components, and Systems  - 38th {IFIP} {WG} 6.1 International Conference, {FORTE} 2018, Held  as Part of the 13th International Federated Conference on Distributed  Computing Techniques, DisCoTec 2018, Madrid, Spain, June 18-21, 2018,  Proceedings},
  pages     = {21--40},
  year      = {2018},
  doi       = {10.1007/978-3-319-92612-4_2},
  publisher = {Springer}
}
Additional Material:
2017
Dalla Preda, M., Gabbrielli, M., Giallorenzo, S., Lanese, I., & Mauro, J. (2017). Dynamic Choreographies: Theory And Implementation. Logical Methods in Computer Science, 13(2).
Abstract

Programming distributed applications free from communication deadlocks and race conditions is complex. Preserving these properties when applications are updated at runtime is even harder. We present a choreographic approach for programming updatable, distributed applications. We define a choreography language, called Dynamic Interaction-Oriented Choreography (DIOC), that allows the programmer to specify, from a global viewpoint, which parts of the application can be updated. At runtime, these parts may be replaced by new DIOC fragments from outside the application. DIOC programs are compiled, generating code for each participant in a process-level language called Dynamic Process-Oriented Choreographies (DPOC). We prove that DPOC distributed applications generated from DIOC specifications are deadlock free and race free and that these properties hold also after any runtime update. We instantiate the theoretical model above into a programming framework called Adaptable Interaction-Oriented Choreographies in Jolie (AIOCJ) that comprises an integrated development environment, a compiler from an extension of DIOCs to distributed Jolie programs, and a runtime environment to support their execution.

@article{DGGLM17,
  author  = {Dalla Preda, Mila and Gabbrielli, Maurizio and Giallorenzo, Saverio and Lanese, Ivan and Mauro, Jacopo},
  title   = {Dynamic Choreographies: Theory And Implementation},
  journal = {Logical Methods in Computer Science},
  volume  = {13},
  number  = {2},
  year    = {2017},
  doi     = {10.23638/LMCS-13(2:1)2017},
}
Callegati, F., Gabbrielli, M., Giallorenzo, S., Melis, A., & Prandini, M. (2017). Smart mobility for all: A global federated market for mobility-as-a-service operators. 20th IEEE International Conference on Intelligent Transportation Systems, ITSC 2017, Yokohama, Japan, October 16-19, 2017, 1–8. IEEE.
Abstract

Multi-modal travelling is a common phenomenon. However, planning multi-modal journeys is still an unstructured and time-consuming experience for customers: they lose time assembling a comprehensive plan out of disparate data, spread over a multitude of information systems — each corresponding to a different company responsible for one of the legs in the journey. Also transport operators are affected by the sparsity of the transportation market, as they might lose potential customers who could not find or know about their services. In this paper, we propose Mobility as a Service (MaaS) as a solution to such problems. Key element of MaaS is that MaaS operators can aggregate solutions of multiple providers to deliver dynamic, transparent multi-modal travels to their users, who experience transportation as managed directly by a single operator. However, given the volume and sparsity of the transportation market, we argue that MaaS operators cannot rely on one-to-one, custom contracts of usage with single mobility operators. Instead, we envision the creation of platforms that automatise the marketing of services for mobility among many mobility providers.

In this work, we detail the required features of a general software platform for such a MaaS market. In particular, we provide a precise definition of MaaS through the MaaS Stack — a tiered view of the components needed by entities to join the MaaS market. Then, through the lens of the MaaS Stack, we elicit the features of an enabling software platform. Finally, to validate our approach, we present a compliant prototype, called SMAll, and discuss its main design choices, among which: i) how SMAll supports the creation of a federation-based MaaS market and ii) how microservices — an emerging architectural style that fosters cohesiveness and minimality of components — enhance flexibility and let the platform and the services of its members efficiently scale according to dynamic demands.

