Verifying safety of a token coherence implementation by parametric compositional refinement

Authors:
Sebastian Burckhardt;Rajeev Alur;Milo M. K. Martin
Affiliations:
Department of Computer Science, University of Pennsylvania;Department of Computer Science, University of Pennsylvania;Department of Computer Science, University of Pennsylvania
Venue:
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Year:
2005

Citing 27
Cited 2

A class of compatible cache consistency protocols and their support by the IEEE futurebus

ISCA '86 Proceedings of the 13th annual international symposium on Computer architecture
Parallel program design: a foundation

Parallel program design: a foundation
A structural induction theorem for processes

Proceedings of the eighth annual ACM Symposium on Principles of distributed computing
The chemical abstract machine

Selected papers of the Second Workshop on Concurrency and compositionality
Reasoning about systems with many processes

Journal of the ACM (JACM)
Computer-aided verification of coordinating processes: the automata-theoretic approach

Computer-aided verification of coordinating processes: the automata-theoretic approach
Conjoining specifications

ACM Transactions on Programming Languages and Systems (TOPLAS)
Verification of FLASH cache coherence protocol by aggregation of distributed transactions

Proceedings of the eighth annual ACM symposium on Parallel algorithms and architectures
Verification techniques for cache coherence protocols

ACM Computing Surveys (CSUR)
Verifying parameterized networks

ACM Transactions on Programming Languages and Systems (TOPLAS)
Communicating and mobile systems: the &pgr;-calculus

Communicating and mobile systems: the &pgr;-calculus
Expressing interesting properties of programs in propositional temporal logic

POPL '86 Proceedings of the 13th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Handbook of Process Algebra

Handbook of Process Algebra
Specifying and Verifying a Broadcast and a Multicast Snooping Cache Coherence Protocol

IEEE Transactions on Parallel and Distributed Systems
Verifying a Multiprocessor Cache Controller Using Random Test Generation

IEEE Design & Test
Using Term Rewriting Systems to Design and Verify Processors

IEEE Micro
Formal Design of Cache Memory Protocols in IBM

Formal Methods in System Design
Protocol Verification as a Hardware Design Aid

ICCD '92 Proceedings of the 1991 IEEE International Conference on Computer Design on VLSI in Computer & Processors
A Compositional Rule for Hardware Design Refinement

CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Verification of an Implementation of Tomasulo's Algorithm by Compositional Model Checking

CAV '98 Proceedings of the 10th International Conference on Computer Aided Verification
Automatic Verification of Parameterized Cache Coherence Protocols

CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Verifying Network Protocol Implementations by Symbolic Refinement Checking

CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Parameterized Verification with Automatically Computed Inductive Assertions

CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
The Murphi Verification System

CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
Reducing Model Checking of the Many to the Few

CADE-17 Proceedings of the 17th International Conference on Automated Deduction
Reactive Modules

LICS '96 Proceedings of the 11th Annual IEEE Symposium on Logic in Computer Science
Token coherence: decoupling performance and correctness

Proceedings of the 30th annual international symposium on Computer architecture

Scalable and reliable communication for hardware transactional memory

Proceedings of the 17th international conference on Parallel architectures and compilation techniques
Fractal Coherence: Scalably Verifiable Cache Coherence

MICRO '43 Proceedings of the 2010 43rd Annual IEEE/ACM International Symposium on Microarchitecture

Quantified Score

Hi-index	0.00

Visualization

Abstract

We combine compositional reasoning and reachability analysis to formally verify the safety of a recent cache coherence protocol. The protocol is a detailed implementation of token coherence, an approach that decouples correctness and performance. First, we present a formal and abstract specification that captures the safety substrate of token coherence, and highlights the symmetry in states of the cache controllers and contents of the messages they exchange. Then, we prove that this abstract specification is coherent, and check whether the implementation proposed by the protocol designers is a refinement of the abstract specification. Our refinement proof is parametric in the number of cache controllers, and is compositional as it reduces the refinement checks to individual controllers using a specialized form of assume-guarantee reasoning. The individual refinement obligations are discharged using refinement maps and reachability analysis. While the formal proof justifies the intuitive claim by the designers about the ease of verifiability of token coherence, we report on several bugs in the implementation, and accompanying modifications, that were missed by extensive prior simulations.