1 / 30

Efficient Decentralized Monitoring of Safety in Distributed System

Efficient Decentralized Monitoring of Safety in Distributed System. K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by Shin Hong at PSWLAB, KAIST. Contents. Introduction Distributed System Past-time Linear Temporal Logic Past-time Distributed Temporal Logic

suchi
Télécharger la présentation

Efficient Decentralized Monitoring of Safety in Distributed System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20th July 2007 Presented by Shin Hong at PSWLAB, KAIST Efficient Decentralized Monitoring of Safety in Distributed System

  2. Contents • Introduction • Distributed System • Past-time Linear Temporal Logic • Past-time Distributed Temporal Logic • Monitoring Algorithm for PT-DTL • Conclusion Efficient Decentralized Monitoring of Safety in Distributed System

  3. Introduction (1/6) • The correctness of a software is very important today.  Model Checking and Testing are two approaches to assure the correctness of software. • Model Checking  The size of systems for which model checking is feasible remains limited. • Traditional Testing • Ad-hoc • Test coverage is limited. Efficient Decentralized Monitoring of Safety in Distributed System

  4. Introduction (2/6) • Runtime Verification Dynamic monitoring of target system with formal specifications.  Monitors are automatically synthesized from formal specifications.  Scalable Efficient Decentralized Monitoring of Safety in Distributed System

  5. Introduction (3/6) • Runtime Verification has been used to monitor distributed systems that have concurrency and asynchrony. • In many distributed systems, it’s quite impractical to monitor requirements expressed in classical temporal logics such as LTL. Efficient Decentralized Monitoring of Safety in Distributed System

  6. Introduction (4/6) Ex. Mobile Networks Requirement: No node receives a reply from a node to which is has not previously issued a request. How to specify this requirement with LTL? Request Reply Efficient Decentralized Monitoring of Safety in Distributed System

  7. Introduction (5/6) • Propositional LTL is impractical to specify the requirements in distributed systems. • Not scalable • Hard to capture global snapshot • To address these difficulties, introduce new specification logic for runtime verification in distributed system, Past-time Distributed Temporal Logic. Efficient Decentralized Monitoring of Safety in Distributed System

  8. Introduction (6/6) • Past-time DTL specifies requirements in local monitor on each node. Previous Mobile Networks example Requirement can be re-written : If NodeA has received a value, then it must be the case that previously in the past, NodeB has computed the value and at NodeA a request to NodeB was made. ReceivedValue → @NodeB(◈(computedValue && @NodeA(◈requestedValue))) Efficient Decentralized Monitoring of Safety in Distributed System

  9. Contents • Introduction • Distributed System • Past-time Linear Temporal Logic • Past-time Distributed Temporal Logic • Monitoring Algorithm for PT-DTL • Conclusion Efficient Decentralized Monitoring of Safety in Distributed System

  10. Distributed System (1/5) Characteristics of Distributed System • A collection of n processes (p1, p2, … pn) each with its own local state. • No global or shared variables. • A process communicates with others using asynchronous messages whose order of arrival is indeterminate. Efficient Decentralized Monitoring of Safety in Distributed System

  11. Distributed System (2/5) • Modeling of Distributed System Event: a computation of each process. internal events send events receive events Process: A set of events. Efficient Decentralized Monitoring of Safety in Distributed System

  12. Distributed System (3/5) Partial Order ≺ Ei: set of events of process pi E : Ui Ei ⋖ : E✕E e ⋖ e’ if e, e’∈ Eithen e happens immediately before e’ e ⋖ e’ if e is the send event of a message at some process and e’ is the corresponding receive event of the message at the recipient process. ≺ : transtive closure of ⋖ relation. ≼ : reflexive and transitive closure of ⋖ relation. Efficient Decentralized Monitoring of Safety in Distributed System

  13. Distributed System (4/5) ↓e := {e’ | e’ ≼ e} can be thought as the local state LSi := {↓e |e∈ Ei } the set of local states of a process pi causalj(si): the latest state of process pj that the process pi knows while in state si ∈ LSi . Efficient Decentralized Monitoring of Safety in Distributed System

  14. Distributed System (5/5) causalp1(↓e23) = ↓e12 Efficient Decentralized Monitoring of Safety in Distributed System

  15. Contents • Introduction • Distributed System • Past-time Linear Temporal Logic • Past-time Distributed Temporal Logic • Monitoring Algorithm for PT-DTL • Conclusion Efficient Decentralized Monitoring of Safety in Distributed System

