Matteo Camilli

Specifying and verifying real-time self-adaptive systems

Self-adaptive systems autonomously adapt their behavior at run-time to react to internal dynamics and to uncertain and changing environment conditions. Specification and verification of self-adaptive systems are generally very difficult to carry out due to their high complexity, especially when involving time constraints. In the last case, in fact, the correctness of systems depends also on the time associated with events. This paper introduces a formal approach to specify and verify the self-adaptive behavior of real-time systems. Our specification formalism is based on Time-Basic Petri nets, a particular timed extension of Petri nets. We propose adaptation models to realize self-adaptation with temporal constraints and we adopt a zone-based modeling approach to support separation of concerns during the modeling phase. Zones identified during the modeling phase can be then used as modules (TB Petri subnets) either in isolation, to verify intra-zone properties, or all together, to verify inter-zone properties over the entire system model and check that all the temporal deadlines are met. We illustrate our approach by modeling and verifying a time-critical Gas Burner system that exhibits a self-healing behavior.

MaRDiGraS: Simplified Building of Reachability Graphs on Large Clusters

Dealing with complex systems often needs the building of huge reachability graphs, thus revealing all the challenges associated with big data access and management. It also requires high performance data processing tools that would allow scientists to extract the knowledge from the unprecedented amount of data coming from these analyzed systems. In this paper we present MaRDiGraS, a generic framework aimed at simplifying the construction of very large state transition systems on large clusters and cloud computing platforms. Through a simple programming interface, it can be easily customized to different formalisms, for example Petri Nets, by either adapting legacy tools or implementing brand new distributed reachability graph builders. The outcome of several tests performed on benchmark specifications are presented.

Symbolic State Space Exploration of RT Systems in the Cloud

The growing availability of distributed and cloud computing frameworks makes it possible to face complex computational problems in a more effective and convenient way. A notable example is state-space exploration of discrete-event systems specified in a formal way. The exponential complexity of this task is a major limitation to the usage of consolidated analysis techniques and tools. Several techniques for addressing the state space explosion problem within this context have been studied in the literature. One of these is to use distributed memory and computation to deal with the state space explosion problem. In this paper we study and compare two different approaches, relying on distributed and cloud frameworks, respectively. These approaches were designed and implemented following the same computational schema, a sort of map & fold. They are applied on symbolic state-space exploration of real-time systems specified by (a timed extension of) Petri Nets, by re-adapting a sequential algorithm implemented as a command-line Java tool. The outcome of several tests performed on a benchmarking specification are presented, thus showing the convenience of distributed approaches.

Petri nets state space analysis in the cloud

Several techniques for addressing the state space explosion problem in model checking have been studied. One of these is to use distributed memory and computation for storing and exploring the state space of the model of a system. In this report, we present and compare different multi-thread, distributed, and cloud approaches to face the state-space explosion problem. The experiments report shows the convenience (in particular) of cloud approaches.

Formal verification problems in a big data world: towards a mighty synergy

Formal verification requires high performance data processing software for extracting knowledge from the unprecedented amount of data coming from analyzed systems. Since cloud based computing resources have became easily accessible, there is an opportunity for verification techniques and tools to undergo a deep technological transition to exploit the new available architectures. This has created an increasing interest in parallelizing and distributing verification techniques. In this paper we introduce a distributed approach which exploits techniques typically used by the bigdata community to enable verification of very complex systems using bigdata approaches and cloud computing facilities.

Event-Based Runtime Verification of Temporal Properties Using Time Basic Petri Nets

We introduce a formal framework to provide an efficient event-based monitoring technique, and we describe its current implementation as the MahaRAJA software tool. The framework enables the quantitative runtime verification of temporal properties extracted from occurring events on Java programs. The monitor continuously evaluates the conformance of the concrete implementation with respect to its formal specification given in terms of Time Basic Petri nets, a particular timed extension of Petri nets. The system under test is instrumented by using simple Java annotations on methods to link the implementation to its formal model. This allows a separation between implementation and specification that can be used for other purposes such as formal verification, simulation, and model-based testing. The tool has been successfully used to monitor at runtime and test a number of benchmarking case-studies. Experiments show that our approach introduces bounded overhead and effectively reduces the involvement of the monitor at run time by using negligible auxiliary memory. A comparison with a number of state-of-the-art runtime verification tools is also presented.

