1,903 research outputs found
Verifying Policy Enforcers
Policy enforcers are sophisticated runtime components that can prevent
failures by enforcing the correct behavior of the software. While a single
enforcer can be easily designed focusing only on the behavior of the
application that must be monitored, the effect of multiple enforcers that
enforce different policies might be hard to predict. So far, mechanisms to
resolve interferences between enforcers have been based on priority mechanisms
and heuristics. Although these methods provide a mechanism to take decisions
when multiple enforcers try to affect the execution at a same time, they do not
guarantee the lack of interference on the global behavior of the system. In
this paper we present a verification strategy that can be exploited to discover
interferences between sets of enforcers and thus safely identify a-priori the
enforcers that can co-exist at run-time. In our evaluation, we experimented our
verification method with several policy enforcers for Android and discovered
some incompatibilities.Comment: Oliviero Riganelli, Daniela Micucci, Leonardo Mariani, and Yli\`es
Falcone. Verifying Policy Enforcers. Proceedings of 17th International
Conference on Runtime Verification (RV), 2017. (to appear
Efficient and Generalized Decentralized Monitoring of Regular Languages
Part 2: Monitoring and TestingInternational audienceThis paper proposes an efficient and generalized decentralized monitoring algorithm allowing to detect satisfaction or violation of any regular specification by local monitors alone in a system without central observation point. Our algorithm does not assume any form of synchronization between system events and communication of monitors, uses state machines as underlying mechanism for efficiency, and tries to keep the number and size of messages exchanged between monitors to a minimum. We provide a full implementation of the algorithm with an open-source benchmark to evaluate its efficiency in terms of number, size of exchanged messages, and delay induced by communication between monitors. Experimental results demonstrate the effectiveness of our algorithm which outperforms the previous most general one along several (new) monitoring metrics
BISM: Bytecode-Level Instrumentation for Software Monitoring
BISM (Bytecode-Level Instrumentation for Software Monitoring) is a
lightweight bytecode instrumentation tool that features an expressive
high-level control-flow-aware instrumentation language. The language follows
the aspect-oriented programming paradigm by adopting the joinpoint model,
advice inlining, and separate instrumentation mechanisms. BISM provides
joinpoints ranging from bytecode instruction to method execution, access to
comprehensive static and dynamic context information, and instrumentation
methods. BISM runs in two instrumentation modes: build-time and load-time. We
demonstrate BISM effectiveness using two experiments: a security scenario and a
general runtime verification case. The results show that BISM instrumentation
incurs low runtime and memory overheads
Bounds for the mass of the heaviest right-handed neutrino in SO(10) theories
By relating the Dirac neutrino mass matrix to the mass of the charged
fermions and assuming that the product of the masses of the two lightest
left-handed neutrinos is of the order of , we derive, within
a leptogenesis scenario, a range of values for the mass of the heaviest
right-handed neutrino, centered around the scale of symmetry breaking in
the SO(10) theory with Pati-Salam intermediate symmetry.Comment: 7 pages, RevTex4. Few correction
Fully-automated Runtime Enforcement of Component-based Systems with Formal and Sound Recovery
International audienceWe introduce runtime enforcement of specifications on component-based systems (CBS) modeled in the BIP (Behavior, Interaction and Priority) framework. Runtime enforcement is an increasingly popular and effective dynamic validation technique aiming to ensure the correct runtime behavior (w.r.t. a formal specification) of a system using a so-called enforcement monitor. BIP is a powerful and expressive component-based framework for the formal construction of heterogeneous systems. Because of BIP expressiveness however , it is difficult to enforce complex behavioral properties at design-time. We first introduce a theoretical runtime enforcement framework for component-based systems where we delineate a hierarchy of enforceable properties (i.e., properties that can be enforced) according to the number of observational steps a system is allowed to deviate from the property (i.e., the notion of k-step enforceability). To ensure the observational equivalence between the correct executions of the initial system and the monitored system, we show that i) only stutter-invariant properties should be enforced on CBS with our monitors, and ii) safety properties are 1-step enforceable. Second, given an abstract enforcement monitor for some 1-step enforceable property, we define a series of formal transformations to instrument (at relevant locations) a CBS described in the BIP framework to integrate the monitor. At runtime, the monitor observes and automatically avoids any error in the behavior of the system w.r.t. the property. Third, our approach is fully implemented in RE-BIP, an available tool integrated in the BIP tool suite. Fourth, to validate our approach, we use RE-BIP to i) enforce deadlock-freedom on a dining philosophers benchmark, and ii) ensure the correct placement of robots on a map
Triangular Textures for Quark Mass Matrices
The hierarchical quark masses and small mixing angles are shown to lead to a
simple triangular form for the U- and D-type quark mass matrices. In the basis
where one of the matrices is diagonal, each matrix element of the other is, to
a good approximation, the product of a quark mass and a CKM matrix element. The
physical content of a general mass matrix can be easily deciphered in its
triangular form. This parameterization could serve as a useful starting point
for model building. Examples of mass textures are analyzed using this method.Comment: 10 pages, no figure
The Cost of Monitoring Alone
We compare the succinctness of two monitoring systems for properties of
infinite traces, namely parallel and regular monitors. Although a parallel
monitor can be turned into an equivalent regular monitor, the cost of this
transformation is a double-exponential blowup in the syntactic size of the
monitors, and a triple-exponential blowup when the goal is a deterministic
monitor. We show that these bounds are tight and that they also hold for
translations between corresponding fragments of Hennessy-Milner logic with
recursion over infinite traces.Comment: 22 page
Two semi-Lagrangian fast methods for Hamilton-Jacobi-Bellman equations
In this paper we apply the Fast Iterative Method (FIM) for solving general
Hamilton-Jacobi-Bellman (HJB) equations and we compare the results with an
accelerated version of the Fast Sweeping Method (FSM). We find that FIM can be
indeed used to solve HJB equations with no relevant modifications with respect
to the original algorithm proposed for the eikonal equation, and that it
overcomes FSM in many cases. Observing the evolution of the active list of
nodes for FIM, we recover another numerical validation of the arguments
recently discussed in [Cacace et al., SISC 36 (2014), A570-A587] about the
impossibility of creating local single-pass methods for HJB equations
Monitoring Partially Synchronous Distributed Systems using SMT Solvers
In this paper, we discuss the feasibility of monitoring partially synchronous
distributed systems to detect latent bugs, i.e., errors caused by concurrency
and race conditions among concurrent processes. We present a monitoring
framework where we model both system constraints and latent bugs as
Satisfiability Modulo Theories (SMT) formulas, and we detect the presence of
latent bugs using an SMT solver. We demonstrate the feasibility of our
framework using both synthetic applications where latent bugs occur at any time
with random probability and an application involving exclusive access to a
shared resource with a subtle timing bug. We illustrate how the time required
for verification is affected by parameters such as communication frequency,
latency, and clock skew. Our results show that our framework can be used for
real-life applications, and because our framework uses SMT solvers, the range
of appropriate applications will increase as these solvers become more
efficient over time.Comment: Technical Report corresponding to the paper accepted at Runtime
Verification (RV) 201
- …