Towards an Ecosystem for Verifying Implementations of BFT protocols Ivana Vukotic, Vincent Rahli, Marcus Völp and Paulo Esteves-Veríssimo PhD start: April 2017 Areas: BFT & Formal verification Univ. of Luxembourg SnT Luxembourg <name>.<surname>@uni.lu http://wwwen.uni.lu/snt/research/critixv Supported by the SnT and the National Research Fund Luxembourg (FNR), through PEARL grant FNR/P14/8149128 April 23 2018 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Summary • Problem: Distributed systems are hard to implement correct and maintain • Why: Distributed systems are widely used and evolving • Moto: ”Trust but verify” – U.S. President Ronald Reagan • Consequence: Bring stronger guaranties about correctness of existing systems, as well as help designers to build new robust systems 2 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Critical information infrastructure 3 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
BFT-SMR There is NO lunch for free! • Very complex • No formal specification • No implementation 4 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Our goal • Ecosystem of formal tools for verifying implementations of BFT protocols • It will allow us to formally explore the breadth of possibilities for designing such protocols 5 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Where do we fit? Running code Byzantine (synch.) Byzantine (asynch.) EventML/IronFleet/Psync/Verdi/Disel HO-model/PVS ByMC/IOA/TLA+ Event-B Velisarios 6 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Velisarios Velisarios Coq OCaml BFT model PBFT Runtime Model of implementation envinronment Byzantine faults Model of distributed knowledge Safety (agreement) Automation 7 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Extraction and Evaluation Figure 2. Several machines Figure 1. Single machine Figure 3. Single machine using MAC Figure 4. View change response time 8 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Lines of Research for my PhD Hybrids: • Components with different failure assumptions • Interface between trusted-trustworthy component and payload system • Building abstractions • Extend knowledge theory State transfer and rejuvenation: • More dynamic model • Being faster about attacker speed • Build abstractions • Extend knowledge theory 9 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Future lines of research Liveness/timeliness Bridging the gap Java Go OCaml C Coq 10 Ivana Vukotic An Ecosystem for Verifying Implementations of BFT protocols April 23 2018
Recommend
More recommend
