Proving the Safety of Highly-Available Distributed Objects
Sreeja Nair,Gustavo Petri,Marc Shapiro +2 more
- pp 544-571
TLDR
This work proposes a proof methodology for establishing that a given object maintains a given invariant, taking into account any concurrency control, for the subclass of state-based distributed systems.Abstract:
To provide high availability in distributed systems, object replicas allow concurrent updates. Although replicas eventually converge, they may diverge temporarily, for instance when the network fails. This makes it difficult for the developer to reason about the object's properties , and in particular, to prove invariants over its state. For the sub-class of state-based distributed systems, we propose a proof methodology for establishing that a given object maintains a given invariant, taking into account any concurrency control. Our approach allows reasoning about individual operations separately. We demonstrate that our rules are sound, and we illustrate their use with some representative examples. We automate the rule using Boogie, an SMT-based tool.read more
Citations
More filters
Journal ArticleDOI
Verifying replicated data types with typeclass refinements in Liquid Haskell
TL;DR: This paper presents an extension to Liquid Haskell that facilitates stating and semi-automatically proving properties of typeclasses, and implements a framework for programming distributed applications based on replicated data types (RDTs).
Proceedings ArticleDOI
Abstraction for conflict-free replicated data types
Hongjin Liang,Xinyu Feng +1 more
TL;DR: The Abstract Converging Consistency (ACC) as discussed by the authors is a new correctness formulation for Conflict-Free Replicated Data Types (CRDTs) to specify both data consistency and functional correctness.
Journal ArticleDOI
MonkeyDB: effectively testing correctness under weak isolation levels
TL;DR: MonkeyDB as mentioned in this paper is a mock storage system for testing storage-backed applications under multiple isolation levels, and it uses a logical specification of the isolation level to compute, on a read operation, the set of all possible return values.
Book ChapterDOI
Hampa: Solver-Aided Recency-Aware Replication
TL;DR: This project presents a tool called Hampa, which defines coordination-avoidance conditions and the operational semantics of replicated systems that provably guarantees the three properties of integrity, convergence and recency, and characterizes the computational power and presents a protocol for recency-aware objects.
Proceedings ArticleDOI
Certified mergeable replicated data types
TL;DR: PEEPUL is implemented as an F* library that discharges proof obligations to an SMT solver and develops a replication-aware simulation relation to relate RDT specifications to their efficient purely functional implementations.
References
More filters
Journal Article
Boogie: a modular reusable verifier for object-oriented programs
TL;DR: A program verifier as discussed by the authors is a complex system that uses compiler technology, program semantics, property inference, verification-condition generation, automatic decision procedures, and a user interface, such as a graphical user interface.
Journal Article
Conflict-free Replicated Data Types
TL;DR: This paper formalises two popular approaches (state- and operation-based) and their relevant sufficient conditions and studies a number of useful CRDTs, such as sets with clean semantics, supporting both add and remove operations, and considers in depth the more complex Graph data type.
Book ChapterDOI
Conflict-free replicated data types
TL;DR: The Conflict-free Replicated Data Type (CRDT) as discussed by the authors is a data type that is guaranteed to converge in a self-stabilising manner, despite any number of failures.
Proceedings ArticleDOI
Replicated data types: specification, verification, optimality
TL;DR: This work proposes a framework for specifying replicated data types using relations over events and verifying their implementations using replication-aware simulations, and shows how to specify consistency of replicated stores with multiple objects axiomatically, in analogy to prior work on weak memory models.