Service-Oriented Architecture (SOA) and its implementation of Web Services (WS) received significant attention as major computer companies such as IBM, Microsoft, Oracle and Sun Microsystems are adopting this new approach to developing software and systems. SOA advocates run-time system integration of loosely coupled services across heterogeneous platforms in a distributed environment and also improves the flexibility of system development. However, trustworthiness becomes a serious problem and appropriate tradeoffs have to be made.

This research introduces a verification framework for SOA. An effective verification framework will greatly reduce the effort for rapid and adaptive service composition and evaluation of applications based on SOA. The proposed framework consists of two aspects: a testing infrastructure for static verification of services, and a policy-based dynamic verification mechanism for service collaboration and composition. The proposed verification framework provides the following advantages: (1) It offers a CV&V mechanism to verify services. (2) It provides the function of integration testing and functional (black-box) testing. (3) It provides the capability of test case profiling, test case ranking, service ranking, static service profiling, and dynamic service profiling. (4) It has the capability of dynamic verification over services.

WebStrar (Web Services Testing, Ranking, and test case Ranking) is the component in the verification framework to perform static verification It assures the trustworthiness and reduces the vulnerability of WS by rigorous positive and negative testing, reliability assessing, and ranking. A policy specification language PSML-P (Process Specification and Modeling Language for Policy) and a policy enforcement framework "Pi4SOA" (Policy Infrastructure for Service-Oriented Architecture) are proposed to verify and control the collaboration process of SOA during service runtime.