Systematic testing of multicast routing protocols: analysis of forward and backward search techniques

We present a new methodology for developing systematic and automatic test generation algorithms for multipoint protocols. These algorithms attempt to synthesize network topologies and sequences of events that stress the protocol's correctness or performance. This problem can be viewed as a domain-specific search problem that suffers from the state space explosion problem. One goal of this work is to circumvent the state space explosion problem utilizing knowledge of network and fault modeling, and multipoint protocols. The two approaches investigated are based on forward and backward search techniques. We use an extended finite state machine (FSM) model of the protocol. The first algorithm uses forward search to perform reduced reachability analysis. Using domain-specific information for multicast routing over LAN, the algorithm complexity is reduced from exponential to polynomial in the number of routers. This approach, however, does not fully automate topology synthesis. The second algorithm, the fault-oriented test generation, uses backward search for topology synthesis and uses backtracking to generate event sequences instead of searching forward from initial states. Using these algorithms, we have conducted studies for correctness of the multicast routing protocol PIM.

[1]  Michel Dubois,et al.  Verification techniques for cache coherence protocols , 1997, CSUR.

[2]  Martin Peschke,et al.  Design and Validation of Computer Protocols , 2003 .

[3]  D TajibnapisWilliam A correctness proof of a topology information maintenance protocol for a distributed computer network , 1977 .

[4]  J. J. Garcia-Lunes-Aceves Loop-free routing using diffusing computations , 1993 .

[5]  Brent Hailpern,et al.  A Simple Protocol Whose Proof Isn't , 1985, IEEE Trans. Commun..

[6]  Deborah Estrin,et al.  Protocol independent multicast-dense mode (pim-dm): protocol specification , 1996 .

[7]  J. Michael Spivey,et al.  Understanding Z : A specification language and its formal semantics , 1985, Cambridge tracts in theoretical computer science.

[8]  Tony Ballardie,et al.  Core based trees , 1993 .

[9]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[10]  Leslie Lamport,et al.  The temporal logic of actions , 1994, TOPL.

[11]  M. A. S. Smith Formal Verification of Communication Protocols , 1996, FORTE.

[12]  Ming T. Liu,et al.  Protocol verification using reachability analysis: the state space explosion problem and relief strategies , 1987, Computer Communication Review.

[13]  David Lee,et al.  Testing finite state machines , 1991, STOC '91.

[14]  William D. Tajibnapis,et al.  A correctness proof of a topology information maintenance protocol for a distributed computer network , 1977, CACM.

[15]  Victor Klee,et al.  Combinatorial Optimization: What is the State of the Art , 1980, Math. Oper. Res..

[16]  Patrice Godefroid,et al.  Using Partial Orders to Improve Automatic Verification Methods , 1990, CAV.

[17]  Vern Paxson,et al.  End-to-end routing behavior in the Internet , 1996, TNET.

[18]  V. Paxson End-to-end routing behavior in the internet , 2006, CCRV.

[19]  Michael Merritt,et al.  Time-Constrained Automata (Extended Abstract) , 1991, CONCUR.

[20]  Hon Fung Li,et al.  Using Partial-Order Semantics to Avoid the State Explosion Problem in Asynchronous Systems , 1990, CAV.

[21]  Najmi T. Jarwala,et al.  Built-In Self-Test: Assuring System Integrity , 1996, Computer.

[22]  Deborah Estrin,et al.  Systematic Performance Evaluation of Multipoint Protocols , 2000, FORTE.

[23]  DuboisMichel,et al.  Verification techniques for cache coherence protocols , 1997 .

[24]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[25]  Patrice Godefroid Using Partial Orders to Improve Automatic Verification Methods , 1990, CAV.

[26]  Robert S. Boyer,et al.  A computational logic handbook , 1979, Perspectives in computing.

[27]  Jeffrey M. Jaffe,et al.  A Responsive Distributed Routing Algorithm for Computer Networks , 1982, ICDCS.

[28]  Deborah Estrin,et al.  Performance Evaluation of Multipoint Protocols Using Systematic Scenario Synthesis: A Case Study for , 2000 .

[29]  I. Ahmad,et al.  Recovery Approach to the Design of Stabilizing Communication Protocols , 1995, Comput. Commun..

[30]  J. J. Garcia-Luna-Aceves,et al.  Loop-free routing using diffusing computations , 1993, TNET.

[31]  Edmund M. Clarke,et al.  Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[32]  Vern Paxson,et al.  End-to-end Internet packet dynamics , 1997, SIGCOMM '97.

[33]  Stephen J. Garland,et al.  A Guide to LP, The Larch Prover , 1991 .

[34]  Gruia-Catalin Roman,et al.  Assertional reasoning about pairwise transient interactions in mobile computing , 1996, Proceedings of IEEE 18th International Conference on Software Engineering.

[35]  Natarajan Shankar,et al.  Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS , 1995, IEEE Trans. Software Eng..

[36]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[37]  Jean-Pierre Banâtre,et al.  Parallel Program Design , 1991, Research Directions in High-Level Parallel Programming Languages.

[38]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[39]  Stephen E. Deering,et al.  Distance Vector Multicast Routing Protocol , 1988, RFC.

[40]  Ming-Syan Chen,et al.  Performance Analysis of Distributed Routing Strategies Free of Ping-Pong-Type Looping , 1987, IEEE Transactions on Computers.

[41]  David Thaler,et al.  Protocol Independent Multicast-Sparse Mode (PIM-SM): Protocol Specification , 1997, RFC.

[42]  Melvin A. Breuer,et al.  Digital systems testing and testable design , 1990 .

[43]  Adrian Segall,et al.  A Failsafe Distributed Routing Protocol , 1979, IEEE Trans. Commun..

[45]  Ming T. Liu,et al.  Protocol verification using reachability analysis: the state space explosion problem and relief strategies , 1987, SIGCOMM '87.

[46]  Mark Handley,et al.  Protocol Independent Multicast{Sparse Mode (PIM-SM): Motivation and Architecture , 1997 .