Abstract
The problem of composing multiple, possibly conflicting, runtime enforcers for a cyber-physical system (CPS) is considered. A formal definition of utility-agnostic and utility-maximizing CPS enforcers is presented, followed by an algorithm to combine multiple enforcers, and resolve their conflicts based on a design-time prioritization. To implement this combination in an efficient manner, enforcers are encoded symbolically using SMT formulas, and the combination is reduced to a set of SMT satisfiability and optimization operations. Further performance gains are achieved by using the SMT solvers incrementally. The approach is validated via experiments in an indoor area with Parrot minidrones. The incremental enforcer combination is shown to achieve an order of magnitude speedup, and no deadline misses.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
All Rights Reserved. This material is based upon work funded and supported by the Department of Defense under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution. DM17-0207.
References
NSF Definition of Cyber-Physical Systems. https://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503286
Bak, S., Johnson, T., Caccamo, M., Sha, L.: Real-time reachability for verified simplex design. In: Proceedings of the 35th Real-Time Systems Symposium, RTSS 2014 (2014)
Basin, D., Jugé, V., Klaedtke, F., Zălinescu, E.: Enforceable security policies revisited. ACM Trans. Inf. Syst. Secur. (TISSEC) (2013)
Bjørner, N., Phan, A.-D., Fleckenstein, L.: \(vZ\) - An optimizing SMT solver. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 194–199. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46681-0_14
Bloem, R., Könighofer, B., Könighofer, R., Wang, C.: Shield synthesis: runtime enforcement for reactive systems. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 533–548. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46681-0_51
deNiz, D., Lakshmanan, K., Rajkumar, R.: On the scheduling of mixed-criticality real-time task sets. In: Proceedings of the 30th Real-Time Systems Symposium, RTSS 2009 (2009)
Falcone, Y., Mounier, L., Fernandez, J.C., Ricier, J.L.: Runtime enforcement monitors: composition, synthesis, and enforcement abilities. Form. Methods Syst. Des. (FMSD) 38, 223–262 (2011)
Fong, P.: Access control by tracking shallow execution history. In: IEEE Security and Privacy (2004)
Havelund, K., Goldberg, A.: Verify your runs. In: Meyer, B., Woodcock, J. (eds.) VSTTE 2005. LNCS, vol. 4171, pp. 374–383. Springer, Heidelberg (2008). doi:10.1007/978-3-540-69149-5_40
Havelund, K., Rosu, G.: Monitoring programs using rewriting. In: Proceedings of the 16th International Conference on Automated Software Engineering, ASE 2001 (2001)
Kim, M., Viswanathan, M., Ben-Abdallah, H., Kannan, S., Lee, I., Sokolsky, O.: Formally specified monitoring of temporal properties. In: Proceedings of the 11th Euromicro Conference on Real-Time Systems, ECRTS 1999 (1999)
Leucker, M., Schallhart, C.: A brief account of runtime verification. In: JLAP (2008)
Ligatti, J., Bauer, L., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. (IJIS) 4, 2–16 (2005)
de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78800-3_24
Pike, L., Wegmann, N., Niller, S., Goodloe, A.: Copilot: monitoring embedded systems. Innov. Syst. Softw. Eng. (ISSE) 9, 235–255 (2013)
Pinisetty, S., Falcone, Y., Jéron, T., Marchand, H., Rollet, A., Timo, O.: Runtime enforcement of timed properties. In: Proceedings of the 2nd International Conference on Runtime Verification, RV 2012 (2012)
Pinisetty, S., Roop, P., Smyth, S., Tripakis, S., Hanxleden, R.: Runtime enforcement of reactive systems using synchronous enforcers. coRR abs/1612.05030 (2016)
Pinisetty, S., Tripakis, S.: Compositional runtime enforcement. In: Rayadurgam, S., Tkachuk, O. (eds.) NFM 2016. LNCS, vol. 9690, pp. 82–99. Springer, Cham (2016). doi:10.1007/978-3-319-40648-0_7
Schneider, F.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 3, 30–50 (2000)
Seto, D., Krogh, B., Sha, L., Chutinan, A.: The simplex architecture for safe online control system upgrades. In: Proceedings of the American Control Conference (1998)
Viswanatha, M.: Foundations for the run-time analysis of software systems. Ph.D. thesis, University of Pennsylvania (2000)
Wu, M., Zeng, H., Wang, C.: Synthesizing runtime enforcer of safety properties under burst error. In: Rayadurgam, S., Tkachuk, O. (eds.) NFM 2016. LNCS, vol. 9690, pp. 65–81. Springer, Cham (2016). doi:10.1007/978-3-319-40648-0_6
Acknowledgment
Copyright 2017 Carnegie Mellon UniversityFootnote 1.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Andersson, B., Chaki, S., de Niz, D. (2017). Combining Symbolic Runtime Enforcers for Cyber-Physical Systems. In: Lahiri, S., Reger, G. (eds) Runtime Verification. RV 2017. Lecture Notes in Computer Science(), vol 10548. Springer, Cham. https://doi.org/10.1007/978-3-319-67531-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-67531-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67530-5
Online ISBN: 978-3-319-67531-2
eBook Packages: Computer ScienceComputer Science (R0)