reliabe by design

•

0 likes•2 views

Fan Robbin

reliabe by design

Technology

Reliable by Design
Applying Formal Methods to Distributed Systems
David Turner
@DaveCTurner
Yannick Welsch
@ywelsch

Richard Guindon
{ }
Writing is nature’s way of
letting you know how sloppy your
thinking is.

Leslie Lamport
{ }
Mathematics is nature’s way of
letting you know how sloppy your
writing is.

8
Model
Checking
Interactive
Theorem
Proving
• Exhaustive search
• Finite state space
• Accessible
• Detailed argument
• Arbitrary state space
• More specialised
Flavours

11
Safety Liveness
Nothing bad happens Something good eventually
happens
Properties

13
TLA+
Node1
Node2
Node3
• combines temporal logic and set theory
• specification defines initial state and next-state relation
• states represented by assigning values to variables

14
Next-state relation
Node n
firstUncommittedSlot: s
currentTerm: t
...
PublishResponse{ ... }
Node n
firstUncommittedSlot: s
currentTerm: t
lastAcceptedTerm: t
lastAcceptedValue: v
...
PublishRequest
- dest: n
- slot: s
- term: t
- value: v
PublishResponse
- slot: s
- term: t

* next-state relation
Next ==
/ HandlePublishRequest
/ HandlePublishResponse
/ HandleClientRequest
/ SomeNodeCrashes
/ ...
* main safety property
StateMachineSafety ==
A n1, n2 in Nodes :
firstUncommittedSlot[n1] = firstUncommittedSlot[n2] =>
/ currentClusterState[n1] = currentClusterState[n2]
/ currentConfiguration[n1] = currentConfiguration[n2]
15
Full specification
• network behavior
• node failures
• client submitting values
• next-state relation
• safety property

TLC
• model checker
• integrated into IDE
• exhaustive state exploration
• breadth-first
• bounded state space
• bugs even for small models
• good at finding edge cases

Isabelle/HOL
• interactive proof assistant
• needs guidance
• tracks proof goals
• fully automatically verifies proof

Experiences
TLA+ Isabelle/HOL
● executable specs
● rapid prototyping
● high confidence
● rising in popularity
● no state-space limitations
● deep insights
● even higher confidence

Where can I learn more about this?
More Questions? Visit us at the AMA
● TLA+ Home Page: http://lamport.azurewebsites.net/tla/tla.html
● TLA+ Video Course: http://lamport.azurewebsites.net/video/videos.html
● Introduction to TLA+: https://learntla.com
● Tutorial on Isabelle/HOL: http://isabelle.in.tum.de/doc/tutorial.pdf
● Use of Formal Methods at AWS: http://lamport.azurewebsites.net/tla/formal-methods-amazon.pdf
● Formal models of core Elasticsearch algorithms: https://github.com/elastic/elasticsearch-formal-models
● Related talk at 3:30pm (Salon 1-7): Elasticsearch Consensus: The Past, the Present, and the Future

21
Please attribute Elastic with a link to elastic.co

Similar to reliabe by design

TeelTech - Advancing Mobile Device Forensics (online version)

Mike Felch

Vhdl

vandanamalode

"Нейронные сети для извлечения структурированной информации из документов" Печатные документы - важная часть нашей жизни. Из моего доклада вы узнаете, как применять глубокие нейронные сети, чтобы извлечь структурированную информацию из документов с различным шаблоном. Я также расскажу, как решить проблемы в проектах, где используется машинное обучение. Доклад будет полезен не только тем, кто уже успешно использует машинное обучение, но и всем, кому просто интересна эта тема.

#ITsubbotnik Spring 2017: Dmitrii Nikitko "Deep learning for understanding of...

