Presentation is loading. Please wait.

Presentation is loading. Please wait.

POLYLARVA Technology Agnostic Runtime Verification.

Similar presentations


Presentation on theme: "POLYLARVA Technology Agnostic Runtime Verification."— Presentation transcript:

1 POLYLARVA Technology Agnostic Runtime Verification

2 A System’s Behaviour

3 Testing

4 Model Checking

5 Runtime Verification

6 Inputs to Runtime Verification System No more than 10 users can be logged onto the system at any one time A user cannot execute more than 3 failed transactions in one session A user which has been idle for more than 5 minutes should be logged out

7 Creating a Runtime Monitor

8

9

10

11

12 The L ARVA Architecture

13 L ARVA – J AVA Specific Property to be verified : New accounts can be added for a User if the User settings allow It. Otherwise this should be disallowed. before ( User u1) : (call(* User.addAccount(..)) && target(u1) && !cflow(adviceexecution())) { Monitor monitor_instance = getMonitorInstance(u1); monitor_instance.call(thisJoinPoint.getSignature().toString(), 8/*addAccount*/); }

14 L ARVA – J AVA Specific Property to be verified : New accounts can be added for a User if the User settings allow It. Otherwise this should be disallowed. if ((_occurredEvent(_event,8/*addAccount*/)) && (!u.canAddAccounts ())){ _state_id_account = 5;//moving to state cannotadd _goto_account(_info); }

15 L ARVA – J AVA Specific Property to be verified : New accounts can be added for a User if the User settings allow It. Otherwise this should be disallowed. if ((_occurredEvent(_event,8/*addAccount*/)) && (!u.canAddAccounts ())){ _state_id_account = 5;//moving to state cannotadd _goto_account(_info); }

16 Goals for PolyL ARVA 1)Improve LARVA framework to become a customisable monitoring architecture supporting potentially numerous platforms and technologies Generated Monitor System (Any Language) Notifies monitor when specific Events take place Evaluates monitoring logic

17 The PolyL ARVA Specification Language The PolyLarva specification language proposed is an ECA (Event-Condition-Action) rule-based language rule name : event \ condition  action ruleAddAccnt: addAccount(u2, a) \ isTooManyAccts -> logTooMany;

18 The PolyL ARVA Specification Language ruleAddAccnt: addAccount(u2, a) \ isTooManyAccts -> logTooMany; states { int accountCnt } conditions{ isTooManyAccts = {accountCnt > 5;} }

19 The PolyL ARVA Specification Language ruleAddAccnt: addAccount(u2, a) \ isTooManyAccts -> logTooMany; states { int accountCnt } conditions{ isTooManyAccts = {accountCnt > 5;} } actions { logTooMany = {System.out.println("Account limit of 5 exceeded.");}} }

20 Evaluating Conditions & Actions Keep Integer count of users in system - usercount Increment counter on new user addition. Compare this counter against a set limit on every new user addition Log warning message MonitorSystem ruleAddUser: addUser( ) \ usercount > 5  logTooManyUsers addUser()

21 Evaluating Conditions & Actions canAddAccounts is a property of a User Instance Monitor must refer to system to obtain evaluation of condition MonitorSystem ruleAddUser: addAccount( User u ) \ u.canAddAccounts()  logNewAccount addAccount(User u) u.canAddAccounts()

22 Evaluating Conditions & Actions canAddAccounts is a property of a User Instance Monitor must refer to system to obtain evaluation of condition MonitorSystem ruleAddUser: addAccount( User u ) \ u.canAddAccounts()  logNewAccount u.canAddAccounts()

23 System vs Monitor Conditions & Actions Monitor SideSystem Side Can be evaluated by monitor – no reference to system specific properties Must be evaluated on the system – reference variables and methods declared in system code Must be written in JAVA codeMust be written in system language MonitorSystem conditions { monitorSide { isTooManyAccts = {accountCnt > 5;} } conditions { systemSide { cannotAddAccts = {return !user.canAddAcounts();} }

24 The PolyL ARVA Architecture Phase 1: Creation of JAVA code which covers the monitor logic for validating properties

25 The PolyL ARVA Architecture Phase 2: Creation of code which will be used to instrument the system code Creation of ‘Aspect’ code

26 The PolyL ARVA Architecture Phase 2: Creation of code which will be used to instrument the system code Creation of code that adds monitor logic on system side

27 The PolyL ARVA Architecture - Communication Communication between Monitor and Instrumented System via Sockets

28 The PolyL ARVA Language Specific Compiler

29 Generation of ‘Aspect’ Code The Runtime Monitor must be aware of any events, relevant to monitoring, that occur on the system Aspect Programming is ideal for use in Runtime Monitoring systems Can support a large number of programming languages, though not all Aspect Code

30 Generation of J AVA ‘Aspect’ Code Event Specification Aspect Code addAccount(User u2, Account a) = {execution Account a.new(User u2)} Context_Aspect.aj before(Account a,User u2):target(a) && execution(Account.new(..)) && args (u2)&& !cflow(adviceexecution()){ LarvaCommClient.getClientConnection().sendMessage( LarvaCommClient.ASPECT_EVENT, 5, UniqueIDGenerator.getIdentifier(a)+","+ UniqueIDGenerator.getIdentifier(u2)+","); }

31 What if our system program is written in PERL? Event Specification Aspect Code addAccount(User u2, Account a) = {execution Account a.new(User u2)} Context_Aspect.pl PERL Aspect Code [uses Aspect.pm] Uses socket connection to communicate with monitor

32 Generation of Monitor ‘Helper’ Code (System Side) Helper Code conditions{ systemSide { cannotAddAccts = {!user.canAddAcounts();} } } %conditions System side code copied verbatim to generated code. Helper code becomes part of System.

33 PolyL ARVA – A Flexible Runtime Monitoring System QDDCCounterexample Formulas LUSTREDATEsRuleBased JAVA C++ C# PERL...

34 PolyL ARVA – A Flexible Runtime Monitoring System QDDCCounterexample Formulas LUSTREDATEsRuleBased JAVA C++ C# PERL...

35 PolyL ARVA – A Flexible Runtime Monitoring System QDDCCounterexample Formulas LUSTREDATEsRuleBased JAVA C++ C# PERL...

36 PolyL ARVA – A Flexible Runtime Monitoring System QDDCCounterexample Formulas LUSTREDATEsRuleBased JAVA C++ C# PERL...

37 Future Work on PolyL ARVA Runtime Monitor Implementation of other Language Specific Compilers Implementation of translator for specification in DATEs format to new PolyLarvaspecification Analysis of specification script for optimisation of rules Ability to save and load Monitor state Any more?

38 THE END POLYLARVA Technology Agnostic Runtime Verification


Download ppt "POLYLARVA Technology Agnostic Runtime Verification."

Similar presentations


Ads by Google