Monitoring Distributed Controllers: When an Efficient LTL Algorithm on Sequences Is Needed to Model-Check Traces

It is well known that through code instrumentation, a distributed system's finite execution can generate a finite trace as a partially ordered set of events. We motivate the need to use LTL model-checking on sequences and not on traces as defined by Diekert and Gastin, to validate distributed control systems executions, abstracted by such traces, and present an efficient symbolic algorithm to do the job. It uses the standard method proposed by Vardi and Wolper, which from the LTL formula, builds a monitor that accepts all the bad sequences. We show that, given a monitor and a trace, the problem to check that both the monitor and the trace have a common sequence is NP-complete in the number of concurrent processes. Our method explores the possible configurations symbolically, since it handles sets of configurations. Moreover, it uses techniques similar to the partial order reduction, to avoid exploring as many execution interleavings as possible. It works very well in practice, compared to the standard exploration method, with or without partial order reduction (which, in practice, does not work well here).

[1]  Kenneth L. McMillan,et al.  The SMV System , 1993 .

[2]  Vijay K. Garg,et al.  Detection of Weak Unstable Predicates in Distributed Programs , 1994, IEEE Trans. Parallel Distributed Syst..

[3]  Koushik Sen,et al.  Online efficient predictive safety analysis of multithreaded programs , 2005, International Journal on Software Tools for Technology Transfer.

[4]  Koushik Sen,et al.  Efficient decentralized monitoring of safety in distributed systems , 2004, Proceedings. 26th International Conference on Software Engineering.

[5]  P. S. Thiagarajan,et al.  A trace based extension of linear time temporal logic , 1994, Proceedings Ninth Annual IEEE Symposium on Logic in Computer Science.

[6]  Wojciech Penczek,et al.  Model-checking of causality properties , 1995, Proceedings of Tenth Annual IEEE Symposium on Logic in Computer Science.

[7]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[8]  Vijay K. Garg,et al.  Detecting Temporal Logic Predicates in Distributed Programs Using Computation Slicing , 2003, OPODIS.

[9]  Patrice Godefroid,et al.  Partial-Order Methods for the Verification of Concurrent Systems , 1996, Lecture Notes in Computer Science.

[10]  Thierry Massart,et al.  How to Make FDR Spin LTL Model Checking of CSP by Refinement , 2001, FME.

[11]  Vijay K. Garg,et al.  Detection of global predicates: Techniques and their limitations , 1998, Distributed Computing.

[12]  Antti Valmari,et al.  On-the-Fly Verification with Stubborn Sets , 1993, CAV.

[13]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[14]  Giorgio Delzanno,et al.  Covering sharing trees: a compact data structure for parameterized verification , 2004, International Journal on Software Tools for Technology Transfer.

[15]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[16]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[17]  Cédric Meuter,et al.  dSL: An Environment with Automatic Code Distribution for Industrial Control Systems , 2003, OPODIS.

[18]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[19]  Vijay K. Garg,et al.  Computation Slicing: Techniques and Theory , 2001, DISC.

[20]  Vijay K. Garg,et al.  Techniques and applications of computation slicing , 2003, Distributed Computing.

[21]  Igor Walukiewicz,et al.  An expressively complete linear time temporal logic for Mazurkiewicz traces , 1997, Proceedings of Twelfth Annual IEEE Symposium on Logic in Computer Science.

[22]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[23]  Vijay K. Garg,et al.  Detection of Strong Unstable Predicates in Distributed Programs , 1996, IEEE Trans. Parallel Distributed Syst..

[24]  Cédric Meuter,et al.  The formal design of distributed controllers with dSL and Spin , 2005, Formal Aspects of Computing.

[25]  Walter Vogler,et al.  An Improvement of McMillan's Unfolding Algorithm , 1996, Formal Methods Syst. Des..

[26]  Paul Gastin,et al.  LTL Is Expressively Complete for Mazurkiewicz Traces , 2000, J. Comput. Syst. Sci..

[27]  Kenneth L. McMillan,et al.  A technique of state space search based on unfolding , 1995, Formal Methods Syst. Des..

[28]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[29]  Leslie Lamport,et al.  Distributed snapshots: determining global states of distributed systems , 1985, TOCS.

[30]  Carole Delporte-Gallet,et al.  Local and temporal predicates in distributed systems , 1995, TOPL.

[31]  Friedemann Mattern,et al.  Virtual Time and Global States of Distributed Systems , 2002 .

[32]  Vijay K. Garg,et al.  On slicing a distributed computation , 2001, Proceedings 21st International Conference on Distributed Computing Systems.