Presentation is loading. Please wait.

Presentation is loading. Please wait.

MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005.

Published byNyah Pere Modified over 10 years ago

Similar presentations

Presentation on theme: "MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005."— Presentation transcript:

1 MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005

2 Recap: MaC Runtime verification technique –Ensures the current program execution follows its formal requirements at run-time

3 Instrumented Program Event Recognizer CheckerInjector MaC Verifier Execution info variable update method call/return Events Conditions Violations Feedback MaC Verifier and Language Program MaC Compiler PEDLMEDL MaC Specification SADL Where/when to steer System Properties using EVENTS and CONDITIONS Map variable update, method call/return to EVENTS and CONDITIONS

4 Events e - variable update, start/end method e1 || e2 - or e1 && e2 - and start(c) - instant when condition c becomes true end(c) - instant when condition c becomes false e when c - e occurs when condition c is true Alarms: events that must never occur

5 Conditions Conditions interpreted over 3 values: true, false and undefined. c - boolean expression !c - not c c 1 || c 2 - or c 1 && c 2 - and c 1 -> c 2 - imply defined(c) - true when c is defined [e 1, e 2 ) - interval Safety Properties: conditions that must always hold true

6 Current Work Timing properties: Regular expressions Probabilistic properties Dynamic MaC

7 Regular Expressions in MEDL MEDL is based on temporal logic Regular expressions (RE) may be better –Engineers understand them –More concise than TL for temporal ordering RE ranges over MaC events –event a,b,c –a.b*.c

8 Challenges When to accept several possible inputs (ab*c*) –Shortest input –Longest input –All input Identify which events are relevant Overlapping RE Simultaneous events

9 Identify which events are relevant An unexpected event fails the RE check Trace may contain irrelevant events, which should not make RE fail

10 Example: no sends after read open.send*.read*.close Which traces should be accepted or rejected? –open.send.read.closeaccept –open.send.read.send.closereject –open.send.send.readcontinue –open.send.delete?reject –open.send.chdir.close ?accept RE fileaccess{open,send,close,delete} = open.send*.read*.close

11 MaC with Regular Expressions Regular expression over events –Statement: RE R {Ē} =, –Grammar of R: R ::= e | R.R | R+R | R* –Relevant set {Ē} : contribute to RE failure RE are neither events nor conditions –Events associated with RE R : startR(R), success(R), fail(R) alarm badAccess = fail(fileaccess)

12 Overlapping RE Property: open.send*.read*.close Trace: –Actual: open open send read send read –We see: open open send read send read Cannot distinguish between two overlapping instances; events miss attribution –What is the right way to index events?

13 Simultaneous Events Checker operates on a stream of observations –Observations are primitive events that reflect change of system state One primitive event can trigger different other events What if those events are in the the same RE –a. (a || b). b –at state i, a occurs, then (a || b) also occurs –How do we order a and (a || b)

14 Probabilistic Properties Probability calculation –Numerical technique –Statistical technique 1. Simulate 2. Collect several samples 3. Estimate probabilities task start finish in 80 0.25 0.75 finish in 100 not finish in 100 not finish in 80 0.2 0.8

15 Statistical Technique usually, we 1) execute for X times, 2) use them as samples, and 3) estimate probabilities task startfinish in 100not finish in 100task start finish in 100task startfinish in 100task startfinish in 100 …

16 1. Simulate and 2. Collect Sample runtime verification – only one execution path task startfinish in 100 not finish in 100task start finish in 100 task startfinish in 100 task startfinish in 100 server startupdate v client request update v … … task startfinish in 100not finish in 100task start finish in 100task startfinish in 100task startfinish in 100

17 MaC Probabilistic Properties Experiment –An element that indicates a sub-path e exp ( previous example: task start ) c exp Probabilistic event = {,,, =, } –e prob( p, e exp ) Probabilistic condition –c prob( p, c exp )

18 Example A soft real-time task must not miss a deadline of 100 time units with probability 0.2 event missDeadline = end([startT,endT) {100} ) alarm soft_rt_task = missDeadline prob( 0.2, startT) A car velocity must be < 50mph with prob 0.9 in work zones property speed = (v < 50) prob( 0.9, work_zone)

19 3. Estimating Probability Estimate probability from program execution –compute experimental probability p condition and p event –Condition: c prob( < p, c exp ) Event: e prob( < p, e exp ) A car velocity must be < 50mph with prob 0.9 in work zones (v < 50) prob( 0.9, work_zone)

20 Example 01 p=0.2 p=0.267 task must not miss a deadline of 100 time units with probability 0.2 alarm soft_rt_task = missDeadline prob( 0.2, startT) # miss deadline events = 40 # startT (task start events) = 150 p = 40 / 150 = 0.267

21 Statistical Hypothesis Testing Given –Probability estimation –Confidence interval (CI) e.g. CI = 95% Statistical Hypothesis Testing –Satisfied –Not satisfied –Need more sample

22 Probability Estimation: Z-Score Use z-score to calculate how far apart p and p are For event, n = |occurrences of e exp | For condition, n = |S i s.t. c exp = true| Sign of z says which direction + z says p > p - z says p < p Value of z says how far apart p and p task must not miss a deadline of 100 time units with probability 0.2 p = 0.2 p = 0.267 z p = + 2.05 z p = 0 p = 0.2 z p = 2.05 p = 0.267

23 Continue… Given confidence interval (CI) –We calculate z-score z* for CI (e.g. CI = 95% has z* = 1.96) Decide: alarm soft_rt_task = missDeadline prob( 0.2, startT) – no alarm: z p < -z* [ means p < p with confidence CI ] – raise alarm: z p > z* [ means p > p with confidence CI ] – more sample: -z* < z p < z* [ means p p, either action wouldnt cause serious error ] z p = 0 p = 0.2 -z* = -1.96 Raise alarmNo alarm z* = 1.96 more sample z p = 2.05 p = 0.267

24 Dynamic MaC From fixed to dynamic object sets What if tasks can be added dynamically? –The set of events and conditions changes dynamically Events and conditions are parameterized Example: Client event clientReq(ID i) = startM(Client.request()) { clientReq.i = Client.id; } condition clientValid(ID i) = [clientReq(i), clientDropped(i)); Special event that add or remove an object in the object set

Download ppt "MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005."

Similar presentations

Introduction to Hypothesis Testing

Introduction to Hypothesis Testing
Probability models- the Normal especially.

Probability models- the Normal especially.
Feedback Control Real-Time Scheduling: Framework, Modeling, and Algorithms Chenyang Lu, John A. Stankovic, Gang Tao, Sang H. Son Presented by Josh Carl.

Feedback Control Real-Time Scheduling: Framework, Modeling, and Algorithms Chenyang Lu, John A. Stankovic, Gang Tao, Sang H. Son Presented by Josh Carl.
Hypothesis Testing Goal: Make statement(s) regarding unknown population parameter values based on sample data Elements of a hypothesis test: Null hypothesis.

Hypothesis Testing Goal: Make statement(s) regarding unknown population parameter values based on sample data Elements of a hypothesis test: Null hypothesis.
Equivalence Testing Dig it!.

Equivalence Testing Dig it!.
Chapter 7 Hypothesis Testing

Chapter 7 Hypothesis Testing
Introduction to Hypothesis Testing

Introduction to Hypothesis Testing
Reliable Scripting Using Push Logic Push Logic David Greaves, Daniel Gordon University of Cambridge Computer Laboratory Reliable Scripting.

Reliable Scripting Using Push Logic Push Logic David Greaves, Daniel Gordon University of Cambridge Computer Laboratory Reliable Scripting.
“Students” t-test.

“Students” t-test.
Inferential Statistics

Inferential Statistics
Bison Management Suppose you take over the management of a certain Bison population. The population dynamics are similar to those of the population we.

Bison Management Suppose you take over the management of a certain Bison population. The population dynamics are similar to those of the population we.
CHAPTER 15: Tests of Significance: The Basics Lecture PowerPoint Slides The Basic Practice of Statistics 6 th Edition Moore / Notz / Fligner.

CHAPTER 15: Tests of Significance: The Basics Lecture PowerPoint Slides The Basic Practice of Statistics 6 th Edition Moore / Notz / Fligner.
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.

Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.
Hypothesis Testing A hypothesis is a claim or statement about a property of a population (in our case, about the mean or a proportion of the population)

Hypothesis Testing A hypothesis is a claim or statement about a property of a population (in our case, about the mean or a proportion of the population)
Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.

Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.
Statistical Techniques I EXST7005 Lets go Power and Types of Errors.

Statistical Techniques I EXST7005 Lets go Power and Types of Errors.
1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.

1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.
MaC Monitoring and Checking at Runtime Presented By Usa Sammapun CIS 700 Oct 10, 2005.

MaC Monitoring and Checking at Runtime Presented By Usa Sammapun CIS 700 Oct 10, 2005.
Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes Reid G. Simmons (initial work performed at HTC, Summer 2001)

Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes Reid G. Simmons (initial work performed at HTC, Summer 2001)

Similar presentations

Ads by Google