Presentation is loading. Please wait.

Presentation is loading. Please wait.

/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.

Published byKellie Bryan Modified over 9 years ago

Similar presentations

Presentation on theme: "/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by."— Presentation transcript:

1 / 30Hong,Shin @ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by Shin Hong at PSWLAB, KAIST 1Efficient Decentralized Monitoring of Safety in Distributed System2015-05-08

2 / 30Hong,Shin @ PSWLAB Contents Introduction Distributed System Past-time Linear Temporal Logic Past-time Distributed Temporal Logic Monitoring Algorithm for PT-DTL Conclusion 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System2

3 / 30Hong,Shin @ PSWLAB Introduction (1/6) The correctness of a software is very important today.  Model Checking and Testing are two approaches to assure the correctness of software. Model Checking  The size of systems for which model checking is feasible remains limited. Traditional Testing  Ad-hoc  Test coverage is limited. 3Efficient Decentralized Monitoring of Safety in Distributed System2015-05-08

4 / 30Hong,Shin @ PSWLAB Introduction (2/6) Runtime Verification Dynamic monitoring of target system with formal specifications.  Monitors are automatically synthesized from formal specifications.  Scalable 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System4

5 / 30Hong,Shin @ PSWLAB Introduction (3/6) Runtime Verification has been used to monitor distributed systems that have concurrency and asynchrony. In many distributed systems, it’s quite impractical to monitor requirements expressed in classical temporal logics such as LTL. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System5

6 / 30Hong,Shin @ PSWLAB Introduction (4/6) Ex. Mobile Networks Requirement: No node receives a reply from a node to which is has not previously issued a request. How to specify this requirement with LTL? 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System6 Reques t Reply

7 / 30Hong,Shin @ PSWLAB Introduction (5/6) Propositional LTL is impractical to specify the requirements in distributed systems. –Not scalable –Hard to capture global snapshot To address these difficulties, introduce new specification logic for runtime verification in distributed system, Past-time Distributed Temporal Logic. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System7

8 / 30Hong,Shin @ PSWLAB Introduction (6/6) Past-time DTL specifies requirements in local monitor on each node. Previous Mobile Networks example Requirement can be re-written : If Node A has received a value, then it must be the case that previously in the past, Node B has computed the value and at Node A a request to Node B was made. ReceivedValue → @ NodeB ( ◈ (computedValue && @ NodeA ( ◈ requestedValue))) 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System8

9 / 30Hong,Shin @ PSWLAB Contents Introduction Distributed System Past-time Linear Temporal Logic Past-time Distributed Temporal Logic Monitoring Algorithm for PT-DTL Conclusion 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System9

10 / 30Hong,Shin @ PSWLAB Distributed System (1/5) Characteristics of Distributed System A collection of n processes (p 1, p 2, … p n ) each with its own local state. No global or shared variables. A process communicates with others using asynchronous messages whose order of arrival is indeterminate. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System10

11 / 30Hong,Shin @ PSWLAB Distributed System (2/5) Modeling of Distributed System Event: a computation of each process. internal events send events receive events Process: A set of events. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System11

12 / 30Hong,Shin @ PSWLAB Distributed System (3/5) Partial Order ≺ E i : set of events of process p i E : U i E i ⋖ : E ✕ E e ⋖ e’ if e, e’ ∈ E i then e happens immediately before e’ e ⋖ e’ if e is the send event of a message at some process and e’ is the corresponding receive event of the message at the recipient process. ≺ : transtive closure of ⋖ relation. ≼ : reflexive and transitive closure of ⋖ relation. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System12

13 / 30Hong,Shin @ PSWLAB Distributed System (4/5) ↓ e := { e’ | e’ ≼ e } can be thought as the local state LS i := {↓ e | e ∈ E i } the set of local states of a process p i causal j (s i ) : the latest state of process p j that the process p i knows while in state s i ∈ LS i. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System13

14 / 30Hong,Shin @ PSWLAB Distributed System (5/5) 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System14 causal p1 ( ↓ e 23 ) = ↓ e 12

15 / 30Hong,Shin @ PSWLAB Contents Introduction Distributed System Past-time Linear Temporal Logic Past-time Distributed Temporal Logic Monitoring Algorithm for PT-DTL Conclusion 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System15

16 / 30Hong,Shin @ PSWLAB Past-Time Linear Temporal Logic (1/3) PT-LTL has been used to express, monitor, and predict violation of safety properties of software system. Syntax F ::= true | false | a ∈ A | ¬ F | F ∧ F | F ∨ F | F → F | ⊙ F | ⊡ F | ◈ F | F S F where A is the set of atomic propositions 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System16

17 / 30Hong,Shin @ PSWLAB Past-Time Linear Temporal Logic (2/3) Temporal Logics in PT-LTL ⊙ : previously ρ ⊨ ⊙ F iff ρ’ ⊨ F where ρ’= ρ n-1 if n>1, and ρ’=ρ if n=1 ⊡ : always in the past ρ ⊨ ⊡ F iff ρ i ⊨ F for all 1≤ i < n, ◈ : eventually in the past ρ ⊨ ◈ F iff ρ i ⊨ F for some 1≤ i < n, S : since ρ ⊨ F 1 S F 2 iff ρ j ⊨ F 2 for some 1≤ j ≤ n and ρ i ⊨ F 1 for all j ≤ i ≤ n 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System17

18 / 30Hong,Shin @ PSWLAB Past-Time Linear Temporal Logic (3/3) ⊡ ((action ∧ ⊙¬ action) → ¬ Stop S Start)) 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System18

