Validating API Design Requirements for Interoperability: A Static Analysis Approach Using OpenAPI

• URL: http://arxiv.org/abs/2511.17836v1
• Date: Fri, 21 Nov 2025 23:15:46 GMT
• Title: Validating API Design Requirements for Interoperability: A Static Analysis Approach Using OpenAPI
• Authors: Edwin Sundberg, Thea Ekmark, Workneh Yilma Ayele,
• Abstract summary: API quality validation contributes to aligning technical designs with requirements and enterprise architecture.<n>S.E.O.R.A. facilitates early validation of non-functional API requirements.<n>It improves the API design process by automating checks that would otherwise require manual inspection.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: RESTful APIs are central in developing interoperable, modular, and maintainable software systems in enterprises today. Also, it is essential to support system evolution, service interoperability, and governance across organizational boundaries to ensure good quality and consistency of these APIs. However, evaluating API design quality, which is part of non-functional requirement tasks, remains a largely manual and ad hoc process, particularly during early development. Using a Design Science Research (DSR) methodology, we elicited user needs, identified 75 API design rules using a literature review, and implemented a configurable rule engine to detect structural violations in OpenAPI specifications. The proposed tool supports organizational adaptability by allowing rules to be customized, enabled, or disabled, enabling integration of domain-specific standards. The evaluation was conducted through structured experiments and thematic analysis involving industry experts. API quality validation contributes to aligning technical designs with requirements and enterprise architecture by strengthening interoperability and governance between enterprise systems. The results show that S.E.O.R.A facilitates early validation of non-functional API requirements, provides actionable and traceable feedback, and aligns well with requirements elicitation and quality assurance processes. It improves the API design process by automating checks that would otherwise require manual inspection, thus supporting consistent and reusable conformance practices. This work contributes to requirements engineering by operationalizing design principles as verifiable constraints and embedding them into a practical validation tool. Future directions include IDE integration, expanded rule coverage, and real-world deployment to support continuous compliance in agile API development lifecycles.

