computability abstractions for fault tolerant
play

Computability Abstractions for Fault-tolerant Asynchronous - PowerPoint PPT Presentation

Oct 09, 2022 •156 likes •1.63k views

Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing Julien Stainer under the supervision of Michel Raynal March 18 th , 2015 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 1 / 51

  1. Agreement Problems ◮ The consensus object is a fundamental building block in distributed computing. ◮ It offers to the processes a primitive allowing each of them to propose a value and returns a unique proposed value to all of them. ◮ Weaker versions of the consensus object allowing up to k values to be returned in the system have been studied. Universal Construction When consensus objects and registers are available, any shared object with a sequential specification can be implemented a . a Maurice Herlihy: Wait-Free Synchronization. ACM TOPLAS (1991) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 8 / 51

  2. Impossibilities and Failure Detectors Consensus Impossibility In the presence of failures, solving the consensus in an asynchronous system (message-passing a or shared memory b communication) is impossible. a Fischer, Lynch, Paterson: Impossibility of Distributed Consensus with One Faulty Process. J. ACM (1985) b Loui, Abu-Amara: Memory requirements for agreement among unreliable asynchronous processes. Advances in Computing Research (1987) Implementing a Shared Memory In an asynchronous message-passing system, if half of the processes can crash, it is impossible to implement a shared memory. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 9 / 51

  3. Impossibilities and Failure Detectors ◮ To work around this kind of impossibilities, the notion of failure detector 1 has been introduced. 1 Tushar Deepak Chandra, Sam Toueg: Unreliable Failure Detectors for Reliable Distributed Systems. J. ACM (1996) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 10 / 51

  4. Impossibilities and Failure Detectors ◮ To work around this kind of impossibilities, the notion of failure detector 1 has been introduced. ◮ A failure detector provides system-controlled read-only variables giving some information to the processes on the failures in the current execution. 1 Tushar Deepak Chandra, Sam Toueg: Unreliable Failure Detectors for Reliable Distributed Systems. J. ACM (1996) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 10 / 51

  5. Impossibilities and Failure Detectors ◮ To work around this kind of impossibilities, the notion of failure detector 1 has been introduced. ◮ A failure detector provides system-controlled read-only variables giving some information to the processes on the failures in the current execution. ◮ Failure detectors can be compared on the possibility to simulate one with another. 1 Tushar Deepak Chandra, Sam Toueg: Unreliable Failure Detectors for Reliable Distributed Systems. J. ACM (1996) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 10 / 51

  6. Impossibilities and Failure Detectors ◮ To work around this kind of impossibilities, the notion of failure detector 1 has been introduced. ◮ A failure detector provides system-controlled read-only variables giving some information to the processes on the failures in the current execution. ◮ Failure detectors can be compared on the possibility to simulate one with another. ◮ Any problem solvable with a failure detector has an associated weakest failure detector 2 . 1 Tushar Deepak Chandra, Sam Toueg: Unreliable Failure Detectors for Reliable Distributed Systems. J. ACM (1996) 2 Prasad Jayanti, Sam Toueg: Every problem has a weakest failure detector. PODC 2008 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 10 / 51

  7. Distributed Computing Motivations, Problems and Contributions The Weakest Failure Detector for k -Set Agreement in Wait-Free Message-Passing Systems Iterated Models to Study Asynchronous Computability Leading Questions During this Thesis and Contributions Synchrony weakened by message adversaries vs asynchrony restricted by failure detectors A Hierarchy of Iterated Models from Messages to Memory Conclusion and Perspectives Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 11 / 51

  8. The Weakest Failure Detector for k -Set Agreement in Wait-Free Message-Passing Systems The starting point of this thesis was the quest for the weakest failure detector for the k -set agreement in asynchronous message-passing systems. It is known: ◮ in asynchronous shared memory 3 , 4 , 3 Piotr Zielinski: Anti-Omega: the weakest failure detector for set agreement. Distributed Computing (2010) 4 E. Gafni, P. Kuznetsov: On set consensus numbers. Distr. Comp. (2011) 5 Tushar Deepak Chandra, Vassos Hadzilacos, Sam Toueg: The Weakest Failure Detector for Solving Consensus. J. ACM (1996) 6 C. Delporte-Gallet, H. Fauconnier, R. Guerraoui, A. Tielmann: The Weakest Failure Detector for Message Passing Set-Agreement. DISC 2008 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 12 / 51

