Wireless Communications and Mobile Computing

Research Article

Formal Modelling of PBFT Consensus Algorithm in Event-B

Theorems to prove the liveness.

Theorem
@theorem 1: G∈NODES×{{MM↦RR}}∧
CORR∈CORR∧
Card({n∣n∈corr∧G(n)(m)=∅})≠∅∧≠∅∧
G_pre∈NODES→(NODES→ℙ(ℕ×(ℕ×value))) ∧
G_r∈NODES→(NODES→ℙ(ℕ×(ℕ×value))) ∧
G_pre_check∈NODES→ℙ(ℕ×(ℕ×value)) ∧
G_r_check∈NODES→ℙ(ℕ×(ℕ×value))
⇒
(node2∈NODES∧
m2∈ℕ×(ℕ×value) ∧
message2∈message∧ contents(message2)=prj2(m2) ∧
m2∈G_r_check(node2) ∧
Cache[corr] ≠ ∅∧
message2∈inter(cache[corr]) ∧
message2∉dom(G(node2)) ∧ prj1(prj2(m2))=n))
@theorem2 G∈NODES×{{MM↦RR}}∧
CORR∈CORR∧
Card({n∣n∈corr∧G(n)(m)=∅})≠∅∧
G_pre∈NODES→(NODES⇸ℙ(ℕ×(ℕ×value))) ∧
G_r∈NODES→(NODES→ℙ(ℕ×(ℕ×value))) ∧
G_pre_check∈NODES→ℙ(ℕ×(ℕ×value)) ∧
G_r_check∈NODES→ℙ(ℕ×(ℕ×value))
⇒
(node∈NODES∧
node1∈corr∧
m∈cache(node) ∧
m∉dom(G(node)) ∧
prj1(contents(m))<n∧
m∈dom(G(node1)))
@theorem3 G∈NODES×{{MM↦RR}}∧
CORR∈CORR ∧
Card()=∅ ∧
G_pre∈NODES→(NODES→ℙ(ℕ×(ℕ×value))) ∧
G_r∈NODES→(NODES→ℙ(ℕ×(ℕ×value))) ∧
G_pre_check∈NODES→ℙ(ℕ×(ℕ×value)) ∧
G_r_check∈NODES→ℙ(ℕ×(ℕ×value))
⇒
3({i,j·i∈NODES∧j∈dom(G(i))∧(G(i))(j)=True_execute(j∣i})≥2(NODES)+1