Abstract
We use the Uppaal model checker for timed automata to verify the Timing-Sync time-synchronization protocol for sensor networks (TPSN), the clock-synchronization algorithm of Lenzen, Locher and Wattenhofer (LLW) for general distributed systems, and the clock-thread technique of the software monitoring with controllable overhead algorithm (SMCO). Clock-synchronization algorithms such as TPSN, LLW, and SMCO must be able to perform arithmetic on clock values to calculate clock drift and network propagation delays. They must also be able to read the value of a local clock and assign it to another local clock. Such operations are not directly supported by the theory of timed automata. To overcome this formal-modeling obstacle, we augment the Uppaal specification language with the integer clock-derived type. Integer clocks, which are essentially integer variables that are periodically incremented by a global pulse generator, greatly facilitate the encoding of the operations required to synchronize clocks as in the TPSN, LLW, and SMCO protocols. With these integer-clock-based models in hand, we use Uppaal to verify a number of key correctness properties, including network-wide time synchronization, bounded clock skew, bounded overhead skew, and absence of deadlock. We also use the Uppaal Tracer tool to illustrate how integer clocks can be used to capture clock drift and resynchronization during protocol execution.
Similar content being viewed by others
References
Alur R, Dill DL (1994) The theory of timed automata. TCS 126(2)
Dutertre B, Sorea M (2004) Modeling and verification of a fault-tolerant real-time startup protocol using calendar automata. In: FORMATS/FTRTFT, pp 199–214
Ganeriwal S, Kumar R, Srivastava MB (2003) Timing-sync protocol for sensor networks. In: Proceedings of the 1st international conference on embedded networked sensor systems (SenSys), ACM, pp 138–149
Heidarian F, Schmaltz J, Vaandrager FW (2009) Analysis of a clock synchronization protocol for wireless sensor networks. In: Cavalcanti A, Dams D (eds) FM 2009: formal methods. Lecture Notes in Computer Science, vol 5850. Springer, Berlin, pp 516–531
Henderson W, Tron S (2006) Verification of the minimum cost forwarding protocol for wireless sensor networks. In: IEEE conference on emerging technologies and factory automation, IEEE Computer Society, pp 516–531
Huang X, Seyster J, Callanan S, Dixit K, Grosu R, Smolka SA, Stoller SD, Zadok E (2011) Software monitoring with controllable overhead. Int J Softw Tools Technol Transf (accepted for publication)
Huang X, Singh A, Smolka SA (2010) Using integer clocks to verify the timing-sync sensor network protocol. In: Proceedings of NFM 2010, second NASA formal methods symposium. NASA Conference Publication, April 2010
Kusy B, Abdelwahed S (2006) FTSP protocol verification using SPIN. Technical Report ISIS-06-704, Institute for Software Integrated Systems, May 2006
Larsen KG, Pettersson P, Yi W (1997) UPPAAL in a nutshell. Int J Softw Tools Technol Transf (STTT) 1(1–2): 134–152
Lenzen C, Locher T, Wattenhofer R (2009) Tight bounds for clock synchronization. In: PODC ’09: Proceedings of the 28th ACM symposium on principles of distributed computing, ACM, pp 46–55
Maróti M, Kusy B, Simon G, Lédeczi A (2004) The flooding time synchronization protocol. In: Proceedings of the 2nd international conference on embedded networked sensor systems (SenSys), ACM, pp 39–49
Owre S, Rushby JM, Shankar N (1992) PVS: A prototype verification system. In: Kapur D (eds) 11th International conference on automated deduction (CADE) Lecture Notes in Artificial Intelligence, vol 607, Saratoga, NY, June 1992. Springer, Berlin, pp 748–752
Pike L (2007) Modeling time-triggered protocols and verifying their real-time schedules. In: Proceedings of formal methods in computer aided design (FMCAD’07), IEEE, pp 231–238
Rushby J (1999) Systematic formal verification for fault-tolerant time-triggered algorithms. IEEE Trans Softw Eng 25: 651–660
Symbolic analysis laboratory SAL http://sal.csl.sri.com/
Steiner W, Paulitsch M (2002) The transition from asynchronous to synchronous system operation: an approach for distributed fault-tolerant systems. In: Proceedings of the 22nd international conference on distributed computing systems (ICDCS’02), IEEE Computer Society, p 329
van Hoesel L, Havinga P (2004) A lightweight medium access protocol (LMAC) for wireless sensor networks: reducing preamble transmissions and transceiver state switches. In: Proceedings of 1st international workshop on networked sensing systems (INSS), pp 205–208
Wang QG, Ye Z, Cai WJ, Hang CC (2008) PID control for multivariable processes. Lecture Notes in Control and Information Sciences. Springer, Berlin, p 329
Ye F, Chen A, Lu S, Zhang L, Chen FYA (2001) A scalable solution to minimum cost forwarding in large sensor networks. In: IEEE 10th international conference on computer communications and networks, pp 304–309
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Huang, X., Singh, A. & Smolka, S.A. Using integer clocks to verify clock-synchronization protocols. Innovations Syst Softw Eng 7, 119–130 (2011). https://doi.org/10.1007/s11334-011-0152-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11334-011-0152-5