Formal specification and verification of a team formation protocol using TLA+

Team formation in an environment where some relevant parameters are not known in advance is a challenging problem. Communicating automata and distributed algorithms have been used to describe protocols for team formation. A high-level specification provides a mathematical description of a protocol or a program. TLA(+) is a formal specification language designed to provide high-level specifications of concurrent and distributed systems. The associated model checker known as TLC is capable of model checking the TLA(+) specifications. Recently, formal specification of a team formation protocol is given using TLA(+) when there is a single initiator (an agent or a robot) that initiates the team formation. Using TLA(+), we examine the formal specification for the multiple initiator situation and demonstrate that a composition technique can yield a single monolithic specification for the multiple initiator situation from the single initiator situation specification. We have used models of varying sizes, and the TLC model checker has confirmed that the protocol's specifications meet certain desired characteristics in each case.