Automatic Completion of Distributed Protocols with Symmetry

  • Rajeev Alur
  • Mukund Raghothaman
  • Christos Stergiou
  • Stavros Tripakis
  • Abhishek Udupa
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9207)


A distributed protocol is typically modeled as a set of communicating processes, where each process is described as an extended state machine along with fairness assumptions. Correctness is specified using safety and liveness requirements. Designing correct distributed protocols is a challenging task. Aimed at simplifying this task, we allow the designer to leave some of the guards and updates to state variables in the description of the protocol as unknown functions. The protocol completion problem then is to find interpretations for these unknown functions while guaranteeing correctness. In many distributed protocols, process behaviors are naturally symmetric, and thus, synthesized expressions are further required to obey symmetry constraints. Our counterexample-guided synthesis algorithm consists of repeatedly invoking two phases. In the first phase, candidates for unknown expressions are generated using the SMT solver Z3. This phase requires carefully orchestrating constraints to enforce the desired symmetry constraints. In the second phase, the resulting completed protocol is checked for correctness using a custom-built model checker that handles fairness assumptions, safety and liveness requirements, and exploits symmetry. When model checking fails, our tool examines a set of counterexamples to safety/liveness properties to generate constraints on unknown functions that must be satisfied by subsequent completions. For evaluation, we show that our prototype is able to automatically discover interesting missing details in distributed protocols for mutual exclusion, self stabilization, and cache coherence.


