The document describes formal verification of checkpointing in a distributed database system using Event-B. It presents an Event-B model that specifies the checkpointing process. Key aspects of the model include assigning timestamps to messages and transactions, marking transactions as before or after checkpoint based on their timestamps, and computing a global checkpoint number. The model is verified using the Rodin tool to ensure the checkpointing process satisfies correctness properties.
A NEW INNOVATION TECHNIQUE OF STATE TRANSITION TESTING USED FOR DBTieijjournal
The process of exploitation the database to ensure the correctness of data manipulation, and a tendency to
accomplished associations. The transaction is a fit of logic procedure units; the data modification from one state to some other state is represented with database transaction state diagram to substantiate uniformity of data inside the database. The data manipulation ought to separate groups of logic cells, and once it all finished, data consistency can be maintained, and once a piece of this unit fails, the whole transaction
ought to be absolutely thought-about an error, all succeeding operations from the starting point should all fall back to the starting state. It has become a necessary to test database transaction states; a replacement technique of state transition testing is represented and designed test cases in this paper. The database State diagram direct testing by given the states, events, actions, and transitions that ought to be tested.
This presentation discusses the following topics:
Introduction to Query Processing
Need for Query processing
Architecture of Query Processing
Query Processing Steps
Phases in a typical query processing
Represented in relational structures
Translating SQL Queries into Relational Algebra
Query Optimization
Importance of Query Optimization
Actions of Query Optimization
The document discusses use case modeling and provides information on key concepts:
- A use case describes interactions between a system and external users (actors) to achieve a goal. It specifies system behavior but not implementation.
- Key components of use case modeling include actors, use cases, relationships between use cases like inclusion and extension, and use case descriptions.
- Use cases capture functional requirements while use case descriptions elaborate different scenarios through structured text or pseudocode. Organizing use cases into packages supports generalization and specialization.
Basic principles of blind write protocoljournalBEEI
The current approach to handle interleaved write operation and preserve consistency in relational database system still relies on the locking protocol. If any entity is locked by any transaction, then it becomes temporary unavailable to other transaction until the lock is released. The temporary unavailability can be more often if the number of write operation increases as happens in the application systems that utilize IoT technology or smartphone devices to collect the data. To solve this problem, this research is proposed blind write protocol which does not lock the entity while the transaction is performing a write operation. This paper presents the basic principles of blind write protocol implementation in a relational database system.
This presentation discusses about the following topics:
Transaction processing systems
Introduction to TRANSACTION
Need for TRANSACTION
Operations
Transaction Execution and Problems
Transaction States
Transaction Execution with SQL
Transaction Properties
Transaction Log
Review of Some Checkpointing Schemes for Distributed and Mobile Computing Env...Eswar Publications
Fault Tolerance Techniques facilitate systems to carry out tasks in the incidence of faults. A checkpoint is a local state of a process saved on stable storage. In a distributed system, since the processes in the system do not share memory; a global state of the system is defined as a combination of local states, one from each process. In case of a fault in distributed systems, checkpointing enables the execution of a program to be resumed from a previous consistent global state rather than resuming the execution from the commencement. In this way, the sum of constructive processing vanished because of the fault is appreciably reduced. In this paper, we talk about various issues related to the checkpointing for distributed systems and mobile computing environments. We also confer
various types of checkpointing: coordinated checkpointing, asynchronous checkpointing, communication induced
checkpointing and message logging based checkpointing. We also present a survey of some checkpointing algorithms for distributed systems.
BIO-INSPIRED MODELLING OF SOFTWARE VERIFICATION BY MODIFIED MORAN PROCESSESIJCSEA Journal
A new approach for the control and prediction of verification activities for large safety-relevant software
systems will be presented in this paper. The model is applied on a macroscopic system level and based on
so-called Moran processes, which originate from mathematical biology and allow for the description
ofphenomena as, for instance, genetic drift. Beside the theoretical foundations of this novel approach, its
application on a real-world example from the medical engineering domain will be discussed.
SE18_Lec 07_System Modelling and Context ModelAmr E. Mohamed
System modeling is the process of developing abstract models of a system using graphical notation like UML. It helps analysts understand system functionality and communicate with customers. Models present different views like external context, structural organization, dynamic behavior, and interactions. Key UML diagrams include use case, class, sequence, state, and activity diagrams. System context diagrams specifically focus on external factors and the system boundaries.
A NEW INNOVATION TECHNIQUE OF STATE TRANSITION TESTING USED FOR DBTieijjournal
The process of exploitation the database to ensure the correctness of data manipulation, and a tendency to
accomplished associations. The transaction is a fit of logic procedure units; the data modification from one state to some other state is represented with database transaction state diagram to substantiate uniformity of data inside the database. The data manipulation ought to separate groups of logic cells, and once it all finished, data consistency can be maintained, and once a piece of this unit fails, the whole transaction
ought to be absolutely thought-about an error, all succeeding operations from the starting point should all fall back to the starting state. It has become a necessary to test database transaction states; a replacement technique of state transition testing is represented and designed test cases in this paper. The database State diagram direct testing by given the states, events, actions, and transitions that ought to be tested.
This presentation discusses the following topics:
Introduction to Query Processing
Need for Query processing
Architecture of Query Processing
Query Processing Steps
Phases in a typical query processing
Represented in relational structures
Translating SQL Queries into Relational Algebra
Query Optimization
Importance of Query Optimization
Actions of Query Optimization
The document discusses use case modeling and provides information on key concepts:
- A use case describes interactions between a system and external users (actors) to achieve a goal. It specifies system behavior but not implementation.
- Key components of use case modeling include actors, use cases, relationships between use cases like inclusion and extension, and use case descriptions.
- Use cases capture functional requirements while use case descriptions elaborate different scenarios through structured text or pseudocode. Organizing use cases into packages supports generalization and specialization.
Basic principles of blind write protocoljournalBEEI
The current approach to handle interleaved write operation and preserve consistency in relational database system still relies on the locking protocol. If any entity is locked by any transaction, then it becomes temporary unavailable to other transaction until the lock is released. The temporary unavailability can be more often if the number of write operation increases as happens in the application systems that utilize IoT technology or smartphone devices to collect the data. To solve this problem, this research is proposed blind write protocol which does not lock the entity while the transaction is performing a write operation. This paper presents the basic principles of blind write protocol implementation in a relational database system.
This presentation discusses about the following topics:
Transaction processing systems
Introduction to TRANSACTION
Need for TRANSACTION
Operations
Transaction Execution and Problems
Transaction States
Transaction Execution with SQL
Transaction Properties
Transaction Log
Review of Some Checkpointing Schemes for Distributed and Mobile Computing Env...Eswar Publications
Fault Tolerance Techniques facilitate systems to carry out tasks in the incidence of faults. A checkpoint is a local state of a process saved on stable storage. In a distributed system, since the processes in the system do not share memory; a global state of the system is defined as a combination of local states, one from each process. In case of a fault in distributed systems, checkpointing enables the execution of a program to be resumed from a previous consistent global state rather than resuming the execution from the commencement. In this way, the sum of constructive processing vanished because of the fault is appreciably reduced. In this paper, we talk about various issues related to the checkpointing for distributed systems and mobile computing environments. We also confer
various types of checkpointing: coordinated checkpointing, asynchronous checkpointing, communication induced
checkpointing and message logging based checkpointing. We also present a survey of some checkpointing algorithms for distributed systems.
BIO-INSPIRED MODELLING OF SOFTWARE VERIFICATION BY MODIFIED MORAN PROCESSESIJCSEA Journal
A new approach for the control and prediction of verification activities for large safety-relevant software
systems will be presented in this paper. The model is applied on a macroscopic system level and based on
so-called Moran processes, which originate from mathematical biology and allow for the description
ofphenomena as, for instance, genetic drift. Beside the theoretical foundations of this novel approach, its
application on a real-world example from the medical engineering domain will be discussed.
SE18_Lec 07_System Modelling and Context ModelAmr E. Mohamed
System modeling is the process of developing abstract models of a system using graphical notation like UML. It helps analysts understand system functionality and communicate with customers. Models present different views like external context, structural organization, dynamic behavior, and interactions. Key UML diagrams include use case, class, sequence, state, and activity diagrams. System context diagrams specifically focus on external factors and the system boundaries.
The document discusses how enterprises operate in the global event cloud using event-driven, parallel and asynchronous processes. It emphasizes the need for processes to evolve on-the-fly through real-time modification in response to events. Exceptional situations must be treated as normal and designed for from the start. Technologies are needed for complex event pattern matching, reusable event data, real-time process visibility and control, and simulation-based process design.
A Survey of Various Fault Tolerance Checkpointing Algorithms in Distributed S...Eswar Publications
A distributed system is a collection of independent entities that cooperate to solve a problem that cannot be individually solved. Checkpoint is defined as a fault tolerant technique. It is a save state of a process during the failure-free execution, enabling it to restart from this checkpointed state upon a failure to reduce the amount of lost work instead of repeating the computation from beginning. The process of restoring form previous checkpointed state is known as rollback recovery. A checkpoint can be saved on either the stable storage or the
volatile storage depending on the failure scenarios to be tolerated. Checkpointing is major challenge in mobile ad
hoc network. The mobile ad hoc network architecture is one consisting of a set of self configure mobile hosts(MH) capable of communicating with each other without the assistance of base stations, some of processes running on mobile host. The main issues of this environment are insufficient power and limited storage capacity. This paper surveys the algorithms which have been reported in the literature for checkpointing in distributed systems as well as Mobile Distributed systems.
Bio-Inspired Modelling of Software Verification by Modified Moran ProcessesIJCSEA Journal
A new approach for the control and prediction of verification activities for large safety-relevant software systems will be presented in this paper. The model is applied on a macroscopic system level and based on so-called Moran processes, which originate from mathematical biology and allow for the description of phenomena as, for instance, genetic drift. Beside the theoretical foundations of this novel approach, its application on a real-world example from the medical engineering domain will be discussed.