  9. The Weakest Failure Detector for k -Set Agreement in Wait-Free Message-Passing Systems The starting point of this thesis was the quest for the weakest failure detector for the k -set agreement in asynchronous message-passing systems. It is known: ◮ in asynchronous shared memory 3 , 4 , ◮ in the case k = 1 5 , 3 Piotr Zielinski: Anti-Omega: the weakest failure detector for set agreement. Distributed Computing (2010) 4 E. Gafni, P. Kuznetsov: On set consensus numbers. Distr. Comp. (2011) 5 Tushar Deepak Chandra, Vassos Hadzilacos, Sam Toueg: The Weakest Failure Detector for Solving Consensus. J. ACM (1996) 6 C. Delporte-Gallet, H. Fauconnier, R. Guerraoui, A. Tielmann: The Weakest Failure Detector for Message Passing Set-Agreement. DISC 2008 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 12 / 51

  10. The Weakest Failure Detector for k -Set Agreement in Wait-Free Message-Passing Systems The starting point of this thesis was the quest for the weakest failure detector for the k -set agreement in asynchronous message-passing systems. It is known: ◮ in asynchronous shared memory 3 , 4 , ◮ in the case k = 1 5 , ◮ in the case k = n − 1 6 . 3 Piotr Zielinski: Anti-Omega: the weakest failure detector for set agreement. Distributed Computing (2010) 4 E. Gafni, P. Kuznetsov: On set consensus numbers. Distr. Comp. (2011) 5 Tushar Deepak Chandra, Vassos Hadzilacos, Sam Toueg: The Weakest Failure Detector for Solving Consensus. J. ACM (1996) 6 C. Delporte-Gallet, H. Fauconnier, R. Guerraoui, A. Tielmann: The Weakest Failure Detector for Message Passing Set-Agreement. DISC 2008 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 12 / 51

  11. Underlying Issues ◮ In the case k = 1, the failure detector Σ 7 is needed to prevent partitioning. 7 Carole Delporte-Gallet, Hugues Fauconnier, Rachid Guerraoui: Tight failure detection bounds on atomic object implementations. J. ACM (2010) 8 Fran¸ cois Bonnet, Michel Raynal: On the road to the weakest failure detector for k-set agreement in message-passing systems. TCS (2011) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 13 / 51

  12. Underlying Issues ◮ In the case k = 1, the failure detector Σ 7 is needed to prevent partitioning. ◮ It is known that when 1 < k < n − 1, Σ is not needed: it can be solved without shared memory and in presence of partitioning. 7 Carole Delporte-Gallet, Hugues Fauconnier, Rachid Guerraoui: Tight failure detection bounds on atomic object implementations. J. ACM (2010) 8 Fran¸ cois Bonnet, Michel Raynal: On the road to the weakest failure detector for k-set agreement in message-passing systems. TCS (2011) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 13 / 51

  13. Underlying Issues ◮ In the case k = 1, the failure detector Σ 7 is needed to prevent partitioning. ◮ It is known that when 1 < k < n − 1, Σ is not needed: it can be solved without shared memory and in presence of partitioning. ◮ Σ k 8 that prevent the system from partitioning in more than k sets across the execution has been proved necessary for any value of k . 7 Carole Delporte-Gallet, Hugues Fauconnier, Rachid Guerraoui: Tight failure detection bounds on atomic object implementations. J. ACM (2010) 8 Fran¸ cois Bonnet, Michel Raynal: On the road to the weakest failure detector for k-set agreement in message-passing systems. TCS (2011) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 13 / 51

  14. Iterated Models to Study Asynchronous Computability Iterated models allow us to consider more structured set of executions while preserving the asynchronous shared memory computability. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 14 / 51

  15. Iterated Models to Study Asynchronous Computability Iterated models allow us to consider more structured set of executions while preserving the asynchronous shared memory computability. ◮ The failure-free synchronous message-passing model weakened by the message-adversary TOUR 9 ; 9 Yehuda Afek, Eli Gafni: Asynchrony from Synchrony. ICDCN 2013 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 14 / 51

  16. Iterated Models to Study Asynchronous Computability Iterated models allow us to consider more structured set of executions while preserving the asynchronous shared memory computability. ◮ The failure-free synchronous message-passing model weakened by the message-adversary TOUR 9 ; ◮ The iterated immediate snapshot model 10 . 9 Yehuda Afek, Eli Gafni: Asynchrony from Synchrony. ICDCN 2013 10 Elizabeth Borowsky, Eli Gafni: A Simple Algorithmically Reasoned Characterization of Wait-Free Computations (Extended Abstract). PODC 1997 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 14 / 51

  17. Leading Questions During this Thesis ◮ How do computability degrades when allowing a limited but dynamic partitioning? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 15 / 51

  18. Leading Questions During this Thesis ◮ How do computability degrades when allowing a limited but dynamic partitioning? ◮ What is needed to solve agreement problems in presence of partitioning? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 15 / 51

  19. Leading Questions During this Thesis ◮ How do computability degrades when allowing a limited but dynamic partitioning? ◮ What is needed to solve agreement problems in presence of partitioning? ◮ How to express, in the iterated models, the computability brought by failure detectors in asynchronous systems? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 15 / 51

  20. Leading Questions During this Thesis ◮ How do computability degrades when allowing a limited but dynamic partitioning? ◮ What is needed to solve agreement problems in presence of partitioning? ◮ How to express, in the iterated models, the computability brought by failure detectors in asynchronous systems? ◮ What can we build between message-passing and shared memory communication? How can we compare and link some of the numerous models? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 15 / 51

  21. Articles Published During this Thesis Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 16 / 51

  22. Distributed Computing Motivations, Problems and Contributions Synchrony weakened by message adversaries vs asynchrony restricted by failure detectors Two fundamental Failure Detectors: Σ and Ω Message Adversaries: Weakening the Synchronous Crash-free Model Equivalence Results and Questions A Hierarchy of Iterated Models from Messages to Memory Conclusion and Perspectives Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 17 / 51

  23. Michel Raynal, Julien Stainer: Synchrony Weakened by Message Adversaries vs. Asynchrony Restricted by Failure Detectors . PODC 2013: 166-175 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 18 / 51

  24. Preventing Partitioning: Σ ◮ Σ provides each process with a set of process identities called quorum; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 19 / 51

  25. Preventing Partitioning: Σ ◮ Σ provides each process with a set of process identities called quorum; ◮ any two quorums taken at any time on any processes intersect; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 19 / 51

  26. Preventing Partitioning: Σ ◮ Σ provides each process with a set of process identities called quorum; ◮ any two quorums taken at any time on any processes intersect; ◮ eventually the quorums only contain correct processes. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 19 / 51

  27. Preventing Partitioning: Σ ◮ Σ provides each process with a set of process identities called quorum; ◮ any two quorums taken at any time on any processes intersect; ◮ eventually the quorums only contain correct processes. Σ is the weakest failure detector to simulate a memory in the asynchronous message-passing system AMP [ ∅ ] a a Carole Delporte-Gallet, Hugues Fauconnier, Rachid Guerraoui: Tight failure detection bounds on atomic object implementations. J. ACM (2010) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 19 / 51

  28. Breaking Symmetry: Ω ◮ Ω provides each process with the identity of a process considered as the leader; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 20 / 51

  29. Breaking Symmetry: Ω ◮ Ω provides each process with the identity of a process considered as the leader; ◮ the leader is eventually: ◮ the same for each process; ◮ correct. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 20 / 51

