Spremljeno u:
| Glavni autori: | , , , , |
|---|---|
| Format: | Preprint |
| Izdano: |
2024
|
| Teme: | |
| Online pristup: | https://arxiv.org/abs/2406.17455 |
| Oznake: |
Dodaj oznaku
Bez oznaka, Budi prvi tko označuje ovaj zapis!
|
| _version_ | 1866913548588810240 |
|---|---|
| author | Howard, Heidi Kuppe, Markus A. Ashton, Edward Chamayou, Amaury Crooks, Natacha |
| author_facet | Howard, Heidi Kuppe, Markus A. Ashton, Edward Chamayou, Amaury Crooks, Natacha |
| contents | The Confidential Consortium Framework (CCF) is an open-source platform for developing trustworthy and reliable cloud applications. CCF powers Microsoft's Azure Confidential Ledger service and as such it is vital to build confidence in the correctness of CCF's design and implementation. This paper reports our experiences applying smart casual verification to validate the correctness of CCF's novel distributed protocols, focusing on its unique distributed consensus protocol and its custom client consistency model. We use the term smart casual verification to describe our hybrid approach, which combines the rigor of formal specification and model checking with the pragmatism of automated testing, in our case binding the formal specification in TLA+ to the C++ implementation. While traditional formal methods approaches require substantial buy-in and are often one-off efforts by domain experts, we have integrated our smart casual verification approach into CCF's CI pipeline, allowing contributors to continuously validate CCF as it evolves. We describe the challenges we faced in applying smart casual verification to a complex existing codebase and how we overcame them to find six subtle bugs in the design and implementation before they could impact production |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2406_17455 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | Smart Casual Verification of the Confidential Consortium Framework Howard, Heidi Kuppe, Markus A. Ashton, Edward Chamayou, Amaury Crooks, Natacha Distributed, Parallel, and Cluster Computing Formal Languages and Automata Theory Software Engineering The Confidential Consortium Framework (CCF) is an open-source platform for developing trustworthy and reliable cloud applications. CCF powers Microsoft's Azure Confidential Ledger service and as such it is vital to build confidence in the correctness of CCF's design and implementation. This paper reports our experiences applying smart casual verification to validate the correctness of CCF's novel distributed protocols, focusing on its unique distributed consensus protocol and its custom client consistency model. We use the term smart casual verification to describe our hybrid approach, which combines the rigor of formal specification and model checking with the pragmatism of automated testing, in our case binding the formal specification in TLA+ to the C++ implementation. While traditional formal methods approaches require substantial buy-in and are often one-off efforts by domain experts, we have integrated our smart casual verification approach into CCF's CI pipeline, allowing contributors to continuously validate CCF as it evolves. We describe the challenges we faced in applying smart casual verification to a complex existing codebase and how we overcame them to find six subtle bugs in the design and implementation before they could impact production |
| title | Smart Casual Verification of the Confidential Consortium Framework |
| topic | Distributed, Parallel, and Cluster Computing Formal Languages and Automata Theory Software Engineering |
| url | https://arxiv.org/abs/2406.17455 |