VNU-UET Repository: No conditions. Results ordered -Date Deposited. 2023-06-06T02:31:03ZEPrintshttp://eprints.uet.vnu.edu.vn/images/sitelogo.pnghttps://eprints.uet.vnu.edu.vn/eprints/2021-07-15T02:04:52Z2021-07-15T02:04:52Zhttp://eprints.uet.vnu.edu.vn/eprints/id/eprint/4566This item is in the repository with the URL: http://eprints.uet.vnu.edu.vn/eprints/id/eprint/45662021-07-15T02:04:52ZFormal specification and model checking of a recoverable wait-free version of MCSMCS is widely known as one of the most efficient and influential spinning lock mutual exclusion protocols. The protocol, however, only works under the assumption that processes do not crash while acquiring/releasing the lock or being in the critical section. Furthermore, the exit segment pseudo-code of MCS’s algorithm is not wait-free since a process releasing the lock needs to wait for the next process in the virtual queue to perform some steps. A new version of MCS has been proposed by S. Dhoked and N. Mittal such that the new version is wait-free and recoverable (i.e., if some processes crash, the protocol can recover and work normally). In this paper, we formally specify the recoverable wait-free version of MCS and conduct model checking to check whether the protocol enjoys the mutual exclusion property. Our experiments say that: (1) the property is not satisfied if crashes are allowed to occur without any restriction, (2) the protocol enjoys the property if crashes never happen at all, or (3) if crashes have not occurred recently. We also describe the challenge of how to formally specify dynamic memory allocation and present our solution to solve that problem.Duong Tran Dinhduongtd@vnu.edu.vnKentaro Wakikentaro.waki@jaist.ac.jpKazuhiro Ogataogata@jaist.ac.jp2021-07-15T02:04:40Z2021-07-15T02:04:40Zhttp://eprints.uet.vnu.edu.vn/eprints/id/eprint/4565This item is in the repository with the URL: http://eprints.uet.vnu.edu.vn/eprints/id/eprint/45652021-07-15T02:04:40ZSimulation-based invariant verification technique for the OTS/CafeOBJ methodWe demonstrate the power of the simulation-based invariant verification technique through two case studies in which it is formally verified that two mutual exclusion protocols, MCS protocol and Anderson protocol, enjoy the mutual exclusion property by the simulation-based invariant verification technique. We initially attempted formally verifying that the two protocols enjoy the property by the induction-based invariant verification technique. We successfully completed the formal proof for MCS protocol by the simulation-based invariant verification technique earlier than the one by the induction- based invariant verification technique even though we started the latter earlier than the former. We did not successfully complete the formal proof for Anderson protocol by the induction-based invariant verification technique as of the time of this paper submission. We define a variant of simulation, "observably equivalent simulations," and prove some theorems on them to conduct the MCS case study. Given a state machine M, another state machine M' constructed by introducing auxiliary variables into M observably equivalently simulates M. In this sense, M' can be regarded as an abstract version of M.Duong Tran Dinhduongtd@vnu.edu.vnDang Bui Duybddang@jaist.ac.jpKazuhiro Ogataogata@jaist.ac.jp2020-12-17T08:27:11Z2020-12-17T08:27:11Zhttp://eprints.uet.vnu.edu.vn/eprints/id/eprint/4284This item is in the repository with the URL: http://eprints.uet.vnu.edu.vn/eprints/id/eprint/42842020-12-17T08:27:11ZLemma Weakening for State Machine Invariant ProofsLemma conjecture is one of the most challenging tasks in theorem proving. The paper focuses on invariant properties (or invariants) of state machines. Thus, lemmas are also invariants. To prove that a state predicate p is an invariant of a state machine M, in general, we need to find an inductive invariant q of M such that q(s) implies p(s) for all states s of M. q is often in the form p∧p', and p' is often in the form q1 ∧...∧qn. q1, ..., qn are the lemmas of the proof that p is an invariant of M. The paper proposes a technique called Lemma Weakening (LW). LW replaces qi with qi' such that qi(s) implies qi'(s) for all states s of M, which can make the proof reasonably tractable that may become otherwise unreasonably hard. MCS mutual exclusion protocol is used as an example to demonstrate the power of LW.Dinh Duong Tranduongtd@vnu.edu.vnKazuhiro Ogataogata@jaist.ac.jpDuy Dang Buibddang@jaist.ac.jpParth Guptaparthgupta.iitkgp@gmail.com2020-08-02T06:23:09Z2020-09-29T11:12:16Zhttp://eprints.uet.vnu.edu.vn/eprints/id/eprint/4037This item is in the repository with the URL: http://eprints.uet.vnu.edu.vn/eprints/id/eprint/40372020-08-02T06:23:09ZFormal verification of an abstract version of Anderson protocol with CafeOBJ, CiMPA and CiMPGAnderson protocol is a mutual exclusion protocol. It uses a finite Boolean array shared by all processes and the modulo (or remainder) operation of natural numbers. This is why it is challenging to formally verify that the protocol enjoys the mutual exclusion property in a sense of theorem proving. Then, we make an abstract version of the protocol called A-Anderson protocol that uses an infinite Boolean array instead. We describe how to formally specify A-Anderson protocol in CafeOBJ, an algebraic specification language and how to formally verify that the protocol enjoys the mutual exclusion property in three ways: (1) by writing proof scores in CafeOBJ, (2) with a proof assistant CiMPA for CafeOBJ and (3) with a proof generator CiMPG for CafeOBJ. We mention how to formally verify that Anderson protocol enjoys the property by showing that A-Anderson protocol simulates Anderson protocol.Dinh Duong Tranduongtd@vnu.edu.vnKazuhiro Ogataogata@jaist.ac.jp