Combining state- and event-based semantics to verify highly available applications

Abstract

Replicated databases are attractive for managing the data of distributed applications. To achieve high availability, low latency, and high throughput for such applications, consistency has to be weakened. This comes at a price: it is harder to prove application correctness. In this paper, we describe a new and powerful specification and verification technique for highly available applications together with the tool Repliss that partially automates its use. The verification technique is based on existing event-based semantics for database replication and embeds the semantics into a classical state-based verification approach for application programs. As a central contribution, we carefully designed the specification and programming framework in such a way, that the complex concurrent semantics are reduced to sequential verification, which is much easier to handle and provide a better basis for automated tool support. We prove the soundness of this reduction and a restricted form of completeness. All these proofs and the underlying semantics of the system have been formalized in Isabelle/HOL. • Composable proof technique for working with weak consistency. • Expressible specifications with history invariants. • Semantics, technique, and soundness proof verified in Isabelle/HOL. • Implementation of a prototype verification tool to support the technique.