Fighting livelock in the i-protocol: A comparative study of verification tools

Yifei Dong; Xiaoqun Du; Y. S. Ramakrishna; C. R. Ramakrishnan; I. V. Ramakrishnan; Scott A. Smolka; Oleg Sokolsky; Eugene W. Stark; David S. Warren

doi:10.1007/3-540-49059-0_6

Fighting livelock in the i-protocol: A comparative study of verification tools

Yifei Dong
, Xiaoqun Du
, Y. S. Ramakrishna
, C. R. Ramakrishnan
, I. V. Ramakrishnan
, Scott A. Smolka
, Oleg Sokolsky
, Eugene W. Stark
, David S. Warren

Computer Science

Stony Brook University
Sun Microsystems
University of Pennsylvania

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

20 Scopus citations

Abstract

The i-protocol, an optimized sliding-window protocol for GNU UUCP, came to our attention two years ago when we used the Con-currency Factory’s local model checker to detect, locate, and correct a non-trivial livelock in version 1.04 of the protocol. Since then, we have repeated this verification effort with five widely used model checkers, namely, COSPAN, Murϕ, SMV, SPIN, and XMC. It is our contention that the i-protocol makes for a particularly compelling case study in protocol verification and for a formidable benchmark of verification-tool performance, for the following reasons: 1) The i-protocol can be used to gauge a tool’s ability to detect and diagnose livelock errors. 2) The size of the i-protocol’s state space grows exponentially in the window size, and the entirety of this state space must be searched to verify that the protocol, with the livelock error eliminated, is deadlock- or livelock-free. 3) The i-protocol is an asynchronous, low-level software system equipped with a number of optimizations aimed at minimizing control-message and retransmission overhead. It lacks the regular structure that is often present in hardware designs. In this sense, it provides any verification tool with a vigorous test of its analysis capabilities.

Original language	English
Title of host publication	Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings
Editors	W. Rance Cleaveland
Publisher	Springer Verlag
Pages	74-88
Number of pages	15
ISBN (Print)	3540657037, 9783540657033
DOIs	https://doi.org/10.1007/3-540-49059-0_6
State	Published - 1999
Event	5th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999 - Amsterdam, Netherlands Duration: Mar 22 1999 → Mar 28 1999

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	1579
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	5th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999
Country/Territory	Netherlands
City	Amsterdam
Period	03/22/99 → 03/28/99

Access to Document

10.1007/3-540-49059-0_6

Cite this

Dong, Y., Du, X., Ramakrishna, Y. S., Ramakrishnan, C. R., Ramakrishnan, I. V., Smolka, S. A., Sokolsky, O., Stark, E. W., & Warren, D. S. (1999). Fighting livelock in the i-protocol: A comparative study of verification tools. In W. Rance Cleaveland (Ed.), Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings (pp. 74-88). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1579). Springer Verlag. https://doi.org/10.1007/3-540-49059-0_6

Dong, Yifei ; Du, Xiaoqun ; Ramakrishna, Y. S. et al. / Fighting livelock in the i-protocol : A comparative study of verification tools. Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings. editor / W. Rance Cleaveland. Springer Verlag, 1999. pp. 74-88 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{93dda197de444d8bad23ac5d60efbc28,

title = "Fighting livelock in the i-protocol: A comparative study of verification tools",

abstract = "The i-protocol, an optimized sliding-window protocol for GNU UUCP, came to our attention two years ago when we used the Con-currency Factory{\textquoteright}s local model checker to detect, locate, and correct a non-trivial livelock in version 1.04 of the protocol. Since then, we have repeated this verification effort with five widely used model checkers, namely, COSPAN, Murϕ, SMV, SPIN, and XMC. It is our contention that the i-protocol makes for a particularly compelling case study in protocol verification and for a formidable benchmark of verification-tool performance, for the following reasons: 1) The i-protocol can be used to gauge a tool{\textquoteright}s ability to detect and diagnose livelock errors. 2) The size of the i-protocol{\textquoteright}s state space grows exponentially in the window size, and the entirety of this state space must be searched to verify that the protocol, with the livelock error eliminated, is deadlock- or livelock-free. 3) The i-protocol is an asynchronous, low-level software system equipped with a number of optimizations aimed at minimizing control-message and retransmission overhead. It lacks the regular structure that is often present in hardware designs. In this sense, it provides any verification tool with a vigorous test of its analysis capabilities.",

author = "Yifei Dong and Xiaoqun Du and Ramakrishna, \{Y. S.\} and Ramakrishnan, \{C. R.\} and Ramakrishnan, \{I. V.\} and Smolka, \{Scott A.\} and Oleg Sokolsky and Stark, \{Eugene W.\} and Warren, \{David S.\}",

