Rewriting-Based Runtime Verification for Alternation-Free HyperLTL (original) (raw)

Rewriting-Based Techniques for Runtime Verification

Automated Software Engineering, 2005

Techniques for efficiently evaluating future time Linear Temporal Logic (abbreviated LTL) formulae on finite execution traces are presented. While the standard models of LTL are infinite traces, finite traces appear naturally when testing and/or monitoring real applications that only run for limited time periods. A finite trace variant of LTL is formally defined, together with an immediate executable semantics which turns out to be quite inefficient if used directly, via rewriting, as a monitoring procedure. Then three algorithms are investigated. First, a simple synthesis algorithm for monitors based on dynamic programming is presented; despite the efficiency of the generated monitors, they unfortunately need to analyze the trace backwards, thus making them unusable in most practical situations. To circumvent this problem, two rewriting-based practical algorithms are further investigated, one using rewriting directly as a means for online monitoring, and the other using rewriting to generate automata-like monitors, called binary transition tree finite state machines (and abbreviated BTT-FSMs). Both rewriting algorithms are implemented in Maude, an executable specification language based on a very efficient implementation of term rewriting. The first rewriting algorithm essentially consists of a set of equations establishing an executable semantics of LTL, using a simple formula transforming approach. This algorithm is further improved to build automata on-the-fly via caching and reuse of rewrites (called memoization), resulting in a very efficient and small Maude program that can be used to monitor program executions. The second rewriting algorithm builds on the first one and synthesizes provably minimal BTT-FSMs from LTL formulae, which can then be used to analyze execution traces online without the need for a rewriting system. The presented work is part of an ambitious runtime verification and monitoring project at NASA Ames, called Path Explorer, and demonstrates that rewriting can be a tractable and attractive means for experimenting and implementing logics for program monitoring.

Security policy validation using temporal executable specifications

2007 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2007, 2007

Security policies constitute the core of protecting information systems. Validation tools should therefore be developed to check whether a version of a specific security policy conforms to the required security properties. This paper proposes a validation framework for security policies where: (1) algebraic specifications are used to build abstract views about the security policy, (2) an executable security policy can be extracted from the algebraic representation, and (3) syntactical (resp. sematic) verification of the executable (resp. algebraic) security policy is performed. http://ieeexplore.ieee.org/xpls/abs\_all.jsp?arnumber=4413742&tag=1