Presentation is loading. Please wait.

Presentation is loading. Please wait.

Program Monitoring with LTL in EAGLE

Published byJosé Ángel Hidalgo Flores Modified over 6 years ago

Similar presentations

Presentation on theme: "Program Monitoring with LTL in EAGLE"— Presentation transcript:

1 Program Monitoring with LTL in EAGLE
H Barringer, A Goldberg, K Havelund, K Sen 8th August 2007 Presented by Shin Hong at PSWLAB, KAIST Program Monitoring with LTL in EAGLE Program Monitoring with LTL in EAGLE 1

2 Program Monitoring with LTL in EAGLE
Contents Introduction EAGLE Linear Temporal Logic in EAGLE Algorithm Conclusion References Program Monitoring with LTL in EAGLE

3 Introduction (1/4) The correctness of a software is very important today. Verification tools have been developed. Model-checking technologies have been used successfully for relatively small-scale models. Program Monitoring with LTL in EAGLE Program Monitoring with LTL in EAGLE 3

4 Program Monitoring with LTL in EAGLE
Introduction (2/4) But model-checking technologies have serious limitation for their application to full-scale models. Shift in the way model checking technologies are being applied  from full state space coverage to bounded use for sophisticated testing.  from static application to dynamic application.  Runtime Verification Program Monitoring with LTL in EAGLE

5 Program Monitoring with LTL in EAGLE
Introduction (3/4) In runtime verification, an observer monitors the execution of a program and checks its conformity with a requirement specification. A variety of runtime verification systems have been proposed. Also a wide variety of monitoring logics to specify requirement specifications have been proposed. Program Monitoring with LTL in EAGLE

6 Program Monitoring with LTL in EAGLE
Introduction (4/4) Each monitoring logic is specialized to specify certain requirement specifications. The monitoring logic that user can specify with depends on the runtime verification system user chose.  EAGLE is proposed to support a general framework for defining monitoring logics. Program Monitoring with LTL in EAGLE

7 Program Monitoring with LTL in EAGLE
Contents Introduction EAGLE LTLogic in EAGLE Algorithm Conclusion References Program Monitoring with LTL in EAGLE

8 Program Monitoring with LTL in EAGLE
EAGLE has been designed specially as a general purpose kernel temporal logic for runtime-monitoring. Users can define some monitoring logics using this set of primitives. Program Monitoring with LTL in EAGLE

9 Program Monitoring with LTL in EAGLE
EAGLE offers a succinct but powerful set of primitives that supports Recursive parameterized equations Minimal/maximal fix-point semantics Three temporal operators: next-time, previous-time, and concatenation. Program Monitoring with LTL in EAGLE

10 Program Monitoring with LTL in EAGLE
Ex. Some temporal logics can be expressed as recursive equations. □F ≡ F ∧ ○(□F) ◇F ≡ F ∨ ○(◇F) In EAGLE, max Always(Form F) = F ∧ ○Always(F ) min Sometime(Form F) = F ∨○Sometime(F) Program Monitoring with LTL in EAGLE

11 Program Monitoring with LTL in EAGLE
Example Requirement specification: Whenever we reach a state where x=k>0 For some value k, then eventually we will reach a state at which y==k. In LTL, □(x > 0  ∃k.(k=x ∧ ◇(y=k))) In EAGLE, min R(int k) = Sometime(y==k) mon M = Always(x>0  R(x)) Program Monitoring with LTL in EAGLE

12 Program Monitoring with LTL in EAGLE
Syntax Parameters are typed, such as int, long, float, etc. Monitor can not have a recursive definition. Program Monitoring with LTL in EAGLE

13 Program Monitoring with LTL in EAGLE
Semantics For 0 ≤ i ≤ |σ| + 1 Program Monitoring with LTL in EAGLE

14 Program Monitoring with LTL in EAGLE
Program Monitoring with LTL in EAGLE

15 Program Monitoring with LTL in EAGLE
Contents Introduction EAGLE LTL in EAGLE Algorithm Conclusion References Program Monitoring with LTL in EAGLE

16 Program Monitoring with LTL in EAGLE
Semantic definitions for LTL Program Monitoring with LTL in EAGLE

17 Program Monitoring with LTL in EAGLE
We can define a corresponding EAGLE rule for each LTL temporal operator. Future time temporal operators min Next(Form F) = ○F max Always(Form F) = F ∧ ○(Always(F)) min Sometime(Form F) = F ∨ ○(Sometime(F)) min Until(Form F1, Form F2) = F2 ∨(F1 ∧ ○(Until(F1,F2))) max Unless(Form F1, Form F2)=F2∨(F1 ∧ ○(Until(F1,F2))) Program Monitoring with LTL in EAGLE

18 Program Monitoring with LTL in EAGLE
Past time temporal operators min Previous(Form F ) = ⊙F max AlwaysPast(Form F) = F ∧ ⊙(Always(F)) min SometimePast(Form F) = F ∨ ⊙(SometimePast(F)) min Since(Form F1, Form F2) = F2 ∨(F1 ∧ ⊙(Until(F1,F2))) max Zince(Form F1, Form F2) = F2∨(F1 ∧ ⊙(Until(F1,F2))) User can transform LTL into EAGLE monitor mechanically. Program Monitoring with LTL in EAGLE