epamspb

Intro to TensorFlow and PyTorch Workshop at Tubular Labs

Kendall

Performance analysis and troubleshooting using DTrace

Graeme Jenkinson

Building Big Data Streaming Architectures

David Martínez Rego

Topic02-Architecture.pptx

ImXaib

3 Ways to Deliver an Elastic, Cost-Effective Cloud Architecture (ANZ)

confluent

Verification with LoLA: 4 Using LoLA

Universität Rostock

3 Ways to Deliver an Elastic, Cost-Effective Cloud Architecture

confluent

The State of the Veil Framework

VeilFramework

The demands and expectations for applications have changed dramatically in recent years. Applications today are deployed on a wide range of infrastructure; from mobile devices up to thousands of nodes running in the cloud—all powered by multi-core processors. They need to be rich and collaborative, have a real-time feel with millisecond response time and should never stop running. Additionally, modern applications are a mashup of external services that need to be consumed and composed to provide the features at hand. We are seeing a new type of applications emerging to address these new challenges—these are being called Reactive Applications. In this talk we will discuss four key traits of Reactive; Event-Driven, Scalable, Resilient and Responsive—how they impact application design, how they interact, their supporting technologies and techniques, how to think when designing and building them—all to make it easier for you and your team to Go Reactive.

Go Reactive: Event-Driven, Scalable, Resilient & Responsive Systems

Jonas Bonér

Sdn not just a buzzword

Jorge Bonilla

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

DevOps4Networks

Blockchain technology can revolutionise the provision of decentralised Applications Dapps, as well as help IoT systems to boot to reduce the cost of this development, the stakeholders to determine how to distribute benefits and take into account five basic principles: • Potential effects of technology on IoT systems • Organisational changes • Secure the correct data • Financing electronic IoT systems • Security and privacy of user data

Blockchain: No Thunder No Wonder

Ali Al-Sherbaz

Cloud Intrusion Detection Reloaded - 2018

randomuserid

Eventing and streaming open a world of compelling new possibilities to our software and platform designs. They can reduce time to decision and action while lowering total platform cost. But they are not a panacea. Understanding the edges and limits of these architectures can help you avoid painful missteps. This talk will focus on event driven and streaming architectures and how Apache Kafka can help you implement these. It will also discuss key tradeoffs you will face along the way from partitioning schemes to the impact of availability vs. consistency (CAP Theorem). Finally we’ll discuss some challenges of scale for patterns like Event Sourcing and how you can use other tools and even features of Kafka to work around them. This talk assumes a basic understanding of Kafka and distributed computing, but will include brief refresher sections.

Hard Truths About Streaming and Eventing (Dan Rosanova, Microsoft) Kafka Summ...

confluent

Software Testing

Andrew Wang

Notes from 2016 bay area deep learning school

Niketan Pansare

Functional programming finds its roots in mathematics - the pursuit of purity and completeness. We functional programmers look to formalize system behaviors in an algebraic and total manner. Despite this, when it comes time to deploy ones beautiful monadic ivory towers to production, most organizations cast caution to the wind and use a myriad of bash scripts and sticky tape to get the job done. In this talk, the speaker will introduce you to Nelson, an open-source project from Verizon that looks to provide rigor to your large distributed system, whilst offering best-in-class security, runtime traffic shifting and a fully immutable approach to application lifecycle. Nelson itself is entirely composed of free algebras and coproducts, and the speaker will show not only how this has enabled development, but also how it provided a frame with which to reason about solutions to fundamental operational problems.

Nelson: Rigorous Deployment for a Functional World

Timothy Perrett

Similar to reliabe by design (20)

TeelTech - Advancing Mobile Device Forensics (online version)

Vhdl

#ITsubbotnik Spring 2017: Dmitrii Nikitko "Deep learning for understanding of...

Intro to TensorFlow and PyTorch Workshop at Tubular Labs

Performance analysis and troubleshooting using DTrace

Building Big Data Streaming Architectures

Topic02-Architecture.pptx

3 Ways to Deliver an Elastic, Cost-Effective Cloud Architecture (ANZ)

Verification with LoLA: 4 Using LoLA

3 Ways to Deliver an Elastic, Cost-Effective Cloud Architecture

The State of the Veil Framework

Go Reactive: Event-Driven, Scalable, Resilient & Responsive Systems

Sdn not just a buzzword

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io

Blockchain: No Thunder No Wonder

Cloud Intrusion Detection Reloaded - 2018

Hard Truths About Streaming and Eventing (Dan Rosanova, Microsoft) Kafka Summ...

Software Testing

Notes from 2016 bay area deep learning school

Nelson: Rigorous Deployment for a Functional World

Recently uploaded

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

CNv6 Instructor Chapter 6 Quality of Service

giselly40

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

What are drone anti-jamming systems? The drone anti-jamming systems and anti-spoof technology protect against interference, jamming, and spoofing of the UAVs. To protect their security, countries are beginning to research drone anti-jamming systems, also known as drone strike weapons. The anti-jam and anti-spoof technology protects against interference, jamming and spoofing. A drone strike weapon is a drone attack weapon that can attack and destroy enemy drones. So what is so unique about this amazing system?

