Formal Methods in System Design

, Volume 48, Issue 1–2, pp 46–93 | Cite as

Decentralised LTL monitoring



Users wanting to monitor distributed or component-based systems often perceive them as monolithic systems which, seen from the outside, exhibit a uniform behaviour as opposed to many components displaying many local behaviours that together constitute the system’s global behaviour. This level of abstraction is often reasonable, hiding implementation details from users who may want to specify the system’s global behaviour in terms of a linear-time temporal logic (LTL) formula. However, the problem that arises then is how such a specification can actually be monitored in a distributed system that has no central data collection point, where all the components’ local behaviours are observable. In this case, the LTL specification needs to be decomposed into sub-formulae which, in turn, need to be distributed amongst the components’ locally attached monitors, each of which sees only a distinct part of the global behaviour. The main contribution of this paper is an algorithm for distributing and monitoring LTL formulae, such that satisfaction or violation of specifications can be detected by local monitors alone. We present an implementation and show that our algorithm introduces only a negligible delay in detecting satisfaction/violation of a specification. Moreover, our practical results show that the communication overhead introduced by the local monitors is generally lower than the number of messages that would need to be sent to a central data collection point. Furthermore, our experiments strengthen the argument that the algorithm performs well in a wide range of different application contexts, given by different system/communication topologies and/or system event distributions over time.


