A Formal Specification and Validation of a Critical System in Presence of Byzantine Errors

Gnesi, Stefania; Latella, Diego; Lenzini, Gabriele; Abbaneo, C.; Amendola, Arturo; Marmo, P.

doi:10.1007/3-540-46419-0_36

Cited by 8 publications

(3 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this area, in [32] Spin was used to validate a design based on the well-known primary backup idea. Under the FDIR approach, validation techniques have also been introduced in [15,8,19].…”

Section: Related Workmentioning

confidence: 99%

Towards Modeling and Model Checking Fault-Tolerant Distributed Algorithms

John

Konnov

Schmid

et al. 2013

Model Checking Software

View full text Add to dashboard Cite

Abstract. Fault-tolerant distributed algorithms are central for building reliable, spatially distributed systems. In order to ensure that these algorithms actually make systems more reliable, we must ensure that these algorithms are actually correct. Unfortunately, model checking state-ofthe-art fault-tolerant distributed algorithms (such as Paxos) is currently out of reach except for very small systems. In order to be eventually able to automatically verify such fault-tolerant distributed algorithms also in larger systems, several problems have to be addressed. In this paper, we consider modeling and verification of fault-tolerant algorithms that basically only contain threshold guards to control the flow of the algorithm. As threshold guards are widely used in fault-tolerant distributed algorithms (and also in Paxos) efficient methods to handle them bring us closer to the above mentioned goal. As case study we use the reliable broadcasting algorithm by Srikanth and Toueg that tolerates even Byzantine faults. We show how one can model this basic fault-tolerant distributed algorithm in Promela such that safety and liveness properties can be efficiently verified in Spin. We provide experimental data also for other distributed algorithms.

show abstract

Section: Related Workmentioning

confidence: 99%

Towards Modeling and Model Checking Fault-Tolerant Distributed Algorithms

John

Konnov

Schmid

et al. 2013

Model Checking Software

View full text Add to dashboard Cite

show abstract

“…To overcome this last problem we needed to design ad hoc abstraction strategies. All these formalization issues can be found in a companion paper [10].…”

Section: Discussionmentioning

confidence: 99%

“…The project consisted of two distinct parts: (a) designing a formal model of a critical control system; (b) verifying specific safety properties under the hypothesis of Byzantine behavior [14] of one of the system components, and verifying liveness properties of a dependable communication protocol used within the system. In this paper we focus on the general structure of the formal validation effort, while particular modeling strategies can be found in [10]. Industrial choices internal to ASF induced us to use PROMELA [12] as formal language and and SPIN [13] as model checker.…”

Section: Introductionmentioning

confidence: 99%

An automatic SPIN validation of a safety critical railway control system

Gnesi¹,

Lenzini²,

Latella

et al.

Proceeding International Conference on Dependable Systems and Networks. DSN 2000

Self Cite

View full text Add to dashboard Cite

This paper describes an experiment in formal specification and validation performed in the context of an industrial joint project. The project involved an Italian company working in the field of railway engineering, Ansaldobreda Segnalamento Ferroviario, and the CNR Institutes IEI and CNUCE of Pisa. Within the project two formal models have been developed describing different aspects of a safety-critical system used in the management of mediumlarge railway networks. Validation of safety and liveness properties has been performed on both models. Safety properties have been checked primarily in presence of Byzantine faults as well as of silent faults embedded in the models themselves. Liveness properties have been more focused on a communication protocol used within the system. Properties have been specified by means of assertions or temporal logical formulae. We used PROMELA as specification language, while the verification was performed using the verification tool suite SPIN.

show abstract