Shield Synthesis: - Runtime Enforcement for Reactive Systems

Roderick Paul Bloem; Bettina Könighofer; Robert Könighofer; Chao Wang

doi:10.1007/978-3-662-46681-0_51

Shield Synthesis: - Runtime Enforcement for Reactive Systems

Roderick Paul Bloem, Bettina Könighofer, Robert Könighofer, Chao Wang

Institute of Applied Information Processing and Communications (7050)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

Scalability issues may prevent users from verifying critical properties of a complex hardware design. In this situation, we propose to synthesize a “safety shield” that is attached to the design to enforce the properties at run time. Shield synthesis can succeed where model checking and reactive synthesis fail, because it only considers a small set of critical properties, as opposed to the complex design, or the complete specification in the case of reactive synthesis. The shield continuously monitors the input/output of the design and corrects its erroneous output only if necessary, and as little as possible, so other non-critical properties are likely to be retained. Although runtime enforcement has been studied in other domains such as action systems, reactive systems pose unique challenges where the shield must act without delay. We thus present the first shield synthesis solution for reactive hardware systems and report our experimental results.

Original language	English
Title of host publication	Tools and Algorithms for the Construction and Analysis of Systems (TACAS) - 21st International Conference
Place of Publication	Berlin Heidelberg
Publisher	Springer
Pages	533-548
ISBN (Print)	978-3-662-46680-3
DOIs	https://doi.org/10.1007/978-3-662-46681-0_51
Publication status	Published - 2015
Event	21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems: TACAS 2015 - London, United Kingdom Duration: 13 Apr 2015 → 17 Apr 2015

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	9035

Conference

Conference	21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems
Abbreviated title	TACAS 2015
Country/Territory	United Kingdom
City	London
Period	13/04/15 → 17/04/15

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application
Theoretical

Access to Document

10.1007/978-3-662-46681-0_51

main.pdfAccepted author manuscript, 331 KB

Cite this

Shield Synthesis: - Runtime Enforcement for Reactive Systems. / Bloem, Roderick Paul ; Könighofer, Bettina; Könighofer, Robert et al.
Tools and Algorithms for the Construction and Analysis of Systems (TACAS) - 21st International Conference. Berlin Heidelberg: Springer, 2015. p. 533-548 (Lecture Notes in Computer Science; Vol. 9035).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Bloem, RP , Könighofer, B, Könighofer, R & Wang, C 2015, Shield Synthesis: - Runtime Enforcement for Reactive Systems. in Tools and Algorithms for the Construction and Analysis of Systems (TACAS) - 21st International Conference. Lecture Notes in Computer Science, vol. 9035, Springer, Berlin Heidelberg, pp. 533-548, 21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems, London, United Kingdom, 13/04/15. https://doi.org/10.1007/978-3-662-46681-0_51

@inproceedings{2c2b4fb1675841f2b2df2a8a264e3997,

title = "Shield Synthesis: - Runtime Enforcement for Reactive Systems",

abstract = "Scalability issues may prevent users from verifying critical properties of a complex hardware design. In this situation, we propose to synthesize a “safety shield” that is attached to the design to enforce the properties at run time. Shield synthesis can succeed where model checking and reactive synthesis fail, because it only considers a small set of critical properties, as opposed to the complex design, or the complete specification in the case of reactive synthesis. The shield continuously monitors the input/output of the design and corrects its erroneous output only if necessary, and as little as possible, so other non-critical properties are likely to be retained. Although runtime enforcement has been studied in other domains such as action systems, reactive systems pose unique challenges where the shield must act without delay. We thus present the first shield synthesis solution for reactive hardware systems and report our experimental results.",

author = "Bloem, {Roderick Paul} and Bettina K{\"o}nighofer and Robert K{\"o}nighofer and Chao Wang",

year = "2015",

doi = "10.1007/978-3-662-46681-0_51",

language = "English",

isbn = "978-3-662-46680-3",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "533--548",

booktitle = "Tools and Algorithms for the Construction and Analysis of Systems (TACAS) - 21st International Conference",

note = "21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems : TACAS 2015, TACAS 2015 ; Conference date: 13-04-2015 Through 17-04-2015",

}

TY - GEN

T1 - Shield Synthesis: - Runtime Enforcement for Reactive Systems

AU - Bloem, Roderick Paul

AU - Könighofer, Bettina

AU - Könighofer, Robert

AU - Wang, Chao

PY - 2015

Y1 - 2015

N2 - Scalability issues may prevent users from verifying critical properties of a complex hardware design. In this situation, we propose to synthesize a “safety shield” that is attached to the design to enforce the properties at run time. Shield synthesis can succeed where model checking and reactive synthesis fail, because it only considers a small set of critical properties, as opposed to the complex design, or the complete specification in the case of reactive synthesis. The shield continuously monitors the input/output of the design and corrects its erroneous output only if necessary, and as little as possible, so other non-critical properties are likely to be retained. Although runtime enforcement has been studied in other domains such as action systems, reactive systems pose unique challenges where the shield must act without delay. We thus present the first shield synthesis solution for reactive hardware systems and report our experimental results.

AB - Scalability issues may prevent users from verifying critical properties of a complex hardware design. In this situation, we propose to synthesize a “safety shield” that is attached to the design to enforce the properties at run time. Shield synthesis can succeed where model checking and reactive synthesis fail, because it only considers a small set of critical properties, as opposed to the complex design, or the complete specification in the case of reactive synthesis. The shield continuously monitors the input/output of the design and corrects its erroneous output only if necessary, and as little as possible, so other non-critical properties are likely to be retained. Although runtime enforcement has been studied in other domains such as action systems, reactive systems pose unique challenges where the shield must act without delay. We thus present the first shield synthesis solution for reactive hardware systems and report our experimental results.

UR - http://www.etaps.org/2015/tacas

U2 - 10.1007/978-3-662-46681-0_51

DO - 10.1007/978-3-662-46681-0_51

M3 - Conference paper

SN - 978-3-662-46680-3

T3 - Lecture Notes in Computer Science

SP - 533

EP - 548

BT - Tools and Algorithms for the Construction and Analysis of Systems (TACAS) - 21st International Conference

PB - Springer

CY - Berlin Heidelberg

T2 - 21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems

Y2 - 13 April 2015 through 17 April 2015

ER -

Shield Synthesis: - Runtime Enforcement for Reactive Systems

Abstract

Publication series

Conference

Fields of Expertise

Treatment code (Nähere Zuordnung)

Access to Document

Other files and links

Fingerprint

EU - STANCE - A Source code analysis Toolbox for software security AssuraNCE

FWF - RiSE - Rigorous Systems Engineering

Formal Methods for Design & Verification

Cite this

Shield Synthesis: - Runtime Enforcement for Reactive Systems

Abstract

Publication series

Conference

Fields of Expertise

Treatment code (Nähere Zuordnung)

Access to Document

Other files and links

Fingerprint

Projects

EU - STANCE - A Source code analysis Toolbox for software security AssuraNCE

FWF - RiSE - Rigorous Systems Engineering

Formal Methods for Design & Verification

Cite this