Abstract
Clock synchronization is the foundation of distributed real-time architectures such as the Timed-Triggered Architecture. Maintaining the local clocks synchronized is particularly important for fault tolerance, as it allows one to use simple and effective fault-tolerance algorithms that have been developed in the synchronous system model.
Clock synchronization algorithms have been extensively studied since the 1980s, and many fundamental results have been established. Traditionally, the correctness of a new clock synchronization algorithm is shown by reduction to these results. Until now, formal proofs of correctness all relied on interactive theorem provers such as PVS or Isabelle/HOL. In this paper, we present an automated proof of the TTEthernet clock-synchronization algorithm that is based on the SAL model checker.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kopetz, H., Bauer, G.: The Time-Triggered Architecture. Proceedings of the IEEE 91(1), 112–126 (2003)
Howard, C.E.: Orion avionics employ COTS technologies. In: Avionics Intelligence (June 2009)
Lundelius, J., Lynch, N.: An upper and lower bound for clock synchronization. Information and Control 62(2-3), 190–204 (1984)
Lamport, L., Melliar-Smith, P.M.: Byzantine clock synchronization. In: PODC 1984: Proceedings of the Third Annual ACM Symposium on Principles of Distributed Computing, pp. 68–74. ACM, New York (1984)
Kopetz, H.: TTP/C Protocol – Version 1.0. Vienna, Austria: TTTech Computertechnik AG (July 2002), http://www.ttagroup.org
Schneider, F.B.: Understanding protocols for byzantine clock synchronization. Cornell University, Ithaca, NY, USA, Tech. Rep. TR87–859 (1987)
Rushby, J., von Henke, F.: Formal verification of the interactive convergence clock synchronization algorithm. Computer Science Laboratory, SRI International, Menlo Park, CA, Tech. Rep. SRI-CSL-89-3R, (February 1989), http://www.csl.sri.com/papers/csl-89-3/ (revised online August 1991)
Shankar, N.: Mechanical verification of a generalized protocol for byzantine fault-tolerant clock synchronization. In: Vytopil, J. (ed.) FTRTFT 1992. LNCS, vol. 571, pp. 217–236. Springer, Heidelberg (1992)
Miner, P.S.: Verification of fault-tolerant clock synchronization systems. NASA, NASA Technical Paper 2249 (1993), http://ntrs.nasa.gov
Schwier, D., von Henke, F.: Mechanical verification of clock synchronization algorithms. In: Ravn, A.P., Rischel, H. (eds.) FTRTFT 1998. LNCS, vol. 1486, pp. 262–271. Springer, Heidelberg (1998)
Pfeifer, H., Schwier, D., von Henke, F.: Formal verification for time-triggered clock synchronization. In: Weinstock, C.B., Rushby, J. (eds.) Dependable Computing for Critical Applications, vol. 7, pp. 206–226 (January 1999)
Barsotti, D., Nieto, L., Tiu, A.: Verification of clock synchronization algorithms: experiments on a combination of deductive tools. Formal Aspects of Computing 19, 321–341 (2007)
Pike, L.: Modeling time-triggered protocols and verifying their real-time schedules. In: Proceedings of Formal Methods in Computer Aided Design (FMCAD 2007), pp. 231–238. IEEE, Los Alamitos (2007)
Steiner, W., Dutertre, B.: SMT-Based formal verification of a TTEthernet synchronization function. In: Kowalewski, S., Roveri, M. (eds.) FMICS 2010. LNCS, vol. 6371, pp. 148–163. Springer, Heidelberg (2010)
Malekpour, M.R.: Model checking a byzantine-fault-tolerant self-stabilizing protocol for distributed clock synchronization systems. NASA, Tech. Rep. NASA/TM-2007-215083 (2007)
de Moura, L., Owre, S., Rueß, H., Rushby, J., Shankar, N., Sorea, M., Tiwari, A.: Tool presentation: SAL2. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114. Springer, Heidelberg (2004)
de Moura, L., Rueß, H., Sorea, M.: Bounded model checking and induction: From refutation to verification. In: Voronkov, A. (ed.) CAV 2003. LNCS, vol. 2725, pp. 14–26. Springer, Heidelberg (2003)
Dutertre, B., Sorea, M.: Modeling and verification of a fault-tolerant real-time startup protocol using calendar automata. In: Lakhnech, Y., Yovine, S. (eds.) FORMATS 2004 and FTRTFT 2004. LNCS, vol. 3253, pp. 199–214. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Steiner, W., Dutertre, B. (2011). Automated Formal Verification of the TTEthernet Synchronization Quality. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds) NASA Formal Methods. NFM 2011. Lecture Notes in Computer Science, vol 6617. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20398-5_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-20398-5_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-20397-8
Online ISBN: 978-3-642-20398-5
eBook Packages: Computer ScienceComputer Science (R0)