Skip to main content
SpringerLink
Log in

Analyzing Self-Adaptation Via Model Checking of Stochastic Games

  • Conference paper
  • First Online:
Software Engineering for Self-Adaptive Systems III. Assurances

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9640))

Abstract

Design decisions made during early development stages of self-adaptive systems tend to have a significant impact upon system properties at run time (e.g., safety, QoS). However, understanding the implications of these decisions a priori is difficult due to the different types and degrees of uncertainty that affect such systems (e.g., simplifying assumptions, human-in-the-loop). To provide some assurances about self-adaptive system designs, evidence can be gathered from activities such as simulations and prototyping, but these demand a significant effort and do not provide a systematic way of dealing with uncertainty. In this chapter, we describe an approach based on model checking of stochastic multiplayer games (SMGs) that enables developers to approximate the behavioral envelope of a self-adaptive system by analyzing best- and worst-case scenarios of alternative designs for self-adaptation mechanisms. Compared to other sources of evidence, such as simulations or prototypes, our approach is purely declarative and hence has the potential of providing developers with a preliminary understanding of adaptation behavior with less effort, and without the need to have any specific adaptation algorithms or infrastructure in place. We illustrate our approach by showing how it can be used to mitigate different types of uncertainty in contexts such as self-protecting systems, proactive latency-aware adaptation, and human-in-the-loop adaptation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See Appendix A.2 in [11] for details.

  2. 2.

    The variants of \(\mathsf {F}^{\star }\phi \) used for reward measurement in which the parameter \(\star \in \{ 0, \infty , c\}\) indicate that, when \(\phi \) is not reached, the reward is zero, infinite or equal to the cumulated reward along the whole path, respectively.

  3. 3.

    Please refer to http://www.prismmodelchecker.org/doc/semantics.pdf for further details.

  4. 4.

    We illustrate our approach to modeling the SMG using the syntax of the PRISM language [32], in which a process is encoded as a set of commands of the form:

    $${[action]\,guard \rightarrow p_1:u_1 + \dots + p_n:u_n}$$

    Where guard is a predicate over variables in the model. Each update \(u_i\) describes a transition that the process can make (by executing action) if the guard is true. An update is specified by giving the new values of the variables, and has an assigned probability \(p_i \in [0,1]\). Multiple commands with overlapping guards (and commonly, including a single update of unspecified probability) introduce local nondeterminism.

  5. 5.

    Our experiments assume that the predictive variant has access to a perfect prediction of the future evolution of the environment.

  6. 6.

    We consider a simple version of Znn.com that adapts only by adjusting server pool size.

  7. 7.

    TAU is the period of the self-adaptation control loop that includes the monitoring of the environment, and the adaptation decision.

  8. 8.

    Note that for latency-aware adaptation \(U_{ega}=U_{rga}\).

  9. 9.

    We herein consider a simplified version of the DCAS architecture. Further details about DCAS can be found in [7].

  10. 10.

    In this context we refer to adaptation strategies as described in Stitch [15]. These correspond to decision trees in which branches are defined by means of condition-action-delay rules.

References

  1. Alur, R., et al.: Alternating-time temporal logic. J. ACM 49(5), 672–713 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  2. Baresi, L., Pasquale, L., Spoletini, P.: Fuzzy goals for requirements-driven adaptation. In: 2010 18th IEEE International Requirements Engineering Conference (RE), pp. 125–134, September 2010

    Google Scholar 

  3. Bianco, A., de Alfaro, L.: Model checking of probabilistic and nondeterministic systems. In: Thiagarajan, P.S. (ed.) FSTTCS 1995. LNCS, vol. 1026, pp. 499–513. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60692-0_70

    Chapter  Google Scholar 

  4. Braberman, V.A., D’Ippolito, N., Piterman, N., Sykes, D., Uchitel, S.: Controller synthesis: from modelling to enactment. In: Notkin, D., Cheng, B.H.C., Pohl, K. (eds.) 35th International Conference on Software Engineering, ICSE 2013, San Francisco, CA, USA, 18–26 May 2013, pp. 1347–1350. IEEE/ACM (2013)

