Skip to main content
SpringerLink
Log in

Efficient monitoring of safety properties

  • Special section on tools and algorithms for the construction and analysis of systems
  • Published:
International Journal on Software Tools for Technology Transfer Aims and scope Submit manuscript

Abstract

The problem of testing whether a finite execution trace of events generated by an executing program violates a linear temporal logic (LTL) formula occurs naturally in runtime analysis of software. Two efficient algorithms for this problem are presented in this paper, both for checking safety formulae of the form “always P”, where P is a past-time LTL formula. The first algorithm is implemented by rewriting, and the second synthesizes efficient code from formulae. Further optimizations of the second algorithm are suggested, reducing space and time consumption. Special operators suitable for writing succinct specifications are discussed and shown to be equivalent to the standard past-time operators. This work is part of NASA’s PathExplorer project, the objective of which is to construct a flexible framework for efficient monitoring and analysis of program executions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Artho C, Drusinsky D, Goldberg A, Havelund K, Lowry M, Pasareanu C, Roşu G, Visser W (2003) Experiments with test case generation and runtime analysis. In: Börger E, Gargantini A, Riccobene E (eds) Proceedings of Abstract State Machines 2003, Taormina, Italy, March 2003. Lecture notes in computer science, vol 2589. Springer, Berlin Heidelberg New York, pp 87–107

  2. Artho C, Havelund K, Biere A (2003) High-level data races. In: Proceedings of the 1st international workshop on verification and validation of enterprise information systems (VVEIS’03), Angers, France, April 2003

  3. Ball T, Podelski A, Rajamani S (2001) Boolean and Cartesian abstractions for model checking C programs. In: Proceedings of tools and algorithms for the construction and analysis of systems (TACAS’01), Genoa, Italy, April 2001. Lecture notes in computer science, vol 2031. Springer, Berlin Heidelberg New York, pp 268–283

  4. Chen F, Roşu G (2003) Towards monitoring-oriented programming: a paradigm combining specification and implementation. In: Proceedings of the 3rd workshop on runtime verification (RV’03), Boulder, CO, July 2003. Electronic notes in theoretical computer science, vol 89. Elsevier, Amsterdam, pp 106–125

  5. Clavel M, Durán FJ, Eker S, Lincoln P, Martí-Oliet N, Meseguer J, Quesada JF (1999) Maude: specification and programming in rewriting logic. Maude System documentation at http://maude.csl.sri.com/papers

  6. Clavel M, Durán FJ, Eker S, Lincoln P, Martí-Oliet N, Meseguer J, Quesada JF (1999) The Maude system. In: Narendran P, Rusinowitch M (eds) Proceedings of the 10th international conference on rewriting techniques and applications (RTA-99), Trento, Italy, July 1999. Lecture notes in computer science, vol 1631. Springer, Berlin Heidelberg New York, pp 240–243

  7. Clavel M, Durán FJ, Eker S, Lincoln P, Martí-Oliet N, Meseguer J, Quesada JF (2000) A Maude tutorial. Manuscript at: http://maude.csl.sri.com/papers

  8. Corbett J, Dwyer MB, Hatcliff J, Pasareanu CS, Robby Laubach S, Zheng H (2000) Bandera: extracting finite-state models from Java source code. In: Proceedings of the 22nd international conference on software engineering, Limerick, Ireland, June 2000. ACM Press, New York, pp 439–448

  9. Demartini C, Iosif R, Sisto R (1999) A deadlock detection tool for concurrent Java programs. Software Pract Exper 29(7):577–603

    Article  Google Scholar 

  10. Drusinsky D (2000) The Temporal Rover and the ATG Rover. In: Havelund K, Penix J, Visser W (eds) SPIN model checking and software verification. Lecture notes in computer science, vol 1885. Springer, Berlin Heidelberg New York, pp 323–330

  11. Gabbay DM (1989) The declarative past and imperative future: executable temporal logic for interactive systems. In: Banieqbal B, Barringer H, Pnueli A (eds) Proceedings of the 1st conference on temporal logic in specification, Altrincham, UK, April 1989. Lecture notes in computer science, vol 398. Springer, Berlin Heidelberg New York, pp 409–448

  12. Godefroid P (1997) Model checking for programming languages using VeriSoft. In: Proceedings of the 24th ACM symposium on principles of programming languages, Paris, France, January 1997. ACM Press, New York, pp 174–186

  13. Gunter E, Peled D (2002) Tracing the executions of concurrent programs. In: Havelund K, Roşu G (eds) Proceedings of runtime verification (RV’02), Copenhagen, July 2002. Electronic notes in theoretical computer science, vol 70. Elsevier, Amsterdam

  14. Havelund K, Johnson S, Roşu G (2001) Specification and error pattern based program monitoring. In: Proceedings of the European Space Agency workshop on on-board autonomy, Noordwijk, The Netherlands, October 2001, pp 323–330

  15. Havelund K, Lowry M, Penix J (2001) Formal analysis of a space craft controller using SPIN. IEEE Trans Software Eng 27(8):749–765

    Article  Google Scholar 

  16. Havelund K, Pressburger T (1998) Model checking Java programs using Java PathFinder. Int J Software Tools Technol Trans 2(4):366–381. Special issue of STTT containing selected submissions to the 4th SPIN workshop, Paris, France, November 1998

