Departmental Papers (CIS)

Date of this Version

9-2018

Document Type

Conference Paper

Comments

International Symposium on Dependable Software Engineering: Theories, Tools, and Applications (SETTA 2018), Beijing, China, September 2018

Abstract

Runtime verification (RV) is a lightweight technique for verifying traces of computer systems. One challenge in applying RV is to guarantee that the implementation of a runtime monitor correctly detects and signals unexpected events. In this paper, we present a method for deriving correct-by-construction implementations of runtime monitors from high-level specifications using Fiat, a Coq library for stepwise refinement. SMEDL (Scenario-based Meta-Event Definition Language), a domain specific language for event-driven RV, is chosen as the specification language. We propose an operational semantics for SMEDL suitable to be used in Fiat to describe the behavior of a monitor in a relational way. Then, by utilizing Fiat's refinement calculus, we transform a declarative monitor specification into an executable runtime monitor with a proof that the behavior of the implementation is strictly a subset of that provided by the specification. Moreover, we define a predicate on the syntax structure of a monitor definition to ensure termination and determinism. Most of the proof work required to generate monitor code has been automated.

Subject Area

CPS Formal Methods

Publication Source

International Symposium on Dependable Software Engineering: Theories, Tools, and Applications (SETTA 2018)

Start Page

31

Last Page

49

DOI

10.1007/978-3-319-99933-3_3

Keywords

runtime monitor, SMEDL, formal semantics, Coq, stepwise refinement

Share

COinS
 

Date Posted: 17 February 2020

This document has been peer reviewed.