Aspect-oriented programming runtime-enforcement of temporal properties in security-critical software

The Aspect-Oriented Programming paradigm has been advocated for modularisation of cross-cutting concerns in large systems. Various applications of this approach have been explored in the literature, one of which is that of runtime-verification based on assertions or temporal properties. Manually weaving temporal properties to en- sure correct execution into a large code base is difficult to achieve in a clean, modular fashion, and AOP techniques enable independent specification of the properties to be automatically woven into the code. In this paper, we explore a number of applications of AOP-based runtime- verification with an emphasis on security-critical system development. Apart from weaving properties into existing programs, we show how related techniques can be used to approach security issues separately from the functionality of a module, allowing for better design of the actual system. Also, we explore AOP as a way of automatically ensuring that reusable code in a library is temporally correctly employed. An area in which not much work has yet been done is that of the use of AOP for runtime-verification of real-time properties. In our case studies we explore real-time issues and outline a proposal for automatic translation from real-time properties into code using AOP techniques.peer-reviewe

Combining Monitoring with Run-Time Assertion Checking

According to a study in 2002 commissioned by a US Department, software bugs annually costs the US economy an estimated $59 billion. A more recent study in 2013 by Cambridge University estimated that the global cost has risen to$312 billion globally. There exists various ways to prevent, isolate and fix software bugs, ranging from lightweight methods that are (semi)-automatic, to heavyweight methods that require significant user interaction. Our own method described in this tutorial is based on automated run-time checking of a combination of protocol- and data-oriented properties of object-oriented programs

Tools and Algorithms for the Construction and Analysis of Systems

This open access two-volume set constitutes the proceedings of the 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2021, which was held during March 27 – April 1, 2021, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021. The conference was planned to take place in Luxembourg and changed to an online format due to the COVID-19 pandemic. The total of 41 full papers presented in the proceedings was carefully reviewed and selected from 141 submissions. The volume also contains 7 tool papers; 6 Tool Demo papers, 9 SV-Comp Competition Papers. The papers are organized in topical sections as follows: Part I: Game Theory; SMT Verification; Probabilities; Timed Systems; Neural Networks; Analysis of Network Communication. Part II: Verification Techniques (not SMT); Case Studies; Proof Generation/Validation; Tool Papers; Tool Demo Papers; SV-Comp Tool Competition Papers

RV’04 Preliminary Version Runtime Verification of Concurrent Haskell Programs Abstract

In this article we use model checking techniques to debug Concurrent Haskell programs. LTL formulas specifying assertions or other properties are verified at runtime. If a run which falsifies a formula is detected, the debugger emits a warning and records the path leading to the violation. It is possible to dynamically add formulas at runtime, giving a degree of flexibility which is not available in static verification of source code. We give a comprehensive example of using the new techniques to detect lock-reversal in Concurrent Haskell programs and introduce a template mechanism to define LTL formulas ranging over an arbitrary set of threads or communication abstractions