@inproceedings{CGGMP17,
  author    = {Franco Callegati and Maurizio Gabbrielli and Saverio Giallorenzo and Andrea Melis and Marco Prandini},
  title     = {Smart mobility for all: {A} global federated market for mobility-as-a-service
              operators},
  booktitle = {20th {IEEE} International Conference on Intelligent Transportation
              Systems, {ITSC} 2017, Yokohama, Japan, October 16-19, 2017},
  pages     = {1--8},
  publisher = {{IEEE}},
  year      = {2017},
  doi       = {10.1109/ITSC.2017.8317701}
}
Callegati, F., Giallorenzo, S., Melis, A., & Prandini, M. (2017). Insider Threats in Emerging Mobility-as-a-Service Scenarios. 50th Hawaii International Conference on System Sciences, HICSS 2017, Hilton Waikoloa Village, Hawaii, USA, January 4-7, 2017, 1–10. ScholarSpace / AIS Electronic Library (AISeL).
Abstract

Mobility as a Service (MaaS) applies the everything-as- a-service paradigm of Cloud Computing to transportation: a MaaS provider offers to its users the dynamic composition of solutions of different travel agencies into a single, consistent interface. Traditionally, transits and data on mobility belong to a scattered plethora of operators. Thus, we argue that the economic model of MaaS is that of federations of providers, each trading its resources to coordinate multi-modal solutions for mobility. Such flexibility comes with many security and privacy concerns, of which insider threat is one of the most prominent. In this paper, we follow a tiered structure — from individual operators to markets of federated MaaS providers — to classify the potential threats of each tier and propose the appropriate countermeasures, in an effort to mitigate the problems.

@inproceedings{CGMP17,
  author    = {Franco Callegati and Saverio Giallorenzo and Andrea Melis and Marco Prandini},
  title     = {Insider Threats in Emerging Mobility-as-a-Service Scenarios},
  booktitle = {50th Hawaii International Conference on System Sciences, {HICSS} 2017,
              Hilton Waikoloa Village, Hawaii, USA, January 4-7, 2017},
  pages     = {1--10},
  year      = {2017},
  publisher = {ScholarSpace / {AIS} Electronic Library (AISeL)}
}
Dragoni, N., Giallorenzo, S., Lluch-Lafuente, A., Mazzara, M., Montesi, F., Mustafin, R., & Safina, L. (2017). Microservices: Yesterday, Today, and Tomorrow. In Present and Ulterior Software Engineering (pp. 195–216). Springer.
Abstract

The microservice architecture is a style inspired by service-oriented computing that has recently started gaining popularity. Before presenting the current state-of-the-art in the field, this chapter reviews the history of software architecture, the reasons that led to the diffusion of objects and services first, and microservices later. Finally, open problems and future challenges are introduced. This survey addresses mostly newcomers to the discipline and offers an academic viewpoint on the topic. In addition, practical aspects are investigated and solutions proposed.

@incollection{DGLMMMS17,
  author    = {Nicola Dragoni and Saverio Giallorenzo and Alberto Lluch{-}Lafuente and Manuel Mazzara and Fabrizio Montesi and Ruslan Mustafin and Larisa Safina},
  title     = {Microservices: Yesterday, Today, and Tomorrow},
  booktitle = {Present and Ulterior Software Engineering},
  pages     = {195--216},
  year      = {2017},
  doi       = {10.1007/978-3-319-67425-4\_12},
  publisher = {Springer},
}
Giallorenzo, S., Lanese, I., Mauro, J., & Gabbrielli, M. (2017). Programming Adaptive Microservice Applications: An AIOCJ Tutorial. In S. Gay & A. Ravara (Eds.), Behavioural Types: from Theory to Tools (pp. 147–167). River Publishers.
Abstract

This tutorial describes AIOCJ, which stands for Adaptive Interaction Oriented Choreographies in Jolie, a choreographic language for programming microservice-based applications which can be updated at runtime. The compilation of a single AIOCJ program generates the whole set of distributed microservices that compose the application. Adaptation is performed using adaptation rules. Abstractly, each rule replaces a pre-delimited part of the program with the new code contained in the rule itself. Concretely, at runtime, the application of a rule updates part of the microservices that compose the application so to match the behaviour specified by the updated program. Thanks to the properties of choreographies, the adaptive application is free from communication deadlocks and message races even after adaptation.

@incollection{GLMG17,
  author    = {Giallorenzo, Saverio and Lanese, Ivan and Mauro, Jacopo and Gabbrielli, Maurizio},
  title     = {Programming Adaptive Microservice Applications: An {AIOCJ} Tutorial},
  editor    = {Gay, Simon and Ravara, Ant{\'o}nio},
  booktitle = {Behavioural Types: from Theory to Tools},
  pages     = {147--167},
  year      = {2017},
  publisher = {River Publishers}
}
2016
Giallorenzo, S. (2016). Real-World Choreographies (PhD thesis). Università degli studi di Bologna.
Abstract

Choreographies are a relatively new tool for designing distributed systems from a global viewpoint. Choreographic specifications are also free from deadlocks and race conditions by design. Recent theoretical results defined proper Endpoint Projection (EPP) functions to compile choreographic specifications into their single components. Since EPPs are behavioural preserving, projected systems also enjoy freedom from deadlocks and races by construction.

