-
Monitoring ROS2: from Requirements to Autonomous Robots
Authors:
Ivan Perez,
Anastasia Mavridou,
Tom Pressburger,
Alexander Will,
Patrick J. Martin
Abstract:
Runtime verification (RV) has the potential to enable the safe operation of safety-critical systems that are too complex to formally verify, such as Robot Operating System 2 (ROS2) applications. Writing correct monitors can itself be complex, and errors in the monitoring subsystem threaten the mission as a whole. This paper provides an overview of a formal approach to generating runtime monitors f…
▽ More
Runtime verification (RV) has the potential to enable the safe operation of safety-critical systems that are too complex to formally verify, such as Robot Operating System 2 (ROS2) applications. Writing correct monitors can itself be complex, and errors in the monitoring subsystem threaten the mission as a whole. This paper provides an overview of a formal approach to generating runtime monitors for autonomous robots from requirements written in a structured natural language. Our approach integrates the Formal Requirement Elicitation Tool (FRET) with Copilot, a runtime verification framework, through the Ogma integration tool. FRET is used to specify requirements with unambiguous semantics, which are then automatically translated into temporal logic formulae. Ogma generates monitor specifications from the FRET output, which are compiled into hard-real time C99. To facilitate integration of the monitors in ROS2, we have extended Ogma to generate ROS2 packages defining monitoring nodes, which run the monitors when new data becomes available, and publish the results of any violations. The goal of our approach is to treat the generated ROS2 packages as black boxes and integrate them into larger ROS2 systems with minimal effort.
△ Less
Submitted 28 September, 2022;
originally announced September 2022.
-
Proceedings 14th Interaction and Concurrency Experience
Authors:
Julien Lange,
Anastasia Mavridou,
Larisa Safina,
Alceste Scalas
Abstract:
This volume contains the proceedings of ICE'21, the 14th Interaction and Concurrency Experience, which was held online on the 18th of June 2021, as a satellite event of DisCoTec'21. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 13 editions, this interaction considerably improved the accurac…
▽ More
This volume contains the proceedings of ICE'21, the 14th Interaction and Concurrency Experience, which was held online on the 18th of June 2021, as a satellite event of DisCoTec'21. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 13 editions, this interaction considerably improved the accuracy of the feedback from the reviewers and the quality of accepted papers, and offered the basis for lively discussion during the workshop. The 2021 edition of ICE included double blind reviewing of original research papers, in order to increase fairness and avoid bias in reviewing. Each paper was reviewed by three or four PC members, and altogether 5 papers were accepted for publication - plus 4 oral presentations which are not part of this volume. We were proud to host 2 invited talks, by Laura Bocchi and Helene Coullon. The abstracts of these talks are included in this volume together with the regular papers. The final versions of the contributions, taking into account the discussion at the workshop, are included.
△ Less
Submitted 30 September, 2021;
originally announced September 2021.
-
From Requirements to Autonomous Flight: An Overview of the Monitoring ICAROUS Project
Authors:
Aaron Dutle,
César Muñoz,
Esther Conrad,
Alwyn Goodloe,
Laura Titolo,
Ivan Perez,
Swee Balachandran,
Dimitra Giannakopoulou,
Anastasia Mavridou,
Thomas Pressburger
Abstract:
The Independent Configurable Architecture for Reliable Operations of Unmanned Systems (ICAROUS) is a software architecture incorporating a set of algorithms to enable autonomous operations of unmanned aircraft applications. This paper provides an overview of Monitoring ICAROUS, a project whose objective is to provide a formal approach to generating runtime monitors for autonomous systems from requ…
▽ More
The Independent Configurable Architecture for Reliable Operations of Unmanned Systems (ICAROUS) is a software architecture incorporating a set of algorithms to enable autonomous operations of unmanned aircraft applications. This paper provides an overview of Monitoring ICAROUS, a project whose objective is to provide a formal approach to generating runtime monitors for autonomous systems from requirements written in a structured natural language. This approach integrates FRET, a formal requirement elicitation and authoring tool, and Copilot, a runtime verification framework. FRET is used to specify formal requirements in structured natural language. These requirements are translated into temporal logic formulae. Copilot is then used to generate executable runtime monitors from these temporal logic specifications. The generated monitors are directly integrated into ICAROUS to perform runtime verification during flight.
△ Less
Submitted 2 December, 2020;
originally announced December 2020.
