Control-Flow Residual Analysis for Symbolic Automata

Where full static analysis of systems fails to scale up due to system size, dynamic monitoring has been increasingly used to ensure system correctness. The downside is, however, runtime overheads which are induced by the additional monitoring code instrumented. To address this issue, various approaches have been proposed in the literature to use static analysis in order to reduce monitoring overhead. In this paper we generalise existing work which uses control-flow static analysis to optimise properties specified as automata, and prove how similar analysis can be applied to more expressive symbolic automata - enabling reduction of monitoring instrumentation in the system, and also monitoring logic. We also present empirical evidence of the effectiveness of this approach through an analysis of the effect of monitoring overheads in a financial transaction system.

[1]  Gordon J. Pace,et al.  A Specification Language for Static and Runtime Verification of Data and Control Properties , 2015, FM.

[2]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[3]  Gordon J. Pace,et al.  Compliance Checking in the Open Payments Ecosystem , 2016, SEFM.

[4]  Gordon J. Pace,et al.  A Model-Based Approach to Combining Static and Dynamic Verification Techniques , 2016, ISoLA.

[5]  Gordon J. Pace,et al.  Dynamic Event-Based Runtime Monitoring of Real-Time and Contextual Properties , 2009, FMICS.

[6]  Martin Leucker,et al.  A brief account of runtime verification , 2009, J. Log. Algebraic Methods Program..

[7]  Matthew B. Dwyer,et al.  Monitoring Finite State Properties: Algorithmic Approaches and Their Relative Strengths , 2011, RV.

[8]  Rajeev Alur,et al.  Model checking of hierarchical state machines , 1998, TOPL.

[9]  Ezio Bartocci,et al.  Runtime Verification with State Estimation , 2011, RV.

[10]  Grigore Rosu,et al.  Garbage collection for monitoring parametric properties , 2011, PLDI '11.

[11]  Eric Bodden,et al.  Object representatives: a uniform abstraction for pointer information , 2008, BCS Int. Acad. Conf..

[12]  Matthew B. Dwyer,et al.  Residual dynamic typestate analysis exploiting static analysis: results to reformulate and reduce the cost of dynamic analysis , 2007, ASE.

[13]  Laurie Hendren,et al.  Soot: a Java bytecode optimization framework , 2010, CASCON.

[14]  Eric Bodden,et al.  Partially Evaluating Finite-State Runtime Monitors Ahead of Time , 2012, TOPL.

[15]  Tayssir Touili,et al.  Abstract Error Projection , 2007, SAS.

[16]  Gordon J. Pace,et al.  Verifying data- and control-oriented properties combining static and runtime verification: theory and tools , 2017, Formal Methods Syst. Des..

[17]  Gordon J. Pace,et al.  A Unified Approach for Static and Runtime Verification: Framework and Applications , 2012, ISoLA.

[18]  Ezio Bartocci,et al.  Adaptive Runtime Verification , 2012, RV.