Abstract
The goal of runtime verification is to monitor the behavior of a system to check its conformance to a set of desirable logical properties. The literature of runtime verification mostly focuses on event-triggered solutions, where a monitor is invoked when an event of interest occurs (e.g., change in the value of some variable). At invocation, the monitor evaluates the set of properties of the system that are affected by the occurrence of the event. This constant invocation introduces two major defects to the system under scrutiny at run time: (1) significant overhead, and (2) unpredictability of behavior. These defects are serious obstacles when applying runtime verification on safety-critical systems that are time-sensitive by nature.
To circumvent the aforementioned defects in runtime verification, in this article, we introduce a novel time-triggered approach, where the monitor takes samples from the system with a constant frequency, in order to analyze the system’s health. We describe the formal semantics of time-triggered monitoring and discuss how to optimize the sampling period using minimum auxiliary memory. We show that such optimization is NP-complete and consequently introduce a mapping to Integer Linear Programming. Experiments on a real-time benchmark suite show that our approach introduces bounded overhead and effectively reduces the involvement of the monitor at run time by using negligible auxiliary memory. We also show that in some cases it is even possible to reduce the overall overhead of runtime verification by using our time-triggered approach when the structure of the system allows choosing a long enough sampling period.
Similar content being viewed by others
Notes
To access the tool, please visit http://uwaterloo.ca/embedded-software-group/projects/rithm.
In Sect. 3, we will compute the longest sampling period of a CFG based on BCET of basic blocks. This computation is quite realistic, as (1) all hardware vendors publish the BCET of their instruction set in terms of clock cycles, and (2) BCET is a conservative approximation and no execution occurs faster than that.
To access the tool, please visit http://uwaterloo.ca/embedded-software-group/projects/rithm.
References
SNU real-time benchmarks. http://www.cprover.org/goto-cc/examples/snu.html
Alur R, Dill D (1994) A theory of timed automata. Theor Comput Sci 126(2):183–235
Artho C, Drusinksy D, Goldberg A, Havelund K, Lowry M, Pasareanu C, Roşu G, Visser W (2003) Experiments with test case generation and runtime analysis. In: Proceedings of the 10th international conference on advances in theory and practice of abstract state machines, ASM’03, pp 87–108
Barringer H, Goldberg A, Havelund K, Sen K (2004) Rule-based runtime verification. In: Proceedings of the 5th international conference on verification, model checking, and abstract interpretation, VMCAI’04, pp 44–57
Bauer A, Leucker M, Schallhart C Runtime verification for LTL and TLTL. ACM transactions on software Engineering and Methodology (TOSEM) (2009, in press)
Bauer A, Leucker M, Schallhart C (2010) Comparing LTL semantics for runtime verification. J Log Comput 20(3):651–674
Bauer A, Leucker M, Schallhart C (2011) Runtime verification for LTL and TLTL. ACM Trans Softw Eng Methodol 20(4):14
Bodden E (2010) Efficient hybrid typestate analysis by determining continuation-equivalent states. In: International conference on software engineering (ICSE), pp 5–14
Bodden E, Hendren L, Lam P, Lhoták O, Naeem N (2007) Collaborative runtime verification with tracematches. In: Proceedings of the 7th international conference on runtime verification, RV’07, pp 22–37
Bodden E, Hendren L, Lhoták O (2007) A staged static program analysis to improve the performance of runtime monitoring. In: Proceedings of the 21st European conference on object-oriented programming, ECOOP’07, pp 525–549
Bodden E, Lam P, Hendren L (2008) Finding programming errors earlier by evaluating runtime monitors ahead-of-time. In: Proceedings of the 16th ACM SIGSOFT international symposium on foundations of software engineering, FSE’08, pp 36–47
Bonakdarpour B, Navabpour S, Fischmeister S (2011) Sampling-based runtime verification. In: Formal methods (FM), pp 88–102
Chang EY, Manna Z, Pnueli A (1992) Characterization of temporal property classes. In: Automata, languages and programming (ICALP), pp 474–486
Chen F, Roşu G (2005) Java-MOP: a monitoring oriented programming environment for Java. In: Tools and algorithms for the construction and analysis of systems (TACAS), pp 546–550
Chen F, Roşu G (2005) Java-mop: a monitoring oriented programming environment for Java. In: Proceedings of the 11th international conference on tools and algorithms for the construction and analysis of systems, TACAS’05, pp 546–550
Colin S, Mariani L (2005) Run-time verification. LNCS, vol 3472. Springer, Berlin. Chapter 18
d’Amorim M, Rosu G (2005) Efficient monitoring of omega-languages. In: Computer aided verification (CAV), pp 364–378
Dwyer MB, Kinneer A, Elbaum S (2007) Adaptive online program analysis. In: Proceedings of the 29th international conference on software engineering, ICSE ’07, pp 220–229