Model Checker Symbolic Expression Legitimate State Completion Problem Deadlock State 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Alur, R., Bodík, R., Juniwal, G., Martin, M.M.K., Raghothaman, M., Seshia, S.A., Singh, R., Solar-Lezama, A., Torlak, E., Udupa, A.: Syntax-guided Synthesis. In: FMCAD, pp. 1–17 (2013)Google Scholar
  2. 2.
    Alur, R., Martin, M., Raghothaman, M., Stergiou, C., Tripakis, S., Udupa, A.: Synthesizing finite-state protocols from scenarios and requirements. In: Yahav, E. (ed.) HVC 2014. LNCS, vol. 8855, pp. 75–91. Springer, Heidelberg (2014) Google Scholar
  3. 3.
    Alur, R., Raghothaman, M., Stergiou, C., Tripakis, S., Udupa, A.: Automatic completion of distributed protocols with symmetry. In: CoRR, arXiv:1505.0440 (2015).
  4. 4.
    Bjorner, N., Phan, A.D.: \(\nu \)Z - maximal satisfaction with Z3. In: Kutsia, T., Voronkov, A. (eds.) SCSS 2014. EPiC Series, vol. 30, pp. 1–9. EasyChair (2014)Google Scholar
  5. 5.
    Bloem, R., Jobstmann, B., Piterman, N., Pnueli, A., Sa’ar, Y.: Synthesis of reactive(1) designs. J. Comput. Syst. Sci. 78(3), 911–938 (2012)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Cassel, S., Howar, F., Jonsson, B., Steffen, B.: Learning extended finite state machines. In: Giannakopoulou, D., Salaün, G. (eds.) SEFM 2014. LNCS, vol. 8702, pp. 250–264. Springer, Heidelberg (2014) Google Scholar
  7. 7.
    Chou, C.-T., Mannava, P.K., Park, S.: A simple method for parameterized verification of cache coherence protocols. In: Hu, A.J., Martin, A.K. (eds.) FMCAD 2004. LNCS, vol. 3312, pp. 382–398. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  8. 8.
    Cimatti, A., Clarke, E., Giunchiglia, E., Giunchiglia, F., Pistore, M., Roveri, M., Sebastiani, R., Tacchella, A.: NuSMV 2: an open-source tool for symbolic model checking. In: CAV 2002. LNCS, vol. 2404, pp. 359–364. Springer, Heidelberg (2002)Google Scholar
  9. 9.
    Dijkstra, E.W.: Self-stabilizing Systems in spite of distributed control. Commun. ACM 17(11), 643–644 (1974)CrossRefzbMATHGoogle Scholar
  10. 10.
    Dill, D.L.: The mur\(\varphi \) verification system. In: Proceedings of the 8th International Conference on Computer Aided Verification, pp. 390–393, CAV 1996, Springer-Verlag, London, UK (1996)Google Scholar
  11. 11.
    Emerson, E.A., Havlicek, J.W., Trefler, R.J.: Virtual symmetry reduction. In: Proceedings of the Fifteenth Annual IEEE Symposium on Logic in Computer Science (LICS 2000), pp. 121–131, June 2000Google Scholar
  12. 12.
    Emerson, E.A., Sistla, A.P.: Utilizing symmetry when model-checking under fairness assumptions: an automata-theoretic approach. ACM Trans. Program. Lang. Syst. 19(4), 617–638 (1997)CrossRefGoogle Scholar
  13. 13.
    Finkbeiner, B., Schewe, S.: Uniform distributed synthesis. In: IEEE Symposium on Logic in Computer Science, pp. 321–330 (2005)Google Scholar
  14. 14.
    Finkbeiner, B., Schewe, S.: Bounded synthesis. Softw. Tools Technol. Transf. 15(5–6), 519–539 (2013)CrossRefGoogle Scholar
  15. 15.
    Gascón, A., Tiwari, A.: Synthesis of a simple self-stabilizing system. In: Proceedings 3rd Workshop on Synthesis, SYNT 2014, pp. 5–16, Vienna, Austria, July 23–24, 2014Google Scholar
  16. 16.
    Holzmann, G.J.: The model checker spin. IEEE Trans. Softw. Eng. 23(5), 279–295 (1997)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Jobstmann, B., Griesmayer, A., Bloem, R.: Program repair as a game. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 226–238. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  18. 18.
    Katz, G., Peled, D.A.: Model checking-based genetic programming with an application to mutual exclusion. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 141–156. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  19. 19.
    Rich, A., Alexandron, G., Naveh, R.: An explanation-based constraint debugger. In: Namjoshi, K., Zeller, A., Ziv, A. (eds.) HVC 2009. LNCS, vol. 6405, pp. 52–56. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  20. 20.
    Lamouchi, H., Thistle, J.: Effective control synthesis for DES under partial observations. In: 39th IEEE Conference on Decision and Control, pp. 22–28 (2000)Google Scholar
  21. 21.
    Lynch, N.A.: Distributed Algorithms. Morgan Kaufmann, Burlington (1996)zbMATHGoogle Scholar
  22. 22.
    de Moura, L., Bjørner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  23. 23.
    Norris, I.P.: Better verification through symmetry. Formal Methods Syst. Des. 9(1–2), 41–75 (1996)CrossRefGoogle Scholar
  24. 24.
    Pnueli, A., Rosner, R.: On the synthesis of a reactive module. In: Proceedings of the 16th ACM Symposium on Principles of Programming Languages (1989)Google Scholar
  25. 25.
    Pnueli, A., Rosner, R.: Distributed Reactive Systems Are Hard to Synthesize. In: 31st Annual Symposium on Foundations of Computer Science. pp. 746–757 (1990)Google Scholar
  26. 26.
    Ramadge, P., Wonham, W.: The control of discrete event systems. IEEE Trans. Control Theory 77, 81–98 (1989)Google Scholar
  27. 27.
    Sistla, A.P., Gyuris, V., Emerson, E.A.: SMC: a symmetry-based model checker for verification of safety and liveness properties. ACM Trans. Softw. Eng. Methodol. 9(2), 133–166 (2000)CrossRefGoogle Scholar
  28. 28.
    Solar-Lezama, A., Rabbah, R., Bodik, R., Ebcioglu, K.: Programming by sketching for bit-streaming programs. In: Proceedings of the 2005 ACM Conference on Programming Language Design and Implementation (2005)Google Scholar
  29. 29.
    Solar-Lezama, A., Jones, C.G., Bodik, R.: Sketching concurrent data structures. In: Proceedings of the 2008 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2008 (2008)Google Scholar
  30. 30.
    Talupur, M., Tuttle, M.R.: Going with the flow: parameterized verification using message flows. In: Cimatti, A., Jones, R.B. (eds.) Formal Methods in Computer-Aided Design. FMCAD 2008, pp. 1–8. IEEE, Portland (2008)Google Scholar
  31. 31.
    Tripakis, S.: Undecidable problems of decentralized observation and control on regular languages. Inf. Process. Lett. 90(1), 21–28 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Udupa, A., Raghavan, A., Deshmukh, J.V., Mador-Haim, S., Martin, M.M., Alur, R.: TRANSIT: specifying protocols with concolic snippets. In: Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2013, pp. 287–296 (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Rajeev Alur
    • 1
  • Mukund Raghothaman
    • 1
  • Christos Stergiou
    • 1
    • 2
  • Stavros Tripakis
    • 2
    • 3
  • Abhishek Udupa
    • 1
  1. 1.University of PennsylvaniaPhiladelphiaUSA
  2. 2.University of CaliforniaBerkeleyUSA
  3. 3.Aalto UniversityHelsinkiFinland

Personalised recommendations