19 Program Monitoring with LTL in EAGLE
Contents Introduction EAGLE LTL in EAGLE Algorithm Conclusion References Program Monitoring with LTL in EAGLE

20 Program Monitoring with LTL in EAGLE
Algorithm (1/13) EAGLE uses three major functions to determine whether a monitoring formula holds for some sequences of states. eval, update, value functions. For each state, EAGLE continuously evaluates the formula which must be satisfied in next state. Program Monitoring with LTL in EAGLE

21 Program Monitoring with LTL in EAGLE
Algorithm (2/13) eval function Definition eval : Form X State  Form The evaluation of a formula F on a state s=σ(i) in a trace σ results in another formula eval(F,s) with the property that σ,i ⊨F if and only if σ,i+1 ⊨eval(F,s) e.g. mon M1 = Next(x==1) mon M2 = Always(y==1) σ = s1 s2 s3 s4… eval(Next(x==1), s1) = x==1 eval(Always(y==1), s1) = if s1 ⊨ y==1,, Always(y==1) otherwise, false Program Monitoring with LTL in EAGLE

22 Program Monitoring with LTL in EAGLE
Algorithm (3/13) Program Monitoring with LTL in EAGLE

23 Program Monitoring with LTL in EAGLE
Algorithm (4/13) update function Definition of function update Form X State  Form Role of the function update Pre-evaluate a formula if it is guarded by a previous operator. σ,i ⊨○F if and only if σ,i+1 ⊨ update(F,s) Program Monitoring with LTL in EAGLE

24 Program Monitoring with LTL in EAGLE
Algorithm (5/13) Program Monitoring with LTL in EAGLE

25 Program Monitoring with LTL in EAGLE
Algorithm (6/13) value function Definition value : Form  {true, false} The value of a formula F at the end of a trace is given by value(F). Given a sequence of states s1 s2 … sn, an LTL formula F is said to be satisfied if and only if value(eval(…eval (eval (F, s1), s2) … sn)) is true. Program Monitoring with LTL in EAGLE

26 Program Monitoring with LTL in EAGLE
Algorithm (7/13) Program Monitoring with LTL in EAGLE

27 Program Monitoring with LTL in EAGLE
Algorithm (8/13) Modifying general EAGLE slightly, eval, update, and value functions can be defined a priori for all LTL operators. Future Time Operators - Next eval(Next(F), s) = eval(○F, s) update(Next(F), s) = Next(update(F,s)) - Always eval(Always(F), s) = eval(F∧○Always(F),s) update(Always(F), s) = Always(update(F, s)) Program Monitoring with LTL in EAGLE

28 Program Monitoring with LTL in EAGLE
Algorithm (9/13) Past Time Operators If a rule contains a formula F guarded by a previous operator on its right hand side then we evaluate F at every event and use the result of the evaluation in the next state. For every formula guarded by a previous operator, We introduce an additional argument in the rule and use these arguments in the definition of eval and update for this rule Program Monitoring with LTL in EAGLE

29 Program Monitoring with LTL in EAGLE
Algorithm (10/13) Previous Previous(F)  Previous’(F, false) eval(Previous’(F,past1), s) = eval(past1, s) update(Previous’(F,past1), s)=Previous’(update(F,s), eval(F,s)) AlwaysPast AlwaysPast(F)  AlwaysPast’(F, true) eval(AlwaysPast’(F, past1), s) = eval(F∧past1, s) update(AlwaysPast’(F, past1),s) = AlwaysPast’(update(F,s),eval(AlwaysPast’(F,past1), s)) Program Monitoring with LTL in EAGLE

30 Program Monitoring with LTL in EAGLE
Algorithm (11/13) Ex. ◇(x > 0 ∧ ▣(y == 0)) mon M = Sometime((x>0) ∧ AlwaysPast(y==0)) s1 = (x,y) = (0, 0) M = Sometime((x>0) ∧ AlwaysPast’(y==0, true)) eval(M,s1)=eval( ((x>0) ∧ AlwaysPast’(y==0, true)) ∨ ○Sometime((x>0) ∧ AlwaysPast’(y==0, true),s1) = false∨eval(○Sometime((x>0)∧AlwaysPast’(y==0, true)), s1) = update(Sometime((x>0) ∧ AlwaysPast’(y==0, true)), s1) = Sometime(update( (x>0) ∧AlwaysPast’(y==0, true))) Program Monitoring with LTL in EAGLE

31 Program Monitoring with LTL in EAGLE
Algorithm (12/13) eval(M,s1) = Sometime(update( (x>0) ∧AlwaysPast’(y==0, true), s1)) = Sometime( (x>0)∧update(AlwaysPast’(y==0, true),s1)) = Sometime( (x > 0) ∧ AlwaysPast’(update(y==0), eval(AlwaysPast’(y==0, true), s1)) = Sometime((x >0) ^ AlwaysPast’(y==0, eval(y==0 ^true, s1)) = Sometime((x>0) ^ AlwaysPast’(y==0, true)) Program Monitoring with LTL in EAGLE

