Formal Modeling and Analysis of a Flash Filesystem in Alloy

  • Eunsuk Kang
  • Daniel Jackson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5238)

Abstract

This paper describes the formal modeling and analysis of a design for a flash-based filesystem in Alloy. We model the basic operations of a filesystem as well as features that are crucial to NAND flash hardware, such as wear-leveling and erase-unit reclamation. In addition, we address the issue of fault tolerance by modeling a mechanism for recovery from interrupted filesystem operations due to unexpected power loss. We analyze the correctness of our flash filesystem model by checking trace inclusion against a POSIX-compliant abstract filesystem, in which a file is modeled simply as an array of data elements. The analysis is fully automatic and complete within a finite scope.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aleph One. YAFFS: A flash file system for embedded use, http://www.yaffs.net
  2. 2.
    Arkoudas, K., Zee, K., Kuncak, V., Rinard, M.: On verifying a file system implementation. In: 6th ICFEM, pp. 373–390 (2004)Google Scholar
  3. 3.
    Bicarregui, J., Hoare, C.A.R., Woodcock, J.: The verified software repository: a step towards the verifying compiler. Formal Aspects of Computing 18, 143–151 (2006)MATHCrossRefGoogle Scholar
  4. 4.
    Borger, E., Start, R.F.: Abstract State Machines: A method for high-level system design and analysis. Springer, New York (2003)Google Scholar
  5. 5.
    Butler, M., Damchoom, K., Abrial, J.-R.: Some filestore developments with Event-B and Rodin. In: Verifiable File Store Mini-Challenge Workshop, co-located with the 9th ICFEM (2007)Google Scholar
  6. 6.
    Butterfield, A., Woodcock, J.: Formalizing flash memory: First steps. In: 12th ICECCS, pp. 251–260 (2007)Google Scholar
  7. 7.
    Ferreira, M.A., Silva, S.S.: J. N. Oliveira Verifying Intel flash file system core specification. In: 4th VDM-Overture Workshop, FM 2008 (2008)Google Scholar
  8. 8.
    Freitas, L., Fu, Z., Woodcock, J.: POSIX file store in Z/Eves: an experiment in the verified software repository. In: 12th ICECCS, pp. 3–14 (2007)Google Scholar
  9. 9.
    Freitas, L., Woodcock, J., Butterfield, A.: POSIX and the Verification Grand Challenge: a roadmap. In: 13th ICECCS, pp. 153–162 (2008)Google Scholar
  10. 10.
    Gal, E., Toledo, S.: Algorithms and data structures for flash memories. ACM Computing Surveys 37, 138–163 (2005)CrossRefGoogle Scholar
  11. 11.
    Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 519–531. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Gordon, M.J.C., Melham, T.F.: Introduction to HOL: a theorem proving environment for higher order logic. Cambridge University Press, New York (1993)MATHGoogle Scholar
  13. 13.
    Groce, A., Holzmann, G.J., Joshi, R.: Randomized differential testing as a prelude to formal verification. In: 29th ICSE, pp. 621–631 (2007)Google Scholar
  14. 14.
    Hynix Semiconductor et al. Open NAND Flash Interface Specification. Technical Report Revision 1.0. ONFi Workgroup (2006), http://www.onfi.org
  15. 15.
    Intel. Flash File System Core Reference Guide. Technical Report 304436001. Intel Corporation (2004)Google Scholar
  16. 16.
    Jackson, D.: Software Abstractions. MIT Press, Cambridge (2006)Google Scholar
  17. 17.
    Joshi, R., Holzmann, G.J.: A mini challenge: Build a verifiable filesystem. In: Verified Software: Theories, Tools, Experiments (2005)Google Scholar
  18. 18.
    Morgan, C., Sufrin, B.: Specification of the UNIX filing system. IEEE Transactions on Software Engineering 10, 128–142 (1984)CrossRefGoogle Scholar
  19. 19.
    Reeves, G., Neilson, T.: The Mars Rover Spirit FLASH Anomaly. In: IEEE Aerospace Conference (2005)Google Scholar
  20. 20.
    Spivey, J.M.: The Z Notation: A Reference Manual. Prentice-Hall, Englewood Cliffs (1998)Google Scholar
  21. 21.
    The Open Group. The POSIX 1003.1, 2003 Edition Specification, http://www.opengroup.org/certification/idx/posix.html
  22. 22.
    Torlak, E., Chang, F.S.-H., Jackson, D.: Finding minimal unsatisfiable cores of declarative specifications. In: Cuellar, J., Maibaum, T.S.E. (eds.) FM 2008. LNCS, vol. 5014, pp. 326–341. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  23. 23.
    Torlak, E., Jackson, D.: Kodkod: A relational model finder. In: 13th TACAS, pp. 632–647 (2007)Google Scholar
  24. 24.
    Woodcock, J., Davies, J.: Using Z: Specification, Refinement, and Proof. Prentice-Hall, NJ (1996)MATHGoogle Scholar
  25. 25.
    Yang, J., Twohey, P., Engler, D., Musuvathi, M.: Using model checking to find serious file system errors. In: 6th OSDI, pp. 273–288 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Eunsuk Kang
    • 1
  • Daniel Jackson
    • 1
  1. 1.Computer Science and Artificial Intelligence LaboratoryMassachusetts Institute of TechnologyCambridgeU.S.A

Personalised recommendations