Invisible Safety of Distributed Protocols

  • Ittai Balaban
  • Amir Pnueli
  • Lenore D. Zuck
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4052)

Abstract

The method of “Invisible Invariants” has been applied successfully to protocols that assume a “symmetric” underlying topology, be it cliques, stars, or rings. In this paper we show how the method can be applied to proving safety properties of distributed protocols running under arbitrary topologies. Many safety properties of such protocols have reachability predicates, which, at first glance, are beyond the scope of the Invisible Invariants method. To overcome this difficulty, we present a technique, called “coloring,” that allows, in many instances, to replace the second order reachability predicates by first order predicates, resulting in properties that are amenable to Invisible Invariants.We demonstrate our techniques on several distributed protocols, including a variant on Luby’s Maximal Independent Set protocol, the Leader Election protocol used in the IEEE 1394 (Firewire) distributed bus protocol, and various distributed spanning tree algorithms. All examples have been tested using the symbolic model checker tlv.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Shankar, N., Owre, S., Rushby, J.M.: A tutorial on specification and verification using PVS. Technical report (1993)Google Scholar
  2. 2.
    Bjørner, N., Browne, I., Chang, E., Colón, M., Kapur, A., Manna, Z., Sipma, H., Uribe, T.: STeP: The Stanford Temporal Prover, User’s Manual. Technical Report STAN-CS-TR-95-1562, Computer Science Department, Stanford University (1995)Google Scholar
  3. 3.
    Manna, Z., Pnueli, A.: Temporal Verification of Reactive Systems: Safety. Springer, New York (1995)Google Scholar
  4. 4.
    Pnueli, A., Ruah, S., Zuck, L.D.: Automatic Deductive Verification with Invisible Invariants. In: Margaria, T., Yi, W. (eds.) ETAPS 2001 and TACAS 2001. LNCS, vol. 2031, pp. 82–97. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Pnueli, A., Arons, T., Ruah, S., Xu, J., Zuck, L.D.: Parameterized Verification with Automatically Computed Inductive Assertions. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 221–234. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Balaban, I., Fang, Y., Pnueli, A., Zuck, L.: IIV: An invisible invariant verifier. In: Computer Aided Verification (CAV) (2005)Google Scholar
  7. 7.
    Zuck, L., Pnueli, A.: Model checking and abstraction to the aid of parameterized systems. Computer Languages, Systems, and Structures 30(3–4), 139–169 (2004)MATHCrossRefGoogle Scholar
  8. 8.
    Baukus, K., Lakhnech, Y., Stahl, K.: Parameterized verification of a cache coherence protocol safety and liveness. In: Proceedings of the 6th International Conference on Verification, Model Checking, and Abstract Interpretation, pp. 317–330 (2002)Google Scholar
  9. 9.
    Lahiri, S., Bryant, R.: Constructing quantified invariants via predicate abstraction. In: Proceedings of the 5th International Conference on Verification, Model Checking, and Abstract Interpretation, pp. 267–281 (2004)Google Scholar
  10. 10.
    Romijn, J.M.T.: A timed verification of the IEEE 1394 leader election protocol. In: Gnesi, S., Latella, D. (eds.) Proceedings of the Fourth International ERCIM Workshop on Formal Methods for Industrial Critical Systems (FMICS 1999), pp. 3–29 (1999)Google Scholar
  11. 11.
    Devillers, M., Griffioen, W., Romijn, J., Vaandrager, F.: Verification of a leader election protocol: Formal methods applied to IEEE 1394. Technical Report CSI-R9728, Computing Science Institute, Nijmegen (1997)Google Scholar
  12. 12.
    Daws, C., Kwiatkowska, M., Norman, G.: Automatic verification of the IEEE 1394 root contention protocol with KRONOS and PRISM. In: Cleaveland, R., Garavel, H. (eds.) Proc. 7th International Workshop on Formal Methods for Industrial Critical Systems (FMICS 2002). 2 of Electronic Notes in Theoretical Computer Science, vol. 66, Elsevier, Amsterdam (2002)Google Scholar
  13. 13.
    Lev-Ami, T., Immerman, N., Reps, T.W., Sagiv, S., Srivastava, S., Yorsh, G.: Simulating reachability using first-order logic with applications to verification of linked data structures. In: CADE, pp. 99–115 (2005)Google Scholar
  14. 14.
    Lynch, N.A.: Distributed Algorithms, CA, USA. Morgan Kaufmann Publishers, San Francisco (1996)MATHGoogle Scholar
  15. 15.
    Balaban, I., Pnueli, A., Zuck, L.: Shape analysis by predicate abstraction. In: Proceedings of the 6th International Conference on Verification, Model Checking, and Abstract Interpretation, pp. 164–180 (2005)Google Scholar
  16. 16.
    Balaban, I., Pnueli, A., Zuck, L.: Invisible safety of distributed protocols. Technical report, Computer Science Department, New York University (2006) http://www.cs.nyu.edu/acsys/pubs/permanent/distprotocolsicalp06full.pdf
  17. 17.
    Luby, M.: A simple parallel algorithm for the maximal independent set problem. SIAM Journal of Computing 15(4), 1036–1053 (1986)MATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    Shahar, E.: The TLV Manual.(2000) http://www.cs.nyu.edu/acsys/tlv

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Ittai Balaban
    • 1
  • Amir Pnueli
    • 1
  • Lenore D. Zuck
    • 2
  1. 1.New York UniversityNew York
  2. 2.University of Illinois at Chicago 

Personalised recommendations