Effect of Fairness in Model Checking of Self-stabilizing programs Jingshu Chen, Fuad Abujarad and Sandeep Kulkarni.

Slides:

Advertisements

Similar presentations

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

Advertisements

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

PRESENTER: PCLee System-on-chip (SoC) designs use bus protocols for high performance data transfer among the Intellectual Property (IP) cores.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Virtual Time “Virtual Time and Global States of Distributed Systems” Friedmann Mattern, 1989 The Model: An asynchronous distributed system = a set of processes.

1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.

INTRODUCTION TO PROGRAMMING

Lecture 4: Elections, Reset Anish Arora CSE 763 Notes include material from Dr. Jeff Brumfield.

Presenter: PCLee – This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.

MATH 685/ CSI 700/ OR 682 Lecture Notes

From Self- to Snap- Stabilization Alain Cournier, Stéphane Devismes, and Vincent Villain SSS’2006, November 17-19, Dallas (USA)

Algorithms and Problem Solving-1 Algorithms and Problem Solving.

Algorithms and Problem Solving. Learn about problem solving skills Explore the algorithmic approach for problem solving Learn about algorithm development.

CS294, YelickSelf Stabilizing, p1 CS Self-Stabilizing Systems

1 Validation and Verification of Simulation Models.

Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop.

Chapter Resynchsonous Stabilizer Chapter 5.1 Resynchsonous Stabilizer Self-Stabilization Shlomi Dolev MIT Press, 2000 Draft of Jan 2004, Shlomi.

ESE601: Hybrid Systems Introduction to verification Spring 2006.

PRE-PROGRAMMING PHASE

Mathematical Induction

1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Selected topics in distributed computing Shmuel Zaks

Business Analysis and Essential Competencies

Verification and Validation Overview References: Shach, Object Oriented and Classical Software Engineering Pressman, Software Engineering: a Practitioner’s.

Fault-containment in Weakly Stabilizing Systems Anurag Dasgupta Sukumar Ghosh Xin Xiao University of Iowa.

Algorithms and Algorithm Analysis The “fun” stuff.

Sept COMP60611 Fundamentals of Parallel and Distributed Systems Lecture 15 More Advanced Program Properties: Temporal logic and jSpin John Gurd,

1 © 2002 John Urrutia. All rights reserved. Qbasic Constructing Qbasic Programs.

Fault-containment in Weakly Stabilizing Systems Anurag Dasgupta Sukumar Ghosh Xin Xiao University of Iowa.

1 Chapter 10 Synchronization Algorithms and Concurrent Programming Gadi Taubenfeld © 2014 Synchronization Algorithms and Concurrent Programming Synchronization.

The Complexity of Distributed Algorithms. Common measures Space complexity How much space is needed per process to run an algorithm? (measured in terms.

M ONTE C ARLO SIMULATION Modeling and Simulation CS

Chapter 3 Part II Describing Syntax and Semantics.

Autonomic distributed systems. 2 Think about this Human population x10 9 computer population.

Hwajung Lee. The State-transition model The set of global states = s 0 x s 1 x … x s m {s k is the set of local states of process k} S0  S1  S2  Each.

Network Protocols Network Systems Security Mort Anvari.

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

Hwajung Lee. The State-transition model The set of global states = s 0 x s 1 x … x s m {s k is the set of local states of process k} S0  S1  S2  Each.

Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.

Hwajung Lee. Why do we need these? Don’t we already know a lot about programming? Well, you need to capture the notions of atomicity, non-determinism,

CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.

Context Process0. student Data Flow Diagram Progression.

CS 542: Topics in Distributed Systems Self-Stabilization.

De-anonymizing Genomic Databases Using Phenotypic Traits Humbert et al. Proceedings on Privacy Enhancing Technologies 2015 (2) :

Fault tolerance and related issues in distributed computing Shmuel Zaks GSSI - Feb

Self-stabilization. Technique for spontaneous healing after transient failure or perturbation. Non-masking tolerance (Forward error recovery). Guarantees.

Introduction to Hardware Verification ECE 598 SV Prof. Shobha Vasudevan.

Lecture 4 Correctness and Fairness Verification and Assurance.

Program Correctness. The designer of a distributed system has the responsibility of certifying the correctness of the system before users start using.

CMPSC 16 Problem Solving with Computers I Spring 2014 Instructor: Tevfik Bultan Lecture 4: Introduction to C: Control Flow.

