Presentation is loading. Please wait.

Presentation is loading. Please wait.

MaC Monitoring and Checking at Runtime Presented By Usa Sammapun CIS 700 Oct 10, 2005.

Published byEdgar Copeland Modified over 9 years ago

Similar presentations

Presentation on theme: "MaC Monitoring and Checking at Runtime Presented By Usa Sammapun CIS 700 Oct 10, 2005."— Presentation transcript:

1 MaC Monitoring and Checking at Runtime Presented By Usa Sammapun CIS 700 Oct 10, 2005

2 What is MaC? ► A verification technique –Goal: Ensure a software program runs correctly ► To understand software verification –Know how software is developed –Know how software is verified

3 Software Development Process ► Requirement and Properties What program should do –When AIBO dog walks, it must not fall Informal (English)  Formal (Logic, FSM) Requirement DesignImplement Walk  !(Fall)

4 Software Development Process ► Design Specification and Analysis How program fulfill requirements –AIBO dog coordinates his 4 legs Formal modeling (UML, FSM, Control theory) Analysis –Simulation –Verification (Model checking) Requirement Design Implement

5 Software Development Process ► Implementation Actual program (AIBO dog walking program in C++) Varification & Validation –Testing –Runtime verification Requirement Implement Design AIBO.c++ main() { int leg1,leg2; int leg3, leg4; … }

6 Verification ► Design –Model Checking ► Implementation –Testing –Runtime Verification MaC Monitoring and Checking At Runtime

7 Verification ► Design –Model Checking ► Implementation –Testing –Runtime Verification

8 Model Checking ► Given –Requirement & Properties –Model ► Verify –Explore all paths –Violate requirement ?? Walk  !(Fall) leg1 leg2 leg4 leg3 all-leg-down !walk leg1-up, leg4-up walk & !fall leg2-up, leg3-up walk & !fall leg1-up, leg2-up walk & fall

9 Model Checking ► Given –Requirement & Properties –Model ► Verify –Explore all paths –Violate requirement ?? Walk  !(Fall) leg1 leg2 leg4 leg3 all-leg-down !walk leg1-up, leg4-up walk & !fall leg2-up, leg3-up walk & !fall leg1-up, leg2-up walk & fall

10 Model Checking - GOOD ► Rigorous and Formal –Based on Mathematics ► Complete –Explore all paths

11 Model Checking - PROBLEM ► Check Design, not implementation –What if implementation does not follow model? ► Not scalable –What if the program is HUGH? Explore all paths might not be feasible

12 Verification ► Design –Model Checking ► Implementation –Testing –Runtime Verification

13 Testing ► We’ve seen it –Run actual program with different inputs –See if outputs are what we want ► Ex. AIBO –Run AIBO dog –See whether or not AIBO dog falls ► Good –Check directly the implementation

14 Testing – PROBLEM ► Not rigorous, Not formal –Possibly random inputs ► Not complete –What if bugs never show up during test ?? –What if it’s not AIBO, but a heart device !?!

15 Verification ► Design –Model Checking ► Implementation –Testing –Runtime Verification MaC Monitoring and Checking At Runtime

16 Runtime Verification ► Given –Requirement & Properties –Implementation ► Ensures the current program execution follows its formal requirements Walk  !(Fall)

17 Runtime Verification Program (ex. AIBO)Verifier (MaC) 2. Execution Information 3. Check 4. Sat / Unsat 4. Feedback User 1. Specify formal requirements (Walk  !Fall)

18 Runtime Verification ► Rigorous and Formal ► Done at implementation ► Not complete –Guarantee for current execution

19 Runtime Verification ► MaC –Monitoring and Checking at Runtime –Components MaC verifier MaC formal language

20 MaC Verifier Program MaC Verifier Execution Information Check Sat / Unsat Feedback User Event Recognizer Checker Injector Abstract Info

21 MaC Verifier and Language Program Instrumented Program MaC Compiler PEDLMEDL MaC Specification Event Recognizer CheckerInjector MaC Verifier SADL 1. Which program info to probe 2. How to map info to properties System PropertiesWhere / when to steer

22 Abstract Information ► To capture roughly and abstractly what the program is doing ► Events –Instantaneous incidents –such as variable updates update(position) ► Conditions –Proposition about the program that may be true/false/undefined for a duration of time –such as position < 50 true position = 40position = 55position = 60 Time position < 50 false position = 55 position = 60 s1s1 s2s2 s3s3 s4s4 position = 55position = 40position = 55 position < 50

23 Events ► e - variable update, start/end method ► e1 || e2 - or ► e1 && e2 - and ► start(c) - instant when condition c becomes true ► end(c) - instant when condition c becomes false ► e when c - e occurs when condition c is true

24 Conditions ► Conditions interpreted over 3 values: true, false and undefined. ► c - boolean expression ► !c - not c ► c 1 || c 2 - or ► c 1 && c 2 - and ► c 1 -> c 2 - imply ► defined(c) - true when c is defined ► [e 1, e 2 ) - interval e1e1 e2e2 [e 1,e 2 )

25 MaC Language ► PEDL –How execution information transform into events and conditions ► MEDL –Specify properties using events and conditions