Runtime verification LTL Monitoring Progression  Decentralised monitoring 


  1. 1.
    Amir P (1977) The temporal logic of programs. In: Foundations of Computer Science (FOCS), IEEE, pp 46–57Google Scholar
  2. 2.
    Seyster J, Dixit K, Huang X, Grosu R, Havelund K, Smolka SA, Stoller SD, Zadok E (2010) Aspect-oriented instrumentation with GCC. In: Barringer H, Falcone Y, Finkbeiner B, Havelund K, Lee I, Pace GJ, Rosu G, Sokolsky O, Tillmann N (eds.) (2010) Proceedings of International Conference on Runtime Verification (RV), volume 6418 of LNCS. Springer, Berlin, pp 405–420Google Scholar
  3. 3.
    Meredith P, Rosu G (2010) Runtime verification with the RV System. In Barringer H, Falcone Y, Finkbeiner B, Havelund K, Lee I, Pace GJ, Rosu G, Sokolsky O, Tillmann N (eds.) (2010) Proceedings of International Conference on Runtime Verification (RV), volume 6418 of LNCS. Springer, Berlin, pp 136–152Google Scholar
  4. 4.
    Hallé S, Villemaire R (2010) Runtime verification for the web-a tutorial introduction to interface contracts in web applications. In: Barringer H, Falcone Y, Finkbeiner B, Havelund K, Lee I, Pace GJ, Rosu G, Sokolsky O, Tillmann N (eds.) (2010) Proceedings of International Conference on Runtime Verification (RV), volume 6418 of LNCS. Springer, Berlin, pp 106–121Google Scholar
  5. 5.
    Gunzert M, Nägele A (1999) Component-based development and verification of safety critical software for a brake-by-wire system with synchronous software components. In: International Symposium on SE for Parallel and Distributed Systems (PDSE), IEEE, p 134Google Scholar
  6. 6.
    Lukasiewycz M, Glaß M, Teich J, Milbredt P (2009) FlexRay schedule optimization of the static segment. In: 7th IEEE/ACM International Conference on Hardware/software codesign and system synthesis (CODES+ISSS), ACM, pp 363–372Google Scholar
  7. 7.
    Pop T, Pop P, Eles P, Peng Z, Andrei Alexandru (2008) Timing analysis of the FlexRay communication protocol. Real-Time Syst 39:205–235CrossRefMATHGoogle Scholar
  8. 8.
    Miller SP, Whalen MW, Cofer DD (2010) Software model checking takes off. Commun ACM 53:58–64CrossRefGoogle Scholar
  9. 9.
    Pigan R, Metter M (2008) Automating with PROFINET: industrial communication based on industrial ethernet. Wiley, New YorkGoogle Scholar
  10. 10.
    Felser M (2005) Real-time ethernet-industry prospective. Proc IEEE 93(6):1118–1129CrossRefGoogle Scholar
  11. 11.
    Serna Oliver R, Craciunas SS, Stoger G (2014) Analysis of deterministic ethernet scheduling for the industrial internet of things. In: Computer aided modeling and design of communication links and networks (CAMAD), 2014 IEEE 19th International Workshop on IEEE, pp 320–324Google Scholar
  12. 12.
    Havelund K, Rosu G (2001) Monitoring programs using rewriting. In: 16th IEEE International conference on automated software engineering (ASE 2001), pp 135–143Google Scholar
  13. 13.
    Roşu G, Havelund K (2005) Rewriting-based techniques for runtime verification. Autom Softw Eng 12(2):151–197CrossRefGoogle Scholar
  14. 14.
    Barringer H, Rydeheard DE, Havelund K (2010) Rule systems for run-time monitoring: from Eagle to RuleR. J Log Comput 20(3):675–706MathSciNetCrossRefMATHGoogle Scholar
  15. 15.
    Bauer A, Falcone Y (2012) Decentralised LTL monitoring. In: Giannakopoulou D, Mery D (eds.) Proceedings of the 18th international symposium on formal methods (FM), volume 7436 of Lecture Notes in Computer Science. Springer, Berlin, pp 85–100Google Scholar
  16. 16.
    Jantsch A (2003) Modeling Embedded systems and SoC’s: concurrency and time in models of computation. Morgan Kaufmann, San FranciscoGoogle Scholar
  17. 17.
    Pnueli A (1977) The temporal logic of programs. In: SFCS’77: Proceedings of the 18th annual symposium on foundations of computer science, Washington, DC, USA. IEEE Computer Society, pp 46–57Google Scholar
  18. 18.
    Bauer A, Leucker M, Schallhart C (2010) Comparing LTL semantics for runtime verification. Logic Comput 20(3):651–674MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Bauer A, Leucker M, Schallhart C (2011) Runtime verification for LTL and TLTL. ACM Trans Softw Eng Methodol (TOSEM) 20(4):14CrossRefGoogle Scholar
  20. 20.
    Bacchus F, Kabanza F (1998) Planning for temporally extended goals. Ann Math Artif Intell 22:5–27MathSciNetCrossRefMATHGoogle Scholar
  21. 21.
    Kupferman O, Vardi MY (2001) Model checking of safety properties. Formal Methods Syst Design 19(3):291–314MathSciNetCrossRefMATHGoogle Scholar
  22. 22.
    Sen K, Roşu G, Agha G (2003) Generating optimal linear temporal logic monitors by coinduction. In: Advances in computing science—ASIAN 2003. Progamming languages and distributed computation programming languages and distributed computation. Springer, Berlin, pp 260–275Google Scholar
  23. 23.
    Sistla AP, Clarke EM (1985) The complexity of propositional linear temporal logics. J ACM 32(3):733–749MathSciNetCrossRefMATHGoogle Scholar
  24. 24.
    Lichtenstein O, Pnueli A, Zuck LD (1985) The glory of the past. In: Conference on logic of programs. Springer, pp 196–218Google Scholar
  25. 25.
    Markey N (2003) Temporal logic with past is exponentially more succinct, concurrency column. Bull EATCS 79:122–128MathSciNetMATHGoogle Scholar
  26. 26.
  27. 27.
    Dwyer MB, Avrunin GS, Corbett JC (1999) Patterns in property specifications for finite-state verification. In: International Conference on Software Engineering (ICSE). ACM, pp 411–420Google Scholar
  28. 28.
    Specification Patterns Website.
  29. 29.
    Wang Y, Yoo T-S, Lafortune S (2004) New results on decentralized diagnosis of discrete event systems. In: Proceedings of 42nd Annual Allerton Conference on Communication, Control, and Computing, October 2004Google Scholar
  30. 30.
    Wang Y, Yoo T-S, Lafortune S (2007) Diagnosis of discrete event systems using decentralized architectures. Discrete Event Dyn Syst 17:233–263MathSciNetCrossRefMATHGoogle Scholar
  31. 31.
    Cassez F (2010) The complexity of codiagnosability for discrete event and timed systems. In: Bouajjani A, Chin W-N (eds.) ATVA, volume 6252 of Lecture Notes in Computer Science. Springer, pp 82–96Google Scholar
  32. 32.
    Tripakis S (2005) Decentralized observation problems. In: 44th IEEE Conference on decision and control (CDC-ECC), IEEE, pp 6–11Google Scholar
  33. 33.
    Sen K, Vardhan A, Agha G, Rosu G (2006) Decentralized runtime analysis of multithreaded applications. In: 20th parallel and distributed processing symposium (IPDPS). IEEEGoogle Scholar
  34. 34.
    Genon A, Massart T, Meuter C (2006) Monitoring distributed controllers. In: Formal methods (FM), volume 4085 of LNCS. Springer, pp 557–572Google Scholar
  35. 35.
    Falcone Y, Cornebize T, Fernandez J-C (2014) Efficient and generalized decentralized monitoring of regular languages. In: Erika A, Catuscia P (eds.) FORTE, volume 8461 of Lecture Notes in Computer Science.Springer, pp 66–83Google Scholar
  36. 36.
    Barringer H, Falcone Y, Finkbeiner B, Havelund K, Lee I, Pace GJ, Rosu G, Sokolsky O, Tillmann N (eds.) (2010) Proceedings of International Conference on Runtime Verification (RV), volume 6418 of LNCS. SpringerGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.TU Munich, Software & Systems EngineeringMunichGermany
  2. 2.University of Grenoble Alpes, Inria, LIGGrenobleFrance

Personalised recommendations