Formal Development of a Total Order Broadcast for Distributed Transactions Using Event-B

  • Divakar Yadav
  • Michael Butler
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5454)


In a replicated database system, copies of the database are kept across several sites for fault-tolerance and availability. Data access in such systems is usually done within a transactional framework. A read-only transaction accesses data locally and an update transaction modifies the database at all sites. Total order broadcast primitives have been proposed to support transactions and allow fault-tolerant cooperation between the sites in a distributed system. In this paper, we identify and analyze the problem of formation of deadlocks among conflicting update transactions due to race conditions and outline how a system of total order broadcast prevents deadlocks and transaction failures. Later we outline how a refinement based approach with Event-B can be used for formal development of the models of total order broadcast. In this approach we begin with the abstract model of a total order broadcast and verify that the required ordering properties are preserved by the system. Subsequently, in a series of refinement steps we outline how an abstract total order can correctly be implemented by using a notion of sequence number. This technique requires us to discharge proof obligations due to consistency and refinement checking. To discharge the proof obligations we are required to discover invariants that describes the relationship between the abstract total order and the underlying mechanism.


Total Order Control Message Formal Development Proof Obligation Global Transaction 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abrial, J.-R.: The B-Book: Assigning programs to meanings. Cambridge University Press, Cambridge (1996)CrossRefzbMATHGoogle Scholar
  2. 2.
    Abrial, J.-R.: Train systems. In: Butler, et al. (eds.) [14], pp. 1–36Google Scholar
  3. 3.
    Abrial, J.-R., Butler, M., Hallerstede, S., Voisin, L.: An Open Extensible Tool Environment for Event-B. In: Liu, Z., He, J. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 588–605. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Abrial, J.-R., Cansell, D.: Click’n Prove: Interactive Proofs within Set Theory. In: Basin, D., Wolff, B. (eds.) TPHOLs 2003. LNCS, vol. 2758, pp. 1–24. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Abrial, J.-R., Cansell, D., Méry, D.: A mechanically proved and incremental development of ieee 1394 tree identify protocol. Formal Asp. Comput. 14(3), 215–227 (2003)CrossRefzbMATHGoogle Scholar
  6. 6.
    Agrawal, D., Alonso, G., Abbadi, A.E., Stanoi, I.: Exploiting atomic broadcast in replicated databases (extended abstract). In: Lengauer, C., Griebl, M., Gorlatch, S. (eds.) Euro-Par 1997. LNCS, vol. 1300, pp. 496–503. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  7. 7.
    Amir, Y., Dolev, D., Kramer, S., Malki, D.: Membership algorithms for multicast communication groups. In: Segall, A., Zaks, S. (eds.) WDAG 1992. LNCS, vol. 647, pp. 292–312. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  8. 8.
    Babaoglu, Ö., Bartoli, A., Dini, G.: Replicated file management in large-scale distributed systems. In: Tel, G., Vitányi, P.M.B. (eds.) WDAG 1994. LNCS, vol. 857, pp. 1–16. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  9. 9.
    Bernstein, P.A., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Reading (1987)Google Scholar
  10. 10.
    Birman, K.P., Schiper, A., Stephenson, P.: Lightweigt causal and atomic group multicast. ACM Trans. Comput. Syst. 9(3), 272–314 (1991)CrossRefGoogle Scholar
  11. 11.
    Butler, M.: Stepwise refinement of communicating systems. Science of Computer Programming 27(2), 139–173 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Butler, M.: An approach to the design of distributed systems with B AMN. In: Till, D., P. Bowen, J., Hinchey, M.G. (eds.) ZUM 1997. LNCS, vol. 1212, pp. 223–241. Springer, Heidelberg (1997)Google Scholar
  13. 13.
    Butler, M.: On the use of data refinement in the development of secure communications systems. Formal Aspects of Computing 14(1), 2–34 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Butler, M., Jones, C.B., Romanovsky, A., Troubitsyna, E. (eds.): Rigorous Development of Complex Fault-Tolerant Systems. LNCS, vol. 4157. Springer, Heidelberg (2006)Google Scholar
  15. 15.
    Butler, M., Yadav, D.: An incremental development of the mondex system in Event-B. Formal Aspects of Computing 20(1), 61–77 (2008)CrossRefGoogle Scholar
  16. 16.
    Défago, X., Schiper, A., Urbán, P.: Total order broadcast and multicast algorithms: Taxonomy and survey. ACM Comput. Surv. 36(4), 372–421 (2004)CrossRefGoogle Scholar
  17. 17.
