60 Hits in 1.6 sec


Chris Hawblitzel, Jon Howell, Manos Kapritsos, Jacob R. Lorch, Bryan Parno, Michael L. Roberts, Srinath Setty, Brian Zill
2017 Communications of the ACM  
We describe a methodology for building practical and provably correct distributed systems based on a unique blend of temporal logic of actions-style state-machine refinement and Hoare-logic verification  ...  With our methodology and lessons learned, we aim to raise the standard for distributed systems from "tested" to "correct."  ...  Practical Distributed Systems Correct" in the 25th ACM Symposium on Operating Systems Principles (SOSP), Oct. 2015.  ... 
doi:10.1145/3068608 fatcat:tnwzkuonwvahterueljh4axakm


Chris Hawblitzel, Jon Howell, Manos Kapritsos, Jacob R. Lorch, Bryan Parno, Michael L. Roberts, Srinath Setty, Brian Zill
2015 Proceedings of the 25th Symposium on Operating Systems Principles - SOSP '15  
We describe a methodology for building practical and provably correct distributed systems based on a unique blend of TLA-style state-machine refinement and Hoare-logic verification.  ...  Distributed systems are notorious for harboring subtle bugs.  ...  System Implementation We use the IronFleet methodology to implement two practical distributed systems and prove them correct: a Paxos-based replicated state machine library and a lease-based sharded key-value  ... 
doi:10.1145/2815400.2815428 dblp:conf/sosp/HawblitzelHKLPR15 fatcat:azgftawdt5ffznqstd2zt2ljoa

An Empirical Study on the Correctness of Formally Verified Distributed Systems

Pedro Fonseca, Kaiyuan Zhang, Xi Wang, Arvind Krishnamurthy
2017 Proceedings of the Twelfth European Conference on Computer Systems - EuroSys '17  
While results are encouraging, the importance of distributed systems warrants a large scale evaluation of the results and verification practices.  ...  Recent advances in formal verification techniques enabled the implementation of distributed systems with machinechecked proofs.  ...  In addition, we are grateful to the authors of the verified systems studied for their help in analyzing our reports and clarifying our questions.  ... 
doi:10.1145/3064176.3064183 dblp:conf/eurosys/FonsecaZWK17 fatcat:oqryjfoo4zarnbregbo2gk7gzm

On the Significance of Consecutive Ballots in Paxos [article]

Eli Goldweber, Nuda Zhang, Manos Kapritsos
2020 arXiv   pre-print
To establish the correctness of these results, we, in addition to a paper proof, formally verify the correctness of a State Machine Replication Library built on top of an optimized version of Multi-Paxos  ...  We prove that this modification preserves the original safety and liveness guarantees of Paxos. We define Consecutive Paxos which encapsulates the properties of discrete consecutive ballots.  ...  The IronFleet project showed that implementations of complex distributed systems can be formally verified.  ... 
arXiv:2006.01885v1 fatcat:x45ip6xnjngc5m5ogem5f6uljq

Deductive Verification in Decidable Fragments with Ivy [chapter]

Kenneth L. McMillan, Oded Padon
2018 Lecture Notes in Computer Science  
This paper surveys the work to date on Ivy, a language and a tool for the formal specification and verification of distributed systems.  ...  Ivy supports deductive verification using automated provers, model checking, automated testing, manual theorem proving and generation of executable code.  ...  The chosen application domain is distributed systems.  ... 
doi:10.1007/978-3-319-99725-4_4 fatcat:hkqiqefpgra6jahbnk6pugvibu

Storage Systems are Distributed Systems (So Verify Them That Way!)

Travis Hance, Andrea Lattuada, Chris Hawblitzel, Jon Howell, Rob Johnson, Bryan Parno
2020 USENIX Symposium on Operating Systems Design and Implementation  
To verify distributed systems, prior work introduced a methodology for verifying both the code running on individual machines and the correctness of the overall system when those machines interact via  ...  However, distributed systems are only one instance of the more general phenomenon of systems code that interacts with an asynchronous environment.  ...  Verdi [61] uses Coq to verify distributed systems by proving the correctness of a series of "system transformers" that take a high-level protocol description running in a friendly environment and transform  ... 
dblp:conf/osdi/HanceLHHJP20 fatcat:qawfx4t6fnasfpq5lw63xyy72i

Much ADO about failures: a fault-aware model for compositional verification of strongly consistent distributed systems

Wolf Honoré, Jieung Kim, Ji-Yong Shin, Zhong Shao
2021 Proceedings of the ACM on Programming Languages (PACMPL)  
We demonstrate that proving properties even of composite distributed systems can be straightforward with our Coq verification framework, Advert, thanks to the ADO model.  ...  We propose a novel, compositional, atomic distributed object (ADO) model for strongly consistent distributed systems that combines the best of both options.  ...  INTRODUCTION It is difficult to guarantee correctness and efficiency of a distributed systems at the same time because even the simplest distributed systems employ sophisticated protocols to coordinate  ... 
doi:10.1145/3485474 fatcat:kxa7kkihifghbdx6tinp3vuxju

Mechanically Verifying the Fundamental Liveness Property of the Chord Protocol [chapter]

Jean-Paul Bodeveix, Julien Brunel, David Chemouil, Mamoun Filali
2019 Lecture Notes in Computer Science  
Chord is a protocol providing a scalable distributed hash table over an underlying peer-to-peer network. It is very popular due to its simplicity, performance and claimed correctness.  ...  Additionally, the correctness property amounts to a form of stabilization, a particular kind of liveness property.  ...  Verdi [19] and IronFleet [6] address the question of provably-correct implementations of distributed protocols while our approach is markedly at a more abstract level, in particular to favor proof  ... 
doi:10.1007/978-3-030-30942-8_5 fatcat:5huzehjqivdo5pnifiluer4ok4

Velisarios: Byzantine Fault-Tolerant Protocols Powered by Coq [chapter]

Vincent Rahli, Ivana Vukotic, Marcus Völp, Paulo Esteves-Verissimo
2018 Lecture Notes in Computer Science  
Ideally, we should guarantee the correctness and security of such replicated and distributed, hardened systems to the highest standards known to mankind today.  ...  systems.  ...  Correct Behavior. To prove properties about distributed systems, one only reasons about processes that have a correct behavior.  ... 
doi:10.1007/978-3-319-89884-1_22 fatcat:megombf5b5fuxnjkh4ff5xvnia

Ovid: A Software-Defined Distributed Systems Framework to support Consistency and Change

Deniz Altinbüken, Robbert van Renesse
2016 IEEE Data Engineering Bulletin  
In practice, organic growth often makes distributed systems increasingly more complex and unmanageable.  ...  Refinement mappings prove that transformed systems implement the specification.  ...  IronFleet employs a language and program verification toolchain Dafny [16] that automates verification and it enables proving safety and liveness properties for a given distributed system.  ... 
dblp:journals/debu/AltinbukenR16 fatcat:zvb6j7rdxfcahpcqgpttxntguy

Planning for change in a formal verification of the raft consensus protocol

Doug Woos, James R. Wilcox, Steve Anton, Zachary Tatlock, Michael D. Ernst, Thomas Anderson
2016 Proceedings of the 5th ACM SIGPLAN Conference on Certified Programs and Proofs - CPP 2016  
We present the first formal verification of state machine safety for the Raft consensus protocol, a critical component of many distributed systems.  ...  This proof required iteratively discovering and proving 90 system invariants. Our verified implementation is extracted to OCaml and runs on real networks.  ...  This approach enables building practical distributed systems and proving both safety and, unlike our Raft proof in Verdi, liveness properties.  ... 
doi:10.1145/2854065.2854081 dblp:conf/cpp/WoosWATEA16 fatcat:76ddfebqyng4zm64bzoyhhugzq

Verified Learning Without Regret [chapter]

Samuel Merten, Alexander Bagnall, Gordon Stewart
2018 Lecture Notes in Computer Science  
In this paper, we put such results to practice by building distributed systems such as routers and load balancers with performance and convergence guarantees mechanically verified in Coq.  ...  Composing (1) with (2) within Coq yields a new strategy for building distributed systems with mechanically verified complexity guarantees on the time to convergence to near-optimal system configurations  ...  IronFleet [18] is a framework and methodology for building verified distributed systems using a mix of TLA-style state machine refinement, Hoare logic, and automated theorem proving.  ... 
doi:10.1007/978-3-319-89884-1_20 fatcat:6pho44zuiresxo5r7zknir5bea

Programming and proving with distributed protocols

Ilya Sergey, James R. Wilcox, Zachary Tatlock
2017 Proceedings of the ACM on Programming Languages  
Distributed systems play a crucial role in modern infrastructure, but are notoriously difficult to implement correctly.  ...  By virtue of the substitution principle and frame rule provided by Disel's logic, system components can be composed leading to modular, reusable verified distributed systems.  ...  IronFleet [16] supports proving liveness in addition to safety, all embedded in Dafny [30] . IronFleet focuses on layered verification of standalone monolithic systems.  ... 
doi:10.1145/3158116 dblp:journals/pacmpl/SergeyWT18 fatcat:ovmthxsmjvc3fbmcjnlxmj6y2u

A Formally Verified Protocol for Log Replication with Byzantine Fault Tolerance [article]

Joel Wanner and Laurent Chuat and Adrian Perrig
2020 arXiv   pre-print
It is simple yet practical, as it can accommodate the workload of a logging system such as Certificate Transparency. We show that it is optimal in terms of both required rounds and tolerable faults.  ...  Our protocol allows each node to propose entries in a parallel subroutine, and guarantees that correct nodes agree on the set of all proposed entries, without leader election.  ...  In a breakthrough effort, the IronFleet project [10] fully verified a Paxosbased distributed system and its implementation using the Dafny verifier.  ... 
arXiv:2009.10664v1 fatcat:y3vtcqj2dvelpecpvcr6634ca4

Moderately Complex Paxos Made Simple: High-Level Executable Specification of Distributed Algorithms [article]

Yanhong A. Liu, Saksham Chand, Scott D. Stoller
2019 arXiv   pre-print
This paper describes the application of a high-level language and method in developing simpler specifications of more complex variants of the Paxos algorithm for distributed consensus.  ...  We show the following results: 1.English and pseudocode descriptions of distributed algorithms can be captured completely and precisely at a high level, without adding, removing, or reformulating algorithm  ...  We thank hundreds of students in distributed algorithms and distributed systems courses and projects for extending, developing variants of, testing, evaluating, and model checking our executable specifications  ... 
arXiv:1704.00082v4 fatcat:bgxu4vaprva3tj2pehtrq4fkbi
« Previous Showing results 1 — 15 out of 60 results