Operational Resilience Theory and Experimentation Levi Lúcio.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

Techniques to analyze workflows (design-time)

Risk Modeling The Tropos Approach PhD Lunch Meeting 07/07/2005 Yudistira Asnar –

M ODEL CHECKING -Vasvi Kakkad University of Sydney.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.

Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.

Based on: Petri Nets and Industrial Applications: A Tutorial

Applying Petri Net Unfoldings for Verification of Mobile Systems Apostolos Niaouris Joint work with V. Khomenko, M. Koutny MOCA ‘06.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

LIFE CYCLE MODELS FORMAL TRANSFORMATION

Software system modeling

Model Checking Inputs: A design (in some HDL) and a property (in some temporal logic) Outputs: Decision about whether or not the property always holds.

1 Mechanical Verification of Timed Automata Myla Archer and Constance Heitmeyer Presented by Rasa Bonyadlou 24 October 2002.

Soundness problem for Resource-Constrained Workflow nets.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

1 Flexible Subtyping Relations for Component- Oriented Formalisms and their Verification David Hurzeler PhD Examination, 9/11/2004.

1 Introduction to Computability Theory Lecture15: Reductions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.

VERTAF: An Application Framework for Design and Verification of Embedded Real-Time Software Pao-Ann Hsiung, Shang-Wei Lin, Chih-Hao Tseng, Trong-Yen Lee,

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

© Betty HC Cheng. This presentation is available free for non-commercial use with attribution under a creative commons license. Acknowledge: S.

FunState – An Internal Design Representation for Codesign A model that enables representations of different types of system components. Mixture of functional.

A 14← department of mathematics and computer science PROSE Checking Properties of Adaptive Workflow Nets K. van Hee, I. Lomazova, O. Oanea,

Modeling and Validation Victor R. Basili University of Maryland 27 September 1999.

1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.

University of Toronto Department of Computer Science © Steve Easterbrook. This presentation is available free for non-commercial use with attribution.

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

DynaTraffic – Models and mathematical prognosis

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Introduction to Software Testing Chapter 9.4 Model-Based Grammars Paul Ammann & Jeff Offutt

Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.

Modeling with ordinary Petri Nets Events: Actions that take place in the system The occurrence of these events is controlled by the state of the system.

Overview of Formal Methods. Topics Introduction and terminology FM and Software Engineering Applications of FM Propositional and Predicate Logic Program.

CEFRIEL Consorzio per la Formazione e la Ricerca in Ingegneria dell’Informazione Politecnico di Milano Model Checking UML Specifications of Real Time Software.

B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.

Inferring Temporal Properties of Finite-State Machines with Genetic Programming GECCO’15 Student Workshop July 11, 2015 Daniil Chivilikhin PhD student.

1 Levi Lúcio © A Test Selection Language for CO-OPN Specifications Levi Lúcio, Luis Pedro and Didier Buchs University of Geneva.

CY2003 Computer Systems Lecture 7 Petri net. © LJMU, 2004CY2003- Week 72 Overview Petri net –concepts –Petri net representation –Firing a transition –Marks.

Levi Lúcio School of Computer Science McGill University Canada (with Joachim Denil, Sadaf Mustafiz, Hans Vangheluwe, Bart Meyers, Maris Jukss and Raphael.

1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.

Petri Nets Lecturer: Roohollah Abdipour. Agenda Introduction Petri Net Modelling with Petri Net Analysis of Petri net 2.

Formal Methods.

Modelling by Petri nets

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

Lecture 5 1 CSP tools for verification of Sec Prot Overview of the lecture The Casper interface Refinement checking and FDR Model checking Theorem proving.

Verification & Validation By: Amir Masoud Gharehbaghi

CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.

1 CSEP590 – Model Checking and Automated Verification Lecture outline for July 9, 2003.

Requirements Engineering Methods for Requirements Engineering Lecture-31.

DEPENDABILITY ANALYSIS (towards Networked Information Systems) Ester Ciancamerla, Michele Minichino ENEA {ciancamerlae, In.

DOMAIN DRIVEN DESIGN Dave 12 May WHAT IS DDD? Set of principles to aid in building complex systems Enables us to focus on core problem domain NOT.