This chapter discusses key concepts in event processing including what events are, how they are created and related. It covers the form, significance and relativity of events. It describes how timing, causality and aggregation relate events and how genetic parameters encode relationships between events. Examples show how timing requirements can be expressed as event patterns and how causality can be used to trace activity in a system. The chapter emphasizes that the observable system based on observed and inferred events may not capture all system activities due to uncertainty.
Concurrency control is a mechanism for managing simultaneous transactions in a shared database to ensure serializability and isolation of transactions. It utilizes locking protocols like two-phase locking to control access to database items during transactions and prevent issues like lost updates, dirty reads, and incorrect summaries that can occur without concurrency control when transactions' operations are interleaved.
Survey of streaming data warehouse update schedulingeSAT Journals
In this paper, we study scheduling problem of updates for the streaming data warehouses. The streaming data warehouses are the combination of traditional data warehouses and data stream systems. In this, jobs are nothing but the processes which are responsible for loading new data in the tables. Its purpose is to decrease the data staleness. In addition, it handles well, the challenges faced by the streaming warehouses like, data consistency, view hierarchies, heterogeneity found in update jobs because of dissimilar arrival times as well as size of data, preempt updates etc. The staleness of data is the scheduling metric considered here. In this, jobs are nothing but the processes which are responsible for loading new data in the tables. Its purpose is to decrease the data staleness. In addition, it handles well, the challenges faced by the streaming warehouses like, data consistency, view hierarchies, heterogeneity found in update jobs because of dissimilar arrival times as well as size of data, preempt updates etc. The staleness of data is the scheduling metric considered here.
Keywords: partitioning strategy, scalable scheduling, data stream management system.
The document discusses various software development life cycle (SDLC) models including waterfall, iterative waterfall, V-shaped, prototyping, evolutionary, spiral, RAD, iterative enhancement, and agile models. It provides details on the phases and activities involved in classical waterfall model such as feasibility study, requirements analysis, design, coding, testing, integration, and maintenance. The advantages of waterfall model include being linear, systematic and having proper documentation, while the disadvantages are the inability to accommodate changes and detect errors late in the process. Iterative models allow for feedback loops to catch errors earlier.
This document discusses data flow diagrams and modeling processes at different levels of abstraction. It provides examples of typical processes like computations, decisions, data manipulation, and triggering other processes. It then gives an example data flow diagram of a patient monitoring system to illustrate modeling a system at three different levels - showing more detail at each lower level. Finally, it discusses some common mistakes in data flow diagrams like missing inputs/outputs and irrelevant inputs not corresponding to the outputs.
SERENE 2014 Workshop: Paper "Modelling Resilience of Data Processing Capabili...SERENEWorkshop
SERENE 2014 - 6th International Workshop on Software Engineering for Resilient Systems
http://serene.disim.univaq.it/
Session 2: Analysis of Resilience
Paper 1: Modelling Resilience of Data Processing Capabilities of CPS
SE2018_Lec 14_ Process Modeling and Data Flow Diagram.pptxAmr E. Mohamed
The document discusses process modeling and data flow diagrams (DFDs). It begins by defining a system as consisting of inputs, outputs, and a process within defined boundaries. Logical and physical models are then described, with logical models showing what a system does independent of implementation and physical models including implementation details. The remainder of the document provides details on:
- Creating DFDs using processes, external entities, data stores, and data flows
- Developing context and level-0 diagrams
- Decomposing processes through functional decomposition and creating level-N diagrams
- Ensuring DFDs are complete and consistent
Building a new CTL model checker using Web Servicesinfopapers
Florin Stoica, Laura Stoica, Building a new CTL model checker using Web Services, Proceeding The 21th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2013), At Split-Primosten, Croatia, 18-20 September, pp. 285-289, 2013
DOI=10.1109/SoftCOM.2013.6671858 http://dx.doi.org/10.1109/SoftCOM.2013.6671858
This document discusses active databases and how they differ from conventional passive databases. Active databases can monitor a database for predefined situations and trigger actions automatically in response. This is accomplished through the use of active rules embedded within the database. The document outlines the key components of active rules, including events, conditions, and actions. It also covers the execution model of active databases and how rules are evaluated and triggered at runtime. Examples are provided of how active databases and triggers can be used for tasks like maintaining derived data values and enforcing integrity constraints.
Pbl report blood management system (5th sem)CryptoGenix
This document provides a progress report for a project titled "Blood Bank Management System" created by 4 students. It includes an abstract describing the project's purpose to automate an existing manual blood bank system. It outlines objectives like managing donor, blood, and patient details. It also assigns roles to team members and lists future goals like more efficient management. Hardware requirements include a minimum of 4GB RAM and Intel processor. Software requirements include Windows 7 or later, macOS, and Linux. References used are websites on programming topics.
Decision Making Framework in e-Business Cloud Environment Using Software Metr...ijitjournal
Cloud computing technology is most important one in IT industry by enabling them to offer access to their
system and application services on payment type. As a result, more than a few enterprises with Facebook,
Microsoft, Google, and amazon have started offer to their clients. Quality software is most important one in
market competition in this paper presents a hybrid framework based on the goal/question/metric paradigm
to evaluate the quality and effectiveness of previous software goods in project, product and organizations
in a cloud computing environment. In our approach it support decision making in the area of project,
product and organization levels using Neural networks and three angular metrics i.e., project metrics,
product metrics, and organization metrics
The paper deals with distributed planning in a Mult
i-Agent System (MAS) constituted by several
intelligent agents each one has to interact with th
e other autonomous agents. The problem faced
is how to ensure a distributed planning through the
cooperation in our multi-agent system.
To do so, we propose the use of fuzzy logic to repr
esent the response of the agent in case of
interaction with the other. Finally, we use JADE p
latform to create agents and ensure the
communication between them.
A Benchmark Production System is used as a running
example to explain our contribution.
This document discusses several key concepts in distributed systems including event ordering, mutual exclusion, concurrency control, deadlock handling, and election algorithms. It provides details on implementing happened-before relations to ensure event ordering. It describes centralized and distributed approaches for mutual exclusion and discusses two-phase commit and locking protocols for concurrency control. It also covers deadlock prevention techniques like timestamp ordering and various distributed deadlock detection algorithms. Finally, it summarizes bully and ring algorithms for electing a new coordinator when failures occur.
This document discusses mobile database systems and their fundamentals. It describes the conventional centralized database architecture with a client-server model. It then covers distributed database systems which partition and replicate data across multiple servers. The key aspects covered are database partitioning, partial and full replication, and how they impact data locality, consistency, reliability and other factors. Transaction processing fundamentals like atomicity, consistency, isolation and durability are also summarized.
MODELING OF DISTRIBUTED MUTUAL EXCLUSION SYSTEM USING EVENT-B cscpconf
The problem of mutual exclusion arises in distributed systems whenever shared resources are concurrently accessed by several sites. For correctness, it is required that shared resource must be accessed by a single site at a time. To decide, which site execute the critical section next, each site communicate with a set of other sites. A systematic approach is essential to formulate an accurate speciation. Formal methods are mathematical techniques that provide systematic approach for building and verification of model. We have used Event-B as a formal technique for construction of our model. Event-B is event driven approach which
is used to develop formal models of distributed systems .It supports generation and discharge of proof obligations arising due to consistency checking. In this paper, we outline a formal construction of model of Lamport's mutual exclusion algorithm for distributed system using Event-B. We have considered vector clock instead of using Lam-port's scalar clock for the purpose of message's time stamping
Modeling of distributed mutual exclusion system using event bcsandit
The problem of mutual exclusion arises in distributed systems whenever shared resources are concurrently
accessed by several sites. For correctness, it is required that shared resource must be accessed by a single
site at a time. To decide, which site execute the critical section next, each site communicate with a set of
other sites. A systematic approach is essential to formulate an accurate speciation. Formal methods are
mathematical techniques that provide systematic approach for building and verification of model. We have
used Event-B as a formal technique for construction of our model. Event-B is event driven approach which
is used to develop formal models of distributed systems .It supports generation and discharge of proof
obligations arising due to consistency checking. In this paper, we outline a formal construction of model of
Lamport's mutual exclusion algorithm for distributed system using Event-B. We have considered vector
clock instead of using Lam-port's scalar clock for the purpose of message's time stamping.
Software Engineering Important Short Question for ExamsMuhammadTalha436
The document discusses various topics related to software engineering including:
1. The software development life cycle (SDLC) and its phases like requirements, design, implementation, testing, etc.
2. The waterfall model and its phases from modeling to maintenance.
3. The purpose of feasibility studies, data flow diagrams, and entity relationship diagrams.
4. Different types of testing done during the testing phase like unit, integration, system, black box and white box testing.
The document describes how to determine and calculate cyclomatic complexity for a code sample that uses the Euclid's algorithm to compute the greatest common divisor (GCD) of two numbers. It provides three methods to calculate the cyclomatic complexity of the code: 1) using the number of nodes and edges in the control flow graph, 2) using the number of non-overlapping areas, and 3) using the number of decision statements and loops. The cyclomatic complexity is determined to be 3 using all three methods. The document also includes an example of creating a software requirements specification (SRS) document for a banking system application using use case diagrams, state diagrams, and activity diagrams in Star UML.
The document discusses how enterprises operate in the global event cloud using event-driven, parallel and asynchronous processes. It emphasizes the need for processes to evolve on-the-fly through real-time modification in response to events. Exceptional situations must be treated as normal and designed for from the start. Technologies are needed for complex event pattern matching, reusable event data, real-time process visibility and control, and simulation-based process design.
