In verifying finite state systems such as communication protocols or hardware controllers, we may be required to reason about systems comprised of a finite but effectively unbounded number of components. Examples are a network with an unspecified number of hosts, a multiprocessor with an unspecified number of CPU’s, or a queue with an unspecified number of buffers. We would like to show that the system performs a certain set of tasks, regardless of the number of components. There are two problems which prevent the direct application of automatic verification systems which use state-space search (e.g., COSPAN [HK88]) to such a problem. The first problem is that such methods can be applied directly only to a fixed state space; it is generally not possible to quantify over the number of processes. The second problem is commonly referred to as the state space explosion problem. In principle, the verification method could be applied exhaustively to the l-process system, the 2-process system, etc., until the largest possible system was verified. In practice, the fact that the number of states in a system increases geometrically with the number of components makes this approach infeasible. We present an induction method that allows us to infer properties of systems of unbounded size, but constructed by a uniform rule, from properties automatically verified on a system of fixed (and, presumably, small) size. The basis of this method is the sirvctzlral induction theorem for processes. Three methods have been described previously for verifying properties of systems with an unbounded number of identical processes. Homomorphic reduction [Kur85, Kur87] is a general framework for reducing the complexity of testing arbitrary w-regular properties in finite-state systems. The regularity of systems
{"title":"A structural induction theorem for processes","authors":"R. Kurshan, K. McMillan","doi":"10.1145/72981.72998","DOIUrl":"https://doi.org/10.1145/72981.72998","url":null,"abstract":"In verifying finite state systems such as communication protocols or hardware controllers, we may be required to reason about systems comprised of a finite but effectively unbounded number of components. Examples are a network with an unspecified number of hosts, a multiprocessor with an unspecified number of CPU’s, or a queue with an unspecified number of buffers. We would like to show that the system performs a certain set of tasks, regardless of the number of components. There are two problems which prevent the direct application of automatic verification systems which use state-space search (e.g., COSPAN [HK88]) to such a problem. The first problem is that such methods can be applied directly only to a fixed state space; it is generally not possible to quantify over the number of processes. The second problem is commonly referred to as the state space explosion problem. In principle, the verification method could be applied exhaustively to the l-process system, the 2-process system, etc., until the largest possible system was verified. In practice, the fact that the number of states in a system increases geometrically with the number of components makes this approach infeasible. We present an induction method that allows us to infer properties of systems of unbounded size, but constructed by a uniform rule, from properties automatically verified on a system of fixed (and, presumably, small) size. The basis of this method is the sirvctzlral induction theorem for processes. Three methods have been described previously for verifying properties of systems with an unbounded number of identical processes. Homomorphic reduction [Kur85, Kur87] is a general framework for reducing the complexity of testing arbitrary w-regular properties in finite-state systems. The regularity of systems","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130162151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abstract : In (A88), Abrahamson presented a solution to the randomized consensus problem of Chor, Israeli and Li (CIL87), without assuming the existence of anatomic coin flip operation. This elegant algorithm uses unbounded memory, and has expected exponential running time. In (AH89), Aspens and Herlihy provide a breakthrough polynomial-time algorithm. However, it too is based on the use of unbounded memory. In this paper, we present a solution to the randomized consensus problem, that is bounded in space and runs in polynomial expected time.
