97,406 research outputs found
An Entry Point for Formal Methods: Specification and Analysis of Event Logs
Formal specification languages have long languished, due to the grave
scalability problems faced by complete verification methods. Runtime
verification promises to use formal specifications to automate part of the more
scalable art of testing, but has not been widely applied to real systems, and
often falters due to the cost and complexity of instrumentation for online
monitoring. In this paper we discuss work in progress to apply an event-based
specification system to the logging mechanism of the Mars Science Laboratory
mission at JPL. By focusing on log analysis, we exploit the "instrumentation"
already implemented and required for communicating with the spacecraft. We
argue that this work both shows a practical method for using formal
specifications in testing and opens interesting research avenues, including a
challenging specification learning problem
Formal certification and compliance for run-time service environments
With the increased awareness of security and safety of services in on-demand distributed service provisioning (such
as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of service properties and tend not to support the run-time monitoring and progressive certification in the service execution environment. In this paper we discuss an approach which provides both design-time and runtime behavioural compliance checking for a services architecture, through enabling a progressive event-driven model-checking technique. Providing an integrated approach to certification and compliance is a challenge however using analysis and monitoring techniques we present such an approach for on-going compliance checking
Extensible Technology-Agnostic Runtime Verification
With numerous specialised technologies available to industry, it has become
increasingly frequent for computer systems to be composed of heterogeneous
components built over, and using, different technologies and languages. While
this enables developers to use the appropriate technologies for specific
contexts, it becomes more challenging to ensure the correctness of the overall
system. In this paper we propose a framework to enable extensible technology
agnostic runtime verification and we present an extension of polyLarva, a
runtime-verification tool able to handle the monitoring of
heterogeneous-component systems. The approach is then applied to a case study
of a component-based artefact using different technologies, namely C and Java.Comment: In Proceedings FESCA 2013, arXiv:1302.478
Analog Property Checkers: A Ddr2 Case Study
The formal specification component of verification can be exported to simulation through the idea of property checkers. The essence of this approach is the automatic construction of an observer from the specification in the form of a program that can be interfaced with a simulator and alert the user if the property is violated by a simulation trace. Although not complete, this lighter approach to formal verification has been effectively used in software and digital hardware to detect errors. Recently, the idea of property checkers has been extended to analog and mixed-signal systems.
In this paper, we apply the property-based checking methodology to an industrial and realistic example of a DDR2 memory interface. The properties describing the DDR2 analog behavior are expressed in the formal specification language stl/psl in form of assertions. The simulation traces generated from an actual DDR2 interface design are checked with respect to the stl/psl assertions using the amt tool. The focus of this paper is on the translation of the official (informal and descriptive) specification of two non-trivial DDR2 properties into stl/psl assertions. We study both the benefits and the current limits of such approach
Towards security monitoring patterns
Runtime monitoring is performed during system execution to detect whether the system’s behaviour deviates from that described by requirements. To support this activity we have developed a monitoring framework that expresses the requirements to be monitored in event calculus – a formal temporal first order language. Following an investigation of how this framework could be used to monitor security requirements, in this paper we propose patterns for expressing three basic types of such requirements, namely confidentiality, integrity and availability. These patterns aim to ease the task of specifying confidentiality, integrity and availability requirements in monitorable forms by non-expert users. The paper illustrates the use of these patterns using examples of an industrial case study
Enabling Proactive Adaptation through Just-in-time Testing of Conversational Services
Service-based applications (SBAs) will increasingly be composed of third-party services available over the Internet. Reacting to failures of those third-party services by dynamically adapting the SBAs will become a key enabler for ensuring reliability. Determining when to adapt an SBA is especially challenging in the presence of conversational (aka. stateful) services. A conversational service might fail in the middle of an invocation sequence, in which case adapting the SBA might be costly; e.g., due to the necessary state transfer to an alternative service. In this paper we propose just-in-time testing of conversational services as a novel approach to detect potential problems and to proactively trigger adaptations, thereby preventing costly compensation activities. The approach is based on a framework for online testing and a formal test-generation method which guarantees functional correctness for conversational services. The applicability of the approach is discussed with respect to its underlying assumptions and its performance. The benefits of the approach are demonstrated using a realistic example
COST Action IC 1402 ArVI: Runtime Verification Beyond Monitoring -- Activity Report of Working Group 1
This report presents the activities of the first working group of the COST
Action ArVI, Runtime Verification beyond Monitoring. The report aims to provide
an overview of some of the major core aspects involved in Runtime Verification.
Runtime Verification is the field of research dedicated to the analysis of
system executions. It is often seen as a discipline that studies how a system
run satisfies or violates correctness properties. The report exposes a taxonomy
of Runtime Verification (RV) presenting the terminology involved with the main
concepts of the field. The report also develops the concept of instrumentation,
the various ways to instrument systems, and the fundamental role of
instrumentation in designing an RV framework. We also discuss how RV interplays
with other verification techniques such as model-checking, deductive
verification, model learning, testing, and runtime assertion checking. Finally,
we propose challenges in monitoring quantitative and statistical data beyond
detecting property violation
Advanced service monitoring configurations with SLA decomposition and selection
Service Level Agreements (SLAs) for Software Services aim to clearly identify the service level commitments established between service requesters and providers. The commitments that are agreed however can be expressed in complex notations through a combination of expressions that need to evaluated and monitored efficiently. The dynamic allocation of the responsibility for monitoring SLAs (and often different parts within them) to different monitoring components is necessary as both SLAs and the components available for monitoring them may change dynamically during the operation of a service based system. In this paper we discuss an approach to supporting this dynamic configuration, and in particular, how SLAs expressed in higher-level notations can be efficiently decomposed and appropriate monitoring components dynamically allocated for each part of the agreements. The approach is illustrated with mechanical support in the form of a configuration service which can be incorporated into SLA-based service monitoring infrastructures
- …