Skip to main content
SpringerLink
Log in

You Should Better Enforce Than Verify

  • Conference paper
Book cover Runtime Verification (RV 2010)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 6418))

Included in the following conference series:

Abstract

This tutorial deals with runtime enforcement and advocates its use as an extension of runtime verification. While research efforts in runtime verification have been mainly concerned with detection of misbehaviors and acknowledgement of desired behaviors, runtime enforcement aims mainly to circumvent misbehaviors of systems and to guarantee desired behaviors. First, we propose a comparison between runtime verification and runtime enforcement. We then present previous theoretical models of runtime enforcement mechanisms and their expressive power with respect to enforcement. Then, we overview existing work on runtime enforcement monitor synthesis. Finally, we propose some future challenges for the runtime enforcement technique.

A longer version with more results and examples is available on the author’s webpage.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Havelund, K., Goldberg, A.: Verify your runs. In: Meyer, B., Woodcock, J. (eds.) VSTTE 2005. LNCS, vol. 4171, pp. 374–383. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Leucker, M., Schallhart, C.: A brief account of runtime verification. Journal of Logic and Algebraic Programming 78, 293–303 (2008)

    Article  MATH  Google Scholar 

  3. Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3 (2000)

    Google Scholar 

  4. Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Transaction Information System Security 12 (2009)

    Google Scholar 

  5. Hamlen, K.W., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Trans. Programming Lang. and Syst. 28, 175–205 (2006)

    Article  Google Scholar 

  6. Falcone, Y., Fernandez, J.C., Mounier, L.: Enforcement monitoring wrt. the safety-progress classification of properties. In: SAC 2009: Proceedings of the ACM symposium on Applied Computing, pp. 593–600 (2009)

    Google Scholar 

  7. Dam, M., Jacobs, B., Lundblad, A., Piessens, F.: Security monitor inlining for multithreaded Java. In: Drossopoulou, S. (ed.) ECOOP 2009 – Object-Oriented Programming. LNCS, vol. 5653, pp. 546–569. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Aktug, I., Dam, M., Gurov, D.: Provably correct runtime monitoring. In: Cuellar, J., Maibaum, T., Sere, K. (eds.) FM 2008. LNCS, vol. 5014, pp. 262–277. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: a retrospective. In: NSPW 1999: Workhop on New Security Paradigms, pp. 87–95 (2000)

    Google Scholar 

  10. Cirstea, H., Moreau, P.E., de Oliveira, A.S.: Rewrite based specification of access control policies. Electron. Notes Theor. Comput. Sci. 234, 37–54 (2009)

    Article  Google Scholar 

  11. de Oliveira, A.S., Wang, E.K., Kirchner, C., Kirchner, H.: Weaving rewrite-based access control policies. In: FMSE 2007: Proceedings of the ACM workshop on Formal Methods in Security Engineering, pp. 71–80 (2007)

    Google Scholar 

  12. Havelund, K., Rosu, G.: An overview of the runtime verification tool Java PathExplorer. Formal Methods in System Design 24 (2003)

    Google Scholar 

  13. Havelund, K.: Runtime verification of C programs. In: Suzuki, K., Higashino, T., Ulrich, A., Hasegawa, T. (eds.) TestCom/FATES 2008. LNCS, vol. 5047, pp. 7–22. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. Drusinsky, D.: The Temporal Rover and the ATG rover. In: Havelund, K., Penix, J., Visser, W. (eds.) SPIN 2000. LNCS, vol. 1885, pp. 323–330. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  15. Chen, F., Roşu, G.: MOP: An Efficient and Generic Runtime Verification Framework. In: OOPSLA 2007: Object-Oriented Programming, Systems, Languages and Applications, pp. 569–588 (2007)

    Google Scholar 

  16. Chen, F., Rosu, G.: Parametric trace slicing and monitoring. In: Kowalewski, S., Philippou, A. (eds.) TACAS 2009. LNCS, vol. 5505, pp. 246–261. Springer, Heidelberg (2009)

    Google Scholar 

  17. Emerson, E.A.: Temporal and modal logic. In: Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics (B), pp. 995–1072 (1990)

    Google Scholar 

  18. Lamport, L.: Proving the correctness of multiprocess programs. IEEE Transactions on Software Engineering 3, 125–143 (1977)

    Article  MathSciNet  MATH  Google Scholar 

  19. Alpern, B., Schneider, F.B.: Defining Liveness. Information Processing Letters 21, 181–185 (1985)

    Article  MathSciNet  MATH  Google Scholar 

  20. Manna, Z., Pnueli, A.: Adequate proof principles for invariance and liveness properties of concurrent programs. Sci. Comput. Program. 4, 257–289 (1984)

