Towards an integrated formal method for verification of liveness properties in distributed systems: with application to population protocols
Towards an integrated formal method for verification of liveness properties in distributed systems: with application to population protocols
State-based formal methods [e.g. Event-B/RODIN (Abrial in Modeling in Event-B—system and software engineering. Cambridge University Press, Cambridge, 2010; Abrial et al. in Int J Softw Tools Technol Transf (STTT) 12(6):447–466, 2010)] for critical system development and verification are now well established, with track records including tool support and industrial applications. The focus of proof-based verification, in particular, is on safety properties. Liveness properties, which guarantee eventual, or converging computations of some requirements, are less well dealt with. Inductive reasoning about liveness is not explicitly supported. Liveness proofs are often complex and expensive, requiring high-skill levels on the part of the verification engineer. Fairness-based temporal logic approaches have been proposed to address this, e.g. TLA Lamport (ACM Trans Program Lang Syst 16(3):872–923, 1994) and that of Manna and Pnueli (Temporal verification of reactive systems—safety. Springer, New York, 1995).
We contribute to this technology need by proposing a fairness-based method integrating temporal and first-order logic, proof and tools for modelling and verification of safety and liveness properties. The method is based on an integration of Event-B and TLA. Building on our previous work (Méry and Poppleton in Integrated formal methods, 10th international conference, IFM 2013, Turku, Finland, pp 208–222, 2013. doi:10.?1007/?978-3-642-38613-8_?15), we present the method via three example population protocols Angluin et al. (Distrib Comput 18(4):235–253, 2006). These were proposed as a theoretical framework for computability reasoning about Wireless Sensor Network and Mobile Ad-Hoc Network algorithms.
Our examples present typical liveness and convergence requirements. We prove convergence results for the examples by integrated modelling and proof with Event-B/RODIN and TLA. We exploit existing proof rules, define and apply three new proof rules; soundness proofs are also provided. During the process we observe certain repeating patterns in the proofs. These are easily identified and reused because of the explicit nature of the reasoning.
refinement, formal method, distributed systems, verification, liveness, fairness
1-33
Mery, Dominique
a6f92e8a-f38a-43e6-b5a3-6782c3f33524
Poppleton, Michael
4c60e63f-188c-4636-98b9-de8a42789b1b
Mery, Dominique
a6f92e8a-f38a-43e6-b5a3-6782c3f33524
Poppleton, Michael
4c60e63f-188c-4636-98b9-de8a42789b1b
Mery, Dominique and Poppleton, Michael
(2015)
Towards an integrated formal method for verification of liveness properties in distributed systems: with application to population protocols.
Software and Systems Modeling, .
(doi:10.1007/s10270-015-0504-y).
Abstract
State-based formal methods [e.g. Event-B/RODIN (Abrial in Modeling in Event-B—system and software engineering. Cambridge University Press, Cambridge, 2010; Abrial et al. in Int J Softw Tools Technol Transf (STTT) 12(6):447–466, 2010)] for critical system development and verification are now well established, with track records including tool support and industrial applications. The focus of proof-based verification, in particular, is on safety properties. Liveness properties, which guarantee eventual, or converging computations of some requirements, are less well dealt with. Inductive reasoning about liveness is not explicitly supported. Liveness proofs are often complex and expensive, requiring high-skill levels on the part of the verification engineer. Fairness-based temporal logic approaches have been proposed to address this, e.g. TLA Lamport (ACM Trans Program Lang Syst 16(3):872–923, 1994) and that of Manna and Pnueli (Temporal verification of reactive systems—safety. Springer, New York, 1995).
We contribute to this technology need by proposing a fairness-based method integrating temporal and first-order logic, proof and tools for modelling and verification of safety and liveness properties. The method is based on an integration of Event-B and TLA. Building on our previous work (Méry and Poppleton in Integrated formal methods, 10th international conference, IFM 2013, Turku, Finland, pp 208–222, 2013. doi:10.?1007/?978-3-642-38613-8_?15), we present the method via three example population protocols Angluin et al. (Distrib Comput 18(4):235–253, 2006). These were proposed as a theoretical framework for computability reasoning about Wireless Sensor Network and Mobile Ad-Hoc Network algorithms.
Our examples present typical liveness and convergence requirements. We prove convergence results for the examples by integrated modelling and proof with Event-B/RODIN and TLA. We exploit existing proof rules, define and apply three new proof rules; soundness proofs are also provided. During the process we observe certain repeating patterns in the proofs. These are easily identified and reused because of the explicit nature of the reasoning.
Text
submission-sosym-merypopleton.pdf
- Accepted Manuscript
Restricted to Registered users only
Request a copy
More information
Accepted/In Press date: 16 October 2015
e-pub ahead of print date: 29 December 2015
Keywords:
refinement, formal method, distributed systems, verification, liveness, fairness
Organisations:
Electronic & Software Systems
Identifiers
Local EPrints ID: 387957
URI: http://eprints.soton.ac.uk/id/eprint/387957
ISSN: 1619-1366
PURE UUID: a9e7f243-df56-484b-95cd-6bee884ed9bc
Catalogue record
Date deposited: 17 Feb 2016 12:07
Last modified: 14 Mar 2024 22:49
Export record
Altmetrics
Contributors
Author:
Dominique Mery
Author:
Michael Poppleton
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics