Skip to main content
SpringerLink
Log in

Verification of distributed systems with local–global predicates

  • Published:
Formal Aspects of Computing

Abstract

This paper describes a methodology for developing and verifying a class of distributed systems in which the state space may be discrete or continuous. Our focus is on systems where changes are local in that a small number of components change state while the remainder of the system is unchanged. A proof methodology is developed that ensures global properties, such as invariants and convergence, by guaranteeing local properties within subsystems. This methodology is used to prove the correctness of concrete examples. We present a PVS library of theorems and proofs that can be used to reduce the work required to develop and verify programs in this class. A transformation of these libraries to Java is also outlined.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abrial JR (1996) The B-book: assigning programs to meanings. Cambridge University Press, New York

    Book  MATH  Google Scholar 

  2. Amir Y, Dolev D, Kramer S, Malki D (1992) Membership algorithms for multicast communication groups. In: Proceedings of the 6th international workshop on distributed algorithms (WDAG ’92). Lecture notes in computer science, vol 647. Springer, Berlin, pp 292–312

  3. Archer M, Heitmeyer C, Sims S (1998) TAME: a PVS interface to simplify proofs for automata models. In: Proceedings of the 1st international workshop on user interfaces for theorem provers (UITP ’98), July 1998

  4. Archer M (2000) TAME: using PVS strategies for special-purpose theorem proving. Ann Math Artif Intell 29(4): 139–181

    Article  MathSciNet  MATH  Google Scholar 

  5. Attiya H, Welch J (2004) Distributed computing: fundamentals, simulations and advanced topics. Wiley, New York

    Google Scholar 

  6. Burdy L, Cheon Y, Cok DR, Ernst MD, Kiniry JR, Leavens GT, Leino KRM, Poll E (2005) An overview of JML tools and applications. Int J Softw Tools Technol Transf 7(3): 212–232

    Article  Google Scholar 

  7. Blondel VD, Hendrickx JM, Olshevsky A, Tsitsiklis JN (2005) Convergence in multiagent coordination consensus and flocking. In: Proceedings of the joint 44th IEEE conference on decision and control and european control conference (CDC-ECC ’05). IEEE Computer Society, Washington, DC, pp 2996–3000

  8. Bulwahn L, Krauss A, Nipkow T (2007) Finding lexicographic orders for termination proofs in isabelle/hol. In: Proceedings of the 20th international conference on theorem proving in higher order logics (TPHOLs ’07). Lecture notes in computer science, vol 4732. Springer, Berlin, pp 38–53

  9. Blech JO, Poetzsch-Heffter A (2007) A certifying code generation phase. Electron Notes Theor Comput Sci 190(4): 65–82

    Article  Google Scholar 

  10. Back RJR, Sere K (1996) Superposition refinement of reactive systems. Formal Aspects Comput 8(3): 324–346

    Article  MATH  Google Scholar 

  11. Chazan D, Miranker W (1969) Chaotic relaxation. Linear Algebra Appl 2(2): 199–222

    Article  MathSciNet  MATH  Google Scholar 

  12. Chandy KM, Misra J (1988) Parallel program design: a foundation. Addison-Wesley Longman Publishing Co., Inc., Boston

    MATH  Google Scholar 

  13. Chandy KM, Mitra S, Pilotto C (2008) Convergence verification: from shared memory to partially synchronous systems. In: Proceedings of 5th international conference on formal modeling and analysis of timed systems (FORMATS ’08). Lecture notes in computer science, vol 5215. Springer, Berlin, pp 217–231

  14. Chatterjee S, Seneta E (1977) Towards consensus: some convergence theorems on repeated averaging. J Appl Probab 14(1): 89–97

    Article  MathSciNet  MATH  Google Scholar 

  15. Denney E, Fischer B (2006) Extending source code generators for evidence-based software certification. In: Proceedings of the 2nd international symposium on leveraging applications of formal methods, verification and validation (ISoLA ’06). IEEE Computer Society, Washington, DC, pp 138–145

  16. Dijkstra EW (1968) A constructive approach to the problem of program correctness. BIT 8: 174–186

    Article  MATH  Google Scholar 

  17. Dijkstra EW (1976) Executional abstraction, chapter 0. Prentice-Hall, New Jersey

    Google Scholar 

  18. de Jong E, van de Pol J, Hooman J (2000) Refinement in requirements specification and analysis: a case study. In: Proceedings of the 7th IEEE international conference and workshop on the engineering of computer based systems (ECBS ’00). IEEE Computer Society, Washington, DC, pp 290–298

