Modeling and verification of randomized distributed real-time systems

Randomization is an excellent tool for the design of distributed algorithms, sometimes yielding efficient solutions to problems that are inherently complex, or even unsolvable, in the setting of deterministic algorithms. However, this tool has a price: even simple randomized algorithms can be extremely hard to verify and analyze. This thesis addresses the problem of verification of randomized distributed algorithms. We consider the problem both from the theoretical and the practical perspective. Our theoretical work builds a new mathematical model of randomized distributed computation; our practical work develops techniques to be used for the actual verification of randomized systems. Our analysis involves both untimed and timed systems, so that real-time properties can be investigated. Our model for randomized distributed computation is an extension of labeled transition systems. A Probalistic automation is a state machine with transitions, where, unlike for labeled transitions systems, a transition from a state leads to a discrete probability distribution over pairs consisting of a label and a state, rather than to a single label and a single state. A probalistic automation contains pure nondeterministic behavior since from each state there can be several transisitions, and probalistic behavior since once a transaction is chosen the label that occurs and the state that is reached are determined by a probability distribution. The resolution of pure nondeterminism leads to probalistic executions, which are Markov chain like structures. Once the pure nondeterminism is resolved, the probalistic behavior of a probalistic automation can be studied. The properties of a randomized algorithm are stated in terms of satisfying some other property with a minimal or maximal probability no matter how the nondeterminism is resolved. In stating the properties of an algorithm we also account for the possibility of imposing restrictions on the ways in which the the nondeterminism is resolved (e.g., fair scheduling, oblivious scheduling,...). We develop techniques to prove the correctness of some property by reducing the problem to the verification of properties of non-randomized systems. One technique is based on coin lemmas, which state the lower bounds on the probability that some chosen random draws give some chosen outcomes no matter how the nondeterminism is resolved. We identify a collection of progress statements which can be used to prove upper bounds to the expected running time of an algorithm. The methods are applied to prove that the randomized dining philosophers algorithm of Lehmann and Rabin guarantees progress in expected constant time and that the randomized algorithm for agreement of Ben-Or guarantees agreement in expected exponential time. To ensure that our new model has strong mathematical foundations, we extend some of the common semantics for labeled transitions systems to the probalistic framework. We define a compositional trace semantic

[1]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[2]  Bowen Alpern,et al.  Defining Liveness , 1984, Inf. Process. Lett..

[3]  C. A. R. Hoare,et al.  A Theory of Communicating Sequential Processes , 1984, JACM.

[4]  Robin Milner,et al.  Algebraic laws for nondeterminism and concurrency , 1985, JACM.

[5]  R. V. Glabbeek The Linear Time - Branching Time Spectrum II: The Semantics of Sequential Systems with Silent Moves , 1993 .

[6]  S. Hart,et al.  Termination of Probabilistic Concurrent Programs. , 1982 .

[7]  Karen Seidel,et al.  Probabilistic Communicating Processes , 1992, Theor. Comput. Sci..

[8]  Moshe Y. Vardi Automatic verification of probabilistic concurrent finite state programs , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[9]  Nancy A. Lynch,et al.  Proving time bounds for randomized distributed algorithms , 1994, PODC '94.

[10]  Robert M. Keller,et al.  Formal verification of parallel programs , 1976, CACM.

[11]  Micha Sharir,et al.  Concurrent Probabilistic Programs, Or: How to Schedule if You Must , 1985, SIAM J. Comput..

[12]  N. Lynch,et al.  A Lattice-Structured Proof Technique Applied to a Minimum Spanning Tree Algorithm , 1988 .

[13]  Bengt Jonsson,et al.  A framework for reasoning about time and reliability , 1989, [1989] Proceedings. Real-Time Systems Symposium.

[14]  Leslie Lamport,et al.  Proving Liveness Properties of Concurrent Programs , 1982, TOPL.

[15]  Kim Guldstrand Larsen,et al.  Specification and refinement of probabilistic processes , 1991, [1991] Proceedings Sixth Annual IEEE Symposium on Logic in Computer Science.

[16]  Maurice Herlihy,et al.  Fast Randomized Consensus Using Shared Memory , 1990, J. Algorithms.

[17]  Wang Yi,et al.  Testing Probabilistic and Nondeterministic Processes , 1992, PSTV.

[18]  Nancy A. Lynch,et al.  Hierarchical correctness proofs for distributed algorithms , 1987, PODC '87.

[19]  Amir Pnueli The Temporal Semantics of Concurrent Programs , 1981, Theor. Comput. Sci..

[20]  Saharon Shelah,et al.  Reasoning with Time and Chance , 1982, Inf. Control..

[21]  Kim G. Larsen,et al.  Bisimulation through Probabilistic Testing , 1991, Inf. Comput..

[22]  Nancy A. Lynch,et al.  Forward and backward simulations, part II: timing-based systems , 1993 .

[23]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[24]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[25]  Amir Pnueli,et al.  Verification of multiprocess probabilistic protocols , 1984, PODC '84.

[26]  Nancy A. Lynch,et al.  Liveness in Timed and Untimed Systems , 1994, Inf. Comput..

[27]  Wang Yi,et al.  Compositional testing preorders for probabilistic processes , 1995, Proceedings of Tenth Annual IEEE Symposium on Logic in Computer Science.

[28]  Nancy A. Lynch,et al.  Probabilistic Simulations for Probabilistic Processes , 1994, Nord. J. Comput..

[29]  C. Jones,et al.  A probabilistic powerdomain of evaluations , 1989, [1989] Proceedings. Fourth Annual Symposium on Logic in Computer Science.

[30]  Nancy A. Lynch,et al.  Computer-Assisted Simulation Proofs , 1993, CAV.

[31]  Albert R. Meyer,et al.  A Remark on Bisimulation Between Probabilistic Processes , 1989, Logic at Botik.

[32]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[33]  Robin Milner,et al.  Calculi for Synchrony and Asynchrony , 1983, Theor. Comput. Sci..

[34]  Mihalis Yannakakis,et al.  Verifying temporal properties of finite-state probabilistic programs , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[35]  Jane Hillston,et al.  A compositional approach to performance modelling , 1996 .

[36]  Rajeev Alur,et al.  Model-Checking for Probabilistic Real Time Systems , 1991 .

[37]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[38]  Rocco De Nicola,et al.  Testing Equivalences for Processes , 1984, Theor. Comput. Sci..

[39]  Shay Kutten,et al.  Time Optimal Self-Stabilizing Spanning Tree Algorithms , 1993, FSTTCS.

[40]  Rajiv Gupta,et al.  On randomization in sequential and distributed algorithms , 1994, CSUR.

[41]  Richard M. Karp,et al.  An introduction to randomized algorithms , 1991, Discret. Appl. Math..

[42]  Ivan Christoff,et al.  Testing Equivalences and Fully Abstract Models for Probabilistic Processes , 1990, CONCUR.

[43]  Mihalis Yannakakis,et al.  Markov Decision Processes and Regular Events (Extended Abstract) , 1990, ICALP.

[44]  Isaac Saias,et al.  Proving probabilistic correctness statements: the case of Rabin's algorithm for mutual exclusion , 1992, PODC '92.

[45]  Hans A. Hansson Time and probability in formal design of distributed systems , 1991, DoCS.

[46]  Ward Whitt,et al.  Continuity of Generalized Semi-Markov Processes , 1980, Math. Oper. Res..

[47]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[48]  Scott A. Smolka,et al.  Algebraic Reasoning for Probabilistic Concurrent Systems , 1990, Programming Concepts and Methods.

[49]  Roberto Segala,et al.  Formal verification of timed properties of randomized distributed algorithms , 1995, PODC '95.

[50]  Nancy A. Lynch,et al.  Data Requirements for Implementation of N-Process Mutual Exclusion Using a Single Shared Variable , 1982, JACM.

[51]  Amir Pnueli,et al.  On the extremely fair treatment of probabilistic algorithms , 1983, STOC.

[52]  J. S gaard-Andersen,et al.  Correctness of Communications Protocols, A case Study , 1993 .

[53]  Daniel Lehmann,et al.  On the advantages of free choice: a symmetric and fully distributed solution to the dining philosophers problem , 1981, POPL '81.

[54]  F. Vaandrager Forward and Backward Simulations Part I : Untimed Systems , 1993 .

[55]  Josyula R. Rao,et al.  Reasoning about probabilistic algorithms , 1990, PODC '90.

[56]  Bengt Jonsson,et al.  A calculus for communicating systems with time and probabilities , 1990, [1990] Proceedings 11th Real-Time Systems Symposium.