Reductions and abstractions for formal verification of distributed round-based algorithms


Model checking has advanced over the last decades to become an effective formal technique for verifying distributed and concurrent systems. As computers grew in memory and processing capacity, it became possible to exhaustively verify systems with billions of states, making it practical to model and verify real-world protocols and algorithms. However, writing a model is a manual task that potentially introduces defects which the model checker tool finds to fulfill the formal specification (e.g., an incorrect model that fulfills an incomplete specification). Furthermore, this kind of formal verification technique is limited by the well-known state-space explosion problem. This paper aims to provide a set of generic template models, appropriate for distributed round-based algorithms, to be used to focus modeling effort on algorithm-specific details. To mitigate state-space explosion, the paper proposes two reduction techniques, named partition symmetry reduction and message order reduction, that exploit symmetries in the state space to avoid expanding equivalent states. The reusable framework for verifying round-based algorithms and the two proposed reduction techniques provide the means for reducing by orders of magnitude the number of states required to analyze common distributed algorithms.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10


  1. Aminof, B., Rubin, S., Stoilkovska, I., Widder, J., & Zuleger, F. (2018). Parameterized model checking of synchronous distributed algorithms by abstraction. In: International Conference on Verification, Model Checking, and Abstract Interpretation, Springer, pp. 1–24.

  2. Ben-Or, M. (1983). Another advantage of free choice (extended abstract): Completely asynchronous agreement protocols. In: Proceedings of the Second Annual ACM Symposium on Principles of Distributed Computing, Association for Computing Machinery, New York, NY, USA, PODC ’83, pp. 27–30.

  3. Bóna, M. (2002). A walk through combinatorics: an introduction to enumeration and graph theory. World Scientific.

  4. Bondhugula, U., Hartono, A., Ramanujam, J., & Sadayappan, P. (2008). A practical automatic polyhedral parallelizer and locality optimizer. In: Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, Tucson, AZ, USA, pp. 101–113.

  5. Bosnacki Dragan, D. D., & Holenderski, L. (2002). Symmetric spin. International Journal on Software Tools for Technology Transfer,4, 92–106.

  6. Burch, J. R., Clarke, E. M., McMillan, K. L., Dill, D. L., & Hwang, L. J. (1992). Symbolic model checking: 1020 states and beyond. Information and Computation, 98(2), 142–170.

    MathSciNet  Article  Google Scholar 

  7. Chaouch-Saad, M., Charron-Bost, B., Merz, S. (2009). A reduction theorem for the verification of round-based distributed algorithms. In: Bournez O, Potapov I (eds) Reachability Problems, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 5797,93–106.

  8. Charron-Bost, B., & Schiper, A. (2009). The heard-of model: computing in distributed systems with benign faults. Distributed Computing,22, 49–71.

  9. Clarke, E., McMillan, K., Campos, S., Hartonas-Garmhausen, V. (1996). Symbolic model checking. In: Alur R, Henzinger T (eds) Computer Aided Verification, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 1102,419–422.

  10. Clarke, E., Grumberg, O., Jha, S., Lu, Y., & Veith, H. (2000). Counterexampleguided abstraction refinement. In: Emerson E, Sistla A (eds) Computer Aided Verification, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 1855,154–169.

  11. Clarke, E. M., Emerson, E. A., & Sistla, A. P. (1986). Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Trans Program Lang Syst,8(2), 244–263.

  12. Clarke, E. M., Grumberg, O., & Long, D. E. (1994). Model checking and abstraction. ACM Trans Program Lang Syst,16(5), 15121542.

  13. Clarke, E. M., Biere, A., Raimi, R., & Zhu, Y. (2001). Bounded model checking using satisfiability solving. Formal Methods in System Design,19(1), 7–34.

  14. Clarke, E.M., Henzinger, T.A., Veith, H., Bloem, R. (eds) (2018). Handbook of Model Checking. Springer.

  15. Cristian, F., & Fetzer, C. (1999). The timed asynchronous distributed system model. IEEE Transactions on Parallel and Distributed Systems,10(6), 642–657.

    Article  Google Scholar 

  16. Dean, J., Sanjay Ghemawat, I., Google. (2004). Mapreduce: Simplified data processing on large clusters. In: Proceedings of the 6th Symposium on Operating Systems Design & Implementation (OSDI ’04), Usenix.

  17. Eisner, C., & Peled, D. (2002). Comparing symbolic and explicit model checking of a software system. Model Checking Software, Lecture Notes in Computer Science, Springer, Berlin Heidelberg,2318, 230–239.

