1 IOA: Mathematical Models  Distributed Programs Nancy Lynch November 15, 2000 Collaborators: Steve Garland, Josh Tauber, Anna Chefter, Antonio Ramirez,

Slides:

Advertisements

Similar presentations

Formal Methods in Software Engineering

Advertisements

Semantics Static semantics Dynamic semantics attribute grammars

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Lecture 8: Asynchronous Network Algorithms

Presenter: PCLee VLSI Design, Automatic and Test, (VLSI-TSA-DAT).

Termination Detection of Diffusing Computations Chapter 19 Distributed Algorithms by Nancy Lynch Presented by Jamie Payton Oct. 3, 2003.

Background information Formal verification methods based on theorem proving techniques and modelchecking –to prove the absence of errors (in the formal.

Modeling and Analyzing Security Protocols using I/O Automata Nancy Lynch, MIT CSAIL DIMACS Security Workshop June 7, 2004.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.

1 Linear Bounded Automata LBAs. 2 Linear Bounded Automata are like Turing Machines with a restriction: The working space of the tape is the space of the.

Component-Level Design

An Introduction to Input/Output Automata Qihua Wang.

Architecture-driven Modeling and Analysis By David Garlan and Bradley Schmerl Presented by Charita Feldman.

Conformance Simulation Relation ( ) Let and be two automata over the same alphabet simulates () if there exists a simulation relation such that Note that.

1 An Inheritance-Based Technique for Building Simulation Proofs Incrementally Idit Keidar, Roger Khazan, Nancy Lynch, Alex Shvartsman MIT Lab for Computer.

Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.

System-Level Types for Component-Based Design Paper by: Edward A. Lee and Yuhong Xiong Presentation by: Dan Patterson.

© 2008 IBM Corporation Behavioral Models for Software Development Andrei Kirshin, Dolev Dotan, Alan Hartman January 2008.

Chapter 8 Asynchronous System Model by Mikhail Nesterenko “Distributed Algorithms” by Nancy A. Lynch.

Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.

An Introduction Chapter Chapter 1 Introduction2 Computer Systems  Programmable machines  Hardware + Software (program) HardwareProgram.

Implementation Yaodong Bi. Introduction to Implementation Purposes of Implementation – Plan the system integrations required in each iteration – Distribute.

Modeling Process CSCE 668Set 14: Simulations 2 May be several algorithms (processes) runs on each processor to simulate the desired communication system.

Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.

Lecture #12 Distributed Algorithms (I) CS492 Special Topics in Computer Science: Distributed Algorithms and Systems.

Mathematical Modeling and Formal Specification Languages CIS 376 Bruce R. Maxim UM-Dearborn.

CST320 - Lec 11 Why study compilers? n n Ties lots of things you know together: –Theory (finite automata, grammars) –Data structures –Modularization –Utilization.

BY Lecturer: Aisha Dawood.  an algorithm is any well-defined computational procedure that takes some value, or set of values, as input and produces.

Modeling Shari L. Pfleeger and Joanne M. Atlee, Software Engineering: Theory and Practice, 4 th edition, Prentice Hall, Hans Van Vliet, Software.

Unit-1 Introduction Prepared by: Prof. Harish I Rathod

UHD::3320::CH121 DESIGN PHASE Chapter 12. UHD::3320::CH122 Design Phase Two Aspects –Actions which operate on data –Data on which actions operate Two.

Lyra – A service-oriented and component-based method for the development of communicating systems (by Sari Leppänen, Nokia/NRC) Traditionally, the design,

Timed I/O Automata: A Mathematical Framework for Modeling and Analyzing Real-Time Systems Frits Vaandrager, University of Nijmegen joint work with Dilsun.

6.852: Distributed Algorithms Spring, 2008 Class 13.

Natallia Kokash (Accepted for PACO’2011) ACG, 31/05/ Input-output conformance testing for channel-based connectors 1.

Programming Languages and Design Lecture 3 Semantic Specifications of Programming Languages Instructor: Li Ma Department of Computer Science Texas Southern.

1 Modeling and Analyzing Distributed Systems Using I/O Automata Nancy Lynch, MIT Draper Laboratory, IR&D Mid-Year Meeting December 11, 2002.

1 CSCD 326 Data Structures I Software Design. 2 The Software Life Cycle 1. Specification 2. Design 3. Risk Analysis 4. Verification 5. Coding 6. Testing.

ECSE Software Engineering 1I HO 4 © HY 2012 Lecture 4 Formal Methods A Library System Specification (Continued) From Specification to Design.

ECE/CS 584: Hybrid Automaton Modeling Framework Invariance, Abstractions, Simulation Lecture 04 Sayan Mitra.

Algorithms 1.Notion of an algorithm 2.Properties of an algorithm 3.The GCD algorithm 4.Correctness of the GCD algorithm 5.Termination of the GCD algorithm.

1 IOA: Distributed Algorithms  Distributed Programs Nancy Lynch PODC 2000 Collaborators: Steve Garland, Josh Tauber, Anna Chefter, Antonio Ramirez, Michael.

1 Theory of Distributed Systems (TDS) Group Leaders: Nancy Lynch, Idit Keidar PhD students: Victor Luchangco, Josh Tauber, Roger Khazan, Carl Livadas,

1 Linear Bounded Automata LBAs. 2 Linear Bounded Automata (LBAs) are the same as Turing Machines with one difference: The input string tape space is the.

Verification & Validation By: Amir Masoud Gharehbaghi

Ukrprog Formal requirement language and its applications A.Letichevsky Glushkov Institute of Cybernetics.

The Interpreter Pattern (Behavioral) ©SoftMoore ConsultingSlide 1.

Chapter 8 Asynchronous System Model by Mikhail Nesterenko “Distributed Algorithms” by Nancy A. Lynch.