A Survey of Various Fault Tolerance Checkpointing Algorithms in Distributed S...Eswar Publications
A distributed system is a collection of independent entities that cooperate to solve a problem that cannot be individually solved. Checkpoint is defined as a fault tolerant technique. It is a save state of a process during the failure-free execution, enabling it to restart from this checkpointed state upon a failure to reduce the amount of lost work instead of repeating the computation from beginning. The process of restoring form previous checkpointed state is known as rollback recovery. A checkpoint can be saved on either the stable storage or the
volatile storage depending on the failure scenarios to be tolerated. Checkpointing is major challenge in mobile ad
hoc network. The mobile ad hoc network architecture is one consisting of a set of self configure mobile hosts(MH) capable of communicating with each other without the assistance of base stations, some of processes running on mobile host. The main issues of this environment are insufficient power and limited storage capacity. This paper surveys the algorithms which have been reported in the literature for checkpointing in distributed systems as well as Mobile Distributed systems.
Bio-Inspired Modelling of Software Verification by Modified Moran ProcessesIJCSEA Journal
A new approach for the control and prediction of verification activities for large safety-relevant software systems will be presented in this paper. The model is applied on a macroscopic system level and based on so-called Moran processes, which originate from mathematical biology and allow for the description of phenomena as, for instance, genetic drift. Beside the theoretical foundations of this novel approach, its application on a real-world example from the medical engineering domain will be discussed.
This chapter discusses key concepts in event processing including what events are, how they are created and related. It covers the form, significance and relativity of events. It describes how timing, causality and aggregation relate events and how genetic parameters encode relationships between events. Examples show how timing requirements can be expressed as event patterns and how causality can be used to trace activity in a system. The chapter emphasizes that the observable system based on observed and inferred events may not capture all system activities due to uncertainty.
Concurrency control is a mechanism for managing simultaneous transactions in a shared database to ensure serializability and isolation of transactions. It utilizes locking protocols like two-phase locking to control access to database items during transactions and prevent issues like lost updates, dirty reads, and incorrect summaries that can occur without concurrency control when transactions' operations are interleaved.
Survey of streaming data warehouse update schedulingeSAT Journals
In this paper, we study scheduling problem of updates for the streaming data warehouses. The streaming data warehouses are the combination of traditional data warehouses and data stream systems. In this, jobs are nothing but the processes which are responsible for loading new data in the tables. Its purpose is to decrease the data staleness. In addition, it handles well, the challenges faced by the streaming warehouses like, data consistency, view hierarchies, heterogeneity found in update jobs because of dissimilar arrival times as well as size of data, preempt updates etc. The staleness of data is the scheduling metric considered here. In this, jobs are nothing but the processes which are responsible for loading new data in the tables. Its purpose is to decrease the data staleness. In addition, it handles well, the challenges faced by the streaming warehouses like, data consistency, view hierarchies, heterogeneity found in update jobs because of dissimilar arrival times as well as size of data, preempt updates etc. The staleness of data is the scheduling metric considered here.
Keywords: partitioning strategy, scalable scheduling, data stream management system.
The document discusses various software development life cycle (SDLC) models including waterfall, iterative waterfall, V-shaped, prototyping, evolutionary, spiral, RAD, iterative enhancement, and agile models. It provides details on the phases and activities involved in classical waterfall model such as feasibility study, requirements analysis, design, coding, testing, integration, and maintenance. The advantages of waterfall model include being linear, systematic and having proper documentation, while the disadvantages are the inability to accommodate changes and detect errors late in the process. Iterative models allow for feedback loops to catch errors earlier.
This document discusses data flow diagrams and modeling processes at different levels of abstraction. It provides examples of typical processes like computations, decisions, data manipulation, and triggering other processes. It then gives an example data flow diagram of a patient monitoring system to illustrate modeling a system at three different levels - showing more detail at each lower level. Finally, it discusses some common mistakes in data flow diagrams like missing inputs/outputs and irrelevant inputs not corresponding to the outputs.
SERENE 2014 Workshop: Paper "Modelling Resilience of Data Processing Capabili...SERENEWorkshop
SERENE 2014 - 6th International Workshop on Software Engineering for Resilient Systems
http://serene.disim.univaq.it/
Session 2: Analysis of Resilience
Paper 1: Modelling Resilience of Data Processing Capabilities of CPS
SE2018_Lec 14_ Process Modeling and Data Flow Diagram.pptxAmr E. Mohamed
The document discusses process modeling and data flow diagrams (DFDs). It begins by defining a system as consisting of inputs, outputs, and a process within defined boundaries. Logical and physical models are then described, with logical models showing what a system does independent of implementation and physical models including implementation details. The remainder of the document provides details on:
- Creating DFDs using processes, external entities, data stores, and data flows
- Developing context and level-0 diagrams
- Decomposing processes through functional decomposition and creating level-N diagrams
- Ensuring DFDs are complete and consistent
Building a new CTL model checker using Web Servicesinfopapers
Florin Stoica, Laura Stoica, Building a new CTL model checker using Web Services, Proceeding The 21th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2013), At Split-Primosten, Croatia, 18-20 September, pp. 285-289, 2013
DOI=10.1109/SoftCOM.2013.6671858 http://dx.doi.org/10.1109/SoftCOM.2013.6671858
This document discusses active databases and how they differ from conventional passive databases. Active databases can monitor a database for predefined situations and trigger actions automatically in response. This is accomplished through the use of active rules embedded within the database. The document outlines the key components of active rules, including events, conditions, and actions. It also covers the execution model of active databases and how rules are evaluated and triggered at runtime. Examples are provided of how active databases and triggers can be used for tasks like maintaining derived data values and enforcing integrity constraints.
Pbl report blood management system (5th sem)CryptoGenix
This document provides a progress report for a project titled "Blood Bank Management System" created by 4 students. It includes an abstract describing the project's purpose to automate an existing manual blood bank system. It outlines objectives like managing donor, blood, and patient details. It also assigns roles to team members and lists future goals like more efficient management. Hardware requirements include a minimum of 4GB RAM and Intel processor. Software requirements include Windows 7 or later, macOS, and Linux. References used are websites on programming topics.
Decision Making Framework in e-Business Cloud Environment Using Software Metr...ijitjournal
Cloud computing technology is most important one in IT industry by enabling them to offer access to their
system and application services on payment type. As a result, more than a few enterprises with Facebook,
Microsoft, Google, and amazon have started offer to their clients. Quality software is most important one in
market competition in this paper presents a hybrid framework based on the goal/question/metric paradigm
to evaluate the quality and effectiveness of previous software goods in project, product and organizations
in a cloud computing environment. In our approach it support decision making in the area of project,
product and organization levels using Neural networks and three angular metrics i.e., project metrics,
product metrics, and organization metrics
The paper deals with distributed planning in a Mult
i-Agent System (MAS) constituted by several
intelligent agents each one has to interact with th
e other autonomous agents. The problem faced
is how to ensure a distributed planning through the
cooperation in our multi-agent system.
To do so, we propose the use of fuzzy logic to repr
esent the response of the agent in case of
interaction with the other. Finally, we use JADE p
latform to create agents and ensure the
communication between them.
A Benchmark Production System is used as a running
example to explain our contribution.
This document discusses several key concepts in distributed systems including event ordering, mutual exclusion, concurrency control, deadlock handling, and election algorithms. It provides details on implementing happened-before relations to ensure event ordering. It describes centralized and distributed approaches for mutual exclusion and discusses two-phase commit and locking protocols for concurrency control. It also covers deadlock prevention techniques like timestamp ordering and various distributed deadlock detection algorithms. Finally, it summarizes bully and ring algorithms for electing a new coordinator when failures occur.
This document discusses mobile database systems and their fundamentals. It describes the conventional centralized database architecture with a client-server model. It then covers distributed database systems which partition and replicate data across multiple servers. The key aspects covered are database partitioning, partial and full replication, and how they impact data locality, consistency, reliability and other factors. Transaction processing fundamentals like atomicity, consistency, isolation and durability are also summarized.
MODELING OF DISTRIBUTED MUTUAL EXCLUSION SYSTEM USING EVENT-B cscpconf
The problem of mutual exclusion arises in distributed systems whenever shared resources are concurrently accessed by several sites. For correctness, it is required that shared resource must be accessed by a single site at a time. To decide, which site execute the critical section next, each site communicate with a set of other sites. A systematic approach is essential to formulate an accurate speciation. Formal methods are mathematical techniques that provide systematic approach for building and verification of model. We have used Event-B as a formal technique for construction of our model. Event-B is event driven approach which
is used to develop formal models of distributed systems .It supports generation and discharge of proof obligations arising due to consistency checking. In this paper, we outline a formal construction of model of Lamport's mutual exclusion algorithm for distributed system using Event-B. We have considered vector clock instead of using Lam-port's scalar clock for the purpose of message's time stamping
Modeling of distributed mutual exclusion system using event bcsandit
The problem of mutual exclusion arises in distributed systems whenever shared resources are concurrently
accessed by several sites. For correctness, it is required that shared resource must be accessed by a single
site at a time. To decide, which site execute the critical section next, each site communicate with a set of
other sites. A systematic approach is essential to formulate an accurate speciation. Formal methods are
mathematical techniques that provide systematic approach for building and verification of model. We have
used Event-B as a formal technique for construction of our model. Event-B is event driven approach which
is used to develop formal models of distributed systems .It supports generation and discharge of proof
obligations arising due to consistency checking. In this paper, we outline a formal construction of model of
Lamport's mutual exclusion algorithm for distributed system using Event-B. We have considered vector
clock instead of using Lam-port's scalar clock for the purpose of message's time stamping.
