Abstract
We propose a game-based method for synthesizing a runtime enforcer for a reactive system to ensure that a set of safety-critical properties always holds even if errors occur in the system due to design defect or environmental disturbance. The runtime enforcer does not modify the internals of the system or provide a redundant implementation; instead, it monitors the input and output of the system and corrects any erroneous output signal that may cause a safety violation. Our main contribution is a new algorithm for synthesizing a runtime enforcer that can respond to violations instantaneously and guarantee the safety of the system under burst error. This is in contrast to existing methods that either require significant delay before the enforcer can respond to violations or do not handle burst error. We have implemented our method in a synthesis tool and evaluated it on a set of temporal logic specifications. Our experiments show that the enforcer synthesized by our method can robustly handle a wide range of properties under burst error.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bauer, A., Leucker, M., Schallhart, C.: Runtime verification for LTL and TLTL. ACM Trans. Softw. Eng. Methodol. 20(4), 14:1–14:64 (2011)
Bloem, R., Jobstmann, B., Piterman, N., Pnueli, A., Sa’ar, Y.: Synthesis of reactive(1) designs. J. Comput. Syst. Sci. 78(3), 911–938 (2012)
Bloem, R., Könighofer, B., Könighofer, R., Wang, C.: Shield synthesis: Runtime enforcement for reactive systems. In: International Conference on Tools and Algorithms for Construction and Analysis of Systems, pp. 533–548 (2015)
Brayton, R.K., et al.: VIS: A system for verification and synthesis. In: International Conference on Computer Aided Verification, pp. 428–432 (1996)
Clarke, E.M., Emerson, E.A.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Grumberg, O., Veith, H. (eds.) 25MC Festschrift. LNCS, vol. 5000, pp. 196–215. Springer, Heidelberg (2008)
Dwyer, M.B., Avrunin, G.S., Corbett, J.C.: Patterns in property specifications for finite-state verification. In: International Conference on Software Engineering (1999)
Ehlers, R., Topcu, U.: Resilience to intermittent assumption violations in reactive synthesis. In: International Conference on Hybrid Systems: Computation and Control, pp. 203–212 (2014)
Falcone, Y., Fernandez, J.-C., Mounier, L.: What can you verify and enforce at runtime? J. Softw. Tools Technol. Transf. 14(3), 349–382 (2012)
Jin, X., Deshmukh, J., Kapinski, J., Ueda, K., Butts, K.: Powertrain control verification benchmark. In: International Conference on Hybrid Systems: Computation and Control (2014)
Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. 12(3), 1–41 (2009)
Luo, Q., Roşu, G.: Enforcemop: a runtime property enforcement system for multithreaded programs. In: International Symposium on Software Testing and Analysis, pp. 156–166 (2013)
Mazala, R.: Infinite games. In: Grädel, E., Thomas, W., Wilke, T. (eds.) Automata, Logics, and Infinite Games. LNCS, vol. 2500, pp. 23–38. Springer, Heidelberg (2002)
NHTSA. 49 CFR Part 571: Federal Motor Vehicle Safety Standards; Accelerator Control Systems. Department of Transportation (2012)
Pnueli, A., Rosner, R.: On the synthesis of a reactive module. In: ACM Symposium on Principles of Programming Languages, pp. 179–190 (1989)
Queille, J.P., Sifakis, J.: Specification and verification of concurrent systems in CESAR. In: Dezani-Ciancaglini, M., Montanari, U. (eds.) International Symposium on Programming. LNCS, vol. 137, pp. 337–351. Springer, Heidelberg (1982)
Renard, M., Falcone, Y., Rollet, A.: Optimal enforcement of (timed) properties with uncontrollable events (2016). https://hal.archives-ouvertes.fr/hal-01262444/
Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3, 30–50 (2000)
Sohail, S., Somenzi, F.: Safety first: A two-stage algorithm for the synthesis of reactive systems. J. Softw. Tools Technol. Transfer 15(5–6), 433–454 (2013)
Somenzi, F.: CUDD: CU Decision Diagram Package. ftp://vlsi.colorado.edu/pub/
Wu, M.: iShield2 Synthesizer. https://bitbucket.org/mengwu/shield-synthesis/
Yu, F., Alkhalaf, M., Bultan, T.: Patching vulnerabilities with sanitization synthesis. In: International Conference on Software Engineering, pp. 251–260 (2011)
Zhang, L., Wang, C.: Runtime prevention of concurrency related type-state violations in multithreaded applications. In: International Symposium on Software Testing and Analysis, pp. 1–12 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Wu, M., Zeng, H., Wang, C. (2016). Synthesizing Runtime Enforcer of Safety Properties Under Burst Error. In: Rayadurgam, S., Tkachuk, O. (eds) NASA Formal Methods. NFM 2016. Lecture Notes in Computer Science(), vol 9690. Springer, Cham. https://doi.org/10.1007/978-3-319-40648-0_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-40648-0_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40647-3
Online ISBN: 978-3-319-40648-0
eBook Packages: Computer ScienceComputer Science (R0)