Synthesizing a specification-based monitor for safety requirements

Safety-critical systems such as medical and avionic ones are the systems in which failure to satisfy the user requirements may put man's life and resources in jeopardy. Since the adequate reliability of the software of such systems may be unobtainable via formal methods and the software testing approach single-handedly, verification of run-time behavior of software against user requirements violation is considered as a complementary approach. However, the synthesis of such a run-time verifier, hereafter we have called it a monitor, is confronted with the challenging problem of verifying low-level run-time behavior of target software against high-level user requirements violation. To solve this problem, we propose an approach in two phases. In the first phase, we obtain user requirements and then specify their violation formally. This formal specification is a high-level version of user requirements violations and should be mapped to a low-level one. To this end, in the second phase we extract a tabular automaton from the formal specification of user requirements violations in order to determine a state-based specification of the violations. This low-level specification, which constitutes the core of the monitor, determines those states which target software should not reach. To show the effectiveness of our approach, we apply it to the synthesis of a monitor for verifying behavior of the Continuous Insulin Infusion Pump (CIIP) system.

[1]  Erik T. Mueller,et al.  Commonsense Reasoning , 2006, Qualitative Representations.

[2]  Ann Q. Gates,et al.  A taxonomy and catalog of runtime software-fault monitoring tools , 2004, IEEE Transactions on Software Engineering.

[3]  Dov M. Gabbay,et al.  From Runtime Verification to Evolvable Systems , 2007, RV.

[4]  Guangtian Liu,et al.  Efficient Run-time Monitoring Of Timing Constraints , 1997, Proceedings Third IEEE Real-Time Technology and Applications Symposium.

[5]  Grigore Rosu,et al.  Java-MOP: A Monitoring Oriented Programming Environment for Java , 2005, TACAS.

[6]  David Lorge Parnas,et al.  Functional Documents for Computer Systems , 1995, Sci. Comput. Program..

[7]  Koushik Sen,et al.  Rule-Based Runtime Verification , 2004, VMCAI.

[8]  Grigore Rosu,et al.  Runtime Verification of C Memory Safety , 2009, RV.

[9]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[10]  Michael R. Lowry,et al.  Experimental Evaluation of Verification and Validation Tools on Martian Rover Software , 2013, Formal Methods Syst. Des..

[11]  David Lorge Parnas,et al.  Evaluation of safety-critical software , 1990, CACM.

[12]  Michael R. Lowry,et al.  Combining test case generation and runtime verification , 2005, Theor. Comput. Sci..

[13]  Marcelo d'Amorim,et al.  Event-based runtime verification of java programs , 2005, WODA '05.

[14]  Paola Velardi,et al.  Hardware-Related Software Errors: Measurement and Analysis , 1985, IEEE Transactions on Software Engineering.

[15]  Constance L. Heitmeyer,et al.  Automated consistency checking of requirements specifications , 1996, TSEM.

[16]  Marek J. Sergot,et al.  A logic-based calculus of events , 1989, New Generation Computing.

[17]  Fabrice Bouquet,et al.  Safety Property Driven Test Generation from , 2006, FATES/RV.

[18]  Saeed Jalili,et al.  RVERL: Run-time Verification of Real-time and Reactive Programs using Event-based Real-Time Logic Approach , 2007, 5th ACIS International Conference on Software Engineering Research, Management & Applications (SERA 2007).

[19]  Axel van Lamsweerde,et al.  Deriving tabular event-based specifications from goal-oriented requirements models , 2004, Requirements Engineering.

[20]  M Safaarzadeh,et al.  REPAIR AND MAINTENANCE MODELS FOR HIGHWAY TRAFFIC CONTROL DEVICES , 2005 .

[21]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[22]  Seymour Lipschutz,et al.  Schaum's outline of theory and problems of set theory and related topics , 1964 .

[23]  Bev Littlewood,et al.  Validation of ultrahigh dependability for software-based systems , 1993, CACM.

[24]  Michael R. Lowry,et al.  Experiments with Test Case Generation and Runtime Analysis , 2003, Abstract State Machines.

[25]  Mahesh Viswanathan,et al.  Java-MaC: A Run-Time Assurance Approach for Java Programs , 2004, Formal Methods Syst. Des..

[26]  Edsger W. Dijkstra,et al.  Notes on structured programming , 1970 .

[27]  David Lorge Parnas,et al.  Requirements-based monitors for real-time systems , 2000, ISSTA '00.

[28]  Miro Samek,et al.  Practical statecharts in C/C++: Quantum programming for embedded systems , 2002 .

[29]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[30]  Xin Wang,et al.  An optimized method for automatic test oracle generation from real-time specification , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).

[31]  Martin Leucker,et al.  A brief account of runtime verification , 2009, J. Log. Algebraic Methods Program..

[32]  John C. Knight,et al.  Safety critical systems: challenges and directions , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[33]  Viktor Kuncak,et al.  Runtime Checking for Program Verification , 2007, RV.

[34]  G. B. Finelli,et al.  The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software , 1993, IEEE Trans. Software Eng..

[35]  Robert A. Kowalski,et al.  Variants of the Event Calculus , 1995, ICLP.

[36]  Zhe Dang,et al.  Decompositional Algorithms for Safety Verification and Testing of Aspect-Oriented Systems , 2006, FATES/RV.

[37]  Aloysius K. Mok,et al.  Modechart: A Specification Language for Real-Time Systems , 1994, IEEE Trans. Software Eng..

[38]  Bruce P. Douglass,et al.  Doing hard time: developing real-time systems with uml , 1999 .