{"id":"https://openalex.org/W4408888756","doi":"https://doi.org/10.1145/3689031.3696069","title":"Multi-Grained Specifications for Distributed System Model Checking and Verification","display_name":"Multi-Grained Specifications for Distributed System Model Checking and Verification","publication_year":2025,"publication_date":"2025-03-26","ids":{"openalex":"https://openalex.org/W4408888756","doi":"https://doi.org/10.1145/3689031.3696069"},"language":"en","primary_location":{"id":"doi:10.1145/3689031.3696069","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3689031.3696069","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twentieth European Conference on Computer Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3689031.3696069","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086859369","display_name":"Lingzhi Ouyang","orcid":"https://orcid.org/0000-0001-7523-8759"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Lingzhi Ouyang","raw_affiliation_strings":["SKL for Novel Soft. Tech., Nanjing University, China"],"raw_orcid":"https://orcid.org/0000-0001-7523-8759","affiliations":[{"raw_affiliation_string":"SKL for Novel Soft. Tech., Nanjing University, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101923614","display_name":"Xudong Sun","orcid":"https://orcid.org/0009-0005-6734-0928"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xudong Sun","raw_affiliation_strings":["University of Illinois, Urbana-Champaign, IL, USA"],"raw_orcid":"https://orcid.org/0009-0005-6734-0928","affiliations":[{"raw_affiliation_string":"University of Illinois, Urbana-Champaign, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021282644","display_name":"Ruize Tang","orcid":"https://orcid.org/0009-0001-0590-1620"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruize Tang","raw_affiliation_strings":["SKL for Novel Soft. Tech., Nanjing University, China"],"raw_orcid":"https://orcid.org/0009-0001-0590-1620","affiliations":[{"raw_affiliation_string":"SKL for Novel Soft. Tech., Nanjing University, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102718047","display_name":"Yu Huang","orcid":"https://orcid.org/0000-0001-8921-036X"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yu Huang","raw_affiliation_strings":["SKL for Novel Soft. Tech., Nanjing University, China"],"raw_orcid":"https://orcid.org/0000-0001-8921-036X","affiliations":[{"raw_affiliation_string":"SKL for Novel Soft. Tech., Nanjing University, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114418457","display_name":"Madhav Jivrajani","orcid":null},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Madhav Jivrajani","raw_affiliation_strings":["University of Illinois, Urbana-Champaign, IL, USA"],"raw_orcid":"https://orcid.org/0009-0000-9170-6524","affiliations":[{"raw_affiliation_string":"University of Illinois, Urbana-Champaign, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041674680","display_name":"Xiaoxing Ma","orcid":"https://orcid.org/0000-0001-7970-1384"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaoxing Ma","raw_affiliation_strings":["SKL for Novel Soft. Tech., Nanjing University, China"],"raw_orcid":"https://orcid.org/0000-0001-7970-1384","affiliations":[{"raw_affiliation_string":"SKL for Novel Soft. Tech., Nanjing University, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5027605695","display_name":"Tianyin Xu","orcid":"https://orcid.org/0000-0003-4443-8170"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tianyin Xu","raw_affiliation_strings":["University of Illinois, Urbana-Champaign, IL, USA"],"raw_orcid":"https://orcid.org/0000-0003-4443-8170","affiliations":[{"raw_affiliation_string":"University of Illinois, Urbana-Champaign, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5086859369"],"corresponding_institution_ids":["https://openalex.org/I881766915"],"apc_list":null,"apc_paid":null,"fwci":5.3028,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.95260676,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"379","last_page":"395"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10933","display_name":"Real-Time Systems Scheduling","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7843825817108154},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.6828734874725342},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.45149844884872437},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.37279951572418213},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3564683198928833}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7843825817108154},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.6828734874725342},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.45149844884872437},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.37279951572418213},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3564683198928833}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3689031.3696069","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3689031.3696069","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twentieth