Verification of a distributed computing system by layered proofs

This paper presents a technique for the verification of “full” distributed computing systems, building on the CLI stack which addresses verification of a layered sequential system. This paper also presents the application of our technique to the verification of a distributed system of three layers: a small high-level distributed programming language (microSR); a multiple processor architecture consisting of an instruction set and system calls; and a network interface. MicroSR programs are implemented by a compiler from microSR to the multiprocessor layer. System calls (for interprocess message passing) are implemented by network services. This work demonstrates that the correctness of a distributed program, most notably its interprocess communication, is verifiable through layers that guarantee the correctness of the compiled code that makes reference to operating system calls, of the operating system calls in terms of network calls, and of the network calls in terms of network transmission steps. The Cambridge HOL system is used for the specification and the proofs