Compositional reasoning about responsive systems with limited resources

Abstract

A compositional network proof theory to specify and verify properties of fault-tolerant real-time distributed systems with limited resources is presented. In this theory a conceptual scheduler grants the resource using on-line preemptive priority scheduling where the priority is a function of the initial priority and the time spent waiting for the resource. The method enables reasoning about responsive systems which must respond to external inputs in a timely, dependable, and predictable manner. It allows us to abstract from the precise nature and occurrence of faults and to focus on how they affect the externally visible input and output behaviour. To this end a failure hypothesis is formalized as a relation between the system’s normal behaviour (i.e., the behaviour when no faults occur) and its acceptable behaviour, that is, the normal behaviour together with the exceptional behaviour (i.e., the behaviour whose abnormality should be tolerated). The proof theory is compositional to allow reasoning with the specifications of processes while ignoring their implementation details.