Formal Aspects of Computing

, Volume 16, Issue 4, pp 332–351 | Cite as

Ramifications of metastability in bit variables explored via Simpson’s 4-slot mechanism

  • S. E. Paynter
  • N. Henderson
  • J. M. Armstrong


Protocol descriptions often fail to take metastability into account. Metastability, however, can undermine protocols which depend on shared bits. In this paper a series of increasingly realistic models of bits are developed in CSP to explore the implications of metastability for Simpson’s 4-slot asynchronous communication mechanism. It is shown that the 4-slot mechanism with realistic bit models preserves data-coherence, freshness, and sequencing, and is Lamport-atomic. We demonstrate that metastability can undermine the correctness of protocols demonstrated correct on the assumption that bits are Lamport-safe; furthermore, realistic bit models can demonstrate that protocols are correct which Lamport-safe bit models would suggest were incorrect or impossible.


Metastability Simpson’s 4-slot ACM Safe Atomic Wait-free Freshness 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



MBDA UK Ltd. and the Bae Systems DCSC funded this research. Our ideas have benefited from conversations with Profs H.R.Simpson and C.B. Jones, Drs. F. Xia and I. Clark, and Mssrs. Eric Campbell and Rod White. We also acknowledge our debt to Prof. John Rushby’s work on the 4-slot in SAL. Finally, we thank the anonymous referees who provided many helpful observations.

Copyright information

© BCS 2004

Authors and Affiliations

  1. 1.MBDA UK Ltd.BristolUK
  2. 2.BAE SYSTEMSDependable Computing Systems CentreUK
  3. 3.Centre for Software ReliabilityUniversity of NewcastleUK

Personalised recommendations