then, since ? ? Pre(?, time(? following lemma A.14, since obs(?, time(?.(?, a))) = ?, obs(? s0 , time(? . (?, a))) = ? s = obs(? |?u , time(? . (?, a))) = ? |?u and ? ? (nobs(? s0 , time(? . (?, a)))) . ? c = ? ? (? |?c ) Since ? . (?, a) ? Pre(?, t), and ? ? Pre(?, time(? . (?, a))), following the definition of Pre(?, t) and Pre(?, time(? . (?, a))) (Definition 4.20), there exists t ? R ?0 such that time(?, ? ? (obs(? . (?, a), t ) |?c )) = ?. Let us consider the minimum such t . Since t ? time This means that: G(Reach((? . (?, a)) |?u , t ), ? ? ((? . (?, a)) |?c )) = ?. (A.2), p.then obs(? ,
after (0, a) after (? , t ) ? v, then v, ? ? (nobs(? , t )) ?1 . buf c , 1 ? W 0 , because ? is winning for player 0. By construction of ? , and because of the different constraints required on G s , this implies that all states v ? V s such that Reach(? s0 , time(? . (?, a))) after (0, a) after (? , t ) ? v are in W 0 , for any t ? R ?0 . We know by construction of ? that this holds for some t ,
then: (? E ) * that are minimal in the number of rules delay(), i.e. the word obtained by merging two consecutive rules delay() into one with the sum of delays of the two rules, until stabilisation. This allows to define Rules(?, t) correctly, without " cheating " by slicing time to increase the length of the word. Note that the words obtained by merging or adding delay() rules this way reach exactly the same configurations in the end ,
let P(?, t) be the predicate " (?, ? s0 , ? c ) ? store ? =? (output(?, t) = obs(? s0 , t) ? Reach E (?, t) = nobs(? s0 , t), ? c , Reach(? s0 , t), t ? time(obs(? s0 , t))) " , and P(?) be the predicate, Let us then show by induction that P(?) holds for any ? ? tw(?) ,
P(?) holds. Let us consider?, ? s0 , ? c ) ? store ? , (? . (?, a), ? t0 , ? d ) ? store ? , ? s = obs(? s0 , time(? . (?, a))), and c = Reach E (?, time(? . (?, a))). Then, by induction hypothesis, c = nobs(? s0 , time(?, Reach(? s0 time(? . (?, a)) ? time, p.time(? ,
?, a), t) = Reach E (?, t), and obs(? t0 , t) = obs(? s0 , t), meaning that P(? . (?, a), t) holds. Then ,
Network Protocol System Passive Testing for Fault Management: A??Backward Checking Approach, International Conference on Formal Techniques for Networked and Distributed Systems, pp.150-166, 2004. ,
DOI : 10.1016/S0950-5849(99)00039-7
URL : http://satoss.uni.lu/members/baptiste/papers/BC.pdf
Minimization of timed transition systems, CONCUR'92, pp.340-354, 1992. ,
DOI : 10.1007/BFb0084802
The theory of timed automata, Lecture Notes in Computer Science, vol.600, pp.45-73, 1992. ,
DOI : 10.1007/BFb0031987
Event-clock automata: a determinizable class of timed automata, Theoretical Computer Science, vol.211, issue.1-2, pp.253-273, 1999. ,
DOI : 10.1016/S0304-3975(97)00173-4
Enforceable security policies revisited, ACM Trans. Inf. Syst. Secur, vol.16, issue.1, 2013. ,
DOI : 10.1007/978-3-642-28641-4_17
Decentralised ltl monitoring. FM 2012: Formal Methods, pp.85-100, 2012. ,
DOI : 10.1007/978-3-642-32759-9_10
URL : https://hal.archives-ouvertes.fr/hal-00857286
Monitoring of Real-Time Properties, International Conference on Foundations of Software Technology and Theoretical Computer Science, pp.260-272, 2006. ,
DOI : 10.1007/11944836_25
The good, the bad, and the ugly, but how ugly is ugly? In Runtime Verification, pp.126-138, 2007. ,
Runtime Verification for LTL and TLTL, ACM Transactions on Software Engineering and Methodology, vol.20, issue.4, p.14, 2011. ,
DOI : 10.1145/2000799.2000800
URL : http://www4.in.tum.de/~leucker/Documents/Leucker/tosem09_prelim.pdf
Composing expressive runtime security policies, ACM Transactions on Software Engineering and Methodology, vol.18, issue.3, p.9, 2009. ,
DOI : 10.1145/1525880.1525882
URL : http://www.cse.usf.edu/~ligatti/papers/polymer-tosem.pdf
Timed Automata: Semantics, Algorithms and Tools, Lecture Notes in Computer Science, vol.3098, pp.87-124, 2004. ,
DOI : 10.1007/978-3-540-27755-2_3
URL : http://www.seas.upenn.edu/~lee/09cis480/papers/by-lncs04.pdf
Shield Synthesis:, 2015. ,
DOI : 10.1007/978-3-662-46681-0_51
New approaches for passive testing using an extended finite state machine specification . Information and Software Technology, pp.45837-852, 2003. ,
DOI : 10.1016/s0950-5849(03)00063-6
Characterization of temporal property classes. Automata, languages and programming, pp.474-486, 1992. ,
Java-MOP: A Monitoring Oriented Programming Environment for Java, TACAS, pp.546-550, 2005. ,
DOI : 10.1007/978-3-540-31980-1_36
URL : http://gureni.cs.uiuc.edu/~grosu/download/java-mop-tool.ps
Availability enforcement by obligations and aspects identification, First International Conference on Availability, Reliability and Security (ARES'06), p.10, 2006. ,
DOI : 10.1109/ARES.2006.36
URL : http://www.rennes.enst-bretagne.fr/~fcuppens/articles/ares06.pdf
Timing assumptions and verification of finite-state concurrent systems, International Conference on Computer Aided Verification, pp.197-212, 1989. ,
DOI : 10.1007/3-540-52148-8_17
Modeling runtime enforcement with mandatory results automata, International Journal of Information Security, vol.206, issue.2???4, pp.47-60, 2015. ,
DOI : 10.1016/j.ic.2007.07.009
Antoine and Falcone, Ylies, 2017a. Monitoring decentralized specifications, 26th International Symposium on Software Testing and Analysis ,
THEMIS: a tool for decentralized monitoring algorithms, Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis , ISSTA 2017, 2017. ,
DOI : 10.1007/s10515-005-6205-y
URL : https://hal.archives-ouvertes.fr/hal-01653727
What can you verify and enforce at runtime?, International Journal on Software Tools for Technology Transfer, vol.3, issue.1, pp.349-382, 2012. ,
DOI : 10.1145/353323.353382
URL : https://hal.archives-ouvertes.fr/hal-00497350
A tutorial on runtime verification. Engineering Dependable Software Systems, pp.141-175, 2013. ,
URL : https://hal.archives-ouvertes.fr/hal-00853727
Runtime enforcement monitors: composition, synthesis, and enforcement abilities. Formal Methods in System Design, pp.223-262, 2011. ,
DOI : 10.1007/s10703-011-0114-4
URL : https://hal.archives-ouvertes.fr/hal-00576948
Runtime enforcement monitors: composition, synthesis, and enforcement abilities. Formal Methods in System Design, pp.223-262, 2011. ,
DOI : 10.1007/s10703-011-0114-4
URL : https://hal.archives-ouvertes.fr/hal-00576948
Access control by tracking shallow execution history, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004, pp.43-55, 2004. ,
DOI : 10.1109/SECPRI.2004.1301314
URL : http://www.cs.uregina.ca/~pwlfong/Pub/UR-CS-TR-2003-9.ps
Synth??se en ligne de superviseur compositionnel pour ???otte de robots mobiles, Journal Europ??en des Syst??mes Automatis??s, vol.47, issue.1-3, pp.1-3, 2013. ,
DOI : 10.3166/jesa.47.195-210
Decentralized Enforcement of Artifact Lifecycles, 2016 IEEE 20th International Enterprise Distributed Object Computing Conference (EDOC), pp.1-10, 2016. ,
DOI : 10.1109/EDOC.2016.7579380
Computability classes for enforcement mechanisms, ACM Transactions on Programming Languages and Systems, vol.28, issue.1, pp.175-205, 2006. ,
DOI : 10.1145/1111596.1111601
URL : http://www.cs.cornell.edu/fbs/publications/EnfClasses.pdf
Uppaal in a nutshell, International Journal on Software Tools for Technology Transfer, vol.1, issue.1-2, pp.134-152, 1997. ,
