Abstract
The extent of formal verification methods applied in industrial projects has always been limited. The proliferation of distributed ledger systems (DLS), also known as blockchain, is rapidly changing the situation. Since the main area of DLSs’ application is the automation of financial transactions, the properties of predictability and reliability are critical for implementing such systems. The actual behavior of the DLS is largely determined by the chosen consensus protocol, which properties require strict specification and formal verification. Formal specification and verification of the consensus protocol is necessary but not sufficient. It is also required to ensure that the software implementation of the DLS nodes complies with this protocol. Finally, the verified software implementation of the protocol must run on a fairly reliable operating system. The financial focus of DLS application has also led to the emergence of the so-called smart contracts, which are an important part of the applied implementations of specific business processes based on DLSs. Therefore, the verifiability of smart contracts is also a critical requirement for industrial DLSs. In this paper, we describe an ongoing industrial project between a large Russian airline and three universities – Innopolis University (IU), Moscow Institute of Physics and Technology (MIPT) and Lomonosov Moscow State University (MSU). The main expected project result is a DLS for more flexible refueling of aircrafts, verified at least at the four technological levels described above. After brief project overview, we focus on our experience with the formal specification and verification of HotStuff, a leader-based fault-tolerant protocol that ensures reaching distributed consensus in the presence of Byzantine processes. The formal specification of the protocol is performed in the TLA+ language and then verified with a specialized TLC tool to verify models based on TLA+ specifications.
Highlights
The aim of this paper is to share our experience on applying formal specification and verification in the context of a large industrial project
We begin our presentation of the results with a comparative analysis of consensus protocols for distributed ledger systems (DLS) to select one that would satisfy the Project requirements
The Byzantine Fault Tolerant (BFT) consensus protocol HoneyBadgerBFT [8] belongs to the asynchronous class, which means that there are no assumptions about DLS latency compared to the protocol discussed in the previous section
Summary
The aim of this paper is to share our experience on applying formal specification and verification in the context of a large industrial project (hereinafter – Project). The smart contracts allow simplifying the development of highly reliable systems for potentially unrelated tasks in the real world using, a common network infrastructure and a common implementation of the basic communication protocols between the network nodes. Based on this model, individual transactions contain calls to certain functions of smart contracts to move to a new DLS state from the current one.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
