Simulations between specifications of distributed systems

  • Bengt Jonsson
Selected Presentations
Part of the Lecture Notes in Computer Science book series (LNCS, volume 527)


In the stepwise development of a distributed system, the problem arises of verifying that a specification at a lower level of abstraction correctly implements a specification at a higher level of abstraction. Forward and backward simulation have been proposed as verification techniques for this problem. In this paper, we study forward and backward simulation in a framework where specifications are given as labeled transition systems with fairness requirements. We aim at clarifying the connection between simulations and the auxiliary variable constructions of Abadi and Lamport. In the paper, we also relax the earlier restriction that backward simulations be finitary. For a simple specification notation, similar to the action system formalism or Unity, we furthermore present proof rules that correspond to forward and backward simulations. Finally, we relate the forward and backward simulation techniques to subset-constructions that can be used in automata theory, e.g. for deciding language containment.


Reachable State Label Transition System Concurrent Program Liveness Property Forward Simulation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AL88]
    M. Abadi and L. Lamport. The existence of refinement mappings. In Proc. 3 rd IEEE Int. Symp. on Logic in Computer Science, Edinburgh, 1988.Google Scholar
  2. [BKS88]
    R.J.R. Back and R. Kurki-Suonio. Distributed cooperation with action systems. ACM Trans. on Programming Languages and Systems, 10(4):513–554, Oct. 1988.Google Scholar
  3. [BS88]
    R.J.R. Back and K. Sere. Stepwise refinement of parallel algorithms. Technical Report A. 64, Åbo Akademi, Dept. of Computer Science and Mathematics, 1988.Google Scholar
  4. [CM88]
    K.M. Chandy and J. Misra. Parallel Program Design: A Foundation. Addison-Wesley, 1988.Google Scholar
  5. [dNV90]
    R. de Nicola and F.W. Vaandrager. Three logics for branching bisimulation. In Proc. 5 th IEEE Int. Symp. on Logic in Computer Science, pages 118–129, 1990.Google Scholar
  6. [Ger90]
    R. Gerth. Foundations of compositional program refinement — safety properties. Volume 430 of Lecture Notes in Computer Science, pages 777–808. Springer Verlag, 1990.Google Scholar
  7. [HJS87]
    C.A.R. Hoare, H. Jifeng, and J.W. Sanders. Prespecification in data refinement. Information Processing Letters, 25:71–76, 1987.Google Scholar
  8. [Hoa72]
    C.A.R. Hoare. Proof of correctness of data representation. Acta Informatica, 1(4):271–281, 1972.Google Scholar
  9. [HU79]
    J.E. Hopcroft and J.D. Ullman. Introduction to Automata Theory, Languages, and Computation. Addison-Wesley, 1979.Google Scholar
  10. [Jif89]
    H. Jifeng. Process simulation and refinement. Formal Aspects of Computing, 1:229–241, 1989.Google Scholar
  11. [Jon87a]
    B. Jonsson. Compositional Verification of Distributed Systems. PhD thesis, Dept. of Computer Systems, Uppsala University, Sweden, Uppsala, Sweden, 1987. Available as report DoCS 87/09.Google Scholar
  12. [Jon87b]
    B. Jonsson. Modular verification of asynchronous networks. In Proc. 6 th ACM Symp. on Principles of Distributed Computing, Vancouver, Canada, pages 152–166, Vancouver, Canada, 1987. Extended Version as SICS Research Report R90010.Google Scholar
  13. [Jon90]
    B. Jonsson. On decomposing and refining specifications of distributed systems. Volume 430 of Lecture Notes in Computer Science, pages 361–385. Springer Verlag, 1990.Google Scholar
  14. [Jos88]
    M.B. Josephs. A state-based approach to communicating processes. Distributed Computing, 3:9–18, 1988.Google Scholar
  15. [KMPS91]
    A. Kleinman, Y. Moscowitz, A. Pnueli, and E. Shapiro. Communication with directed logic variables. In Proc. 18 th ACM Symp. on Principles of Programming Languages, 1991.Google Scholar
  16. [KS89]
    N. Klarlund and F.B. Schneider. Verifying safety properties using infinite-state automata. Technical Report TR 89-1039, Cornell University, Ithaca, New York, 1989.Google Scholar
