Mechanical Verification of a Constructive Proof for FLP

  • Benjamin Bisping
  • Paul-David Brodmann
  • Tim Jungnickel
  • Christina Rickmann
  • Henning Seidler
  • Anke Stüber
  • Arno Wilhelm-Weidner
  • Kirstin Peters
  • Uwe Nestmann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9807)

Abstract

The impossibility of distributed consensus with one faulty process is a result with important consequences for real world distributed systems e.g., commits in replicated databases. Since proofs are not immune to faults and even plausible proofs with a profound formalism can conclude wrong results, we validate the fundamental result named FLP after Fischer, Lynch and Paterson by using the interactive theorem prover Isabelle/HOL. We present a formalization of distributed systems and the aforementioned consensus problem. Our proof is based on Hagen Völzer’s paper A constructive proof for FLP. In addition to the enhanced confidence in the validity of Völzer’s proof, we contribute the missing gaps to show the correctness in Isabelle/HOL. We clarify the proof details and even prove fairness of the infinite execution that contradicts consensus. Our Isabelle formalization may serve as a starting point for similar proofs of properties of distributed systems.

Keywords

Formalization Isabelle/HOL Verification FLP Consensus Distributed systems 

References

  1. 1.
    Bertot, Y., Castéran, P.: Interactive Theorem Proving and Program Development: Coq’Art: The Calculus of Inductive Constructions. Texts in Theoretical Computer Science An EATCS Series. Springer, Heidelberg (2013)MATHGoogle Scholar
  2. 2.
    Bisping, B., Brodmann, P.D., Jungnickel, T., Rickmann, C., Seidler, H., Stüber, A., Wilhelm-Weidner, A., Peters, K., Nestmann, U.: A Constructive Proof for FLP. Archive of Formal Proofs (2016). http://isa-afp.org/entries/FLP.shtml. Formal proof development
  3. 3.
    Buckley, G.N., Silberschatz, A.: An effective implementation for the generalized input-output construct of CSP. ACM Trans. Program. Lang. Syst. (TOPLAS) 5(2), 223–235 (1983)CrossRefMATHGoogle Scholar
  4. 4.
    Constable, R.L.: Effectively Nonblocking Consensus Procedures can Execute Forever - a Constructive Version of FLP. Tech. Rep. 11513, Cornell University (2011)Google Scholar
  5. 5.
    Constable, R.L., Allen, S.F., Bromley, H.M., Cleaveland, W.R., Cremer, J.F., Harper, R.W., Howe, D.J., Knoblock, T.B., Mendler, N.P., Panangaden, P., Sasaki, J.T., Smith, S.F.: Implementig Mathematics with the Nuprl Proof Development System. Prentice-Hall, Upper Saddle River (1986)Google Scholar
  6. 6.
    Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process. J. ACM (JACM) 32(2), 374–382 (1985)MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Kammüller, F., Wenzel, M., Paulson, L.C.: Locales - a sectioning concept for Isabelle. In: Bertot, Y., Dowek, G., Hirschowitz, A., Paulin, C., Théry, L. (eds.) TPHOLs 1999. LNCS, vol. 1690, pp. 149–165. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  8. 8.
    Küfner, P., Nestmann, U., Rickmann, C.: Formal verification of distributed algorithms. In: Baeten, J.C.M., Ball, T., de Boer, F.S. (eds.) TCS 2012. LNCS, vol. 7604, pp. 209–224. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Kumar, D., Silberschatz, A.: A counter-example to an algorithm for the generalized input-output construct of CSP. Inform. Proc. Lett. 61(6), 287 (1997)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Lamport, L.: The part-time parliament. ACM Trans. Comput. Syst. (TOCS) 16(2), 133–169 (1998)CrossRefGoogle Scholar
  11. 11.
    Nipkow, T., Paulson, L.C., Wenzel, M. (eds.): Isabelle/HOL: A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002)MATHGoogle Scholar
  12. 12.
    Ongaro, D., Ousterhout, J.: In Search of an Understandable Consensus Algorithm. In: Proceedings of USENIX, pp. 305–320 (2014)Google Scholar
  13. 13.
    Völzer, H.: A constructive proof for FLP. Inform. Proc. Lett. 92(2), 83–87 (2004)MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Benjamin Bisping
    • 1
  • Paul-David Brodmann
    • 1
  • Tim Jungnickel
    • 1
  • Christina Rickmann
    • 1
  • Henning Seidler
    • 1
  • Anke Stüber
    • 1
  • Arno Wilhelm-Weidner
    • 1
  • Kirstin Peters
    • 1
  • Uwe Nestmann
    • 1
  1. 1.Technische Universität BerlinBerlinGermany

Personalised recommendations