Skip to main content
Log in

Safer asynchronous runtime monitoring using compensations

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

Asynchronous monitoring relieves the system from additional overheads induced through online runtime monitoring. The price paid with such monitoring approaches is that the system may proceed further despite having reached an anomalous state. Any actions performed by the system after the error occurring are undesirable, since for instance, an unchecked malicious user access may perform unauthorized actions. In this paper we investigate the use of compensations to enable the undoing of such undesired actions, thus enriching asynchronous monitoring with the ability to restore the system to the original state just after the anomaly had occurred. Furthermore, we show how adaptive synchronisation and desynchronisation of the monitor with the system can also be achieved and report on the use of the proposed approach on an industrial case study of a financial transaction handling system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. One may argue that the two could contain common elements—e.g. deposit can either be done during the normal forward execution of a system, or to compensate for a withdraw action. However, one usually would like to distinguish between actions taken during the normal forward behaviour and ones performed to compensate for errors, and we would thus much rather use redeposit as the name of the compensation of withdraw, even if it behaves just like deposit.

  2. http://www.ixaris.com.

  3. User information was obfuscated for the purpose of this study.

  4. Due to privacy considerations the data in certain fields cannot be exposed.

References

  1. Andrews JH, Zhang Y (2003) General test result checking with log file analysis. IEEE Trans Softw Eng 29(7):634–648

    Article  Google Scholar 

  2. Barringer H, Groce A, Havelund K, Smith M (2009) An entry point for formal methods: Specification and analysis of event logs. In: Formal methods in aerospace (FMA). Electronic proceedings in theoretical computer science (EPTCS)

    Google Scholar 

  3. Bruni R, Melgratti H, Montanari U (2005) Theoretical foundations for compensations in flow composition languages. In: Principles of programming languages (POPL). ACM, New York, pp 209–220

    Google Scholar 

  4. Butler MJ, Ferreira C (2004) An operational semantics for StAC, a language for modelling long-running business transactions. In: COORDINATION. Lecture notes in computer science, vol 2949, pp 87–104

    Google Scholar 

  5. Butler MJ, Hoare CAR, Ferreira C (2004) A trace semantics for long-running transactions. In: 25 years communicating sequential processes. Lecture notes in computer science, vol 3525. Springer, Berlin, pp 133–150

    Chapter  Google Scholar 

  6. Caires L, Ferreira C, Vieira HT (2008) A process calculus analysis of compensations. In: Trustworthy global computing (TGC). Lecture notes in computer science, vol 5474. Springer, Berlin

    Google Scholar 

  7. Chang F, Ren J (2007) Validating system properties exhibited in execution traces. In: Automated software engineering (ASE). ACM, New York, pp 517–520

    Google Scholar 

  8. Colombo C, Pace GJ, Schneider G (2008) Dynamic event-based runtime monitoring of real-time and contextual properties. In: Formal methods for industrial critical systems (FMICS). Lecture notes in computer science, vol 5596. Springer, Berlin, pp 135–149

    Chapter  Google Scholar 

  9. Colombo C, Pace GJ, Schneider G (2009) Larva—safer monitoring of real-time Java programs (tool paper). In: Software engineering and formal methods (SEFM). IEEE, New York, pp 33–37

    Google Scholar 

  10. Colombo C, Gauci A, Pace GJ (2010) Larvastat: Monitoring of statistical properties. In: Runtime verification (RV). Lecture notes in computer science, vol 6418. Springer, Berlin, pp 480–484

    Chapter  Google Scholar 

  11. Colombo C, Pace GJ, Abela P (2010) Compensation-aware runtime monitoring. In: Runtime verification (RV). Lecture notes in computer science, vol 6418. Springer, Berlin, pp 214–228

    Chapter  Google Scholar 

  12. Cronin E, Kurc A, Filstrup B, Jamin S (2004) An efficient synchronization mechanism for mirrored game architectures. Multimed Tools Appl 23(1):7–30

    Article  Google Scholar 

  13. D’Angelo B, Sankaranarayanan S, Sánchez C, Robinson W, Finkbeiner B, Sipma HB, Mehrotra S, Manna Z (2005) Lola: Runtime monitoring of synchronous systems. In: Temporal representation and reasoning (TIME). IEEE, New York

    Google Scholar 

  14. Ezust SA, Bochmann GV (1995) An automatic trace analysis tool generator for Estelle specifications. In: Applications, technologies, architectures, and protocols for computer communication (SIGCOMM). ACM, New York, pp 175–184

    Chapter  Google Scholar 

  15. Garcia-Molina H, Salem K (1987) Sagas. In: SIGMOD international conference on management of data. ACM, New York, pp 249–259

    Google Scholar 

  16. Gray J (1981) The transaction concept: Virtues and limitations (invited paper). In: Very large data bases, pp 144–154. VLDB endowment

  17. Guidi C, Lucchi R, Gorrieri R, Busi N, Zavattaro G (2006) SOCK: A calculus for service oriented computing. In: Service-oriented computing (ICSOC). Lecture notes in computer science, vol 4294. Springer, New York, pp 327–338

    Google Scholar 

  18. Havelund K, Roşu G (2002) Synthesizing monitors for safety properties. In: Tools and algorithms for the construction and analysis of systems. Springer, Berlin, pp 342–356

    Chapter  Google Scholar 

  19. Jefferson D (1983) Virtual time. In: International conference on parallel processing (ICPP). IEEE, New York, pp 384–394

    Google Scholar 

  20. Mauve M, Vogel J, Hilt V, Effelsberg W (2004) Local-lag and timewarp: consistency for replicated continuous applications. IEEE Trans Multimed 6(1):47–57

    Article  Google Scholar 

  21. Roşu G, Havelund K (2001) Synthesizing dynamic programming algorithms from linear temporal logic formulae. Technical report, RIACS

  22. Roşu G, Havelund K (2005) Rewriting-based techniques for runtime verification. Autom Softw Eng 12(2):151–197

    Article  Google Scholar 

  23. Vaz C, Ferreira C, Ravara A (2009) Dynamic recovering of long running transactions. Trust Glob Comput 5474:201–215

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Christian Colombo.

Additional information

The research work disclosed in this publication is partially funded by the Malta National Research and Innovation (R&I) Programme 2008 project number 052.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Colombo, C., Pace, G.J. & Abela, P. Safer asynchronous runtime monitoring using compensations. Form Methods Syst Des 41, 269–294 (2012). https://doi.org/10.1007/s10703-012-0142-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10703-012-0142-8

Keywords

Navigation