{"title":"Bounded polynomial randomized consensus","authors":"H. Attiya, D. Dolev, N. Shavit","doi":"10.1145/72981.73001","DOIUrl":"https://doi.org/10.1145/72981.73001","url":null,"abstract":"Abstract : In (A88), Abrahamson presented a solution to the randomized consensus problem of Chor, Israeli and Li (CIL87), without assuming the existence of anatomic coin flip operation. This elegant algorithm uses unbounded memory, and has expected exponential running time. In (AH89), Aspens and Herlihy provide a breakthrough polynomial-time algorithm. However, it too is based on the use of unbounded memory. In this paper, we present a solution to the randomized consensus problem, that is bounded in space and runs in polynomial expected time.","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"561 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116450746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Two tasks of communication in a multi-hop synchronous radio network are considered: point-to-point communication and broadcast (sending a message to all nodes of a network). Efficient protocols for both problems are presented. Even though the protocols are probabilistic, it is shown how to acknowledge messages deterministically. Let n, D, and ∆ be the number of nodes, the diameter and the maximum degree of our network, respectively. Both protocols require a setup phase in which a BFS tree is constructed. This phase takes O ((n + Dlogn)log∆) time. After the setup, k point-to-point transmissions require O ((k +D)log∆) time on the average. Therefore the network allows a new transmission every O (log∆) time slots. Also, k broadcasts require an average of O ((k +D)log∆logn) time. Hence the average throughput of the network is a broadcast every O(log∆logn) time slots. Both protocols pipeline the messages along the BFS tree. They are always successful on the graph spanned by the BFS tree. Their probabilistic behavior refers only to the running time. Using the above protocols the ranking problem is solved in O (nlognlog∆) time. The performance analysis of both protocols constitutes a new application of queueing theory.
{"title":"Multiple communication in multi-hop radio networks","authors":"R. Bar-Yehuda, A. Israeli","doi":"10.1145/72981.73005","DOIUrl":"https://doi.org/10.1145/72981.73005","url":null,"abstract":"Two tasks of communication in a multi-hop synchronous radio network are considered: point-to-point communication and broadcast (sending a message to all nodes of a network). Efficient protocols for both problems are presented. Even though the protocols are probabilistic, it is shown how to acknowledge messages deterministically. Let n, D, and ∆ be the number of nodes, the diameter and the maximum degree of our network, respectively. Both protocols require a setup phase in which a BFS tree is constructed. This phase takes O ((n + Dlogn)log∆) time. After the setup, k point-to-point transmissions require O ((k +D)log∆) time on the average. Therefore the network allows a new transmission every O (log∆) time slots. Also, k broadcasts require an average of O ((k +D)log∆logn) time. Hence the average throughput of the network is a broadcast every O(log∆logn) time slots. Both protocols pipeline the messages along the BFS tree. They are always successful on the graph spanned by the BFS tree. Their probabilistic behavior refers only to the running time. Using the above protocols the ranking problem is solved in O (nlognlog∆) time. The performance analysis of both protocols constitutes a new application of queueing theory.","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114297592","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abstract : This talk is about impossibility results in the area of distributed computing. In this category, I include not just results that say that a particular task cannot be accomplished, but also lower bound results, which say that a task cannot be accomplished within a certain bound on cost. I started out with a simple plan for preparing this talk: I would spend a couple of weeks reading all the impossibility proofs in our fields, and would categorize them according to the ideas used. Then I would make wise and general observations, and try to predict where the future of this area is headed. That turned out to be a bit too ambitious; there are many more such results than I thought. Although it is often hard to say what constitutes ad different results, I managed to count over 100 such impossibility proofs And my search wasn't even very systematic or exhaustive. It's not quite as hopeless to understand this area as it might seem from the number of papers. Although there are 100 different results, there aren't 100 different ideas. I thought I could contribute something by identifying some of the commonality among the different results.
