Results 21  30
of
171
Resource Allocation With Immunity To Limited Process Failure
, 1979
"... Upper and lower bounds are proved for the shared space requirements for solution of several problems involving resource allocation among asynchronous processes. Controlling the degradation of performance when a limited number of processes fail is of particular interest. ..."
Abstract

Cited by 32 (7 self)
 Add to MetaCart
Upper and lower bounds are proved for the shared space requirements for solution of several problems involving resource allocation among asynchronous processes. Controlling the degradation of performance when a limited number of processes fail is of particular interest.
Constructing Quantified Invariants via Predicate Abstraction
 CONFERENCE ON VERIFICATION, MODEL CHECKING AND ABSTRACT INTERPRETATION (VMCAI ’04), LNCS 2937
, 2004
"... Predicate abstraction provides a powerful tool for verifying properties of infinitestate systems using a combination of a decision procedure for a subset of firstorder logic and symbolic methods originally developed for finitestate model checking. We consider models where the system state conta ..."
Abstract

Cited by 32 (7 self)
 Add to MetaCart
Predicate abstraction provides a powerful tool for verifying properties of infinitestate systems using a combination of a decision procedure for a subset of firstorder logic and symbolic methods originally developed for finitestate model checking. We consider models where the system state contains mutable function and predicate state variables. Such a model can describe systems containing arbitrarily large memories, buffers, and arrays of identical processes. We describe a form of predicate abstraction that constructs a formula over a set of universally quantified variables to describe invariant properties of the function state variables. We provide a formal justification of the soundness of our approach and describe how it has been used to verify several hardware and software designs, including a directorybased cache coherence protocol with unbounded FIFO channels.
The Bakery Algorithm: Yet Another Specification and Verification
"... In a meeting at Schloss Dagstuhl in June 1993, Uri Abraham and Menachem Magidor have challenged the thesis that an evolving algebra can be tailored to any algorithm at its own abstraction level. As example they gave an instructive proof which uses lower and higher views to show correctness of Lampor ..."
Abstract

Cited by 31 (8 self)
 Add to MetaCart
In a meeting at Schloss Dagstuhl in June 1993, Uri Abraham and Menachem Magidor have challenged the thesis that an evolving algebra can be tailored to any algorithm at its own abstraction level. As example they gave an instructive proof which uses lower and higher views to show correctness of Lamport's bakery algorithm. We construct two evolving algebras capturing lower and higher view respectively, enabling a simple and concise proof of correctness for the bakery algorithm. Introduction Uri Abraham [Abraham93] has devised an instructive correctness proof for various variants of Lamport's bakery algorithm relying on a distinction between a lower view and a higher view of the algorithms. Actions at the higher level represents complex lower level computations. He formulates abstract conditions on higher level actions which are then shown to suffice for correctness and fairness (in form of a `firstcomefirstserved' property and deadlockfreedom) and to be satisfied by the correspondin...
win and sin: Predicate transformers for concurrency
 ACM Transactions on Programming Languages and Systems
, 1990
"... Digital Equipment Corporation The weakest liberal precondition and strongest postcondition predicate transformers are generalized to the weakest invariant and strongest invariant. These new predicate transformers are useful for reasoning about concurrent programs containing operations in which the ..."
Abstract

Cited by 31 (3 self)
 Add to MetaCart
Digital Equipment Corporation The weakest liberal precondition and strongest postcondition predicate transformers are generalized to the weakest invariant and strongest invariant. These new predicate transformers are useful for reasoning about concurrent programs containing operations in which the grain of atomicity is unspecified. They can also be used to replace behavioral arguments with more rigorous assertional ones.
A Discipline of Multiprogramming
, 1999
"... ion of the Scheduling Problem . . . . . . . . 70 4.3.2 Specification . . . . . . . . . . . . . . . . . . . . . . . . . 71 4.3.3 A Scheduling Strategy . . . . . . . . . . . . . . . . . . . . 71 4.3.4 The Correctness of the Scheduling Strategy . . . . . . . . 72 4.3.5 Proof of Maximality . . . . . . . ..."
Abstract

Cited by 29 (3 self)
 Add to MetaCart
ion of the Scheduling Problem . . . . . . . . 70 4.3.2 Specification . . . . . . . . . . . . . . . . . . . . . . . . . 71 4.3.3 A Scheduling Strategy . . . . . . . . . . . . . . . . . . . . 71 4.3.4 The Correctness of the Scheduling Strategy . . . . . . . . 72 4.3.5 Proof of Maximality . . . . . . . . . . . . . . . . . . . . . 74 4.3.6 Refining a Maximal Solution: Implementation of the Scheduling Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . 75 4.4 Designs of the Processors . . . . . . . . . . . . . . . . . . . . . . 77 Chapter 1 Introduction Objectbased sequential programming has had a major impact on software engineering. However, objectbased concurrent programming remains elusive as an effective programming tool. The class of applications that will be implemented on future highbandwidth networks of processors will be significantly more ambitious than the current applications (which are mostly involved with transmissions of digital data and images), and objectbas...
Mutual Exclusion Between Neighboring Nodes in a Tree That Stabilizes Using Read/Write Atomicity
 In Europar’99 Parallel Processing, Proceedings LNCS:1685
, 1998
"... . Our purpose in this paper is to propose a new protocol that can ensure mutual exclusion between neighboring nodes in a tree structured distributed system, i.e., under the given protocol no two neighboring nodes can execute their critical sections concurrently. This protocol can be used to run a se ..."
Abstract

Cited by 29 (5 self)
 Add to MetaCart
. Our purpose in this paper is to propose a new protocol that can ensure mutual exclusion between neighboring nodes in a tree structured distributed system, i.e., under the given protocol no two neighboring nodes can execute their critical sections concurrently. This protocol can be used to run a serial model self stabilizing algorithm in a distributed environment that accepts as atomic operations only send a message, receive a message an update a state. Unlike the scheme in [1], our protocol does not use timestamps (which are basically unbounded integers); our algorithm uses only bounded integers (actually, the integers can assume values only 0, 1, 2 and 3) and can be easily implemented. 1 Introduction Because of the popularity of the serial model and the relative ease of its use in designing new selfstabilizing algorithm, it is worthwhile to design lower level selfstabilizing protocols such that an algorithm developed for a serial model can be run in a distributed environment. Th...
Distributed FIFO Allocation of Identical Resources Using Small Shared Space
 ACM Transactions on Programming Languages and Systems
, 1989
"... Devices]: Modes of Computation parallelism General Terms: Algorithms, Performance, Reliability, Theory Additional Key Words and Phrases: Asynchronous system, distributed computing,' FIFO, lower bound, queue, resource allocation, shared memory, space complexity This work was supported in part by ..."
Abstract

Cited by 28 (2 self)
 Add to MetaCart
Devices]: Modes of Computation parallelism General Terms: Algorithms, Performance, Reliability, Theory Additional Key Words and Phrases: Asynchronous system, distributed computing,' FIFO, lower bound, queue, resource allocation, shared memory, space complexity This work was supported in part by the Office of Naval Research under contract N0001482K0154; by the U.S. Army Research Office under contract DAAG2979C0155; and by the National Science Foundation under grants MCS7702474, MCS7715628, MCS7801689, MCS8116678, and DCR8405478. N. A. Lynch's work was supported by NSF grant CCR8611442, DARPA N0001483K 0125, and ONR N0001485K0168.
Efficient FaultTolerant Algorithms for Distributed Resource Allocation
 ACM Transactions on Programming Languages and Systems
, 1995
"... this article, we first confine our attention to this particular problem and develop a suite of efficient and faulttolerant algorithms for it. Later, we consider other process synchronization problems in distributed systems and solve them through transformations based on the these algorithms. Some o ..."
Abstract

Cited by 28 (3 self)
 Add to MetaCart
this article, we first confine our attention to this particular problem and develop a suite of efficient and faulttolerant algorithms for it. Later, we consider other process synchronization problems in distributed systems and solve them through transformations based on the these algorithms. Some of the existing criteria to measure the performance of the solutions to the dining philosophers problem are response time [Lynch 1980], which measures the time delay between a process wishing to access the resources and it actually being able to do so, and message complexity (or economy [Chandy and Misra 1984]), which measures the number of messages sent or received by a process during each access to shared resources. We introduce a new criterion, failure locality, which measures the effect of process failures. In a solution with a small failure locality, a process is less likely to be affected by the failure of other processes. We examine these criteria in more detail next. Response time quantifies how long it takes a process to access the resources it has requested. In order to measure time in an asynchronous system, we assume bounds on the message delivery time in the communication network and the time for which a process holds onto requested resources after it has been granted exclusive access to them. Treating these bounds as constants and assuming local processing time to be negligible, it is possible to express the response time of an algorithm in terms of ffi, the maximum degree of the underlying conflict graph. A lower bound of \Omega\Gamma ffi)
Equational abstractions
 of LNCS
, 2003
"... Abstract. Abstraction reduces the problem of whether an infinite state system satisfies version. The most common abstractions are quotients of the original system. We present a simple method of defining quotient abstractions by means of equations collapsing the set of states. Our method yields the m ..."
Abstract

Cited by 28 (12 self)
 Add to MetaCart
Abstract. Abstraction reduces the problem of whether an infinite state system satisfies version. The most common abstractions are quotients of the original system. We present a simple method of defining quotient abstractions by means of equations collapsing the set of states. Our method yields the minimal quotient system together with a set of proof obligations that guarantee its executability and can be discharged with tools such as those in the Maude formal environment.
A New Approach to Proving the Correctness of Multiprocess
, 1979
"... A new, nonassertional approach to proving multiprocess program correctness is described by proving the correctness of a new algorithm to solve the mutual exclusion problem. The algorithm is an improved version of the bakery algorithm. It is specified and proved correct without being decomposed into ..."
Abstract

Cited by 27 (7 self)
 Add to MetaCart
A new, nonassertional approach to proving multiprocess program correctness is described by proving the correctness of a new algorithm to solve the mutual exclusion problem. The algorithm is an improved version of the bakery algorithm. It is specified and proved correct without being decomposed into indivisible, atomic operations. This allows two different implementations for a conventional, nondistributed system. Moreover, the approach provides a sufficiently general specification of the algorithm to allow nontrivial implementations for a distributed system as well.