Software Engineering Important Short Question for ExamsMuhammadTalha436
The document discusses various topics related to software engineering including:
1. The software development life cycle (SDLC) and its phases like requirements, design, implementation, testing, etc.
2. The waterfall model and its phases from modeling to maintenance.
3. The purpose of feasibility studies, data flow diagrams, and entity relationship diagrams.
4. Different types of testing done during the testing phase like unit, integration, system, black box and white box testing.
The document describes how to determine and calculate cyclomatic complexity for a code sample that uses the Euclid's algorithm to compute the greatest common divisor (GCD) of two numbers. It provides three methods to calculate the cyclomatic complexity of the code: 1) using the number of nodes and edges in the control flow graph, 2) using the number of non-overlapping areas, and 3) using the number of decision statements and loops. The cyclomatic complexity is determined to be 3 using all three methods. The document also includes an example of creating a software requirements specification (SRS) document for a banking system application using use case diagrams, state diagrams, and activity diagrams in Star UML.
The document proposes a validated real-time middleware called DCPS-HMM for distributed cyber physical systems. DCPS-HMM uses a Hidden Markov Model approach to validate process outputs. It consists of several components: a Process Manager that schedules processes; a Process Allocator that assigns processes to resources based on their periodic/aperiodic nature; a Process Implementation module; a Process Tracker; and a Process Validator that uses HMM to validate outputs against past behavior. The system is simulated for credit card fraud detection and a CPS scenario. It aims to provide a flexible, efficient, and validated middleware for diverse distributed CPS requirements.
This document discusses various modeling techniques used during the analysis phase of software engineering. It covers scenario-based modeling including use cases, activity diagrams, and swimlane diagrams. It also discusses flow-oriented modeling using data flow diagrams and grammars. Additionally, it discusses class-based modeling including identifying analysis classes, class diagrams, and the class-responsibility-collaborator technique. Finally, it discusses behavioral modeling including identifying events and creating state and sequence diagrams.
The document discusses a framework for a self-healing module (SHM) to automate response to failures in a virtual manufacturing execution system (vMES). The SHM would detect failures, determine resolutions, and enact resolutions without human intervention. This would improve productivity by automating error recovery. The SHM framework uses event listeners, triggers, and actions. Listeners detect events, triggers determine responses, and actions enact those responses, such as restarting processes, migrating virtual machines, or adjusting database settings. The goal is to automate operations and improve response time to failures in virtual manufacturing environments.
This document discusses components in real-time systems. It defines real-time systems as those with tight timing constraints where responses must occur within strict deadlines. It describes the components of real-time systems as modular and cohesive software packages that communicate via interfaces. The document outlines a process for developing component-based real-time systems, including top-level design, detailed design, scheduling, worst-case execution time verification, and system implementation and testing. It provides examples of real-time components from the Rubus operating system.
Analysis on Fraud Detection Mechanisms Using Machine Learning TechniquesIRJET Journal
1) The document discusses using machine learning techniques like Random Forest Classifier and AdaBoost to detect fraud in blockchain transactions through an ensemble model.
2) It analyzes the individual accuracy of Random Forest and AdaBoost classifiers, finding accuracies over 99.99%, then ensembles their predictions using a stacking method.
3) The stacking ensemble model combines the predictions of the Random Forest and AdaBoost models into a new training set to potentially provide even more accurate fraud detection compared to the individual models.
A Real-Time Information System For Multivariate Statistical Process ControlAngie Miller
This document describes the design and implementation of a real-time multivariate process control system that uses principal component analysis models to monitor a manufacturing process in real-time. The system analyzes process data, detects errors, and presents contributing factors through a graphical user interface for operators and engineers. It is intended to help identify improvement opportunities by better utilizing available process data and information within temporal bounds important for process control.
This material provides guidelines in form of a presentation of the Context Awareness - component of the Adaptation Plane.
The Context Awareness is a component which implements a mechanism to identify the current context under which the CITADEL framework as well as an application is used/operated.
To identify the current context, the Context Awareness will use run-time data provided by the Monitoring Plane as input on one hand and a pre-defined context model on the other hand.
The document is the final paper for SSW-565A that discusses testability in software systems. It elaborates on various architectural tactics to achieve testability like well-defined interfaces, record/playback, abstract data sources, and limiting complexity. It then discusses how these tactics could be applied to a ration shop web application to make it more testable, such as using local test data instead of a real database, mocking external dependencies, and ensuring high cohesion and loose coupling between classes. The paper concludes that testability relies on factors like controllability, observability, and complexity being addressed at the architectural level to facilitate effective testing.
IRJET - Precise and Efficient Processing of Data in Permissioned BlockchainIRJET Journal
1) The document proposes a blockchain-based insurance framework called PEPD-PB that uses Hyperledger Fabric to process insurance claims more efficiently.
2) PEPD-PB involves multiple organizational peers participating in insurance claiming and adjudication. It uses smart contracts to store claims on the blockchain to improve transparency, speed, and security.
3) The proposed system is compared to existing systems, which are manual processes that require data to be fetched from each organization separately, resulting in delays. The blockchain framework allows real-time data sharing without compromising data integrity.
Testing-as-a-service (TaaS) comes along with the advancement in technology to meet the various demands
in software testing currently on the rise as multiple organizations seek to enforce new technology and
personal software tailoring their organization needs. Information Technology (IT) has facilitated the rise
as various organizations upgrade their system, which demands the continuous testing of the software as
exemplified by the multiple types; regression testing and penetration testing (PTaaS). TaaS contains
various features and capabilities, enabling software testing presented by cutting-edge technology, external
expertise provision to companies, public cloud, test library, and community-driven and simplified
infrastructure and operations.
TESTING-AS-A-SERVICE (TAAS) – CAPABILITIES AND FEATURES FOR REAL-TIME TESTING...ijcsit
Testing-as-a-service (TaaS) comes along with the advancement in technology to meet the various demands
in software testing currently on the rise as multiple organizations seek to enforce new technology and
personal software tailoring their organization needs. Information Technology (IT) has facilitated the rise
as various organizations upgrade their system, which demands the continuous testing of the software as
exemplified by the multiple types; regression testing and penetration testing (PTaaS). TaaS contains
various features and capabilities, enabling software testing presented by cutting-edge technology, external
expertise provision to companies, public cloud, test library, and community-driven and simplified
infrastructure and operations.
A HEURISTIC APPROACH FOR WEB-SERVICE DISCOVERY AND SELECTIONijcsit
This document proposes a new heuristic approach for web service discovery and selection using an algorithm inspired by honey bee behavior called the Bees Algorithm. The approach structures service registries by domain to simplify discovery. It uses the Bees Algorithm as an intelligent search method to efficiently find the optimal service matching a client's request and quality of service requirements from the relevant registry in least time.
OS VERIFICATION- A SURVEY AS A SOURCE OF FUTURE CHALLENGESIJCSES Journal
This document summarizes several projects that have formally verified operating system kernels:
- The UCLA project in the 1980s formally specified and verified parts of the Unix kernel using multiple specification layers and consistency proofs. It found errors and demonstrated the need for formal verification.
- The KIT project in the 1990s was the first to verify an OS kernel at the assembly level. It proved isolation between processes in a small kernel written for a simple machine.
- Other projects discussed include PSOS, VFiasco, EROS, and seL4, which take different approaches to formally verifying properties of OS kernels. The document surveys the methodology and contributions of these verification projects.
ANALYSIS ON LOAD BALANCING ALGORITHMS IMPLEMENTATION ON CLOUD COMPUTING ENVIR...AM Publications
Cloud computing means storing and accessing data and programs over the Internet instead of your computer's hard drive. The cloud is just a metaphor for the Internet. The elements involved in cloud computing are clients, data center and distributed server. One of the main problems in cloud computing is load balancing. Balancing the load means to distribute the workload among several nodes evenly so that no single node will be overloaded. Load can be of any type that is it can be CPU load, memory capacity or network load. In this paper we presented an architecture of load balancing and algorithm which will further improve the load balancing problem by minimizing the response time. In this paper, we have proposed the enhanced version of existing regulated load balancing approach for cloud computing by comping the Randomization and greedy load balancing algorithm. To check the performance of proposed approach, we have used the cloud analyst simulator (Cloud Analyst). Through simulation analysis, it has been found that proposed improved version of regulated load balancing approach has shown better performance in terms of cost, response time and data processing time.
With the emergence of virtualization and cloud computing technologies, several services are housed on virtualization platform. Virtualization is the technology that many cloud service providers rely on for efficient management and coordination of the resource pool. As essential services are also housed on cloud platform, it is necessary to ensure continuous availability by implementing all necessary measures. Windows Active Directory is one such service that Microsoft developed for Windows domain networks. It is included in Windows Server operating systems as a set of processes and services for authentication and authorization of users and computers in a Windows domain type network. The service is required to run continuously without downtime. As a result, there are chances of accumulation of errors or garbage leading to software aging which in turn may lead to system failure and associated consequences. This results in software aging. In this work, software aging patterns of Windows active directory service is studied. Software aging of active directory needs to be predicted properly so that rejuvenation can be triggered to ensure continuous service delivery. In order to predict the accurate time, a model that uses time series forecasting technique is built.
The adoption of cloud environment for various application uses has led to security and privacy concern of user’s data. To protect user data and privacy on such platform is an area of concern.
Many cryptography strategy has been presented to provide secure sharing of resource on cloud platform. These methods tries to achieve a secure authentication strategy to realize feature such as self-blindable access tickets, group signatures, anonymous access tickets, minimal disclosure of tickets and revocation but each one varies in realization of these features. Each feature requires different cryptography mechanism for realization. Due to this it induces computation complexity which affects the deployment of these models in practical application. Most of these techniques are designed for a particular application environment and adopt public key cryptography which incurs high cost due to computation complexity.