    Article  MathSciNet  MATH  Google Scholar 

  21. Owicki, S., Lamport, L.: Proving liveness properties of concurrent programs. ACM Transaction Programming Languages and Systems 4, 455–495 (1982)

    Article  MATH  Google Scholar 

  22. Sistla, A.P.: On characterization of safety and liveness properties in temporal logic. In: PODC 1985: Proceedings of the 4th annual ACM symposium on Principles of distributed computing, pp. 39–48 (1985)

    Google Scholar 

  23. Manna, Z., Pnueli, A.: A hierarchy of temporal properties (invited paper, 1989). In: PODC 1990: Proceedings of the 9th annual ACM symposium on Principles of distributed computing, pp. 377–410 (1990)

    Google Scholar 

  24. Chang, E.Y., Manna, Z., Pnueli, A.: Characterization of temporal property classes. In: Kuich, W. (ed.) ICALP 1992. LNCS, vol. 623, pp. 474–486. Springer, Heidelberg (1992)

    Chapter  Google Scholar 

  25. Chang, E., Manna, Z., Pnueli, A.: The Safety-Progress Classification. Technical report, Stanford University, Dept. of Computer Science (1992)

    Google Scholar 

  26. Streett, R.S.: Propositional Dynamic Logic of looping and converse. In: STOC 1981: Proceedings of the 13th Symp. on Theory Of computing, pp. 375–383. ACM, New York (1981)

    Google Scholar 

  27. Falcone, Y., Fernandez, J.C., Mounier, L.: What can you verify and enforce at runtime? Software Tools for Technology Transfer, special issue on Runtime Verification (2010), Invited Paper, under review. Preprint as Verimag TR-2010-5

    Google Scholar 

  28. Runtime Verification (2001-2009), http://www.runtime-verification.org

  29. Colin, S., Mariani, L.: Run-time verification. In: Broy, M., Jonsson, B., Katoen, J.-P., Leucker, M., Pretschner, A. (eds.) Model-Based Testing of Reactive Systems. LNCS, vol. 3472, pp. 525–556. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  30. Chen, F., Şerbănuţă, T.F., Roşu, G.: jPredictor: a predictive runtime analysis tool for Java. In: ICSE 2008: Proceedings of the 30th International Conference on Software Engineering, pp. 221–230 (2008)

    Google Scholar 

  31. Bodden, E., Havelund, K.: Racer: Effective race detection using AspectJ. IEEE Transactions on Software Engineering (2009)

    Google Scholar 

  32. Bensalem, S., Havelund, K.: Dynamic deadlock analysis of multi-threaded programs. In: Ur, S., Bin, E., Wolfsthal, Y. (eds.) HVC 2005. LNCS, vol. 3875, pp. 208–223. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  33. Flanagan, C., Freund, S.N.: Atomizer: a dynamic atomicity checker for multithreaded programs. In: POPL 2004: Proceedings of the 31st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 256–267 (2004)

    Google Scholar 

  34. Bielova, N., Massacci, F.: Do you really mean what you actually enforced? In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol. 5491, pp. 287–301. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  35. Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C.V., Loingtier, J.M., Irwin, J.: Aspect-oriented programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  36. The Apache Jakarta Project: Byte Code Engineering Library (2009), http://jakarta.apache.org/bcel/

  37. Delgado, N., Gates, A.Q., Roach, S.: A taxonomy and catalog of runtime software-fault monitoring tools. IEEE Trans. on Software Engineering 30, 859–872 (2004)

    Article  Google Scholar 

  38. Viswanathan, M., Kim, M.: Foundations for the run-time monitoring of reactive systems - fundamentals of the MaC language. In: Liu, Z., Araki, K. (eds.) ICTAC 2004. LNCS, vol. 3407, pp. 543–556. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  39. Pnueli, A., Zaks, A.: PSL model checking and run-time verification via testers. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, vol. 4085, pp. 573–586. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  40. Bauer, A., Leucker, M., Schallhart, C.: Comparing LTL semantics for runtime verification. Journal of Logic and Computation (2009)

    Google Scholar 

  41. Falcone, Y., Fernandez, J.-C., Mounier, L.: Runtime verification of safety-progress properties. In: Bensalem, S., Peled, D. (eds.) RV 2009. LNCS, vol. 5779, pp. 40–59. Springer, Heidelberg (2009)

