skip to main content
research-article
Open Access
Artifacts Available
Artifacts Evaluated & Functional

Modularity for decidability of deductive verification with applications to distributed systems

Published:11 June 2018Publication History
Skip Abstract Section

Abstract

Proof automation can substantially increase productivity in formal verification of complex systems. However, unpredictablility of automated provers in handling quantified formulas presents a major hurdle to usability of these tools. We propose to solve this problem not by improving the provers, but by using a modular proof methodology that allows us to produce decidable verification conditions. Decidability greatly improves predictability of proof automation, resulting in a more practical verification approach. We apply this methodology to develop verified implementations of distributed protocols, demonstrating its effectiveness.

Skip Supplemental Material Section

Supplemental Material

p662-taube.webm

References

  1. Francesco Alberti, Silvio Ghilardi, and Elena Pagani. 2016. Counting Constraints in Flat Array Fragments. In Automated Reasoning. Springer, Cham, 65-81. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Alexander Bakst, Klaus von Gleissenthall, Rami Gokhan Kici, and Ranjit Jhala. 2017. Verifying distributed programs via canonical sequentialization. PACMPL 1, OOPSLA (2017), 110:1-110:27. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Josh Berdine, Cristiano Calcagno, and Peter W. O'Hearn. 2004. A Decidable Fragment of Separation Logic. In FSTTCS 2004: Foundations of Software Technology and Theoretical Computer Science, 24th International Conference, Chennai, India, December 16-18, 2004, Proceedings. 97-109. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Yves Bertot and Pierre Casteran. 2004. Interactive Theorem Proving and Program Development - Coq'Art: The Calculus of Inductive Constructions. Springer. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Roderick Bloem, Swen Jacobs, Ayrat Khalimov, Igor Konnov, Sasha Rubin, Helmut Veith, and Josef Widder. 2015. Decidability of Parameterized Verification. Morgan & Claypool Publishers. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Aaron R. Bradley, Zohar Manna, and Henny B. Sipma. 2006. What's Decidable About Arrays?. In Verification, Model Checking, and Abstract Interpretation, 7th International Conference, VMCAI 2006, Charleston, SC, USA, January 8-10, 2006, Proceedings. 427-442. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Saksham Chand, Yanhong A. Liu, and Scott D. Stoller. 2016. Formal Verification of Multi-Paxos for Distributed Consensus. In FM 2016: Formal Methods: 21st International Symposium, Limassol, Cyprus, November 9-11, 2016, Proceedings 21. Springer, 119-136.Google ScholarGoogle Scholar
  8. Kaustuv Chaudhuri, Damien Doligez, Leslie Lamport, and Stephan Merz. 2010. The TLA+Proof System: Building a Heterogeneous Verification Platform. In Proceedings of the 7th International Colloquium Conference on Theoretical Aspects of Computing (ICTAC'10). Springer-Verlag, 44-44. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Ernie Cohen, Markus Dahlweid, Mark A. Hillebrand, Dirk Leinenbach, Michal Moskal, Thomas Santen, Wolfram Schulte, and Stephan Tobies. 2009. VCC: A Practical System for Verifying Concurrent C. In Theorem Proving in Higher Order Logics, 22nd International Conference, TPHOLs 2009, Munich, Germany, August 17-20, 2009. Proceedings (Lecture Notes in Computer Science), Stefan Berghofer, Tobias Nipkow, Christian Urban, and Makarius Wenzel (Eds.), Vol. 5674. Springer, 23-42. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. CoreOS 2014. etcd: A highly-available key value store for shared configuration and service discovery. https://github.com/coreos/etcd.Google ScholarGoogle Scholar
  11. Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings (Lecture Notes in Computer Science), Vol. 4963. Springer, 337-340. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Cezara Dragoi, Thomas A. Henzinger, Helmut Veith, Josef Widder, and Damien Zufferey. 2014. A Logic-Based Framework for Verifying Consensus Algorithms. In International Conference on Verification, Model Checking, and Abstract Interpretation. Springer, 161-181. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Cezara Dragoi, Thomas A. Henzinger, and Damien Zufferey. 2016. PSync: A Partially Synchronous Language for Fault-Tolerant Distributed Algorithms. ACM SIGPLAN Notices 51, 1 (2016), 400-415. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Bruno Dutertre, Dejan Jovanovic, and Jorge A. Navas. 2018. Verification of Fault-Tolerant Protocols with Sally. In NASA Formal Methods, Aaron Dutle, Cesar Munoz, and Anthony Narkawicz (Eds.). Springer International Publishing, Cham, 113-120.Google ScholarGoogle Scholar