-
Proceedings 13th Interaction and Concurrency Experience
Authors:
Julien Lange,
Anastasia Mavridou,
Larisa Safina,
Alceste Scalas
Abstract:
This volume contains the proceedings of ICE'20, the 13th Interaction and Concurrency Experience, which was held online on the 19th of June 2020, as a satellite event of DisCoTec'20. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 12 editions, this interaction considerably improved the accurac…
▽ More
This volume contains the proceedings of ICE'20, the 13th Interaction and Concurrency Experience, which was held online on the 19th of June 2020, as a satellite event of DisCoTec'20. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 12 editions, this interaction considerably improved the accuracy of the feedback from the reviewers and the quality of accepted papers, and offered the basis for lively discussion during the workshop. The 2020 edition of ICE included double blind reviewing of original research papers, in order to increase fairness and avoid bias in reviewing. Each paper was reviewed by three PC members, and altogether 5 papers were accepted for publication - plus 5 oral presentations which are not part of this volume. We were proud to host 2 invited talks, by Cinzia Di Giusto and Karoliina Lehtinen. The abstracts of these talks are included in this volume together with the regular papers. The final versions of the contributions, taking into account the discussion at the workshop, are included.
△ Less
Submitted 16 September, 2020;
originally announced September 2020.
-
Vyper: A Security Comparison with Solidity Based on Common Vulnerabilities
Authors:
Mudabbir Kaleem,
Anastasia Mavridou,
Aron Laszka
Abstract:
Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system's inception. Vyper aims to address these vulnerabilities by providing a language that focuses on simplicity, auditability and security. We present a survey where we study how well-known and comm…
▽ More
Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system's inception. Vyper aims to address these vulnerabilities by providing a language that focuses on simplicity, auditability and security. We present a survey where we study how well-known and commonly-encountered vulnerabilities in Solidity feature in Vyper's development environment. We analyze all such vulnerabilities individually and classify them into five groups based on their status in Vyper. To the best of our knowledge, our survey is the first attempt to study security vulnerabilities in Vyper.
△ Less
Submitted 14 June, 2020; v1 submitted 16 March, 2020;
originally announced March 2020.
-
DesignBIP: A Design Studio for Modeling and Generating Systems with BIP
Authors:
Anastasia Mavridou,
Joseph Sifakis,
Janos Sztipanovits
Abstract:
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely textual manner without any code editor support. To…
▽ More
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely textual manner without any code editor support. To facilitate the specification of BIP models, we present DesignBIP, a web-based, collaborative, version-controlled design studio. To promote model scaling and reusability of BIP models, we use a graphical language for modeling parameterized BIP models with rigorous semantics. We present the various services provided by the design studio, including model editors, code editors, consistency checking mechanisms, code generators, and integration with the JavaBIP tool-set.
△ Less
Submitted 5 July, 2018;
originally announced November 2019.
-
Proceedings 12th Interaction and Concurrency Experience
Authors:
Massimo Bartoletti,
Ludovic Henrio,
Anastasia Mavridou,
Alceste Scalas
Abstract:
This volume contains the proceedings of ICE'19, the 12th Interaction and Concurrency Experience, which was held in Copenhagen, Denmark on the 20th and 21st of June 2019, as a satellite event of DisCoTec'19. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 11 editions, this interaction consider…
▽ More
This volume contains the proceedings of ICE'19, the 12th Interaction and Concurrency Experience, which was held in Copenhagen, Denmark on the 20th and 21st of June 2019, as a satellite event of DisCoTec'19. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 11 editions, this interaction considerably improved the accuracy of the feedback from the reviewers and the quality of accepted papers, and offered the basis for lively discussion during the workshop. The 2019 edition of ICE included double blind reviewing of original research papers, in order to increase fairness and avoid bias in reviewing. Each paper was reviewed by three PC members, and altogether 9 papers were accepted for publication - plus 2 oral presentations which are not part of this volume. We were proud to host 4 invited talks, by Dilian Gurov, Fritz Henglein, Sophia Knight, and Hernán Melgratti. The abstracts of these talks are included in this volume together with the regular papers. Final versions of the contributions, taking into account the discussion at the workshop, are included.
△ Less
Submitted 11 September, 2019;
originally announced September 2019.
