Results 1  10
of
29
Rewritingbased Techniques for Runtime Verification
"... Techniques for efficiently evaluating future time Linear Temporal Logic (abbreviated LTL) formulae on finite execution traces are presented. While the standard models of LTL are infinite traces, finite traces appear naturally when testing and/or monitoring real applications that only run for limi ..."
Abstract

Cited by 29 (1 self)
 Add to MetaCart
Techniques for efficiently evaluating future time Linear Temporal Logic (abbreviated LTL) formulae on finite execution traces are presented. While the standard models of LTL are infinite traces, finite traces appear naturally when testing and/or monitoring real applications that only run for limited time periods. A finite trace variant of LTL is formally defined, together with an immediate executable semantics which turns out to be quite inefficient if used directly, via rewriting, as a monitoring procedure. Then three algorithms are investigated. First, a simple synthesis algorithm for monitors based on dynamic programming is presented; despite the e# ciency of the generated monitors, they unfortunately need to analyze the trace backwards, thus making them unusable in most practical situations. To circumvent this problem, two rewritingbased practical algorithms are further investigated, one using rewriting directly as a means for online monitoring, and the other using rewriting to generate automatalike monitors, called binary transition tree finite state machines (and abbreviated BTTFSMs). Both rewriting algorithms are implemented in Maude, an executable specification language based on a very e#cient implementation of term rewriting. The first rewriting algorithm essentially consists of a set of equations establishing an executable semantics of LTL, using a simple formula transforming approach. This algorithm is further improved to build automata onthefly via caching and reuse of rewrites (called memoization), resulting in a very e#cient and small Maude program that can be used to monitor program executions. The second rewriting algorithm builds on the first one and synthesizes provably minimal BTTFSMs from LTL formulae, which can then be used to a...
K.: Rule systems for runtime monitoring: From Eagle to RuleR
 In: RV’07: 7 th International Workshop on Runtime Verification. Revised Selected Papers
, 2007
"... Abstract. In [5], Eagle was introduced as a general purpose rulebased temporal logic for specifying runtime monitors. A novel and relatively efficient interpretative tracechecking scheme via stepwise transformation of an Eagle monitoring formula was defined and implemented. However, application i ..."
Abstract

Cited by 24 (6 self)
 Add to MetaCart
Abstract. In [5], Eagle was introduced as a general purpose rulebased temporal logic for specifying runtime monitors. A novel and relatively efficient interpretative tracechecking scheme via stepwise transformation of an Eagle monitoring formula was defined and implemented. However, application in realworld examples has shown efficiency weaknesses, especially those associated with largescale symbolic formula manipulation. In this paper, we introduce RuleR, a primitive conditional rulebased system, which we claim can be more efficiently implemented for runtime checking, and into which one can compile various temporal logics used for runtime verification. As a formal demonstration, we provide a translation scheme for LTL with a proof of translation correctness. We then describe a parameterized form of RuleR in which rule names may have data and rule parameters, thus allowing a richer collection of logics to be compiled and more compact translations. Keywords Runtime verification, rule systems, temporal logic, grammars. 1
Partial Order Trace Analyzer (POTA) for Distributed Programs
 In Proceedings of the Third Workshop on Runtime Verification (RV
, 2003
"... Checking the correctness of software is a growing challenge. In this paper, we present a prototype implementation of Partial Order Trace Analyzer (POTA), a tool for checking execution traces of both message passing and shared memory programs using temporal logic. So far runtime verification tools ha ..."
Abstract

Cited by 22 (6 self)
 Add to MetaCart
Checking the correctness of software is a growing challenge. In this paper, we present a prototype implementation of Partial Order Trace Analyzer (POTA), a tool for checking execution traces of both message passing and shared memory programs using temporal logic. So far runtime verification tools have used the total order model of an execution trace, whereas POTA uses a partial order model. The partial order model enables us to capture possibly exponential number of interleavings and, in turn, this allows us to find bugs that are not found using a total order model. However, verification in partial order model suffers from the state explosion problem – the number of possible global states in a program increases exponentially with the number of processes. POTA employs an effective abstraction technique called computation slicing. A slice of a computation (execution trace) with respect to a predicate is the computation with the least number of global states that contains all global states of the original computation for which the predicate evaluates to true. The advantage of this technique is that, it mitigates the state explosion problem by reasoning only on the part of the global state space that is of interest. In POTA, we implement computing slicing algorithms for temporal logic predicates from a subset of CTL. The overall complexity of evaluating a predicate in this logic upon using computation slicing becomes polynomial in the number of processes compared to exponential without slicing. We illustrate the effectiveness of our techniques in POTA on test cases such as the General InterORB Protocol (GIOP) [18]. POTA also contains a module that translates execution traces to Promela [16] (input language SPIN). This module enables us to compare our results on execution traces with SPIN. In some cases, we were able to verify traces with 250 processes compared to only 10 processes using SPIN.
Model Checking a Path (Preliminary Report
 In 14th Int. Conf. Concurrency Theory, Lecture Notes in Computer Science 2761
, 2003
"... Abstract. We consider the problem of checking whether a finite (or ultimately periodic) run satisfies a temporal logic formula. This problem is at the heart of “runtime verification ” but it also appears in many other situations. By considering several extended temporal logics, we show that the prob ..."
Abstract

