Page 31 -
P. 31
16 HEVNER, LINGER, PLESZKOCH, PROWELL, AND WALTON
Figure 2.3 Flow–Service Semantics
I O
FLOW F
ISH IRH
SERVICE A
stimulus history (ISH) of every service in the range of the function that represents the specification
of a flow. In addition, because subsequent flow processing can depend on the responses from these
invocations, the invocation response history (IRH) must be part of the domain of the mathemati-
cal function that represents the specification of a flow. The diagram of Figure 2.3 illustrates these
semantics for a flow F invoking a service A.
I is the set of possible inputs to flow F, and O is the set of possible outputs from flow F. Thus,
the semantics of F can be given by a mathematical function f with domain I x IRH and range O x
ISH. It is this counterintuitive inclusion of service responses in the domain of F and service stimuli
in the range of F that allows flows to manage uncertainty. In particular, IRH represents the range
of possible service responses and thus embodies the uncertainty issues that must be recognized in
flow behaviors. Flows must assess and act upon all possible responses, desired and undesired, that
service invocations can produce. Of course, no semantics can force such informed design, they
can only illuminate the desirability of doing so and provide means for it to be accomplished.
In this semantic model, the specification of flow F is not required to account for the behaviors
that result due to invocation of service A. Rather, it simply defines the invocation of service A with
certain parameters, and how the response from that invocation affects subsequent processing of F.
This means, for example, that any lower-level services invoked by service A need not be part of the
ISH and IRH of flow F. If this were not the case, the specification of F would change if service A was
modified, for example, to invoke different lower-level services. This approach differs from traditional
functional semantics, where the specification of F would be required to include the full effects of all
lower-level service invocations by service A as a part of its functional specification.
This innovative approach to specification is essential to maintain intellectual control over flow
specification and design. As noted, deterministic flows that invoke nondeterministic, asynchronous
services can be modeled by deterministic mathematical functions, making human reasoning and
analysis much simpler. Alternately, if the behavior of flows were nondeterministic, then the flows
themselves would become far more complicated, and their semantics would need to be expressed
as a mathematical relation from domain I x IRH to range O x ISH. This complex situation is
avoided by our FSQ semantic model.
The flow-service semantic model described above is particularly suited to the common situation
where service A already exists on a network, or is provided by COTS or ESP components with
complex and possibly unknown functions. In cases where service A is new and must be designed as
part of the implementation of flow F, these flow semantics can be combined with more traditional
design and verification methods (e.g., Mills, Linger, and Hevner, 1986) to support reasoning about