Related papers

• The Agentic Automation Canvas: a structured framework for agentic AI project design [0.0]
  We present the Agentic Automation Canvas (AAC), a structured framework for the prospective design of agentic systems.<n> AAC captures six dimensions of an automation project: definition and scope; user expectations with quantified benefit metrics; developer feasibility assessments; governance staging.<n>It is made accessible through a client-side web application with real-time validation.
  arXiv  Detail & Related papers  (2026-02-16T16:46:04Z)
• ABC-Bench: Benchmarking Agentic Backend Coding in Real-World Development [72.4729759618632]
  We introduce ABC-Bench, a benchmark to evaluate agentic backend coding within a realistic, executable workflow.<n>We curated 224 practical tasks spanning 8 languages and 19 frameworks from open-source repositories.<n>Our evaluation reveals that even state-of-the-art models struggle to deliver reliable performance on these holistic tasks.
  arXiv  Detail & Related papers  (2026-01-16T08:23:52Z)
• ScaleCall -- Agentic Tool Calling at Scale for Fintech: Challenges, Methods, and Deployment Insights [0.18643247155980827]
  Large Language Models (LLMs) excel at tool calling, deploying these capabilities in regulated enterprise environments such as toolsets.<n>We present a comprehensive study of tool retrieval methods for enterprise environments through the development and deployment of ScaleCall, a prototype tool-calling framework within Mastercard.
  arXiv  Detail & Related papers  (2025-10-29T14:35:46Z)
• GUISpector: An MLLM Agent Framework for Automated Verification of Natural Language Requirements in GUI Prototypes [58.197090145723735]
  We introduce a novel framework that leverages a multi-modal (M)LLM-based agent for the automated verification of NL requirements in GUI prototypes.<n>GuiSpector extracts detailed NL feedback from the agent's verification process, providing developers with actionable insights.<n>We present an integrated tool that unifies these capabilities, offering an interface for supervising verification runs, inspecting agent rationales and managing the end-to-end requirements verification process.
  arXiv  Detail & Related papers  (2025-10-06T13:15:24Z)
• Bridging the Mobile Trust Gap: A Zero Trust Framework for Consumer-Facing Applications [51.56484100374058]
  This paper proposes an extended Zero Trust model designed for mobile applications operating in untrusted, user-controlled environments.<n>Using a design science methodology, the study introduced a six-pillar framework that supports runtime enforcement of trust.<n>The proposed model offers a practical and standards-aligned approach to securing mobile applications beyond pre-deployment controls.
  arXiv  Detail & Related papers  (2025-08-20T18:42:36Z)
• Towards Mixed-Criticality Software Architectures for Centralized HPC Platforms in Software-Defined Vehicles: A Systematic Literature Review [1.94470674081983]
  We set up a systematic review protocol grounded in established guidelines.<n>Third, we extract key functional domains, constraints, and enabling technologies that drive changes in automotive SWAs.<n>We propose an exemplary SWA for a microprocessor-based system-on-chip.
  arXiv  Detail & Related papers  (2025-06-06T07:40:30Z)
• A Framework for Testing and Adapting REST APIs as LLM Tools [11.757827071584737]
  Large Language Models (LLMs) are increasingly used to build autonomous agents that perform complex tasks with external tools.<n>Current benchmarks overlook these challenges, leaving a gap in assessing API readiness for agent-driven automation.<n>We present a testing framework that systematically evaluates enterprise APIs when wrapped as Python tools for LLM-based agents.
  arXiv  Detail & Related papers  (2025-04-22T02:52:08Z)
• Enabling Communication via APIs for Mainframe Applications [4.872049174955585]
  We propose a novel framework for creating APIs for legacy mainframe applications. Our approach involves identifying APIs by compiling artifacts such as transactions, screens, control flow blocks, inter-microservice calls, business rules, and data accesses. We use static analyses like liveness and reaching definitions to traverse the code and automatically compute API signatures.
  arXiv  Detail & Related papers  (2024-08-08T05:35:36Z)
• FANTAstic SEquences and Where to Find Them: Faithful and Efficient API Call Generation through State-tracked Constrained Decoding and Reranking [57.53742155914176]
  API call generation is the cornerstone of large language models' tool-using ability. Existing supervised and in-context learning approaches suffer from high training costs, poor data efficiency, and generated API calls that can be unfaithful to the API documentation and the user's request. We propose an output-side optimization approach called FANTASE to address these limitations.
  arXiv  Detail & Related papers  (2024-07-18T23:44:02Z)
• Towards an Approach to Pattern-based Domain-Specific Requirements Engineering [0.0]
  We propose the Pattern-based Domain-specific Requirements Engineering Approach for the specification of functional and performance requirements. This approach emerges from an academia-industry collaboration and is our first attempt to frame an approach which allows for analyzing domain knowledge. Our contribution is two-fold: First, we present a solution to pattern-based domain-specific requirements engineering and its exemplary integration into quality assurance techniques.
  arXiv  Detail & Related papers  (2024-04-26T11:38:55Z)
• A General Framework for Verification and Control of Dynamical Models via Certificate Synthesis [54.959571890098786]
  We provide a framework to encode system specifications and define corresponding certificates. We present an automated approach to formally synthesise controllers and certificates. Our approach contributes to the broad field of safe learning for control, exploiting the flexibility of neural networks.
  arXiv  Detail & Related papers  (2023-09-12T09:37:26Z)
• API-Miner: an API-to-API Specification Recommendation Engine [1.8352113484137629]
  API-Miner is an API-to-API specification recommendation engine. It retrieves relevant specification components written in OpenAPI. We evaluate API-Miner in both quantitative and qualitative tasks.
  arXiv  Detail & Related papers  (2022-12-14T14:43:51Z)
• Technology Readiness Levels for AI & ML [79.22051549519989]
  Development of machine learning systems can be executed easily with modern tools, but the process is typically rushed and means-to-an-end. Engineering systems follow well-defined processes and testing standards to streamline development for high-quality, reliable results. We propose a proven systems engineering approach for machine learning development and deployment.
  arXiv  Detail & Related papers  (2020-06-21T17:14:34Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.