Active Monitoring - Explore the Science & Experts | ideXlab

Scan Science and Technology

Contact Leading Edge Experts & Companies

Active Monitoring

The Experts below are selected from a list of 7809 Experts worldwide ranked by ideXlab platform

Zhichang Qi – 1st expert on this subject based on the ideXlab platform

  • Security Goals Assurance Based on Software Active Monitoring
    2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011
    Co-Authors: Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

    Abstract:

    Access control is a vital security mechanism in today’s operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software Active Monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.

  • SSIRI – Security Goals Assurance Based on Software Active Monitoring
    2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011
    Co-Authors: Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

    Abstract:

    Access control is a vital security mechanism in today’s operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software Active Monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.

  • Active Monitoring for Control Systems under Anticipatory Semantics
    2010 10th International Conference on Quality Software, 2010
    Co-Authors: Changzhi Zhao, Wei Dong, Zhichang Qi

    Abstract:

    As the increment of software complexity, traditional software analysis, verification and testing techniques can not fully guarantee the faultlessness of deployed systems. Therefore, runtime verification has been developed to continuously monitor the running system. Typically, runtime verification can detect property violations but cannot predict them, and consequently cannot prevent the failures from occurring. To remedy this weakness, Active Monitoring is proposed in this paper. Its purpose is not repairing the faults after failures have occurred, but predicting the possible faults in advance and triggering the necessary steering actions to prevent the software from violating the property. Anticipatory semantics of linear temporal logic is adopted in monitor construction here, and the information of system model is used for successful steering and prevention. The prediction and prevention will form a closed-loop feedback based on control theory. The approach can be regarded as an effective complement of traditional testing and verification techniques.

Changzhi Zhao – 2nd expert on this subject based on the ideXlab platform

  • Anticipatory Active Monitoring for safety- and security-critical software
    Science in China Series F: Information Sciences, 2012
    Co-Authors: Wei Dong, Changzhi Zhao, Martin Leucker

    Abstract:

    Since formal verification and testing of systems is normally faced with challenges such as state explosion and uncertain execution environments, it is extremely difficult to exhaustively verify and test software during the development phase. Therefore, Monitoring has become an indispensable means for finding latent software faults at runtime. Most current Monitoring approaches only generate passive monitors, which cannot foresee possible faults and consequently cannot prevent their occurrence. In this paper, we propose an Active Monitoring approach based on runtime verification. This approach aims to predict possible incoming violations using a monitor that executes anticipatory semantics of temporal logic, and then generates the necessary steering actions according to a partial system model, which steers the system away from paths causing these violations. In this case, the monitor and monitored system make up a discrete feedback control loop. We further investigate the control theory behind Active Monitoring so that non-blocking controllability can be achieved. The results of applying Active Monitoring to two cases, a railway crossing control system and security-enhanced Linux (SELinux), show that the method can effectively ensure both safety and security properties at runtime.

  • Security Goals Assurance Based on Software Active Monitoring
    2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011
    Co-Authors: Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

    Abstract:

    Access control is a vital security mechanism in today’s operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software Active Monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.

  • SSIRI – Security Goals Assurance Based on Software Active Monitoring
    2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011
    Co-Authors: Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

    Abstract:

    Access control is a vital security mechanism in today’s operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software Active Monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.

Wei Dong – 3rd expert on this subject based on the ideXlab platform

  • Anticipatory Active Monitoring for safety- and security-critical software
    Science in China Series F: Information Sciences, 2012
    Co-Authors: Wei Dong, Changzhi Zhao, Martin Leucker

    Abstract:

    Since formal verification and testing of systems is normally faced with challenges such as state explosion and uncertain execution environments, it is extremely difficult to exhaustively verify and test software during the development phase. Therefore, Monitoring has become an indispensable means for finding latent software faults at runtime. Most current Monitoring approaches only generate passive monitors, which cannot foresee possible faults and consequently cannot prevent their occurrence. In this paper, we propose an Active Monitoring approach based on runtime verification. This approach aims to predict possible incoming violations using a monitor that executes anticipatory semantics of temporal logic, and then generates the necessary steering actions according to a partial system model, which steers the system away from paths causing these violations. In this case, the monitor and monitored system make up a discrete feedback control loop. We further investigate the control theory behind Active Monitoring so that non-blocking controllability can be achieved. The results of applying Active Monitoring to two cases, a railway crossing control system and security-enhanced Linux (SELinux), show that the method can effectively ensure both safety and security properties at runtime.

  • Security Goals Assurance Based on Software Active Monitoring
    2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011
    Co-Authors: Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

    Abstract:

    Access control is a vital security mechanism in today’s operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software Active Monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.

  • SSIRI – Security Goals Assurance Based on Software Active Monitoring
    2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011
    Co-Authors: Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

    Abstract:

    Access control is a vital security mechanism in today’s operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software Active Monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.