Parametric Verification of a Group Membership Algorithm

We address the problem of verifying clique avoidance in the TTP protocol. TTP allows several stations embedded in a car to communicate. It has many mechanisms to ensure robustness to faults. In particular, it has an algorithm that allows a station to recognize itself as faulty and leave the communication. This algorithm must satisfy the crucial 'non-clique' property: it is impossible to have two or more disjoint groups of stations communicating exclusively with stations in their own group. In this paper, we propose an automatic verification method for an arbitrary number of stations N and a given number of faults k. We give a faithful abstraction that allows to model the algorithm by means of unbounded (parametric) counter automata. We have checked the nonclique property on this model in the case of one fault, using the ALV tool as well as the LASH tool.

[1]  Alain Finkel,et al.  FASTer Acceleration of Counter Automata in Practice , 2004, TACAS.

[2]  Javier Esparza,et al.  Reachability Analysis of Pushdown Automata: Application to Model-Checking , 1997, CONCUR.

[3]  Pierre Wolper,et al.  Symbolic Verification with Periodic Sets , 1994, CAV.

[4]  Maria Sorea,et al.  Model checking a fault-tolerant startup algorithm: from design exploration to exhaustive fault simulation , 2004, International Conference on Dependable Systems and Networks, 2004.

[5]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[6]  Hermann Kopetz,et al.  TTP - A time-triggered protocol for fault-tolerant real-time systems , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[7]  Tevfik Bultan,et al.  Action Language Verifier , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[8]  Natarajan Shankar,et al.  Abstract and Model Check While You Prove , 1999, CAV.

[9]  Bill Roscoe TTP: A case study in combining induction and data independence , 1999 .

[10]  Holger Pfeifer Formal Verification of the TTP Group Membership Algorithm , 2000, FORTE.

[11]  Karsten Stahl,et al.  Verifying Universal Properties of Parameterized Networks , 2000, FTRTFT.

[12]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[13]  KopetzHermann,et al.  TTP-A Protocol for Fault-Tolerant Real-Time Systems , 1994 .

[14]  Amir Pnueli,et al.  Symbolic Model Checking with Rich ssertional Languages , 1997, CAV.

[15]  Amir Pnueli,et al.  Liveness with (0, 1, ∞)-counter abstraction , 2002 .

[16]  Amir Pnueli,et al.  Symbolic model checking with rich assertional languages , 2001, Theor. Comput. Sci..

[17]  Ahmed Bouajjani,et al.  Symbolic Techniques for Parametric Reasoning about Counter and Clock Systems , 2000, CAV.

[18]  Shmuel Katz,et al.  Low-Overhead Time-Triggered Group Membership , 1997, WDAG.

[19]  Albert Benveniste,et al.  The synchronous approach to reactive and real-time systems , 1991 .

[20]  Pierre Wolper,et al.  Verifying Systems with Infinite but Regular State Spaces , 1998, CAV.

[21]  Ahmed Bouajjani,et al.  Symbolic Reachability Analysis of FIFO-Channel Systems with Nonregular Sets of Configurations , 1999, Theor. Comput. Sci..

[22]  Richard Gerber,et al.  Verifying systems with integer constraints and Boolean predicates: a composite approach , 1998, ISSTA '98.

[23]  Parosh Aziz Abdulla,et al.  Channel Representations in Protocol Verification , 2001, CONCUR.

[24]  Michael Paulitsch,et al.  An investigation of membership and clique avoidance in TTP/C , 2000, Proceedings 19th IEEE Symposium on Reliable Distributed Systems SRDS-2000.

[25]  Giorgio Delzanno Automatic Verification of Parameterized Cache Coherence Protocols , 2000, CAV.

[26]  Marcus Nilsson,et al.  Regular Model Checking , 2000, CAV.

[27]  Parosh Aziz Abdulla,et al.  Verification of Infinite-State Systems by Combining Abstraction and Reachability Analysis , 1999, CAV.

[28]  Parosh Aziz Abdulla,et al.  Ensuring completeness of symbolic verification methods for infinite-state systems , 2001, Theor. Comput. Sci..

[29]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[30]  Günter Grünsteidl,et al.  TTP - A Protocol for Fault-Tolerant Real-Time Systems , 1994, Computer.