Deadlock analysis for a fault-tolerant system

Buth, Bettina; Kouvaras, M.; Peleskã, Jan; Shi, Hui

doi:10.1007/bfb0000463

Cited by 24 publications

(15 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Details about the fault-tolerant computer system FTC have been published in [UKP98]. The technical aspects of the FTC deadlock and livelock analysis are described in [BKPS97,BPS98]. The systematic application of generic theories and their mechanised verification with the HOL theorem prover has been sketched in [BCOP98].…”

Section: Formal Methods For the International Space Stationmentioning

confidence: 99%

Applied Formal Methods – From CSP to Executable Hybrid Specifications

Peleskã

2005

Communicating Sequential Processes. The First 25 Years

Self Cite

View full text Add to dashboard Cite

Abstract. Since 1985, CSP has been applied by the author, his research team at Bremen University and verification engineers at Verified Systems International to a variety of "real-world" projects. These include the verification of high-availability database servers, of fault-tolerant computers now operable in the International Space Station, hardware-in-the-loop tests for the novel Airbus A380 aircraft controller family and conformance tests for the European Train Control System. Illustrated by examples from these projects, we highlight important aspects of the CSP language design, its semantics and tool support, and describe the impact of these features on the quality and efficiency of verification and testing. New requirements with regard to the test of hybrid control systems, the demand for executable formal specifications, as well as the ongoing discussion about the practical applicability of formal methods have led to the development of new specification formalisms. We sketch some key decisions in the formalism design and indicate how some of the fundamental properties of CSP have been adopted, while others have been deliberately discarded in these new developments.

show abstract

Section: Formal Methods For the International Space Stationmentioning

confidence: 99%

Applied Formal Methods – From CSP to Executable Hybrid Specifications

Peleskã

2005

Communicating Sequential Processes. The First 25 Years

Self Cite

View full text Add to dashboard Cite

show abstract

“…FDR [GRABR16,GRABR14] is a model checker for CSP, allowing formal verification of freedom from deadlock and livelock, process refinement and equivalence-at least, for systems of finite (and sufficiently small) size. FDR has a long and successful history of use in the analysis of complex safety-critical systems [SD04,Bar95,HC02,BKPS97,BPS99,Low96,MS07].…”

Section: Formal Verificationmentioning

confidence: 99%

The symbiosis of concurrency and verification: teaching and case studies

Pedersen

Welch

2018

Form. Asp. Comput.

View full text Add to dashboard Cite

Abstract.Concurrency is beginning to be accepted as a core knowledge area in the undergraduate CS curriculum-no longer isolated, for example, as a support mechanism in a module on operating systems or reserved as an advanced discipline for later study. Formal verification of system properties is often considered a difficult subject area, requiring significant mathematical knowledge and generally restricted to smaller systems employing sequential logic only. This paper presents materials, methods and experiences of teaching concurrency and verification as a unified subject, as early as possible in the curriculum, so that they become fundamental elements of our software engineering tool kit-to be used together every day as a matter of course. Concurrency and verification should live in symbiosis. Verification is essential for concurrent systems as testing becomes especially inadequate in the face of complex non-deterministic (and, therefore, hard to repeat) behaviours. Concurrency should simplify the expression of most scales and forms of computer system by reflecting the concurrency of the worlds in which they operate (and, therefore, have to model); simplified expression leads to simplified reasoning and, hence, verification. Our approach lets these skills be developed without requiring students to be trained in the underlying formal mathematics. Instead, we build on the work of those who have engineered that necessary mathematics into the concurrency models we use (CSP, π -calculus), the model checker (FDR) that lets us explore and verify those systems, and the programming languages/libraries (occam-π , Go, JCSP, ProcessJ) that let us design and build efficient executable systems within these models. This paper introduces a workflow methodology for the development and verification of concurrent systems; it also presents and reflects on two open-ended case studies, using this workflow, developed at the authors' two universities. Concerns analysed include safety (don't do bad things), liveness (do good things) and low probability deadlock (that testing fails to discover). The necessary technical background is given to make this paper self-contained and its work simple to reproduce and extend.

show abstract

“…that the sets T need to be non-empty and prefix-closed, 3 The semantic domain of the failure-divergence model N is not a cpo on refinement order for infinite alphabets; however it is a cms independent of the alphabet size. Another problem is that in N the semantics clauses for hiding work only under special conditions.…”

Section: Semanticsmentioning

confidence: 99%

“…8 shows the complete script to prove the stable-failure equivalence Abs =F AC (line 14) in Csp-Prover. First, a mapping is defined from the processnames of Abs to process expressions in AC (line [3][4][5] 10 . Next, it is shown that the involved recursive processes are guarded and do not use the hiding operator.…”

Section: Verification In the Context Of An Industrial Case Studymentioning

confidence: 99%

“…It has proved to be suitable at the level of requirement specification, at the level of design specifications, and also for formal refinement proofs [2]. In this context, the process algebra Csp [11,21] has successfully been applied in various areas, ranging from train control systems [5] over software for the international space station [3,4] to the verification of security protocols [23].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Generic Theorem Prover of CSP Refinement

Isobe

Roggenbach

2005

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Abstract. We describe a new tool called Csp-Prover which is an interactive theorem prover dedicated to refinement proofs within the process algebra Csp. It aims specifically at proofs for infinite state systems, which may also involve infinite non-determinism. Semantically, Csp-Prover supports both the theory of complete metric spaces as well as the theory of complete partial orders. Both these theories are implemented for infinite product spaces. Technically, Csp-Prover is based on the theorem prover Isabelle. It provides a deep encoding of Csp. The tool's architecture follows a generic approach which makes it easy to adapt it for various Csp models besides those studied here: the stable failures model F and the traces model T .

show abstract

Deadlock analysis for a fault-tolerant system

Cited by 24 publications

References 5 publications

Applied Formal Methods – From CSP to Executable Hybrid Specifications

Applied Formal Methods – From CSP to Executable Hybrid Specifications

The symbiosis of concurrency and verification: teaching and case studies

A Generic Theorem Prover of CSP Refinement

Contact Info

Product

Resources

About