AVISPA is a pushbutton tool for the automated validation of Internet security-sensitive protocols and applications. It provides a modular and expressive formal language for specifying protocols and their security properties, and integrates different back-ends that implement a variety of state-of-the-art automatic analysis techniques. To the best of our knowledge, no other tool exhibits the same level of scope and robustness while enjoying the same performance and scalability.
Abstract. Dynamic reconfigurations increase the availability and the reliability of component-based systems by allowing their architectures to evolve at run-time. This paper deals with the formal specification and verification of dynamic reconfigurations of those systems using architectural constraints and temporal logic patterns. The proposals of the paper are applied to the Fractal component model. Given a Fractal reference implementation of a component-based system, we specify its dynamic reconfigurations using a temporal pattern logic for Fractal, called FTPL, characterizing the correct behaviour of the system under some architectural constraints. We study system reconfigurations on which we verify these requirements, in particular by reusing the FPath and FScript tools.
Dynamic reconfiguration allows adding or removing components of component-based systems without incurring any system downtime. To satisfy specific requirements, adaptation policies provide the means to dynamically reconfigure the systems in relation to (events in) their environment. This paper extends event-based adaptation policies by integrating temporal requirements into them. The challenge is to reconfigure component-based systems at runtime while considering both their functional and non-functional requirements. We illustrate our theoretical contributions with an example of an autonomous vehicle location system. An implementation using the Fractal component model constitutes a practical contribution. It enables dynamic reconfigurations guided by either enforcement or reflection adaptation policies.
Dynamic reconfigurations increase the availability and the reliability of component-based systems by allowing their architectures to evolve at runtime. Recently we have proposed a temporal pattern logic, called FTPL, to characterize the correct reconfigurations of componentbased systems under some temporal and architectural constraints. As component-based architectures evolve at runtime, there is a need to check these FTPL constraints on the fly, even if only a partial information is expected. Firstly, given a generic component-based model, we review FTPL from a runtime verification point of view. To this end we introduce a new four-valued logic, called RV-FTPL (Runtime Verification for FTPL), characterizing the "potential" (un)satisfiability of the architectural constraints in addition to the basic FTPL semantics. Potential true and potential false values are chosen whenever an observed behaviour has not yet lead to a violation or satisfiability of the property under consideration. Secondly, we present a prototype developed to check at runtime the satisfiability of RV-FTPL formulas when reconfiguring a Fractal component-based system. The feasability of a runtime property enforcement is also shown. It consists in supervising on the fly the reconfiguration execution against desired RV-FTPL properties. The main contributions are illustrated on the example of a HTTP server architecture.
International audienceThis paper deals with the formal specification and verification of dynamic reconfigurations of component-based systems. To validate such complex systems, there is a need to check model consistency and also to ensure that dynamic reconfigurations satisfy architectural and integrity constraints, invariants, and also temporal constraints over (re)configuration sequences. As architectural constraints involve first-order formulas, and a behavioral semantics of reconfigurations gives rise to infinite state systems, we propose to associate proof and model-checking within the well-established B method, to support the modeling of such systems and the (partial-)validation of their dynamic reconfigurations. The objective of the paper is twofold. First, given a hierarchical B model of component-based architectures, we validate it by proving its consistency. Second, given linear temporal logic formulas expressing the desirable dynamic behavior of the system, we validate reconfigurable system architectures by using bounded model-checking tools supporting the B method. The main contributions are illustrated on the example of a HTTP server architecture
International audienceNowadaysworkflowsareextensivelyusedbycompaniestoimproveorganizationalefficiencyandproductivity.Thispaperfocusesontheverificationofmodalworkflowspecificationsusingconstraintsolvingasacomputationaltool.ItsmaincontributionconsistsindevelopinganinnovativeformalframeworkbasedonconstraintsystemstomodelexecutionsofworkflowPetrinetsandtheirstructuralproperties,aswellastoverifytheirmodalspecifications.Finally,animplementationandpromisingexperimentalresultsconstituteapracticalcontribution
The B method has been successfully used to specify many industrial applications by refinement. Previously, we proposed enriching the B event systems by formulating its dynamic properties in LT L. This enables us to combine model-checking with theorem-proving verification technologies. The model-checking of LT L formulae necessitates that the B event system semantics is a transition system. In this paper, we express the refinement relation by a relationship between transition systems. A result of our study shows that this relation is a special kind of simulation allowing us to exploit the partition of the reachable state space for a modular verification of LT L formulae. The results of the paper allow us to build a bridge between the above view of the refinement and the notions of observability characterized as simulation relations by Milner, van Glabbeek, Bloom and others. The refinement relation we define in the paper is a ready-simulation generalization which is similar to the refusal simulation of Ulidowsky. The way the relation is defined allows us to obtain a compositionality result w.r.t. parallel composition operation. For complex systems, it is important in practice to associate a design by refinement with a design by a parallel composition of their components. This refinement relation has two main applications: it allows the splitting of the refined transition system into modules; it allows the construction of complex systems by a parallel composition of components. It makes sense to qualify the refinement relation as being modular.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.