Monitoring with uncertainty

We discuss the problem of runtime verification of an instrumented program that misses to emit and to monitor some events. These gaps can occur when a monitoring overhead control mechanism is introduced to disable the monitor of an application with real-time constraints. We show how to use statistical models to learn the application behavior and to "fill in" the introduced gaps. Finally, we present and discuss some techniques developed in the last three years to estimate the probability that a property of interest is violated in the presence of an incomplete trace.Comment: In Proceedings HAS 2013, arXiv:1308.490

Cyber-physikalische Systeme:Herausforderung des 21. Jahrhunderts

Cyber-physical systems and the Internet of Things will be omnipresent in the near future. These systems will be tightly integrated in and interacting with our environment to support us in our daily tasks and in achieving our personal goals. However, to achieve this vision, we have to tackle various challenges

Temporal analytics for software usage models

We address the problem of analysing how users actually interact with software. Users are heterogeneous: they adopt different usage styles and each individual user may move between different styles, from one interaction session to another, or even during an interaction session. For analysis, we require new temporal analytics: techniques to model and analyse temporal data sets of logged interactions with the purpose of discovering, interpreting, and communicating meaningful patterns of usage. We define new probabilistic models whose parameters are inferred from logged time series data of user-software interactions. We formulate hypotheses about software usage together with the developers, encode them in probabilistic temporal logic, and analyse the models according to the probabilistic properties. We illustrate by application to logged data from a deployed mobile application software used by thousands of users

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models

Abstract. Formal verification and validation play a crucial role in making cyber-physical systems (CPS) safe. Formal methods make strong guarantees about the system behavior if accurate models of the system can be obtained, including mod-els of the controller and of the physical dynamics. In CPS, models are essential; but any model we could possibly build necessarily deviates from the real world. If the real system fits to the model, its behavior is guaranteed to satisfy the correct-ness properties verified w.r.t. the model. Otherwise, all bets are off. This paper introduces ModelPlex, a method ensuring that verification results about models apply to CPS implementations. ModelPlex provides correctness guarantees for CPS executions at runtime: it combines offline verification of CPS models with runtime validation of system executions for compliance with the model. Model-Plex ensures that the verification results obtained for the model apply to the ac-tual system runs by monitoring the behavior of the world for compliance with the model, assuming the system dynamics deviation is bounded. If, at some point, the observed behavior no longer complies with the model so that offline verifica-tion results no longer apply, ModelPlex initiates provably safe fallback actions. This paper, furthermore, develops a systematic technique to synthesize provably correct monitors automatically from CPS proofs in differential dynamic logic.

Control-flow residual analysis for symbolic automata

This research has received funding from the European Union’s Horizon 2020 research and innovation programme under grant number 666363.Where full static analysis of systems fails to scale up due to system size, dynamic monitoring has been increasingly used to ensure system correctness. The downside is, however, runtime overheads which are induced by the additional monitoring code instrumented. To address this issue, various approaches have been proposed in the literature to use static analysis in order to reduce monitoring overhead. In this paper we generalise existing work which uses control-flow static analysis to optimise properties specified as automata, and prove how similar analysis can be applied to more expressive symbolic automata - enabling reduction of monitoring instrumentation in the system, and also monitoring logic. We also present empirical evidence of the effectiveness of this approach through an analysis of the effect of monitoring overheads in a financial transaction system.peer-reviewe