Results 1  10
of
22
TimeConstrained Automata
 CONCUR '91: 2nd International Conference on Concurrency Theory, volume 527 of Lecture Notes in Computer Science
, 1991
"... ) Michael Merritt AT&T Bell Laboratories 600 Mountain Avenue Murray Hill, NJ 07974 merritt@research.att.com Francesmary Modugno School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 fmm@cs.cmu.edu Mark R. Tuttle DEC Cambridge Research Lab One Kendall Sq., Bldg. 700 Cambridg ..."
Abstract

Cited by 83 (0 self)
 Add to MetaCart
) Michael Merritt AT&T Bell Laboratories 600 Mountain Avenue Murray Hill, NJ 07974 merritt@research.att.com Francesmary Modugno School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 fmm@cs.cmu.edu Mark R. Tuttle DEC Cambridge Research Lab One Kendall Sq., Bldg. 700 Cambridge, MA 02139 tuttle@crl.dec.com Abstract In this paper, we augment the inputoutput automaton model in order to reason about time in concurrent systems, and we prove simple properties of this augmentation. The inputoutput automata model is a useful model for reasoning about computation in concurrent and distributed systems because it allows fundamental properties such as fairness and compositionality to be expressed easily and naturally. A unique property of the model is that systems are modeled as the composition of autonomous components. This paper describes a way to add a notion of time to the model in a way that preserves these properties. The result is a simple, compositional model fo...
Bounds on the Time to Reach Agreement in the Presence of Timing Uncertainty (Extended Abstract)
, 1991
"... Upper and lower bounds are proved for the real time complexity of the problem of reaching agreement in a distributed network, in the presence of process failures and inexact information about time. It is assumed that the amount of (real) time between any two consecutive steps of any nonfaulty proces ..."
Abstract

Cited by 43 (5 self)
 Add to MetaCart
Upper and lower bounds are proved for the real time complexity of the problem of reaching agreement in a distributed network, in the presence of process failures and inexact information about time. It is assumed that the amount of (real) time between any two consecutive steps of any nonfaulty process is at least c1 and at most c2; thus, C = c2/c1 is a measure of the timing uncertainty. It is also assumed that the time for message delivery is at most d. Processes are assumed to fail by stopping, so that process failures can be detected by timeouts. Let T denote...
Are WaitFree Algorithms Fast?
, 1991
"... The time complexity of waitfree algorithms in "normal" executions, where no failures occur and processes operate at approximately the same speed, is considered. A lower bound of log n on the time complexity of any waitfree algorithm that achieves approximate agreement among n processes is proved. ..."
Abstract

Cited by 42 (12 self)
 Add to MetaCart
The time complexity of waitfree algorithms in "normal" executions, where no failures occur and processes operate at approximately the same speed, is considered. A lower bound of log n on the time complexity of any waitfree algorithm that achieves approximate agreement among n processes is proved. In contrast, there exists a nonwaitfree algorithm that solves this problem in constant time. This implies an (log n) time separation between the waitfree and nonwaitfree computation models. On the positive side, we present an O(log n) time waitfree approximate agreement algorithm; the complexity of this algorithm is within a small constant of the lower bound.
Timed I/O Automata: A Mathematical Framework for Modeling and Analyzing RealTime Systems
 In RTSS 2003: The 24th IEEE International RealTime Systems Symposium, Cancun,Mexico
, 2003
"... We describe the Timed Input/Output Automata (TIOA) framework, a general mathematical framework for modeling and analyzing realtime systems. It is based on timed I/O automata, which engage in both discrete transitions and continuous trajectories. The framework includes a notion of external behavior, ..."
Abstract

Cited by 31 (12 self)
 Add to MetaCart
We describe the Timed Input/Output Automata (TIOA) framework, a general mathematical framework for modeling and analyzing realtime systems. It is based on timed I/O automata, which engage in both discrete transitions and continuous trajectories. The framework includes a notion of external behavior, and notions of composition and abstraction. We define safety and liveness properties for timed I/O automata, and a notion of receptiveness, and prove basic results about all of these notions. The TIOA framework is defined as a special case of the new Hybrid I/O Automata (HIOA) modeling framework for hybrid systems. Specifically, a TIOA is an HIOA with no external variables; thus, TIOAs communicate via shared discrete actions only, and do not interact continuously. This restriction is consistent with previous realtime system models, and gives rise to some simplifications in the theory (compared to HIOA). The resulting model is expressive enough to describe complex timing behavior, and to express the important ideas of previous timed automata frameworks.
The IOA Language and Toolset: Support for Designing, Analyzing, and Building Distributed Systems
, 1998
"... This report describes a new language for distributed programming, the IOA language, together with a highlevel design and preliminary implementation for a suite of tools, the IOA toolset, to support the production of highquality distributed software. The language and tools are based on the I/O a ..."
Abstract

