Title :
Formal verification of algorithms for critical systems
Author :
Rushby, John M. ; Henke, Friedrich Von
Author_Institution :
SRI Int., Menlo Park, CA, USA
fDate :
1/1/1993 12:00:00 AM
Abstract :
The authors describe their experience with formal, machine-checked verification of algorithms for critical applications, concentrating on a Byzantine fault-tolerant algorithm for synchronizing the clocks in the replicated computers of a digital flight control system. The problems encountered in unsynchronized systems and the necessity, and criticality, of fault-tolerant synchronization are described. An overview of one such algorithm and of the arguments for its correctness are given. A verification of the algorithm performed using the authors´ EHDM system for formal specification and verification is described. The errors found in the published analysis of the algorithm and benefits derived from the verification are indicated. Based on their experience, the authors derive some key requirements for a formal specification and verification system adequate to the task of verifying algorithms of the type considered. The conclusions regarding the benefits of formal verification in this domain and the capabilities required of verification systems in order to realize those benefits are summarized
Keywords :
fault tolerant computing; formal specification; formal verification; safety; software reliability; synchronisation; Byzantine fault-tolerant algorithm; EHDM system; critical systems; digital flight control system; fault-tolerant synchronization; formal specification; machine-checked verification; Aerospace control; Aircraft; Application software; Clocks; Control systems; Fault tolerance; Fault tolerant systems; Formal specifications; Formal verification; Synchronization;
Journal_Title :
Software Engineering, IEEE Transactions on