Chapter 1 Software Engineering Principles. Problem analysis Requirements elicitation Software specification High- and low-level design Implementation.

1 Modeling and Analyzing Fault-Tolerant, Real-Time Communication Protocols Nancy Lynch Theory of Distributed Systems MIT Second MURI Workshop Berkeley,

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

ECE/CS 584: Verification of Embedded Computing Systems Model Checking Timed Automata Sayan Mitra Lecture 09.

September 1999Compaq Computer CorporationSlide 1 of 16 Verification of cache-coherence protocols with TLA+ Homayoon Akhiani, Damien Doligez, Paul Harter,

From Use Cases to Implementation 1. Structural and Behavioral Aspects of Collaborations  Two aspects of Collaborations Structural – specifies the static.

1 Reliable Group Communication: a Mathematical Approach Nancy Lynch Theory of Distributed Systems MIT LCS Kansai chapter, IEEE July 7, 2000 GC …

Mathematical Models and Proof/Analysis Methods for Timing-Based Systems And… Their Application to Communication, Fault-Tolerant Distributed Computing,

CSC 243 – Java Programming, Spring, 2014 Week 4, Interfaces, Derived Classes, and Abstract Classes.

Copyright 1999 G.v. Bochmann ELG 7186C ch.1 1 Course Notes ELG 7186C Formal Methods for the Development of Real-Time System Applications Gregor v. Bochmann.

From Use Cases to Implementation 1. Mapping Requirements Directly to Design and Code  For many, if not most, of our requirements it is relatively easy.

1 Compositional Design and Analysis of Timing-Based Distributed Algorithms Nancy Lynch Theory of Distributed Systems MIT Third MURI Workshop Washington,

1 Modeling and Analyzing Distributed Systems Using I/O Automata Nancy Lynch, MIT Draper Laboratory, IR&D Kickoff Meeting Aug. 30, 2002.

Chryssis Georgiou, University of Cyprus Peter Musial, VeroModo, Inc.

Programming Problem steps must be able to be fully & unambiguously described Problem types; Can be clearly described Cannot be clearly described (e.g.

IOA Code Generator (Making IOA Run)

Lecture One: Automata Theory Amjad Ali

From Use Cases to Implementation

Modeling and Analysis of Complex Computational Systems

Presentation transcript:

1 IOA: Mathematical Models  Distributed Programs Nancy Lynch November 15, 2000 Collaborators: Steve Garland, Josh Tauber, Anna Chefter, Antonio Ramirez, Michael Tsai, Chris Luhrs, Rui Fan, Laura Dean, Andrej Bogdanov I O A

2 What we want to do: See how abstract I/O automaton models of distributed algorithms and services could be used in producing and maintaining actual distributed programs.

3 Why use models? Models let you: –Build very complex things and get them right –Change things and understand the consequences –Explain clearly how things work Other engineering disciplines use them

4 But why I/O automaton models? Very simple mathematical basis for describing structure + behavior of systems of interacting components Already used for: –Distributed algorithms, impossibility results –System case studies: Group communication services (Orca, Transis, Ensemble,…) Communication protocols (TCP, T/TCP,…) Hybrid (continuous/discrete) systems (TCAS,…)...

5 What are I/O automata? Nondeterministic state machines Infinite state Input/output/internal actions Transitions, executions, traces Supports modularity: –Composition –Levels of abstraction Math model, language-independent

6 Model service specs, distributed algorithms Refine, from high level global service spec to detailed distributed algorithm Make models as nondeterministic as possible Prove correctness, using invariants, simulation relations, composition Using I/O automata

7 TO Broadcast Service Spec Signature: input: broadcast(a,p) output: receive(a,p,q) internal: order(a,p) State: queue, sequence of (a,p), initially empty for each p: pending[p], sequence of a, initially empty next[p], positive integer, initially 1 TO

8 TO Broadcast Spec Transitions : broadcast(a,p) Effect: append a to pending[p] order(a,p) Precondition: a is head of pending[p] Effect: remove head of pending[p]; append (a,p) to queue receive(a,p,q) Precondition: queue[next[q]] = (a,p) Effect: next[q] := next[q] + 1

9 IOA Language [Garland, Lynch 97] Programming/specification language for defining I/O automata Similar to pseudocode Explicitly describes : –Signature, structured state, precondition/effects –Nondeterministic choice, composition, invariants, levels of abstraction Declarative + imperative For proofs For simulation, code generation I O A

10 IOA Tools Front end: Parser, static checker, intermediate Java representation [Garland, Ramirez] Support for: –Composing models [Chefter 98] [Garland, Lynch] –Refining models, from global specification to low-level distributed algorithm model: Step correspondence [Ramirez 00]

11 IOA Tools Prototype code generator, for generating distributed code from low-level distributed algorithm models [Tauber, Tsai] Validation tools: –Simulator [Chefter 98] [Ramirez 00] Paired simulation: –Theorem-prover interfaces: PVS [Devillers], Isabelle? LP? NuPRL? [Nolte] –Automatic?

12 Code Generator Start from node models + channel models Implementing node automata: –Generate code (Java, C++) automatically –Use library of hand-written data type implementations Implementing channel automata: –Use real communication service (TCP, MPI) –Abstract channels

13 Abstract Channels Model with nodes and abstract channels (e.g., FIFO queue): Algorithm that implements abstract channel in terms of real channel (model):

14 Abstract Channels Generate Code

15 Modeling Projects Distributed spanning tree algorithms [Luhrs, Nolte] Distributed replicated data management algorithms: Lamport state machines; Attiya, Bar-Noy, Dolev, … [Dean, Karlovich, Rosen] Future: –Practical communication protocols, services –Interacting Java objects