Aspect-Oriented Programming Runtime-Enforcement of Temporal Properties in Security-Critical Software

The Aspect-Oriented Programming paradigm has been advocated for modularisation of cross-cutting concerns in large systems. Various applications of this approach have been explored in the literature, one of which is that of runtime-verification based on assertions or temporal properties. Manually weaving temporal properties to ensure correct execution into a large code base is difficult to achieve in a clean, modular fashion, and AOP techniques enable independent specification of the properties to be automatically woven into the code. In this paper, we explore a number of applications of AOP-based runtimeverification with an emphasis on security-critical system development. Apart from weaving properties into existing programs, we show how related techniques can be used to approach security issues separately from the functionality of a module, allowing for better design of the actual system. Also, we explore AOP as a way of automatically ensuring that reusable code in a library is temporally correctly employed. An area in which not much work has yet been done is that of the use of AOP for runtime-verification of real-time properties. In our case studies we explore real-time issues and outline a proposal for automatic translation from real-time properties into code using AOP techniques.