Abstract
This paper presents a methodology for proving properties of distributed systems in which simulated execution assists and enhances formal proofs. It is well known that techniques such as testing can increase confidence in an implementation, but cannot by themselves demonstrate correctness. In addition to detecting simple errors quickly and to providing intuition about behavior, execution-based techniques can also reveal unexpected properties, suggest necessary lemmas, and provide information to structure proofs. This paper also describes the use of these techniques in a machine-checked proof of correctness of the Paxos algorithm for distributed consensus.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Rajeev Alur, Thomas A. Henzinger, F.Y.C. Mang, Shaz Qadeer, SriramK. Rajamani, and Serdar Tasiran. Mocha: Exploiting modularity in model checking. In Proceedings of the Tenth International Conference on Computer-aided Verification, volume 1427 of Lecture Notes in Computer Science 1427, pages 521–525, 1998.
Andrej Bogdanov. Formal verification of simulations between I/O automata. Master’s thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge, MA, 2001.
Michael Ernst, Jake Cokrell, William G. Grisworld, and David Notkin. Dynamically discovering likely program invariants to support program evolution. IEEE Transactions on Software Engineering, 27(2):1–25, 2001.
Stephen Garland and John Guttag. A guide to LP, the Larch Prover. Technical report, DEC Systems Research Center, 1991. Updated version avaliable at URL http://nms.lcs.mit.edu/Larch/LP.
John V. Guttag, James J. Horning, S. J. Garland, K. D. Jones, A. Modet, and J. M. Wing. Larch: Languages and Tools for Formal Specification. Texts and Monographs in Computer Science. Springer-Verlag, New York, 1993.
Stephen J. Garland and Nancy A. Lynch. The IOA language and toolset: Support for designing, analyzing, and building distributed systems. Technical Report MIT/LCS/TR-762, Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA, August 1998. URL http://theory.lcs.mit.edu/tds/papers/Lynch/IOA-TR-762.ps.
Yuri Gurevich, Wolfram Schulte, and Margus Veanes. Toward industrial strength abstract state machines. Technical Report MSR-TR-2001-98, Microsoft Research, 2001. URL for software http://www.research.microsoft.com/foundations/asml/.
Dilsun Kýrlý, Anna Chefter, Laura Dean, Stephen J. Garland, Nancy A. Lynch, Toh Ne Win, and Antonio Ramirez-Robredo. The IOA simulator. Technical Report MIT-LCS-TR-843, MIT Laboratory for Computer Science, July 2002.
Dilsun Kýrlý, Anna Chefter, Laura Dean, Stephen J. Garland, Nancy A. Lynch, Toh Ne Win, and Antonio Ramirez-Robredo. Simulating nondeterministic systems at multiple levels of abstraction. In Proceedings of Tools Day 2002, pages 44–59, Brno, Czech Republic, August 2002. Also available as Masaryk University Technical Report FI MU-RS-2002-05.
Leslie Lamport. The part-time parliament. ACM Transactions on Computer Systems, 16(2):133–169, May 1998.
Nancy A. Lynch and Mark R. Tuttle. An introduction to Input/Output automata. CWI-Quarterly, 2(3):219–246, September 1989.
Leslie Lamport and Yuan Yu. TLC-The TLA+ Model Checker. Compaq Systems Research Center, Palo Alto, California, 2001. URL http://research.microsoft.com/users/lamport/tla/tlc.html.
Nancy Lynch. Distributed Algorithms. Morgan Kaufmann Publishers, Inc., San Mateo, CA, March 1996.
Kenneth L. McMillan. The SMV Language. Cadence Berkeley Labs, 2001 Addison Street, Berkeley, CA 94 704, USA. URL http://www.cis.ksu.edu/santos/smv-doc/.
Jeremy W. Nimmer and Michael D. Ernst. Automatic generation of program specifications. In Proceedings of the 2002 International Symposium on Software Testing and Analysis (ISSTA), pages 232–242, Rome, Italy, July 22-24, 2002.
Roberto De Prisco, Butler Lampson, and Nancy Lynch. Fundamental study: Revisiting the Paxos algorithm. Theoretical Computer Science, 243:35–91, 2000.
Amir Pnueli, Sitvanit Ruah, and Lenore Zuck. Automatic deductive verification with invisible invariants. In Tools and Algorithms for the Analysis and Construction of Systems (TACAS), volume 2031 of LNCS, pages 82–97, Genova, Italy, April 2-6, 2001.
Jussi Rintanen. An iterative algorithm for synthesizing invariants. In Proceedings of the Seventeenth National Conference on Artificial Intelligence and Twelfth Conference on Innovative Applications of Artificial Intelligence, pages 806–811, Austin, TX, July 30-August 3, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Win, T.N., Ernst, M.D., Garland, S.J., Kýrlý, D., Lynch, N.A. (2003). Using Simulated Execution in Verifying Distributed Algorithms. In: Zuck, L.D., Attie, P.C., Cortesi, A., Mukhopadhyay, S. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2003. Lecture Notes in Computer Science, vol 2575. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36384-X_23
Download citation
DOI: https://doi.org/10.1007/3-540-36384-X_23
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00348-9
Online ISBN: 978-3-540-36384-2
eBook Packages: Springer Book Archive