I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M.Viswanathan. Runtime assurance based on formal speci cations. In Proceedings International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....for data races, but the system is designed in such a way that users can relatively easily attach new such algorithms. The idea of using temporal logic in program testing is not new, and at our knowledge, has already been pursued in the commercial Temporal Rover tool (TR) 4] and in the MaC tool [13]. TR allows the user to specify future time temporal formulae as comments in programs, which are then translated into appropriate Java code before the compilation. The MaC tool is closer in spirit to what we describe in this paper, except that its speci cation language is xed and very limited ....

....speci cation script de nes what (if any) kind of error pattern detection algorithms should be activated, and what (if any) kind of logic based monitoring should be performed, and in that case what the requirements are. For logic based monitoring, we have been inspired by the MaC language framework [13] and have split the speci cation into an instrumentation script and a veri cation script. The veri cation script identi es the high level requirement speci cations that events are to be checked against. The propositions referred to in these speci cations are abstract boolean ags, and do hence not ....

[Article contains additional citation context not shown here]

I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M. Viswanathan. Runtime Assurance Based on Formal Specications. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

....already been pursued in commercial tools such as Temporal Rover (TR) 4] which has motivated us in a major way to start this work. In TR, one states LTL properties as annotations of the program, these being then replaced by appropriate code, that is executed whenever reached 1 . The MaC tool [15] is another example of a runtime monitoring tool that has inspired this work. Here Java bytecode is instrumented to generate events of interest during the execution. Of special interest is the temporal logic used in MaC, which can be classi ed as a kind of interval logic convenient for expressing ....

....any atomic proposition F , but we nd this semantics inconvenient because some atomic propositions may be related, such as, for example, a proposition gate up and a proposition gate down . The non standard operators , #, s , and [ w were inspired by work in runtime veri cation in [15]. We found them often more intuitive and compact than the usual past time operators in specifying runtime requirements. F is true if and only if F starts to be true in the current state, # F is true if and only if F ends to be true in the current state, and [F 1 ; F 2 ) s is true if and only if ....

Insup Lee, Sampath Kannan, Moonjoo Kim, Oleg Sokolsky, and Mahesh Viswanathan. Runtime Assurance Based on Formal Specications. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

....in the case of white box monitoring, or at the byte code level in the case of black box monitoring. The idea of using temporal logic in program testing is not new. We only mention the commercial Temporal Rover tool (TR) 3] which implements temporal logics in a white box fashion, and the MaC tool [13] which implements a special past time temporal logic in a black box style. Error pattern analysis consists of analyzing one execution trace using various error detection algorithms that can identify error prone programming practices, such as unhealthy locking disciplines that may lead to data ....

....speci cation script de nes what (if any) kind of error pattern detection algorithms should be activated, and what (if any) kind of logic based monitoring should be performed, and in that case what the requirements are. For logic based monitoring, we have been inspired by the MaC language framework [13] and have split the speci cation into an instrumentation script and a veri cation script. The veri cation script identi es the high level requirement speci cations that events are to be checked against. The propositions referred to in these speci cations are abstract boolean ags, and do hence not ....

[Article contains additional citation context not shown here]

I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M. Viswanathan. Runtime Assurance Based on Formal Specications. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

....paper. Finally, whereas TR is based on annotating the code with formulae which are then expanded into the code, our approach is event based where a program is seen as emitting events to an observer process, which then examines the events. In this respect our framework is similar to the MaC system [17] which, however, does 1 Personal communication by Jos e Meseguer. not support the standard LTL. Such an event based framework is well suited for program tracing in general, and has for example been used in detection of race conditions and deadlocks in the Visual Threads tool [9, 22] and in the ....

....for small automata, causing this approach to become in exible the moment we want to experiment with the logic, for example by adding past time temporal operators, or real time temporal operators that refer to time units. It should be noted that other similar systems like Temporal Rover [4] and MaC [17] do not use B uchi automata, and in the Temporal Rover case exactly for the reason stated above 6 . Second, at a semantic level, B uchi automata are 6 According to personal communication with Doron Drusinsky. interpreted over in nite traces, and the question would be how to interpret them on ....

Insup Lee, Sampath Kannan, Moonjoo Kim, Oleg Sokolsky, and Mahesh Viswanathan. Runtime Assurance Based on Formal Specications. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

....way to start this work. In TR, one states LTL properties as annotations of the program, these being then replaced by appropriate code, that is executed whenever reached 1 . Thus, TR can be seen as an extension of a conventional programming language with LTL instructions. Inspired by the MaC [15] 1 The implementation details of TR are not public. tool, we decided to rather automatically instrument the bytecode or the object code of a program to generate events of interest during the execution. Such an event based framework is well suited for program tracing in general, and has also been ....

....acceptance states. We have decided not to use B uchi automata for a number of reasons. First, the translation of LTL formulae to B uchi automata is not trivial, especially if one strives for small automata. It is worth mentioning that other similar systems like Temporal Rover [5] and MaC [15] do not use B uchi automata either. Second, at a semantic level, B uchi automata are interpreted over in nite traces and it is not clear how to interpret them on nite traces. Consider for example a property such as 2(p 3q) the automaton A generated from the formula, and a nite trace t ....

Insup Lee, Sampath Kannan, Moonjoo Kim, Oleg Sokolsky, and Mahesh Viswanathan. Runtime Assurance Based on Formal Specications. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

....[6, 4] Our work di ers from these in that we are not attempting to generate test cases but rather to monitor the correctness of an implementation during deployment. O Malley et al. 10] discuss the creation of property checking automata from a graphical speci cation notation. Event speci cations [8] have been used for run time property veri cation, and the Verisim tool [2] applies this work to properties of network protocols. However, all of these systems assume a co located style of speci cation that is, they assume that the device under test can be directly instrumented and properties can ....

I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M.Viswanathan. Runtime assurance based on formal 13 specications. In Proceedings International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

No context found.

I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M.Viswanathan. Runtime assurance based on formal speci cations. In Proceedings International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

No context found.

I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M. Viswanathan. Runtime assurance based on formal speci cations. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

No context found.

I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M.Viswanathan. Runtime assurance based on formal speci cations. In Proceedings International Conference on Parallel and Distributed Processing Techniques and Applications, 1999.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC