7,012 research outputs found
Dynamic automata in Larva
As computer systems become larger and more sophisticated,
they bring about an increased level of possible execution
paths and environment configurations, which, generally, cannot be reliably catered for by testing due to its inherent lack
of coverage. As such, many developers are turning onto runtime software verification to be able to provide higher system
quality assurance, intercepting undiscovered bugs as they
arise. However, sophisticated systems tend to involve large
specification properties and thus pose a considerable overhead when the states of such properties are fully enumerated
to perform runtime verification. The problem is even more
intricate with infinite-state properties where enumeration is
not possible. A solution to this issue is through the use of
on-the-fly state generation techniques where the next state is
dynamically computed at runtime. In this paper, we present
dLarva — an extension of the Larva runtime verification
tool supporting on-the-fly state-generating automata. This
enables the definition of automata in a symbolic manner
while also making it possible to traverse infinite state properties. To demonstrate the possibilities of dLarva, we provide
an implementation of dLarva that accepts properties using
regular expressions which are dynamically evaluated at runtime using derivatives. This implementation is used as the
basis for a simple rule-based intrusion detection system for
the AnomicFTPD FTP server.peer-reviewe
Interrupt Timed Automata: verification and expressiveness
We introduce the class of Interrupt Timed Automata (ITA), a subclass of
hybrid automata well suited to the description of timed multi-task systems with
interruptions in a single processor environment. While the reachability problem
is undecidable for hybrid automata we show that it is decidable for ITA. More
precisely we prove that the untimed language of an ITA is regular, by building
a finite automaton as a generalized class graph. We then establish that the
reachability problem for ITA is in NEXPTIME and in PTIME when the number of
clocks is fixed. To prove the first result, we define a subclass ITA- of ITA,
and show that (1) any ITA can be reduced to a language-equivalent automaton in
ITA- and (2) the reachability problem in this subclass is in NEXPTIME (without
any class graph). In the next step, we investigate the verification of real
time properties over ITA. We prove that model checking SCL, a fragment of a
timed linear time logic, is undecidable. On the other hand, we give model
checking procedures for two fragments of timed branching time logic. We also
compare the expressive power of classical timed automata and ITA and prove that
the corresponding families of accepted languages are incomparable. The result
also holds for languages accepted by controlled real-time automata (CRTA), that
extend timed automata. We finally combine ITA with CRTA, in a model which
encompasses both classes and show that the reachability problem is still
decidable. Additionally we show that the languages of ITA are neither closed
under complementation nor under intersection
Learning Concise Models from Long Execution Traces
Abstract models of system-level behaviour have applications in design
exploration, analysis, testing and verification. We describe a new algorithm
for automatically extracting useful models, as automata, from execution traces
of a HW/SW system driven by software exercising a use-case of interest. Our
algorithm leverages modern program synthesis techniques to generate predicates
on automaton edges, succinctly describing system behaviour. It employs trace
segmentation to tackle complexity for long traces. We learn concise models
capturing transaction-level, system-wide behaviour--experimentally
demonstrating the approach using traces from a variety of sources, including
the x86 QEMU virtual platform and the Real-Time Linux kernel
Monitoring-Oriented Programming: A Tool-Supported Methodology for Higher Quality Object-Oriented Software
This paper presents a tool-supported methodological paradigm for object-oriented software development, called monitoring-oriented programming and abbreviated MOP, in which runtime monitoring is a basic software design principle. The general idea underlying MOP is that software developers insert specifications in their code via annotations. Actual monitoring code is automatically synthesized from these annotations before compilation and integrated at appropriate places in the program, according to user-defined configuration attributes. This way, the specification is checked at runtime against the implementation. Moreover, violations and/or validations of specifications can trigger user-defined code at any points in the program, in particular recovery code, outputting or sending messages, or raising exceptions.
The MOP paradigm does not promote or enforce any specific formalism to specify requirements: it allows the users to plug-in their favorite or domain-specific specification formalisms via logic plug-in modules. There are two major technical challenges that MOP supporting tools unavoidably face: monitor synthesis and monitor integration. The former is heavily dependent on the specification formalism and comes as part of the corresponding logic plug-in, while the latter is uniform for all specification formalisms and depends only on the target programming language. An experimental prototype tool, called Java-MOP, is also discussed, which currently supports most but not all of the desired MOP features. MOP aims at reducing the gap between formal specification and implementation, by integrating the two and allowing them together to form a system
Dynamic analysis overview and a proposed verification tool for temporal properties in security-critical software
The need for correct software is increasing as computers are proliferating in every aspect of our lives. Dynamic analysis is a possible way of
increasing the reliability of software by introducing a monitoring and verification mechanism over and above a computer system, so that if under
some unprecedented circumstance, any of its specifications are violated,
an alarm will be raised. This paper gives an overview of the literature
in the subject and also puts forward a proposal of further research and
investigation which seems to be very promising.peer-reviewe
- …