-
VeriSolid: Correct-by-Design Smart Contracts for Ethereum
Authors:
Anastasia Mavridou,
Aron Laszka,
Emmanouela Stachtiari,
Abhishek Dubey
Abstract:
The adoption of blockchain based distributed ledgers is growing fast due to their ability to provide reliability, integrity, and auditability without trusted entities. One of the key capabilities of these emerging platforms is the ability to create self-enforcing smart contracts. However, the development of smart contracts has proven to be error-prone in practice, and as a result, contracts deploy…
▽ More
The adoption of blockchain based distributed ledgers is growing fast due to their ability to provide reliability, integrity, and auditability without trusted entities. One of the key capabilities of these emerging platforms is the ability to create self-enforcing smart contracts. However, the development of smart contracts has proven to be error-prone in practice, and as a result, contracts deployed on public platforms are often riddled with security vulnerabilities. This issue is exacerbated by the design of these platforms, which forbids updating contract code and rolling back malicious transactions. In light of this, it is crucial to ensure that a smart contract is secure before deploying it and trusting it with significant amounts of cryptocurrency. To this end, we introduce the VeriSolid framework for the formal verification of contracts that are specified using a transition-system based model with rigorous operational semantics. Our model-based approach allows developers to reason about and verify contract behavior at a high level of abstraction. VeriSolid allows the generation of Solidity code from the verified models, which enables the correct-by-design development of smart contracts.
△ Less
Submitted 20 January, 2019; v1 submitted 4 January, 2019;
originally announced January 2019.
-
Formal Verification of Usage Control Models: A Case Study of UseCON Using TLA+
Authors:
Antonios Gouglidis,
Christos Grompanopoulos,
Anastasia Mavridou
Abstract:
Usage control models provide an integration of access control, digital rights, and trust management. To achieve this integration, usage control models support additional concepts such as attribute mutability and continuity of decision. However, these concepts may introduce an additional level of complexity to the underlying model, rendering its definition a cumbersome and prone to errors process.…
▽ More
Usage control models provide an integration of access control, digital rights, and trust management. To achieve this integration, usage control models support additional concepts such as attribute mutability and continuity of decision. However, these concepts may introduce an additional level of complexity to the underlying model, rendering its definition a cumbersome and prone to errors process. Applying a formal verification technique allows for a rigorous analysis of the interactions amongst the components, and thus for formal guarantees in respect of the correctness of a model. In this paper, we elaborate on a case study, where we express the high-level functional model of the UseCON usage control model in the TLA+ formal specification language, and verify its correctness for <=12 uses in both of its supporting authorisation models.
△ Less
Submitted 26 June, 2018;
originally announced June 2018.
-
DesignBIP: A Design Studio for Modeling and Generating Systems with BIP
Authors:
Anastasia Mavridou,
Joseph Sifakis,
Janos Sztipanovits
Abstract:
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely textual manner without any code editor support. To…
▽ More
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely textual manner without any code editor support. To facilitate the specification of BIP models, we present DesignBIP, a web-based, collaborative, version-controlled design studio. To promote model scaling and reusability of BIP models, we use a graphical language for modeling parameterized BIP models with rigorous semantics. We present the various services provided by the design studio, including model editors, code editors, consistency checking mechanisms, code generators, and integration with the JavaBIP tool-set.
△ Less
Submitted 31 May, 2018; v1 submitted 24 May, 2018;
originally announced May 2018.
-
SolidWorx: A Resilient and Trustworthy Transactive Platform for Smart and Connected Communities
Authors:
Scott Eisele,
Aron Laszka,
Anastasia Mavridou,
Abhishek Dubey
Abstract:
Internet of Things and data sciences are fueling the development of innovative solutions for various applications in Smart and Connected Communities (SCC). These applications provide participants with the capability to exchange not only data but also resources, which raises the concerns of integrity, trust, and above all the need for fair and optimal solutions to the problem of resource allocation…
▽ More
Internet of Things and data sciences are fueling the development of innovative solutions for various applications in Smart and Connected Communities (SCC). These applications provide participants with the capability to exchange not only data but also resources, which raises the concerns of integrity, trust, and above all the need for fair and optimal solutions to the problem of resource allocation. This exchange of information and resources leads to a problem where the stakeholders of the system may have limited trust in each other. Thus, collaboratively reaching consensus on when, how, and who should access certain resources becomes problematic. This paper presents SolidWorx, a blockchain-based platform that provides key mechanisms required for arbitrating resource consumption across different SCC applications in a domain-agnostic manner. For example, it introduces and implements a hybrid-solver pattern, where complex optimization computation is handled off-blockchain while solution validation is performed by a smart contract. To ensure correctness, the smart contract of SolidWorx is generated and verified.
△ Less
Submitted 24 April, 2018; v1 submitted 22 April, 2018;
originally announced April 2018.
