Runtime Verification of Temporal Properties over Out-of-Order Data Streams

  • David Basin
  • Felix Klaedtke
  • Eugen Zălinescu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10426)


We present a monitoring approach for verifying systems at runtime. Our approach targets systems whose components communicate with the monitors over unreliable channels, where messages can be delayed or lost. In contrast to prior works, whose property specification languages are limited to propositional temporal logics, our approach handles an extension of the real-time logic MTL with freeze quantifiers for reasoning about data values. We present its underlying theory based on a new three-valued semantics that is well suited to soundly and completely reason online about event streams in the presence of message delay or loss. We also evaluate our approach experimentally. Our prototype implementation processes hundreds of events per second in settings where messages are received out of order.



This work was partly performed within the 5G-ENSURE project ( and received funding from the EU Framework Programme for Research and Innovation Horizon 2020 under grant agreement no. 671562. David Basin acknowledges support from the Swiss National Science Foundation grant Big Data Monitoring (167162).


  1. 1.
    Alur, R., Henzinger, T.A.: Logics and models of real time: a survey. In: Bakker, J.W., Huizing, C., Roever, W.P., Rozenberg, G. (eds.) REX 1991. LNCS, vol. 600, pp. 74–106. Springer, Heidelberg (1992). doi: 10.1007/BFb0031988 CrossRefGoogle Scholar
  2. 2.
    Barringer, H., Goldberg, A., Havelund, K., Sen, K.: Rule-based runtime verification. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 44–57. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24622-0_5 CrossRefGoogle Scholar
  3. 3.
    Basin, D., Harvan, M., Klaedtke, F., Zălinescu, E.: MONPOLY: monitoring usage-control policies. In: Khurshid, S., Sen, K. (eds.) RV 2011. LNCS, vol. 7186, pp. 360–364. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29860-8_27 CrossRefGoogle Scholar
  4. 4.
    Basin, D., Klaedtke, F., Marinovic, S., Zălinescu, E.: Monitoring compliance policies over incomplete and disagreeing logs. In: Qadeer, S., Tasiran, S. (eds.) RV 2012. LNCS, vol. 7687, pp. 151–167. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-35632-2_17 CrossRefGoogle Scholar
  5. 5.
    Basin, D., Klaedtke, F., Müller, S., Zălinescu, E.: Monitoring metric first-order temporal properties. J. ACM 62(2), 15 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Basin, D., Klaedtke, F., Zălinescu, E.: Failure-aware runtime verification of distributed systems. In: Proceedings of 35th International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS), Leibniz International Proceedings in Informatics (LIPIcs), vol. 45, pp. 590–603. Schloss Dagstuhl - Leibniz Center for Informatics (2015)Google Scholar
  7. 7.
    Basin, D., Klaedtke, F., Zălinescu, E.: Runtime verification of temporal properties over out-of-order data streams (2017). Full version of this paper:
  8. 8.
    Bauer, A., Falcone, Y.: Decentralised LTL monitoring. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 85–100. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32759-9_10 CrossRefGoogle Scholar
  9. 9.
    Bauer, A., Küster, J., Vegliach, G.: The ins and outs of first-order runtime verification. Form. Methods Syst. Des. 46(3), 286–316 (2015)CrossRefzbMATHGoogle Scholar
  10. 10.
    Bauer, A., Leucker, M., Schallhart, C.: Comparing LTL semantics for runtime verification. J. Logic Comput. 20(3), 651–674 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Bauer, A., Leucker, M., Schallhart, C.: Runtime verification for LTL and TLTL. ACM Trans. Softw. Eng. Meth. 20(4), 14 (2011)CrossRefGoogle Scholar
  12. 12.
    Colombo, C., Falcone, Y.: Organising LTL monitors over distributed systems with a global clock. Form. Methods Syst. Des. 49(1), 109–158 (2016)CrossRefGoogle Scholar
  13. 13.
    Feng, S., Lohrey, M., Quaas, K.: Path checking for MTL and TPTL over data words. In: Potapov, I. (ed.) DLT 2015. LNCS, vol. 9168, pp. 326–339. Springer, Cham (2015). doi: 10.1007/978-3-319-21500-6_26 CrossRefGoogle Scholar
  14. 14.
    Garg, D., Jia, L., Datta, A.: Policy auditing over incomplete logs: theory, implementation and applications. In: Proceedings of 18th ACM Conference on Computer and Communications Security (CCS), pp. 151–162. ACM Press (2011)Google Scholar
  15. 15.
    Goidefroid, P., Piterman, N.: LTL generalized model checking revisited. Int. J. Softw. Tools Technol. Trans. 13(6), 571–584 (2011)CrossRefGoogle Scholar
  16. 16.
    Henzinger, T.A.: Half-order modal logic: how to prove real-time properties. In: Proceedings of 9th Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 281–296. ACM Press (1990)Google Scholar
  17. 17.
    Koymans, R.: Specifying real-time properties with metric temporal logic. Real-Time Syst. 2(4), 255–299 (1990)CrossRefGoogle Scholar
  18. 18.
    Maler, O., Nickovic, D.: Monitoring temporal properties of continuous signals. In: Lakhnech, Y., Yovine, S. (eds.) FORMATS/FTRTFT -2004. LNCS, vol. 3253, pp. 152–166. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-30206-3_12 CrossRefGoogle Scholar
  19. 19.
    Meredith, P.O., Jin, D., Griffith, D., Chen, F., Rou, G.: An overview of the MOP runtime verification framework. Int. J. Softw. Tools Technol. Trans. 14(3), 249–289 (2012)CrossRefGoogle Scholar
  20. 20.
    Mostafa, M., Bonakdarbour, B.: Decentralized runtime verification of LTL specifications in distributed systems. In: Proceedings of 29th IEEE International Parallel and Distributed Processing Symposium (IPDPS). IEEE Computer Society (2015)Google Scholar
  21. 21.
    Ouaknine, J., Worrell, J.: On metric temporal logic and faulty turing machines. In: Aceto, L., Ingólfsdóttir, A. (eds.) FoSSaCS 2006. LNCS, vol. 3921, pp. 217–230. Springer, Heidelberg (2006). doi: 10.1007/11690634_15 CrossRefGoogle Scholar
  22. 22.
    Sen, K., Vardhan, A., Agha, G., Rou, G.: Efficient decentralized monitoring of safety in distributed systems. In: Proceedings of 26th International Conference on Software Engineering (ICSE), pp. 418–427. IEEE Computer Society (2004)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Computer ScienceETH ZurichZurichSwitzerland
  2. 2.NEC Laboratories EuropeHeidelbergGermany
  3. 3.Technische Universität MünchenMünchenGermany

Personalised recommendations