Distributed algorithms are present in our daily life and we depend on the correct functioning of complex distributed computing systems as, for instance, communication protocols for establishing sessions between a smartphone and a bank account or synchronisation and management of shared resources among competing processes. Generally, the design and the implementation of distributed algorithms are still error prone and it is mainly due to the relationship between the theory of distributed computing and practical techniques for designing and verifying the correctness of reliable distributed systems. Formal proofs of distributed algorithms are long, hard and tedious and the gap between the real algorithm and its formal proof is very important. In this talk, we consider the correct-by-construction approach based on the refinement of state-based models, which are progressively transformed, in order to obtain a state-based model that is translated into a distributed algorithm.The stepwise development of algorithms has been first initiated in the seminal works of Dijkstra [15], Back [7] or Morgan [23]. Next, UNITY [14] has proposed a rich framework for designing distributed algorithms combining a simple temporal logic for expressing required properties and a simple language for expressing actions modifying state variables under fairness assumption. TLA/TLA +  [18] proposes a general modelling language based on a temporal ogic of actions combined with a set-theoretical modelling language for data and is extended by a specific algorithmic language namely PlusCAL, which is translated into TLA +  and which is closer to the classical way to express a distributed algorithm. Finally, Event-B [2,12] is a modelling language which can describe state-based models and required safety properties. The main objective is to provide a technique for incremental and proof-based development of reactive systems. It integrates set-theoretical notations and a first-order predicate calculus, models called machines; it includes the concept of refinement expressing the simulation of machine by another one. An Event-B machine models a reactive system i.e. a system driven by its environment and reacting to its stimuli. An important property of these machines is that its events preserve the invariant properties defining a set of reachable states. The Event-B method has been developed from the classical B method [1] and it offers a general framework for developing the correct-by-construction systems by using an incremental approach for designing the models by refinement. Refinement [7,15] is a relationship relating two models such that one model is refining or simulating the other one. When an abstract model is refined by a concrete model, it means that the concrete model simulates the abstract model and that any safety property of the abstract model is also a safety property of the concrete model. In particular, the concrete model preserves the invariant properties of the abstract model. Event-B aims to express models of systems characterized by its invariant and by a list of safety properties. However, we can consider liveness properties as in UNITY [14] or TLA +  [18,17] but in a restricted way.In our talk, we will summarize results related to proof-based patterns in Event-B (see for instance http://rimel.loria.fr) and ongoing works on translations of Event-B models into (distributed) algorithms. Proof-based patterns help for using refinement and for developing models from a very abstract one. The strategy for refining is a very crucial activity, when using Event-B, and the problem is to choose the abstract models that will be refined into implementable state-based models (see http://eb2all.loria.fr). We focus on the design of dustributed algorithms. For instance, the leader election protocol [3] is the kick-off case study which has led to questions on the use of Event-B for developing correct distributed algorithms: introduction of time constraints [13], probabilistic Event-B [16]. Moreover, the local computation model [25] (see http://visidia.labri.fr) has been integrated to the refinement-based approach. More recently, our joint work [21] leads to a general plugin for producing sequential algorithms from Event-B models and implement the call-as-event paradigm [19]. More recently, we extend the call-as-event paradigm by the service-as-event paradigm [22,6,4,5] and we take into account the design of distributed algorithms. Finally, we will compare the classical method [24] for verifying distributed programs and the refinement-based method that we have used in many case studies [11]. These results are used for lectures in school of cmputing engineering and master programmes and we will give some feedbacks from these experiences. Case studies [9,8,20] play a fundamental role for helping us to discover new strategies, namely proof-based patterns, for developing distributed algorithms.

EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Main/Exploration

HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000928 | SxmlIndent | more

HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 000928 | SxmlIndent | more

{{Explor lien
   |wiki=    Wicri/Lorraine
   |area=    InforLorV4
   |flux=    Main
   |étape=   Exploration
   |type=    RBID
   |clé=     Hal:hal-01097625
   |texte=   Playing with State-Based Models for Designing Better Algorithms
}}