{"title":"A hundred impossibility proofs for distributed computing","authors":"N. Lynch","doi":"10.1145/72981.72982","DOIUrl":"https://doi.org/10.1145/72981.72982","url":null,"abstract":"Abstract : This talk is about impossibility results in the area of distributed computing. In this category, I include not just results that say that a particular task cannot be accomplished, but also lower bound results, which say that a task cannot be accomplished within a certain bound on cost. I started out with a simple plan for preparing this talk: I would spend a couple of weeks reading all the impossibility proofs in our fields, and would categorize them according to the ideas used. Then I would make wise and general observations, and try to predict where the future of this area is headed. That turned out to be a bit too ambitious; there are many more such results than I thought. Although it is often hard to say what constitutes ad different results, I managed to count over 100 such impossibility proofs And my search wasn't even very systematic or exhaustive. It's not quite as hopeless to understand this area as it might seem from the number of papers. Although there are 100 different results, there aren't 100 different ideas. I thought I could contribute something by identifying some of the commonality among the different results.","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130588169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
What should it mean for an agent to know or believe an assertion is true with probability 9.99? Different papers [2, 6, 15] give different answers, choosing to use quite different probability spaces when computing the probability that an agent assigns to an event. We show that each choice can be understood in terms of a betting game. This betting game itself can be understood in terms of three types of adversaries influencing three different aspects of the game. The first selects the outcome of all nondeterministic choices in the system; the second represents the knowledge of the agent's opponent in the betting game (this is the key place the papers mentioned above differ); and the third is needed in asynchronous systems to choose the time the bet is placed. We illustrate the need for considering all three types of adversaries with a number of examples. Given a class of adversaries, we show how to assign probability spaces to agents in a way most appropriate for that class, where “most appropriate” is made precise in terms of this betting game. We conclude by showing how different assignments of probability spaces (corresponding to different opponents) yield different levels of guarantees in probabilistic coordinated attack.
{"title":"Knowledge, probability, and adversaries","authors":"Joseph Y. Halpern, M. Tuttle","doi":"10.1145/153724.153770","DOIUrl":"https://doi.org/10.1145/153724.153770","url":null,"abstract":"What should it mean for an agent to know or believe an assertion is true with probability 9.99? Different papers [2, 6, 15] give different answers, choosing to use quite different probability spaces when computing the probability that an agent assigns to an event. We show that each choice can be understood in terms of a betting game. This betting game itself can be understood in terms of three types of adversaries influencing three different aspects of the game. The first selects the outcome of all nondeterministic choices in the system; the second represents the knowledge of the agent's opponent in the betting game (this is the key place the papers mentioned above differ); and the third is needed in asynchronous systems to choose the time the bet is placed. We illustrate the need for considering all three types of adversaries with a number of examples. Given a class of adversaries, we show how to assign probability spaces to agents in a way most appropriate for that class, where “most appropriate” is made precise in terms of this betting game. We conclude by showing how different assignments of probability spaces (corresponding to different opponents) yield different levels of guarantees in probabilistic coordinated attack.","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"317 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131836477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A deterministic message-communicating process can be characterised by a “continuous” functionf which describes the relationship between the inputs and the outputs of the process. The operational behaviour of a network of deterministic processes can be deduced from the least fixpoint of a functiong, whereg is obtained from the functions that characterise the component processes of the network. We show in this paper that a nondeter-ministic process can be characterised by a “description” consisting of a pair of functions. The behaviour of a network consisting of such processes can be obtained from the “smooth” solutions of the descriptions characterising its component processes. The notion of smooth solution is a generalisation of least fixpoint. Descriptions enjoy the crucial property that a variable may be replaced by its definition.
{"title":"Equational reasoning about nondeterministic processes","authors":"J. Misra","doi":"10.1145/72981.72983","DOIUrl":"https://doi.org/10.1145/72981.72983","url":null,"abstract":"A deterministic message-communicating process can be characterised by a “continuous” functionf which describes the relationship between the inputs and the outputs of the process. The operational behaviour of a network of deterministic processes can be deduced from the least fixpoint of a functiong, whereg is obtained from the functions that characterise the component processes of the network. We show in this paper that a nondeter-ministic process can be characterised by a “description” consisting of a pair of functions. The behaviour of a network consisting of such processes can be obtained from the “smooth” solutions of the descriptions characterising its component processes. The notion of smooth solution is a generalisation of least fixpoint. Descriptions enjoy the crucial property that a variable may be replaced by its definition.","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1989-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124775937","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","authors":"","doi":"10.1145/72981","DOIUrl":"https://doi.org/10.1145/72981","url":null,"abstract":"","PeriodicalId":167067,"journal":{"name":"Proceedings of the eighth annual ACM Symposium on Principles of distributed computing","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121589963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: