Survivability: Design, Formal Modeling, and Validation of Cloud Storage Systems Using Maude

Bobba, Rakesh B.; Grov, Jon; Gupta, Indranil; Liu, Si; Meseguer, José; Ölveczky, Peter Csaba; Skeirik, Stephen

doi:10.1002/9781119428497.ch2

Cited by 28 publications

(22 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This work is part of a long-term research effort in which we have been using Maude to both meet the challenges and exploit the opportunities of modular design and analysis for cloud-based transaction systems (see [10,28] for surveys). As part of this effort, we have formally specified in Maude and analyzed both the consistency and the performance properties of the following systems: Apache Cassandra [17], Google's Megastore [9] and its Megastore-CGC extension [15], RAMP [8], P-Store [31] Walter [34], and (in this paper and [23]) ROLA and its comparison with both Walter [34] and Jessy [6].…”

Section: Discussionmentioning

confidence: 99%

Read atomic transactions with prevention of lost updates: ROLA and its formal analysis

et al. 2019

Self Cite

View full text Add to dashboard Cite

Designers of distributed database systems face the choice between stronger consistency guarantees and better performance. A number of applications only require read atomicity (RA) (either all or none of a transaction's updates are visible to other transactions) and prevention of lost updates (PLU). Existing distributed transaction systems that meet these requirements also provide additional stronger consistency guarantees (such as causal consistency), but this comes at the price of lower performance. In this paper we propose a new distributed transaction protocol, ROLA, that targets application scenarios where only RA and PLU are needed. We formally specify ROLA in Maude. We then perform model checking to analyze both the correctness and the performance of ROLA. For correctness, we use standard model checking to analyze ROLA's satisfaction of RA and PLU. To analyze performance we: (a) perform statistical model checking to analyze key performance properties; and (b) compare these performance results with those obtained by also modeling and analyzing in Maude the well-known protocols Walter and Jessy that also guarantee RA and PLU. Our statistical model checking results show that ROLA outperforms both Walter and Jessy. guarantee PLU: the new friendship between Edinson and Neymar must not be lost. Finally, CC could be sacrificed for the sake of performance: Assume that Dani is a friend of Neymar. When Edinson becomes Neymar's friend, he sees that Dani is Neymar's friend, and therefore also becomes friend with Dani. The second friendship therefore causally depends on the first one. However, it does not seem crucial that others are aware of this causality: If Thomas sees that Edinson and Dani are friends, then it is not necessary that he knows that (this happened because) Edinson and Neymar are friends.Regarding question (b), Section 7 shows that ROLA clearly outperforms both Walter and Jessy in all performance requirements for all read/write transaction rates. For a fair comparison, we have compared the performance of ROLA with those of Jessy and Walter without their replication features.Maude-Based Formal Modeling and Analysis. In rewriting logic [26], distributed systems are specified as rewrite theories. Maude [12] is a high-performance language implementing rewriting logic and supporting various model checking analyses. To model time and performance issues, ROLA is specified in Maude as a probabilisitic rewrite theory [4,12]. ROLA's RA and PLU requirements are then analyzed by standard model checking, where we disregard time issues. To estimate ROLA's performance, and to compare it with those of Jessy and Walter, we have also specified Walter and Jessy-without their data replication features-in Maude, and have subjected the Maude models of ROLA, Walter, and Jessy to statistical model checking analysis using the PVeStA [5] tool. Main Contributions include:(1) the design, formal modeling, and model checking analysis of ROLA, a new transaction protocol having useful applications and meeting RA and PLU consistency pr...

show abstract

Section: Discussionmentioning

confidence: 99%

Read atomic transactions with prevention of lost updates: ROLA and its formal analysis

et al. 2019

Self Cite

View full text Add to dashboard Cite

show abstract

“…Only a short summary of work in this area is possible here. I refer to the survey [12], from which the summary of the work on systems (1)-(3) is drawn, for a detailed account. My summary of (4) is based on [36], and that of (5)-(6) on [31,30].…”

Section: Formal Specification and Analysis Of Cloud Storage Systemsmentioning

confidence: 99%

“…A common theme running through both of the studies that I summarize below is that cloud computing, while giving rise to new security vulnerabilities, does also offer the possibility of arriving at system designs that take advantage of cloud computing to increase system security. My summary of (1) is based on material in [16], and that of (2) on [40,12] 1. Achieving Stable Availability in the Face of DDoS Attacks.…”

Section: Some Security Aspects Of Cloud Computing Systemsmentioning

confidence: 99%

“…One important limitation of this extended abstract is that there is no room for a careful comparison with related work. Fortunately, a quite up to date such comparison has been given in the survey [12], to which I refer for a discussion of other work in this area. Two other current limitations pointing to future research directions are: (1) the absence at the moment of full verification by theorem proving for the systems that I have discussed; and (2) the current status of Maude executable specifications as prototypes useful for simulation and analysis, but not used for the moment for distributed implementations.…”

Section: Limitations and Some Future Directionsmentioning

confidence: 99%

See 1 more Smart Citation

Formal Design of Cloud Computing Systems in Maude

Meseguer

2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Cloud computing systems are complex distributed systems whose design is challenging for two main reasons: (1) since they are distributed systems, a correct design is very hard to achieve by testing alone; and (2) cloud computing applications have high availability and performance requirements; but these are hard to measure before implementation and hard to compare between different implementations. This paper summarizes our experience in using formal specification in Maude and model checking analysis to quickly explore the design space of a cloud computing system to achieve a high quality design that: (1) has verified correctness guarantees; (2) has better performance properties than other design alternatives so explored; (3) can be achieved before an actual implementation; and (4) can be used for both rapid prototyping and for automatic code generation.

show abstract

“…In addition, although cloud storage systems are not traditionally considered to be "safety-critical" systems, as more and more applications migrate to the cloud, it becomes increasingly crucial that storage systems do not lose potentially critical user data. However, as argued in, e.g., [15,4], standard system development and validation techniques are not well suited for designing data stores with high assurance that they satisfy their correctness and quality-of-service requirements: Executing and simulating new designs may require understanding and modifying large code bases; furthermore, although system executions and simulations can give an idea of the performance of a design, they cannot give any (quantified) assurance about the system performance, and they cannot be used to verify correctness properties.…”

Section: Introductionmentioning

confidence: 95%

Design and Validation of Cloud Storage Systems Using Formal Methods

Ölveczky¹

2017

Topics in Theoretical Computer Science

Self Cite

View full text Add to dashboard Cite

To deal with large amounts of data while offering high availability and throughput and low latency, cloud computing systems rely on distributed, partitioned, and replicated data stores. Such cloud storage systems are complex software artifacts that are very hard to design and analyze. Formal specification and model checking should therefore be beneficial during their design and validation. In particular, I propose rewriting logic and its accompanying Maude tools as a suitable framework for formally specifying and analyzing both the correctness and the performance of cloud storage systems. This abstract of an invited talk gives a short overview of the use of rewriting logic at the University of Illinois' Assured Cloud Computing center on industrial data stores such as Google's Megastore and Facebook/Apache's Cassandra. I also briefly summarize the experiences of the use of a different formal method for similar purposes by engineers at Amazon Web Services.

show abstract

Survivability: Design, Formal Modeling, and Validation of Cloud Storage Systems Using Maude

Cited by 28 publications

References 38 publications

Read atomic transactions with prevention of lost updates: ROLA and its formal analysis

Read atomic transactions with prevention of lost updates: ROLA and its formal analysis

Formal Design of Cloud Computing Systems in Maude

Design and Validation of Cloud Storage Systems Using Formal Methods

Contact Info

Product

Resources

About