Aim of this PhD is to formalise non-trivial features of distributed systems with choreographies and to translate our theoretical results into the practice of implemented systems. To this purpose, we provide two main contributions.

The first contribution tackles one of the most challenging features of distributed development: programming correct and consistent runtime updates of distributed systems. Our solution is a theoretical model of dynamic choreographies that provides a clear definition of which components and behaviours can be updated. We prove that compiled choreographic specifications are correct and consistent after any update. We also refine our theoretical model to provide a finer control over updates. On this refinement, we develop a framework for programming adaptable distributed systems.

The second contribution covers one of the main issues of implementing theoretical results on choreographies: formalising the compilation from choreographies to executable programs. There is a sensible departure between the present choreographic frameworks and their theoretical models because their theories abstract communications with synchronisation on names (a la CCS/π-calculus) yet they compile to Jolie programs, an executable language that uses correlation — a renown technology of Service-Oriented Computing — for message routing. Our solution is a theory of Applied Choreographies (AC) that models correlation-based message passing. We pinpoint the key theoretical problems and formalise the principles that developers should follow to obtain correct implementations. Finally, we prove our approach by defining a correct compiler from AC to the calculus behind the Jolie language.

@phdthesis{G16,
  title  = {Real-World Choreographies},
  author = {Giallorenzo, Saverio},
  year   = {2016},
  school = {Universit{\`a} degli studi di Bologna}
}
Callegati, F., Giallorenzo, S., Melis, A., & Prandini, M. (2016). Data security issues in MaaS-enabling platforms. IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a Better Tomorrow, RTSI 2016, Bologna, Italy, September 7-9, 2016, 1–5. IEEE.
Abstract

Mobility as a Service takes the concept of XaaS to transportation: a MaaS provider shall merge transport options from different mobility providers, seamlessly handling the whole experience of travelling, from providing information, to travel planning, and payments handling. To effectively support the creation of a market of MaaS providers, we envision the creation of ICT infrastructures based on microservices, a modern and renowned development model that fosters the creation of an ecosystem of reusable components. The flexibility of such platforms is their key advantage, yet it poses many security issues. In this paper, we look at these problems through the lens of our experience on one of such platforms, called SMAll. We classify the most relevant vulnerabilities related to data reliability, integrity, and authenticity, and we investigate directions for their mitigation.

@inproceedings{CGMP16,
  author    = {Callegati, Franco and Giallorenzo, Saverio and Melis, Andrea and Prandini, Marco},
  title     = {Data security issues in MaaS-enabling platforms},
  booktitle = {{IEEE} 2nd International Forum on Research and Technologies for Society  and Industry Leveraging a better tomorrow, {RTSI} 2016, Bologna, Italy,  September 7-9, 2016},
  pages     = {1--5},
  year      = {2016},
  doi       = {10.1109/RTSI.2016.7740624},
  publisher = {{IEEE}},
}
Gabbrielli, M., Giallorenzo, S., Guidi, C., Mauro, J., & Montesi, F. (2016). Self-Reconfiguring Microservices. Theory and Practice of Formal Methods - Essays Dedicated to Frank De Boer on the Occasion of His 60th Birthday, 194–210. Springer.
Abstract

Microservices is an emerging paradigm for the development of distributed systems that, originating from Service-Oriented Architecture, focuses on the small dimension, the loose coupling, and the dynamic topology of services. Microservices are particularly appropriate for the development of distributed systems in the Cloud. However, their dynamic nature calls for suitable techniques for their automatic deployment. In this paper we address this problem and we propose JRO (Jolie Redeployment Optimiser), a tool for the automatic and optimised deployment of microservices written in the Jolie language. The tool uses Zephyrus, a state of the art tool that automatically generates a fully detailed Service-Oriented Architecture configuration starting from a partial and abstract description of the target application.

@inproceedings{GGGMM16,
  author    = {Gabbrielli, Maurizio and Giallorenzo, Saverio and Guidi, Claudio and Mauro, Jacopo and Montesi, Fabrizio},
  title     = {Self-Reconfiguring Microservices},
  booktitle = {Theory and Practice of Formal Methods - Essays Dedicated to Frank  de Boer on the Occasion of His 60th Birthday},
  pages     = {194--210},
  year      = {2016},
  doi       = {10.1007/978-3-319-30734-3\_14},
  publisher = {Springer}
}
2015
Dalla Preda, M., Gabbrielli, M., Giallorenzo, S., Lanese, I., & Mauro, J. (2015). Dynamic Choreographies - Safe Runtime Updates of Distributed Applications. Coordination Models and Languages - 17th IFIP WG 6.1 International Conference, COORDINATION 2015, Held as Part of the 10th International Federated Conference on Distributed Computing Techniques, DisCoTec 2015, Grenoble, France, June 2-4, 2015, Proceedings, 67–82. Springer.
Abstract

Programming distributed applications free from communication deadlocks and races is complex. Preserving these properties when applications are updated at runtime is even harder. We present DIOC, a language for programming distributed applications that are free from deadlocks and races by construction. A DIOC program describes a whole distributed application as a unique entity (choreography). DIOC allows the programmer to specify which parts of the application can be updated. At runtime, these parts may be replaced by new DIOC fragments from outside the application. DIOC programs are compiled, generating code for each site, in a lower-level language called DPOC. We formalise both DIOC and DPOC semantics as labelled transition systems and prove the correctness of the compilation as a trace equivalence result. As corollaries, DPOC applications are free from communication deadlocks and races, even in presence of runtime updates.

@inproceedings{DGGLM15a,
  author    = {Dalla Preda, Mila and Gabbrielli, Maurizio and Giallorenzo, Saverio and Lanese, Ivan and Mauro, Jacopo},
  title     = {Dynamic Choreographies - Safe Runtime Updates of Distributed Applications},
  booktitle = {Coordination Models and Languages - 17th {IFIP} {WG} 6.1 International  Conference, {COORDINATION} 2015, Held as Part of the 10th International  Federated Conference on Distributed Computing Techniques, DisCoTec  2015, Grenoble, France, June 2-4, 2015, Proceedings},
  pages     = {67--82},
  year      = {2015},
  crossref  = {DBLP:conf/coordination/2015},
  doi       = {10.1007/978-3-319-19282-6_5},
  publisher = {Springer}
}
Additional Material:
Dalla Preda, M., Gabbrielli, M., Giallorenzo, S., Lanese, I., & Mauro, J. (2015). Developing correct, distributed, adaptive software. Sci. Comput. Program., 97, 41–46.
Abstract

We illustrate our approach to develop and verify distributed, adaptive software systems. The cornerstone of our framework is the use of choreography languages, which allow us to obtain correctness by construction. Workflow Patterns are also used as abstract tools to design real systems, while techniques based on abstract interpretation and on dynamic verification are integrated in our framework to reduce the complexity of verification.

@article{DGGLM15b,
  author  = {Dalla Preda, Mila and Gabbrielli, Maurizio and Giallorenzo, Saverio and Lanese, Ivan and Mauro, Jacopo},
  title   = {Developing correct, distributed, adaptive software},
  journal = {Sci. Comput. Program.},
  volume  = {97},
  pages   = {41--46},
  year   = {2015},
  doi     = {10.1016/j.scico.2013.11.019},
}
2014
Dalla Preda, M., Giallorenzo, S., Lanese, I., Mauro, J., & Gabbrielli, M. (2014). AIOCJ: A Choreographic Framework for Safe Adaptive Distributed Applications. Software Language Engineering - 7th International Conference, SLE 2014, Västerås, Sweden, September 15-16, 2014. Proceedings, 161–170. Springer.
Abstract

We present AIOCJ, a framework for programming distributed adaptive applications. Applications are programmed using AIOC, a choreographic language suited for expressing patterns of interaction from a global point of view. AIOC allows the programmer to specify which parts of the application can be adapted. Adaptation takes place at runtime by means of rules, which can change during the execution to tackle possibly unforeseen adaptation needs. AIOCJ relies on a solid theory that ensures applications to be deadlock-free by construction also after adaptation. We describe the architecture of AIOCJ, the design of the AIOC language, and an empirical validation of the framework.

