runtime verification using csp - 産業技術総合研究所...2015/03/23 · runtime...
TRANSCRIPT
Runtime verification using CSPTSSS-3
AIST, Mar. 23, 2015 Yoriyuki Yamagata, Artho Cyrille, Masami Hagiya, Alexander Kohan, Lei Ma, Nazim Sebih, Yoshinori Tanabe, Mitsuharu Yamamoto, Franz Weitl1
Web servers
Backend server
Internet
Web servers
Backend serverMonitoring server
Log
Log
Internet
Goal
Runtime monitoring framework with
• natural notations for concurrency
• integration to the network applications
• web server, DB, syslog, etc…
Current status
• A monitor for dtruss output is implemented
• Check whether open/close system calls are matched or not
Monitor definition
Usage
Example of state explosion
Parsing function
Command line$ sudo dtruss ls 2> ls.log Password: $ time target/pack/bin/strace-match < ls.log > trace SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
real 0m1.012s user 0m0.956s sys 0m0.177s
Output traceSYSCALL(args) = return {Set(jp.go.aist.cspe.Rec0@2b2948e2)} 1
close(0x3) = 0 0 {Set()} 0
…
{Set()} 0 false
Corrected log$ time target/pack/bin/strace-match < correct.log > trace SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
real 0m0.679s user 0m1.343s sys 0m0.104s
Output trace - correctedcsops(0x18A4, 0x7, 0x7FFF526A0AB0) = 0 0 {Set(||Set('EOF) Bag(jp.go.aist.cspe.ParamPrefixRelaxed@70beb599; ||Set('EOF) Bag(jp.go.aist.cspe.Rec0@2b2948e2; jp.go.aist.cspe.ParamPrefixRelaxed@641147d0)), ||Set('EOF) Bag(jp.go.aist.cspe.Rec0@2b2948e2; jp.go.aist.cspe.ParamPrefixRelaxed@70beb599))} 2
{Set(||Set('EOF) Bag(STOP, STOP))} 1 true
Observation
• Parsing log file is not trivial
• use of fluentd?
• Writing down a correct monitor is not easy
• State explosion easily occurs
Future works
• Handle EOF implicitly
• Complete modeling of file descriptor life cycle
• Improve error reporting
• Interface to fluentd