IS 2620: Developing Secure Systems Formal Verification/Methods Lecture 9 March 15, 2012.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Lecture 1 Golden Measure and other terms (appropriate for pracs) Lecturer: Simon Winberg Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)

Polynomial analysis algorithms for free-choice workflow nets

CSCI1600: Embedded and Real Time Software

IS 2935: Developing Secure Systems

Formal Methods in software development

Formal Methods in software development

Software Verification and Validation

Software Verification and Validation

CSCI1600: Embedded and Real Time Software

Department of Computer Science Abdul Wali Khan University Mardan

Software Verification and Validation

Presentation transcript:

Operational Resilience Theory and Experimentation Levi Lúcio

MOVERE Project Model-Driven Validation and Verification of Resilient Software Systems Team: Levi Lúcio, Jackin Zhang, Yasir Khan, Nicolas Guelfi 3 year Lux. FNR CORE funding + 2 AFR PhD. 2

Natural Evolving System 3 Birds want to be able to feed properly!

Natural Evolving System 4

5

6

7

Natural Evolution Concepts System – bird Objective – be able to feed Events – temperature change, location change,… Evolution strategy: mutations – make feathers impermeable, grow stronger muscles,… Satisfaction of the objective – population stability or increase 8

Resilient Evolving Process 9

Non-Resilient Evolving Process 10

Can we build (autonomous) Resilient Evolving Processes? The context of fully autonomous resilient evolving processes can provide insights into automation of resilience in general; Formalize the concepts related to evolution and resilience; Applications will follow… 11

Natural Evolution Concepts (in the Computing World) System: machine, computing model, program; Objective: decidable property about the system; Events: problems satisfying the objective; Evolution strategy: operation mode change, structural change,… Satisfaction of the objective: computable quantification of the property on a system. 12

Resilient Evolving Process in the Modeling World 13 Objective System {o1, o2, o3} Events Model Check {o1,o2,o3} Satisfaction of the Objective {o1} is satisfied {o2,o3} are not satisfied System Objective Events Satisfaction of the Objective Evolution Strategy {o2, o3} Model Check {o2,o3} {o3} is satisfied {o2} is not satisfied {o2} Model Check {o2} {o2} is satisfied

Main Research Problems 14 {o1, o2, o3} Model Check {o1,o2,o3} {o1} is satisfied {o2,o3} are not satisfied {o2, o3} Model Check {o2,o3} {o3} is satisfied {o2} is not satisfied How to preserve already achieved objectives? How to achieve new objectives?

How to preserve already achieved objectives in Algebraic Petri Nets? Objectives can be described by temporal properties about the semantics of APN; Use particular types of transformations… … such that the structure of net N (places + arcs + transitions) is preserved in net N+1; Like this the properties about net N still make sense in net N+1; 15

We studied two kinds of properties Safety “something always happens” (AG) Using High-Level Replacement Systems to Preserve Safety Properties in Place/Transition Net Transformations” J. Padberg, M. Gajewsky Reachability something will eventually happen (EF) Our own results 16

Safety preservation 17 Property: “any token in place P3 is always inferior to 12”

Reachability Preservation “Something will eventually happen”; Everything is allowed except adding input arcs into transition and guards to transitions; Kind of “opposite” to safety preservation; Proof done by us, new result in APN. 18

Issues Conservative approach to change, do not allow satisfying “less” properties; Nets grow monotonically; Other approaches possible, but much harder mathematically! 19

Main Research Problems 20 {o1, o2, o3} Model Check {o1,o2,o3} {o1} is satisfied {o2,o3} are not satisfied {o2, o3} Model Check {o2,o3} {o3} is satisfied {o2} is not satisfied How to achieve new objectives?

How to achieve new objectives in Algebraic Petri Nets? Much more difficult… Look at the counterexample data, at the part of the net impacted by the unsatisfied properties; We are in the modeling world… simulate the evolution and find the best transformation set. 21

OK… but we want to apply this! Experimentation: study the applicability of the conditions for property (safety/reachability) preservation in a real evolving system Case study: Development of models with Access Control concerns 22

Incremental implementation of Access Control in Software Systems 23

Co-evolution Framework 24 The first row: evolution by adding new functions and probable related access control policies. The same column: sub-evolution without any new function, but satisfies more access control policies until the model holds all of them.

Future Work Preservation of other temporal properties in Algebraic Petri Nets (theoretical/mathematical); Finding evolution strategies using model checkers; Bring the APN co-evolution of model and access control policies to the statechart world; More case studies, more applications… 25