@inproceedings{DGLMG14,
  author    = {Mila {Dalla Preda} and Saverio Giallorenzo and Ivan Lanese and Jacopo Mauro and Maurizio Gabbrielli},
  title     = {{AIOCJ:} {A} Choreographic Framework for Safe Adaptive Distributed
              Applications},
  booktitle = {Software Language Engineering - 7th International Conference, {SLE}
              2014, V{\"{a}}ster{\aa}s, Sweden, September 15-16, 2014. Proceedings},
  pages     = {161--170},
  year      = {2014},
  publisher  = {Springer},
  doi       = {10.1007/978-3-319-11245-9\_9}
}
Additional Material:
Gabbrielli, M., Giallorenzo, S., & Montesi, F. (2014). Service-Oriented Architectures: From Design to Production Exploiting Workflow Patterns. Distributed Computing and Artificial Intelligence, 11th International Conference, DCAI 2014, Salamanca, Spain, June 4-6, 2014, 131–139. Springer.
Abstract

In Service-Oriented Architectures (SOA), services are composed by coordinating their communications into a flow of interactions. Coloured Petri nets (CPN) offer a formal yet easy tool for modelling interactions in SOAs, however mapping abstract SOAs into executable ones requires a non-trivial and time-costly analysis. Here, we propose a methodology that maps CPN-modelled SOAs into Jolie SOAs (our tar- get language), exploiting a collection of recurring control-flow patterns, called Workflow Patterns, as composable blocks of the translation. We validate our approach with a realistic use case. In addition, we pragmatically asses the expressiveness of Jolie wrt the considered WPs.

@inproceedings{GGM14,
  author    = {Maurizio Gabbrielli and Saverio Giallorenzo and Fabrizio Montesi},
  title     = {Service-Oriented Architectures: From Design to Production Exploiting
              Workflow Patterns},
  booktitle = {Distributed Computing and Artificial Intelligence, 11th International
              Conference, {DCAI} 2014, Salamanca, Spain, June 4-6, 2014},
  pages     = {131--139},
  year      = {2014},
  publisher = {Springer},
  doi       = {10.1007/978-3-319-07593-8\_17}
}
Additional Material:
Guidi, C., Giallorenzo, S., & Gabbrielli, M. (2014). Towards a Composition-based APIaaS Layer. CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain, April 3-5, 2014, 425–432. SciTePress.
Abstract

Application Programming Interfaces (APIs) are a standard feature of any application that exposes its functionalities to external invokers. APIs can be composed thus obtaining new programs with new functionalities. However API composition easily becomes a frustrating and time-costly task that hinders API reuse. The issue derives from technology-dependent features of API composition such as the need of extensive documentation, protocol integration, security issues, etc.. In this paper we introduce the perspective of the API-as-a-Service (APIaaS) layer as tool to ease the development and deployment of applications based on API composition, abstracting communication protocols and message formats. We elicit the desirable features of such a layer and provide a proof-of-concept prototype implemented using a service-oriented language.

@inproceedings{GGG14,
  author    = {Claudio Guidi and Saverio Giallorenzo and Maurizio Gabbrielli},
  title     = {Towards a Composition-based APIaaS Layer},
  booktitle = {{CLOSER} 2014 - Proceedings of the 4th International Conference on
              Cloud Computing and Services Science, Barcelona, Spain, April 3-5,
              2014},
  pages     = {425--432},
  year      = {2014},
  publisher = {SciTePress},
  doi       = {10.5220/0004948004250432}
}
2012
Giallorenzo, S. (2012). Workflow Patterns for Service-Oriented Computing in Jolie (Master's thesis). Università degli studi di Bologna.
Abstract

The main contribution of this master thesis work is the description, verification, and demonstration of the realisability in the Jolie language of Control-Flow and Resources Workflow Patterns — defined by the Workflow Patterns Initiative (WPI). The thesis is divided into four chapters.

The first chapter presents a general description of the programming paradigm behind the Jolie language, Service-Oriented Computing, and its main context of application, Business Process Automation (BPA). The presentation is mainly focussed on the principles of Service-Oriented Architectures (SOA) and ultimately describes the main methods concerning service composition — orchestration and choreography. The last section of the chapter considers SOC in a strictly industrial perspective, highlighting its strategic features.

The second chapter focuses on the description of Jolie. This chapter is not intended as a comprehensive description of the features in the language but rather gives an overview of the theoretical concepts, data structures, operators, and constructs of Jolie, used to demonstrate the realisability of the considered Workflow Patterns.

The third chapter contains the actual realisation of the considered Workflow Patterns in Jolie. Each pattern is first reported and explained in terms of Coloured Petri Nets, realised as a Jolie program (or architecture of programs), reporting the rationale behind the realisation.