Falcone Y, Fernandez J-C, Mounier L (2009) Runtime verification of safety-progress properties. In: Runtime verification (RV), pp 40–59
Fischmeister S, Ba Y (2010) Sampling-based program execution monitoring. In: ACM international conference on languages, compilers, and tools for embedded systems (LCTES), pp 133–142
Giannakopoulou D, Havelund K (2001) Automata-based verification of temporal properties on running programs. In: Automated software engineering (ASE), pp 412–416
Havelund K (2008) Runtime verification of C programs. In: Proceedings of the 20th IFIP TC 6/WG 6.1 international conference on testing of software and communicating systems: 8th international workshop, TestCom ’08/FATES ’08
Havelund K, Goldberg A (2008) Verify your runs, pp 374–383
Havelund K, Rosu G (2001) Monitoring Java programs with Java PathExplorer. Electron Notes Theor Comput Sci 55(2):200–217
Havelund K, Rosu G (2001) Monitoring programs using rewriting. In: Automated software engineering (ASE), pp 135–143
Havelund K, Rosu G (2002) Synthesizing monitors for safety properties. In: Tools and algorithms for the construction and analysis of systems (TACAS), pp 342–356
Havelund K, Rosu G (2004) Efficient monitoring of safety properties. Softw Tools Technol Transf 6(2):158–173
Huang X, Seyster J, Callanan S, Dixit K, Grosu R, Smolka SA, Stoller SD, Zadok E (2012) Software monitoring with controllable overhead. Softw Tools Technol Transf 14(3):327–347
Karp RM (1972) Reducibility among combinatorial problems. In: Symposium on complexity of computer computations, pp 85–103
Kim M, Lee I, Sammapun U, Shin J, Sokolsky O (2002) Monitoring, checking, and steering of real-time systems. Electron Notes Theor Comput Sci 70(4):95–111
Kim M, Viswanathan M, Ben-Abdallah H, Kannan S, Lee I, Sokolsky O (1999) Formally specified monitoring of temporal properties. In: Euromicro conference on real-time systems (ECRTS), pp 114–122
Kim M, Viswanathan M, Kannan S, Lee I, Sokolsky O (2004) Java-mac: a run-time assurance approach for Java programs. Form Methods Syst Des 24(2):129–155
Kim M, Viswanathan M, Kannan S, Lee I, Sokolsky O (2004) Java-MaC: a run-time assurance approach for Java programs. Form Methods Syst Des 24(2):129–155
Kupferman O, Vardi MY (1999) Model checking of safety properties. In: Computer aided verification (CAV), pp 172–183
Lattner C, Adve V (2004) LLVM: a compilation framework for lifelong program analysis and transformation. In: International symposium on code generation and optimization: feedback directed and runtime optimization, p 75
Lee I, Kannan S, Kim M, Sokolsky O, Viswanathan M (1999) Runtime assurance based on formal specifications. In: Parallel and distributed processing techniques and applications (PDPTA), pp 279–287
ILP solver lp_solve. http://lpsolve.sourceforge.net/5.5/
Manna Z, Pnueli A (1990) A hierarchy of temporal properties. In: Principles of distributed computing (PODC), pp 377–410
Meredith P, Jin D, Chen F, Roşu G (2010) Efficient monitoring of parametric context-free patterns. Autom Softw Eng 17(2):149–180
Navabpour S, Wu CW, Bonakdarpour B, Fischmeister S (2011) Efficient techniques for near-optimal instrumentation in time-triggered runtime verification. In: International conference on runtime verification (RV), pp 208–222
Pike L, Goodloe A, Morisset R, Niller S (2010) Copilot: a hard real-time runtime monitor. In: Runtime verification (RV), pp 345–359
Pnueli A (1977) The temporal logic of programs. In: Symposium on foundations of computer science (FOCS), pp 46–57
Pnueli A, Zaks A (2006) PSL model checking and run-time verification via testers. In: Symposium on formal methods (FM), pp 573–586
Raskin J-F, Schobbens P-Y (1999) The logic of event clocks—decidability, complexity and expressiveness. J Autom Lang Comb 4(3):247–286
Rosu G, Chen F, Ball T (2008) Synthesizing monitors for safety properties: this time with calls and returns. In: Runtime verification (RV), pp 51–68
Seyster J, Dixit K, Huang X, Grosu R, Havelund K, Smolka SA, Stoller SD, Zadok E (2010) Aspect-oriented instrumentation with GCC. In: Runtime verification (RV), pp 405–420
Stoller SD, Bartocci E, Seyster J, Grosu R, Havelund K, Smolka SA, Zadok E (2011) Runtime verification with state estimation. In: Runtime verification (RV), pp 193–207
Stolz V, Bodden E (2006) Temporal assertions using AspectJ. Electron Notes Theor Comput Sci 144(4):109–124
Zhou W, Sokolsky O, Loo BT, Lee I (2009) MaC: distributed monitoring and checking. In: Runtime verification (RV), pp 184–201
Acknowledgements
This research was supported in part by NSERC Discovery Grant 418396-2012, NSERC DG 357121-2008, ORF-RE03-045, ORF-RE04-036, ORF-RE04-039, APCPJ 386797-09, CFI 20314 and CMC, STPGP-430575, and the industrial partners associated with these projects.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bonakdarpour, B., Navabpour, S. & Fischmeister, S. Time-triggered runtime verification. Form Methods Syst Des 43, 29–60 (2013). https://doi.org/10.1007/s10703-012-0182-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10703-012-0182-0