About
190
Publications
54,331
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,639
Citations
Introduction
Canada Research Chair in Software Specification, Testing and Verification. Full professor at Université du Québec à Chicoutimi (Canada); co-founder and current head of the Laboratoire d'informatique formelle (Formal Computer Science Lab).
Current institution
Additional affiliations
January 2010 - present
January 2010 - October 2016
August 2006 - December 2006
Education
August 2008 - January 2010
January 2005 - August 2008
Publications
Publications (190)
![Two pipelines producing the output ⊤\documentclass[12pt]{minimal}...](publication/390527375/figure/fig3/AS:11431281355290546@1743908878939/Two-pipelines-producing-the-output-documentclass12ptminimal-usepackageamsmath_Q320.jpg)
![The definition of a node in Lustre (from [35])](publication/390527375/figure/fig4/AS:11431281355571859@1743908879086/The-definition-of-a-node-in-Lustre-from-35_Q320.jpg)
Stream processing is a programming paradigm that is growing in popularity due to the presence of an increasing number of academic and commercial platforms. However, there exist few tools and methodologies to properly test a program that manipulates streams; in particular, model-based testing techniques need to be adapted to the particularities of s...
![Fig. 1: A BPMN diagram for a banking process; figure reproduced from [2].](profile/Sylvain-Halle/publication/388726471/figure/fig1/AS:11431281311710508@1740436530905/A-BPMN-diagram-for-a-banking-process-figure-reproduced-from-2_Q320.jpg)
Industrial robotic systems (IRS) consist of industrial robots that automate industrial processes. They accurately perform repetitive tasks, replacing or assisting with dangerous jobs like assembly in the automotive and chemical industries. Failures in these systems can be catastrophic, so it is important to ensure their quality and safety before us...
Context: The constant growth of primary evidence and Systematic Literature Reviews (SLRs) publications in the Software Engineering (SE) field leads to the need for SLR Updates. However, searching and selecting evidence for SLR updates demands significant effort from SE researchers. Objective: We present emerging results on an automated approach to...
Top Software Engineering conferences and journals have long been an important platform for disseminating theoretical and fundamental results. Several signals suggest that this is less and less the case.
Compliance checking is the operation that consists of assessing whether every execution trace of a business process satisfies a given correctness condition. The paper introduces the notion of hyperquery, which is a calculation that involves multiple traces from a log at the same time. A particular case of hyperquery is a hypercompliance condition,...
Integrating security in the development and operation of information systems is the cornerstone of SecDevOps. From an operational perspective, one of the key activities for achieving such an integration is the detection of incidents (such as intrusions), especially in an automated manner. However, one of the stumbling blocks of an automated approac...
![Figure 3: Parcel Dispatcher Property Automaton [30].](profile/Rania_Taleb/publication/373684520/figure/fig2/AS:11431281274867321@1725123249919/Parcel-Dispatcher-Property-Automaton-30_Q320.jpg)
![Figure 4: A Finite State Machine for the OSN policy [58].](profile/Rania_Taleb/publication/373684520/figure/fig3/AS:11431281274867322@1725123250083/A-Finite-State-Machine-for-the-OSN-policy-58_Q320.jpg)
Runtime enforcement ensures the respect of a user-specified security policy by a program by providing a valid replacement for any misbehaving sequence of events that may occur during that program’s execution. However, depending on the capabilities of the enforcement mechanism, multiple possible replacement sequences may be available, and the curren...
Combinatorial test generation, also called t$$ t $$‐way testing, is the process of generating sets of input parameters for a system under test, by considering interactions between values of multiple parameters. In order to decrease total testing time, there is an interest in techniques that generate smaller test suites. In our previous work, we use...
Over the past several years, several governments have, at times, pushed for the idea that commercial software should be required to include a “backdoor,” a deliberate vulnerability whose existence and exploitation mechanism are disclosed only to the appropriate authorities. This would enable the authorities to obtain access to the information conta...
Context: New scientific evidence continuously arises with advances in Software Engineering (SE) research. Conventionally , Systematic Literature Reviews (SLRs) are not updated or updated intermittently, leaving gaps between updates, during which time the SLR may be missing crucial new evidence. Goal: We propose and evaluate a concept and process ca...
Runtime enforcement seeks to provide a valid replacement to any misbehaving sequence of events of a running system so that the correct sequence complies with a user-defined security policy. However, depending on the capabilities of the enforcement mechanism, multiple possible replacement sequences may be available, and the current literature is sil...
Context: New scientific evidence continuously arises with advances in Software Engineering (SE) research. Conventionally, Systematic Literature Reviews (SLRs) are not updated or updated intermittently, leaving gaps between updates, during which time the SLR may be missing crucial new evidence. Goal: We propose and evaluate a concept and process cal...
The Botnet Simulator is a tool that allows researchers to simulate the behavior of different bots that vie for control of the same pool of targets. Such simulations allow researchers to predict how differences in malware design such as different scanning strategies, infection methods or the presence of countermeasures will affect the spread of malw...
Over the years, several architecture of smart home has been proposed to enable the use of ambient intelligence. However, the major issue with most of them lies in their lack of high reliability and scalability. Therefore, the first contribution of this paper introduces a novel distributed architecture for smart homes, inspired by private cloud arch...
Systematic Literature Reviews (SLRs) play an important role in the Evidence-Based Software Engineering scenario. With the advance of the computer science field and the growth of research publications, new evidence continuously arises. This fact impacts directly on the purpose of keeping SLRs up-to-date which could lead researchers to obsolete concl...
A simple mathematical model of the scientific peer reviewing process is developed. Papers and reviewers are modeled as numerical vectors, respectively representing the paper’s value among multiple quality dimensions, and the importance given to these dimensions by a reviewer. Computer simulations show that the model can reproduce various characteri...
Explainability is the process of linking part of the inputs given to a calculation to its output, in such a way that the selected inputs somehow “cause” the result. We establish the formal foundations of a notion of explainability for arbitrary abstract functions manipulating nested data structures. We then establish explanation relationships for a...
The paper reports results on an empirical study of the structural properties of HTML markup in websites. A first large-scale survey is made on 708 contemporary (2019–2020) websites, in order to measure various features related to their size and structure: DOM tree size, maximum degree, depth, diversity of element types and CSS classes, among others...
The paper addresses the issue of layout bugs, in which elements of a web page may overlap, become misaligned or protrude from their parent container for fortuitous reasons. It proposes a technique to apply corrections to a rendered page by formulating its current state and associated layout constraints into a Mixed Integer Linear Programming proble...
We define a logical framework that permits runtime verification to take place when a monitor has incomplete or uncertain information about the underlying trace. Uncertainty is modeled as a stateful access control proxy that has the capacity to turn events into sets of possible events, resulting in what we call a “multi-trace”. We describe a model o...
The past decade has seen a rapidly growing interest in IoT-connected devices. But as is usually the case with computer systems and networks, malicious individuals soon realized that these objects could be exploited for criminal purposes. The problem is particularly salient since the firmware used in many Internet connected devices was developed wit...
We present an automata-based runtime verification procedure for LTL-FO\(^+\) properties. LTL-FO\(^+\) is an extension of LTL that includes first-order quantification over bounded variables, thus greatly increasing the expressivity of the language. We show how to construct an automata representation of an LTL-FO\(^+\) property which allows runtime v...
Android has dominated the smartphone market and has become the most popular operating system for mobile devices. However, security threats in Android applications have also increased in lockstep with Android’s success. More than 3 million new malware samples, targeting the Android operating system were discovered in 2017. Although persistent resear...
In recent years, IoT malware has become a significant threat to the IoT infrastructure, to the point where it even hinders the deployment of this promising technology. A distinctive aspect of this threat isits reliance on vulnerabilities as an infection vector. Many of these vulnerabilities are CVEs (Common Vulnerability Enumeration) selected from...
In order to leverage the capacities of non-linear constraint solvers, we propose a reformulation of SAT into a box-constrained optimization problem where the objective function is polynomial. We prove that any optimal solution of the numerical problem corresponds to a solution of the Boolean formula, and demonstrate a stopping criterion that can be...
Added value can be extracted from event logs generated by business processes in various ways. However, although complex computations can be performed over event logs, the result of such computations is often difficult to explain; in particular, it is hard to determine what parts of an input log actually matters in the production of that result. Thi...
Open Source Software (OSS) has been recognized by the software development community as an effective way to deliver software. Unlike traditional software development, OSS development is driven by collaboration among developers spread geographically and motivated by common goals and interests. Besides this fact, it is recognized by OSS community the...
Responsive Web Design (RWD) is a concept that is born from the need to provide users with a positive and intuitive experience, no matter what device they use. Complex Cascading Style Sheets (CSS) are used in RWD to smoothly change the appearance of a website based on the window width of the device being used. The paper presents an automated approac...
The paper reports results of a large-scale survey of 708 websites, in order to measure various features related to their size and structure: DOM tree size, maximum degree, depth, diversity of element types and CSS classes, among others. The goal of this research is to serve as a reference point for studies that include an empirical evaluation on sa...
A bitmap is a data structure designed to compactly represent sets of integers; it provides very fast operations for querying and manipulating such sets, exploiting bit-level parallelism. In this paper, we describe a technique for the offline verification of arbitrary expressions of Linear Temporal Logic using bitmap manipulation. An event trace is...
Over the past years, more secondary (Systematic Literature Reviews and Systematic Mappings) and tertiary studies have been conducted. Their conduction is considered a quite large task and labor-intensive since it involves a detailed process including a protocol development, which is one of the most challenging phase reported by the software enginee...
![Fig. 1: Urban parcel logistic web from Montreuil et al. [54].](profile/Sylvain-Halle/publication/339242500/figure/fig1/AS:925980667432963@1597782403895/Urban-parcel-logistic-web-from-Montreuil-et-al-54_Q320.jpg)
![Fig. 2: Representation of the megacity and its components [38].](profile/Sylvain-Halle/publication/339242500/figure/fig2/AS:925980671619072@1597782404240/Representation-of-the-megacity-and-its-components-38_Q320.jpg)
![Fig. 3: General blockchain structure, adapted from Nakamoto [58].](profile/Sylvain-Halle/publication/339242500/figure/fig3/AS:925980671610883@1597782404708/General-blockchain-structure-adapted-from-Nakamoto-58_Q320.jpg)
The combination of the Internet of Things and blockchain-based technologies represents a real opportunity for supply chain and logistics protagonists, who need more dynamic, trustworthy and transparent tracking systems in order to improve their efficiency and strengthen customer confidence. In parallel, hyperconnected logistics promise more efficie...
Added value can be extracted from event logs generated by business processes in various ways. However, although complex computations can be performed over event logs, the result of such computations is often difficult to explain; in particular, it is hard to determine what parts of an input log actually matters in the production of that result. Thi...
Search for secondary studies is essential to establish whether the review on the intended topic has already been done, avoiding waste time. In addition, secondary studies are the inputs of a tertiary study. However, one critical step in searching for secondary studies is to elaborate a search string. The main goal of this work is to analyze search...
Information systems produce different types of event logs; in many situations, it may be desirable to look for trends inside these logs. We show how trends of various kinds can be computed over such logs in real time, using a generic framework called the trend distance workflow. Many common computations on event streams turn out to be special cases...
In the past 10 years, the question of the care and well-being of the elderly became a priority for modern societies. The number of people over the age of 65 is increasing, while at the same time, resources such as caregivers and funds remain stable. It is in this context that several researchers proposed solutions based on Ambient Intelligence in o...
Over the past decade, there has been a rapidly growing interest in IoT-connected devices. But as is usually the case with computer systems and networks, malicious individuals soon noticed that these objects could be exploited for criminal purposes. The problem is particularly salient since the firmware used in many Internet connected devices were d...
![Figure 1: Urban parcel logistic web from Montreuil [16].](profile/Raphael-Khoury/publication/334504288/figure/fig1/AS:808186386857984@1569698058227/Urban-parcel-logistic-web-from-Montreuil-16_Q320.jpg)
![Figure 2: Representation of the megacity and its components [7].](profile/Raphael-Khoury/publication/334504288/figure/fig2/AS:808186386862080@1569698058480/Representation-of-the-megacity-and-its-components-7_Q320.jpg)
The Physical Internet and hyperconnected logistics concepts promise an open, more efficient, and environmentally friendly supply chain for goods. Blockchain and Internet of Things (IoT) technologies are increasingly regarded as main enablers of improvements in this domain. We describe how blockchain and smart contracts present the potential of bein...
The Physical Internet and hyperconnected logistics concepts promise an open, more efficient and environmentally friendly supply chain for goods. Blockchain and Internet of Things technologies are increasingly regarded as main enablers of improvements in this domain. We describe how blockchain and smart contracts present the potential of being appli...
Event logs and event streams can be found in software systems of very diverse kinds. For instance, workflow management systems and ERP platforms produce event logs in some common format based on XML.
Financial transaction systems also keep a log of their operations in some standardized and documented format, as is the case for web servers such as...
This paper describes a plug-in extension of the BeepBeep 3 event stream processing engine. The extension allows one to write a custom grammar defining a particular specification language on event traces. A built-in interpreter can then convert expressions of the language into chains of BeepBeep processors through just a few lines of code, making it...
Designing clean, reusable, and repeatable experiments for a research paper does not have to be difficult. We report on our efforts to create an integrated toolchain for running, processing, and including the results of computer experiments in scientific publications.
We show how trends of various kinds can be computed over event logs in real time, using a generic framework called the trend distance workflow. Many common computations on event streams turn out to be special cases of this workflow, depending on how a handful of workflow parameters are defined. This process has been implemented and tested in a real...
When monitoring a trace using an LTL specification, the verdict returned by the monitor can often be insufficiently informative to be actionable. In this paper, we propose a generalization of LTL that allows formulae to evaluate to a natural or a real value, thus yielding quantitative information about the underlying trace. We illustrate with examp...
Runtime enforcement is an effective method to ensure the compliance of program with user-defined security policies. In this paper we show how the stream event processor tool BeepBeep can be used to monitor the security properties of Java programs. The proposed approach relies on AspectJ to generate a trace capturing the program’s runtime behavior....
This paper extends previous work on execution trace triaging. We examine the problem of trace triaging along three of the four views used in the study of temporal properties, namely the automata-theoretic view, the temporal logic view and the set-theoretic view. For each case, we propose several partitions of universe of possible traces into equiva...
A short poster describing the basics of Event Stream Processing, and how the BeepBeep 3 event procesing enging works.
The design of the user interface of a modern application needs to follow a set of guidelines, codified in a document published by the maintainers of a particular operating system. These guidelines are intended to ensure a minimum level of quality and consistency across applications. Unfortunately, checking compliance with respect to these guideline...
We present an extension to the BeepBeep 3 event stream engine that allows the use of multiple threads during the evaluation of a query. Compared to the single-threaded version of BeepBeep, the allocation of just a few threads to specific portions of a query provides improvement in terms of throughput.
This paper describes a novel method for recognizing
different soil types based on inertial data generated by a
user’s gait. To achieve this objective, a new wearable device
which aims at collecting data produced by an embedded 6-axis
accelerometer/gyroscope was designed first. To command this
piece of hardware (start and stop recording, as well as...
Artifact-centric workflows describe possible executions of a business process through constraints expressed from the point of view of the documents exchanged between principals. A sequence of manipulations is deemed valid as long as every document in the workflow follows its prescribed lifecycle at all steps of the process. So far, establishing tha...
LabPal is a Java library designed to easily create and run experiments on a computer. It provides a user-friendly web console, support for automated plotting, a pause-resume facility, a mechanism for handling data traceability and linking, and the possibility of saving all experiment input and output data in an open format. These functionalities gr...
SealTest is a Java library for generating test sequences based on a formal specification. It allows a user to easily define a wide range of coverage metrics using multiple specification languages. Its simple and generic architecture makes it a useful testing tool for dynamic software systems, as well as an appropriate research testbed for implement...
LabPal is a Java library designed to easily create and run experiments on a computer. It provides a user-friendly web console, support for automated plotting, a pause-resume facility, a mechanism for handling data traceability and linking, and the possibility of saving all experiment input and output data in an open format. These functionalities gr...
SealTest is a Java library for generating test sequences based on a formal specification. It allows a user to easily define a wide range of coverage metrics using multiple specification languages. Its simple and generic architecture makes it a useful testing tool for dynamic software systems, as well as an appropriate research testbed for implement...
Current runtime verification tools seldom make use of multi-threading to speed up the evaluation of a property on a large event trace. In this paper, we present an extension to the BeepBeep 3 event stream engine that allows the use of multiple threads during the evaluation of a query. Various parallelization strategies are presented and described o...
Web applications pervade all aspects of human activity today. Therefore the content of the web has become extremely important. According to the great number of applications present nowadays, as a consequence, the manifestation of a bug has become very common. Testing modern web applications, so called "Web 2.0" applications has become more difficul...
As the human life expectancy is constantly increasing, some medical issues appear (e.g. Alzheimer) that lead, in some cases, to an expensive loss of independence. Introduced a decade ago, Smart Homes like CASAS or LIARA and their activity recognition algorithms seems to offer a solution to this problem. These prototypes use the technologies of toda...
Runtime verification is the process of observing a sequence of events generated by a running system and comparing it to some formal specification for potential violations. We show how the use of a runtime monitor can greatly speed up the testing phase of a video game under development by automating the detection of bugs when the game is being playe...
Many problems in Computer Science can be framed as the computation of queries over sequences, or "streams" of data units called events. The field of Complex Event Processing (CEP) relates to the techniques and tools developed to efficiently process these queries. However, most CEP systems developed so far have concentrated on relatively narrow type...
Configuration Logic (CL) is a formal language that allows a network engineer to express constraints in terms of the actual parameters found in the configuration of network devices. We present an efficient algorithm that can automatically check a pool of devices for conformance to a set of CL constraints; moreover, this algorithm can point to the pa...
This paper describes the design and implementation of an SQL-like language for performing complex queries on event streams. The Event Stream Query Language (eSQL) aims at providing a simple, intuitive and fully non-procedural syntax, while still preserving backwards compatibility with traditional SQL. More importantly, eSQL's core syntax is designe...
In this paper we give automata-based representation of LTL-FO$^+$ properties. LTL-FO$^+$ is an extension of LTL that includes first-order quantification over bounded variable, thus greatly increasing the expressivity of the language. An automata representation of this formalism allows greater ease in writing and understanding properties, as well as...
We explore of use of the tool BeepBeep, a monitor for the temporal logic LTL-FO\(^+\), in interpreting assembly traces, focusing on security-related applications. LTL-FO\(^+\) is an extension of LTL, which includes first order quantification. We show that LTL-FO\(^+\) is a sufficiently expressive formalism to state a number of interesting program b...
We report on the Third International Competition on Runtime Verification (CRV-2016). The competition was held as a satellite event of the 16th International Conference on Runtime Verification (RV’16). The competition consisted of two tracks: offline monitoring of traces and online monitoring of Java programs. The intention was to also include a tra...
This paper is an introduction to Complex Event Processing (CEP) intended for an practicioners of Runtime Verification. It first describes typical CEP problems, popular tools and their query languages. It then presents BeepBeep 3, an event stream processor that attempts to bridge the gap between RV and CEP. Thanks to BeepBeep’s generic architecture...
We describe a generic technique for fault localization independent from the nature of the object or the specification language used to declare its expected properties. This technique is based on the concept of "repair", a minimal set of transformations which, when applied to the original object, restores its satisfiability with respect to the speci...
One of the key challenges related to the field of Ambient Assisted Living (AAL) is the recognition of the user’s activities of daily living. Most existing approaches rely on distributed sensors, such as cameras, RFID and motion sensors. These approaches suffer from high intrusiveness for the resident, coupled with an important amount of hardware th...
The paper focuses on bugs in web applications that can be detected by analyzing the contents and layout of page elements inside a browser’s window. Based on an empirical analysis of 35 real-world web sites and applications (such as Facebook, Dropbox, and Moodle), it provides a survey and classification of more than 90 instances of layout-based bugs...
We describe a generic technique for fault localization independent from the nature of the object or the specification language used to declare its expected properties. This technique is based on the concept of “repair”, a minimal set of transformations which, when applied to the original object, restores its satisfiability with respect to the speci...
This study carries forward the line of enquiry that seeks to characterize precisely which security policies are enforceable by runtime monitors. In this regard, Basin et al. recently refined the structure that helps distinguish between those actions that the monitor can potentially suppress or insert in the execution, from those that the monitor ca...
We introduce a formal notation for the processing of event traces called Stream Logic (SL). A monitor evaluates a Boolean condition over an input trace, while a filter outputs events from an input trace depending on some monitor’s verdict; both constructs can be freely composed. We show how all operators of Linear Temporal Logic, as well as the par...
The activities of daily living of a patient in a smart home environment can be detected to a large extent by the
real-time analysis of characteristics of the habitat’s electrical consumption. However, reasoning over the conduct of these activities occurs at a much higher level of abstraction than what the sensors generally produce. In this paper, w...
Optical codes have long been used to carry small amounts of static data, such as URLs, IDs or other short binary sequences. In this paper, we experiment on the use of sequences of optical codes to form a one-way communication channel. In this context, a sender is made of a surface displaying rapidly changing codes, which are picked up by a receiver...
We present an algorithm for the automated verification of Linear Temporal Logic formulæ on event traces using an increasingly popular cloud computing framework called MapReduce. The algorithm can process multiple, arbitrary fragments of the trace in parallel, and compute its final result through a cycle of runs of MapReduce instances. Experimentati...
We introduce a generalization of the t-way test case generation problem, where parameter t is replaced by a set \(\varPhi \) of Boolean conditions on attribute values. We then present two reductions of this problem to graphs; first, to graph colouring, where we link the minimal number of tests to the chromatic number of some graph; second, to hyper...
Questions
Questions (4)
I am testing a new intrusion detection system and I need samples of traffic (network packet captures) along with signatures (i.e. patterns) of attacks that can be detected on this traffic. Does anyone know about a repository of such signatures? I am particularly interested in attacks that involve a pattern made of multiple packets (port scanning would be a good example).
Thank you in advance!
I am working on formal specifications expressed as classical finite-state automata with atomic events. I want to test my work on multiple specifications. Do you know of any archive or repository that contains many (preferably real-world) finite-state automata I could use as examples? I don't care about the format they are expressed in, as long as it is machine-readable.
A query like SELECT SUM(x), x FROM T GROUP BY x has a precisely defined result in SQL. But what about SELECT SUM(x), x FROM T? Most SQL engines accept it, and return the sum of x for all tuples of T, along with some value of x chosen from a tuple of T. But which one? What does the SQL standard say about such a query? Is it even valid?
All papers I could find have cited the same document for more than a decade: http://www.nist.gov/director/planning/upload/report02-3.pdf
No one seems to have found any more recent study on the topic. Have you?