Cited by 28 (9 self)
 Add to MetaCart
This report describes a new language for distributed programming, the IOA language, together with a highlevel design and preliminary implementation for a suite of tools, the IOA toolset, to support the production of highquality distributed software. The language and tools are based on the I/O automaton model, which has been used to describe and verify distributed algorithms. The toolset supports a development process that begins with a highlevel specification, refines that specification via successively more detailed designs, and ends by automatically generating distributed programs. The toolset encourages system decomposition, which helps make distributed programs understandable and easy to modify. It also provides a variety of validation methods (theorem proving, model checking, and simulation), which can be used to ensure that the generated programs are correct, subject to assumptions about externallyprovided system services (e.g., communication services), and about the correctness of handcoded data type implementations.
IO Automaton Models and Proofs for SharedKey Communication Systems
 12th Computer Security Foundations Workshop (CSFW), IEEE
, 1999
"... The combination of two security protocols, a simple sharedkey communication protocol and the Di#eHellman key distribution protocol, is modeled formally and proved correct. The modeling is based on the I#O automaton model for distributed algorithms, and the proofs are based on invariant assertio ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
The combination of two security protocols, a simple sharedkey communication protocol and the Di#eHellman key distribution protocol, is modeled formally and proved correct. The modeling is based on the I#O automaton model for distributed algorithms, and the proofs are based on invariant assertions, simulation relations, and compositional reasoning. Arguments about the cryptosystems are handled separately from arguments about the protocols.
Early Detection of Message Forwarding Faults
 SIAM J. Comput
, 2000
"... In most communication networks, pairs of processors communicate by sending messages over a path connecting them. We present communication e cient protocols that quickly detect and locate any failure along the path. Whenever there is excessive delay inforwarding messages along the path, the protocols ..."
Abstract

Cited by 22 (2 self)
 Add to MetaCart
In most communication networks, pairs of processors communicate by sending messages over a path connecting them. We present communication e cient protocols that quickly detect and locate any failure along the path. Whenever there is excessive delay inforwarding messages along the path, the protocols detect a failure (even when the delay is caused by maliciouslyprogrammed processors). The protocols ensure optimal time for either message delivery or failure detection. We observe that the actual delivery time of a message over a link is usually much smaller than the apriori known upper bound D on that delivery time. The main contribution of the paper is the way tomodelandtakeadvantage of this observation. We introduce the notion of asynchronously early determinating protocols, as well as protocols that are asynchronously early terminating, i.e., time optimal in both worse case and typical cases. More precisely, we present a time complexity measure according to which one evaluates protocols both in terms of D and.Weobserve that asynchronously early termination is a form of competitiveness. The protocols presented here are asynchorously early terminating since they are time optimal both in terms of D and of. Previous communication e cient solutions were slow in the case where D. Weobserve that this is the most typical case. Preliminary reports of parts of the work reported here appeared in the proceedings of the ICCC 88
A Prototyping Environment for Specifying, Executing and Checking Communicating RealTime State Machines
 SoftwarePractice and Experience
, 1994
"... this paper and in Reference 3, the simulator/assertion checker responds to singlestep commands from the user in realtime ..."
Abstract

Cited by 18 (5 self)
 Add to MetaCart
this paper and in Reference 3, the simulator/assertion checker responds to singlestep commands from the user in realtime
Fast Timingbased Algorithms
 Distributed Computing
, 1996
"... Concurrent systems in which there is a known upper bound \Delta on memory access time are considered. Two prototypical synchronization problems, mutual exclusion and consensus, are studied and solutions that have constant (i.e. independent of \Delta and the total number of processes) time complexity ..."
Abstract

Cited by 16 (5 self)
 Add to MetaCart
Concurrent systems in which there is a known upper bound \Delta on memory access time are considered. Two prototypical synchronization problems, mutual exclusion and consensus, are studied and solutions that have constant (i.e. independent of \Delta and the total number of processes) time complexity in the absence of contention are presented. For mutual exclusion, in the absence of contention, a process needs only five accesses to the shared memory to enter its critical section, and in the presence of contention, the winning process may need to delay itself for 4 \Delta \Delta time units. For consensus, in absence of contention, a process decides after four accesses to the shared memory, and in the presence of contention, it may need to delay itself for \Delta time units. 1 Introduction The possibility and complexity of synchronization in a distributed environment depends heavily on timing assumptions. In the asynchronous model no timing assumptions are made about the relative speeds ...
Multivalued Possibilities Mappings
 Stepwise Refinement of Distributed Systems, volume LNCS 430
, 1989
"... Abstraction mappings are one of the major tools used to construct correctness proofs for concurrent algorithms. Several examples axe given of situations in which it is useful to allow the abstraction mappings to be multivalued, The examples involve algorithm optimization, algorithm distribution, and ..."
Abstract

Cited by 13 (2 self)
 Add to MetaCart
Abstraction mappings are one of the major tools used to construct correctness proofs for concurrent algorithms. Several examples axe given of situations in which it is useful to allow the abstraction mappings to be multivalued, The examples involve algorithm optimization, algorithm distribution, and proofs of time bounds.