DOI : 10.1007/s100090050010
Formal certification of a compiler back-end or, ACM SIGPLAN Notices, vol.41, issue.1, pp.42-54, 2006. ,
DOI : 10.1145/1111320.1111042
URL : https://hal.archives-ouvertes.fr/inria-00000963
Edit automata: enforcement mechanisms for run-time security policies, International Journal of Information Security, vol.3, issue.1-2, pp.2-16, 2005. ,
DOI : 10.1145/325694.325728
URL : http://www.cs.princeton.edu/~jligatti/papers/TR-681-03.pdf
Run-Time Enforcement of Nonsafety Policies, ACM Transactions on Information and System Security, vol.12, issue.3, 2009. ,
DOI : 10.1145/1455526.1455532
A hierarchy of temporal properties, Proceedings of the sixth annual ACM Symposium on Principles of distributed computing , PODC '87, pp.377-410, 1989. ,
DOI : 10.1145/41840.41857
Through Modeling to Synthesis of Security Automata, Electronic Notes in Theoretical Computer Science, vol.179, pp.31-46, 2007. ,
DOI : 10.1016/j.entcs.2006.08.029
Symbolic model checking, Symbolic Model Checking, pp.25-60, 1993. ,
TiPEX: A Tool Chain for Timed Property Enforcement During eXecution, Runtime Verification, pp.306-320, 2015. ,
DOI : 10.1016/j.entcs.2005.10.035
URL : https://hal.archives-ouvertes.fr/hal-01244446
TiPEX: A Tool Chain for Timed Property Enforcement During eXecution, 6th International Conference on Runtime Verification, pp.1210-1007, 2015. ,
DOI : 10.1016/j.entcs.2005.10.035
URL : https://hal.archives-ouvertes.fr/hal-01244446
Runtime enforcement of timed properties revisited. Formal Methods in System Design, pp.381-422, 2014. ,
DOI : 10.1007/s10703-014-0215-y
URL : https://hal.archives-ouvertes.fr/hal-01088136
Runtime Enforcement of Timed Properties, Third International Conference, pp.229-244, 2012. ,
DOI : 10.1007/978-3-642-35632-2_23
URL : https://hal.archives-ouvertes.fr/hal-00743270
Runtime enforcement of timed properties revisited. Formal Methods in System Design, pp.45381-422, 2014. ,
DOI : 10.1007/s10703-014-0215-y
URL : https://hal.archives-ouvertes.fr/hal-01088136
Runtime Enforcement of Timed Properties, Runtime Verification, pp.229-244978, 2013. ,
DOI : 10.1007/978-3-642-35632-2_23
URL : https://hal.archives-ouvertes.fr/hal-00743270
The control of discrete event systems, Proceedings of the IEEE, vol.77, issue.1, pp.81-98, 1989. ,
DOI : 10.1109/5.21072
Optimal enforcement of (timed) properties with uncontrollable events, Mathematical Structures in Computer Science, vol.16, pp.1-46, 2017. ,
DOI : 10.1145/353323.353382
URL : https://hal.archives-ouvertes.fr/hal-01262444
Enforcement of (Timed) Properties with Uncontrollable Events, Leucker Theoretical Aspects of Computing - ICTAC 2015, pp.542-560, 2015. ,
DOI : 10.1007/978-3-319-25150-9_31
URL : https://hal.archives-ouvertes.fr/hal-01185238
GREP: Games for the Runtime Enforcement of Properties, Testing Software and Systems: 29th IFIP WG 6.1 International Conference Proceedings, pp.259-275, 2017. ,
DOI : 10.1145/353323.353382
URL : https://hal.archives-ouvertes.fr/hal-01678960
Runtime enforcement using Büchi games, Proceedings of Model Checking Software -24th International Symposium, SPIN 2017, pp.70-79, 2017. ,
DOI : 10.1145/3092282.3092296
Acceptability-oriented computing, ACM SIGPLAN Notices, vol.38, issue.12, pp.57-75, 2003. ,
DOI : 10.1145/966051.966060
URL : http://dspace.mit.edu/bitstream/1721.1/3846/2/CS002.pdf
Enforceable security policies, ACM Transactions on Information and System Security, vol.3, issue.1, pp.30-50, 2000. ,
DOI : 10.1145/353323.353382
Synthesizing Runtime Enforcer of Safety Properties Under Burst Error, NASA Formal Methods Symposium, pp.65-81, 2016. ,
DOI : 10.1145/2610384.2610405