  19. Floyd R (1967) Assigning meanings to programs. In: Symposium on applied mathematics. mathematical aspects of computer science. American Mathematical Society, Providence, pp 19–32

  20. Gabay D, Moulin H (1980) On the uniqueness and stability of nash equilibria in non-cooperative games. In: Applied stochastic control of econometrics and management science. North-Holland, Amsterdam, pp 271–293

  21. Go B, Mitra S, Pilotto C, White J (2009) Infospheres project. http://www.infospheres.caltech.edu/facj

  22. Gottliebsen H (2000) Transcendental functions and continuity checking in pvs. In: Proceedings of the 13th international conference on theorem proving in higher order logics (TPHOLs ’00), Lecture notes in computer science, vol 1869. Springer, Berlin, pp 197–214

  23. Harrison J (1998) Theorem proving with the real numbers. Springer, Berlin

    MATH  Google Scholar 

  24. Huang Q, Julien C, Roman GC (2004) Relying on safe distance to achieve strong partitionable group membership in ad hoc networks. IEEE Trans Mobile Comput 3(2): 192–205

    Article  Google Scholar 

  25. Horowitz B (2003) Giotto: a time-triggered language for embedded programming. PhD thesis, University of California, Berkeley

  26. Jackson PB (2000) Total-correctness refinement for sequential reactive systems. In: Proceedings of the 13th international conference on theorem proving in higher order logics (TPHOLs ’00). Lecture notes in computer science, vol 1869. Springer, Berlin, pp 320–337

  27. Jadbabaie A, Lin J, Morse AS (2003) Coordination of groups of mobile autonomous agents using nearest neighbor rules. IEEE Trans Autom Control 48(6): 988–1001

    Article  MathSciNet  Google Scholar 

  28. Jain A, Shyamasundar RK (2004) Failure detection and membership management in grid environments. In: Proceedings of the 5th IEEE/ACM international workshop on grid computing (GRID ‘04). IEEE Computer Society, Washington, DC, pp 44–52

  29. Kennedy KE (2008) Caps: concurrent automatic programming system. PhD thesis, Clemson University, Clemson, SC, USA

  30. Khazan RI (2004) Group membership: a novel approach and the first single-round algorithm. In: Proceedings of the 23rd annual ACM symposium on principles of distributed computing (PODC ’04). ACM, New York, pp 347–356

  31. Kaynar DK, Lynch NA, Segala R, Vaandrager F (2006) The theory of timed I/O automata (Synthesis lectures in computer science). Morgan & Claypool Publishers, Oxford

  32. Lester D, NASA langley PVS library for topological spaces. http://shemesh.larc.nasa.gov/fm/ftp/larc/PVS-library/topology-details.html

  33. Liberzon D (2003) Switching in systems and control. Systems and control: foundations and applications. Birkhauser, Boston

    Google Scholar 

  34. Lim H, Kaynar D, Lynch NA, Mitra S (2005) Translating timed I/O automata specifications for theorem proving in PVS. In: Proceedings of the 3rd international conference on formal modelling and analysis of timed systems (FORMATS ’05). Lecture notes in computer science, vol 3829. Springer, Berlin,

  35. Lam S, Shankar AU (1991) A composition theorem for layered systems. In: Proceedings of the IFIP WG6.1 international symposium on protocol specification, testing and verification XI. North-Holland, Amsterdam, pp 93–108

  36. Lynch NA, Tuttle MR (1987) Hierarchical correctness proofs for distributed algorithms. In: Proceedings of the 6th annual ACM symposium on principles of distributed computing (PODC ’87). ACM, New York, pp 137–151

  37. Lynch NA, Tuttle MR (1989) An introduction to input/output automata. CWI-Quarterly 2(3): 219–246

    MathSciNet  MATH  Google Scholar 

  38. Luenberger DG (1979) Introduction to dynamic systems: theory, models, and applications. Wiley, New York

    MATH  Google Scholar 

  39. Lyapunov AM (1966) Stability of motion. Academic Press, New York

    MATH  Google Scholar 

  40. Lynch NA (1996) Distributed algorithms. Morgan Kaufmann, San Francisco

    MATH  Google Scholar 

  41. Mitra S, Archer M (2005) PVS strategies for proving abstraction properties of automata. Electron Notes Theor Comput Sci 125(2): 45–65

