Semantics & Verification Research Group Department of Computer Science University of Malta FLACOS 2008 Detection of Conflicts in Electronic Contracts Stephen.

Slides:

Advertisements

Similar presentations

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

Advertisements

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.

NorduNet 2008 Helsinki.April 2008 Olaf Owe, Cristian Prisacariu,, Gerardo Schneider, Oslo University Seif Haridi, Pablo Giambiagi, Swedish Institute of.

Recognising Languages We will tackle the problem of defining languages by considering how we could recognise them. Problem: Is there a method of recognising.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

A Survey of Runtime Verification Jonathan Amir 2004.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

Tree Regular Model Checking P. Abdulla, B. Jonsson, P. Mahata and J. d’Orso Uppsala University.

Translation-Based Compositional Reasoning for Software Systems Fei Xie and James C. Browne Robert P. Kurshan Cadence Design Systems.

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

An EHR based methodology for Concurrency management Arvind (with Asif Khan) Computer Science & Artificial Intelligence Lab Massachusetts Institute of Technology.

1 Generalized Buchi automaton. 2 Reminder: Buchi automata A=  Alphabet (finite). S: States (finite).  : S x  x S ) S is the transition relation. I.

Semantics & Verification Research Group Department of Computer Science University of Malta 2008 Runtime Verification of Contracts for Java Programs Christian.

Gerardo Schneider Department of Informatics University of Oslo 2009 Heisenberg-Effect-Free Runtime Verification of Real-Time Properties Gerardo Schneider.

Diagnosability Verification with Parallel LTL-X Model Checking Based on Petri Net Unfoldings Agnes Madalinski 1, and Victor Khomenko 2 1 Faculty of Engineering.

TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA A AAAA A A AA A A A AA A AA A A.

Nir Piterman Department of Computer Science TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AAAAA Bypassing Complexity.

FLACOS08 Malta November 2008 Olaf Owe, Cristian Prisacariu,, Gerardo Schneider, Oslo University Gordon Pace, University of Malta Seif Haridi, Pablo Giambiagi,

A university for the world real R © 2009, Chapter 6 Declarative Workflow Maja Pesic Helen Schonenberg Wil van der Aalst.

1 Introduction to Computability Theory Lecture3: Regular Expressions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture4: Regular Expressions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture3: Regular Expressions Prof. Amos Israeli.

Strong Implementation of Social Choice Functions in Dominant Strategies Clemens ThielenSven O. Krumke 3rd International Workshop on Computational Social.

Introduction to Computability Theory

Model checking dynamic states in GROOVE Arend Rensink Formal Methods and Tools University of Twente.

Formal Verification of Safety Properties in Timed Circuits Marco A. Peña (Univ. Politècnica de Catalunya) Jordi Cortadella (Univ. Politècnica de Catalunya)

On-the-fly Model Checking from Interval Logic Specifications Manuel I. Capel & Miguel J. Hornos Dept. Lenguajes y Sistemas Informáticos Universidad de.

A 14← department of mathematics and computer science PROSE Checking Properties of Adaptive Workflow Nets K. van Hee, I. Lomazova, O. Oanea,

1 Finite state automaton (FSA) LING 570 Fei Xia Week 2: 10/07/09 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AAA.

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Abstract Verification is traditionally done by determining the truth of a temporal formula (the specification) with respect to a timed transition system.

Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.

Complex Security Policies Dave Andersen Advanced Operating Systems Georgia State University.

1 Thomas Triebsees, Department of Computer Science Thomas Triebsees University of the German Federal Armed Forces Munich Department of Computer Science.

1 Carnegie Mellon UniversitySPINFlavio Lerda Bug Catching SPIN An explicit state model checker.

Semantics & Verification Research Group Department of Computer Science University of Malta Fast-Forward Runtime Monitoring — An Industrial Case Study Christian.

Behaviour-Preserving Model Transformation Arend Rensink, University of Twente IPA Spring Days, 18 April 2012.

15-820A 1 LTL to Büchi Automata Flavio Lerda A 2 LTL to Büchi Automata LTL Formulas Subset of CTL* –Distinct from CTL AFG p  LTL  f  CTL. f.

Regular Model Checking Ahmed Bouajjani,Benget Jonsson, Marcus Nillson and Tayssir Touili Moran Ben Tulila

A Modeling Language to Model Norms Karen Figueiredo Viviane Torres da Silva Universidade Federal Fluminense (UFF)

APPLICATIONS OF CONTEXT FREE GRAMMARS BY, BRAMARA MANJEERA THOGARCHETI.

Basics of automata theory

THEORY OF COMPUTATION 08 KLEENE’S THEOREM.

Cs3102: Theory of Computation Class 2: Problems and Finite Automata Spring 2010 University of Virginia David Evans TexPoint fonts used in EMF. Read the.

Cs3102: Theory of Computation Class 6: Pushdown Automata Spring 2010 University of Virginia David Evans TexPoint fonts used in EMF. Read the TexPoint manual.

CIS 842: Specification and Verification of Reactive Systems Lecture Specifications: LTL Model Checking Copyright , Matt Dwyer, John Hatcliff,

Conformance Test Suites, Extensionally Arend Rensink University of Twente Dutch Workshop on Formal Testing Techniques University of Twente 13 September.

Copyright , Doron Peled and Cesare Tinelli. These notes are based on a set of lecture notes originally developed by Doron Peled at the University.

1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.

