38 research outputs found
Higher-order linearisability
Linearisability is a central notion for verifying concurrent libraries: a library is proven correct if its operational history can be rearranged into a sequential one that satisfies a given specification. Until now, linearisability has been examined for libraries in which method arguments and method results were of ground type. In this paper we extend linearisability to the general higher-order setting, where methods of arbitrary type can be passed as arguments and returned as values, and establish its soundness
Simplifying proofs of linearisability using layers of abstraction
Linearisability has become the standard correctness criterion for concurrent
data structures, ensuring that every history of invocations and responses of
concurrent operations has a matching sequential history. Existing proofs of
linearisability require one to identify so-called linearisation points within
the operations under consideration, which are atomic statements whose execution
causes the effect of an operation to be felt. However, identification of
linearisation points is a non-trivial task, requiring a high degree of
expertise. For sophisticated algorithms such as Heller et al's lazy set, it
even is possible for an operation to be linearised by the concurrent execution
of a statement outside the operation being verified. This paper proposes an
alternative method for verifying linearisability that does not require
identification of linearisation points. Instead, using an interval-based logic,
we show that every behaviour of each concrete operation over any interval is a
possible behaviour of a corresponding abstraction that executes with
coarse-grained atomicity. This approach is applied to Heller et al's lazy set
to show that verification of linearisability is possible without having to
consider linearisation points within the program code
Higher-Order Linearisability
Linearisability is a central notion for verifying concurrent libraries: a library is proven
correct if its operational history can be rearranged into a sequential one that satisfies a
given specification. Until now, linearisability has been examined for libraries in which
method arguments and method results were of ground type. In this paper we extend
linearisability to the general higher-order setting, where methods of arbitrary type can
be passed as arguments and returned as values, and establish its soundness
Deducing Operation Commutativity from Replicated Data Declaration
Distributed systems often resort to data replication not only to enhance their availability
but also to reduce user-perceived latency by balancing the load between replicas and
routing their requests accordingly. The choice of which consistency level that should be
adopted by these replicated systems is critical for the fulfilment of their performance
and correctness requirements. However, defining a strategy that strikes the right balance
between these concerns in this type of environments is far from being a trivial task due
to the related overheads that are amplified in distributed scenarios.
Recognising the tension between latency and consistency, many systems allow multiple
consistency levels to coexist. Nevertheless, the performance fine-tuning mechanisms
supported by the existing hybrid solutions place a high burden on the programmer since
the necessary input can be somehow complex requiring him to understand the semantics
of each operation of the service he is developing in order to correctly instruct the
system on how to handle concurrent updates. Thus, specifying operation dependencies,
orderings and invariants to be preserved or even picking the right consistency level to be
assigned to a certain data item is, generally, an error-prone task that hinders reasoning.
To overcome this adversity, this work aims to reduce the effort spent by the programmer
by only requiring the latter to introduce a simple and intuitive input at data declaration.
Following this approach, reasoning is centralised and all accesses to replicated
data are identified automatically. With all data accesses identified, it is then possible
to deduce the side effects of each operation and determine, for each one of them, those
with which it conflicts. In this context, this thesis also presents a compile-time analysis
applied to the Java language able to evaluate operation pairwise commutativity from the
input given at data declaration
Differentially flat nonlinear control systems
Differentially flat systems are underdetermined systems of (nonlinear) ordinary differential equations (ODEs) whose solution curves are in smooth one-one correspondence
with arbitrary curves in a space whose dimension equals the number of equations by which the system is underdetermined. For control systems this is the same as the number of inputs. The components of the map from the system space to the smaller dimensional space are referred to as the flat outputs. Flatness allows one to systematically generate feasible trajectories in a relatively simple way. Typically
the flat outputs may depend on the original independent and dependent variables in terms of which the ODEs are written as well as finitely many derivatives of the dependent variables. Flatness of systems underdetermined by one equation is completely characterised by Elie Cartan's work. But for general underdetermined systems no complete characterisation of flatness exists.
In this dissertation we describe two different geometric frameworks for studying
flatness and provide constructive methods for deciding the flatness of certain classes of nonlinear systems and for finding these flat outputs if they exist. We first
introduce the concept of "absolute equivalence" due to Cartan and define flatness in this frame work. We provide a method of testing for the flatness of systems, which involves making a guess for all but one of the flat outputs after which the problem is reduced to the case solved by Cartan. Secondly we present an alternative geometric approach to flatness which uses "jet bundles" and present a theorem which partially characterises flat outputs that depend only on the original variables but not on their derivatives, for the case of systems described by two independent one-forms in arbitrary number of variables. Finally, for the class of Lagrangian mechanical systems whose number of control inputs is one less than the number of degrees of freedom, we provide a characterisation of flat outputs that depend only on the configuration variables, but not on their derivatives. This characterisation makes use of the Riemannian metric provided by the kinetic energy of the system
Verifying linearisability: A comparative survey
Linearisability is a key correctness criterion for concurrent data structures, ensuring that each history of the concurrent object under consideration is consistent with respect to a history of the corresponding abstract data structure. Linearisability allows concurrent (i.e., overlapping) operation calls to take effect in any order, but requires the real-time order of nonoverlapping to be preserved. The sophisticated nature of concurrent objects means that linearisability is difficult to judge, and hence, over the years, numerous techniques for verifying lineasizability have been developed using a variety of formal foundations such as data refinement, shape analysis, reduction, etc. However, because the underlying framework, nomenclature, and terminology for each method is different, it has become difficult for practitioners to evaluate the differences between each approach, and hence, evaluate the methodology most appropriate for verifying the data structure at hand. In this article, we compare the major of methods for verifying linearisability, describe the main contribution of each method, and compare their advantages and limitations