What Are The Drone Anti-jamming Systems Technology?

Antenna Manufacturer Coco

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024

Powerful Google developer tools for immediate impact! (2023-24 C)

Presentation on how to chat with PDF using ChatGPT code interpreter

Scaling API-first – The story of a global engineering organization

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Automating Google Workspace (GWS) & more with Apps Script

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Boost Fertility New Invention Ups Success Rates.pdf

GenCyber Cyber Security Day Presentation

Boost PC performance: How more available memory can improve productivity

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Exploring the Future Potential of AI-Enabled Smartphone Processors

A Domino Admins Adventures (Engage 2024)

CNv6 Instructor Chapter 6 Quality of Service

GenAI Risks & Security Meetup 01052024.pdf

What Are The Drone Anti-jamming Systems Technology?

presentation ICT roal in 21st century education

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

reliabe by design

1. Reliable by Design Applying Formal Methods to Distributed Systems David Turner @DaveCTurner Yannick Welsch @ywelsch

2. Design is thinking 2

3. Design is documentation 3

4. Richard Guindon { } Writing is nature’s way of letting you know how sloppy your thinking is.

5. Leslie Lamport { } Mathematics is nature’s way of letting you know how sloppy your writing is.

6. Mathematical tools 6

7. Millions of states 7

8. 8 Model Checking Interactive Theorem Proving • Exhaustive search • Finite state space • Accessible • Detailed argument • Arbitrary state space • More specialised Flavours

9. CONSENSUS

10. Asynchronous system 10

11. 11 Safety Liveness Nothing bad happens Something good eventually happens Properties

12. Majorities 12

13. 13 TLA+ Node1 Node2 Node3 • combines temporal logic and set theory • specification defines initial state and next-state relation • states represented by assigning values to variables

14. 14 Next-state relation Node n firstUncommittedSlot: s currentTerm: t ... PublishResponse{ ... } Node n firstUncommittedSlot: s currentTerm: t lastAcceptedTerm: t lastAcceptedValue: v ... PublishRequest - dest: n - slot: s - term: t - value: v PublishResponse - slot: s - term: t

15. * next-state relation Next == / HandlePublishRequest / HandlePublishResponse / HandleClientRequest / SomeNodeCrashes / ... * main safety property StateMachineSafety == A n1, n2 in Nodes : firstUncommittedSlot[n1] = firstUncommittedSlot[n2] => / currentClusterState[n1] = currentClusterState[n2] / currentConfiguration[n1] = currentConfiguration[n2] 15 Full specification • network behavior • node failures • client submitting values • next-state relation • safety property

16. TLC • model checker • integrated into IDE • exhaustive state exploration • breadth-first • bounded state space • bugs even for small models • good at finding edge cases

17. Isabelle/HOL • interactive proof assistant • needs guidance • tracks proof goals • fully automatically verifies proof

18. Experiences TLA+ Isabelle/HOL ● executable specs ● rapid prototyping ● high confidence ● rising in popularity ● no state-space limitations ● deep insights ● even higher confidence

19. Where can I learn more about this? More Questions? Visit us at the AMA ● TLA+ Home Page: http://lamport.azurewebsites.net/tla/tla.html ● TLA+ Video Course: http://lamport.azurewebsites.net/video/videos.html ● Introduction to TLA+: https://learntla.com ● Tutorial on Isabelle/HOL: http://isabelle.in.tum.de/doc/tutorial.pdf ● Use of Formal Methods at AWS: http://lamport.azurewebsites.net/tla/formal-methods-amazon.pdf ● Formal models of core Elasticsearch algorithms: https://github.com/elastic/elasticsearch-formal-models ● Related talk at 3:30pm (Salon 1-7): Elasticsearch Consensus: The Past, the Present, and the Future

20. www.elastic.c o

21. 21 Please attribute Elastic with a link to elastic.co

reliabe by design

Recommended

Recommended

More Related Content

Similar to reliabe by design

Similar to reliabe by design (20)

More from Fan Robbin

More from Fan Robbin (10)

Recently uploaded

Recently uploaded (20)

reliabe by design