Verifying Asynchronous Interactions via Communicating Session Automata

Self Cite

Session types are widely used as abstractions of asynchronous message passing systems. Refinement for such abstractions is crucial as it allows improvements of a given component without compromising its compatibility with the rest of the system. In the context of session types, the most general notion of refinement is the asynchronous session subtyping, which allows to anticipate message emissions but only under certain conditions. In particular, asynchronous session subtyping rules out candidates subtypes that occur naturally in communication protocols where, e.g., two parties simultaneously send each other a finite but unspecified amount of messages before removing them from their respective buffers. To address this shortcoming, we study fair compliance over asynchronous session types and fair refinement as the relation that preserves it. This allows us to propose a novel variant of session subtyping that leverages the notion of controllability from service contract theory and that is a sound characterisation of fair refinement. In addition, we show that both fair refinement and our novel subtyping are undecidable. We also present a sound algorithm, and its implementation, which deals with examples that feature potentially unbounded buffering.

Section: Definition 4 (Successful Configuration)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Fair Refinement for Asynchronous Session Types

Bravetti

Lange

Zavattaro

2021

Self Cite

“…Since we are code-generating the local types, the chance of misspelling is significantly reduced. Another viable option for our framework is to take the bottom-up approach: to check directly whether a set of manuallywritten Rust local types satisfy safety/liveness properties by a model checker [14] or the multiparty compatibility (a property which guarantees deadlock-freedom of communicating automata, which are equivalent to local session types) [2,11].…”

Section: Listing 2 Mpst Rust Communication Primitivesmentioning

confidence: 99%

Implementing Multiparty Session Types in Rust

Lagaillardie

Neykova

Yoshida

2020

Self Cite

Multiparty Session Types (MPST) is a typing discipline for distributed protocols, which ensures communication safety and deadlockfreedom for more than two participants. This paper reports on our research project, implementing multiparty session types in Rust. Current Rust implementations of session types are limited to binary (twoparty communications). We extend an existing library for binary session types to MPST. We have implemented a simplified Amazon Prime Video Streaming protocol using our library for both shared and distributed communication transports.

“…Multiparty compatibility. Closest to this paper is existing literature on multiparty compatibility [6,24,40,42]. The key idea, initially developed by Deniélou and Yoshida for the original MPST [23,24], is to represent (groups of) local types operationally as (systems of) communicating finite state machines (CFSM) [8].…”

Section: Related Workmentioning

confidence: 99%

“…Multiparty compatibility is a sufficient condition to guarantee safety and liveness, but not necessary: there exist safe/live systems that are not multiparty compatible. Therefore, several generalisations have been proposed to cover timed behaviour [6], undirected choice [40], and non-synchronisability [42]. The main similarities between our method in this paper and the multiparty compatibility approach are: (1) we also use an operational interpretation of local types; (2) we guarantee similar liveness/safety properties; (3) and we also neatly factor out the act of checking conformance of processes to local types (resp.…”

Section: Related Workmentioning

confidence: 99%

Exploring Type-Level Bisimilarity towards More Expressive Multiparty Session Types

Jongmans

Yoshida

2020

Self Cite

A key open problem with multiparty session types (MPST) concerns their expressiveness: current MPST have inflexible choice, no existential quantification over participants, and limited parallel composition. This precludes many real protocols to be represented by MPST. To overcome these bottlenecks of MPST, we explore a new technique using weak bisimilarity between global types and endpoint types, which guarantees deadlock-freedom and absence of protocol violations. Based on a process algebraic framework, we present well-formed conditions for global types that guarantee weak bisimilarity between a global type and its endpoint types and prove their check is decidable. Our main practical result, obtained through benchmarks, is that our well-formedness conditions can be checked orders of magnitude faster than directly checking weak bisimilarity using a state-of-the-art model checker.