A proof technique for liveness properties of multifunction composite protocols

In protocol composition techniques, component protocols are combined in various ways to obtain a complex protocol whose execution sequences consist of interleaved execution sequences of the component protocols. We investigate the problem of verifying liveness properties of the composite protocol from the known properties of its components. We first characterize a class of composition techniques that encompasses almost all composition techniques that have appeared in the literature. We then develop a sufficient condition to ensure that certain liveness properties of the component protocols carry over to the composite protocol. A proof technique, based on this sufficient condition, is then used to determine whether the liveness properties of the component protocols also hold for the composite protocol. To demonstrate the usefulness of our technique, we use several protocols including synchronizing, ordering and disabling protocols as examples. The technique is applicable to any transition based protocol model as long as the model is susceptible to reachability analysis for the sake of correctness proofs