A proof of burns N-process mutual exclusion algorithm using abstraction

  • Henrik E. Jensen
  • Nancy A. Lynch
Regular Sessions Case Studies and Experience
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1384)


Within the Input/Output Automata framework, we state and prove a general abstraction theorem giving conditions for preservation of safety properties from one automaton to another. We use our abstraction theorem to verify that Burns distributed mutual exclusion algorithm parameterized in the number of processes n satisfies the mutual exclusion property. The concrete n-process algorithm is abstracted by a simple 2-process algorithm which is property preserving with respect to the mutual exclusion property. The condition for property preservation is proved to be satisfied by use of the LP theorem prover with a minimum of user assistance, and the 2-process abstraction is automatically verified using the SPIN model checker.


Model Check Mutual Exclusion Program Counter Linear Time Temporal Logic Trace Property 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Nancy Lynch and Mark Tuttle. An Introduction to Input/Output Automata. CWI-Quarterly, 2(3)219–246, 1989.zbMATHMathSciNetGoogle Scholar
  2. 2.
    Nancy A. Lynch. Distributed Algorithms. Morgan Kaufmann Publishers, 1996.Google Scholar
  3. 3.
    S.J. Garland and J.V. Guttag. A Guide to LP, the Larch Prover. Technical Report, Research Report 82, Digital Systems Research Center, 1991.Google Scholar
  4. 4.
    Gerard Holzmann. The Design and Validation of Computer Protocols. Prentice Hall, 1991.Google Scholar
  5. 5.
    D. Dams. Abstract Interpretation and Partition Refinement for Model Checking. PhD thesis, Eindhoven University of Technology, 1996.Google Scholar
  6. 6.
    Jürgen Dingel and Thomas Filkorn. Model checking for infinite state systems using data abstraction, assumption-commitment style reasoning and theorem proving. In Proc. of CAV'95, Lecture Notes in Computer Science, volume 939, pages 54–69, 1995.Google Scholar
  7. 7.
    E.M. Clarke, O. Grumberg and D.E. Long. Model Checking and Abstraction. In Nineteenth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 1992.Google Scholar
  8. 8.
    R.P. Kurshan. Analysis of Discrete Event Coordination. In J.W. de Bakker, W.-P. de Roever, and G. Rozenberg, editors, Proceedings of the Workshop on Stepwise Refinement of Distributed Systems: Models, Formalisms, Correctness, Lecture Notes in Computer Science, volume 430, pages 414–454. Springer Verlag, 1989.Google Scholar
  9. 9.
    C. Loiseaux, S. Graf, J. Sifakis, A. Bouajjani, and S. Bensalem. Property Preserving Abstractions for the Verification of Concurrent Systems. Formal Methods in System Design, pages 6:11–44, 1995.zbMATHCrossRefGoogle Scholar
  10. 10.
    Olaf Müller and Tobias Nipkow. Combining Model Checking and Deduction for I/O-Automata. In Tools and Algorithms for the Construction and Analysis of Systems, Lecture Notes in Computer Science, volume 1019, pages 1–16. Springer Verlag, 1995.Google Scholar
  11. 11.
    Johan Bengtsson, Kim G. Larsen, Fredrik Larsson, Paul Pettersson, and Wang Yi. Uppaal — a Tool Suite for Automatic Verification of Real-Time Systems. In Proc. of the 4th DIM ACS Workshop on Verification and Control of Hybrid Systems, Lecture Notes in Computer Science, October 1995.Google Scholar
  12. 12.
    Thomas A. Henzinger, Pei-Hsin Ho, and Howard Wong-Toi. A Users Guide to HyTech. Technical Report, Department of Computer Science, Cornell University, 1995.Google Scholar
  13. 13.
    Monika R. Henzinger, Thomas A. Henzinger, and Peter W. Kopke. Computing Simulations on Finite and Infinite Graphs. In 36th Annual Symposium on Foundations of Computer Science, pages 453–462. IEEE Computer Society Press, 1995.Google Scholar
  14. 14.
    Pierre Wolper and Vincianne Lovinfosse. Verifying Properties of Large Sets of Processes with Network Invariants. International Workshop on Automatic Verification Methods for Finite State Machines, Lecture Notes in Computer Science, volume 407, 1989.Google Scholar
  15. 15.
    R.P. Kurshan and K. McMillan. A Structural Induction Theorem for Processes. In Proceedings of the 8th Annual ACM Symposium on Principles of Distributed Computing, 1989.Google Scholar
  16. 16.
    N. Lynch and M. Tuttle. Hierarchical Correctness Proofs for Distributed Algorithms. In Proc. of the 6th ACM Symposium on Principles of Distributed Computation, pages 137–151, 1987.Google Scholar
  17. 17.
    JØrgen SØgaard-Andersen, Stephen J. Garland, John V. Guttag, Nancy A. Lynch, and Anna Pogosyants. Computer-Assisted Simulation Proofs. In Costas Courcoubetis, editor, Computer-Aided Verification (5th International Conference, CAV'93, Elounda, Greece, June/July 1993), Lecture Notes in Computer Science, volume 697, pages 305–319. Springer Verlag, 1993.Google Scholar
  18. 18.
    J.V. Guttag and J.J. Horning. Larch: Languages and Tools for Formal Specification. Springer Verlag, 1993.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Henrik E. Jensen
    • 1
  • Nancy A. Lynch
    • 2
  1. 1.Department of Computer ScienceInstitute for Electronic Systems, Aalborg UniversityAalborg ØDenmark
  2. 2.Laboratory for Computer ScienceMassachusetts Institute of TechnologyCambridgeUSA

Personalised recommendations