Three-Valued Asynchronous Distributed Runtime Verification Torben - - PowerPoint PPT Presentation

three valued asynchronous distributed runtime verification
SMART_READER_LITE
LIVE PREVIEW

Three-Valued Asynchronous Distributed Runtime Verification Torben - - PowerPoint PPT Presentation

Oct 27, 2023 246 likes •533 views

Three-Valued Asynchronous Distributed Runtime Verification Torben Scheffel Institute for Software Engineering and Programming Languages University of Lbeck, Germany scheffel@isp.uni-luebeck.de October 19, 2014 Torben Scheffel Three-Valued

slide-1
SLIDE 1

Three-Valued Asynchronous Distributed Runtime Verification

Torben Scheffel

Institute for Software Engineering and Programming Languages University of Lübeck, Germany scheffel@isp.uni-luebeck.de

October 19, 2014

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 1/21

slide-2
SLIDE 2

Table of Contents Introduction System Model Distributed Temporal Logic Case Study Conclusion

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 2/21

slide-3
SLIDE 3

Table of Contents Introduction System Model Distributed Temporal Logic Case Study Conclusion

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 3/21

slide-4
SLIDE 4

Introduction Testing Runtime Verification (RV) Model Checking Complexity Expressiveness

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 4/21

slide-5
SLIDE 5

Challenges of Distributed RV in Asynchronous Systems There are various encountered when doing RV in asynchronous distributed systems, for example:

◮ different execution speed of agents ◮ inherent non-determinism in execution order ◮ information have to reach the monitor (communication overhead) ◮ one centralized or many decentralized monitors?

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 5/21

slide-6
SLIDE 6

Table of Contents Introduction System Model Distributed Temporal Logic Case Study Conclusion

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 6/21

slide-7
SLIDE 7

System Model a3 a1 a2

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 7/21

slide-8
SLIDE 8

System Model a3 a1 a2 i1 i2

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 7/21

slide-9
SLIDE 9

System Model a3 a1 a2 (va1, i1) (va

2

, i2)

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 7/21

slide-10
SLIDE 10

System Model a3 a1 a2 µ4 (va1, i1) (va

2

, i2)

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 7/21

slide-11
SLIDE 11

System Model a3 a1 a2 µ4 µ1 µ2 µ3 (va1, i1) (va

2

, i2)

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 7/21

slide-12
SLIDE 12

System Model a3 a1 a2 µ4 µ1 µ2 µ3 (va1, i1) (va

2

, i2) va1(2) va2(3)

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 7/21

slide-13
SLIDE 13

Table of Contents Introduction System Model Distributed Temporal Logic Case Study Conclusion

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 8/21

slide-14
SLIDE 14

Linear Temporal Logic (LTL) and Past Operators w = w0w1w2w3w4 · · · ∈ Σω execution trace (word) Set of propositions and boolean operators negation (¬) and or (∨). Future operators:

◮ Next (

)

◮ Until (U)

Past operators:

◮ Previous (

)

◮ Since (S)

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 9/21

slide-15
SLIDE 15

Three-valued LTL over finite traces (LTL3)

  • A. Bauer, M. Leucker, and C. Schallhart,

“Runtime Verification for LTL and TLTL” w | = ϕLTL3 =              ⊤ if ∀u ∈ Σω : wu | =LTL ϕ ⊥ if ∀u ∈ Σω : wu | =LTL ϕ ? else The output of the LTL3 semantics is only ⊤ or ⊥ if every infinite extension of the trace is a model (not a model resp.) of the formula in LTL.

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 10/21

slide-16
SLIDE 16

Past-Time Distributed Temporal Logic (ptDTL)

  • K. Sen, A. Vardhan, G. Agha, and G. Rosu,

“Efficient Decentralized Monitoring of Safety in Distributed Systems” An Additional @-operator is used to spread properties over different agents. Example: @a1(p S @a2q) a1 : {p} {p} {p} {} {p} a2 : {} {q} {q} {q} {q} Only safety properties monitorable with ptDTL

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 11/21

slide-17
SLIDE 17

Distributed Temporal Logic (DTL) DTL LTL3 @ ptLTL ptDTL

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 12/21

slide-18
SLIDE 18

DTL syntax χ ::= @ft

a1ϕ

| @pt

a1ψ

ϕ ::= true | p | ¬ϕ | ϕ ∨ ϕ | ϕ | ϕ U ϕ | @ft

a2ϕ

| @pt

a2ψ

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 13/21

slide-19
SLIDE 19

DTL semantics @pt

a ϕ formulas are evaluated with ptDTL semantics.

@ft

a ϕ formulas are evaluated similar to LTL3 with DTLω replacing LTL.

DTLω works as follows:

◮ all operators besides @ft a and @pt a are evaluated as in LTL ◮ a subformula surrounded by @pt a is evaluated on agent a as in ptDTL ◮ a subformula surrounded by @ft a is evaluated on agent a as in DTL

Values from other agents are delivered using messages whose send and receiving points are marked in the runs of the agents.

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 14/21

slide-20
SLIDE 20

DTL Advantages The main advantages of DTL are:

◮ future and past operators

⇒ higher succinctness

◮ three-valued semantics

⇒ many more properties monitorable

◮ knowledge-vector and message symbols

⇒ precise theoretical evaluation possible

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 15/21

slide-21
SLIDE 21

Monitor Construction Monitors for past formulas of DTL: algorithm from

  • K. Havelund and G. Rosu, “Synthesizing monitors for safety properties”

Monitors for future formulas of DTL: deterministic Moore machines (DMM) constructed as follows: ϕ ϕ LTL ¬ ϕ Aϕ ABA A¬ ϕ Aϕ NBA A¬ ϕ ˆ Aϕ NFA ˆ A¬ ϕ ˜ Aϕ DFA ˜ A¬ ϕ Dϕ DMM

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 16/21

slide-22
SLIDE 22

Table of Contents Introduction System Model Distributed Temporal Logic Case Study Conclusion

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 17/21

slide-23
SLIDE 23

Case Study C3 2 B agent a3 C C2 A 1 T S A B agent a2 C C1 1 A agent a1 C

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 18/21

slide-24
SLIDE 24

Case Study C3 2 B agent a3 C C2 A 1 T S A B agent a2 C C1 ϕ = @ft

a3(¬ s1 U@pt a2(mA ∧

@pt

a1

s1)) Example: 1 A agent a1 C

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 18/21

slide-25
SLIDE 25

Benchmark a1 a2 µm µ1 . . . µn ping pong

◮ Main monitor µm evaluates a formula of the form

@ft

a1(ϕ1 U(ϕ2 U(. . . U ϕn))) or @pt a1(ϕ1 S(ϕ2 S(. . . S ϕn))) for future or past

case respectively.

◮ Every ϕi has the form @pt a2(pi0 S(pi1 S pi2)) with the atomic propositions

pi0, pi1 and pi2 and is evaluated by µi.

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 19/21

slide-26
SLIDE 26

Benchmark

remote monitors time (s) 2 4 6 8 10 12 14 0.1 0.2 0.3 ft 1 pt 1 ft 2 pt 2 ft 3 pt 3

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 20/21

slide-27
SLIDE 27

Conclusion We

◮ developed a system model which describes the distribution of monitoring

data through messages,

◮ developed a new temporal logic DTL for distributed RV with a greater set

  • f monitorable properties as ptDTL,

◮ programmed the transformation of DTL formulas into DMMs, ◮ used the created monitors for a case study to monitor a LEGO

Mindstorms assembly line.

Torben Scheffel Three-Valued Asynchronous Distributed Runtime Verification 21/21