Abstract
Model checking has advanced over the last decades to become an effective formal technique for verifying distributed and concurrent systems. As computers grew in memory and processing capacity, it became possible to exhaustively verify systems with billions of states, making it practical to model and verify real-world protocols and algorithms. However, writing a model is a manual task that potentially introduces defects which the model checker tool finds to fulfill the formal specification (e.g., an incorrect model that fulfills an incomplete specification). Furthermore, this kind of formal verification technique is limited by the well-known state-space explosion problem. This paper aims to provide a set of generic template models, appropriate for distributed round-based algorithms, to be used to focus modeling effort on algorithm-specific details. To mitigate state-space explosion, the paper proposes two reduction techniques, named partition symmetry reduction and message order reduction, that exploit symmetries in the state space to avoid expanding equivalent states. The reusable framework for verifying round-based algorithms and the two proposed reduction techniques provide the means for reducing by orders of magnitude the number of states required to analyze common distributed algorithms.
Similar content being viewed by others
References
Aminof, B., Rubin, S., Stoilkovska, I., Widder, J., & Zuleger, F. (2018). Parameterized model checking of synchronous distributed algorithms by abstraction. In: International Conference on Verification, Model Checking, and Abstract Interpretation, Springer, pp. 1–24.
Ben-Or, M. (1983). Another advantage of free choice (extended abstract): Completely asynchronous agreement protocols. In: Proceedings of the Second Annual ACM Symposium on Principles of Distributed Computing, Association for Computing Machinery, New York, NY, USA, PODC ’83, pp. 27–30. https://doi.org/10.1145/800221.806707
Bóna, M. (2002). A walk through combinatorics: an introduction to enumeration and graph theory. World Scientific.
Bondhugula, U., Hartono, A., Ramanujam, J., & Sadayappan, P. (2008). A practical automatic polyhedral parallelizer and locality optimizer. In: Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, Tucson, AZ, USA, pp. 101–113. https://doi.org/10.1145/1375581.1375595
Bosnacki Dragan, D. D., & Holenderski, L. (2002). Symmetric spin. International Journal on Software Tools for Technology Transfer,4, 92–106. https://doi.org/10.1007/s100090200074
Burch, J. R., Clarke, E. M., McMillan, K. L., Dill, D. L., & Hwang, L. J. (1992). Symbolic model checking: 1020 states and beyond. Information and Computation, 98(2), 142–170.
Chaouch-Saad, M., Charron-Bost, B., Merz, S. (2009). A reduction theorem for the verification of round-based distributed algorithms. In: Bournez O, Potapov I (eds) Reachability Problems, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 5797,93–106. https://doi.org/10.1007/978-3-642-04420-5-10
Charron-Bost, B., & Schiper, A. (2009). The heard-of model: computing in distributed systems with benign faults. Distributed Computing,22, 49–71. https://doi.org/10.1007/s00446-009-0084-6
Clarke, E., McMillan, K., Campos, S., Hartonas-Garmhausen, V. (1996). Symbolic model checking. In: Alur R, Henzinger T (eds) Computer Aided Verification, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 1102,419–422. https://doi.org/10.1007/3-540-61474-5-93
Clarke, E., Grumberg, O., Jha, S., Lu, Y., & Veith, H. (2000). Counterexampleguided abstraction refinement. In: Emerson E, Sistla A (eds) Computer Aided Verification, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 1855,154–169. https://doi.org/10.1007/10722167_15
Clarke, E. M., Emerson, E. A., & Sistla, A. P. (1986). Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Trans Program Lang Syst,8(2), 244–263. https://doi.org/10.1145/5397.5399
Clarke, E. M., Grumberg, O., & Long, D. E. (1994). Model checking and abstraction. ACM Trans Program Lang Syst,16(5), 15121542. https://doi.org/10.1145/800221.806707
Clarke, E. M., Biere, A., Raimi, R., & Zhu, Y. (2001). Bounded model checking using satisfiability solving. Formal Methods in System Design,19(1), 7–34. https://doi.org/10.1023/A:1011276507260
Clarke, E.M., Henzinger, T.A., Veith, H., Bloem, R. (eds) (2018). Handbook of Model Checking. Springer.
Cristian, F., & Fetzer, C. (1999). The timed asynchronous distributed system model. IEEE Transactions on Parallel and Distributed Systems,10(6), 642–657.
Dean, J., Sanjay Ghemawat, I., Google. (2004). Mapreduce: Simplified data processing on large clusters. In: Proceedings of the 6th Symposium on Operating Systems Design & Implementation (OSDI ’04), Usenix.
