Book contents
- Frontmatter
- Contents
- Prologue: Faultless systems – yes we can!
- Acknowledgments
- 1 Introduction
- 2 Controlling cars on a bridge
- 3 A mechanical press controller
- 4 A simple file transfer protocol
- 5 The Event-B modeling notation and proof obligation rules
- 6 Bounded re-transmission protocol
- 7 Development of a concurrent program
- 8 Development of electronic circuits
- 9 Mathematical language
- 10 Leader election on a ring-shaped network
- 11 Synchronizing a tree-shaped network
- 12 Routing algorithm for a mobile agent
- 13 Leader election on a connected graph network
- 14 Mathematical models for proof obligations
- 15 Development of sequential programs
- 16 A location access controller
- 17 Train system
- 18 Problems
- Index
6 - Bounded re-transmission protocol
Published online by Cambridge University Press: 05 March 2013
- Frontmatter
- Contents
- Prologue: Faultless systems – yes we can!
- Acknowledgments
- 1 Introduction
- 2 Controlling cars on a bridge
- 3 A mechanical press controller
- 4 A simple file transfer protocol
- 5 The Event-B modeling notation and proof obligation rules
- 6 Bounded re-transmission protocol
- 7 Development of a concurrent program
- 8 Development of electronic circuits
- 9 Mathematical language
- 10 Leader election on a ring-shaped network
- 11 Synchronizing a tree-shaped network
- 12 Routing algorithm for a mobile agent
- 13 Leader election on a connected graph network
- 14 Mathematical models for proof obligations
- 15 Development of sequential programs
- 16 A location access controller
- 17 Train system
- 18 Problems
- Index
Summary
In this chapter, we extend the file transfer protocol example of Chapter 4. The added constraint with regard to the previous simple example is that we suppose now that the data and acknowledgment channels situated between the two sites are unreliable. As a consequence, the effect of the execution of the bounded re-transmission protocol (for short BRP) is to only partially copy (but sometimes totally also) a sequential file from one site to another. The purpose of this example is precisely to study how we can cope with this kind of problem of dealing with fault tolerance and how we can formally reason about them. Notice that, in this chapter, we do not develop proofs as much as in the previous chapters; we only give some hints and let the reader develop the formal proof. This example has been studied in many papers among which is the one by J.F. Groote and J.C. Van de Pool [1].
Informal presentation of the bounded re-transmission protocol
Normal behavior
The sequential file to be transmitted is supposed to be transported piece by piece from one site, the sender site, to another one, the receiver site. For that purpose, the sender sends a certain data item on the so-called data channel connecting the sender to the receiver. As soon as the receiver receives this data item, it stores it in its own file and sends back an acknowledgment to the sender on the so-called acknowledgment channel connecting the receiver to the sender.
- Type
- Chapter
- Information
- Modeling in Event-BSystem and Software Engineering, pp. 204 - 226Publisher: Cambridge University PressPrint publication year: 2010