Skip to main content
SpringerLink
Log in

Anticipatory active monitoring for safety- and security-critical software

  • Research Paper
  • Progress of Projects Supported by NSFC
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Since formal verification and testing of systems is normally faced with challenges such as state explosion and uncertain execution environments, it is extremely difficult to exhaustively verify and test software during the development phase. Therefore, monitoring has become an indispensable means for finding latent software faults at runtime. Most current monitoring approaches only generate passive monitors, which cannot foresee possible faults and consequently cannot prevent their occurrence. In this paper, we propose an active monitoring approach based on runtime verification. This approach aims to predict possible incoming violations using a monitor that executes anticipatory semantics of temporal logic, and then generates the necessary steering actions according to a partial system model, which steers the system away from paths causing these violations. In this case, the monitor and monitored system make up a discrete feedback control loop. We further investigate the control theory behind active monitoring so that non-blocking controllability can be achieved. The results of applying active monitoring to two cases, a railway crossing control system and security-enhanced Linux (SELinux), show that the method can effectively ensure both safety and security properties at runtime.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Shen C X, Zhang H G, Wang H M, et al. Research on trusted computing its development. Sic China Inf Sci, 2010, 53: 405–433

    Article  Google Scholar 

  2. Leucker M, Schallhart C. A brief account of runtime verification. J Logic Algebra Program, 2009, 78: 293–303

    Article  MATH  Google Scholar 

  3. Pnueli A. The temporal logic of programs. In: Proceedings of the 18th IEEE Symposium on the Foundations of Computer Science. IEEE Computer Society, 1977. 46–57

  4. Giannakopoulou D, Havelund K. Automata-based verification of temporal properties on running programs. In: Proceedings of the 16th Annual International Conference on Automated Software Engineering, IEEE Computer Society, 2001. 412–416

  5. Geilen M. On the constructing of monitors for temporal logic properties. Electron Notes Theor Comput Sci, 2001, 55: 181–199

    Article  Google Scholar 

  6. Zhao C Z, Dong W, Wang J, et al. Software active online monitoring under anticipatory semantics. In: Proceedings of 1st International Workshop on Software Health Management, 2009. http://www.isis.vanderbilt.edu/workshops/smcit-2009-shm

  7. Easwaran A, Kannan S, Sokolsky O. Steering of discrete event systems: control theory approach. Electron Notes Theor Comput Sci, 2005, 144: 21–39

    Article  Google Scholar 

  8. Bauer A, Leucker M, Schallhart C. The good, the bad, and the ugly-but how ugly is ugly? In: Sokolsky O, Taşiran S, eds. Proceedings of the 7th International Workshop on Runtime Verification, Springer-Verlag, 2007. LNCS 4839. 126–138

  9. Dong W, Leucker M, Schallhart C. Impartial anticipation in runtime verification. In: Cha S, ed. Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis, Springer-Verlag, 2008. LNCS 5311. 386–396

  10. Zhao C Z, Dong W, Qi Z C. Active monitoring for control systems under anticipatory semantics. In: Proceedings of 10th International Conference on Quality Software, IEEE Computer Society, 2010. 318–325

  11. Bauer A, Leucker M, Schallhart C. Monitoring of real-time properties. In: Arun-Kumar S, Garg N, eds. Proceedings of the 26th Conference on Foundations of Software Technology and Theoretical Computer Science, Springer-Verlag, 2006. LNCS 4337. 260–272

  12. Vardi M Y, Wolper P. An automata-theoretic approach to automatic program verification. In: Symposium on Logic in Computer Science, IEEE Computer Society, 1986. 332–345

  13. Bauer A, Leucker M, Schallhart C. Runtime verification for LTL and TLTL. ACM Trans Softw Eng Methodol, 2011, 20: 1–64

    Article  Google Scholar 

  14. Wonham W M. Supervisory control of discrete-event systems: an introduction. In: Proceedings of IEEE International Conference on Industrial Technology, IEEE Computer Society, 2010. 472–492

  15. Chung S L, Lafortune S, Lin F. Limited lookahead policies in supervisory control of discrete event systems. IEEE Trans Autom Control, 1992, 37: 1921–1935

    Article  MathSciNet  MATH  Google Scholar 

  16. Kim M, Kannan S, Lee I, et al. Java-MaC: a runtime assurance approach for java programs. Form Methods Syst Des, 2004, 24: 129–155

    Article  MATH  Google Scholar 

  17. Bodden E, Hendren L. Collaborative runtime verification with tracematches. J Logic Comput, 2010, 20: 707–723

    Article  MathSciNet  MATH  Google Scholar 

  18. MaCware. http://rtg.cis.upenn.edu/mac/download.php3

  19. Loscocco P, Smalley S. Integrating flexible support for security policies into the linux operating system. In: Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, USENIX Association Berkeley, 2001. 29–42

  20. Guttman J D, Herzog A L, Ramsdell J D, et al. Verifying information flow goals in security-enhanced linux. J Comput Secur, 2005, 13: 115–134

    Google Scholar 

  21. Roscoe A W, Goldsmith M H. What is intransitive noninterference? In: Proceedings of the 12th IEEE workshop on Computer Security Foundations, IEEE Computer Society, 1999. 228–238

  22. The MITRE Corporation. Slat: the security-enhanced linux analysis tools. http://stderr.org/doc/slat/slat.html, 2003

  23. Bauer A, Leucker M, Schallhart C. Model-based methods for the runtime analysis of reactive distributed systems. In: Proceedings of the Australian Software Engineering Conference, IEEE Computer Society, 2006. 243–252

  24. Chen F, Roşu G. Mop: an efficient and generic runtime verification framework. SIGPLAN Not, 2007, 42: 569–588

    Article  Google Scholar 

  25. Jacob B, Lanyon-Hogg R, Nadgir D K, et al. A practical guide to the IBM autonomic computing toolkit. IBM Redbooks, 2004

  26. Wang X, Wang J, Qi Z C. Automatic generation of run-time test oracles for distributed real-time systems. In: David de F E, Núñez M, eds. Proceedings of the Formal Techniques for Networked and Distributed Systems, Springer-Verlag, 2004. LNCS 3235. 199–212

  27. D’Angelo B, Sankaranarayanan S, Sánchez C, et al. LOLA: runtime monitoring of synchronous systems. In: Proceedings of the 12th International Symposium on Temporal Representation and Reasoning, IEEE Computer Society, 2005. 166–174

  28. Stolz V. Temporal assertions with parametrised propositions. In: Sokolsky O, Taşiran S, eds. Proceedings of the 7th International Workshop on Runtime Verification, Springer-Verlag, 2007. LNCS 4839. 176–187

  29. Liu W, Wang J. A tighter analysis of Piterman’s Büchi determinization. Inf Process Lett, 2009, 109: 941–945

    Article  MATH  Google Scholar 

  30. Ji M L, Wang J, Li S H, et al. Automated worst-case execution time analysis based on program modes. Comput J, 2009, 52: 530–544

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer, National University of Defense Technology, Changsha, 410073, China

    Wei Dong, ChangZhi Zhao & ShaoXian Shu

  2. Institute of Software Technology and Programming Languages, University of Lübeck, Lübeck, Germany

    Martin Leucker

Authors
  1. Wei Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. ChangZhi Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. ShaoXian Shu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Martin Leucker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wei Dong.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Dong, W., Zhao, C., Shu, S. et al. Anticipatory active monitoring for safety- and security-critical software. Sci. China Inf. Sci. 55, 2723–2737 (2012). https://doi.org/10.1007/s11432-012-4739-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-012-4739-8

Keywords

Search

Navigation