  16. Past-Time Linear Temporal Logic (1/3) • PT-LTL has been used to express, monitor, and predict violation of safety properties of software system. • Syntax F ::= true | false | a ∈ A |¬F | F ∧ F | F ∨ F | F → F | ⊙ F | ⊡ F | ◈ F | F S F where A is the set of atomic propositions Efficient Decentralized Monitoring of Safety in Distributed System

  17. Past-Time Linear Temporal Logic (2/3) • Temporal Logics in PT-LTL ⊙ : previously ρ ⊨ ⊙F iff ρ’ ⊨ F whereρ’= ρn-1 if n>1, and ρ’=ρ if n=1 ⊡ : always in the past ρ ⊨ ⊡F iff ρi ⊨ F for all 1≤ i < n, ◈: eventually in the past ρ ⊨ ◈ F iff ρi ⊨ F for some 1≤ i < n, S : since ρ ⊨ F1 S F2 iff ρj ⊨ F2 for some 1≤ j ≤ n and ρi ⊨ F1 for all j ≤ i ≤ n Efficient Decentralized Monitoring of Safety in Distributed System

  18. Past-Time Linear Temporal Logic (3/3) ⊡((action ∧ ⊙¬action) → ¬Stop S Start)) Efficient Decentralized Monitoring of Safety in Distributed System

  19. Contents • Introduction • Distributed System • Past-time Linear Temporal Logic • Past-time Distributed Temporal Logic • Monitoring Algorithm for PT-DTL • Conclusion Efficient Decentralized Monitoring of Safety in Distributed System

  20. Past-Time Distributed Temporal Logic (1/4) • Distributed systems are usually asynchronous and the absolute global state of the system is not available to processes. • The best thing that each process can do is to reason about the global state thatit is aware of. • PT-DTL expresses safety properties of distributed message passing system. Efficient Decentralized Monitoring of Safety in Distributed System

  21. Past-Time Distributed Temporal Logic (2/4) • PT-DTL extends PT-LTL • Remote operator @ Evaluate an expression or a formula in the last known state of a remote process x > @j y a → @j b Efficient Decentralized Monitoring of Safety in Distributed System

  22. Past-Time Distributed Temporal Logic (3/4) • Syntax op : ∧ , ∨ , → ξi is a tuple of expressions on process pi. f is function over tuples. Efficient Decentralized Monitoring of Safety in Distributed System

  23. Past-Time Distributed Temporal Logic (4/4) • Semantics The semantics of PT-DTL is a natural extension of PT-LTL. the value of the expression ξj in the state sj=causalj(si) which is the latest state of process pj of which process pi is aware of. Efficient Decentralized Monitoring of Safety in Distributed System

  24. Monitoring algorithm for PT-DTL (1/6) • Synthesized monitor is distributed local monitors running on each processes. • Goal  Monitoring should be fast.  Little memory overhead.  # of messages that need to be sent between process for monitoring purpose should be minimal. Efficient Decentralized Monitoring of Safety in Distributed System

  25. Monitoring algorithm for PT-DTL (2/6) • A local monitor may attach additional information to every outgoing message. • Evaluating a remote expression at process pi, process pj send the value of the expression attached on every messages with sequence number. Efficient Decentralized Monitoring of Safety in Distributed System

  26. Monitoring algorithm for PT-DTL (3/6) • Knowledge Vector At process pi , KVi[j]: the entry for process pj on a vector KV. KVi[j].seq: the sequence number of the last event seen at pj. KVi[j].values : storing the values remote expressions and remote formulas on processj. The monitor of process pi attaches a copy of KVi with every outgoing messages. Efficient Decentralized Monitoring of Safety in Distributed System

  27. Monitoring algorithm for PT-DTL (4/6) for internal event update KVi[i] for send event KVi[i].seq := KVi[i].seq + 1 ; for receive event KVm : given KV from received message. for all j, KVm[j].seq > KVi[j].seq → KVi[j] := KVm[j] ; Every process should know initial value of all variables. Initial value of all variables can be found by initial broadcast or static analysis. Efficient Decentralized Monitoring of Safety in Distributed System

  28. Monitoring algorithm for PT-DTL (5/6) • Once KV is properly updated, the local monitor can compute the boolean value of the formula to be monitored, by recursively evaluating the boolean value of each of its subformulae in the current state. Efficient Decentralized Monitoring of Safety in Distributed System

  29. Monitoring algorithm for PT-DTL (6/6) Example 3 processes p1 has a local variable x whose initial value is 5. p2 has a local variable y with initial value 7. And p2 monitors the formula Efficient Decentralized Monitoring of Safety in Distributed System

  30. Conclusion DIANA – Distributed Analysis based on Java using Actor formalism instrumentation at bytecode Efficient Decentralized Monitoring of Safety in Distributed System

More Related