CDA6530: Performance Models of Computers and Networks Chapter 7: Basic Queuing Networks TexPoint fonts used in EMF. Read the TexPoint manual before you.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Lecture 5 1 CSP tools for verification of Sec Prot Overview of the lecture The Casper interface Refinement checking and FDR Model checking Theorem proving.

HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.

Constraints Assisted Modeling and Validation Presented in CS294-5 (Spring 2007) Thomas Huining Feng Based on: [1]Constraints Assisted Modeling and Validation.

1 Chapter 16 Component-Level Design. 2 Component-Level Design  the closest design activity to coding  the approach: review the design description for.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

A facilitator to discover and compose services Oussama Kassem Zein Yvon Kermarrec ENST Bretagne.

Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.

1 Proving program termination Lecture 5 · February 4 th, 2008 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

15-820A 1 LTL Model Checking A Flavio Lerda.

FORMAL LANGUAGES AND AUTOMATA THEORY

CSE322 Finite Automata Lecture #2.

Model Checking for an Executable Subset of UML

Non-Deterministic Finite Automata

DFA MINIMIZATION Maham Noor 4/8/ Content: Method 1 Equivalence Theorem Method 2 Table filling method 2.

Translating Linear Temporal Logic into Büchi Automata

Chapter 2: Analysis and Verification of Non-Real-Time Systems

Presentation transcript:

Semantics & Verification Research Group Department of Computer Science University of Malta FLACOS 2008 Detection of Conflicts in Electronic Contracts Stephen Fenech Gordon J. Pace University of Malta Gerardo Schneider University of Oslo TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A

Semantics & Verification Research Group Department of Computer Science University of Malta 2 November 2008 Motivation  Are different services compatible together?  (is this (almost) just the beauty criterion we saw yesterday?)  Different views of contracts:  Contracts as properties  A meta-level view of contracts  Composition of services/systems means composition of contracts

Semantics & Verification Research Group Department of Computer Science University of Malta 3 November 2008 The CL View of Contracts  An action-based deontic logic  Enables specification of obligations, prohibitions and permissions  Reparations as (possibly nested) CTDs, CTPs

Semantics & Verification Research Group Department of Computer Science University of Malta 4 November 2008 What are Conflicts?  Conflicts arise when the contract enforces contradictory actions by one or more signatories.  Obliged and forbidden from doing an action  Permitted and forbidden from performing an action  Being obliged to perform two conflicting actions  Being obliged and permitted to perform two conflicting actions

Semantics & Verification Research Group Department of Computer Science University of Malta 5 November 2008 Semantic Detection of Conflicts  A contract is conflict-free if for any sequence of non-violating actions, a contract monitor will not end up in a state where the contract enforces a conflict.  This requires a trace semantics of CL  on finite traces; and  which preserves deontic information

Semantics & Verification Research Group Department of Computer Science University of Malta 6 November 2008  Original trace semantics: ¾ ² 1 c  Example: [{ a, b }, { b }, …] ² 1 [ a ]O( b ) Æ [ b ]P( c ) Deontic Trace Semantics of CL

Semantics & Verification Research Group Department of Computer Science University of Malta 7 November 2008  Three problems:  Infinite traces are not always constructible: 8 ¾ ¢ ¾ 2 1 O( a ) Æ F( a )  Permission has no role in the semantics: [ { b }, … ] ² 1 F( a ) Æ P( a )  No deontic information is used in the semantics Deontic Trace Semantics of CL

Semantics & Verification Research Group Department of Computer Science University of Malta 8 November 2008  New trace semantics: ¾, ¾ d ² f c  Correctness: ¾ ² 1 c, 9 ¾ d ¢ 8 n ¢ ¾ (0.. n ), ¾ d (0.. n ) ² f c Deontic Trace Semantics of CL

Semantics & Verification Research Group Department of Computer Science University of Malta 9 November 2008 Automata with Deontic Information  Given a CL contract c,  ( c ) = h S, A &, s 0, T, V, I, ± i is an automaton:  S is the set of states, s 0 the initial state  A & is the set of concurrent actions  T= S £ A & £ S are the labelled transitions  V is the violation state  I : S ! CL tags states with CL clauses  ± labels states with deontic information  The language of such an automaton Accept(  ( c )) is the set of traces accepted by the automaton, not passing through state V.

Semantics & Verification Research Group Department of Computer Science University of Malta 10 November 2008 Correctness Result Theorem: Given a CL contract c : ¾, ¾ d ² f c if and only if ¾ 2 Accept(  ( c )) A contract is conflict-free if and only if its automaton representation is conflict-free.

Semantics & Verification Research Group Department of Computer Science University of Malta 11 November 2008 CLAN: An Implementation [c]O(b)^[a]F(b)

Semantics & Verification Research Group Department of Computer Science University of Malta 12 November 2008 Other Analysis using the Automaton  Superfluous Clauses  State is labelled with a deontic notion multiple times  Contract Query  What does contract enforce after a sequence of actions  What actions would lead to a specific obligation

Semantics & Verification Research Group Department of Computer Science University of Malta 13 November 2008 Other Analysis using the Automaton  Unreachable clauses  Clauses in the contract which are superfluous  Overlapping clauses  Clauses repeating similar or identical deontic properties

Semantics & Verification Research Group Department of Computer Science University of Malta 14 November 2008 Conclusions  Sound and complete decision algorithm for conflict detection of CL contracts:  Based on a trace semantics of CL  Prototype implementation  Used on a case study involving an airline company check-in desk.  Currently looking into combining this with runtime verification.