|
Combining monitors for run-time system verification
by Joshua Levy, Dr. Hassen Saïdi & Dr. Tomas Uribe.
Appears in Electronic Notes in Theoretical Computer Science, Volume 70, Number 4. Edited by Klaus Havelund and Grigore Rosu. Elsevier Science. December, 2002.
Abstract
Runtime verification permits checking system properties that cannot be fully verified
off-line. This is particularly true when the system includes complex third-party
components, such as general-purpose operating systems and software libraries, and
when the properties of interest include security and performance. The challenge is
to find reliable ways to monitor these properties in realistic systems. In particular,
it is important to have assurance that violations will be reported when they actually
occur. For instance, a monitor may not detect a security violation if the violation
results from a series of system events that are not in its model.
We describe how combining runtime monitors for diverse features such as memory
management, security-related events, performance data, and higher-level temporal
properties can result in more effective runtime verification. After discussing some
basic notions for combining and relating monitors, we illustrate their application in
an intrusion-tolerant Web server architecture under development at SRI.
BibTEX Entry
@article{rv02_sri,
AUTHOR = {Joshua Levy and Hassen Saidi and Tomas {E.} Uribe.},
TITLE = {Combining monitors for run-time system verification},
JOURNAL = {Electronic Notes in Theoretical Computer Science},
VOLUME = {70},
NUMBER = {4},
YEAR = {2002},
MONTH = {December},
URL = {http://www.csl.sri.com/papers/rv02\_sri/},
PUBLISHER = {Elsevier Science},
EDITOR = {Klaus Havelund and Grigore Rosu}
}
Files
|
|