  15. Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, and Raymie Stata. 2002. Extended Static Checking for Java. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI '02). ACM, 234-245. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Alvaro Garcia-Perez, Alexey Gotsman, Yuri Meshman, and Ilya Sergey. 2018. Paxos Consensus, Deconstructed and Abstracted. In Programming Languages and Systems - 27th European Symposium on Programming, ESOP 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings.Google ScholarGoogle Scholar
  17. Yeting Ge and Leonardo De Moura. 2009. Complete instantiation for quantified formulas in satisfiabiliby modulo theories. In International Conference on Computer Aided Verification. Springer, 306-320. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Chris Hawblitzel, Jon Howell, Manos Kapritsos, Jacob R. Lorch, Bryan Parno, Michael L. Roberts, Srinath T. V. Setty, and Brian Zill. 2015. IronFleet: proving practical distributed systems correct. In Proceedings of the 25th Symposium on Operating Systems Principles, SOSP. 1-17. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Jesper G. Henriksen, Jakob L. Jensen, Michael E. Jurgensen, Nils Klarlund, Robert Paige, Theis Rauhe, and Anders Sandholm. 1995. Mona: Monadic Second-Order Logic in Practice. In Tools and Algorithms for Construction and Analysis of Systems, First International Workshop, TACAS. 89-110. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. C. A. R. Hoare. 1972. Proof of correctness of data representations. 1, 4 (1972), 271-281. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Daniel Jackson. 2006. Software Abstractions: Logic, Language, and Analysis. The MIT Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Gerwin Klein, June Andronick, Kevin Elphinstone, Gernot Heiser, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood. 2010. seL4: formal verification of an operating-system kernel. Commun. ACM 53, 6 (2010), 107-115. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Igor Konnov, Marijana Lazic, Helmut Veith, and Josef Widder. 2017. A Short Counterexample Property for Safety and Liveness Verification of Fault-Tolerant Distributed Algorithms. In Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL 2017). ACM, 719-734. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Igor Konnov, Helmut Veith, and Josef Widder. 2015. SMT and POR Beat Counter Abstraction: Parameterized Model Checking of Threshold-Based Distributed Algorithms. In Computer Aided Verification. Springer, Cham, 85-102.Google ScholarGoogle Scholar
  25. Igor V. Konnov, Helmut Veith, and Josef Widder. 2015. What You Always Wanted to Know About Model Checking of Fault-Tolerant Distributed Algorithms. In Perspectives of System Informatics - 10th International Andrei Ershov Informatics Conference, PSI 2015, in Memory of Helmut Veith, Kazan and Innopolis, Russia, August 24-27, 2015, Revised Selected Papers (Lecture Notes in Computer Science), Manuel Mazzara and Andrei Voronkov (Eds.), Vol. 9609. Springer, 6-21.Google ScholarGoogle Scholar
  26. Leslie Lamport. 1998. The Part-Time Parliament. ACM Trans. Comput. Syst. 16, 2 (1998), 133-169. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Leslie Lamport. 2002. Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. K Rustan M Leino. 2010. Dafny: An automatic program verifier for functional correctness. In Logic for Programming, Artificial Intelligence, and Reasoning. Springer, 348-370. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Xavier Leroy. 2009. Formal verification of a realistic compiler. Commun. ACM 52, 7 (2009), 107-115. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Harry R. Lewis. 1980. Complexity results for classes of quantificational formulas. J. Comput. System Sci. 21, 3 (1980), 317-353.Google ScholarGoogle ScholarCross RefCross Ref
