A Formal Approach to Developing Reliable Event-Driven Service-Oriented Systems

In this paper, we present a formal framework for developing distributed service-oriented systems in an event-driven secure synchronous programming environment. More precisely, we present a synchronous programming language called SOL (Secure Operations Language) that has (i) capabilities for handling service invocations asynchronously, (ii) strong typing to ensure enforcement of information flow and security policies, and (iii) the ability to deal with failures (both benign and byzantine) of components. SOL is supported by formal operational semantics. Applications written in our framework can be verified using formal static checking techniques like theorem proving. The framework runs on the top of the SINS (secure infrastructure for networked systems) infrastructure that we have developed.