History-Based Specification and Verification of Scalable Concurrent and Distributed Systems

  • Crystal Chang DinEmail author
  • S. Lizeth Tapia Tarifa
  • Reiner Hähnle
  • Einar Broch Johnsen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9407)


The ABS modelling language targets concurrent and distributed object-oriented systems. The language has been designed to enable scalable formal verification of detailed executable models. This paper provides evidence for that claim: it gives formal specifications of safety properties in terms of histories of observable communication for ABS models as well as formal proofs of those properties. We illustrate our approach with a case study of a Network-on-Chip packet switching platform. We provide an executable formal model in ABS of a generic \(m \times n\) mesh chip with an unbounded number of packets and verify several crucial properties. Our concern is formal verification of unbounded concurrent systems. In this paper we show how scalable verification can be achieved by compositional and local reasoning about history-based specifications of observable behavior.



The authors gratefully acknowledge valuable discussions with Richard Bubel.


  1. 1.
    Agha, G.A.: ACTORS: A Model of Concurrent Computations in Distributed Systems. The MIT Press, Cambridge (1986)Google Scholar
  2. 2.
    Ahrendt, W., Dylla, M.: A system for compositional verification of asynchronous objects. Sci. Comput. Program. 77(12), 1289–1309 (2012)CrossRefzbMATHGoogle Scholar
  3. 3.
    Albert, E., de Boer, F.S., Hähnle, R., Johnsen, E.B., Schlatte, R., Tapia Tarifa, S.L., Wong, P.Y.H.: Formal modeling of resource management for cloud architectures: an industrial case study using real-time ABS. J. SOCA 8(4), 323–339 (2014)CrossRefGoogle Scholar
  4. 4.
    Alpern, B., Schneider, F.B.: Defining liveness. Inf. Process. Lett. 21(4), 181–185 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Amighi, A., Haack, C., Huisman, M., Hurlin, C.: Permission-based separation logic for multithreaded Java programs. LMCS 11, 1–66 (2015)MathSciNetzbMATHGoogle Scholar
  6. 6.
    Apt, K.R., Francez, N., de Roever, W.P.: A proof system for communicating sequential processes. ACM TOPLAS 2(3), 359–385 (1980)CrossRefzbMATHGoogle Scholar
  7. 7.
    Armstrong, J.: Programming Erlang. Pragmatic Bookshelf (2007)Google Scholar
  8. 8.
    Beckert, B., Hähnle, R., Schmitt, P.H. (eds.): Verification of Object-Oriented Software. LNCS (LNAI), vol. 4334. Springer, Heidelberg (2007) Google Scholar
  9. 9.
    Bjørk, J., de Boer, F.S., Johnsen, E.B., Schlatte, R., Tapia, S.L.: User-defined schedulers for real-time concurrent objects. Innovations Syst. Softw. Eng. 9(1), 29–43 (2013)CrossRefGoogle Scholar
  10. 10.
    Borrione, D., Helmy, A., Pierre, L., Schmaltz, J.: A formal approach to the verification of networks on chip. EURASIP J. Embed. Syst. 2009, 2:1–2:14 (2009)CrossRefGoogle Scholar
  11. 11.
    Chatterjee, S., Kishinevsky, M.: Automatic generation of inductive invariants from high-level microarchitectural models of communication fabrics. Formal Methods Syst. Des. 40(2), 147–169 (2012)CrossRefzbMATHGoogle Scholar
  12. 12.
    Dahl, O.-J.: Can program proving be made practical? In: Les Fondements de la Programmation, pp. 57–114. IRIA, December 1977Google Scholar
  13. 13.
    de Boer, F.S., Clarke, D., Johnsen, E.B.: A complete guide to the future. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 316–330. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  14. 14.
    Chatterjee, S., Kishinevsky, M., Ogras, Ü.Y.: xMAS: quick formal modeling of communication fabrics to enable verification. IEEE Des. Test Comput. 29(3), 80–88 (2012)CrossRefGoogle Scholar
  15. 15.
    Din, C.C., Dovland, J., Johnsen, E.B., Owe, O.: Observable behavior of distributed systems: component reasoning for concurrent objects. J. Logic Algebraic Program. 81(3), 227–256 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Din, C.C., Owe, O.: A sound and complete reasoning system for asynchronous communication with shared futures. J. Logical Algebraic Methods Program. 83(5–6), 360–383 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Din, C.C., Owe, O.: Compositional reasoning about active objects with shared futures. Formal Aspects Comput. 27(3), 551–572 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Din, C.C., Bubel, R., Hähnle, R.: KeY-ABS: a deductive verification tool for the concurrent modelling language ABS. In: Felty, A., Middeldorp, A. (eds.) Automated Deduction - CADE-25. LNCS, vol. 9195, pp. 517–526. Springer, Switzerland (2015) CrossRefGoogle Scholar
  19. 19.
    Dovland, J., Johnsen, E.B., Owe, O.: Verification of concurrent objects with asynchronous method calls. In: Proceedings of International Conference on Software Science, Technology & Engineering (SwSTE 2005), pp. 141–150. IEEE Press, February 2005Google Scholar
  20. 20.
    Giachino, E., Laneve, C., Lienhardt, M.: A framework for deadlock detection in core ABS. Softw. Syst. Model. 1–36 (2015). Springer. doi: 10.1007/s10270-014-0444-y
  21. 21.
