UNIVERSITET technische universität dortmund Verification of a class of protocols: - **Dynamic creation** of processes - ▶ **Unique** ID for each process - Finite number of **registers** per process - Used to store the ID of others - Asynchronous communication # Dynamic Register Automata Verification of Buffered Dynamic Register Automata # [Bollig et al. 2010, 2013] - Dynamic Communication Automata - Asynchronous Communication - Applications: - Leader Election Protocol - Peer To Peer Protocol - Ad Hoc Networks [Bollig et al. 2010, 2013] [Parosh et al. 2014] - Verification of Dynamic Register Automata - Rendez-vous Communication - Sub-Classes for which basic verification properties are decidable [Bollig et al. 2010, 2013] [Parosh et al. 2014] [In This Work] - Verification of Dynamic Register Automata - Asynchronous Communication - Sub-Classes for which basic verification properties are decidable Formal Model **Operational Semantics** **Problem** Approach Results 7 #### **Process Model** #### **Process Model** #### **Process Model** #### **Process Model** #### **Process Model** Verification of Buffered Dynamic Register Automata #### **Process Model** 12/08 Verification of Buffered Dynamic Register Automata #### **Process Model** #### **Process Model** Verification of Buffered Dynamic Register Automata #### **Process Model** 25 Verification of Buffered Dynamic Register Automata #### **Process Model** 26 Verification of Buffered Dynamic Register Automata #### **Process Model** Verification of Buffered Dynamic Register Automata #### **Process Model** Verification of Buffered Dynamic Register Automata **Process Model** Configuration **Configuration Graph** Verification of Buffered Dynamic Register Automata **Process Model** Configuration Configuration Graph Communication Graph Verification of Buffered Dynamic Register Automata #### **Process Creation** Verification of Buffered Dynamic Register Automata #### **Process Creation** # Dynamic Register Automata Verification of Buffered Dynamic Register Automata # Dynamic Register Automata Verification of Buffered Dynamic Register Automata **Process Creation** Verification of Buffered Dynamic Register Automata ## **Process Creation** **Process Creation** ## **Process Creation** Verification of Buffered Dynamic Register Automata ## **Process Creation** **Process Creation** ## **Process Creation** ## **Process Creation** **Process Creation** Pro Message Sending Message Receiving 49 50 Verification of Buffered Dynamic Register Automata # Pro Message Sending m(5)q4 ql 3 **q4** 5 Ca Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata 53 Verification of Buffered Dynamic Register Automata # Pro Message Sending m(5)q4 ql 3 q4 5 Ca Verification of Buffered Dynamic Register Automata # Pro Message Sending m(5)q4 ql 3 X **q3** 5 Ca Verification of Buffered Dynamic Register Automata Pro Message Receiving Message senuing Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing 58 Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing 62 Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing 63 Verification of Buffered Dynamic Register Automata ## Pro Message Receiving Message senuing # Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata **Initial Configuration** 67 Verification of Buffered Dynamic Register Automata Run: Co, C1 # State Reachability Verification of Buffered Dynamic Register Automata # State Reachability Verification of Buffered Dynamic Register Automata # State Reachability Verification of Buffered Dynamic Register Automata Initial Configuration Run: Co, C1, C2, ..., Cn State Reachability Problem: Verification of Buffered Dynamic Register Automata #### State Reachability Problem: Given **q**<sub>BAD</sub>, is there a run starting from an **initial configuration** that reaches **a configuration** where **q**<sub>BAD</sub> occurs? Verification of Buffered Dynamic Register Automata #### State Reachability Problem: Given **q**<sub>BAD</sub>, is there a run starting from an **initial configuration** that reaches **a configuration** where **q**<sub>BAD</sub> occurs? Verification of Buffered Dynamic Register Automata State Reachability Problem: Undecidable Verification of Buffered Dynamic Register Automata State Reachability Problem: Undecidable Verification of Buffered Dynamic Register Automata #### State Reachability Problem: Undecidable Two counters Minsky Machine # Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata # **Buffered Dynamic Register Automata** Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Cycle Verification of Buffered Dynamic Register Automata <del>. Cycle .</del> ... ... ... ... ... Verification of Buffered Dynamic Register Automata <del>. Cycle .</del> Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy Verification of Buffered Dynamic Register Automata . Cycle . Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy Verification of Buffered Dynamic Register Automata <del>. Cycle .</del> Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata <del>. Cycle .</del> Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy . Cycle . Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Strongly Bound Simple Path Still: Unbounded Number of Processes Verification of Buffered Dynamic Register Automata . Cycle . Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy Verification of Buffered Dynamic Register Automata . Cycle . Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy 97 Verification of Buffered Dynamic Register Automata <del>. Cycle .</del> Bound the Buffer Bound Simple Path Strongly Bound Simple Path Lossy 10 Verification of Buffered Dynamic Register Automata #### Results Verification of Buffered Dynamic Register Automata State Reachability #### Results Verification of Buffered Dynamic Register Automata #### **State Reachability** . Cycles . State Reachability . Cycles . 10 ### Results Verification of Buffered Dynamic Register Automata # State Reachability . Cycles . ### **State Reachability** . Cycles . Strongly Bound Simple Path Bound Buffers 10<sup>r</sup> Verification of Buffered Dynamic Register Automata # State Reachability . Cycles . Strongly Bound Simple Path . Cycles . + **Bound Buffers** **Bound Buffers** + 108 Verification of Buffered Dynamic Register Automata ### State Reachability . Cycles . + Strongly Bound Simple Path . Cycles . + **Bound Buffers** **Bound Buffers** + Strongly Bound Simple Path .Cycles. **Bound Buffers** |+| ## State Reachability <del>. Cycles .</del> + Strongly Bound Simple Path . Cycles . + **Bound Buffers** **Bound Buffers** + Strongly Bound Simple Path .Cycles. **Bound Buffers** Strongly Bound Simple Path **Bound Buffers** ## State Reachability . Cycles . + Strongly Bound Simple Path . Cycles . + **Bound Buffers** **Bound Buffers** + Strongly Bound Simple Path .Cycles. **Bound Buffers** + Strongly Bound Simple Path Lossy + Bound Buffers Cycles . Strongly Bound Simple Path Cycles . **Bound Buffers** **Bound Buffers** Strongly Bound Simple Path + Acyclic Bound the Buffer Strongly Bound Simple Path + Lossy Bound the Buffer 112 #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . 113 #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . 115 Verification of Buffered Dynamic Register Automata #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . 116 #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . 117 #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . . Cycles . 119 #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . . Cycles . Bound Simple Path Verification of Buffered Dynamic Register Automata #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . . Cycles . Verification of Buffered Dynamic Register Automata #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . . Cycles . Verification of Buffered Dynamic Register Automata #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . . Cycles . **Bounded Buffers** Verification of Buffered Dynamic Register Automata #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . . Cycles . **Bounded Buffers** Bound Simple Path Verification of Buffered Dynamic Register Automata #### Transduction Problem Given two finite state machines $\mathbf{A}$ and $\mathbf{B}$ and a transducer $\mathbf{T}$ , is there $\mathbf{i} \in \mathbb{N}$ such that $\mathbf{T}^{\mathbf{i}}(\mathbf{A}) \in L(\mathbf{B})$ . <del>. Cycles .