Eisner, C., & Peled, D. (2002). Comparing symbolic and explicit model checking of a software system. Model Checking Software, Lecture Notes in Computer Science, Springer, Berlin Heidelberg,2318, 230–239. https://doi.org/10.1007/3-540-46017-9-18
Elrad, T., & Francez, N. (1982). Decomposition of distributed programs into communication-closed layers. Science of Computer Programming,2(3), 55–173. http://www.sciencedirect.com/science/article/pii/0167642383900138
Emerson, E., & Sistla, A. (1996). Symmetry and model checking. Formal Methods in System Design,9, 105131. https://doi.org/10.1007/BF00625970
Erdős, P. (1942). On an elementary proof of some asymptotic formulas in the theory of partitions. Annals of Mathematics pp. 437–450.
Fichte, J.K., Hecher, M., & Szeider, S. (2020). A time leap challenge for sat-solving. In: Simonis H (ed) Principles and Practice of Constraint Programming- 26th International Conference, CP 2020, Louvain-la-Neuve, Belgium,September 7-11, 2020, Proceedings, Springer, Lecture Notes in Computer Science, 12333,267–285. https://doi.org/10.1007/978-3-030-58475-7
Gafni, E. (1998). Round-by-round fault detectors: Unifying synchrony and asynchrony (extended abstract). In: Coan BA, Afek Y (eds) Proceedings of the Seventeenth Annual ACM Symposium on Principles of Distributed Computing, PODC ’98, Puerto Vallarta, Mexico, ACM, 143–152. http://dl.acm.org/citation.cfm?id=277697
García-Pérez, Á., Gotsman, A., Meshman, Y., & Sergey, I. (2018). Paxos consensus, deconstructed and abstracted. European Symposium on Programming Cham: Springer, pp. 912–939.
Hardy, G. H., & Ramanujan, S. (1918). Asymptotic formulaæin combinatory analysis. Proceedings of the London Mathematical Society,2(1), 75–115.
Herlihy, M. P. (1991). Wait-free synchronization. ACM Transactions on Programming Languages and Systems,13, 124–149.
Holzmann, G. J. (2003). The SPIN Model Checker: primer and reference manual. Addison-Wesley.
Hughes, C., & Hughes, T. (2003). Parallel and Distributed Programming Using C++ (1st ed.). The address: Addison-Wesley.
Lynch, N. (1996). Distributed Algorithms. Morgan Kaufmann, San Francisco, CS. https://theory.lcs.mit.edu/tds/distalgs.html
Marić, O., Sprenger, C., & Basin, D. (2017). Cutoff bounds for consensus algorithms. In: International Conference on Computer Aided Verification, Springer, 217–237.
Minsky, M. (1961). Recursive unsolvability of post’s problem of “tag” and other topics in theory of turing machines. Annals of Mathematics,74, 437.
de Moura, L.M., & Bjørner, N. (2008). Z3: an efficient SMT solver. In: Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, Proceedings, 337–340. https://doi.org/10.1007/978-3-540-78800-3_24
Peled, D. (1994). Combining partial order reductions with on-the-y modelchecking. In: Dill D (ed) Computer Aided Verification, Lecture Notes in Computer Science, vol 818, Springer Berlin Heidelberg, 377–390. https://doi.org/10.1007/3-540-58179-0-69
Raynal, M. (2018). Consensus and interactive consistency in synchronous systems prone to process crash failures. In: Fault-Tolerant Message-Passing Distributed Systems, Springer, 173–187.
Santoro, N., & Widmayer, P. (2005). Majority and unanimity in synchronous networks with ubiquitous dynamic faults. In: Pelc A, Raynal M (eds) Structural Information and Communication Complexity, 12th International Col-loquium, SIROCCO 2005, Mont Saint-Michel, France, Proceedings, Springer, Lecture Notes in Computer Science, 3499,262–276.
Singh, G., Püschel, M., & Vechev, M.T. (2017). Fast polyhedra abstract domain. In: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017, Paris, France, 46–59. http://dl.acm.org/citation.cfm?id=3009885
Srikanth, T. K., & Toueg, S. (1987). Simulating authenticated broadcasts to derive simple fault-tolerant algorithms. Distrib Comput,2(2), 80–94. https://doi.org/10.1007/BF01667080
Tsuchiya, T., & Schiper, A. (2008). Using bounded model checking to verify consensus algorithms. In: Taubenfeld G (ed) Distributed Computing, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 5218,466–480. https://doi.org/10.1007/978-3-540-87779-0-32
Acknowledgements
This work is funded by national funds through the FCT - Foundation for Science and Technology, I.P., within the scope of project CISUC - UID/CEC/00326/2020 and by European Social Fund, through the Regional Operational Program Centro 2020, project LASIGE - UIDB/00408/2020, the AESOP project (P2020-31/SI/2017, No. 040004) and through the CMU-Portugal project CAMELOT (POCI-01-0247-FEDER-045915).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Barbosa, R., Fonseca, A. & Araujo, F. Reductions and abstractions for formal verification of distributed round-based algorithms. Software Qual J 29, 705–731 (2021). https://doi.org/10.1007/s11219-020-09539-6
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11219-020-09539-6