    Google Scholar 

  5. Calinescu, R., et al.: Dynamic QoS management and optimization in service-based systems. IEEE Trans. Software Eng. 37(3), 387–409 (2011)

    Article  Google Scholar 

  6. Calinescu, R., Kwiatkowska, M.Z.: Using quantitative analysis to implement autonomic IT systems. In: ICSE (2009)

    Google Scholar 

  7. Cámara, J., Correia, P., de Lemos, R., Garlan, D., Gomes, P., Schmerl, B.R., Ventura, R.: Evolving an adaptive industrial software system to use architecture-based self-adaptation. In: Litoiu, M., Mylopoulos, J. (eds.) Proceedings of the 8th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2013, San Francisco, CA, USA, 20–21 May 2013, pp. 13–22. IEEE/ACM (2013)

    Google Scholar 

  8. Cámara, J., Moreno, G.A., Garlan, D.: Stochastic game analysis and latency awareness for proactive self-adaptation. In: Engels, G., Bencomo, N. (eds.) Proceedings of 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2014, Hyderabad, India, 2–3 June 2014, pp. 155–164. ACM (2014)

    Google Scholar 

  9. Cámara, J., Moreno, G.A., Garlan, D.: Reasoning about human participation in self-adaptive systems. In: Schmerl, B., Inverardi, P. (eds.) Proceedings of 10th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2015, Florence, Italy, 18–19 May 2015. ACM (2015)

    Google Scholar 

  10. Chen, T., Forejt, V., Kwiatkowska, M., Parker, D., Simaitis, A.: PRISM-games: a model checker for stochastic multi-player games. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 185–191. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36742-7_13

    Chapter  Google Scholar 

  11. Chen, T., Forejt, V., Kwiatkowska, M.Z., Parker, D., Simaitis, A.: Automatic verification of competitive stochastic systems. Formal Methods Syst. Des. 43(1), 61–92 (2013)

    Article  MATH  Google Scholar 

  12. Chen, T., Lu, J.: Probabilistic alternating-time temporal logic and model checking algorithm. In: FSKD, vol. 2 (2007)

    Google Scholar 

  13. Cheng, B.H.C., et al.: Software engineering for self-adaptive systems: a research roadmap. In: Cheng, B.H.C., de Lemos, R., Giese, H., Inverardi, P., Magee, J. (eds.) Software Engineering for Self-Adaptive Systems. LNCS, vol. 5525, pp. 1–26. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02161-9_1

    Chapter  Google Scholar 

  14. Cheng, S., Garlan, D., Schmerl, B.R.: Evaluating the effectiveness of the rainbow self-adaptive system. In: 2009 ICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2009, Vancouver, BC, Canada, 18–19 May 2009, pp. 132–141. IEEE (2009)

    Google Scholar 

  15. Cheng, S.-W., Garlan, D.: Stitch: a language for architecture-based self-adaptation. J. Syst. Softw. 85(12), 2860–2875 (2012)

    Article  Google Scholar 

  16. Chiulli, R.: Quantitative analysis: an introduction. In: Automation and Production Systems. Taylor & Francis (1999)

    Google Scholar 

  17. Deshpande, T., Katsaros, P., Smolka, S., Stoller, S.: Stochastic game-based analysis of the DNS bandwidth amplification attack using probabilistic model checking. In: 2014 Tenth European Dependable Computing Conference (EDCC), pp. 226–237, May 2014

    Google Scholar 

  18. Elkhodary, A., Esfahani, N., Malek, S.: FUSION: a framework for engineering self-tuning self-adaptive software systems. In: Proceedings of the Eighteenth ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2010, pp. 7–16, New York, NY, USA. ACM (2010)

    Google Scholar 

  19. Emami-Taba, M., Amoui, M., Tahvildari, L.: Strategy-aware mitigation using Markov games for dynamic application-layer attacks. In: 2015 IEEE 16th International Symposium on High Assurance Systems Engineering (HASE), pp. 134–141, January 2015