</del> **Bounded Buffers** Bound Simple Path **Bound Buffers** Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Verification of Buffered Dynamic Register Automata **Bound Buffers** + Strongly Bounded Simple Path Acyclic + Bound the Buffer + Strongly Bound Simple Path Verification of Buffered Dynamic Register Automata Acyclic + Bound the Buffer + Strongly Bound Simple Path Messages can **not** be sent with process IDs — Otherwise **cycles** would be created. Verification of Buffered Dynamic Register Automata Acyclic + Bound the Buffer + Strongly Bound Simple Path Finite # Registers (Suppose x and y) Verification of Buffered Dynamic Register Automata Acyclic + Bound the Buffer + Strongly Bound Simple Path Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Verification of Buffered Dynamic Register Automata Lossy + Bound the Buffer + Strongly Bound Simple Path 14 Verification of Buffered Dynamic Register Automata Lossy - + Bound the Buffer - + Strongly Bound Simple Path ### Well-Structured Transition Systems [Abdulla et al. 1996], [Finkel et al. 2001] Symbolic representation of infinite set of configurations Verification of Buffered Dynamic Register Automata Lossy - + Bound the Buffer - + Strongly Bound Simple Path - Define a **Well-Quasi Order** on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set Verification of Buffered Dynamic Register Automata Lossy - + Bound the Buffer - + Strongly Bound Simple Path - Define a Well-Quasi Order on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set th Verification of Buffered Dynamic Register Automata ## Well-Structured Transition Systems Define a **Well-Quasi Order** on configurations ### Ordering: subgraph relation ## Well-Structured Transition Systems Define a **Well-Quasi Order** on configurations ### Ordering: induced subgraph relation ## Well-Structured Transition Systems Define a Well-Quasi Order on configurations ## Ordering: induced subgraph relation Verification of Buffered Dynamic Register Automata ### Well-Structured Transition Systems Define a Well-Quasi Order on configurations Ordering: induced subgraph relation [Ding, 1992] Subgraphs and Well-Quasi Ordering (Induced) subgraph relation is a WQO on Strongly-Bounded graphs ## Well-Structured Transition Systems Define a Well-Quasi Order on configurations ### Ordering: induced subgraph relation \t.h th Verification of Buffered Dynamic Register Automata ### Well-Structured Transition Systems Define a Well-Quasi Order on configurations ### Ordering: induced subgraph relation Verification of Buffered Dynamic Register Automata Lossy - + Bound the Buffer - + Strongly Bound Simple Path - Define a Well-Quasi Order on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set Verification of Buffered Dynamic Register Automata Lossy - + Bound the Buffer - + Strongly Bound Simple Path - Define a Well-Quasi Order on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set # Strongly Safe DRA Verification of Dynamic Register Automata - Define a Well-Quasi Order on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set ## **Well-Structured Transition Systems** ▶ Prove **Monotonicity** of Transition Relation Ca $C_1$ $C_3$ ## **Well-Structured Transition Systems** ▶ Prove **Monotonicity** of Transition Relation Ca $C_1$ $C_3$ ### **Well-Structured Transition Systems** ▶ Prove **Monotonicity** of Transition Relation Ca 160 ## **Well-Structured Transition Systems** ## Well-Structured Transition Systems ## Well-Structured Transition Systems th # **Proofs** Verification of Buffered Dynamic Register Automata ### Well-Structured Transition Systems th Verification of Buffered Dynamic Register Automata ## Well-Structured Transition Systems ▶ Prove **Monotonicity** of Transition Relation ### Lossy ## Well-Structured Transition Systems ▶ Prove **Monotonicity** of Transition Relation ### Lossy ## Well-Structured Transition Systems ▶ Prove **Monotonicity** of Transition Relation 166 ## Well-Structured Transition Systems ### Well-Structured Transition Systems ▶ Prove **Monotonicity** of Transition Relation ### Subgraph relation: Register Mapping & States preserved ### Well-Structured Transition Systems ▶ Prove **Monotonicity** of Transition Relation ### Subgraph relation: Register Mapping & States preserved ### Well-Structured Transition Systems ▶ Prove **Monotonicity** of Transition Relation ### Subgraph relation: Register Mapping & States preserved Lossy + Bound the Buffer + Strongly Bound Simple Path - Define a Well-Quasi Order on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set Verification of Buffered Dynamic Register Automata Lossy + Bound the Buffer + Strongly Bound Simple Path Well-Structured Transition Systems - Define a Well-Quasi Order on configurations - ▶ Prove **Monotonicity** of Transition Relation - Provide an algorithm to compute the **Pre** of an upward closed set