Verification of Distributed Erlang Programs using Testing, Model Checking and Theorem Proving
Doctoral thesis, 2008

Software infiltrates every aspect of modern society. Production, transportation, entertainment, and almost every other sphere that influences modern living are either directly or indirectly dependent on software systems. Software systems provide such a degree of flexibility that their role as a driving force for new and better products is indisputable. The downside is that software systems are rarely error-free. For a plentitude of reasons most software systems contain errors. Software errors impose large costs; the more important the system, the higher is the cost of an error. Reports show that a normal software development project spends 40% to 50% of its time and budget on quality assurance. Thus, software project economy is a great incitament for research of better tools and methods for software development. This thesis is part of the continuous efforts of finding more efficient software development methods and addresses the problem of verifying algorithm implementations. We have in particular studied algorithms designed for distributed (systems composed of a collection of computers, processors or processes) and fault-tolerant systems (systems designed to withstand some degree of failure). Verification of distributed and fault-tolerant systems is notoriously hard because both the distribution and the fault-tolerance add complexity to the software systems. The thesis introduces, motivates and evaluates several different verification methods related to distributed and fault-tolerant algorithm implementations. We introduce a trace-based testing method, which has been used to find and analyze errors in an existing open-source implementation of a fault-tolerant leader election algorithm. In the thesis we also present a new open-source implementation of a leader election algorithm, which is based on a verified algorithm by Stoller. We have developed a distributed semantics for Erlang. Errors found using trace-based testing indicated that existing Erlang semantics were not detailed enough. We propose a fully distributed extension of an existing single-node semantics for Erlang. We present McErlang, an explicit state model checker implemented in Erlang, and using Erlang as its specification language. We demonstrate that the 'all in Erlang'-approach to model checking is promising. We propose a semi-automatic algorithm verification method that has been used to prove safety properties for Stoller's leader election algorithm. The verification method uses automated theorem provers to inductively prove first-order logic invariants.

distributed algorithms


theorem proving


distributed programming


model checking


HC1, Hörsalsvägen 14
Opponent: Prof. Jaco van de Pol, Formal Methods and Tools, Universiteit Twente, The Netherlands


Hans Svensson

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Finding Counter Examples in Induction Proofs

Lecture Notes in Computer Science,; (2008)

Paper in proceedings

Semi-Formal Development of a Fault-Tolerant Leader Election Protocol in Erlang

Lecture Notes in Computer Science,; Vol. 3395(2005)p. 140-154

Journal article

A More Accurate Semantics for Distributed Erlang

Proceedings of the ACM SIGPLAN 2007 Erlang Workshop,; (2007)p. 43-54

Paper in proceedings

A New Leader Election Implementation

Proceedings of the ACM SIGPLAN 2005 Erlang Workshop,; (2005)

Paper in proceedings

McErlang: A Model Checker for a Distributed Functional Programming Language

Proc. of International Conference on Functional Programming (ICFP),; (2007)p. 125-136

Paper in proceedings

Subject Categories

Software Engineering



Technical report D - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 38D

Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 2777

HC1, Hörsalsvägen 14

Opponent: Prof. Jaco van de Pol, Formal Methods and Tools, Universiteit Twente, The Netherlands

More information