    Google Scholar 

  20. Epifani, I., et al.: Model evolution by run-time parameter adaptation. In: ICSE. IEEE CS (2009)

    Google Scholar 

  21. Epifani, I., Ghezzi, C., Mirandola, R., Tamburrelli, G.: Model evolution by run-time parameter adaptation. In: Atlee, J.M., Inverardi, P. (eds.) Proceedings of 31st International Conference on Software Engineering, ICSE 2009, 16–24 May 2009, Vancouver, Canada, pp. 111–121. IEEE (2009)

    Google Scholar 

  22. Esfahani, N., Kouroshfar, E., Malek, S.: Taming uncertainty in self-adaptive software. In: Proceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, ESEC/FSE 2011, pp. 234–244. ACM (2011)

    Google Scholar 

  23. Esfahani, N., Malek, S.: Uncertainty in self-adaptive software systems. In: de Lemos, R., Giese, H., Müller, H.A., Shaw, M. (eds.) Software Engineering for Self-Adaptive Systems II. LNCS, vol. 7475, pp. 214–238. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35813-5_9

    Chapter  Google Scholar 

  24. Eskins, D., Sanders, W.H.: The multiple-asymmetric-utility system model: a framework for modeling cyber-human systems. In: Eighth International Conference on Quantitative Evaluation of Systems, QEST 2011, Aachen, Germany, 5–8 September 2011, pp. 233–242. IEEE Computer Society (2011)

    Google Scholar 

  25. Forejt, V., Kwiatkowska, M., Norman, G., Parker, D.: Automated verification techniques for probabilistic systems. In: Bernardo, M., Issarny, V. (eds.) SFM 2011. LNCS, vol. 6659, pp. 53–113. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21455-4_3

    Chapter  Google Scholar 

  26. Garlan, D., Cheng, S., Huang, A., Schmerl, B.R., Steenkiste, P.: Rainbow: architecture-based self-adaptation with reusable infrastructure. IEEE Comput. 37(10), 46–54 (2004)

    Article  Google Scholar 

  27. Goldman, R.P., Musliner, D.J., Krebsbach, K.D.: Managing online self-adaptation in real-time environments. In: Laddaga, R., Shrobe, H., Robertson, P. (eds.) IWSAS 2001. LNCS, vol. 2614, pp. 6–23. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36554-0_2

    Chapter  Google Scholar 

  28. He, K., Zhang, M., He, J., Chen, Y.: Probabilistic model checking of pipe protocol. In: 2015 International Symposium on Theoretical Aspects of Software Engineering (TASE), pp. 135–138, September 2015

    Google Scholar 

  29. Huebscher, M.C., McCann, J.A.: A survey of autonomic computing - degrees, models, and applications. ACM Comput. Surv. 40(3) (2008)

    Google Scholar 

  30. Kephart, J.O., Chess, D.M.: The vision of autonomic computing. Computer 36, 41–50 (2003)

    Article  Google Scholar 

  31. Kolmogorov, A.N.: Foundations of the Theory of Probability. Chelsea, New York (1956)

    MATH  Google Scholar 

  32. Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 585–591. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_47

    Chapter  Google Scholar 

  33. Kwiatkowska, M., Norman, G., Parker, D.: Stochastic games for verification of probabilistic timed automata. In: Ouaknine, J., Vaandrager, F.W. (eds.) FORMATS 2009. LNCS, vol. 5813, pp. 212–227. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04368-0_17

    Chapter  Google Scholar 

  34. Li, W., Sadigh, D., Sastry, S.S., Seshia, S.A.: Synthesis for human-in-the-loop control systems. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014. LNCS, vol. 8413, pp. 470–484. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54862-8_40

    Chapter  Google Scholar 

  35. Myerson, R.B.: Game Theory: Analysis of Conflict. Harvard University Press, Cambridge (1991)

    MATH  Google Scholar 

  36. Okhravi, H., Rabe, M., Mayberry, T., Leonard, W., Hobson, T., Bigelow, D., Streilein, W.: Survey of cyber moving target techniques. Technical report 1166, Lincoln Laboratory, Massachusetts Institute of Technology (2013)