To address these issues this work present an secure and efficient privacy preserving of mining data on public cloud platform by adopting party and key based authentication strategy. The proposed SCPPDM (Secure Cloud Privacy Preserving Data Mining) is deployed on Microsoft azure cloud platform. Experiment is conducted to evaluate computation complexity. The outcome shows the proposed model achieves significant performance interm of computation overhead and cost.
Similar to Formal Verification of Distributed Checkpointing Using Event-B (20)
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
International Conference on NLP, Artificial Intelligence, Machine Learning an...gerogepatton
International Conference on NLP, Artificial Intelligence, Machine Learning and Applications (NLAIM 2024) offers a premier global platform for exchanging insights and findings in the theory, methodology, and applications of NLP, Artificial Intelligence, Machine Learning, and their applications. The conference seeks substantial contributions across all key domains of NLP, Artificial Intelligence, Machine Learning, and their practical applications, aiming to foster both theoretical advancements and real-world implementations. With a focus on facilitating collaboration between researchers and practitioners from academia and industry, the conference serves as a nexus for sharing the latest developments in the field.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
Formal Verification of Distributed Checkpointing Using Event-B
1. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
DOI:10.5121/ijcsit.2015.7504 59
FORMAL VERIFICATION OF DISTRIBUTED
CHECKPOINTING USING EVENT-B
Girish Chandra1
, Raghuraj Suryavanshi2
and Divakar Yadav1
1
Department of Computer Science & Engineering, Institute of Engineering &
Technology, Lucknow, Uttar Pradesh 226021, India
2
Department of Computer Science & Engineering, Pranveer Singh Institute of
Technology, Kanpur, Uttar Pradesh 209305, India
ABSTRACT
The development of complex system makes challenging task for correct software development. Due to faulty
specification, software may involve errors. The traditional testing methods are not sufficient to verify the
correctness of such complex system. In order to capture correct system requirements and rigorous
reasoning about the problems, formal methods are required. Formal methods are mathematical techniques
that provide precise specification of problems with their solutions and proof of correctness. In this paper,
we have done formal verification of check pointing process in a distributed database system using Event B.
Event-B is an event driven formal method which is used to develop formal models of distributed database
systems. In a distributed database system, the database is stored at different sites that are connected
together through the network. Checkpoint is a recovery point which contains the state information about
the site. In order to do recovery of a distributed transaction a global checkpoint number (GCPN) is
required. A global checkpoint number decides which transaction will be included for recovery purpose. All
transactions whose timestamp are less than global checkpoint number will be marked as before checkpoint
transaction (BCPT) and will be considered for recovery purpose. The transactions whose timestamp are
greater than GCPN will be marked as after checkpoint transaction (ACPT) and will be part of next global
checkpoint number.
KEYWORDS
Formal Methods, Formal Specifications, Formal Verification, Event-B, Distributed Transaction, Check-
pointing, Local checkpoint number, Global checkpoint number.
1. INTRODUCTION
A distributed database system is collection of several sites where the database is distributed
across different location. Data at any site may be replicated or fragmented either vertically or
horizontally. Since there is no system wide global clock or shared memory, sites in these systems
communicate the information in form of messages to other sites for successful completion of any
global computation [1]. The database present at any site can be accessed through the transactions.
A distributed transaction is a user activity which update different data objects located at different
sites. A distributed transaction is collection of several sub-transactions. Depending on their
requirements these sub-transactions may execute at several sites for reading or updating data
objects [2].
Checkpointing is an approach in which state information of each site is periodically saved known
as checkpoint or recovery point. In distributed system, every site or a set of sites which are
involved in the global computation will take local checkpoints which contain the local
2. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
60
information about the sub-transactions at that site. All local checkpoints, one from each site, form
a global checkpoint [1], [3]. At the time of recovery, a recovered site resumes its execution from
the previous error free consistent global state recorded by the checkpoints of all sites. For
recovery purpose, it is necessary that global checkpoint must be consistent. To make global
checkpoint consistent it is required that it must not have any local checkpoint which is depend on
an event happened after the global checkpoint [1]. The global consistency for distributed database
systems must address the issue like which transaction updates will be included in the checkpoints.
Therefore, it is required to define unique global checkpoint number or recovery line. For recovery
purpose, the updates of only those transactions are included in the checkpoints whose timestamps
are less than global checkpoint number and the transactions whose timestamps are larger than
global checkpoint number will be considered in next global checkpoint number [4].
There is need to formally verify and ensure the correctness of checkpointing process for
distributed database systems. The traditional testing techniques are not suitable to verify the
correctness of such systems. It is unfeasible to explore every execution path because size of
generated state space is very large. Formal methods are mathematical techniques that use the
concepts and ideas from mathematics and formal logic to specify and reason about system
properties [5], [6]. It provides a framework which make possible to write specification, analyze
and verify the model in a systematic way. The formal methods allow complete analysis of system
requirements, design and the behaviour of system including the possibility of faults. The tools
also provide automated proofs support for verification of system properties.
In this paper, we have done the formal verification of checkpointing process in a distributed
database system using Event-B. Event-B [7], [8], [9], [10], [11], [12], [13] is event driven
approach used to develop formal models of distributed database systems. It contains set of
variables, constants, and property of model in form of invariant. For ensuring correctness of
system invariant properties of model must always be satisfied. The remainder of this paper is
organized as follows: section 2 describes the Event B and Rodin, section 3 presents system model
and informal description of events, section 4 describes Event-B model of checkpointing process
for DDBS, and section 5 concludes the paper.
2. EVENT-B AND RODIN PLATFORM
Event-B model [14], [15], [16], [17], [18] is made of several components of two kinds: contexts
and machines [19], [20]. Contexts which represent static part of model contain sets, constants and
axioms. Sets may be enumerated or carrier. Axioms are used to describe the properties of those
sets and constants. Machines represent behavioural properties of model. It contains the system
variables, invariants, theorems, and events of a model. The state of machine is defined through
variables. The mathematical constructs such as relations, functions, sets and numbers are
represented by variables. The invariants of machine represent constraints that must be applied on
machine’s variables. During execution of model, the state of machine change from one state to
other but the invariants of machine which give properties of those variables should not be
violated. All invariants must be satisfied by every state of machine. If violation occur, it means
model is not working according to the specification and there is need to modify the machine. The
theorem of machine is derived from context and invariants of that machine. The machine can see
the context directly or indirectly [21]. Besides its state, a machine contains a number of events
which specify how the state may evolve. An event is made up of three elements its name, guards
and actions. The guards are the necessary conditions for the event to occur. An event known as
initialization event has no guard and it gives initial position of model. For any event, if all guards
of event become true then list of actions is performed by that event. The action is a substitution or
assignment of new values to variables. There are three kinds of substitutions associated with an
3. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
61
event [19] deterministic multiple substitution, non deterministic multiple substitution and empty
substitution. An event is triggered and performs list of actions when guards of that event will
becomes true. The properties of machine are verified through proof obligations [19], [8].
In our research work, we have used Rodin platform [13], [19], [22]. It is an open extensible tool
for specification and verification of Event B. The tool support construction and verification of
Event-B models and provides a seamless integration between modelling and proving. It also
provides an environment for generation and discharge of proof obligations. It supports
incremental development of model whereby verification is done automatically in the background
during model development. Therefore, each incremental modification generates a small change to
the set of proof obligations. It is embedded by various plugins such as provers, model checkers,
UML transformers, proof-obligation generators etc.
3. SYSTEM MODEL
We have considered a group of sites which coordinate each other for taking checkpoints in such
manner that the resulting global state is consistent. We have used Lamport’s logical clock to
assign the timestamp to sites and messages which are involved in the communication. In order to
take the consistent global checkpoint in DDBS, it is required to decide which transactions are to
be included in the checkpoint. While taking a checkpoint it is also needed that it must not
interfere or block the transaction which are already executing at that site. In our model,
checkpointing process is initiated by a site known as coordinator site. This site broadcast a
timestamped request message to all other sites (participant sites). After receiving the request
message, participant site updates its local checkpoint number and send back timestamped reply
message to the coordinator. For assigning timestamp to message, each time when a message is
sent by any site, it increments its own local checkpoint number by one and that incremented value
is assigned to message. At the time of delivery of message the receiving site update its local
checkpoint number with the maximum value of timestamp of received message and current
checkpoint number. In order to decide which transaction are to be included in the checkpoint, all
participant sites must agree upon a special timestamp value known as global checkpoint number.
After receiving the reply message from all participant sites, coordinator site compute global
checkpoint number. This global checkpoint number is broadcast to all participants so that they
can include in their local checkpoint to all those transaction whose timestamp value is less than
global checkpoint number. The informal descriptions about the events are as follows:
1. Broadcasting a request message: The coordinator site broadcast timestamped request message
to all the participant sites. For assigning the timestamp to request message coordinator site
increment its own local checkpoint number by one and this incremented value is assigned to
request message.
2. Submission of transaction: Transaction may be submitted at any site. After submission of a
transaction a timestamp value is assigned to it. The current local checkpoint number of site is
assigned to transaction as its timestamp.
3. Delivery of request message: A request message sent by coordinator site will be delivered to all
participant sites. After the delivery of request message, participant site update its local checkpoint
number with the timestamp of received request message or its current timestamp value. The value
which one is maximum will be assigned to it.
4. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
62
4. Local marking of transaction: Each participant site locally marks all those transactions whose
timestamp value is less than local checkpoint number of site as a before checkpoint transaction
(bcpt) and rest of transaction as after checkpoint transaction (acpt).
5. Sending of reply message: After local marking of transaction, each participant site will send
timestamped reply message to the coordinator site. In order to assign the timestamp to reply
message, participant site increments its local check point number by one and that incremented
value is assigned to reply message.
6. Delivery of reply message: The coordinator site counts the number of sites which have sent the
reply message. Every time when a reply message is delivered to coordinator site it increments its
counter value by one. It also makes the entry of timestamp of each received reply message.
7. Computation and broadcasting of global checkpoint number: After receiving the reply message
from all participant sites, the coordinator site compute global checkpoint number. The global
checkpoint number is the maximum value of timestamp of all received reply messages. The
coordinator site broadcasts timestamped global checkpoint message to all participant sites.
8. Receiving of global checkpoint message: When participant site receives global checkpoint
message it updates its local checkpoint number as a timestamp of received global checkpoint
message.
9. Final marking of transaction: After the delivery of global checkpoint message at all participant
sites each participants will have its local checkpoint value equal to global checkpoint number.
Finally, all participant sites mark all transactions whose timestamp value is less than global
checkpoint number as a before checkpoint transaction and rest of transactions as after checkpoint
transaction.
4. EVENT-B MODEL OF CHECKPOINTING IN DISTRIBUTED DATABASE SYSTEM
In the context of model, we have declared sets of SITE, MESSAGE and TRANSACTION as carrier
set. The other sets status, type and cpstatus are defined as enumerated set. The set status has
values waiting, received_all_replies, globalcpnbroadcast, idle. The set type has values
local_cp_request, local_cp_reply, global_cp_msg and set cpstatus has values pending,
globalmark, localmark. The variables and invariants of machine are given in Fig. 1.
The variable sender is a partial function from set MESSAGE to SITE. A mapping of the form
(mms)∈ sender indicates that message m was sent by a site s. For recovery purpose, every site
maintains local checkpoint number (lcpns) in order to record all the events occur local to it. it is
declared as total function from SITE to natural number which indicates that each site have local
checkpoint number associated with it. For any pair (ssmn1)∈ lcpns indicates that site ss has local
checkpoint number n1. Descriptions about other variables are as follows:
5. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
63
Fig. 1. Variables and Invariants of Machine
(i) The variable sentmessages represent set of messages sent by any site. The timestamp of
message is formalised using variable tsmsg.
(ii) Every message must have a unique type. The variable messagetype maps each sent messages
to one of its type: local_cp_request, local_cp_reply, global_cp_msg.
(iii) The variable deliver represents delivery of messages at a site. There are number of messages
which are delivered to any site. This requirement is formalized by declaring variable deliver as a
relation between SITE and MESSAGE. A mapping (ssm mm1)∈ deliver represents that message
mm1 has been delivered to site ss. The message mm2 can also be relate with same site ss due to
relation.
(iv) The variable tsreplymsg is a set of natural number which represents timestamp of all reply
messages.
(v) The set of transactions at any site is represented by a variable trans_at_site. Relational image
of site ss under the relation trans_at_site is represented by trans_at_site[{ss}] and it contains all
the transactions at site ss.
(vi) The variable trans is a set of transaction that are submitted to any site.
(vii) The variable bcpt represents the set of transaction which are marked as before checkpoint
transaction. A mapping (smtr)∈ bcpt denotes that site s has marked transaction tr as before
MACHINE Checkpointm
VARIABLES
sender, coordinatorstatus, totalrepliedsite, lcpns, tsmsg, trans_at_site
trans, timestamp, deliver, bcpt, acpt, messagetype, checkpointstatus
tsreplymsg, sentmessages
INVARIANTS
inv1 : sender : MESSAGE2 SITE
inv2 : lcpns : SITE→Natural
inv3 : sentmessages ⊆ MESSAGE
inv4 : tsmsg : MESSAGE→Natural
inv5 : messagetype : sentmessages→type
inv6 : deliver : SITE 1 MESSAGE
inv7 : tsreplymsg ( Natural
inv8 : trans_at_site: SITE↔TRANSACTION
inv9 : trans ( TRANSACTION
inv10 : timestamp : trans→Natural
inv11 : bcpt: SITE ↔ trans
inv12 : acpt: SITE ↔ trans
inv13 : coordinatorstatus: {coordinator}→status
inv14 : checkpointstatus : SITE→cpstatus
inv15 : totalrepliedsite : Natural
inv16 : acpt ∩ bcpt = ∅
6. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
64
checkpoint transaction. Similarly, the variable acpt represents the set of transaction which are
marked as after checkpoint transaction.
(viii) Any site can work as a coordinator which coordinates with other site for deciding global
check point number. The status of coordinator is represented by the variable coordinatorstatus. At
any time coordinator may be in the state of waiting, received_all_replies, globalcpnbroadcast and
idle.
(ix) The variable checkpointstatus represents checkpoint status of each site. The checkpoint status
of site may be one of the following: pending, globalmark, localmark.
(x) The variable totalrepliedsite is a set of natural number.
The invariant 16 denotes that any transaction may be either in set acpt or bcpt. Initially,
coordinator status and checkpoint status of each site is set to as idle and pending respectively. The
local checkpoint number of each site and timestamp of each message is set to as 0.
Fig. 2. Submission of Transaction
4.1. Submission of Transaction
The event Trans Submit models the submission of transaction at any site [Fig. 2]. The guard grd1
and grd2 ensure that tr is a transaction and it is a fresh transaction respectively. The guard grd4 is
written as: tr / trans_at_site[ss], it ensures that transaction tr is not present at site ss. The guard
grd5 specifies that checkpoint status of site ss is pending. After the submission of transaction
(act1) a unique time stamp is assigned to it (act2). The action act2 assigns local checkpoint
number of site ss to transaction tr. Each time when a site assigns a timestamp to transaction, it
increments its own timestamp value by one (act3). The action act4 records that transaction tr is
present at site ss. The action act5 marks the transaction tr at site ss as after checkpoint transaction.
Trans_Submit ≙≙≙≙
Any tr,ss Where
grd1 : tr:TRANSACTION
grd2 : tr/ trans
grd3 : ss: SITE
grd4 : tr/ trans_at_site[{ss}]
grd5 : checkpointstatus(ss)= pending
Then
act1 : trans≔ trans∪ {tr}
act2 : timestamp(tr)≔ lcpns(ss)
act3 : lcpns(ss)≔ lcpns(ss) +1
act4 : trans_at_site≔ trans_at_site∪ {ssmtr}
act5 : acpt≔ acpt∪{ssmtr}
End
7. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
65
Fig. 3. Submission of Sub-Transaction at Remote Site
4.2. Submission of sub-transaction at remote site
Depending on the requirements, distributed transaction may execute at several sites. This event
models the submission of sub-transaction at remote site (Fig. 3). The guard grd1 ensures that
transaction tr has been submitted at any site. The guard grd3 ensures that transaction tr is not
present at site ss. The guard grd5 and grd6 ensure that transaction tr at site ss has neither been
marked as after checkpoint transaction (acpt) nor before checkpoint transaction (bcpt). The guard
grd7 specifies that checkpoint status of site ss is pending. The action act1 makes the entry of
transaction tr at site ss. When a transaction is submitted at remote site then it updates its
knowledge in form of local checkpoint number. The local checkpoint number is updated as
(act2):
lcpns(ss) ≔ max({timestamp(tr),lcpns(ss)+1})
It takes maximum of current local checkpoint number and timestamp of transaction. The value
which is maximum is allotted as local checkpoint number of site ss. The action act3 marked the
transaction tr at site ss as after checkpoint transaction (acpt).
4.3. Broadcasting of request message
In order to decide global checkpoint number, coordinator site broadcast request message to all
sites [Fig. 4]. The guard grd1 and grd2 ensure that site ss is coordinator and its status is idle
respectively. The message mm has not been sent is ensured by guards grd3 and grd4. Each time
when a message is sent by any site, it increments its local checkpoint number by one and this
updated timestamp value is assigned to message. The action act1 increments local checkpoint
number of site ss by one. The action act2 assigns timestamp to message mm. The action act3
specifies that message mm is sent by site ss. The status of coordinator is set to as waiting and
message mm is added to set sentmessages through act4 and act5 respectively. The type of
message mm is set to as local_cp_request through the action act6.
Remote_Subtran_Submit ≙≙≙≙
ANY tr, ss WHERE
grd1 : tr: trans
grd2 : ss: SITE
grd3 : tr/ trans_at_site[{ss}]
grd4 : finite({timestamp(tr), lcpns(ss)+1})
grd5 : ssmtr/acpt
grd6 : ssmtr/ bcpt
grd7 : checkpointstatus(ss)=pending
THEN
act1 : trans_at_site≔ trans_at_site∪ {ssmtr}
act2 : lcpns(ss)≔ max({timestamp(tr),lcpns(ss)+1})
act3 : acpt≔ acpt∪{ssmtr}
END
8. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
66
Fig. 4. Broadcasting of Request Message
Fig. 5. Delivery of Request Message
4.4. Delivery of request message at participant site
This event models the delivery of request message at participant site [Fig. 5]. Site ss is not
coordinator site is ensured through guards grd1 and grd2. The message mm has been sent and its
type is request message is ensured through guard grd3 and grd4 respectively. The guard grd5
ensures that delivery of message mm has not been done at site ss. This event makes the delivery
of request message mm at site ss (act1). At the time of delivery of message site ss update its local
checkpoint number with the maximum of current local timestamp and timestamp of received
request message (act2).
