The Timed Asynchronous System (TAS) model[3] has less stringent assumptions than the synchronous model but is still strong enough to serve as a foundation for the construction of dependable applications. In this paper, we verify the correctness of some basic distributed services in TAS. First, TAS is modelled and then some important properties of two basic services, FADS (Fail Aware Datagram Service) and HALL (Highly Available Local Leader Election Service), are formally verified. The PVS theorem prover is used for modelling and verification of the algorithms.
During the process of verification, some of the assumptions in the model that were not explicitly noted in the literature came to light. In addition, due to the insight gained in the process of verification, the ability to extend the validity of some of the properties in the face of additional failures in the system became clear through appropriate modifications of these assumptions.
[1]
John M. Rushby,et al.
Systematic Formal Verification for Fault-Tolerant Time-Triggered Algorithms
,
1999,
IEEE Trans. Software Eng..
[2]
Flaviu Cristian,et al.
Fail-aware datagram service
,
1999,
IEE Proc. Softw..
[3]
Flaviu Cristian,et al.
Fail-awareness in timed asynchronous systems
,
1996,
PODC '96.
[4]
Flaviu Cristian,et al.
A Highly Available Local Leader Election Service
,
1999,
IEEE Trans. Software Eng..
[5]
Flaviu Cristian,et al.
The Timed Asynchronous Distributed System Model
,
1999,
IEEE Trans. Parallel Distributed Syst..
[6]
Seif Haridi,et al.
Distributed Algorithms
,
1992,
Lecture Notes in Computer Science.