Presentation is loading. Please wait.

Presentation is loading. Please wait.

Efficient Decentralized Monitoring of Safety in Distributed Systems

Published byChristine Bordeleau Modified over 6 years ago

Similar presentations

Presentation on theme: "Efficient Decentralized Monitoring of Safety in Distributed Systems"— Presentation transcript:

1 Efficient Decentralized Monitoring of Safety in Distributed Systems
Koushik Sen Abhay Vardhan Gul Agha Grigore Rosu University of Illinois at Urbana-Champaign, USA

2 Software Reliability Software Validation Rigorous and Complete Methods
Model Checking Theorem Proving Infeasible for large-scale open distributed systems Non-determinism and Asynchrony Testing Widely used Ad-Hoc Good Test Coverage Required Runtime Monitoring Adds rigor to Testing 11/12/2018

3 Centralized Monitoring Approach
Monitoring – Use Formal Methods in Testing Synthesize light-weight Monitors from Specification Automata, Rewriting-based Monitors, State machines Instrument code to insert monitors Execute instrumented code Distributed System Monitoring Global state is distributed For every state update send state to a central monitor Central monitor assembles them to form consistent execution traces (Vector Clocks) Sequence of global states Monitor execution traces 11/12/2018

4 An Example Mobile node a requests certain value from node b
b computes the value and sends it to a Property: no node receives a value from another node to which it had not sent a request 11/12/2018

5 Centralized Monitoring Example
“If a receives a value from b then b calculated the value after receiving request from a” valRcv → (valComputed  valReq) valReq valReq valComputed  valReq valRcv → (valComputed  valReq) (valComputed  valReq) Monitor b valComputed a valReq valRcv 11/12/2018

6 Decentralized Monitoring Approach
“If a receives a value from b then b calculated the value after receiving request from a” valRcv valComputed @a(valReq) (valComputed b valComputed a valReq valRcv valReq valRcv 11/12/2018

7 Past time Distributed Temporal Logic (pt-DTL)
Past Time Linear Temporal Logic [Pnueli] Extended with a Operator from epistemic logic [Aumann76][Meenakshi et al. 00] Properties with respect to a process, say p Interpreted over sequence of knowledge that p has about global state 11/12/2018

8 Remote Formulas in pt-DTL
@a F at process b @ makes remote formula F at process a local to process b “Alarm at process b implies that there was a fire at a” alarm a formula with respect to process b 11/12/2018

9 Remote Expressions in pt-DTL
Remote expressions – arbitrary expressions related to the state of a remote process Propositions constructed from remote and local expressions “If my alarm is set then eventually in past difference between my temperature and temperature at process b exceeded the allowed value” alarm → ((myTemp > allowed) 11/12/2018

10 Safety in Airplane Landing
“ If my airplane is landing then the runway that the airport has allocated matches the one that I am planning to use” landing → (runway 11/12/2018

11 Leader Election Example
“If a leader is elected then if the current process is a leader then, at its knowledge, none of the other processes is a leader” elected → (state=leader → ≠ leader))) 11/12/2018

12 pt-DTL syntax Fi ::= true | false | P(Ei) | : Fi | Fi Æ Fi propositional | ¯ Fi | ¡ Fi | Fi | Fi S Fi temporal epistemic Ei ::= c | vi 2 Vi | f(Ei) functional epistemic 11/12/2018

13 Interpretation of @jEj at process i
m4 m1 m2 p2 @ 1(x=9) m3 p1 x=7 x=9 11/12/2018

14 Monitoring Algorithm Requirements
Should be fast so that online monitoring is possible Little memory overhead Additional messages sent should be minimal; ideally zero 11/12/2018

15 KnowledgeVector Let KV be a vector
one entry for each process appearing in formula KV[j] denotes entry for process j KV[j].seq is the sequence number of last event seen at process j KV[j].values stores values of j-expressions and j-formulae 11/12/2018

16 Monitoring using KnowledgeVector
Maintain KnowledgeVector about global state at each process Attach KnowledgeVector with outgoing messages Update KnowledgeVector with incoming messages At each process monitor local KnowledgeVector 11/12/2018

17 KnowledgeVector Algorithm
[internal event]: (at process i) store eval(Ei,si) and eval(Fi,si) for in KVi[i].values [send m]: KVi[i].seq à KVi[i].seq + 1. Send KVi with m as KVm [receive m]: for all j, if KVm[j].seq > KVi[j].seq then KVi[j].seq à KVm[j].seq KVi[j].values à KVm[j].value 11/12/2018

18 Example p3 p2 p1 ¡(Y ¸ @1X) at p2 Y=7 Y=3 violation X=5 X=9 X=6 5 2 6
5 2 6 2 6 p3 5 2 6 2 6 2 6 p2 Y=7 Y=3 violation 5 9 1 9 1 6 2 6 p1 X=5 X=9 X=6 KV[1].seq ¡(Y at p2 KV[1].values 11/12/2018

19 DIANA Architecture pt-DTL Monitor 11/12/2018

20 Conclusion pt-DTL can express interesting and useful safety properties of distributed systems Decentralized Technique to effectively verify Distributed Systems at runtime No extra message over-head for monitoring KnowledgeVector as monitors 11/12/2018

Download ppt "Efficient Decentralized Monitoring of Safety in Distributed Systems"

Similar presentations

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Modeling and Analyzing Periodic Distributed Computations Anurag Agarwal Vijay Garg Vinit Ogale The University.

Modeling and Analyzing Periodic Distributed Computations Anurag Agarwal Vijay Garg Vinit Ogale The University.
PROOF BY CONTRADICTION

PROOF BY CONTRADICTION
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
Runtime Verification Ali Akkaya Boğaziçi University.

Runtime Verification Ali Akkaya Boğaziçi University.
Virtual Time “Virtual Time and Global States of Distributed Systems” Friedmann Mattern, 1989 The Model: An asynchronous distributed system = a set of processes.

Virtual Time “Virtual Time and Global States of Distributed Systems” Friedmann Mattern, 1989 The Model: An asynchronous distributed system = a set of processes.
Lecture 8: Asynchronous Network Algorithms

Lecture 8: Asynchronous Network Algorithms
SES Algorithm SES: Schiper-Eggli-Sandoz Algorithm. No need for broadcast messages. Each process maintains a vector V_P of size N - 1, N the number of processes.

SES Algorithm SES: Schiper-Eggli-Sandoz Algorithm. No need for broadcast messages. Each process maintains a vector V_P of size N - 1, N the number of processes.
Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,

Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,
Fast Algorithms For Hierarchical Range Histogram Constructions

Fast Algorithms For Hierarchical Range Histogram Constructions
Data Structures: A Pseudocode Approach with C

Data Structures: A Pseudocode Approach with C
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.

/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
Distributed Systems Spring 2009

Distributed Systems Spring 2009
Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.

Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.
Distributed Systems Fall 2009 Logical time, global states, and debugging.

Distributed Systems Fall 2009 Logical time, global states, and debugging.
Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?

Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?
A Type System for Expressive Security Policies David Walker Cornell University.

A Type System for Expressive Security Policies David Walker Cornell University.
System Design Research Laboratory Model-based Testing and Monitoring for Hybrid Embedded Systems Li Tan Jesung Kim Oleg Sokolsky Insup Lee University of.

System Design Research Laboratory Model-based Testing and Monitoring for Hybrid Embedded Systems Li Tan Jesung Kim Oleg Sokolsky Insup Lee University of.

Similar presentations

Ads by Google