    Fekete, A., Kaashoek, M.F., Lynch, N.: Implementing sequentially consistent shared objects using broadcast and point-to-point communication. Journal of the ACM 45(1), 35–69 (1998)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Fekete, A., Lynch, N.A., Shvartsman, A.A.: Specifying and using a partitionable group communication service. ACM Trans. Comput. Syst. 19(2), 171–216 (2001)CrossRefGoogle Scholar
  19. 19.
    Gray, J., Reuter, A.: Transaction Processing: Concepts and Techniques. Morgan Kaufmann, San Francisco (1993)zbMATHGoogle Scholar
  20. 20.
    Hadzilacos, V., Toueg, S.: A modular approach to fault-tolerant broadcasts and related problems. Technical Report TR 94 -1425, Cornell University, NY (1994)Google Scholar
  21. 21.
    Kemme, B., Alonso, G.: A suite of database replication protocols based on group communication primitives. In: Proc. Intl. Conf. Distributed Computing System, Amsterdam, ICDCS, pp. 156–163 (1998)Google Scholar
  22. 22.
    Kemme, B., Pedone, F., Alonso, G., Schiper, A., Wiesmann, M.: Using optimistic atomic broadcast in transaction processing systems. IEEE Trans. Knowl. Data Eng. 15(4), 1018–1032 (2003)CrossRefGoogle Scholar
  23. 23.
    Laibinis, L., Troubitsyna, E., Iliasov, A., Romanovsky, A.: Rigorous development of fault-tolerant agent systems. In: Butler, et al. (eds.) [14], pp. 241–260Google Scholar
  24. 24.
    Laibinis, L., Troubitsyna, E., Leppänen, S., Lilius, J., Malik, Q.A.: Formal Service-Oriented Development of Fault Tolerant Communicating Systems. In: Butler, M., Jones, C.B., Romanovsky, A., Troubitsyna, E. (eds.) Rigorous Development of Complex Fault-Tolerant Systems. LNCS, vol. 4157, pp. 261–287. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  25. 25.
    Lamport, L., Lynch, N.A.: Distributed computing: Models and methods. In: Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics (B), pp. 1157–1199 (1990)Google Scholar
  26. 26.
    Liu, X., Renesse, R., Bickford, M., Krietz, C., Constable, R.: Protocol switching: Exploiting meta-properties. In: Intl. Workshop on applied reliable group communication, WARGC 2001, pp. 37–42. IEEE Computer Science, Los Alamitos (2001)Google Scholar
  27. 27.
    Melliar-Smith, P.M., Moser, L.E., Agrawala, V.: Broadcast protocols for distributed systems. IEEE Trans. Parallel Distrib. Syst. 1(1), 17–25 (1990)CrossRefGoogle Scholar
  28. 28.
    Metayer, C., Abrial, J.R., Voison, L.: Event-B language. RODIN deliverables 3.2 (2005),
  29. 29.
    Moser, L.E., Melliar-Smith, P.M., Agarwal, D.A., Budhia, R.K., Lingley-Papadopoulos, C.A.: Totem: A fault-tolerant multicast group communication system. Commun. ACM 39(4), 54–63 (1996)CrossRefGoogle Scholar
  30. 30.
    Özsu, M.T., Valduriez, P.: Principles of Distributed Database Systems, 2nd edn. Prentice-Hall, Englewood Cliffs (1999)Google Scholar
  31. 31.
    Patiño-Martínez, M., Jiménez-Peris, R., Kemme, B., Alonso, G.: Middle-r: Consistent database replication at the middleware level. ACM Trans. Comput. Syst. 23(4), 375–423 (2005)CrossRefGoogle Scholar
  32. 32.
    Pedone, F., Guerraoui, R., Schiper, A.: The database state machine approach. Distributed and Parallel Databases 14(1), 71–98 (2003)CrossRefGoogle Scholar
  33. 33.
    Prisco, R.D., Fekete, A., Lynch, N., Shvartsman, A.: A dynamic view-oriented group communication service. In: PODC 1998: Proceedings of the seventeenth annual ACM symposium on Principles of distributed computing, pp. 227–236. ACM Press, New York (1998)CrossRefGoogle Scholar
  34. 34.
    Schiper, A., Raynal, M.: From group communication to transactions in distributed systems. Communication of the ACM 39(4), 84–87 (1996)CrossRefGoogle Scholar
  35. 35.
    Stanoi, I., Agrawal, D., El Abbadi, A.: Using broadcast primitives in replicated databases. In: Proc. of 18th IEEE Intl. Conf. on Distributed Computing System, ICDCS, pp. 148–155 (1998)Google Scholar
  36. 36.
    Tanenbaum, A.S., Kaashoek, M.F., van Renesse, R., Bal, H.E.: The amoeba distributed operating system - a status report. Computer Communications 14(6), 324–335 (1991)CrossRefGoogle Scholar
  37. 37.
    Toinard, C., Florin, G., Carrez, C.: A formal method to prove ordering properties of multicast systems. ACM Operating Systems Review 33(4), 75–89 (1999)CrossRefGoogle Scholar
  38. 38.
    Yadav, D., Butler, M.: Rigorous Design of Fault-Tolerant Transactions for Replicated Database Systems Using Event B. In: Butler, M., Jones, C.B., Romanovsky, A., Troubitsyna, E. (eds.) Rigorous Development of Complex Fault-Tolerant Systems. LNCS, vol. 4157, pp. 343–363. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Divakar Yadav
    • 1
  • Michael Butler
    • 1
  1. 1.School of Electronics and Computer ScienceUniversity of SouthamptonSouthamptonU.K.

Personalised recommendations