26 PEDL and MEDL Java ProgramPEDLMEDL Abstraction - When train position is between 30 and 50 - When gate starts/ends being down Railroad Crossing Property: - If train is crossing, then gate must be down - Train is crossing when position is between 30 and 50 Abstraction - When gate is down Check - If train is crossing, then gate must be down position = 0 position = 20 position = 40 Gate.down() position = 55 Gate.up() position = 60 startGD endGD cross Violation gateDown cross

27 Instrumentation class Train { int position; main() { position = 0; position = 20; position = 40; position = 55; } Train.position; class Train { int position; main() { position = 0; send(x,0); position = 20; send(x,20); position = 40; send(x,40); position = 55; send(x,55); } + = Sent to Event Recognizer: [ (position,0), (position,20), (position,40), (position,55) ]

28 MaC Language - PEDL position = 0 Java ProgramPEDL Abstraction - When train position is between 30 and 50 - When gate starts/ends being down position = 20 position = 40 Gate.down() position = 55 Gate.up() position = 60 export event startGD, endGD; export condition cross; monobj Train.position; monmeth Gate.up(); monmeth Gate.down(); condition cross = (30 < RRC.position) && (RRC.position < 50); event startGD = endM(Gate.down()); event endGD = startM(Gate.up()); startGD endGD cross Railroad Crossing Property: - If train is crossing, then gate must be down - Train is crossing when position is between 30 and 50 position = 0 position = 20 position = 40 Gate.down() position = 55 Gate.up() position = 60

29 MEDL – Property Language ► Composed using –Events –Conditions –Connectives ► Properties –Alarms: events that must never occur alarm elevator = door_open when ! floor_level –Safety Properties: conditions that must always hold true property rail_road = train_cross  gate_down

30 MaC Language - MEDL PEDL MEDL import event startGD, endGD; import conditions cross; condition gateDown = [startGD, endGD); property safeRRC = cross -> gateDown; startGD endGD cross Violation gateDown cross Abstraction - When gate is down Check - If train is crossing, then gate must be down Railroad Crossing Property: - If train is crossing, then gate must be down - Train is crossing when position is between 30 and 50

31 Current Work ► Timing properties ► Probabilistic properties ► Dynamic MaC ► Steering using control theory

32 Quantitative Properties ► Time bound interval: e1e1 e2e2 e1e1 e2e2 s1s1 s2s2 s3s3 s4s4 s5s5 s1s1 s2s2 s3s3 s4s4 s5s5

33 Example ► A real-time task T must finish within 100 time units –startT – event when task T starts executing –endT – event when task T finishes executing

Download ppt "MaC Monitoring and Checking at Runtime Presented By Usa Sammapun CIS 700 Oct 10, 2005."

Similar presentations

Copyright W. Howden1 Programming by Contract CSE 111 6/4/2014.

Copyright W. Howden1 Programming by Contract CSE 111 6/4/2014.
MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005.

MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005.
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Introduction to Embedded Systems Chapter 14 Reachability Analysis (14.1, 14.2.1 – 14.2-2) Hao Zheng U of South Florida.

Introduction to Embedded Systems Chapter 14 Reachability Analysis (14.1, – ) Hao Zheng U of South Florida.
LASER From Natural Language Requirements to Rigorous Property Specifications Lori A. Clarke Work done in collaboration with Rachel L. Smith, George S.

LASER From Natural Language Requirements to Rigorous Property Specifications Lori A. Clarke Work done in collaboration with Rachel L. Smith, George S.
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.

/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.

Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.

1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
SEERE, Neum 2009 Runtime verification of Java programs using ITL Vladimir Valkanov, Damyan Mitev Plovdiv, Bulgaria.

SEERE, Neum 2009 Runtime verification of Java programs using ITL Vladimir Valkanov, Damyan Mitev Plovdiv, Bulgaria.
Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.

Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.
CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.

CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.
Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes.

Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes.
MaCS: Monitoring, Checking and Steering O. Sokolsky, S. Kannan, I. Lee, U. Sammapun, J. Shin, M. Viswanathan CIS, Penn M. Kim SECUi.com, Korea.

MaCS: Monitoring, Checking and Steering O. Sokolsky, S. Kannan, I. Lee, U. Sammapun, J. Shin, M. Viswanathan CIS, Penn M. Kim SECUi.com, Korea.
16/27/2015 3:38 AM6/27/2015 3:38 AM6/27/2015 3:38 AMTesting and Debugging Testing The process of verifying the software performs to the specifications.

16/27/2015 3:38 AM6/27/2015 3:38 AM6/27/2015 3:38 AMTesting and Debugging Testing The process of verifying the software performs to the specifications.
System Design Research Laboratory Model-based Testing and Monitoring for Hybrid Embedded Systems Li Tan Jesung Kim Oleg Sokolsky Insup Lee University of.

System Design Research Laboratory Model-based Testing and Monitoring for Hybrid Embedded Systems Li Tan Jesung Kim Oleg Sokolsky Insup Lee University of.
November 18, 2004 Embedded System Design Flow Arkadeb Ghosal Alessandro Pinto Daniele Gasperini Alberto Sangiovanni-Vincentelli

November 18, 2004 Embedded System Design Flow Arkadeb Ghosal Alessandro Pinto Daniele Gasperini Alberto Sangiovanni-Vincentelli

Similar presentations

Ads by Google