Runtime Verification Containers for Publish/Subscribe Networks
Ali Mehran, Dogan Ulus
TL;DR
This work tackles the challenge of validating dynamic publish/subscribe networks at scale by proposing containerized runtime verification (RV) containers that operate as both subscribers and publishers to monitor, analyze, and report property violations in real time. It presents an end-to-end framework around the Reelay RV library, including message synchronizers and DDS↔Zenoh bridges, and benchmarks baseline pub/sub performance alongside RV overhead across multiple container networking configurations. A real-world Autoware/Carla case study demonstrates practical deployment on single and multi-host setups, highlighting the benefits and tradeoffs of containerized RV in software-defined vehicle scenarios. The results indicate that containerized RV can achieve high throughput with modest overhead, especially with Zenoh, and point to scalable architectural strategies (multi-property containers, pull-based observers, and binary wire formats) for industrial adoption.
Abstract
Publish/subscribe (pub/sub) networks are a cornerstone of modern distributed systems, playing a crucial role in applications like the Internet of Things (IoT) and robotics. While runtime verification techniques seem ideal for ensuring the correctness of such highly dynamic and large-scale networks, integrating runtime monitors seamlessly into real-world industrial use cases presents significant challenges. This paper studies modern containerization technology to deploy runtime verification tools to monitor publish/subscribe networks with a performance focus. Runtime verification containers are lightweight and deployable alongside other containerized publisher and subscriber participants. Each runtime verification container monitors message flow, enabling runtime verification of network behavior. We comprehensively benchmark the container-based approach using several experiments and a real-world case study from the software-defined vehicle domain.