  31. R. J. Lipton. 1975. Reduction: A method of proving properties of parallel programs. Commun. ACM 18, 12 (1975), 717-721. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Yanhong A. Liu, Scott D. Stoller, and Bo Lin. 2017. From Clarity to Efficiency for Distributed Algorithms. ACM Transactions on Programming Languages and Systems 39, 3 (July 2017). Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. P. Madhusudan, Gennaro Parlato, and Xiaokang Qiu. 2011. Decidable logics combining heap structures and data. In Proceedings of the 38th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2011, Austin, TX, USA, January 26-28, 2011. 611-622. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Ognjen Maric, Christoph Sprenger, and David A. Basin. 2017. Cutoff Bounds for Consensus Algorithms. In Computer Aided Verification - 29th International Conference, CAV 2017, Heidelberg, Germany, July 24- 28, 2017, Proceedings, Part II (Lecture Notes in Computer Science), Rupak Majumdar and Viktor Kuncak (Eds.), Vol. 10427. Springer, 217-237.Google ScholarGoogle Scholar
  35. Kenneth L. McMillan. 2016. Modular specification and verification of a cache-coherent interface. In 2016 Formal Methods in Computer-Aided Design, FMCAD 2016, Mountain View, CA, USA, October 3-6, 2016, Ruzica Piskac and Muralidhar Talupur (Eds.). IEEE, 109-116. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Chris Newcombe, Tim Rath, Fan Zhang, Bogdan Munteanu, Marc Brooker, and Michael Deardeuff. 2015. How Amazon web services uses formal methods. Commun. ACM 58, 4 (2015), 66-73. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Tobias Nipkow, Lawrence C. Paulson, and Markus Wenzel. 2002. Isabelle/ HOL: A Proof Assistant for Higher-Order Logic. Vol. 2283. Springer Science & Business Media. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Diego Ongaro and John K. Ousterhout. 2014. In Search of an Understandable Consensus Algorithm. In 2014 USENIX Annual Technical Conference, USENIX ATC '14, Philadelphia, PA, USA, June 19-20, 2014. 305-319. https://www.usenix.org/conference/atc14/technical-sessions/presentation/ongaro Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Oded Padon, Giuliano Losa, Mooly Sagiv, and Sharon Shoham. 2017. Paxos Made EPR: Decidable Reasoning About Distributed Protocols. Proc. ACM Program. Lang. 1, OOPSLA, Article 108 (Oct. 2017), 31 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Oded Padon, Kenneth L. McMillan, Aurojit Panda, Mooly Sagiv, and Sharon Shoham. 2016. Ivy: safety verification by interactive generalization. In Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016, Santa Barbara, CA, USA, June 13-17, 2016. 614-630. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. F. Ramsey. 1930. On a problem in formal logic. In Proc. London Math. Soc.Google ScholarGoogle ScholarCross RefCross Ref
  42. Fred B. Schneider. 1990. Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial. ACM Computing Surveys (CSUR) 22, 4 (1990), 299-319. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Ilya Sergey, James R. Wilcox, and Zachary Tatlock. 2018. Programming and proving with distributed protocols. PACMPL 2, POPL (2018), 28:1-28:30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Klaus v. Gleissenthall, Nikolaj Bjurner, and Andrey Rybalchenko. 2016. Cardinalities and Universal Quantifiers for Verifying Parameterized Systems. In Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '16). ACM, 599-613. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. James R. Wilcox, Doug Woos, Pavel Panchekha, Zachary Tatlock, Xi Wang, Michael D. Ernst, and Thomas E. Anderson. 2015. Verdi: a framework for implementing and formally verifying distributed systems. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, Portland, OR, USA, June 15-17, 2015. 357-368. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Doug Woos, James R. Wilcox, Steve Anton, Zachary Tatlock, Michael D. Ernst, and Thomas E. Anderson. 2016. Planning for change in a formal verification of the raft consensus protocol. In Proceedings of the 5th ACM SIGPLAN Conference on Certified Programs and Proofs, Saint Petersburg, FL, USA, January 20-22, 2016, Jeremy Avigad and Adam Chlipala (Eds.). ACM, 154-165. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Modularity for decidability of deductive verification with applications to distributed systems

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!