An architectural overview of a software supervisor

Specification-based software supervision is an approach to the automatic run-time detection of failures. The supervisor is a unit that monitors the inputs and outputs of a target software system and reports discrepancies between specified and observed behaviors as failures. Two fundamental issues arise in supervision. The first is due to specification non-determinisms. The major difficulty being that the supervisor is required to consider all legitimate behavioral alternatives to avoid erroneous failure reports. In some cases, this results in significant supervisor time and space complexities. The second issue deals with continuation of supervision after a failure was detected. The major problem is that after a failure is detected, the supervisor no longer has definite knowledge about the specification state of the target system which can result in in spurious failure reports. This paper describes a software supervisor architecture for target systems whose specifications are expressed in communicating extended finite state machine-based formalisms. The architecture includes several independent mechanisms, each tailored to resolving a specific ambiguity occurring within the software supervisor. Included are mechanisms for resolving specification non-determinism and identifying the state of the target system after a failure is detected