In the previous version of the language, we had the concept of a global escape - a construct that enabled the normal flow of behaviour within a scope to be interrupted, to jump to alternative behaviour. Although this construct was useful for describing some common interaction patterns, such as a timeout or the cancel pattern, it has proved difficult in terms of defining a theoretical basis.
In the new version of the language there is the interruptible concept - however this just defines how the protocol can be prematurely terminated, and does not allow for subsequent interaction behaviour depending upon how the main scope was interrupted.
While looking at the differences between the scribble language versions, and what is required for savara (and more specifically BPMN2 support), it got me thinking more about what is actually required.
The main (and possibly only) use cases for this type of construct are the ones outlined above:
(a) timeout - where the initiator of a request/response interaction does not receive the response within a predefined time
(b) cancel - where the initiator of a request/response interaction wishes to cancel the interaction with another party(s) before it has received the response
In both of these cases, we are dealing with a single request/response interaction and just two parties (not sure if either pattern would work with multiple recipients, as only a single response would be expected). Although the receiver may perform other interactions prior to returning the response, the behaviour of interest is just between the two parties.
An example (for now in pseudo notation, and ignore the keywords as these are just placeholders):
do { // Request block
A->B req;
B->C m1;
C->B m2;
.....
} normal { // Response block
B->A resp;
.....
} interrupt { // Cancel block
A->B cancel;
.....
} timeout { // Timeout block
A-> (potentially any role)
.....
}
Some rules:
- request block starts with community from sender to receiver
- request block cannot include any further interaction (in either direction) between sender and receiver
- response block MUST start with interaction from receiver to sender
- cancel block MUST start with interaction from sender to receiver
- the behaviour in the cancel and timeout blocks must conform to the same wellformedness rules as parallel (needs more thought, but essentially needs to cater for the fact that the request block may continue to execute until the relevant roles receive a communication associated with either the interrupt or timeout blocks that indicate otherwise)
- if cancel or timeout blocks activated in sender, then in terms of monitoring sender, the monitor must remain open to receiving a normal response, until either the session ends or the sender receives any other message from the receiver
- zero or more interrupt blocks could potentially be defined
- only a single optional timeout block should be defined
One complexity not handled above is if B returns a response and continues in the Response block, while A has sent a cancel. Possibly the only way to address this is to require a further confirmation interaction from the other party. For example, it would be reasonable to expect that a cancel request would need to be acknowledged. Therefore the 'sender' would either receive the normal response, or cancel confirmation, to confirm which path should actually be taken by the sender.
Another complexity is how to represent priority. For example, does the normal or cancel path take precedence if they both occur? One option would be to define the normal and interrupt paths in the same way, and the order in which they are specified determines which takes precedence. Alternatively, as described in the previous para, the cancel paths require acknowledgement, and therefore the normal path always takes precedence.