19 / 30Hong,Shin @ PSWLAB Contents Introduction Distributed System Past-time Linear Temporal Logic Past-time Distributed Temporal Logic Monitoring Algorithm for PT-DTL Conclusion 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System19

20 / 30Hong,Shin @ PSWLAB Past-Time Distributed Temporal Logic (1/4) Distributed systems are usually asynchronous and the absolute global state of the system is not available to processes. The best thing that each process can do is to reason about the global state that it is aware of. PT-DTL expresses safety properties of distributed message passing system. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System20

21 / 30Hong,Shin @ PSWLAB Past-Time Distributed Temporal Logic (2/4) PT-DTL extends PT-LTL Remote operator @ Evaluate an expression or a formula in the last known state of a remote process x > @ j y a → @ j b 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System21

22 / 30Hong,Shin @ PSWLAB Past-Time Distributed Temporal Logic (3/4) Syntax op : ∧, ∨, → ξ i is a tuple of expressions on process p i. f is function over tuples. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System22

23 / 30Hong,Shin @ PSWLAB Past-Time Distributed Temporal Logic (4/4) Semantics The semantics of PT-DTL is a natural extension of PT-LTL. the value of the expression ξ j in the state s j =causal j (s i ) which is the latest state of process p j of which process p i is aware of. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System23

24 / 30Hong,Shin @ PSWLAB Monitoring algorithm for PT-DTL (1/6) Synthesized monitor is distributed local monitors running on each processes. Goal  Monitoring should be fast.  Little memory overhead.  # of messages that need to be sent between process for monitoring purpose should be minimal. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System24

25 / 30Hong,Shin @ PSWLAB Monitoring algorithm for PT-DTL (2/6) A local monitor may attach additional information to every outgoing message. Evaluating a remote expression at process p i, process p j send the value of the expression attached on every messages with sequence number. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System25

26 / 30Hong,Shin @ PSWLAB Monitoring algorithm for PT-DTL (3/6) Knowledge Vector At process p i, KV i [j]: the entry for process p j on a vector KV. KV i [j].seq: the sequence number of the last event seen at p j. KV i [j].values : storing the values remote expressions and remote formulas on process j. The monitor of process p i attaches a copy of KV i with every outgoing messages. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System26

27 / 30Hong,Shin @ PSWLAB Monitoring algorithm for PT-DTL (4/6) for internal event update KV i [i] for send event KV i [i].seq := KV i [i].seq + 1 ; for receive event KV m : given KV from received message. for all j, KV m [j].seq > KV i [j].seq → KV i [j] := KV m [j] ; Every process should know initial value of all variables. Initial value of all variables can be found by initial broadcast or static analysis. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System27

28 / 30Hong,Shin @ PSWLAB Monitoring algorithm for PT-DTL (5/6) Once KV is properly updated, the local monitor can compute the boolean value of the formula to be monitored, by recursively evaluating the boolean value of each of its subformulae in the current state. 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System28

29 / 30Hong,Shin @ PSWLAB Monitoring algorithm for PT-DTL (6/6) 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System29 Example 3 processes p 1 has a local variable x whose initial value is 5. p 2 has a local variable y with initial value 7. And p 2 monitors the formula

30 / 30Hong,Shin @ PSWLAB Conclusion DIANA – Distributed Analysis based on Java using Actor formalism instrumentation at bytecode 2015-05-08Efficient Decentralized Monitoring of Safety in Distributed System30

Download ppt "/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by."

Similar presentations

Policy Auditing over Incomplete Logs: Theory, Implementation and Applications Deepak Garg 1, Limin Jia 2 and Anupam Datta 2 1 MPI-SWS (work done at Carnegie.

Policy Auditing over Incomplete Logs: Theory, Implementation and Applications Deepak Garg 1, Limin Jia 2 and Anupam Datta 2 1 MPI-SWS (work done at Carnegie.
Replicated Dictionary and Log

Replicated Dictionary and Log
Modeling and Analyzing Periodic Distributed Computations Anurag Agarwal Vijay Garg Vinit Ogale The University.

Modeling and Analyzing Periodic Distributed Computations Anurag Agarwal Vijay Garg Vinit Ogale The University.
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
Metodi formali dello sviluppo software a.a.2013/2014 Prof.Anna Labella.

Metodi formali dello sviluppo software a.a.2013/2014 Prof.Anna Labella.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 4 Instructor: Haifeng YU.

CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 4 Instructor: Haifeng YU.
Runtime Verification Ali Akkaya Boğaziçi University.

Runtime Verification Ali Akkaya Boğaziçi University.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Virtual Time “Virtual Time and Global States of Distributed Systems” Friedmann Mattern, 1989 The Model: An asynchronous distributed system = a set of processes.

Virtual Time “Virtual Time and Global States of Distributed Systems” Friedmann Mattern, 1989 The Model: An asynchronous distributed system = a set of processes.
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
CS6133 Software Specification and Verification

CS6133 Software Specification and Verification
D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.

D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.
/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct 2007 08:021PROMELA Semantics.

/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct :021PROMELA Semantics.
Time and Global States Part 3 ECEN5053 Software Engineering of Distributed Systems University of Colorado, Boulder.

Time and Global States Part 3 ECEN5053 Software Engineering of Distributed Systems University of Colorado, Boulder.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
CS542 Topics in Distributed Systems Diganta Goswami.

CS542 Topics in Distributed Systems Diganta Goswami.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.

An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.
An Associative Broadcast Based Coordination Model for Distributed Processes James C. Browne Kevin Kane Hongxia Tian Department of Computer Sciences The.

An Associative Broadcast Based Coordination Model for Distributed Processes James C. Browne Kevin Kane Hongxia Tian Department of Computer Sciences The.

Similar presentations

Ads by Google