European Conference on Computer Systems","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3689031.3696069","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3689031.3696069","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twentieth European Conference on Computer Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/2","display_name":"Zero hunger","score":0.44999998807907104}],"awards":[{"id":"https://openalex.org/G3147907945","display_name":null,"funder_award_id":"62025202, 62372222","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G5152743342","display_name":null,"funder_award_id":"CNS-2130560, CNS-2145295","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"}],"funders":[{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W1504504841","https://openalex.org/W1972433423","https://openalex.org/W2023718005","https://openalex.org/W2036527145","https://openalex.org/W2066787289","https://openalex.org/W2091776255","https://openalex.org/W2098176818","https://openalex.org/W2109213558","https://openalex.org/W2134890934","https://openalex.org/W2147891468","https://openalex.org/W2167814583","https://openalex.org/W2170471564","https://openalex.org/W2172013287","https://openalex.org/W2327265941","https://openalex.org/W2358431938","https://openalex.org/W2410019603","https://openalex.org/W2604985896","https://openalex.org/W2776248742","https://openalex.org/W2792833030","https://openalex.org/W2898333178","https://openalex.org/W2934650114","https://openalex.org/W2981593401","https://openalex.org/W2981638325","https://openalex.org/W2981783523","https://openalex.org/W2989424765","https://openalex.org/W3031474432","https://openalex.org/W3043774277","https://openalex.org/W3121301634","https://openalex.org/W3204018925","https://openalex.org/W3206178602","https://openalex.org/W4245640662","https://openalex.org/W4246466186","https://openalex.org/W4313459347","https://openalex.org/W4318541571","https://openalex.org/W4362661194","https://openalex.org/W4372259572","https://openalex.org/W4383898410","https://openalex.org/W4386556337","https://openalex.org/W4387321514","https://openalex.org/W4389740116","https://openalex.org/W4390605422","https://openalex.org/W4394923329"],"related_works":["https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2037121848","https://openalex.org/W4312733571","https://openalex.org/W2006962382","https://openalex.org/W2149716943","https://openalex.org/W4315606162","https://openalex.org/W2340807904","https://openalex.org/W1547517160","https://openalex.org/W1483297389"],"abstract_inverted_index":{"This":[0],"paper":[1],"presents":[2],"our":[3],"experience":[4],"specifying":[5],"and":[6,14,28,46,58,88,111,134,153,166],"verifying":[7],"the":[8,30,44,54,59,171,181],"correctness":[9,37],"of":[10,26,56,61,108,118,164],"ZooKeeper,":[11],"a":[12,131],"complex":[13],"evolving":[15,146],"distributed":[16],"coordination":[17],"system.":[18],"We":[19,124,155,178],"use":[20,29],"TLA+":[21],"to":[22,34,52,66,100,176,184,188],"model":[23,32,45,62],"finegrained":[24],"behaviors":[25],"ZooKeeper":[27],"TLC":[31],"checker":[33],"verify":[35,101],"its":[36],"properties;":[38],"we":[39,79,104],"also":[40,179],"check":[41],"conformance":[42],"between":[43],"code.":[47],"The":[48],"fundamental":[49],"challenge":[50],"is":[51,130],"balance":[53],"granularity":[55],"specifications":[57,64,71,81,93,107,113,129],"scalability":[60],"checking---fine-grained":[63],"lead":[65],"state-space":[67],"explosion,":[68],"while":[69],"coarse-grained":[70,112],"introduce":[72],"model-code":[73,138],"gaps.":[74],"To":[75],"address":[76],"this":[77],"challenge,":[78],"write":[80],"with":[82,121,137],"different":[83],"granularities":[84],"for":[85,145],"composable":[86],"modules,":[87],"compose":[89,105],"them":[90],"into":[91],"mixed-grained":[92],"based":[94],"on":[95],"specific":[96],"scenarios.":[97],"For":[98],"example,":[99],"code":[102,120,169],"changes,":[103],"fine-grained":[106],"changed":[109],"modules":[110],"that":[114,126,160],"abstract":[115],"away":[116],"details":[117],"unchanged":[119],"preserved":[122],"interactions.":[123],"show":[125],"writing":[127],"multi-grained":[128],"viable":[132],"practice":[133],"can":[135],"cope":[136],"gaps":[139],"without":[140],"untenable":[141],"state":[142],"space,":[143],"especially":[144],"software":[147],"where":[148],"changes":[149],"are":[150],"typically":[151],"local":[152],"incremental.":[154],"detected":[156],"six":[157],"severe":[158],"bugs":[159],"violate":[161],"five":[162],"types":[163],"invariants":[165],"verified":[167],"their":[168],"fixes;":[170],"fixes":[172],"have":[173],"been":[174],"merged":[175],"ZooKeeper.":[177],"improve":[180],"protocol":[182],"design":[183],"make":[185],"it":[186],"easy":[187],"implement":[189],"correctly.":[190]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}