Work Packages

work-packages-structure
We propose to leverage transpilation (i.e., source-to-source compilation) to realize tierless programming in JavaScript, an existing general-purpose programming language. This relieves developers from having to align different client-side and server-side technologies, but without requiring an investment in a new tierless language. In this approach to tierless programming, web applications are developed as ordinary single-tiered programs using the existing tools for a general-purpose language. Once tested and validated, the single-tiered program is automatically split into server and client tiers. This will require a minimal amount of annotations from developers (e.g., @client). Program analysis technology can then uncover the implicit dependencies between annotated code, thus determining the border along which the single-tiered program can be split. To realize the tier split, shared state and function calls will be replaced by the appropriate distributed programming constructs. In order to realize this vision we will require an expressive static representation of the program’s dependencies. To this end we will rely on existing work done at VUB/SOFT on abstract interpretation of JavaScript, which will result in a state graph that represents all possible behaviors of the program. The state graph will be accessible to the transpiler (and other tools) by means of a unified static meta-level architecture.
Whether data has been distributed manually to tiers or automatically through transpilation, accesses to shared data have to be coordinated to ensure its consistency. Maintaining consistency is particularly cumbersome when part of this data has been replicated; replication being the predominant method of ensuring a tier remains functional while it is disconnected from the coordination mechanism. Offline updates to replicated data need to be propagated to other replicas in such a way that the resulting data becomes eventually consistent. Sharing data via eventually consistent replicas is a formidable task. Conflicts may arise when replicas are merged, requiring developers to log locally performed changes and to implement an algorithm for reconciling several of such change sets.

To protect the application assets across the different tiers, we will incept and develop an end-to-end application confinement. This security control will protect the confidentiality and integrity of the application data, as well as access to application-specific APIs. The confinement will provide a foolproof isolation environment to shield the application from other code running outside the application. In addition, access across this isolation boundary will be controlled to guarantee the security invariants of the application. The end-to-end confinement will span the client and the server tier, and will enforce confinement policies expressed as part of the tierless application.

We will explicitly investigate a migration trajectory that enables companies to adopt our results gradually. Existing code bases cannot, and probably should not, be rendered tierless overnight. However, they can benefit from the enabling technologies — provided that they are applied consistently.

This work package gather all activities related to project management including compiling yearly reports, organising dissemination activities, centralising communication with members of the Industrial User Board, and exploring possibilities for knowledge transfer and follow-up projects.