    Google Scholar 

  42. Bauer, A., Leucker, M., Schallhart, C.: Runtime verification for LTL and TLTL. Technical Report TUM-I0724, Technische Universität München (2007)

    Google Scholar 

  43. d’Amorim, M., Roşu, G.: Efficient monitoring of ω-languages. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 364–378. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  44. Barringer, H., Rydeheard, D.E., Havelund, K.: Rule systems for run-time monitoring: From Eagle to RuleR. In: Sokolsky, O., Taşıran, S. (eds.) RV 2007. LNCS, vol. 4839, pp. 111–125. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  45. Ligatti, J.A.: Policy Enforcement via Program Monitoring. PhD thesis, Princeton University (2006)

    Google Scholar 

  46. Falcone, Y., Mounier, L., Fernandez, J.C., Richier, J.L.: Runtime enforcement monitors: composition, synthesis, and enforcement abilities (2010), under revision at Formal Methods in System Design. Preprint as Verimag TR 2008-7

    Google Scholar 

  47. Ligatti, J., Bauer, L., Walker, D.: Enforcing non-safety security policies with program monitors. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 355–373. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  48. Ligatti, J., Bauer, L., Walker, D.: Edit automata: Enforcement mechanisms for run-time security policies. Int. Journal of Information Security 4, 2–16 (2005)

    Article  Google Scholar 

  49. Fong, P.W.L.: Access control by tracking shallow execution history. In: Proceedings of the 2004 IEEE Symposium on Security and Privacy, pp. 43–55 (2004)

    Google Scholar 

  50. Talhi, C., Tawbi, N., Debbabi, M.: Execution monitoring enforcement for limited-memory systems. In: PST 2006: Proceedings of the International Conference on Privacy, Security and Trust, pp. 1–12 (2006)

    Google Scholar 

  51. Viswanathan, M.: Foundations for the run-time analysis of software systems. PhD thesis, University of Pennsylvania, Philadelphia, PA, USA (2000)

    Google Scholar 

  52. Beauquier, D., Cohen, J., Lanotte, R.: Security policies enforcement using finite edit automata. Electr. Notes Theor. Comput. Sci. 229, 19–35 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  53. Perrin, D., Pin, J.E.: Infinite Words, Automata, Semigroups, Logic and Games. Elsevier, Amsterdam (2004)

    MATH  Google Scholar 

  54. Martinelli, F., Matteucci, I.: Through modeling to synthesis of security automata. Electronic Notes in Theoritical Compututer Science 179, 31–46 (2007)

    Article  Google Scholar 

  55. Matteucci, I.: Automated synthesis of enforcing mechanisms for security properties in a timed setting. Elec. Notes in Theoritical Comp. Science 186, 101–120 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  56. Falcone, Y., Fernandez, J.C., Mounier, L.: Synthesizing enforcement monitors wrt. the safety-progress classification of properties. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 41–55. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  57. Chabot, H., Khoury, R., Tawbi, N.: Generating in-line monitors for Rabin automata. In: NordSec 2009: 14th Nordic Conf. on Secure IT Systems, pp. 287–301 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. INRIA, Rennes - Bretagne Atlantique, France

    Yliès Falcone

Authors
  1. Yliès Falcone
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, University of Manchester, Kilburn Building, Oxford Road, M13 9PL, Manchester, UK

    Howard Barringer

  2. INRIA, Rennes - Bretagne Atlantique, France

    Ylies Falcone

  3. Department of Computer Science, Saarland University, 66123, Saarbrücken, Germany

    Bernd Finkbeiner

  4. Jet Propulsion Laboratory, M/S 3041-285, 4800 Oak Grove Drive, 91109, Pasadena, CA, USA

    Klaus Havelund

  5. PRECISE Center, Department of Computer and Information Science, University of Pennsylvania, 19104, Philadelphia, PA, USA

    Insup Lee  & Oleg Sokolsky  & 

  6. Department of Computer Science, University of Malta, MSD 06, Msida, Malta

    Gordon Pace

  7. Department of Computer Science, University of Illinois at Urbana-Champaign, 201 N. Goodwin, 61801, Urbana, IL, USA

    Grigore Roşu

  8. Microsoft Research,, One Microsoft Way, 98052, Redmond, WA, USA

    Nikolai Tillmann

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Falcone, Y. (2010). You Should Better Enforce Than Verify. In: Barringer, H., et al. Runtime Verification. RV 2010. Lecture Notes in Computer Science, vol 6418. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16612-9_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16612-9_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16611-2

  • Online ISBN: 978-3-642-16612-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation