Timed API rules for runtime verification
First Claim
1. A computing system including one or more computing devices comprising:
- one or more processing systems; and
one or more computer-readable storage media storing instructions executable by the one or more processing systems to implement;
a target system for verification including an application programming interface (API) provider that exposes one or more APIs and one or more API clients that use the APIs;
a rules specification language configured to define stateful rules for runtime verification of the target system including constructs to specify timed state transitions for at least some of the stateful rules, the rules specification language supporting predictive evaluation timing in which an indication of when to evaluate the timing for the timed state transitions is included within corresponding stateful rules;
one or more of the stateful rules including one or more rules that specify timed state transitions for verification of the target system defined in accordance with the rules specification language; and
a run-time verifier module configured to apply the one or more stateful rules to generate verification checks for interactions between the API provider and the API clients for run-time verification of the target system to verify adherence to the stateful rules prescribed for the target system, the run-time verifier module comprising an interceptor module configured to intercept calls to APIs issued by the API clients or calls to the API clients from the API provider and initiate application of corresponding verification checks based on the calls that are intercepted.
2 Assignments
0 Petitions
Accused Products
Abstract
A stateful rules verification platform is described that support timed state transitions. The verification platform implements a specification language to provide a formal definition for rules used to test target systems having a central module that provides APIs (“API provider”) and applications (“API clients”) that use the APIs. Rules may be defined in terms of transitions on state elements associated with interactions between API providers and API clients. The rules defined in accordance with the specification language enable run-time verification in which calls may be intercepted and run-time code to implement checks may automatically be generated and injected to test behaviors of the intercepted calls. The same set of rules may also be employed for static verification during compilation. Additionally, the specification language includes constructs to specify timed state transitions for at least some rules that impose time limits on state transitions specified by the rules.
17 Citations
20 Claims
-
1. A computing system including one or more computing devices comprising:
- one or more processing systems; and
one or more computer-readable storage media storing instructions executable by the one or more processing systems to implement;
a target system for verification including an application programming interface (API) provider that exposes one or more APIs and one or more API clients that use the APIs;
a rules specification language configured to define stateful rules for runtime verification of the target system including constructs to specify timed state transitions for at least some of the stateful rules, the rules specification language supporting predictive evaluation timing in which an indication of when to evaluate the timing for the timed state transitions is included within corresponding stateful rules;
one or more of the stateful rules including one or more rules that specify timed state transitions for verification of the target system defined in accordance with the rules specification language; and
a run-time verifier module configured to apply the one or more stateful rules to generate verification checks for interactions between the API provider and the API clients for run-time verification of the target system to verify adherence to the stateful rules prescribed for the target system, the run-time verifier module comprising an interceptor module configured to intercept calls to APIs issued by the API clients or calls to the API clients from the API provider and initiate application of corresponding verification checks based on the calls that are intercepted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 18)
- one or more processing systems; and
-
11. A method implemented by one or more computing devices comprising:
- implementing a rules specification language to define rules for application programming interface (API) run-time verification of target systems in terms of transitions for state machines associated with events and that supports timed state transitions for the rules, the rules specification language supporting predictive evaluation timing in which an indication of when to evaluate the timing for the timed state transitions is included within corresponding rules;
creating one or more of the rules for run-time verification of the target systems that specify the timed state transitions in accordance with the rules specification language;
performing the API run-time verifications of the target systems using the one or more rules that specify the timed state transitions, the timed state transitions imposing timing constraints upon corresponding transitions for the state machines associated with interactions between API providers and one or more API clients of the target systems;
monitoring conditions in which an API of the target systems fails to execute within constraints imposed by the specified timed state transitions; and
responsive to the API of the target system failing to execute within the timed state transitions specified by the rules, firing an event to trigger a corresponding reaction. - View Dependent Claims (12, 13, 20)
- implementing a rules specification language to define rules for application programming interface (API) run-time verification of target systems in terms of transitions for state machines associated with events and that supports timed state transitions for the rules, the rules specification language supporting predictive evaluation timing in which an indication of when to evaluate the timing for the timed state transitions is included within corresponding rules;
-
14. One or more computer-readable storage media storing instructions that, when executed by one or more components of a computing system, implement a verification platform configured to perform operations including:
- deriving verification checks for run-time verification of a target system from stateful rules including at least some rules that impose time limits on state transitions defined by the rules;
initiating timers for one or more state transitions upon which time limits are imposed in connection with run-time verification of a target system, at least one of the time limits being hardware specific and based on protocols defined for interaction involving the specific hardware;
express the stateful rules in relation to application programming interface (API) interactions of API clients with an API provider of the target system in terms of the one or more state transitions that occur for state machines associated with the API interactions, the stateful rules defined in accordance with a specification language that supports predictive evaluation timing in which an indication of when to evaluate the timing for timed state transitions is included within corresponding stateful rules;
evaluating the timers initiated for the one or more state transitions relative to corresponding time limits; and
responsive to the one or more state transitions failing to execute within the corresponding time limits specified by the rules, firing an event to trigger a corresponding reaction. - View Dependent Claims (15, 16, 17, 19)
- deriving verification checks for run-time verification of a target system from stateful rules including at least some rules that impose time limits on state transitions defined by the rules;
Specification