    Article  Google Scholar 

  17. Havelund K, Roşu G (2001a) Java PathExplorer – a runtime verification tool. In: Proceedings of the 6th international symposium on artificial intelligence, robotics and automation in space: a new space odyssey, Montreal, 18–21 June 2001. Canadian Space Agency. Paper AM126 on CD-ROM

  18. Havelund K, Roşu G (2001b) Monitoring Java programs with Java PathExplorer. In: Havelund K, Roşu G (eds) Proceedings of Runtime Verification (RV’01), Paris, July 2001. Electronic notes in theoretical computer science, vol 55. Elsevier, Amsterdam

  19. Havelund K, Roşu G (2001c) Monitoring programs using rewriting. In: Proceedings of the international conference on automated software engineering (ASE’01). Institute of Electrical and Electronics Engineers. Coronado Island, CA, November 2001, pp 135–143

  20. Havelund K, Shankar N (1996) Experiments in theorem proving and model checking for protocol verification. In: Gaudel MC, Woodcock J (eds) Proceedings of FME’96: Industrial Benefit and Advances in Formal Methods, Oxford, UK, March 1996. Lecture notes in computer science, vol 1051. Springer, Berlin Heidelberg New York, pp 662–681

  21. Holzmann GJ (1997) The model checker SPIN. IEEE Trans Software Eng 23(5):279–295 1997. Special issue on formal methods in software practice

    Article  Google Scholar 

  22. Holzmann GJ, Smith MH (1999) A practical method for verifying event-driven software. In: Proceedings of the international conference on software engineering (ICSE’99), Los Angeles, May 1999. IEEE/ACM Press, New York, pp 597–607

  23. Hsiang J (1981) Refutational theorem proving using term rewriting systems. PhD thesis, University of Illinois at Champaign-Urbana

  24. JavaCC. Available at: http://www.webgain.com/products/java_cc

  25. JTrek. Available at: http://www.compaq.com/java/download

  26. Lee I, Kannan S, Kim M, Sokolsky O, Viswanathan M (1999) Runtime assurance based on formal specifications. In: Proceedings of the international conference on parallel and distributed processing techniques and applications, Las Vegas, USA, June 1999. CSREA Press

  27. Manna Z, Pnueli A (1992) The temporal logic of reactive and concurrent systems. Springer, Berlin Heidelberg New York

  28. Manna Z, Pnueli A (1995) Temporal verification of reactive systems: safety. Springer, Berlin Heidelberg New York

    Google Scholar 

  29. Markey N (2003) Temporal logic with past is exponentially more succinct. EATCS Bull 79:122–128

    MathSciNet  Google Scholar 

  30. Meseguer J (1992) Conditional rewriting logic as a unified model of concurrency. Theor Comput Sci 1:73–155

    Article  MathSciNet  Google Scholar 

  31. Meseguer J (1997) Membership algebra as a logical framework for equational specification. In: Proceedings of the workshop on algebraic development techniques (WADT’97), Tarquinia, Italy, June 1998. Lecture notes in computer science, vol 1376. Springer, Berlin Heidelberg New York, pp 18–61

  32. Park DY, Stern U, Skakkebaek JU, Dill DL (2000) Java model checking. In: Proceedings of the automated software engineering conference, Grenoble, France, September 2000. IEEE Computer Society, New York, pp 253–256

  33. Pnueli A (1977) The temporal logic of programs. In: Proceedings of the 18th IEEE symposium on foundations of computer science, Providence, RI, October 1977, pp 46–77

  34. Roşu G, Havelund K (2001) Synthesizing dynamic programming algorithms from linear temporal logic formulae. Technical Report TR 01-08, NASA – RIACS, Moffett Field, CA

  35. Sen K, Roşu G, Agha G (2003) Runtime safety analysis of multithreaded programs. In: Proceedings of the 4th joint European software engineering conference and ACM SIGSOFT symposium on the foundations of software engineering (ESEC/FSE’03), Helsinki, September 2003. ACM Press, New York

  36. Stoller SD (2000) Model-checking multi-threaded distributed Java programs. In: Havelund K, Penix J, Visser W (eds) SPIN model checking and software verification. Lecture notes in computer science, vol 1885. Springer, Berlin Heidelberg New York, pp 224–244

  37. Visser W, Havelund K, Brat G, Park S (2000) Model checking programs. In: Proceedings of the 15th IEEE international conference on automated software engineering (ASE’2000), Grenoble, France, September 2000. IEEE Press, New York, pp 3–12

Download references

Author information

Authors and Affiliations

  1. Kestrel Technology, NASA Ames Research Center, Moffett Field, CA, USA

    Klaus Havelund

  2. Department of Computer Science, University of Illinois at Urbana-Champaign, USA

    Grigore Roşu

Authors
  1. Klaus Havelund
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Grigore Roşu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Klaus Havelund or Grigore Roşu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Havelund, K., Roşu, G. Efficient monitoring of safety properties. Int J Softw Tools Technol Transfer 6, 158–173 (2004). https://doi.org/10.1007/s10009-003-0117-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10009-003-0117-6

Keywords

Search

Navigation