  30. Breaking Symmetry: Ω ◮ Ω provides each process with the identity of a process considered as the leader; ◮ the leader is eventually: ◮ the same for each process; ◮ correct. Ω is the weakest failure detector to solve the consensus in the asynchronous shared memory system ASM [ ∅ ] a � Σ , Ω � is the weakest failure detector to solve the consensus in the asynchronous message-passing system AMP [ ∅ ] b a Tushar Deepak Chandra, Vassos Hadzilacos, Sam Toueg: The Weakest Failure Detector for Solving Consensus. J. ACM (1996) b Carole Delporte-Gallet, Hugues Fauconnier, Rachid Guerraoui, Vassos Hadzilacos, Petr Kouznetsov, Sam Toueg: The weakest failure detectors to solve certain fundamental problems in distributed computing. PODC 2004 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 20 / 51

  31. The Synchronous Message-passing Model: SMP [ ∅ ] ◮ The execution is stripped in a sequence of rounds; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 21 / 51

  32. The Synchronous Message-passing Model: SMP [ ∅ ] ◮ The execution is stripped in a sequence of rounds; ◮ each round is made of three phases: ◮ processes send messages to each other, Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 21 / 51

  33. The Synchronous Message-passing Model: SMP [ ∅ ] ◮ The execution is stripped in a sequence of rounds; ◮ each round is made of three phases: ◮ processes send messages to each other, ◮ they receive the round messages addressed to them, Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 21 / 51

  34. The Synchronous Message-passing Model: SMP [ ∅ ] ◮ The execution is stripped in a sequence of rounds; ◮ each round is made of three phases: ◮ processes send messages to each other, ◮ they receive the round messages addressed to them, ◮ they compute locally their new states. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 21 / 51

  35. The Synchronous Message-passing Model: SMP [ ∅ ] ◮ The execution is stripped in a sequence of rounds; ◮ each round is made of three phases: ◮ processes send messages to each other, ◮ they receive the round messages addressed to them, ◮ they compute locally their new states. ◮ There are no process failures. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 21 / 51

  36. Message Adversaries ◮ The adversary removes messages in SMP [ ∅ ]. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 22 / 51

  37. Message Adversaries ◮ The adversary removes messages in SMP [ ∅ ]. ◮ Properties define the patterns of messages that can be removed ◮ during a round; ◮ across the execution. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 22 / 51

  38. Message Adversaries ◮ The adversary removes messages in SMP [ ∅ ]. ◮ Properties define the patterns of messages that can be removed ◮ during a round; ◮ across the execution. Adversaries weaken the synchronous crash-free model SMP [ ∅ ]. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 22 / 51

  39. Shared Memory from Synchrony: the Adversary TOUR ◮ TOUR 11 can remove any message but it preserves a tournament in any round. ◮ In any round and between any pair of processes, it has to let one of the two messages exchanged untouched. 11 Yehuda Afek, Eli Gafni: Asynchrony from Synchrony. ICDCN 2013 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 23 / 51

  40. Shared Memory from Synchrony: the Adversary TOUR ◮ TOUR 11 can remove any message but it preserves a tournament in any round. ◮ In any round and between any pair of processes, it has to let one of the two messages exchanged untouched. 11 Yehuda Afek, Eli Gafni: Asynchrony from Synchrony. ICDCN 2013 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 23 / 51

  41. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  42. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  43. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  44. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  45. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  46. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  47. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  48. Ω from Synchrony: the Adversary SOURCE ◮ SOURCE can remove any message but it eventually preserves all messages sent by a given source Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 24 / 51

  49. Σ from Synchrony: the Adversary QUORUM ◮ QUORUM can remove any message but in each round each process receives messages from an entire quorum: ◮ in any two rounds r 1 and r 2 , for any two processes p 1 and p 2 , there is a process p 3 such that: ◮ p 1 receives the message of p 3 during r 1 and ◮ p 2 receives the message of p 3 during r 2 ; ◮ There is at least one process that is infinitely often able to send messages (directly or not) to any other process. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 25 / 51

  50. Equivalence Results (computability w.r.t. colorless tasks) Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 26 / 51

  51. Remarks and Perspectives ◮ Expressing the calculability of the two asynchronous models associated with failure detectors through message adversaries gives us a new way to compare them in a common framework. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 27 / 51

  52. Remarks and Perspectives ◮ Expressing the calculability of the two asynchronous models associated with failure detectors through message adversaries gives us a new way to compare them in a common framework. ◮ Strongly correct processes play an essential role in dynamic systems. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 27 / 51

