Skip to main content
SpringerLink
Log in

Combining Symbolic Runtime Enforcers for Cyber-Physical Systems

  • Conference paper
  • First Online:
Runtime Verification (RV 2017)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10548))

Included in the following conference series:

Abstract

The problem of composing multiple, possibly conflicting, runtime enforcers for a cyber-physical system (CPS) is considered. A formal definition of utility-agnostic and utility-maximizing CPS enforcers is presented, followed by an algorithm to combine multiple enforcers, and resolve their conflicts based on a design-time prioritization. To implement this combination in an efficient manner, enforcers are encoded symbolically using SMT formulas, and the combination is reduced to a set of SMT satisfiability and optimization operations. Further performance gains are achieved by using the SMT solvers incrementally. The approach is validated via experiments in an indoor area with Parrot minidrones. The incremental enforcer combination is shown to achieve an order of magnitude speedup, and no deadline misses.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    All Rights Reserved. This material is based upon work funded and supported by the Department of Defense under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution. DM17-0207.

References

  1. NSF Definition of Cyber-Physical Systems. https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503286

  2. Bak, S., Johnson, T., Caccamo, M., Sha, L.: Real-time reachability for verified simplex design. In: Proceedings of the 35th Real-Time Systems Symposium, RTSS 2014 (2014)

    Google Scholar 

  3. Basin, D., Jugé, V., Klaedtke, F., Zălinescu, E.: Enforceable security policies revisited. ACM Trans. Inf. Syst. Secur. (TISSEC) (2013)

    Google Scholar 

  4. Bjørner, N., Phan, A.-D., Fleckenstein, L.: \(vZ\) - An optimizing SMT solver. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 194–199. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46681-0_14

    Google Scholar 

  5. Bloem, R., Könighofer, B., Könighofer, R., Wang, C.: Shield synthesis: runtime enforcement for reactive systems. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 533–548. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46681-0_51

    Google Scholar 

  6. deNiz, D., Lakshmanan, K., Rajkumar, R.: On the scheduling of mixed-criticality real-time task sets. In: Proceedings of the 30th Real-Time Systems Symposium, RTSS 2009 (2009)

    Google Scholar 

  7. Falcone, Y., Mounier, L., Fernandez, J.C., Ricier, J.L.: Runtime enforcement monitors: composition, synthesis, and enforcement abilities. Form. Methods Syst. Des. (FMSD) 38, 223–262 (2011)

    Article  MATH  Google Scholar 

  8. Fong, P.: Access control by tracking shallow execution history. In: IEEE Security and Privacy (2004)

    Google Scholar 

  9. Havelund, K., Goldberg, A.: Verify your runs. In: Meyer, B., Woodcock, J. (eds.) VSTTE 2005. LNCS, vol. 4171, pp. 374–383. Springer, Heidelberg (2008). doi:10.1007/978-3-540-69149-5_40

    Chapter  Google Scholar 

  10. Havelund, K., Rosu, G.: Monitoring programs using rewriting. In: Proceedings of the 16th International Conference on Automated Software Engineering, ASE 2001 (2001)

    Google Scholar 

  11. Kim, M., Viswanathan, M., Ben-Abdallah, H., Kannan, S., Lee, I., Sokolsky, O.: Formally specified monitoring of temporal properties. In: Proceedings of the 11th Euromicro Conference on Real-Time Systems, ECRTS 1999 (1999)

    Google Scholar 

  12. Leucker, M., Schallhart, C.: A brief account of runtime verification. In: JLAP (2008)

    Google Scholar 

  13. Ligatti, J., Bauer, L., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. (IJIS) 4, 2–16 (2005)

    Article  Google Scholar 

  14. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  15. Pike, L., Wegmann, N., Niller, S., Goodloe, A.: Copilot: monitoring embedded systems. Innov. Syst. Softw. Eng. (ISSE) 9, 235–255 (2013)

    Article  Google Scholar 

  16. Pinisetty, S., Falcone, Y., Jéron, T., Marchand, H., Rollet, A., Timo, O.: Runtime enforcement of timed properties. In: Proceedings of the 2nd International Conference on Runtime Verification, RV 2012 (2012)

    Google Scholar 

  17. Pinisetty, S., Roop, P., Smyth, S., Tripakis, S., Hanxleden, R.: Runtime enforcement of reactive systems using synchronous enforcers. coRR abs/1612.05030 (2016)

    Google Scholar 

  18. Pinisetty, S., Tripakis, S.: Compositional runtime enforcement. In: Rayadurgam, S., Tkachuk, O. (eds.) NFM 2016. LNCS, vol. 9690, pp. 82–99. Springer, Cham (2016). doi:10.1007/978-3-319-40648-0_7

    Chapter  Google Scholar 

  19. Schneider, F.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 3, 30–50 (2000)

    Article  Google Scholar 

  20. Seto, D., Krogh, B., Sha, L., Chutinan, A.: The simplex architecture for safe online control system upgrades. In: Proceedings of the American Control Conference (1998)

    Google Scholar 

  21. Viswanatha, M.: Foundations for the run-time analysis of software systems. Ph.D. thesis, University of Pennsylvania (2000)

    Google Scholar 

  22. Wu, M., Zeng, H., Wang, C.: Synthesizing runtime enforcer of safety properties under burst error. In: Rayadurgam, S., Tkachuk, O. (eds.) NFM 2016. LNCS, vol. 9690, pp. 65–81. Springer, Cham (2016). doi:10.1007/978-3-319-40648-0_6

    Chapter  Google Scholar 

Download references

Acknowledgment

Copyright 2017 Carnegie Mellon UniversityFootnote 1.

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, USA

    Björn Andersson, Sagar Chaki & Dionisio de Niz

Authors
  1. Björn Andersson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sagar Chaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dionisio de Niz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Björn Andersson .

Editor information

Editors and Affiliations

  1. Microsoft Research, Redmond, Washington, USA

    Shuvendu Lahiri

  2. The University of Manchester, Manchester, United Kingdom

    Giles Reger

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Andersson, B., Chaki, S., de Niz, D. (2017). Combining Symbolic Runtime Enforcers for Cyber-Physical Systems. In: Lahiri, S., Reger, G. (eds) Runtime Verification. RV 2017. Lecture Notes in Computer Science(), vol 10548. Springer, Cham. https://doi.org/10.1007/978-3-319-67531-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67531-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67530-5

  • Online ISBN: 978-3-319-67531-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation