Formal Specification and Verification of the pGVT Algorithm

The time warp mechanism is a technique for optimistically synchronizing Parallel and distributed Discrete Event-driven Simulators (PDES). Within this synchronization paradigm lie numerous parallel algorithms, chief among them being an estimation of the Global Virtual Time (GVT) value for fossil collection and output commit. Because the optimistic synchronization strategy allows for temporary violations of causal relations in the system being simulated, developing algorithms that correctly estimate GVT can prove extremely difficult. Testing and debugging can also prove difficult as error situations are frequently not repeatable due to varying load conditions and processing orders. Consequently, the application of formal methods to develop and analyze such algorithms are of extreme importance. This paper addresses the application of formal methods for the development of GVT estimation algorithms. More precisely, the paper presents a formal specification for and verification of one specific GVT estimation algorithm, the pGVT algorithm. The specifications are presented in the Larch Shared Language and verification completed using the Larch Proof Assistant. The ultimate goal of this work is to develop a reusable infrastructure for GVT proof development that can be used by developers of new GVT estimation algorithms.

[1]  Philip A. Wilsey,et al.  pGVT: an algorithm for accurate GVT estimation , 1994, PADS '94.

[2]  K. Mani Chandy,et al.  Asynchronous distributed simulation via a sequence of parallel computations , 1981, CACM.

[3]  Philip A. Wilsey,et al.  WARPED: a time warp simulation kernel for analysis and application development , 1996, Proceedings of HICSS-29: 29th Hawaii International Conference on System Sciences.

[4]  Stephen J. Garland,et al.  Larch: Languages and Tools for Formal Specification , 1993, Texts and Monographs in Computer Science.

[5]  D. Knuth,et al.  Simple Word Problems in Universal Algebras , 1983 .

[6]  Patrick Lincoln,et al.  The Formal Verification of an Algorithm for Interactive Consistency under a Hybrid Fault Model , 1993, CAV.

[7]  Tom Blank,et al.  A Survey of Hardware Accelerators Used in Computer-Aided Design , 1984, IEEE Design & Test of Computers.

[8]  Friedemann Mattern,et al.  Efficient Algorithms for Distributed Snapshots and Global Virtual Time Approximation , 1993, J. Parallel Distributed Comput..

[9]  Yi-Bing Lin,et al.  Determining the Global Virtual Time in a Distributed Simulation , 1990, ICPP.

[10]  David R. Jefferson,et al.  Virtual time , 1985, ICPP.

[11]  J. Michael Spivey,et al.  Understanding Z : A specification language and its formal semantics , 1985, Cambridge tracts in theoretical computer science.

[12]  John Rushby A formally verified algorithm for clock synchronization under a hybrid fault model , 1994, PODC '94.

[13]  Stephen J. Garland,et al.  A Guide to LP, The Larch Prover , 1991 .

[14]  Richard M. Fujimoto,et al.  Parallel discrete event simulation , 1990, CACM.

[15]  C. A. R. Hoare,et al.  Communicating Sequential Processes (Reprint) , 1983, Commun. ACM.

[16]  Natarajan Shankar,et al.  Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS , 1995, IEEE Trans. Software Eng..

[17]  Alexander I. Tomlinson,et al.  An algorithm for minimally latent global virtual time , 1993, PADS '93.

[18]  Eric Paul Kronstadt,et al.  Design and implementation of a software simulation engine , 1983 .

[19]  Jayadev Misra,et al.  Distributed discrete-event simulation , 1986, CSUR.

[20]  Paul A. Fishwick,et al.  Simulation model design and execution - building digital worlds , 1995 .