  18. Elrad, T., & Francez, N. (1982). Decomposition of distributed programs into communication-closed layers. Science of Computer Programming,2(3), 55–173.

  19. Emerson, E., & Sistla, A. (1996). Symmetry and model checking. Formal Methods in System Design,9, 105131.

  20. Erdős, P. (1942). On an elementary proof of some asymptotic formulas in the theory of partitions. Annals of Mathematics pp. 437–450.

  21. Fichte, J.K., Hecher, M., & Szeider, S. (2020). A time leap challenge for sat-solving. In: Simonis H (ed) Principles and Practice of Constraint Programming- 26th International Conference, CP 2020, Louvain-la-Neuve, Belgium,September 7-11, 2020, Proceedings, Springer, Lecture Notes in Computer Science, 12333,267–285.

  22. Gafni, E. (1998). Round-by-round fault detectors: Unifying synchrony and asynchrony (extended abstract). In: Coan BA, Afek Y (eds) Proceedings of the Seventeenth Annual ACM Symposium on Principles of Distributed Computing, PODC ’98, Puerto Vallarta, Mexico, ACM, 143–152.

  23. García-Pérez, Á., Gotsman, A., Meshman, Y., & Sergey, I. (2018). Paxos consensus, deconstructed and abstracted. European Symposium on Programming Cham: Springer, pp. 912–939.

  24. Hardy, G. H., & Ramanujan, S. (1918). Asymptotic formulaæin combinatory analysis. Proceedings of the London Mathematical Society,2(1), 75–115.

    Article  Google Scholar 

  25. Herlihy, M. P. (1991). Wait-free synchronization. ACM Transactions on Programming Languages and Systems,13, 124–149.

    Article  Google Scholar 

  26. Holzmann, G. J. (2003). The SPIN Model Checker: primer and reference manual. Addison-Wesley.

  27. Hughes, C., & Hughes, T. (2003). Parallel and Distributed Programming Using C++ (1st ed.). The address: Addison-Wesley.

    MATH  Google Scholar 

  28. Lynch, N. (1996). Distributed Algorithms. Morgan Kaufmann, San Francisco, CS.

  29. Marić, O., Sprenger, C., & Basin, D. (2017). Cutoff bounds for consensus algorithms. In: International Conference on Computer Aided Verification, Springer, 217–237.

  30. Minsky, M. (1961). Recursive unsolvability of post’s problem of “tag” and other topics in theory of turing machines. Annals of Mathematics,74, 437.

  31. de Moura, L.M., & Bjørner, N. (2008). Z3: an efficient SMT solver. In: Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, Proceedings, 337–340.

  32. Peled, D. (1994). Combining partial order reductions with on-the-y modelchecking. In: Dill D (ed) Computer Aided Verification, Lecture Notes in Computer Science, vol 818, Springer Berlin Heidelberg, 377–390.

  33. Raynal, M. (2018). Consensus and interactive consistency in synchronous systems prone to process crash failures. In: Fault-Tolerant Message-Passing Distributed Systems, Springer, 173–187.

  34. Santoro, N., & Widmayer, P. (2005). Majority and unanimity in synchronous networks with ubiquitous dynamic faults. In: Pelc A, Raynal M (eds) Structural Information and Communication Complexity, 12th International Col-loquium, SIROCCO 2005, Mont Saint-Michel, France, Proceedings, Springer, Lecture Notes in Computer Science, 3499,262–276.

  35. Singh, G., Püschel, M., & Vechev, M.T. (2017). Fast polyhedra abstract domain. In: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017, Paris, France, 46–59.

  36. Srikanth, T. K., & Toueg, S. (1987). Simulating authenticated broadcasts to derive simple fault-tolerant algorithms. Distrib Comput,2(2), 80–94.

  37. Tsuchiya, T., & Schiper, A. (2008). Using bounded model checking to verify consensus algorithms. In: Taubenfeld G (ed) Distributed Computing, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 5218,466–480.

Download references


This work is funded by national funds through the FCT - Foundation for Science and Technology, I.P., within the scope of project CISUC - UID/CEC/00326/2020 and by European Social Fund, through the Regional Operational Program Centro 2020, project LASIGE - UIDB/00408/2020, the AESOP project (P2020-31/SI/2017, No. 040004) and through the CMU-Portugal project CAMELOT (POCI-01-0247-FEDER-045915).

Author information



Corresponding author

Correspondence to Raul Barbosa.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Barbosa, R., Fonseca, A. & Araujo, F. Reductions and abstractions for formal verification of distributed round-based algorithms. Software Qual J (2021).

Download citation


  • Model checking
  • Distributed algorithms
  • Formal verification