Generating Correct-by-Construction Distributed Implementations from Formal Maude Designs

Developing a reliable distributed system meeting desired performance requirements is a hard and labor-intensive task. Formal specification and analysis of a system design can yield correct designs as well as reliable performance predictions. In this paper we present a correct-by-construction automatic transformation mapping such a verified formal specification of a system design in Maude to a distributed implementation satisfying the same safety and liveness properties. Two case studies applying this transformation to state-of-the-art distributed transaction systems show that high-quality implementations with acceptable performance and meeting performance predictions can be automatically generated. In this way, formal models of distributed systems analyzed within the same formal framework for both logical and performance properties are automatically transformed into correct-by-construction implementations for which similar performance trends can be shown.

[1]  Yves Bertot,et al.  Interactive Theorem Proving and Program Development: Coq'Art The Calculus of Inductive Constructions , 2010 .

[2]  Stephan Merz,et al.  Model Checking , 2000 .

[3]  Rance Cleaveland,et al.  Implementing mathematics with the Nuprl proof development system , 1986 .

[4]  José Meseguer,et al.  A Constructor-Based Reachability Logic for Rewrite Theories , 2017, LOPSTR.

[5]  Panagiotis Manolios A Compositional Theory of Refinement for Branching Time , 2003, CHARME.

[6]  Peter Csaba Ölveczky,et al.  Read atomic transactions with prevention of lost updates: ROLA and its formal analysis , 2019, Formal Aspects of Computing.

[7]  Peter Csaba Ölveczky,et al.  Automatic Analysis of Consistency Properties of Distributed Transaction Systems in Maude , 2019, TACAS.

[8]  José Meseguer,et al.  Conditioned Rewriting Logic as a United Model of Concurrency , 1992, Theor. Comput. Sci..

[9]  Ilya Sergey,et al.  Programming and proving with distributed protocols , 2017, Proc. ACM Program. Lang..

[10]  Irving L. Traiger,et al.  The notions of consistency and predicate locks in a database system , 1976, CACM.

[11]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[12]  Ran Canetti,et al.  Task-structured probabilistic I/O automata , 2006, J. Comput. Syst. Sci..

[13]  Michael Stonebraker,et al.  An Evaluation of Distributed Concurrency Control , 2017, Proc. VLDB Endow..

[14]  Peter Csaba Ölveczky,et al.  Formal modeling and analysis of RAMP transaction systems , 2016, SAC.

[15]  Adam Silberstein,et al.  Benchmarking cloud serving systems with YCSB , 2010, SoCC '10.

[16]  Mike Hibler,et al.  An integrated experimental environment for distributed systems and networks , 2002, OSDI '02.

[17]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[18]  Peter Csaba Ölveczky Formalizing and Validating the P-Store Replicated Data Store in Maude , 2016, WADT.

[19]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[20]  Jeff Carpenter,et al.  Cassandra: The Definitive Guide , 2010 .

[21]  Marcos K. Aguilera,et al.  Transactional storage for geo-replicated systems , 2011, SOSP.

[22]  Indranil Gupta,et al.  Quantitative Analysis of Consistency in NoSQL Key-Value Stores , 2015, Leibniz Trans. Embed. Syst..

[23]  Ali Ghodsi,et al.  Scalable atomic visibility with RAMP transactions , 2014, SIGMOD Conference.

[24]  José Meseguer,et al.  Algebraic simulations , 2010, J. Log. Algebraic Methods Program..

[25]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[26]  Michael D. Ernst,et al.  Planning for change in a formal verification of the raft consensus protocol , 2016, CPP.

[27]  Roberto Bruni,et al.  Semantic foundations for generalized rewrite theories , 2006, Theor. Comput. Sci..

[28]  José Meseguer,et al.  Proving Safety Properties of Rewrite Theories , 2011, CALCO.

[29]  José Meseguer,et al.  Twenty years of rewriting logic , 2010, J. Log. Algebraic Methods Program..

[30]  Indranil Gupta,et al.  Formal Modeling and Analysis of Cassandra in Maude , 2014, ICFEM.

[31]  Nancy A. Lynch,et al.  Verifiable compilation of i/o automata without global synchronization , 2005 .

[32]  Si Liu Design, verification and automatic implementation of correct-by-construction distributed transaction systems in Maude , 2019 .

[33]  Nancy A. Lynch,et al.  Automated implementation of complex distributed algorithms specified in the IOA language , 2009, International Journal on Software Tools for Technology Transfer.

[34]  PanchekhaPavel,et al.  Verdi: a framework for implementing and formally verifying distributed systems , 2015 .

[35]  Adam Chlipala,et al.  Chapar: certified causally consistent distributed key-value stores , 2016, POPL.

[36]  José Meseguer,et al.  Model checking linear temporal logic of rewriting formulas under localized fairness , 2015, Sci. Comput. Program..

[37]  José Meseguer,et al.  PVeStA: A Parallel Statistical Model Checking and Quantitative Analysis Tool , 2011, CALCO.

[38]  Fernando Pedone,et al.  P-Store: Genuine Partial Replication in Wide Area Networks , 2010, 2010 29th IEEE Symposium on Reliable Distributed Systems.

[39]  Peter Csaba Ölveczky,et al.  Formal Modeling and Analysis of the Walter Transactional Data Store , 2018, WRLA@ETAPS.

[40]  David A. Maltz,et al.  Network traffic characteristics of data centers in the wild , 2010, IMC '10.

[41]  Markus Herrmannsdoerfer,et al.  Seamless Model-Driven Development Put into Practice , 2010, ISoLA.

[42]  Peter Csaba Ölveczky,et al.  ROLA: A New Distributed Transaction Protocol and Its Formal Analysis , 2018, FASE.

[43]  Wolfgang Haberl,et al.  Code Generation and System Integration of Distributed Automotive Applications , 2011 .

[44]  Indranil Gupta,et al.  Survivability: Design, Formal Modeling, and Validation of Cloud Storage Systems Using Maude , 2017, Assured Cloud Computing.

[45]  Yawei Li,et al.  Megastore: Providing Scalable, Highly Available Storage for Interactive Services , 2011, CIDR.

[46]  Peter Csaba Ölveczky,et al.  Exploring Design Alternatives for RAMP Transactions Through Statistical Model Checking , 2017, ICFEM.

[47]  Xi Wang,et al.  Verdi: a framework for implementing and formally verifying distributed systems , 2015, PLDI.

[48]  Mahadev Konar,et al.  ZooKeeper: Wait-free Coordination for Internet-scale Systems , 2010, USENIX ATC.

[49]  José Meseguer,et al.  Dist-Orc: A Rewriting-based Distributed Implementation of Orc with Formal Analysis , 2010, RTRTS.