当前位置: X-MOL 学术Sci. Comput. Program. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
An optimal cut-off algorithm for parameterised refinement checking
Science of Computer Programming ( IF 1.3 ) Pub Date : 2020-07-13 , DOI: 10.1016/j.scico.2020.102517
Antti Siirtola , Keijo Heljanko

The verification of contemporary distributed software systems is challenging, because they are heavily parameterised, containing components whose number and connections cannot be a priori fixed. In this work, we consider the multi-parameterised verification of safety properties by refinement checking in the context of labelled transition systems (LTSs). The LTSs are parameterised by using first-order constructs, sorts, variables, and predicates, while preserving compositionality. This allows us to parameterise not only the number of replicated components but also the communication topology of the system. Our approach to solving a verification task in the parameterised LTS formalism is to determine a finite cut-off set of parameter values such that in order to prove a parameterised system implementation correct with respect to its specification, it is sufficient to consider only finitely many instances of the parameterised system generated by the parameter values in the cut-off set.

In the conference version of this work, we converted the problem of determining a finite cut-off set into the unsatisfiability of a first-order formula and provided a satisfiability modulo theories (SMT)-based semi-algorithm for dynamically, i.e., iteratively, computing a cut-off set. In this article, we present a new version of the algorithm and prove that the cut-off sets computed by this new algorithm are optimal. Hence, we call the new version the optimal cut-off algorithm. The algorithm will always terminate for system topologies expressible in the fragment of first-order logic. It also enables us to consider systems with topologies beyond this fragment, but for these systems, the algorithm is not guaranteed to terminate. We have implemented the approach on top of the Z3 SMT solver and successfully applied it to several system models. As a running example, we consider the leader election phase of the generalised (Byzantine) Raft consensus algorithm and prove the optimal cut-off set of six (respectively, thirteen) parameter values corresponding to instances up to three (respectively, four) servers. To the best of our knowledge, this is the first time a Byzantine variant of the parameterised Raft leader election is automatically verified.



中文翻译:

用于参数化细化检查的最佳截止算法

现代分布式软件系统的验证具有挑战性,因为它们的参数很重,包含组件的数量和连接无法事先确定。在这项工作中,我们考虑在标记过渡系统(LTS)的上下文中通过细化检查对安全性进行多参数验证。通过使用一阶构造,排序,变量和谓词对LTS进行参数化,同时保留组成性。这使我们不仅可以参数化复制组件的数量,还可以参数化系统的通信拓扑。我们解决参数化LTS形式主义中的验证任务的方法是确定一组有限的参数值,以便证明参数化系统实现相对于其规范是正确的,

在这项工作的会议版本中,我们将确定有限截止集的问题转换为一阶公式的不满足性,并提供了基于可满足性模理论(SMT)的半算法,用于动态(即迭代地)计算截止集。在本文中,我们提出了该算法的新版本,并证明了该新算法计算出的临界值是最优的。因此,我们将新版本称为最佳截止算法。该算法将始终终止于在一阶逻辑的片段。它还使我们能够考虑具有超出此片段的拓扑的系统,但是对于这些系统,不能保证算法会终止。我们已经在Z3 SMT求解器的顶部实现了该方法,并将其成功地应用于几种系统模型。作为一个运行示例,我们考虑了通用(Byzantine)Raft共识算法的领导者选举阶段,并证明了对应于最多三个(分别为四个)服务器的实例的六个(分别为十三个)参数值的最优截止集。据我们所知,这是首次自动验证参数化木筏领袖选举的拜占庭式变体。

更新日期:2020-07-13
down
wechat
bug