Proving opacity of a pessimistic STM

Transactional Memory (TM) is a high-level programming abstraction for concurrency control that provides programmers with the illusion of atomically executing blocks of code, called transactions. TMs come in two categories, optimistic and pessimistic, where in the latter transactions never abort. While this simplifies the programming model, high-performing pessimistic TMs can complex. In this paper, we present the first formal verification of a pessimistic software TM algorithm, namely, an algorithm proposed by Matveev and Shavit. The correctness criterion used is opacity, formalising the transactional atomicity guarantees. We prove that this pessimistic TM is a refinement of an intermediate opaque I/O-automaton, known as TMS2. To this end, we develop a rely-guarantee approach for reducing the complexity of the proof. Proofs are mechanised in the interactive prover Isabelle

Verifying correctness of persistent concurrent data structures: a sound and complete method

Non-volatile memory (NVM), aka persistent memory, is a new memory paradigm that preserves its contents even after power loss. The expected ubiquity of NVM has stimulated interest in the design of persistent concurrent data structures, together with associated notions of correctness. In this paper, we present a formal proof technique for durable linearizability, which is a correctness criterion that extends linearizability to handle crashes and recovery in the context ofNVM.Our proofs are based on refinement of Input/Output automata (IOA) representations of concurrent data structures. To this end, we develop a generic procedure for transforming any standard sequential data structure into a durable specification and prove that this transformation is both sound and complete. Since the durable specification only exhibits durably linearizable behaviours, it serves as the abstract specification in our refinement proof. We exemplify our technique on a recently proposed persistentmemory queue that builds on Michael and Scott’s lock-free queue. To support the proofs, we describe an automated translation procedure from code to IOA and a thread-local proof technique for verifying correctness of invariants

Brief announcement: On strong observational refinement and forward simulation

Hyperproperties are correctness conditions for labelled transition systems that are more expressive than traditional trace properties, with particular relevance to security. Recently, Attiya and Enea studied a notion of strong observational refinement that preserves all hyperproperties. They analyse the correspondence between forward simulation and strong observational refinement in a setting with finite traces only. We study this correspondence in a setting with both finite and infinite traces. In particular, we show that forward simulation does not preserve hyperliveness properties in this setting. We extend the forward simulation proof obligation with a progress condition, and prove that this progressive forward simulation does imply strong observational refinement

Mechanized proofs of opacity: A comparison of two techniques

Software transactional memory (STM) provides programmers with a high-level programming abstraction for synchronization of parallel processes, allowing blocks of codes that execute in an interleaved manner to be treated as atomic blocks. This atomicity property is captured by a correctness criterion called opacity, which relates the behaviour of an STM implementation to those of a sequential atomic specification. In this paper, we prove opacity of a recently proposed STM implementation: the Transactional Mutex Lock (TML) by Dalessandro et al. For this, we employ two different methods: the first method directly shows all histories of TML to be opaque (proof by induction), using a linearizability proof of TML as an assistance; the second method shows TML to be a refinement of an existing intermediate specification called TMS2 which is known to be opaque (proof by simulation). Both proofs are carried out within interactive provers, the first with KIV and the second with both Isabelle and KIV. This allows to compare not only the proof techniques in principle, but also their complexity in mechanization. It turns out that the second method, already leveraging an existing proof of opacity of TMS2, allows the proof to be decomposed into two independent proofs in the way that the linearizability proof does not

Inheritance of Temporal Logic Properties

Abstract. Inheritance is one of the key features for the success of object-oriented languages. Inheritance (or specialisation) supports incremental design and re-use of already written specifications or programs. In a for-mal approach to system design the interest does not only lie in re-use of class definitions but also in re-use of correctness proofs. If a provably correct class is specialised we like to know those correctness properties which are preserved in the subclass. This can avoid re-verification of already proven properties and may thus substantially reduce the verifi-cation effort. In this paper we study the question of inheritance of correctness prop-erties in the context of state-based formalisms, using a temporal logic (CTL) to formalise requirements on classes. Given a superclass and its specialised subclass we develop a technique for computing the set of for-mulas which are preserved in the subclass. For specialisation we allow addition of attributes, modification of existing as well as extension with new methods.

Weak Sequential Composition in Process Algebras

n this paper we study a special operator for sequential composition, which is defined relative to a dependency relation over the actions of a given system. The idea is that actions which are not dependent (intuitively because they share no common resources) do not have to wait for one another to proceed, even if they are composed sequentially. Such a notion has been studied before in a linear-time setting, but until recently there has been no systematic investigation in the context of process algebras. We give a structural operational semantics for a process algebraic language containing such a sequential composition operator, which shows some interesting interplay with choice. We give a complete axiomatisation of strong bisimilarity and we show consistency of the operational semantics with an event-based denotational semantics developed recently by the second author. The axiom system allows to derive the communication closed layers law, which in the linear time setting has been shown to be a very useful instrument in correctness preserving transformations. We conclude with a couple of examples

Introduction: new research in monetary history - A map

This handbook aims to provide a comprehensive (though obviously not exhaustive) picture of state-of-the-art international scholarship on the history of money and currency. The chapters of this handbook cover a wide selection of research topics. They span chronologically from antiquity to nowadays and are geographically stretched from Latin America to Asia, although most of them focus on Western Europe and the USA, as a large part of the existing research does. The authors of these chapters constitute, we hope, a balanced sample of various generations of scholars who contributed to what Barry Eichengreen defined as "the new monetary and financial history" – an approach that combines the analysis of monetary aggregates and policies with the structure and dynamics of the banking sector and financial markets. We have structured this handbook in ten broad thematic parts: the historical origins of money; money, coinage, and the state; trade, money markets, and international currencies; money and metals; monetary experiments; Asian monetary systems; exchange rate regimes; monetary integration; central banking and monetary policy; and aggregate price shocks. In this introduction, we offer for each part some historical context, a few key insights from the literature, and a brief analytical summary of each chapter. Our aim is to draw a map that hopefully will help readers to organize their journey through this very wide and diverse research area

Contribution of CXCL12 secretion to invasion of breast cancer cells

The new millennium is characterized by speed and distribution in every aspect of most business and organization undertaking. Organizations are challenged to bring ideas and concepts to products and services in an ever-increasing pace. Companies distributed by space, time and capabilities come together to deliver products and solutions for which there is any need in the global marketplace