Checking if the implementations conform to the requirement models is challenging. Most existing techniques for consistency checking either focus on requirement models(e.g., requirements consistency checking), or on the implementations(e.g., code-based testing) only. In this paper we propose an approach to checking behavioral consistency of implementations against requirement models directly to overcome these limitations. Our approach extracts two behavioral models represented by Labelled Transition Systems(LTS) from requirement models and implementations respectively, and checks the behavioral consistency between these two models based on behavioral simulation relation of LTS. The checking results of our approach provide evidence for behavioral inconsistency as well as inconsistent localization. A research prototype called BCCH and a case study are presented to give initial validation of this approach.
为更清晰、精确表达DRM(digital right management)中权限这一关键问题,本文提出了一种可扩展的数字权限表达语言(EDREL:Extended Digital Right Expression Language)模型,并利用形式化方法(OTS/CafeOBJ建模方法),对该模型进行了形式化的建模与许可证性质分析.与现有研究相比,本文提出的模型及方法,在解决权限的准确、无二义性表达的同时,还加入了对授权方和被授权方发生权限纠纷时执行轨迹的判断与回溯的考虑以及权限的二次发布的描述,能更好地满足DRM系统中全面和精确地描述各种权限的需求.
To check whether a program behaves in expectation, program monitoring systems are used for intrusion detection. This article presents a program monitoring system using automaton simulation based on the state graphs extracted from C programs through static analysis. For complete state graph construction, a pointer alias analysis method is proposed to solve the function pointers for obtaining actual control flows. After compiling, pro- grams are instrumented with probes to report the internal states when they are running. A program monitor is built in the kernel of Linux system, which monitors the states of programs from probes and checks the paths of execution. This monitoring system could respond to the abnormal behaviors immediately to protect the sys- tems and programs from further damages.