  53. Remarks and Perspectives ◮ Expressing the calculability of the two asynchronous models associated with failure detectors through message adversaries gives us a new way to compare them in a common framework. ◮ Strongly correct processes play an essential role in dynamic systems. ◮ What are the message adversaries that allow agreement tasks to be solved? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 27 / 51

  54. Remarks and Perspectives ◮ Expressing the calculability of the two asynchronous models associated with failure detectors through message adversaries gives us a new way to compare them in a common framework. ◮ Strongly correct processes play an essential role in dynamic systems. ◮ What are the message adversaries that allow agreement tasks to be solved? ◮ Is there a matching message adversary for any failure detector? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 27 / 51

  55. Remarks and Perspectives ◮ Expressing the calculability of the two asynchronous models associated with failure detectors through message adversaries gives us a new way to compare them in a common framework. ◮ Strongly correct processes play an essential role in dynamic systems. ◮ What are the message adversaries that allow agreement tasks to be solved? ◮ Is there a matching message adversary for any failure detector? ◮ What happens when considering colored tasks? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 27 / 51

  56. Distributed Computing Motivations, Problems and Contributions Synchrony weakened by message adversaries vs asynchrony restricted by failure detectors A Hierarchy of Iterated Models from Messages to Memory Wait-free Models and Solo Executions d -Solo Models The Colorless Algorithm in the d -solo model The ( d , ǫ )-Approximate Agreement Problem A Strict Hierarchy from Shared Memory to Message-Passing Status and Further Investigation Conclusion and Perspectives Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 28 / 51

  57. Maurice Herlihy, Sergio Rajsbaum, Michel Raynal, Julien Stainer: Computing in the Presence of Concurrent Solo Executions . LATIN 2014: 214-225 Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 29 / 51

  58. Wait-free Algorithms and Solo Executions ◮ Wait-free models in both meanings: ◮ as a progress condition: each process makes progress in a finite number of steps, whatever the level of concurrence; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 30 / 51

  59. Wait-free Algorithms and Solo Executions ◮ Wait-free models in both meanings: ◮ as a progress condition: each process makes progress in a finite number of steps, whatever the level of concurrence; ◮ as a resiliency condition: the computation has to be valid even if all processes but one crash. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 30 / 51

  60. Wait-free Algorithms and Solo Executions ◮ Wait-free models in both meanings: ◮ as a progress condition: each process makes progress in a finite number of steps, whatever the level of concurrence; ◮ as a resiliency condition: the computation has to be valid even if all processes but one crash. ◮ Slow and crashed processes are indistinguishable: some processes ◮ may have to behave as if they were alone; ◮ do not have access to other processes inputs. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 30 / 51

  61. Shared Memory, Message passing and Solo Executions ◮ If processes share a memory, then at most one of them can be in that situation for a given execution. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 31 / 51

  62. Shared Memory, Message passing and Solo Executions ◮ If processes share a memory, then at most one of them can be in that situation for a given execution. ◮ If processes exchange asynchronous messages, then all of them may have to behave as if they were alone. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 31 / 51

  63. Shared Memory, Message passing and Solo Executions ◮ If processes share a memory, then at most one of them can be in that situation for a given execution. ◮ If processes exchange asynchronous messages, then all of them may have to behave as if they were alone. What could be computed in intermediate models in which up to d processes may run solo? Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 31 / 51

  64. d -Solo Models ◮ An iterated model generalizing the iterated immediate snapshot model. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 32 / 51

  65. d -Solo Models ◮ An iterated model generalizing the iterated immediate snapshot model. ◮ The execution is stripped in a sequence of rounds; ◮ a one-shot communication object for each round; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 32 / 51

  66. d -Solo Models ◮ An iterated model generalizing the iterated immediate snapshot model. ◮ The execution is stripped in a sequence of rounds; ◮ a one-shot communication object for each round; ◮ each process writes a value and retrieves the previously or simultaneously written values. Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 32 / 51