    Article  Google Scholar 

  42. Maharaj S, Bicarregui J (1997) On the verification of vdm specification and refinement with pvs. In: Proceedings of the 12th international conference on automated software engineering (ASE ’97). IEEE Computer Society, Washington, DC, p 280

  43. Mitra S, Chandy KM (2008) A formalized theory for verifying stability and convergence of automata in PVS. In: Proceedings of the 21st international conference on theorem proving in higher order logics (TPHOLs ’08). Lecture notes in computer science, vol 5170. Springer, Berlin, pp 230–245

  44. Mitra S (2007) A Verification Framework for Hybrid Systems. PhD thesis, Massachusetts Institute of Technology, Cambridge, MA, USA, 2007

  45. Morris JM (1987) A theoretical basis for stepwise refinement and the programming calculus. Sci Comput Program 9(3): 287–306

    Article  MATH  Google Scholar 

  46. Owre S, Rushby JM, Shankar N (1992) PVS: a prototype verification system. In: Kapur D (ed) Proceedings of 11th international conference on automated deduction (CADE ’92). Lecture notes in artificial intelligence, vol 607. Springer, Saratoga, pp 748–752

  47. Olfati-Saber R (2007) Distributed kalman filtering for sensor networks. In: Proceedings of the 46th IEEE conference on decision (CDC ’07). IEEE Computer Society, Washington, DC, pp 5492–5498

  48. Olfati-Saber R, Fax JA, Murray RM (2007) Consensus and cooperation in networked multi-agent systems. Proc IEEE 95(1): 215–233

    Article  Google Scholar 

  49. Pnueli A (1977) The temporal logic of programs. In: 18th Annual Symposium on foundations of computer science, pp 46–57

  50. Reiter MK (1996) A secure group membership protocol. IEEE Trans Softw Eng 22(1): 31–42

    Article  Google Scholar 

  51. Rohwedder E, Pfenning F (1996) Mode and termination checking for higher-order logic programs. In: Proceedings of the 6th European symposium on programming languages and systems (ESOP ’96). Lecture notes in computer science, vol 1058. Springer, Berlin, pp 296–310

  52. Sacha K (2008) Model-based implementation of real-time systems. In: Proceedings of the 27th international conference on computer safety, reliability, and security (SAFECOMP ’08). Lecture notes in computer science, vol 5219. Springer, Berlin, pp 332–345

  53. Spichkova M (2007) Specification and seamless verification of embedded real-time systems: FOCUS on Isabelle. PhD thesis, Technische Universität München

  54. Spichkova M (2008) Refinement-based verification of interactive real-time systems. Electron Notes Theor Comput Sci 214: 131–157

    Article  Google Scholar 

  55. Tauber JA (2005) Verifiable compilation of I/O automata without global synchronization. PhD thesis, Massachusetts Institute of Technology, Cambridge, MA, USA

  56. Tsitsiklis JN (1987) On the stability of asynchronous iterative processes. Theory Comput Syst 20(1): 137–153

    MathSciNet  MATH  Google Scholar 

  57. Umeno S, Lynch NA (2007) Safety verification of an aircraft landing protocol: a refinement approach. In: Proceedings of the 10th international conference on hybrid systems: computation and control (HSCC ’07). Lecture notes in computer science, vol 4416. Springer, Berlin, pp 557–572

  58. Wirth N (1971) Program development by stepwise refinement. Commun ACM 14(4): 221–227

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. California Institute of Technology, Pasadena, USA

    K. Mani Chandy, Brian Go, Concetta Pilotto & Jerome White

  2. University of Illinois at Urbana Champaign, Urbana, USA

    Sayan Mitra

Authors
  1. K. Mani Chandy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Brian Go
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sayan Mitra
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Concetta Pilotto
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jerome White
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jerome White.

Additional information

T. Margaria, D. Kröning, and J. Woodcock

This paper is dedicated to Brian Go, 1988–2009.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chandy, K.M., Go, B., Mitra, S. et al. Verification of distributed systems with local–global predicates. Form Asp Comp 23, 649–679 (2011). https://doi.org/10.1007/s00165-010-0150-7

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-010-0150-7

Keywords

Search

Navigation