This paper presents a technique for the verification of "full" distributed computing systems, building on the CLI stack which addresses verification of a layered sequential system. This paper also presents the application of our technique to the verification of a distributed system of three layers: a small high-level distributed programming language (microSR); a multiple processor architecture consisting of an instruction set and system calls; and a network interface. MicroSR programs are implemented by a compiler from microSR to the multiprocessor layer. System calls (for interprocess message passing) are implemented by network services. This work demonstrates that the correctness of a distributed program, most notably its interprocess communication, is verifiable through layers that guarantee the correctness of the compiled code that makes reference to operating system calls, of the operating system calls in terms of network calls, and of the network calls in terms of network transmission steps. The Cambridge HOL system is used for the specification and the proofs.
[1]
K. Mani Chandy,et al.
Parallel program design - a foundation
,
1988
.
[2]
Gregory R. Andrews,et al.
The SR programming language: concurrency in practice
,
1993
.
[3]
M. Gordon,et al.
Introduction to HOL: a theorem proving environment for higher order logic
,
1993
.
[4]
Paul Curzon.
Deriving correctness properties of compiled code
,
1992,
TPHOLs.
[5]
Phillip J. Windley,et al.
A Theory of Generic Interpreters
,
1993,
CHARME.
[6]
Martín Abadi,et al.
The existence of refinement mappings
,
1988,
[1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.
[7]
A. Udaya Shankar,et al.
An introduction to assertional reasoning for concurrent systems
,
1993,
CSUR.