Comparing LTL Semantics for Runtime Verification

When monitoring a system w.r.t. a property defined in a temporal logic such as LTL, a major concern is to settle with an adequate interpretation of observable system events; that is, models of temporal logic formulae are usually infinite words of events, whereas at runtime only finite but incrementally expanding prefixes are available. In this work, we review LTL-derived logics for finite traces from a runtime-verification perspective. In doing so, we establish four maxims to be satisfied by any LTL-derived logic aimed at runtime verification. As no pre-existing logic readily satisfies all of them, we introduce a new four-valued logic Runtime Verification Linear Temporal Logic RV-LTL in accordance to these maxims. The semantics of Runtime Verification Linear Temporal Logic (RV-LTL) indicates whether a finite word describes a system behaviour which either (i) satisfies the monitored property, (ii) violates the property, (iii) will presumably violate the property, or (iv) will presumably conform to the property in the future, once the system has stabilized. Notably, (i) and (ii) correspond to the classical semantics of LTL, whereas (iii) and (iv) are chosen whenever an observed system behaviour has not yet lead to a violation or acceptance of the monitored property. Moreover, we present a monitor construction for RV-LTL properties in terms of Moore machines signalizing the semantics of the so far obtained execution trace w.r.t. the monitored property.

[1]  Martin Leucker,et al.  Runtime verification revisited , 2005 .

[2]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[3]  Martin Leucker,et al.  The Good, the Bad, and the Ugly, But How Ugly Is Ugly? , 2007, RV.

[4]  Dana Fisman,et al.  Reasoning with Temporal Logic on Truncated Paths , 2003, CAV.

[5]  Grigore Rosu,et al.  Monitoring Java Programs with Java PathExplorer , 2001, RV@CAV.

[6]  Doron Drusinsky,et al.  The Temporal Rover and the ATG Rover , 2000, SPIN.

[7]  Zohar Manna,et al.  Temporal Verification of Reactive Systems , 1995, Springer New York.

[8]  Grigore Rosu,et al.  Monitoring programs using rewriting , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[9]  John E. Hopcroft,et al.  An n log n algorithm for minimizing states in a finite automaton , 1971 .

[10]  Marcelo d'Amorim,et al.  Efficient Monitoring of omega-Languages , 2005, CAV.

[11]  Johan Anthory Willem Kamp,et al.  Tense logic and the theory of linear order , 1968 .

[12]  Martin Leucker,et al.  Monitoring of Real-Time Properties , 2006, FSTTCS.

[13]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[14]  Nuel D. Belnap,et al.  A Useful Four-Valued Logic , 1977 .

[15]  Grigore Rosu,et al.  Allen Linear (Interval) Temporal Logic - Translation to LTL and Monitor Synthesis , 2006, CAV.

[16]  Grigore Rosu,et al.  Synthesizing Monitors for Safety Properties , 2002, TACAS.

[17]  Orna Kupferman,et al.  Model Checking of Safety Properties , 1999, CAV.

[18]  Dimitra Giannakopoulou,et al.  Automata-based verification of temporal properties on running programs , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[19]  Moshe Y. Vardi An Automata-Theoretic Approach to Linear Temporal Logic , 1996, Banff Higher Order Workshop.

[20]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[21]  Martin Leucker,et al.  Runtime Verification for LTL and TLTL , 2011, TSEM.

[22]  Volker Stolz,et al.  Temporal Assertions using AspectJ , 2006, Electron. Notes Theor. Comput. Sci..

[23]  Dimitra Giannakopoulou,et al.  Runtime Analysis of Linear Temporal Logic Specifications , 2001 .