4.5. Local marking of transaction
This event formalizes the marking of transaction on the basis of local checkpoint number of that
site [Fig.6]. After receiving the request message from coordinator site, all participant sites mark
those transactions as before checkpoint transaction bcpt whose timestamp are less than local
checkpoint number of that site. The guard grd2 specifies that site ss is not coordinator site. The
request message mm has been delivered at site ss is ensured through guard grd4 and grd5. The
Participant_Receive ≙≙≙≙
ANY mm, ss WHERE
grd1 : ss: SITE
grd2 : ss ≠ coordinator
grd3 : mm: sentmessages
grd4 : messagetype(mm) = local_cp_request
grd5 : mm/ deliver[{ss}]
grd6 : finite({tsmsg(mm), lcpns(ss)+1})
grd7 : checkpointstatus(ss) = pending
THEN
act1 : deliver≔ deliver ∪{ss mmm}
act2 : lcpns(ss)≔ max({tsmsg(mm), lcpns(ss)+1})
END
Coordinaor_Broadcast ≙≙≙≙
ANY ss, mm WHERE
grd1 : ss = coordinator
grd2 : coordinatorstatus(ss)= idle
grd3 : mm: MESSAGE
grd4 : mm/ dom(sender)
THEN
act1 : lcpns(ss)≔ lcpns(ss)+1
act2 : tsmsg(mm)≔ lcpns(ss)
act3 : sender≔ sender∪ {mmmss}
act4 : coordinatorstatus(ss)≔ waiting
act5 : sentmessages≔ sentmessages∪ {mm}
act6 : messagetype(mm)≔ local_cp_request
END
9. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
67
guard grd6 and grd7 specify that transaction tr at site ss is marked as after checkpoint transaction
(acpt). The timestamp of transaction tr is less than local checkpoint number of site ss is ensured
through grd8. The checkpoint status of site ss is pending is ensured through guard grd9. Due to
occurrence of this event transaction tr is removed from acpt (after checkpoint transaction) set
(act1) and added in to bcpt before checkpoint transaction set (act2).
Fig. 6. Local Marking of Transaction
Fig. 7. Reply to Coordinator Site
4.6. Reply to coordinator site
After marking all transactions whose timestamps are less than local checkpoint number of that
site, participant site sends the reply message to the coordinator site [Fig. 7]. The site ss is not a
coordinator site is ensured through guard grd2. The guard grd4 specifies that for all transactions
at site ss whose timestamps are less than local checkpoint number of that site has been marked as
bcpt (before checkpoint transaction). The guard grd5 specifies that checkpoint status of site ss is
pending. This event changes the checkpoint status of site ss as localmark (act1) and sends
Trans_Marking ≙≙≙≙
ANY tr, ss, mm WHERE
grd1 : tr: trans
grd2 : ss ≠ coordinator
grd3 : mm: sentmessages
grd4 : messagetype(mm)= local_cp_request
grd5 : ssmmm : deliver
grd6 : tr : trans_at_site[{ss}]
grd7 : ssmtr: acpt
grd8 : timestamp(tr)≤ lcpns(ss)
grd9 : checkpointstatus(ss)=pending
THEN
act1 : acpt≔ acpt∖{ssmtr}
act2 : bcpt≔ bcpt ∪ {ssmtr}
END
Reply ≙≙≙≙
ANY ss, mm WHERE
grd1 : ss : SITE
grd2 : ss ≠ coordinator
grd3 : mm / dom(sender)
grd4 :
∀ tr·(tr: trans ∧ tr: trans_at_site[{ss}]∧
timestamp(tr)≤ lcpns(ss)G ssmtr:bcpt)
grd5 : checkpointstatus(ss)=pending
THEN
act1 : checkpointstatus(ss)≔ localmark
act2 : sentmessages≔ sentmessages∪ {mm}
act3 : messagetype(mm)≔ local_cp_reply
act4 : sender≔ sender∪ {mmmss}
act5 : tsmsg(mm)≔ lcpns(ss)+1
act6 : lcpns(ss)≔ lcpns(ss)+1
END
10. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
68
timestamped reply message mm (act 2, act3 & act4). For assigning timestamp to message mm site
increments its own timestamp by one and this incremented timestamp value is assigned to reply
message mm (act5). The action act6 updates local checkpoint number of site ss.
Fig. 8. Delivery of Reply Message at Coordinator Site
4.7. Delivery of reply message at coordinator site
This event models the delivery of reply message at coordinator site (Fig. 8). The guard grd1
specifies that site ss is coordinator site. Delivery of reply message mm (grd3) has not been done at
coordinator site ss is ensured through guard grd4. The guard grd5 ensures that status of
coordinator ss is waiting. When this event triggers, it makes delivery of reply message at
coordinator site (act1). The coordinator site also counts the total number of reply messages
received from participant site. Each time when a message is delivered, it increments
totalrepliedsite count by one (act2). The action act3 makes the entry of timestamp of reply
message mm.
4.8. Broadcasting global checkpoint number
After the delivery of reply message from all participant sites, coordinator site changes its status
from waiting to received_all_replies [Fig. 9]. The guard grd2 ensures that coordinator has
received reply message from all participant sites. The action act1 changes status of coordinator.
The event Broadcast_Gcpn formalizes broadcasting of global checkpoint number message to all
sites [Fig. 9]. The guards grd1 and grd4 ensure that site ss is coordinator site and it has received
reply messages from all sites respectively. After receiving reply message from all participant sites
(grd4), coordinator site compute global checkpoint number on the basis of timestamp of received
reply message. The global checkpoint number is the maximum value of timestamp of reply
message (grd6). Due to occurrence of this event, coordinator site ss broadcast timestamped global
checkpoint message mm (act1,act2,act3). The action act4 specifies that global checkpoint number
globalcpn is assigned as timestamp of message mm. The action act5 changes the status of
coordinator site as globalcpnbroadcast.
Reply_Delivery ≙≙≙≙
ANY mm, ss WHERE
grd1 : ss= coordinator
grd2 : mm: sentmessages
grd3 : messagetype(mm)= local_cp_reply
grd4 : mm/ deliver[{ss}]
grd5 : coordinatorstatus(ss)= waiting
THEN
act1 : deliver≔ deliver∪ {ssmmm}
act2 : totalrepliedsite≔ totalrepliedsite+1
act3 : tsreplymsg≔ tsreplymsg ∪ {tsmsg(mm)}
END
11. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
69
Fig. 9. Broadcasting Global Checkpoint Number
4.9. Delivery of global checkpoint number message
This event models the delivery of global checkpoint message at participant site [Fig. 10]. The
global checkpoint message mm (grd4) has been sent by coordinator site s is ensured through
guard grd5. The guard grd6 ensures that delivery of message mm has not been done at site ss. The
guard grd7 specifies that for all transaction tr at site ss if they are marked as bcpt (before
checkpoint transaction) then timestamp of transaction will be less than timestamp of global
checkpoint message mm. Due to occurrence of this event, delivery of message mm is done at site
ss (act1). The site ss also updates its knowledge in form of local checkpoint number with the
timestamp of globalcheckpoint message mm (act2).
4.10. Final marking of transaction
This event formalizes the final marking of transaction [Fig. 11]. It marks all transactions as before
checkpoint transactions bcpt whose timestamps are less than timestamp of global checkpoint
message. The message mm is global checkpoint message is ensured through guard grd4. The
delivery of message mm has been done at site ss is ensured through guard grd6. The transaction tr
is not marked as before checkpoint transaction is ensured through guard grd7 and its timestamp is
less than local checkpoint number of site ss is ensured through guard grd8. This event marks the
transaction tr as before checkpoint transaction by adding it to bcpt (before checkpoint transaction)
set.
Change_Co-ordinator_Status ≙≙≙≙
ANY ss WHERE
grd1 : ss= coordinator
grd2 : totalrepliedsite= card(SITE)−1
grd3 : coordinatorstatus(ss)= waiting
THEN
act1 : coordinatorstatus(ss)≔ received_all_replies
END
Broadcast_Gcpn ≙≙≙≙
ANY ss, globalcpn, mm WHERE
grd1 : ss= coordinator
grd2 : tsreplymsg ≠0
grd3 : mm/ dom(sender)
grd4 : coordinatorstatus(ss)= received_all_replies
grd5 : finite(tsreplymsg)
grd6 : globalcpn= max(tsreplymsg)
THEN
act1 : sender≔ sender∪ {mmmss}
act2 : sentmessages≔ sentmessages∪ {mm}
act3 : messagetype(mm)≔ global_cp_msg
act4 : tsmsg(mm)≔ globalcpn
act5 : coordinatorstatus(ss)≔ globalcpnbroadcast
END
12. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
70
Fig. 10. Delivery of Global Checkpoint Number Message
Fig. 11. Final Marking of Transaction
4.11. Update checkpoint status of participant
After marking all transactions whose timestamps are less than local checkpoint number of that
site (which is now global checkpoint number) as before checkpoint transaction, checkpoint status
of that site must be marked as globalmark [Fig. 12]. The global checkpoint message mm (grd4)
has been received by site ss is ensured through grd5. The guard grd6 ensures that for all
transactions tr whose timestamp are less than local checkpoint number of that site lcpns(ss) then
that transaction must be present in before checkpoint transaction set bcpt.
GCPN_Message_Receive ≙≙≙≙
ANY ss, mm, s WHERE
grd1 : s= coordinator
grd2 : ss: SITE
grd3 : mm: sentmessages
grd4 : messagetype(mm)=global_cp_msg
grd5 : mmms : sender
grd6 : ssmmm / deliver
grd7 :
∀tr·tr: trans ∧ tr: trans_at_site[{ss}]
∧ ssmtr: bcptG timestamp(tr)≤ tsmsg(mm)
grd8 : checkpointstatus(ss)=localmark
THEN
act1 : deliver≔ deliver ∪ {ssmmm}
act2 : lcpns(ss)≔ tsmsg(mm)
END
Final_Trans_Marking ≙≙≙≙
ANY tr, ss, mm WHERE
grd1 : tr: trans
grd2 : ssmtr: acpt
grd3 : mm: sentmessages
grd4 : messagetype(mm) = global_cp_msg
grd5 : ss ≠ coordinator
grd6 : ssmmm : deliver
grd7 : ssmtr/ bcpt
grd8 : timestamp(tr) ≤ lcpns(ss)
THEN
act1 : acpt≔ acpt∖ {ssmtr}
act2 : bcpt≔ bcpt∪ {ssmtr}
END
13. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
71
Fig. 12. Update Checkpoint Status of Participant
5. CONCLUSIONS
Modern distributed systems are very difficult to develop and reason about. There is need to
formally verify and ensure the correctness of distributed systems and algorithms. During last few
years the research in the field of formal methods has been grown up and has reported significant
success in the development of describing and analyzing the complex systems in formal languages.
