A proof of burns N-process mutual exclusion algorithm using abstraction

Jensen, Henrik Ejersbo; Lynch, Nancy

doi:10.1007/bfb0054186

Cited by 19 publications

(13 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Cache Coherence: Following [22] we formalized and checked the described safety properties and deadlock-freedom of the following cache coherence protocols: Illinois, Berkeley, Synapse, Firefly, MESI, MOESI, and Dragon. Mutual Exclusion: We modelled and checked for deadlock-freedom and mutual exclusion Burns' [32], Dijkstra's and Szymanski's [3] algorithms as well as a formulation of Dijkstra's algorithm on a ring structure with token passing [28]. Furthermore, we check synchronization via a semaphore which is atomically aquired and by broadcasting to ensure everyone else is not in the critical section.…”

mentioning

confidence: 99%

Structural Invariants for the Verification of Systems with Parameterized Architectures

Bozga

Esparza

Iosif

et al. 2020

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

We consider parameterized concurrent systems consisting of a finite but unknown number of components, obtained by replicating a given set of finite state automata. Components communicate by executing atomic interactions whose participants update their states simultaneously. We introduce an interaction logic to specify both the type of interactions (e.g. rendez-vous, broadcast) and the topology of the system (e.g. pipeline, ring). The logic can be easily embedded in monadic second order logic of κ ≥ 1 successors (WSκS), and is therefore decidable.Proving safety properties of such a parameterized system, like deadlock freedom or mutual exclusion, requires to infer an inductive invariant that contains all reachable states of all system instances, and no unsafe state. We present a method to automatically synthesize inductive invariants directly from the formula describing the interactions, without costly fixed point iterations. We experimentally prove that this invariant is strong enough to verify safety properties of a large number of systems including textbook examples (dining philosophers, synchronization schemes), classical mutual exclusion algorithms, cache-coherence protocols and self-stabilization algorithms, for an arbitrary number of components. arXiv:2002.07672v1 [cs.DC] 18 Feb 2020correctness for at most c processes implies correctness for any number of processes [16,25,24,7,31]. Other methods identify systems with well-structured transition relations [29,1,27]. An exhaustive chart of decidability results for verification of parameterized systems is drawn in [12]. When decidability is not of concern, over-approximating and semi-algorithmic techniques such as regular model checking [33,2], SMT-based bounded model checking [4,19], abstraction [10,14] and automata learning [17] can be used to deal with more general classes of systems.The efficiency of a verification method crucially relies on its ability to synthesize an inductive safety invariant, i.e., an infinite set of configurations that contains the initial configurations, is closed under the transition relation, and excludes the error configurations. In general, automatically synthesizing invariants requires computationally expensive fixpoint iterations [20]. In the particular case of parameterized systems, invariants can be either global, relating the local states of all processes [21], or modular, relating the local states of a few processes whose identity is irrelevant [35,18]. Our Contributions. The novelty of the approach described in this paper is three-fold:1. The architecture of the system is not fixed a priori, but given as a parameter of the verification problem. In fact, we describe parameterized systems using the Behavior-Interaction-Priorities (BIP) framework [9], in which processes are instances of finite-state component types, whose interfaces are sets of ports, labeling transitions between local states, and interactions are sets of strongly synchronizing ports, described by formulae of an interaction logic. An interaction formula captur...

show abstract

mentioning

confidence: 99%

Structural Invariants for the Verification of Systems with Parameterized Architectures

Bozga

Esparza

Iosif

et al. 2020

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

show abstract

“…In these frameworks, correctness is typically shown with a proof assistant, while model checking is used as a debugger on small instances. Parameterized model checking is not a concern there, except one notable result [32].…”

Section: Discussion and Related Workmentioning

confidence: 99%

Para $$^2$$ 2 : parameterized path reduction, acceleration, and SMT for reachability in threshold-guarded distributed algorithms

Konnov

Lazić

Veith

et al. 2017

Form Methods Syst Des

View full text Add to dashboard Cite

Automatic verification of threshold-based fault-tolerant distributed algorithms (FTDA) is challenging: FTDAs have multiple parameters that are restricted by arithmetic conditions, the number of processes and faults is parameterized, and the algorithm code is parameterized due to conditions counting the number of received messages. Recently, we introduced a technique that first applies data and counter abstraction and then runs bounded model checking (BMC). Given an FTDA, our technique computes an upper bound on the diameter of the system. This makes BMC complete for reachability properties: it always finds a counterexample, if there is an actual error. To verify state-of-the-art FTDAs, further improvement is needed. In contrast to encoding bounded executions of a counter system over an abstract finite domain in SAT, in this paper, we encode bounded executions over integer counters in SMT. In addition, we introduce a new form of reduction that exploits acceleration and the structure of the FTDAs. This aggressively prunes the execution space to be explored by the solver. In this way, we verified safety of seven FTDAs that were out of reach before.

show abstract

“…Burns algorithm [22], [25, p. 294] guarantees exclusive access to a critical section for a set of n identical processes. Each process p can be in one of six different location states (i.e.…”

Section: Parameterized Burns Algorithmmentioning

confidence: 99%

Decidability of Invariant Validation for Paramaterized Systems

Fontaine

Gribomont

2003

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

The control part of many concurrent and distributed programs reduces to a set Π = {p1, . . . , pn} of symmetric processes containing mainly assignments and tests on Boolean variables. However, the assignments, the guards and the program invariants can be Π-quantified, so the corresponding verification conditions also involve Π-quantifications. We propose a systematic procedure allowing the elimination of such quantifications for a large class of program invariants. At the core of this procedure is a variant of the Herbrand Theorem for many-sorted first-order logic with equality.

show abstract

A proof of burns N-process mutual exclusion algorithm using abstraction

Cited by 19 publications

References 16 publications

Structural Invariants for the Verification of Systems with Parameterized Architectures

Structural Invariants for the Verification of Systems with Parameterized Architectures

Para $$^2$$ 2 : parameterized path reduction, acceleration, and SMT for reachability in threshold-guarded distributed algorithms

Decidability of Invariant Validation for Paramaterized Systems

Contact Info

Product

Resources

About