4 research outputs found
Static Verification of Cloud Applications with Why3
Nowadays large-scale distributed applications rely on replication in order to improve
their services. Having data replicated in multiple datacenters increases availability, but
it might lead to concurrent updates that violate data integrity. A possible approach to
solve this issue is to use strong consistency in the application because this way there is
a total order of operations in every replica. However, that would make the application
abdicate of its availability. An alternative would be to use weak consistency to make the
application more available, but that could break data integrity. To resolve this issue many
of these applications use a combination of weak and strong consistency models, such that
synchronization is only introduced in the execution of operations that can break data
integrity.
To build applications that use multiple consistency models, developers have the difficult
task of finding the right balance between two conflicting goals: minimizing synchronization
while preserving data integrity. To achieve this balance developers have to
reason about the concurrent effects of each operation, which is a non-trivial task when it
comes to large and complex applications.
In this document we propose an approach consisting of a static analysis tool that
helps developers find a balance between strong and weak consistency in applications
that operate over weakly consistent databases. The verification process is based on a
recently defined proof rule that was proven to be sound. The proposed tool uses Why3
as an intermediate framework that communicates with external provers, to analyse the
correctness of the application specification.
Our contributions also include a predicate transformer and a library of verified data
types that can be used to resolve commutativity issues in applications. The predicate
transformer can be used to lighten the specification effort
Data consistency in transactional storage systems: a centralised approach.
We introduce an interleaving operational semantics for describing the client-observable behaviour of atomic transactions on distributed key-value stores. Our semantics builds on abstract states comprising centralised, global key-value stores and partial client views. We provide operational definitions of consistency models for our key-value stores which are shown to be equivalent to the well-known declarative definitions of consistency model for execution graphs. We explore two immediate applications of our semantics: specific protocols of geo-replicated databases (e.g. COPS) and partitioned databases (e.g. Clock-SI) can be shown to be correct for a specific consistency model by embedding them in our centralised semantics; programs can be directly shown to have invariant properties such as robustness results against a weak consistency model