  17. [Lam83]
    L. Lamport. Specifying concurrent program modules. ACM Trans. on Programming Languages and Systems, 5(2):190–222, 1983.Google Scholar
  18. [Lam89]
    L. Lamport. A simple approach to specifying concurrent systems, Communications of the ACM, 32(1):32–45, Jan. 1989.Google Scholar
  19. [LS84]
    S.S. Lam and A.U. Shankar. Protocol verfication via projections. IEEE Trans. on Software Engineering, SE-10(4):325–342, July 1984.Google Scholar
  20. [LS90]
    S.S. Lam and A.U. Shankar. Refinement and projection of relational specifications. Volume 430 of Lecture Notes in Computer Science, pages 454–486. Springer Verlag, 1990.Google Scholar
  21. [LT87]
    N.A. Lynch and M.R. Tuttle. Hierarchical correctness proofs for distributed algorithms. In Proc. 6 th ACM Symp. on Principles of Distributed Computing, Vancouver, Canada, pages 137–151, 1987.Google Scholar
  22. [Mer90]
    M. Merritt. Completeness theorems for automata. Volume 430 of Lecture Notes in Computer Science, pages 544–560. Springer Verlag, 1990.Google Scholar
  23. [Mil]
    R. Milner. An algebraic definition of simulation between programs. pages 481–489. Also as Report No. CS-205, Computer Science Department, Stanford University.Google Scholar
  24. [MP81]
    Z. Manna and A. Pnueli. The temporal framework for concurrent programs. In Boyer and Moore, editors, The Correctness Problem in Computer Science, pages 215–274. Academic Press, 1981.Google Scholar
  25. [MP84]
    Z. Manna and A. Pnueli. Adequate proof principles for invariance and liveness properties of concurrent programs. Science of Computer Programming, 4(4):257–289, 1984.Google Scholar
  26. [MP89]
    Z. Manna and A. Pnueli. The anchored version of the temporal framework. In de Bakker, de Roever, and Rozenberg, editors, Linear Time, Branching Time and Partial Order in Logics and Models for Concurrency, volume 354 of Lecture Notes in Computer Science, pages 201–284. Springer Verlag, 1989.Google Scholar
  27. [Nip86]
    T. Nipkow. Non-deterministic data types. Acta Informatica, 22:629–661, 1986.Google Scholar
  28. [Ora89]
    F. Orava. Verifying safety and deadlock properties of networks of asynchronously communicating processes. In Proc. 9 th IFIP WG6.1 Symp. on Protocol Specification, Testing, and Verification, Twente, Holland, 1989.Google Scholar
  29. [Plo81]
    G. Plotkin. A structural approach to operational semantics. Technical Report DAIMI FN-19, Computer Science Department, Aarhus University, Denmark, 1981.Google Scholar
  30. [Pnu86]
    A. Pnueli. Applications of temporal logic to the specification and verification of reactive systems: A survey of current trends. Volume 224 of Lecture Notes in Computer Science, pages 510–584. Springer Verlag, 1986.Google Scholar
  31. [Sis88]
    A.P. Sistla. On verifying that a concurrent program satisfies a non-deterministic specification. Technical Report TR 88-378.01.1, Computer and Intelligent Systems Lab. GTE Laboratories, May 1988.Google Scholar
  32. [SL83]
    A.U. Shankar and S.S. Lam. An HDLC protocol specification and its verification using image protocols. ACM Transactions on Computer Systems, 1(4):331–368, Nov. 1983.Google Scholar
  33. [Sta84]
    E.W. Stark. Foundations of a Theory of Specification for Distributed Systems. PhD thesis, Massachussetts Inst. of Technology, 1984. Available as Report No. MIT/LCS/TR-342.Google Scholar
  34. [Sta88]
    E.W. Stark. Proving entailment between conceptual state specifications. Theoretical Computer Science, 56:135–154, 1988.Google Scholar
  35. [Var87]
    M.Y. Vardi. Verification of concurrent programs: The automata theoretic framework. In Proc. 2 nd IEEE Int. Symp. on Logic in Computer Science, 1987.Google Scholar
  36. [WLL88]
    J. Lundelius Welch, L. Lamport, and N. Lynch. A lattice-structured proof technique applied to a minimum spanning tree algorithm, July 1988.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • Bengt Jonsson
    • 1
    • 2
    • 3
  1. 1.Swedish Institute of Computer ScienceStockholm
  2. 2.Dept. of Computer SystemsUppsala UniversitySweden
  3. 3.SICSKistaSweden

Personalised recommendations