Formal Verification of an Interactive Consistency Algorithm for the Draper FTP Architecture Under a Hybrid Fault Model
by Dr. Patrick Lincoln & Dr. John Rushby.
From Compass '94 (Proceedings of the Ninth Annual Conference on Computer Assurance). IEEE Washington Section, Gaithersburg, MD. June, 1994. Pages 107120.
Abstract
Fault-tolerant systems for critical applications should tolerate as many kinds of faults and as large a number of faults
as possible, while using as little hardware as feasible. And they should be provided with strong assurances for their
correctness.
Byzantine fault-tolerant architectures are attractive because they tolerate any kind fault, but they are rather
expensive: at least 3m+1 processors are required to withstand m arbitrary faults. Two recent developments mitigate
some of the costs: algorithms that operate under a hybrid fault model tolerate more faults for a given number of
processors than classical Byzantine fault-tolerant algorithms, and asymmetric architectures tolerate a given number
of faults with less hardware than conventional architectures. In this paper we combine these two developments and
present an algorithm for achieving interactive consistency (the problem of distributing sensor samples consistently
in the presence of faults) under a hybrid fault model on an asymmetric architecture.
The extended fault model and asymmetric architecture complicate the arguments for the correctness and the
number of faults tolerated by the algorithm. To increase assurance, we have formally verified these properties and
checked the proofs mechanically using the PVS verification system. We argue that mechanically-supported formal
methods allow for effective reuse of intellectual resources, such as specifications and proofs, and that exercises such
as this can now be performed very economically.
BibTEX Entry
@inproceedings{compass94,
AUTHOR = {Patrick Lincoln and John Rushby},
TITLE = {Formal Verification of an Interactive Consistency Algorithm for the Draper {FTP} Architecture Under a Hybrid Fault Model},
BOOKTITLE = {Compass '94 (Proceedings of the Ninth Annual Conference on Computer Assurance)},
YEAR = {1994},
PAGES = {107--120},
ADDRESS = {Gaithersburg, {MD}},
MONTH = {jun},
ORGANIZATION = {{IEEE} Washington Section},
URL = {http://www.csl.sri.com/papers/compass94/}
}
Files
|