Hostname: page-component-8448b6f56d-wq2xx Total loading time: 0 Render date: 2024-04-19T07:40:58.468Z Has data issue: false hasContentIssue false
  • English
  • Français

Optimal enforcement of (timed) properties with uncontrollable events

Published online by Cambridge University Press:  29 May 2017

MATTHIEU RENARD ,
YLIÈS FALCONE ,
ANTOINE ROLLET ,
THIERRY JÉRON  and
HERVÉ MARCHAND
MATTHIEU RENARD
Affiliation:
LaBRI, Bordeaux INP, Université Bordeaux, Bordeaux, France Emails: matthieu.renard@labri.fr, antoine.rollet@labri.fr
YLIÈS FALCONE
Affiliation:
Univ. Grenoble-Alpes, Inria, Laboratoire d'Informatique de Grenoble, F-38000 Grenoble, France Email: Ylies.Falcone@univ-grenoble-alpes.fr
ANTOINE ROLLET
Affiliation:
LaBRI, Bordeaux INP, Université Bordeaux, Bordeaux, France Emails: matthieu.renard@labri.fr, antoine.rollet@labri.fr
THIERRY JÉRON
Affiliation:
Inria Rennes Bretagne-Atlantique, Rennes, France Emails: thierry.jeron@inria.fr, herve.marchand@inria.fr
HERVÉ MARCHAND
Affiliation:
Inria Rennes Bretagne-Atlantique, Rennes, France Emails: thierry.jeron@inria.fr, herve.marchand@inria.fr
Get access Rights & Permissions [Opens in a new window]

Abstract

This paper deals with runtime enforcement of untimed and timed properties with uncontrollable events. Runtime enforcement consists in defining and using mechanisms that modify the executions of a running system to ensure their correctness with respect to a desired property. We introduce a framework that takes as input any regular (timed) property described by a deterministic automaton over an alphabet of events, with some of these events being uncontrollable. An uncontrollable event cannot be delayed nor intercepted by an enforcement mechanism. Enforcement mechanisms should satisfy important properties, namely soundness, compliance and optimality – meaning that enforcement mechanisms should output as soon as possible correct executions that are as close as possible to the input execution. We define the conditions for a property to be enforceable with uncontrollable events. Moreover, we synthesise sound, compliant and optimal descriptions of runtime enforcement mechanisms at two levels of abstraction to facilitate their design and implementation.

Type
Paper
Information
Mathematical Structures in Computer Science , Volume 29 , Special Issue 1: Special Issue: Best Papers Presented at ICTAC 2015 , January 2019 , pp. 169 - 214
Copyright
Copyright © Cambridge University Press 2017 

