By Topic

Correctness and performance of a multicomputer operating system

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Martin, P. ; Dept. of Comput. Sci., Victoria Univ., Wellington, New Zealand ; Candlin, R. ; Gilmore, S.

Our discussion assumes parallel or distributed computer systems that allow dynamic migration of processes between processors. Because the overall performance of these systems is strongly dependent on the overheads of migration, it is vital that migration be implemented as efficiently as possible. However, efficient implementations are often complex implementations and thus we have a conflict between performance and correctness. We cannot make the conflict go away, but we should be able to find ways of describing migration designs such that it is easy for system developers to make changes (for performance reasons) and see straight away what the implications for correctness are. We suggest that the formal specification language Z provides just such a way of describing migration designs. To support this suggestion we present an extended example based on the specification of a migration-proof communication protocol. This example is particularly appropriate because the possibility that a communicating process may migrate several times between communications greatly complicates the implementation. Yet we still require that communication should be efficient and correct, i.e. that messages should not be lost or duplicated. We make three contributions. First, we suggest a two-level plan for specification which separates issues of what operations do from when they do it. Second, we outline a rigorous proof style which combines formal statements of assumptions and proof steps with informal reasoning. Third, we show that we can link performance measurements with the specification but that we need to do this via finite state machines

Published in:

Computer Performance and Dependability Symposium, 1995. Proceedings., International

Date of Conference:

24-26 Apr 1995