note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 1999.; 5th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999 ; Conference date: 22-03-1999 Through 28-03-1999",

year = "1999",

doi = "10.1007/3-540-49059-0\_6",

language = "English",

isbn = "3540657037",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "74--88",

editor = "\{Rance Cleaveland\}, W.",

booktitle = "Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings",

}

Dong, Y, Du, X, Ramakrishna, YS, Ramakrishnan, CR , Ramakrishnan, IV , Smolka, SA, Sokolsky, O, Stark, EW & Warren, DS 1999, Fighting livelock in the i-protocol: A comparative study of verification tools. in W Rance Cleaveland (ed.), Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 1579, Springer Verlag, pp. 74-88, 5th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Amsterdam, Netherlands, 03/22/99. https://doi.org/10.1007/3-540-49059-0_6

Fighting livelock in the i-protocol: A comparative study of verification tools. / Dong, Yifei; Du, Xiaoqun; Ramakrishna, Y. S. et al.
Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings. ed. / W. Rance Cleaveland. Springer Verlag, 1999. p. 74-88 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1579).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Fighting livelock in the i-protocol

T2 - 5th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999

AU - Dong, Yifei

AU - Du, Xiaoqun

AU - Ramakrishna, Y. S.

AU - Ramakrishnan, C. R.

AU - Ramakrishnan, I. V.

AU - Smolka, Scott A.

AU - Sokolsky, Oleg

AU - Stark, Eugene W.

AU - Warren, David S.

PY - 1999

Y1 - 1999

N2 - The i-protocol, an optimized sliding-window protocol for GNU UUCP, came to our attention two years ago when we used the Con-currency Factory’s local model checker to detect, locate, and correct a non-trivial livelock in version 1.04 of the protocol. Since then, we have repeated this verification effort with five widely used model checkers, namely, COSPAN, Murϕ, SMV, SPIN, and XMC. It is our contention that the i-protocol makes for a particularly compelling case study in protocol verification and for a formidable benchmark of verification-tool performance, for the following reasons: 1) The i-protocol can be used to gauge a tool’s ability to detect and diagnose livelock errors. 2) The size of the i-protocol’s state space grows exponentially in the window size, and the entirety of this state space must be searched to verify that the protocol, with the livelock error eliminated, is deadlock- or livelock-free. 3) The i-protocol is an asynchronous, low-level software system equipped with a number of optimizations aimed at minimizing control-message and retransmission overhead. It lacks the regular structure that is often present in hardware designs. In this sense, it provides any verification tool with a vigorous test of its analysis capabilities.

AB - The i-protocol, an optimized sliding-window protocol for GNU UUCP, came to our attention two years ago when we used the Con-currency Factory’s local model checker to detect, locate, and correct a non-trivial livelock in version 1.04 of the protocol. Since then, we have repeated this verification effort with five widely used model checkers, namely, COSPAN, Murϕ, SMV, SPIN, and XMC. It is our contention that the i-protocol makes for a particularly compelling case study in protocol verification and for a formidable benchmark of verification-tool performance, for the following reasons: 1) The i-protocol can be used to gauge a tool’s ability to detect and diagnose livelock errors. 2) The size of the i-protocol’s state space grows exponentially in the window size, and the entirety of this state space must be searched to verify that the protocol, with the livelock error eliminated, is deadlock- or livelock-free. 3) The i-protocol is an asynchronous, low-level software system equipped with a number of optimizations aimed at minimizing control-message and retransmission overhead. It lacks the regular structure that is often present in hardware designs. In this sense, it provides any verification tool with a vigorous test of its analysis capabilities.

UR - https://www.scopus.com/pages/publications/84948982875

U2 - 10.1007/3-540-49059-0_6

DO - 10.1007/3-540-49059-0_6

M3 - Conference contribution

AN - SCOPUS:84948982875

SN - 3540657037

SN - 9783540657033

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 74

EP - 88

BT - Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings

A2 - Rance Cleaveland, W.

PB - Springer Verlag

Y2 - 22 March 1999 through 28 March 1999

ER -

Dong Y, Du X, Ramakrishna YS, Ramakrishnan CR , Ramakrishnan IV , Smolka SA et al. Fighting livelock in the i-protocol: A comparative study of verification tools. In Rance Cleaveland W, editor, Tools and Algorithms for the Construction and Analysis of Systems - 5th International Conference, TACAS 1999 Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 1999, Proceedings. Springer Verlag. 1999. p. 74-88. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/3-540-49059-0_6

Fighting livelock in the i-protocol: A comparative study of verification tools

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this