A Formal Framework for Specifying and Verifying Microservices Based Process Flows

The microservices architectural style is changing the way in which software is perceived, conceived and designed. Thus, there is a call for techniques and tools supporting the problem of specifying and verifying communication behavior of microservice systems. We present a formal semantics based on Petri nets for microservices based process flows specified using the Conductor orchestration language: a JSON-based domain specific language designed by Netflix, Inc. We give a formal semantics in terms of a translation from Conductor specifications into Time Basic Petri net models, i.e., Petri nets supporting the definition of temporal constraints. The Petri net model can be used for computer aided verification purposes by means of well-known techniques implemented by powerful, off-the-shelf model checking tools.

Coverability Analysis of Time Basic Petri Nets with Non-Urgent Behavior

Time Basic Petri nets are an expressive extension of Petri nets, suitable to model real-time systems. This paper introduces a coverability analysis technique to cope with structurally unbounded Time Basic Petri net models exhibiting non-urgent behavior: i.e., models in which transitions may choose to do not fire and let time pass, even if this could lead to transition disabling. The approach we present exploits the identification of anonymous temporal information, that is the possibility of erasing timestamps associated with specific tokens without compromising the correctness of models temporal evolution. In particular, we extend the classical Karp-Miller coverability algorithm in two ways: first, we adapt the acceleration function to deal with symbolic states and to identify unboundedness due to time anonymous tokens, second, we employ an aggressive pruning strategy to remove included/covered portions of the reachability tree during exploration.

Distributed CTL model checking using MapReduce: theory and practice

The recent extensive availability of ‘cloud’ computing platforms is very appealing for the formal verification community. In fact, these platforms represent a great opportunity to run massively parallel jobs and analyze ‘big data’ problems, although classical formal verification tools and techniques must undergo a deep technological transformation to take advantage of the available powerful architectures. A distributed approach to verification of computation tree logic formulas on very large state spaces is described. The approach exploits and integrates our parametric state–space builder, designed to ease the adoption of ‘big data’ platforms. The whole framework adopts a MAPREDUCEapproach as the core computational model and can be tailored to different modeling formalisms. This paper includes proofs of correctness, a short theoretical discussion about complexity, and reports a practical experience with some benchmarking Petri net models. The outcomes of several tests are presented, thus showing the convenience of the proposed approach. Copyright

Zone-based formal specification and timing analysis of real-time self-adaptive systems

Abstract Self-adaptive software systems are able to autonomously adapt their behavior at run-time to react to internal dynamics and to uncertain and changing environment conditions. Formal specification and verification of self-adaptive systems are tasks generally very difficult to carry out, especially when involving time constraints. In this case, in fact, the system correctness depends also on the time associated with events. This article introduces the Zone-based Time Basic Petri nets specification formalism. The formalism adopts timed adaptation models to specify self-adaptive behavior with temporal constraints, and relies on a zone-based modeling approach to support separation of concerns. Zones identified during the modeling phase can be then used as modules either in isolation, to verify intra-zone properties, or all together, to verify inter-zone properties over the entire system. In addition, the framework allows the verification of (timed) robustness properties to guarantee self-healing capabilities when higher levels of reliability and availability are required to the system, especially when dealing with time-critical systems. This article presents also the ZAFETY tool, a Java software implementation of the proposed framework, and the validation and experimental results obtained in modeling and verifying two time-critical self-adaptive systems: the Gas Burner system and the Unmanned Aerial Vehicle system.