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Alur, R. and Dill, D. (1992). The theory of timed automata. In: de Bakker, J., Huizing, C., de Roever, W. and Rozenberg, G. (eds.) Real-Time: Theory in Practice, Lecture Notes in Computer Science, vol. 600, Berlin Heidelberg: Springer, 4573.Google Scholar
Basin, D., Jugé, V., Klaedtke, F. and Zălinescu, E. (2013). Enforceable security policies revisited. ACM Transactions on Information and System Security. 16 (1) 3:13:26.Google Scholar
Basin, D., Klaedtke, F. and Zalinescu, E. (2011). Algorithms for monitoring real-time properties. In: Khurshid, S. and Sen, K. (eds.) Proceedings of the 2nd International Conference on Runtime Verification (RV 2011), Lecture Notes in Computer Science, vol. 7186, Springer-Verlag, 260275.Google Scholar
Bloem, R., Könighofer, B., Könighofer, R. and Wang, C. (2015). Shield synthesis: - Runtime enforcement for reactive systems. In: Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems - 21st International Conference, TACAS 2015, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015, London, UK, 533–548.Google Scholar
Charafeddine, H., El-Harake, K., Falcone, Y. and Jaber, M. (2015). Runtime enforcement for component-based systems. In: Proceedings of the 30th Annual ACM Symposium on Applied Computing, 2015, 1789–1796.Google Scholar
Colombo, C., Pace, G. J. and Schneider, G. (2009a). LARVA –- safer monitoring of real-time Java programs (tool paper). In: Hung, D.V. and Krishnan, P. (eds.) Proceedings of the 7th IEEE International Conference on Software Engineering and Formal Methods (SEFM 2009), IEEE Computer Society, 3337.Google Scholar
Colombo, C., Pace, G. J. and Schneider, G. (2009b). Safe runtime verification of real-time properties. In: Ouaknine, J. and Vaandrager, F.W. (eds.) Proceedings of the 7th International Conference on Formal Modeling and Analysis of Timed Systems (FORMATS 2009), Lecture Notes in Computer Science, vol. 5813, Springer, 103117.Google Scholar
Dolzhenko, E., Ligatti, J. and Reddy, S. (2015). Modeling runtime enforcement with mandatory results automata. International Journal of Information Security 14 (1) 4760.Google Scholar
Falcone, Y., Havelund, K. and Reger, G. (2013). A tutorial on runtime verification. In: Broy, M., Peled, D.A. and Kalus, G. (eds.) Engineering Dependable Software Systems, NATO Science for Peace and Security Series, D: Information and Communication Security, vol. 34, IOS Press, 141175.Google Scholar
Falcone, Y., Mounier, L., Fernandez, J. and Richier, J. (2011). Runtime enforcement monitors: Composition, synthesis, and enforcement abilities. Formal Methods in System Design 38 (3) 223262.Google Scholar
Leucker, M. and Schallhart, C. (2009). A brief account of runtime verification. Journal of Logic Programming 78 (5) 293303.Google Scholar
Ligatti, J., Bauer, L. and Walker, D. (2009). Run-time enforcement of nonsafety policies. ACM Transactions on Information and System Security 12 (3) 19:119:41.Google Scholar
Pinisetty, S., Falcone, Y., Jéron, T. and Marchand, H. (2014a). Runtime enforcement of regular timed properties. In: Cho, Y., Shin, S.Y., Kim, S., Hung, C. and Hong, J. (eds.) Symposium on Applied Computing, SAC, Gyeongju, Republic of Korea: ACM, 12791286.Google Scholar
Pinisetty, S., Falcone, Y., Jéron, T. and Marchand, H. (2014b). Runtime enforcement of parametric timed properties with practical applications. In: Lesage, J., Faure, J., Cury, J.E.R. and Lennartson, B. (eds.) Proceedings of the 12th International Workshop on Discrete Event Systems, WODES, Cachan, France: International Federation of Automatic Control, 420427.Google Scholar
Pinisetty, S., Falcone, Y., Jéron, T., Marchand, H., Rollet, A. and Nguena-Timo, O. (2014c). Runtime enforcement of timed properties revisited. Formal Methods in System Design 45 (3) 381422.Google Scholar
Pinisetty, S., Falcone, Y., Jéron, T., Marchand, H., Rollet, A. and Nguena-Timo, O.L. (2012). Runtime enforcement of timed properties. In: Qadeer, S. and Tasiran, S. (eds.) Runtime Verification, 3rd International Conference, RV 2012, Revised Selected Papers, Lecture Notes in Computer Science, vol. 7687, Istanbul, Turkey: Springer, 229244.Google Scholar
Ramadge, P.J. and Wonham, W.M. (1987). Supervisory control of a class of discrete event processes. SIAM Journal on Control and Optimization 25 (1) 206230.Google Scholar
Ramadge, P.J. and Wonham, W.M. (1989). The control of discrete event systems. Proceedings of the IEEE 77 (1) 8198.Google Scholar
Renard, M., Falcone, Y., Rollet, A., Pinisetty, S., Jéron, T. and Marchand, H. (2015). Enforcement of (timed) properties with uncontrollable events. In: Leucker, M., Rueda, C. and Valencia, F.D. (eds.) Theoretical Aspects of Computing - ICTAC 2015, Lecture Notes in Computer Science, vol. 9399, Springer International Publishing, 542560.Google Scholar
Sammapun, U., Lee, I. and Sokolsky, O. (2005). RT-MaC: Runtime monitoring and checking of quantitative and probabilistic properties. In: Proceedings of the IEEE 19th International Conference on Embedded and Real-Time Computing Systems and Applications, 0:147–153.Google Scholar
Schneider, F.B. (2000). Enforceable security policies. ACM Transactions on Information and System Security 3 (1) 3050.Google Scholar