32 Program Monitoring with LTL in EAGLE
Algorithm (13/13) s2 = (1, 0) eval(Sometime((x>0) ^ AlwaysPast’(y==0, true)), s2) =eval((x>0) ^ AlwaysPast’(y==0, true) ∨ ○Sometime((x>0) ^ AlwaysPast’(y==0, true)), s2) = eval(x>0) ^ eval(AlwaysPast’(y==0, true)) ∨ eval(○Sometime((x>0) ^ AlwaysPast’(y==0, true)), s2)) = true∨eval(○Sometime((x>0) ^ AlwaysPast’(y==0, true)), s2)) = true Program Monitoring with LTL in EAGLE

33 Program Monitoring with LTL in EAGLE
Conclusion EAGLE can express LTL like monitoring logics such as Past Time LTL, Future Time LTL, MTL, interval logics, ERE, etc. HAWK – Event-based RV on EAGLE. Program Monitoring with LTL in EAGLE

34 Program Monitoring with LTL in EAGLE
References [1] Program Monitoring with LTL in EAGLE, H Barringer, A Goldberg, K Havelund, K Sen, PADTAD’04. [2] Rule-based Runtime Verification H Barringer, A Goldberg, K Havelund, K Sen, VMCAI’04. Program Monitoring with LTL in EAGLE

35 Program Monitoring with LTL in EAGLE
max Always(Form F) = F ∧ ○Always(F) mon M = Always(F1) eval(Always(F1), s) = eval(F1∧○Always(F1), s) = eval(F1,s) ∧ eval(○Always(F1), s) eval(○Always(F1), s) = update(Always(F1),s) =update(F1∧○Always(F1),s) =update(F1) ∧○update(Always(F1),s) …  update(○Always(F1), s) = update(F1)∧○Always(F1) Program Monitoring with LTL in EAGLE

Download ppt "Program Monitoring with LTL in EAGLE"

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
CS6133 Software Specification and Verification

CS6133 Software Specification and Verification
1/20 Generalized Symbolic Execution for Model Checking and Testing Charngki PSWLAB Generalized Symbolic Execution for Model Checking and Testing.

1/20 Generalized Symbolic Execution for Model Checking and Testing Charngki PSWLAB Generalized Symbolic Execution for Model Checking and Testing.
Formal verification in SPIN Karthikeyan Bhargavan, Davor Obradovic CIS573, Fall 1999.

Formal verification in SPIN Karthikeyan Bhargavan, Davor Obradovic CIS573, Fall 1999.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.

/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.

August Moscow meeting1August Moscow meeting1August Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.

CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.
David Lo Siau-Cheng Khoo Chao Liu DASFAA 2008 Efficient Mining of Recurrent Rules from a Sequence Database 1.

David Lo Siau-Cheng Khoo Chao Liu DASFAA 2008 Efficient Mining of Recurrent Rules from a Sequence Database 1.
ESE601: Hybrid Systems Introduction to verification Spring 2006.

ESE601: Hybrid Systems Introduction to verification Spring 2006.
Describing Syntax and Semantics

Describing Syntax and Semantics
Automata and Formal Lanugages Büchi Automata and Model Checking Ralf Möller based on slides by Chang-Beom Choi Provable Software Lab, KAIST.

Automata and Formal Lanugages Büchi Automata and Model Checking Ralf Möller based on slides by Chang-Beom Choi Provable Software Lab, KAIST.
VESTA: A Statistical Model- checker and Analyzer for Probabilistic Systems Authors: Koushik Sen Mahesh Viswanathan Gul Agha University of Illinois at Urbana-Champaign.

VESTA: A Statistical Model- checker and Analyzer for Probabilistic Systems Authors: Koushik Sen Mahesh Viswanathan Gul Agha University of Illinois at Urbana-Champaign.
CS 267: Automated Verification Lecture 13: Bounded Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 13: Bounded Model Checking Instructor: Tevfik Bultan.
1/25 Pointer Logic Changki PSWLAB Pointer Logic Daniel Kroening and Ofer Strichman Decision Procedure.

1/25 Pointer Logic Changki PSWLAB Pointer Logic Daniel Kroening and Ofer Strichman Decision Procedure.
1/20 Symbolic Execution and Program Testing Charngki PSWLAB Symbolic Execution and Program Testing James C.King IBM Thomas J.Watson Research Center.

1/20 Symbolic Execution and Program Testing Charngki PSWLAB Symbolic Execution and Program Testing James C.King IBM Thomas J.Watson Research Center.
Verification and Validation Overview References: Shach, Object Oriented and Classical Software Engineering Pressman, Software Engineering: a Practitioner’s.

Verification and Validation Overview References: Shach, Object Oriented and Classical Software Engineering Pressman, Software Engineering: a Practitioner’s.

Similar presentations

Ads by Google