Cited by 21 (1 self)
 Add to MetaCart
Abstract. We consider the problem of checking whether a finite (or ultimately periodic) run satisfies a temporal logic formula. This problem is at the heart of “runtime verification ” but it also appears in many other situations. By considering several extended temporal logics, we show that the problem of model checking a path can usually be solved efficiently, and profit from specialized algorithms. We further show it is possible to efficiently check paths given in compressed form. 1
A temporal logicbased planning and execution monitoring . . .
 AUTON AGENT MULTIAGENT SYST
, 2009
"... ..."
Collecting Statistics over Runtime Executions
 In Proceedings of Runtime Verification (RV’02) [1
, 2002
"... Abstract. We present an extension to lineartime temporal logic (LTL) that combines the temporal specification with the collection of statistical data. By collecting statistics over runtime executions of a program we can answer complex queries, such as “what is the average number of packet transmiss ..."
Abstract

Cited by 20 (1 self)
 Add to MetaCart
Abstract. We present an extension to lineartime temporal logic (LTL) that combines the temporal specification with the collection of statistical data. By collecting statistics over runtime executions of a program we can answer complex queries, such as “what is the average number of packet transmissions ” in a communication protocol, or “how often does a particular process enter the critical section while another process remains waiting ” in a mutual exclusion algorithm. To decouple the evaluation strategy of the queries from the definition of the temporal operators, we introduce algebraic alternating automata as an automatabased intermediate representation. Algebraic alternating automata are an extension of alternating automata that produce a value instead of acceptance or rejection for each trace. Based on the translation of the formulas from the query language to algebraic alternating automata, we obtain a simple and efficient query evaluation algorithm. The approach is illustrated with examples and experimental results. 1.
A Bayesian Approach to Model Checking Biological Systems ⋆
"... Abstract. Recently, there has been considerable interest in the use of Model Checking for Systems Biology. Unfortunately, the state space of stochastic biological models is often too large for classical Model Checking techniques. For these models, a statistical approach to Model Checking has been sh ..."
Abstract

Cited by 18 (8 self)
 Add to MetaCart
Abstract. Recently, there has been considerable interest in the use of Model Checking for Systems Biology. Unfortunately, the state space of stochastic biological models is often too large for classical Model Checking techniques. For these models, a statistical approach to Model Checking has been shown to be an effective alternative. Extending our earlier work, we present the first algorithm for performing statistical Model Checking using Bayesian Sequential Hypothesis Testing. We show that our Bayesian approach outperforms current statistical Model Checking techniques, which rely on tests from Classical (aka Frequentist) statistics, by requiring fewer system simulations. Another advantage of our approach is the ability to incorporate prior Biological knowledge about the model being verified. We demonstrate our algorithm on a variety of models from the Systems Biology literature and show that it enables faster verification than stateoftheart techniques, even when no prior knowledge is available. 1
Bayesian Statistical Model Checking with Application to Stateflow/Simulink Verification
, 2010
"... We address the problem of model checking stochastic systems, i.e. checking whether a stochastic system satisfies a certain temporal property with a probability greater (or smaller) than a fixed threshold. In particular, we present a novel Statistical Model Checking (SMC) approach based on Bayesian s ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
We address the problem of model checking stochastic systems, i.e. checking whether a stochastic system satisfies a certain temporal property with a probability greater (or smaller) than a fixed threshold. In particular, we present a novel Statistical Model Checking (SMC) approach based on Bayesian statistics. We show that our approach is feasible for hybrid systems with stochastic transitions, a generalization of Simulink/Stateflow models. Standard approaches to stochastic (discrete) systems require numerical solutions for large optimization problems and quickly become infeasible with larger state spaces. Generalizations of these techniques to hybrid systems with stochastic effects are even more challenging. The SMC approach was pioneered by Younes and Simmons in the discrete and nonBayesian case. It solves the verification problem by combining randomized sampling of system traces (which is very efficient for Simulink/Stateflow) with hypothesis testing or estimation. We believe SMC is essential for scaling up to large Stateflow/Simulink models. While the answer to the verification problem is not guaranteed to be correct, we prove that Bayesian SMC can make the probability of giving a wrong answer arbitrarily small. The advantage is that answers can usually be obtained much faster than with standard, exhaustive model checking
Statistical Model Checking in BioLab: Applications to the automated analysis of TCell Receptor Signaling Pathway ⋆
"... Abstract. We present an algorithm, called BioLab, for verifying temporal properties of rulebased models of cellular signalling networks. BioLab models are encoded in the BioNetGen language, and properties are expressed as formulae in probabilistic bounded linear temporal logic. Temporal logic is a ..."
Abstract

Cited by 14 (4 self)
 Add to MetaCart
Abstract. We present an algorithm, called BioLab, for verifying temporal properties of rulebased models of cellular signalling networks. BioLab models are encoded in the BioNetGen language, and properties are expressed as formulae in probabilistic bounded linear temporal logic. Temporal logic is a formalism for representing and reasoning about propositions qualified in terms of time. Properties are then verified using sequential hypothesis testing on executions generated using stochastic simulation. BioLab is optimal, in the sense that it generates the minimum number of executions necessary to verify the given property. BioLab also provides guarantees on the probability of it generating TypeI (i.e., falsepositive) and TypeII (i.e., falsenegative) errors. Moreover, these error bounds are prespecified by the user. We demonstrate BioLab by verifying stochastic effects and bistability in the dynamics of the Tcell receptor signaling network. 1