    Google Scholar 

  37. Schmerl, B., Cámara, J., Gennari, J., Garlan, D., Casanova, P., Moreno, G.A., Glazier, T.J., Barnes, J.M.: Architecture-based self-protection: composing and reasoning about denial-of-service mitigations. In: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, HotSoS 2014, New York, NY, USA, pp. 2:1–2:12. ACM (2014)

    Google Scholar 

  38. Schmerl, B., Camara, J., Gennari, J., Garlan, D., Casanova, P., Moreno, G.A., Glazier, T.J., Barnes, J.M.: Architecture-based self-protection: composing and reasoning about denial-of-service mitigations. In: Symposium and Bootcamp on the Science of Security (HotSoS), Raleigh, USA, 8–9 April 2014

    Google Scholar 

  39. Whittle, J., Sawyer, P., Bencomo, N., Cheng, B., Bruel, J.: Relax: incorporating uncertainty into the specification of self-adaptive systems. In: 17th IEEE International Requirements Engineering Conference, RE 2009, pp. 79–88, August 2009

    Google Scholar 

  40. Yuan, E., Esfahani, N., Malek, S.: A systematic survey of self-protecting software systems. ACM Trans. Auton. Adapt. Syst. (TAAS) 8(4), 17 (2014)

    Google Scholar 

  41. Yuan, E., Malek, S., Schmerl, B., Garlan, D., Gennari, J.: Architecture-based self-protecting software systems. In: Proceedings of the Ninth International ACM Sigsoft Conference on the Quality of Software Architectures (QoSA 2013), 17–21 June 2013

    Google Scholar 

  42. Zadeh, L.: Fuzzy sets. Inf. Control 8(3), 338–353 (1965)

    Article  MATH  Google Scholar 

  43. Zadeh, L.: Fuzzy sets as a basis for a theory of possibility. Fuzzy Sets Syst. 100(Supplement 1), 9–34 (1999)

    Article  MathSciNet  Google Scholar 

  44. Zhang, X., Lung, C.: Improving software performance and reliability with an architecture-based self-adaptive framework. In: Ahamed, S.I., Bae, D., Cha, S.D., Chang, C.K., Subramanyan, R., Wong, E., Yang, H. (eds.) Proceedings of the 34th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2010, Seoul, Korea, 19–23 July 2010, pp. 72–81. IEEE Computer Society (2010)

    Google Scholar 

Download references

Acknowledgements

This work is supported in part by awards N000141310401 and N000141310171 from the Office of Naval Research, CNS-0834701 from the National Science Foundation, and by the National Security Agency. The views and conclusions contained herein are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Office of Naval Research or the U.S. government. This material is also based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. This material has been approved for public release and unlimited distribution. (DM-0002292).

Author information

Authors and Affiliations

  1. ISR - Institute for Software Research, Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    Javier Cámara, David Garlan & Bradley Schmerl

  2. SEI - Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    Gabriel A. Moreno

Authors
  1. Javier Cámara
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Garlan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gabriel A. Moreno
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bradley Schmerl
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Javier Cámara .

Editor information

Editors and Affiliations

  1. University of Kent, Canterbury, United Kingdom

    Rogério de Lemos

  2. Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

    David Garlan

  3. Politecnico di Milano, Milan, Italy

    Carlo Ghezzi

  4. Hasso Plattner Institute for Software Systems Engineering, Potsdam, Germany

    Holger Giese

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cámara, J., Garlan, D., Moreno, G.A., Schmerl, B. (2017). Analyzing Self-Adaptation Via Model Checking of Stochastic Games. In: de Lemos, R., Garlan, D., Ghezzi, C., Giese, H. (eds) Software Engineering for Self-Adaptive Systems III. Assurances. Lecture Notes in Computer Science(), vol 9640. Springer, Cham. https://doi.org/10.1007/978-3-319-74183-3_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-74183-3_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-74182-6

  • Online ISBN: 978-3-319-74183-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation