Using model checking to formally verify rendezvous algorithms for robots with lights in Euclidean space.

The paper details the first successful attempt at using model checking techniques to verify the correctness of distributed algorithms for robots evolving in a continuous environment. The study focuses on the problem of rendezvous of two robots with lights. There exist many different rendezvous algorithms that aim at finding the minimal number of colors needed to solve rendezvous in various synchrony models (e.g. , FSYNC, SSYNC, ASYNC). While these rendezvous algorithms are typically very simple, their analysis and proof of correctness tend to be extremely complex, tedious, and error-prone as impossibility results are based on subtle interactions between the activation schedules of the robots. The paper presents a generic verification model that can be concretely expressed in available software model-checkers. In particular, we explain the subtle design decisions that allow to keep the search space finite and tractable, as well as prove several important theorems that support them. As a sanity check, we use the model to verify several known rendezvous algorithms in six different models of synchrony. In each case, we find that the results obtained from the model checker are consistent with the results known in the literature. The model checker outputs a counter-example execution in every case that is known to fail. In the course of developing and proving the validity of the model, we identified several fundamental theorems, including the ability for a well chosen algorithm and ASYNC scheduler to produce an emerging property of memory in a system of oblivious mobile robots, and why it is not a problem when robots executing the gathering algorithms are equipped with lights. [Display omitted] • We describe a model to verify mobile robot gathering algorithms that evolve in a Euclidean continuous space. • We show that positive results obtained for the model extend to the initial system model. • We model check all known mobile robot gathering algorithms and verify previous pen-and-paper results. • We obtain new insights about key system hypotheses about problem solvability. • We introduce weaker models of consistency (inspired by regular registers). • We derive a new algorithm that solves mobile robot gathering in such a model. [ABSTRACT FROM AUTHOR]