    Heule, S., Leino, K.R.M., Müller, P., Summers, A.J.: Abstract read permissions: fractional permissions without the fractions. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 315–334. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  22. 22.
    Hoare, C.A.R.: Communicating Sequential Processes. Prentice Hall, Upper Saddle River (1985)zbMATHGoogle Scholar
  23. 23.
    Holcomb, D.E., Seshia, S.A.: Compositional performance verification of network-on-chip designs. IEEE Trans. CAD Integr. Circ. Syst. 33(9), 1370–1383 (2014)CrossRefGoogle Scholar
  24. 24.
    Jacobs, B., Piessens, F., Leino, K.R.M., Schulte, W.: Safe concurrency for aggregate objects with invariants. In: Proceedings of SEFM, pp. 137–147. IEEE (2005)Google Scholar
  25. 25.
    Jeffrey, A., Rathke, J.: Java JR: fully abstract trace semantics for a core Java language. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 423–438. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  26. 26.
    Johnsen, E.B., Hähnle, R., Schäfer, J., Schlatte, R., Steffen, M.: ABS: a core language for abstract behavioral specification. In: Aichernig, B.K., de Boer, F.S., Bonsangue, M.M. (eds.) Formal Methods for Components and Objects. LNCS, vol. 6957, pp. 142–164. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  27. 27.
    Johnsen, E.B., Owe, O.: An asynchronous communication model for distributed concurrent objects. Softw. Syst. Model. 6(1), 35–58 (2007)CrossRefGoogle Scholar
  28. 28.
    Jones, C.B.: Development methods for computer programmes including a notion of interference. Ph.D. thesis, Oxford University, UK, June l981Google Scholar
  29. 29.
    Kamali, M., Petre, L., Sere, K., Daneshtalab, M.: Refinement-based modeling of 3D NoCs. In: Arbab, F., Sirjani, M. (eds.) FSEN 2011. LNCS, vol. 7141, pp. 236–252. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  30. 30.
    Kumar, S., Jantsch, A., Millberg, M., Öberg, J., Soininen, J., Forsell, M., Tiensyrjä, K., Hemani, A.: A network on chip architecture and design methodology. In: Proceedings of VLSI, pp. 117–124 (2002)Google Scholar
  31. 31.
    Leino, K.R.M., Müller, P., Smans, J.: Verification of concurrent programs with Chalice. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) Foundations of Security Analysis and Design V. LNCS, vol. 5705, p. 195. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  32. 32.
    Milner, R.: Fully abstract models of typed \(\lambda \)-calculi. Theoret. Comput. Sci. 4, 1–22 (1977)MathSciNetCrossRefzbMATHGoogle Scholar
  33. 33.
    Misra, J., Chandy, K.M.: Proofs of networks of processes. IEEE Trans. Softw. Eng. 7(4), 417–426 (1981)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Owicki, S.S., Gries, D.: An axiomatic proof technique for parallel programs I. Acta Informatica 6, 319–340 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  35. 35.
    Sharifi, Z., Mohammadi, S., Sirjani, M.: Comparison of NoC routing algorithms using formal methods. In: Proceedings of Parallel and Distributed Processing Techniques and Applications (PDPTA 2013), vol. 2, pp. 474–482. CSREA Press (2013)Google Scholar
  36. 36.
    Sharifi, Z., Mosaffa, M., Mohammadi, S., Sirjani, M.: Functional and performance analysis of network-on-chips using actor-based modeling and formal verification. ECEASST 66, 16 (2013)Google Scholar
  37. 37.
    Sheibanyrad, A., Greiner, A., Panades, I.M.: Multisynchronous and fully asynchronous NoCs for GALS architectures. IEEE Des. Test Comput. 25(6), 572–580 (2008)CrossRefGoogle Scholar
  38. 38.
    Sirjani, M., Jaghoori, M.M.: Ten years of analyzing actors: Rebeca experience. In: Agha, G., Danvy, O., Meseguer, J. (eds.) Formal Modeling: Actors, Open Systems, Biological Systems. LNCS, vol. 7000, pp. 20–56. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  39. 39.
    Soundararajan, N.: Axiomatic semantics of communicating sequential processes. ACM TOPLAS 6(4), 647–662 (1984)CrossRefzbMATHGoogle Scholar
  40. 40.
    Verbeek, F., Schmaltz, J.: Hunting deadlocks efficiently in microarchitectural models of communication fabrics. In: International Conference on Formal Methods in Computer-Aided Design (FMCAD 2011), pp. 223–231. FMCAD Inc. (2011)Google Scholar
  41. 41.
    Wong, P.Y.H., Albert, E., Muschevici, R., Proença, J., Schäfer, J., Schlatte, R.: The ABS tool suite: modelling, executing and analysing distributed adaptable object-oriented systems. STTT 14(5), 567–588 (2012)CrossRefGoogle Scholar
  42. 42.
    Zaharieva-Stojanovski, M., Huisman, M., Blom, S.: Verifying functional behaviour of concurrent programs. In: Proceedings of 16th Workshop on Formal Techniques for Java-Like Programs (FTfJP 2014), pp. 4:1–4:6. ACM (2014)Google Scholar
  43. 43.
    Zwiers, J.: Compositionality, Concurrency and Partial Correctness: Proof Theories for Networks of Processes, and Their Relationship. LNCS, vol. 321. Springer, Heidelberg (1989) zbMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Crystal Chang Din
    • 1
    Email author
  • S. Lizeth Tapia Tarifa
    • 2
  • Reiner Hähnle
    • 1
  • Einar Broch Johnsen
    • 2
  1. 1.Department of Computer ScienceTechnische Universität DarmstadtDarmstadtGermany
  2. 2.Department of InformaticsUniversity of OsloOsloNorway

Personalised recommendations