55 research outputs found
Comprehensive Monitor-Oriented Compensation Programming
Compensation programming is typically used in the programming of web service
compositions whose correct implementation is crucial due to their handling of
security-critical activities such as financial transactions. While traditional
exception handling depends on the state of the system at the moment of failure,
compensation programming is significantly more challenging and dynamic because
it is dependent on the runtime execution flow - with the history of behaviour
of the system at the moment of failure affecting how to apply compensation. To
address this dynamic element, we propose the use of runtime monitors to
facilitate compensation programming, with monitors enabling the modeller to be
able to implicitly reason in terms of the runtime control flow, thus separating
the concerns of system building and compensation modelling. Our approach is
instantiated into an architecture and shown to be applicable to a case study.Comment: In Proceedings FESCA 2014, arXiv:1404.043
Compensation-aware runtime monitoring
To avoid large overheads induced by runtime monitoring, the use of
asynchronous log-based monitoring is sometimes adopted — even though this
implies that the system may proceed further despite having reached an anomalous
state. Any actions performed by the system after the error occurring are undesirable, since for instance, an unchecked malicious user may perform unauthorized
actions. Since stopping such actions is not feasible, in this paper we investigate
the use of compensations to enable the undoing of actions, thus enriching asynchronous monitoring with the ability to restore the system to the original state
in which the anomaly occurred. Furthermore, we show how allowing the monitor to adaptively synchronise and desynchronise with the system is also possible
and report on the use of the approach on an industrial case study of a financial
transaction system.peer-reviewe
Programming compensations for system-monitor synchronisation
In security-critical systems such as online establishments, runtime analysis is crucial to detect and handle any unexpected behaviour. Due to resource-intensive operations carried out by such systems, particularly during peak times, synchronous monitoring is not always an option. Asynchronous monitoring, on the other hand, would not compete for system resources but might detect anomalies when the system has progressed further, and it is already too late to apply a remedy. A conciliatory approach is to apply asynchronous monitoring but synchronising when there is a high risk of a problem arising. Although this does not solve the issue of problems arising when in asynchronous mode, compensations have been shown to be useful to restore the system to a sane state when this occurs. In this paper we propose a novel notation, compensating automata, which enables the user to program the compensation logic within the monitor, extending our earlier results by allowing for richer compensation structures. This approach moves the compensation closer to the violation information while simultaneously relieving the system of the additional burden.peer-reviewe
Runtime verification using Larva
Larva, which has been in use and continuous development for almost a decade, has been extended in several ways and used in a wide range of scenarios, from industrial deployment to educational ones. In this paper we give an overview of Larva and give an overview of its extensions and uses.peer-reviewe
Extensible Technology-Agnostic Runtime Verification
With numerous specialised technologies available to industry, it has become
increasingly frequent for computer systems to be composed of heterogeneous
components built over, and using, different technologies and languages. While
this enables developers to use the appropriate technologies for specific
contexts, it becomes more challenging to ensure the correctness of the overall
system. In this paper we propose a framework to enable extensible technology
agnostic runtime verification and we present an extension of polyLarva, a
runtime-verification tool able to handle the monitoring of
heterogeneous-component systems. The approach is then applied to a case study
of a component-based artefact using different technologies, namely C and Java.Comment: In Proceedings FESCA 2013, arXiv:1302.478
Using gherkin to extract tests and monitors for safer medical device interaction design
Number entry systems on medical devices are safety critical and it is important to get them right. Interaction design teams can be multidisciplinary, and in this work we present a process where the requirements of the system are drawn up using a Controlled Natural Language (CNL) that is understandable by non-technical experts or clients. These CNL requirements can also be directly used by the Quality Assurance (QA) team to test the system and monitor whether or not the system runs as it should once deployed. Since commonly, systems are too complex to test all possible execution paths before deployment, monitoring the system at runtime is useful in order to check that the system is running correctly. If at runtime, it is discovered that an anomaly is detected, the relevant personnel is notified through a report in natural language.peer-reviewe
A unified approach for static and runtime verification : framework and applications
Static verification of software is becoming ever more effective
and efficient. Still, static techniques either have high precision, in which
case powerful judgements are hard to achieve automatically, or they use
abstractions supporting increased automation, but possibly losing important aspects of the concrete system in the process. Runtime verification has complementary strengths and weaknesses. It combines full
precision of the model (including the real deployment environment) with
full automation, but cannot judge future and alternative runs. Another
drawback of runtime verification can be the computational overhead of
monitoring the running system which, although typically not very high,
can still be prohibitive in certain settings. In this paper we propose a
framework to combine static analysis techniques and runtime verification with the aim of getting the best of both techniques. In particular,
we discuss an instantiation of our framework for the deductive theorem
prover KeY, and the runtime verification tool Larva. Apart from combining static and dynamic verification, this approach also combines the
data centric analysis of KeY with the control centric analysis of Larva.
An advantage of the approach is that, through the use of a single specification which can be used by both analysis techniques, expensive parts
of the analysis could be moved to the static phase, allowing the runtime
monitor to make significant assumptions, dropping parts of expensive
checks at runtime. We also discuss specific applications of our approach.peer-reviewe
PolyLarva : technology agnostic runtime verification
With numerous specialised technologies available to industry, it is become increasingly frequent for computer systems to be composed of heterogeneous components, built over, and using different technologies and languages. While this enables developers to use the appropriate technologies for specific contexts, it becomes more challenging to ensure the correctness of the overall system. In this paper we propose a framework to enable extensible technology agnostic runtime verification and we present an extension of polyLarva, a runtime-verification tool able to handle the monitoring of heterogeneous-component system. The approach is then applied to a case study with C and Java components.peer-reviewe
- …