The fourth chapter summarises the results from this thesis work, showing a comparison between Jolie and other BPA languages, as reported by WPI. The chapter also contains a discussion on future work: the completion of this study with an analysis on the remaining patterns from the WPI and their impact on the evolution of the Jolie language.

@mastersthesis{G12,
  title  = {Workflow Patterns for Service-Oriented Computing in Jolie},
  author = {Giallorenzo, Saverio},
  school = {Universit{\`a} degli studi di Bologna},
  month  = {7},
  year   = {2012}
}

Presentations, Seminars, and Demos

2023
Presentation of the paper "A Unifying, Lightweight Platform for Microservice and Serverless Deployments" at International Conference on Microservices (Microservices 2023).
2021
Seminar on "Choreographies: on Mainstream Tides" as part of the FoCUS team (INRIA, France) seminars, Università di Bologna.
Seminar on "Challenges of Serverless: can languages help?" as visiting researcher at the Artificial Intelligence, Cybersecurity, and Programming Languages group, University of Southern Denmark.
Presentation on Serverless vs Microservices Architectures presented at the webinar "Microservies-based architectures for next-gen industrial applications" organised by CRIT S.r.l..
2020
Presentation of the paper "Allocation Priority Policies for Serverless Function-execution" at International Conference on Service Oriented Computing (ICSOC 2020).
Presentation of the paper "The Servers of Serverless Computing — A Formal Revisitation of Functions as Services" at Recent Developments of the Design and Implementation of Programming Languages 2020.
Presentation of the abstract "Allocation Priority Policies for Reliable Serverless Scheduling Performance" at the International Conference on Microservices 2020.
2018
Presentation of the Microservices Community at the MADE18 workshop.
Hands-on demo called "Microservices all the way down" on programming Microservices with Jolie. The introductory slides and the demo code are available at a dedicated Github repository. Demo presented the MADE18 workshop, co-located with XP2018.

Short abstract: working code examples that illustrate how the deployment/behaviour division of Jolie programs makes any communicating endpoint a microservices: whether it is a web server, an architectural component or even an IoT device. Click here to see the full abstract.

One of the main tenets of the microservice approach is to loose the ties among (distributed) software components (i.e., microservices), so that they can be developed, evolved, and scaled independently. However, there is one often-overlooked element that binds indirectly together collaborating microservices: communication. This binding consists of the dependencies on the libraries and/or frameworks that support the communication protocols and data formats that are chosen in the design of the microservice architecture. Regardless of whether this choice was conscious or not, it can quickly lead to technical debt unless it is carefully managed: the programming paradigms of each library tend to leak into the core logic of the microservice, making switching to other communication stacks difficult or even infeasible. All of a sudden, the so-advertised resilience of microservices gave way to an inflexible and limiting architecture.

In this hands-on demonstration we will see, using the Jolie language, how suitable language abstractions can loose these implicit couplings. The ultimate aim is to experiment how, through the lens of Jolie, web services, traditional programs, and even IoT devices are all the same: microservices, all the way down.

Booth installation at ImolaProgramma. People got to know, first hand, how Jolie (through JIoT) evolves the programming of Internet of Things systems, mixing together and interacting with Arduino, Raspberry Pi, gauges, and PLCs (through CoAP, MQTT, and MODBUS).
2017
Short Paper and the Demo Choreographic Code (AIOCJ) and Jolie Services on Choreographies for Microservices at Microservices 2017, Odense, Denmark
Seminar on Microservices and Choreographies | The SMAll Project for the Workshop on Programming in Sophia-Antipolis, France
Presentation on FoCUS, on Implementations of Service-Oriented Computing for the Evaluation des Projects in Sophia-Antipolis, France
2016
Presentation on Microservices, scenarios of the near and far future at Meeting on Microservices 2016 at Monrif S.p.A., Bologna, Italy
No-slide presentation on A Hands-on Introduction to Jolie for the September Meeting of San Francisco Microservices Meetup at WeaveWorks Inc., San Francisco, CA, U.S. | Code
Seminar on Jolie Microservices and Choreographies for the Workshop on Programming Languages in Sophia-Antipolis, France
Seminar on A Gentle Introduction to Jolie at the Bertinoro International Spring School 2016, Bertinoro, Italy | Code
2015
Seminar on Jolie Microservices and Choreographies for the Web for the Workshop on Web/Reactive Programming in Sophia-Antipolis, France
2014
Presentation of the paper "AIOCJ: A Choreographic Framework for Safe Adaptive Distributed Application" at the International Conference on Software Language Engineering 2014.