ITEC452 Distributed Computing Lecture 15 Self-stabilization Hwajung Lee.

Snap-Stabilizing Depth-First Search on Arbitrary Networks Alain Cournier, Stéphane Devismes, Franck Petit, and Vincent Villain OPODIS 2004, December

Sequential Equivalence Checking for Clock-Gated Circuits Hamid Savoj Robert Brayton Niklas Een Alan Mishchenko Department of EECS University of California,

Formal methods: Lecture

Model and complexity Many measures Space complexity Time complexity

Monte Carlo simulation

COT 3100, Spring 2001 Applications of Discrete Structures

Planning as model checking, (OBDDs)

Verification and Validation Overview

Self-stabilization.

Atomicity, Non-determinism, Fairness

CS60002: Distributed Systems

ITEC452 Distributed Computing Lecture 5 Program Correctness

A Snap-Stabilizing DFS with a Lower Space Requirement

Algorithms and Problem Solving

Building Valid, Credible, and Appropriately Detailed Simulation Models

COMP60621 Designing for Parallelism

Presentation transcript:

Effect of Fairness in Model Checking of Self-stabilizing programs Jingshu Chen, Fuad Abujarad and Sandeep Kulkarni

Problem Statement Related work Our approach Results Summary

To verify self-stabilizing programs by symbolic model checking stabilization: – ability of a system to converge in finite number of steps from arbitrary states to desired state. – complex algorithm Symbolic model checking: doesn’t require the designer to have considerable experience in logic reasoning.

Two actions: x0= xn -> x0=(x0+1) mod K xi!=xi-1 ->xi=x(i-1) Note that: the domain of x is [0,..,K-1] This program is known to be self- stabilizing if K>N. In subsequent discussion, we let K=N+1. p0p0 p1p1 p2p2 p3p3 pnpn pn-1 pipi x0 xn xi xi-1 pi-1

Legal state: For Process 0 either x[0]=x[n] or x[0]=(x[n]+1) mod K For i=1.. N, either x[i-1]=x[i] or x[i-1]=x[i]+1 p0p0 p1p1 p2p2 p3p3 pnpn pn-1 pipi x0 xn xi xi-1 pi-1

T’s work has demonstrate feasibility of applying symbolic model checking for verifying self-stabilizing programs. The result shows that verification is feasible only for programs with a small number of process.

Observation: - the current approach is done under weak fairness computation; - current model checker focus on weak fairness in representation of fairness. Our approach is to verify self-stabilization under unfair computation.

Verification under weak fairness Two actions: x0= xn -> x0=(x0+1) mod K xi!=xi-1->xi=x(i-1)

Verification under unfair computation

Verification Results for the K-state Program(execution time(s)) K=3K=4K=5K=6K=7K=8K=9K=10K=50 Unfair Weakly-fair (1) N/A Weakly-fair(2) N/A Approximate state space 10^110^210^310^410^510^710^810^1010^84 In spite of the improved hardware, the ability to verify self-stabilizing programs under weak fairness remains essentially the same. Scalability of verifying self-stabilization can be significantly improved for the case where the program is correct self-stabilizing without fairness.

For the case where weak fairness is essential for self-stabilization, – Decomposition – Utilizing the weak version of stabilization-weak stabilization

Verification results for Huang’s Mutual Exclusion Program n=3n=5n=7n=11n=23n=29n=31 Unfair(le) Unfair(t) Unfair(total) Weak(le)04.15N/A Weak(t) Weak(total)04.79N/A unfair Not Self-stabilization under this model Weak0.17N/A Approximate state space 10^410^1010^1710^3410^9310^12710^138

Verification Results for the K-state Program(execution time(s)) K=3K=4K=5K=6K=7K=8K=9K=10K=50 Weak stabilization Weakly-fair (1) N/A Weakly-fair(2) N/A Approximate state space 10^110^210^310^410^510^710^810^1010^84 Verification of weak stabilization is substantially more scalable. This result also validates the suggestion in Gouda’s work that weak stabilization is easier to verify than self-stabilization.

If self-stabilization is possible without fairness then cost of verifying self-stabilization is substantially lower. This is the first paper that has shown feasibility of verifying the typical self-stabilizing programs, e.g., K-state program, with large number of processes. We also identify two approaches for those cases where weak fairness is essential for self- stabilization.