In distributed database systems, formal methods take important role for ensuring the correctness.
In this paper, we have done formal verification of distributed checkpointing for the recovery of
distributed transaction. A distributed transaction may be divided in several subtransactions which
may execute at different sites to accomplish global computation. Each site maintains its state
information in form of local checkpoint. In order to recover a distributed transaction it is required
to decide a global recovery line or global checkpoint number which must include all sub-
transactions of a transaction whose timestamp are less than it. For others whose timestamp are
larger will be included in next checkpoint.
In our model, we have presented formal model of global checkpointing in distributed
environment using Event-B. Event-B is a formal method which is used to verify distributed
algorithms. It rigorously verifies all the properties of a model by discharging proof obligations
generated by it. Our model formally specifies the computation of global checkpoint number
GCPN and verifies that GCPN only includes those transactions whose timestamps are lesser than
it. More specifically, it includes all sub-transactions which are submitted before the global
checkpoint number. In order to ensure correctness of our model, we have added following
invariants:
Participant_Change_Status ≙≙≙≙
ANY ss, mm WHERE
grd1 : ss ≠ coordinator
grd2 : checkpointstatus(ss)= localmark
grd3 : mm: sentmessages
grd4 : messagetype(mm)= global_cp_msg
grd5 : ssmmm : deliver
grd6 :
∀ tr·tr: trans ∧ tr: trans_at_site[{ss}]∧
timestamp(tr)≤ lcpns(ss)G ssmtr: bcpt
THEN
act1 : checkpointstatus(ss)≔ globalmark
END
Inv17: ∃ tr,si,sj. tr∈ trans ∧ si∈SITE ∧ sj∈SITE ∧ tr∈trans at site[si] ⇒
tr∈ trans at site[sj]
Inv18:∀ ss,tr. tr∈trans ∧ ss∈SITE ∧ tr∈trans at site[ss] ∧ ssmtr∈bcpt ⇒
timestamp(tr)<lcpns(ss)
Inv19:∀ ss,tr. tr∈trans ∧ ss∈SITE ∧ ssd coordinator ∧ tr∈ trans at site[ss] ∧
checkpointstatus(ss)=globalmark ∧ timestamp(tr)< lcpns(ss)⇒ss mtr/ acpt
14. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
72
The invariant 17 verifies the submission of transaction under distributed environment. The
distributed computation involves execution of transaction at several sites. This invariant ensures
that if transaction tr is present at site Si then it may also be present at other site Sj.
The invariant 18 ensures the correctness of our model by ensuring that there will be no
transaction in set bcpt whose timestamp are larger than local checkpoint number of that site. It
verifies that for all transactions tr if site ss has marked this transaction as before checkpoint
transaction then timestamp of transaction tr will be less than local checkpoint number of site ss.
The invariant 19 verifies that if the site has completed its final marking then all transactions
whose timestamps are less than local checkpoint number of that site will not be present in set acpt
(after checkpoint transaction). We have used Rodin tool for writing Event-B specifications. The
model generates 106 proof obligations out of which 51 are discharged automatically by the prover
of tool while 55 proof obligations are discharged manually. The proof obligations generated by
model give the rigorous reasoning about the design of model. During execution of model all
invariants are preserved which ensures that model is correct. In future, we aim to use vector
timestamp in place of scalar timestamp.
REFERENCES
[1] M.Singhal, N.G.Shivratri: Advanced Concepts in Operating Systems. Tata Mc-GrawHill Book
Company, India (2005).
[2] A.Helal, A.Heddya and B. Bhargava: Replication Techniques in Distributed System. Kluwener
Academic Publishers (1997).
[3] R.Koo,S. Toueg:Checkpointing and Rollback-Recovery for Distributed Systems. In: IEEE
Transactions on Software Engineering, vol. 13, no. 1, pp. 23-31, (1987).
[4] S.H.Son, A.K. Agrawala: Distributed Checkpointing for Globally Consistent States of Databases.In:
IEEE Transactions on Software Engineering, vol. 15, no. 10, pp. 1157-1167, (1989).
[5] M.G.Hinchey, JP. Bowen and R.L. Glass: Formal methods: Point-counterpoint. Computer,
29(4):1819, 1996.
[6] C.Jones, D. Jackson and J. Wing: Formal methods light. Computer, 29(4):2022, 1996.
[7] R.Banach: Retrenchment for Event-B: UseCase-wise development and Rodin integration. Formal
Aspects of Computing, 23, pp. 113131, (2011).
[8] S.Hallerstede: On the purpose of Event-B proof obligations. Formal Aspects of Computing, 23: pp.
133150, (2011).
[9] S.Hallerstede and M. Leuschel: Experiments in program verification using Event-B. Formal Aspects
of Computing, 24: pp. 97125, (2012)
[10] D.Basin, A. Furst, T.S. Hoang, K. Miyazaki, and N. Sato: Abstract Data Types in Event-B - An
Application of Generic Instantiation. CoRR, 2012.
[11] J-R.Abrial. From Z to B and then Event-B: Assigning Proofs to Meaningful Programs. In E.B.
Johnsen and L. Petre, editors, IFM, volume 7940 of Lecture Notes in Computer Science, pages 115.
Springer, 2013.
[12] M.Butler and I.Maamria: Practical theory extension in Event-B. In Zhiming Liu, Jim Woodcock, and
Huibiao Zhu, editors, Theories of Programming and Formal Methods, volume 8051 of Lecture Notes
in Computer Science, pages 6781. Springer, 2013.
[13] J.R.Abrial : A system development process with Event-B and the Rodin platform. In: Lecture Notes
In Computer Science 4789, Springer, pp.1-3, (2007).
[14] R.Suryavanshi, D.Yadav: Formal Development of Byzantine Immune Total Order Broadcast System
using Event-B. In: ICDEM 2010, Andres,F., Kannan, R. (eds.) LNCS, Vol. 6411, Springer, pp.317-
324, (2010).
[15] J-R.Abrial. Modeling in Event-B: System and Software Engineering. Cambridge University Press,
2010.
[16] T.S.Hoang, Proving almost-certain convergence properties using Event-B, Tech. Rep. 768,
Department of Computer Science, ETH Zurich,
http://www.inf.ethz.ch/research/disstechreps/techreports (Jul. 2012).
15. International Journal of Computer Science & Information Technology (IJCSIT) Vol 7, No 5, October 2015
73
[17] T.Hoang, H. Kuruma, D.Basin, J.R.Abrial:Developing topology discovery in Event- B, Science of
Computer Programming 74 (11-12) (2009) 879899.
[18] T.S.Hoang, J.R. Abrial: Reasoning about liveness properties in Event-B,in: S. Qin, Z. Qiu (Eds.),
International Conference on Formal Engineering Methods 2011, Vol. 6991 of Lecture Notes in
Computer Science, Springer-Verlag, 2011, pp. 456471.
[19] C. Metayer, J.R. Abrial, L.Voison: Event-B language. RODIN deliverables 3.2,
http://rodin.cs.ncl.ac.uk/deliverables/D7.pdf, (2005).
[20] Kriangsak Damchoom, Michael Butler, J-R Abrial: Modelling and Proof of a Tree- Structured File
System in Event-B and Rodin. In Shaoying Liu, Tom Maibaum and Keijiro Arak, editors, ICFEM-
2008, Formal Methods and Software Engineering, Lecture Notes in Computer Science, Volume 5256,
pages 25-44, Springer, 2008.
[21] J-R. Abrial and S. Hallerstede: Refinement, Decomposition, and Instantiation of Discrete Models:
Application to Event-B. Fundam. Inform., 77(1-2):128, 2007.
[22] J-R. Abrial, M. Butler, S. Hallerstede, T.S. Hoang, F. Mehta, and L. Voisin. Rodin: an open toolset
for modelling and reasoning in Event-B. International Journal on Software Tools for Technology
Transfer (STTT), 12(6):447466, 2010.
AUTHORS
Girish Chandra is an Associate Professor in Department of Computer Science and
Engineering at Institute of Engineering Technology, Lucknow.. He has received
M.Tech from IIT Kanpur. He is doing Ph.D. from Uttar Pradesh Technical University,
Lucknow. He has presented several international papers in IITs and other universities.
His research interest includes Cryptography, Formal Verification and Distributed
Systems.
Raghuraj Suryavanshi is working as Assistant Professor in Computer Science and
Engineering at Pranveer Singh Institute of Engineering & Technology Kanpur. He has
completed Ph.D. from Uttar Pradesh Technical University, Lucknow. He has received
Teacher Fellowship award from Uttar Pradesh Technical University. He has presented
several international papers in India and abroad. His research interests are formal
verification and validation of critical properties of distributed database systems.
Prof. Divakar Yadav is working as Director of Dr. Bhim Rao Ambedkar Engineering
College of Information Technology, Banda. He obtained Ph.D. in Computer Science
from University of Southampton, U.K under Commonwealth Scholarship & Fellowship
Plan, U.K. earlier, he obtained M.Tech in Computer Science from Indian Institute of
Technology, Kharagpur. Dr. Yadav possesses more than 25 years of experience in
academics/research in India and abroad. He is Professor of Computer Science and
Engineering at Institute of Engineering and Technology, Lucknow His primary
research interests are in formal methods, refinement of distributed systems using Event-
B.