Zero Overhead Runtime Monitoring

Runtime monitoring aims at ensuring program safety by monitoring the program's behaviour during execution and taking appropriate action before a program violates some property. Runtime monitoring is in particular important when an exhaustive formal verification fails. While the approach allows for a safe execution of programs, it may impose a significant runtime overhead. In this paper, we propose a novel technique combining verification and monitoring which incurs no overhead during runtime at all. The technique proceeds by using the inconclusive result of a verification run as the basis for transforming the program into one where all potential points of failure are replaced by HALT statements. The new program is safe by construction, behaviourally equivalent to the original program except for unsafe behaviour, and has the same performance characteristics.

[1]  Howard Barringer,et al.  Rule Systems for Run-time Monitoring: from Eagle to RuleR , 2010, J. Log. Comput..

[2]  Sylvain Hallé,et al.  A Case for "Piggyback" Runtime Monitoring , 2012, ISoLA.

[3]  Robert E. Strom,et al.  Typestate: A programming language concept for enhancing software reliability , 1986, IEEE Transactions on Software Engineering.

[4]  Dinakar Dhurjati,et al.  Path-Sensitive Dataflow Analysis with Iterative Refinement , 2006, SAS.

[5]  Grigore Rosu,et al.  An overview of the MOP runtime verification framework , 2012, International Journal on Software Tools for Technology Transfer.

[6]  Ajitha Rajan,et al.  Requirements Coverage as an Adequacy Measure for Conformance Testing , 2008, ICFEM.

[7]  Thomas A. Henzinger,et al.  Path invariants , 2007, PLDI '07.

[8]  Dirk Beyer,et al.  CPAchecker: A Tool for Configurable Software Verification , 2009, CAV.

[9]  Martin Leucker,et al.  Runtime Verification for LTL and TLTL , 2011, TSEM.

[10]  Marcelo d'Amorim,et al.  A Formal Monitoring-Based Framework for Software Development and Analysis , 2004, ICFEM.

[11]  Thomas A. Henzinger,et al.  The Blast Query Language for Software Verification , 2004, SAS.

[12]  Úlfar Erlingsson,et al.  IRM enforcement of Java stack inspection , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[13]  Thomas A. Henzinger,et al.  Conditional model checking: a technique to pass information between verifiers , 2012, SIGSOFT FSE.

[14]  Dirk Beyer,et al.  Predicate abstraction with adjustable-block encoding , 2010, Formal Methods in Computer Aided Design.

[15]  Mahesh Viswanathan,et al.  Java-MaC: A Run-Time Assurance Approach for Java Programs , 2004, Formal Methods Syst. Des..

[16]  Sorin Lerner,et al.  ESP: path-sensitive program verification in polynomial time , 2002, PLDI '02.

[17]  Matthew B. Dwyer,et al.  Residual dynamic typestate analysis exploiting static analysis: results to reformulate and reduce the cost of dynamic analysis , 2007, ASE.

[18]  Eric Bodden,et al.  Clara: A Framework for Partially Evaluating Finite-State Runtime Monitors Ahead of Time , 2010, RV.