-
Tool Demonstration: FSolidM for Designing Secure Ethereum Smart Contracts
Authors:
Anastasia Mavridou,
Aron Laszka
Abstract:
Blockchain-based distributed computing platforms enable the trusted execution of computation - defined in the form of smart contracts - without trusted agents. Smart contracts are envisioned to have a variety of applications, ranging from financial to IoT asset tracking. Unfortunately, the development of smart contracts has proven to be extremely error prone. In practice, contracts are riddled wit…
▽ More
Blockchain-based distributed computing platforms enable the trusted execution of computation - defined in the form of smart contracts - without trusted agents. Smart contracts are envisioned to have a variety of applications, ranging from financial to IoT asset tracking. Unfortunately, the development of smart contracts has proven to be extremely error prone. In practice, contracts are riddled with security vulnerabilities comprising a critical issue since bugs are by design non-fixable and contracts may handle financial assets of significant value. To facilitate the development of secure smart contracts, we have created the FSolidM framework, which allows developers to define contracts as finite state machines (FSMs) with rigorous and clear semantics. FSolidM provides an easy-to-use graphical editor for specifying FSMs, a code generator for creating Ethereum smart contracts, and a set of plugins that developers may add to their FSMs to enhance security and functionality.
△ Less
Submitted 26 February, 2018;
originally announced February 2018.
-
Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach
Authors:
Anastasia Mavridou,
Aron Laszka
Abstract:
The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and Internet-of-Things. However, a significant number of smart contracts deployed in practice suffer from security vulnerabilities…
▽ More
The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and Internet-of-Things. However, a significant number of smart contracts deployed in practice suffer from security vulnerabilities, which enable malicious users to steal assets from a contract or to cause damage. Vulnerabilities present a serious issue since contracts may handle financial assets of considerable value, and contract bugs are non-fixable by design. To help developers create more secure smart contracts, we introduce FSolidM, a framework rooted in rigorous semantics for designing con- tracts as Finite State Machines (FSM). We present a tool for creating FSM on an easy-to-use graphical interface and for automatically generating Ethereum contracts. Further, we introduce a set of design patterns, which we implement as plugins that developers can easily add to their contracts to enhance security and functionality.
△ Less
Submitted 25 November, 2017;
originally announced November 2017.
-
Coordination of Dynamic Software Components with JavaBIP
Authors:
Anastasia Mavridou,
Valentin Rutz,
Simon Bliudze
Abstract:
JavaBIP allows the coordination of software components by clearly separating the functional and coordination aspects of the system behavior. JavaBIP implements the principles of the BIP component framework rooted in rigorous operational semantics. Recent work both on BIP and JavaBIP allows the coordination of static components defined prior to system deployment, i.e., the architecture of the coord…
▽ More
JavaBIP allows the coordination of software components by clearly separating the functional and coordination aspects of the system behavior. JavaBIP implements the principles of the BIP component framework rooted in rigorous operational semantics. Recent work both on BIP and JavaBIP allows the coordination of static components defined prior to system deployment, i.e., the architecture of the coordinated system is fixed in terms of its component instances. Nevertheless, modern systems, often make use of components that can register and deregister dynamically during system execution. In this paper, we present an extension of JavaBIP that can handle this type of dynamicity. We use first-order interaction logic to define synchronization constraints based on component types. Additionally, we use directed graphs with edge coloring to model dependencies among components that determine the validity of an online system. We present the software architecture of our implementation, provide and discuss performance evaluation results.
△ Less
Submitted 15 August, 2017; v1 submitted 31 July, 2017;
originally announced July 2017.
-
Architecture Diagrams: A Graphical Language for Architecture Style Specification
Authors:
Anastasia Mavridou,
Eduard Baranov,
Simon Bliudze,
Joseph Sifakis
Abstract:
Architecture styles characterise families of architectures sharing common characteristics. We have recently proposed configuration logics for architecture style specification. In this paper, we study a graphical notation to enhance readability and easiness of expression. We study simple architecture diagrams and a more expressive extension, interval architecture diagrams. For each type of diagrams…
▽ More
Architecture styles characterise families of architectures sharing common characteristics. We have recently proposed configuration logics for architecture style specification. In this paper, we study a graphical notation to enhance readability and easiness of expression. We study simple architecture diagrams and a more expressive extension, interval architecture diagrams. For each type of diagrams, we present its semantics, a set of necessary and sufficient consistency conditions and a method that allows to characterise compositionally the specified architectures. We provide several examples illustrating the application of the results. We also present a polynomial-time algorithm for checking that a given architecture conforms to the architecture style specified by a diagram.
△ Less
Submitted 10 August, 2016;
originally announced August 2016.