Presentation is loading. Please wait.

Presentation is loading. Please wait.

Modeling Mutual Exclusion Algorithms

Published byYuliana Fanny Sudjarwadi Modified over 5 years ago

Similar presentations

Presentation on theme: "Modeling Mutual Exclusion Algorithms"— Presentation transcript:

1 Modeling Mutual Exclusion Algorithms
Timo Wegeler

2 Overview Example problem formalization HML modeling CCS modeling

3 Peterson‘s mutual exclusion algorithm
Ensure mutual exclusion for two processes Each process executes j index of other process b initially false Milner‘s Calculus of Communicating Systems Message passing No shared variables

4 Peterson‘s mutual exclusion algorithm (cont)
Two processes running concurrently j index of other process

5 Access of variables in CCS
Encode a boolean as a process with two states B1t , B1f Processes read and write variables using communication ports , b1wf

6 Variables used in Peterson‘s algorithm
Represented in CCS expressions

7 CCS process formalization
Concentrate on entering and exiting the critical section

8 CCS process term representing Peterson‘s algorithm
L: communication channel names (read and write variables) Next: specify how to „ensure mutual exclusion“

9 Behaviour analysis: ensuring mutual exclusion in HML
At no point in the execution of the algorithm, P1 and P2 are in their critical sections at the same time. Next: specify how to „ensure mutual exclusion“

10 Behaviour analysis: ensuring mutual exclusion in HML
At no point in the execution of the algorithm, P1 and P2 are in their critical sections at the same time. Remember: Processes are in their critical sections when they can perform the exit action.

11 Ensuring mutual exclusion in HML
Transition system States are CCS processes Transitions are weak transitions of the form for any action α including τ Formula [exit1]ff is satisfied by all processes not affording an transition No matter how many internal steps

12 HML verification Does process Peterson satisfy Inv(F)? Set of states of process Peterson is a post-fixed point of the set function associated with the mapping or by iteratively computing the largest fixed point tedious! Use Edinburgh Concurrency Workbench (CWB) CHECKPROP

13 Behaviour analysis: ensuring mutual exclusion with CCS
Implementation verification: Represent actual system and specification as CCS terms Behavioural equivalence or approximation No behavioural equivalence to rule them all Trace equivalence Strong bisimilarity Weak bisimilarity Represent desired behaviour as a CCS term Choose suitable notion of behavioural equivalence

14 Ensuring mutual exclusion with CCS
Desired behaviour: Why not trace equivalence or strong bisimilarity? Why not observational equivalence?

15 Ensuring mutual exclusion with CCS (cont)
Why not observational equivalence? Process Peterson affords weak transition Target state affords any weak enter1 and cannot perform any weak enter2 For process MutexSpec: Only state reachable by internal transitions: MutexSpec Both enter transitions are enabled! 

16 Ensuring mutual exclusion with CCS (cont)
Solution? Formalize observable content Need to show: Each sequence of action in process Peterson is a trace of MutexSpec At no point in its behaviour, Peterson performs two exit actions in a row

17 Weak traces and weak equivalence

18 Weak traces and weak equivalence
Peterson and MutexSpec are weak trace equivalent. Therefore meet our specification. Check via CWB: MAYEQ Each weak trace of Peterson can exhibit as a weak trace all of the specification‘s traces. If this safety condition is enough, it can be proven that Peterson is a weak trace approximation of MutexSpec Check for existance of a weak simulation using CWB: PRE

19 Weak simulation

20 Weak simulation (cont)

21 Thanks for your attention
Questions?

22 Section not covered Testing mutual exclusion

23

24

25

26

Download ppt "Modeling Mutual Exclusion Algorithms"

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Process Algebra Book: Chapter 8. The Main Issue Q: When are two models equivalent? A: When they satisfy different properties. Q: Does this mean that the.

Process Algebra Book: Chapter 8. The Main Issue Q: When are two models equivalent? A: When they satisfy different properties. Q: Does this mean that the.
Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS Fall 2011 Prof. Jennifer Welch CSCE 668 Set 14: Simulations 1.

CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS Fall 2011 Prof. Jennifer Welch CSCE 668 Set 14: Simulations 1.
Operating Systems Part III: Process Management (Process Synchronization)

Operating Systems Part III: Process Management (Process Synchronization)
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.
CSC321 Concurrent Programming: §3 The Mutual Exclusion Problem 1 Section 3 The Mutual Exclusion Problem.

CSC321 Concurrent Programming: §3 The Mutual Exclusion Problem 1 Section 3 The Mutual Exclusion Problem.
1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.

1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Ch. 7 Process Synchronization (1/2) 2015-04-17. 7.I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.

Ch. 7 Process Synchronization (1/2) I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Process Synchronization Continued 7.2 The Critical-Section Problem.

Process Synchronization Continued 7.2 The Critical-Section Problem.
Previously… Processes –Process States –Context Switching –Process Queues Threads –Thread Mappings Scheduling –FCFS –SJF –Priority scheduling –Round Robin.

Previously… Processes –Process States –Context Switching –Process Queues Threads –Thread Mappings Scheduling –FCFS –SJF –Priority scheduling –Round Robin.
Chapter 6 Process Synchronization Bernard Chen Spring 2007.

Chapter 6 Process Synchronization Bernard Chen Spring 2007.
Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.

Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.

Similar presentations

Ads by Google