71 research outputs found
Simplifying proofs of linearisability using layers of abstraction
Linearisability has become the standard correctness criterion for concurrent
data structures, ensuring that every history of invocations and responses of
concurrent operations has a matching sequential history. Existing proofs of
linearisability require one to identify so-called linearisation points within
the operations under consideration, which are atomic statements whose execution
causes the effect of an operation to be felt. However, identification of
linearisation points is a non-trivial task, requiring a high degree of
expertise. For sophisticated algorithms such as Heller et al's lazy set, it
even is possible for an operation to be linearised by the concurrent execution
of a statement outside the operation being verified. This paper proposes an
alternative method for verifying linearisability that does not require
identification of linearisation points. Instead, using an interval-based logic,
we show that every behaviour of each concrete operation over any interval is a
possible behaviour of a corresponding abstraction that executes with
coarse-grained atomicity. This approach is applied to Heller et al's lazy set
to show that verification of linearisability is possible without having to
consider linearisation points within the program code
Convolution, Separation and Concurrency
A notion of convolution is presented in the context of formal power series
together with lifting constructions characterising algebras of such series,
which usually are quantales. A number of examples underpin the universality of
these constructions, the most prominent ones being separation logics, where
convolution is separating conjunction in an assertion quantale; interval
logics, where convolution is the chop operation; and stream interval functions,
where convolution is used for analysing the trajectories of dynamical or
real-time systems. A Hoare logic is constructed in a generic fashion on the
power series quantale, which applies to each of these examples. In many cases,
commutative notions of convolution have natural interpretations as concurrency
operations.Comment: 39 page
Streamlining Progress-Based Derivations of Concurrent Programs
The logic of Owicki and Gries is a well known logic for verifying safety properties of concurrent programs. Using this logic, Feijen and van Gasteren describe a method for deriving concurrent programs based on safety. In this work, we explore derivation techniques of concurrent programs using progress-based reasoning. We use a framework that combines the safety logic of Owicki and Gries, and the progress logic of UNITY. Our contributions improve the applicability of our earlier techniques by reducing the calculational overhead in the formal proofs and derivations. To demonstrate the effectiveness of our techniques, a derivation of Dekker's mutual exclusion algorithm is presented. This derivation leads to the discovery of some new and simpler variations of this famous algorithm
Reasoning about teleo-reactive programs under parallel composition
The teleo-reactive programming model is a high-level approach to implementing real-time controllers that react dynamically to changes in their environment. Teleo-reactive actions can be hierarchically nested, which facilitates abstraction from lower-level details. Furthermore, teleo-reactive programs can be composed using renaming, hiding, and parallelism to form new programs. In this paper, we present a framework for reasoning about safety, progress, and real-time properties of teleo-reactive programs under program composition. We use a logic that extends the duration calculus to formalise the semantics of teleo-reactive programs and to reason about their properties. We present rely/guarantee style specifications to allow compositional proofs and we consider an application of our theory by verifying a real-time controller for an industrial press
Approximating Idealised Real-Time Specifications Using Time Bands
Timed specifications are often formalised at an absolute level of precision, which does not reflect the real world that the specifications model, i.e., in the real world, inputs cannot be sampled with absolute precision and physical hardware cannot react instantaneously. As a result the developed specifications can often become unimplementable. In this paper, we consider the time bands model which allows time to be structured into several layers of abstraction and relationships between bands to be formalised. This allows the timed specifications developed under idealised assumptions to be approximated using the time band in which the variables are sampled. We implement the approximated specifications using teleo-reactive programs embedded with time bands
Trace Semantics for the Owicki-Gries Theory Integrated with the Progress Logic from UNITY
The theory of Owicki and Gries has been used as a platform for safety-based verifcation and derivation of concurrent programs. It has also been integrated with the progress logic of UNITY which has allowed newer techniques of progress-based verifcation and derivation to be developed. However, a theoretical basis for the integrated theory has thus far been missing. In this paper, we provide a theoretical background for the logic of Owicki and Gries integrated with the logic of progress from UNITY. An operational semantics for the new framework is provided which is used to prove soundness of the progress logic
- …