Runtime Veriﬁcation: From Propositional to First-Order Temporal Logic ⋆ Klaus Havelund 1 and Doron Peled 2 1 Jet Propulsion Laboratory, California Institute of Technology, USA 2 Department of Computer Science Bar Ilan University, Israel Abstract. Runtime Veriﬁcation is a branch of formal methods concerned with analysis of execution traces for the purpose of determining the state or gen- eral quality of the executing system. The ﬁeld covers numerous approaches, one of which is speciﬁcation-based runtime veriﬁcation, where execution traces are checked against formal speciﬁcations. The paper presents syntax, semantics, and monitoring algorithms for respectively propositional and ﬁrst-order temporal log- ics. In propositional logics the observed events in the execution trace are rep- resented using atomic propositions, while ﬁrst-order logic allows universal and existential quantiﬁcation over data occurring as arguments in events. Monitoring of the ﬁrst-order case is drastically more challenging than the propositional case, and we present a solution for this problem based on BDDs. We furthermore dis- cuss monitorability of temporal properties by dividing them into different classes representing different degrees of monitorability. 1 Introduction Runtime veriﬁcation (RV) [2,16] allows monitoring (analysis) of executions of a sys- tem, directly, without the need for modeling the system. It has some commonality with other formal methods such as testing, model checking and formal veriﬁcation, including the use of a speciﬁcation formalisms 1 . However, it differs a lot in goals, the algorithms used, and the complexity and the coverage it suggests. Model checking performs a com- prehensive search on a model of the system under test. Testing generates inputs to drive system executions, trying to provide a good coverage, yet keeping the complexity low, at the price of losing exhaustiveness. Formal veriﬁcation attempts full proof of cor- rectness based on deductive techniques. Runtime veriﬁcation does not directly concern ⋆ The research performed by the ﬁrst author was carried out at Jet Propulsion Laboratory, Cal- ifornia Institute of Technology, under a contract with the National Aeronautics and Space Administration. The research performed by the second author was partially funded by Israeli Science Foundation grant 2239/15: “Runtime Measuring and Checking of Cyber Physical Sys- tems”. 1 RV can be understood more broadly to mean: any processing of execution traces for the pur- pose of evaluating a system state or quality. Some approaches do not involve speciﬁcations but rather use pre-programmed algorithms as monitors.