  67. d -Solo Models ◮ An iterated model generalizing the iterated immediate snapshot model. ◮ The execution is stripped in a sequence of rounds; ◮ a one-shot communication object for each round; ◮ each process writes a value and retrieves the previously or simultaneously written values. ◮ in the d -solo model, the first set of simultaneous accesses can miss each other. ◮ If they do, then this set contains at most d processes. A spectrum of models that spans from message-passing ( d = n ) to shared memory ( d = 1). Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 32 / 51

  68. From the Immediate Snapshot Object. . . ◮ Each process p provides a value v p to the object and retrieves a set of values (a view). Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 33 / 51

  69. From the Immediate Snapshot Object. . . ◮ Each process p provides a value v p to the object and retrieves a set of values (a view). ◮ As with the immediate snapshot object, any ordered partition ( π 1 , . . . , π x ) of the set of the processes accessing the object describe a valid behavior for the object: ◮ the view of any process belonging to π i is � j ≤ i { ( p , v p ) , p ∈ π j } . Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 33 / 51

  70. From the Immediate Snapshot Object. . . Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 34 / 51

  71. From the Immediate Snapshot Object. . . Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 34 / 51

  72. . . . to the CO d Communication Object ◮ Additionally, any ordered partition ( ρ 1 , . . . , ρ x ) of the set of processes accessing the object describe another authorized behavior for the object if | ρ 1 | ≤ d : Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 35 / 51

  73. . . . to the CO d Communication Object ◮ Additionally, any ordered partition ( ρ 1 , . . . , ρ x ) of the set of processes accessing the object describe another authorized behavior for the object if | ρ 1 | ≤ d : ◮ if i > 1, then the view of any process belonging to ρ i is � j ≤ i { ( p , v p ) , p ∈ ρ j } ; Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 35 / 51

  74. . . . to the CO d Communication Object ◮ Additionally, any ordered partition ( ρ 1 , . . . , ρ x ) of the set of processes accessing the object describe another authorized behavior for the object if | ρ 1 | ≤ d : ◮ if i > 1, then the view of any process belonging to ρ i is � j ≤ i { ( p , v p ) , p ∈ ρ j } ; ◮ the view of a process p of ρ 1 is { v p } . Computability Abstractions for Fault-tolerant Asynchronous Distributed Computing 35 / 51

Recommend

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #14 Updated May 2, 2012 Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the effects if the

374 views • 9 slides
FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09, Gdask Canonical Control Engineering Problem Disturbance Controlled output Set-point Filter Controller Plant Sensor Noise This problem is

639 views • 29 slides
Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

1 Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and Validation Reflective Design and Validation Marc-Olivier Killijian Dependable Computing and Fault Tolerance Research Group Toulouse - France 2

865 views • 50 slides
Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault

Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault

4/1/2014 Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault coverage COMPUTING Checkpointing and backward error recovery (rollback) Kewal K.Saluja General principles General principles

259 views • 3 slides
Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent Monitoring Networks Networks Heterogeneous Intelligent Monitoring Jing Deng Department of Computer Science University of North Carolina at

335 views • 18 slides
A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09,

A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09,

A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09, MS 12 W. Robert Daasch, Professor Integrated Circuits Design and Test Laboratory Problem Statement In a fault tolerant system containing

478 views • 35 slides
Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction

Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction

1/21/2014 Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction Kewal K.Saluja Kewal K Saluja Fault models at different levels (HW) Department of Electrical and Computer Engineering Error

304 views • 5 slides
4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design Replication, TMR Distributed Systems Fully fault tolerant system will offer non-stop availability Clusters You cant achieve this! Problem:

458 views • 11 slides
Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural Abstraction Tolerant Architectural Abstraction Fault Patrick H. S. Brito - Unicamp, Brazil Rogrio de Lemos - University of Kent, UK Eliane

381 views • 21 slides
REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK

REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK

REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK SHINGNE Outline General view of Fault Tolerance Ft-Design approaches Trees Meshes &amp; Hypercubes conclusion Introduction Fault

584 views • 44 slides
Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element

Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element

Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element Rog rio rio de Lemos de Lemos Rog University of Kent, UK University of Kent, UK Motivation architectural fault tolerance; iFTE

350 views • 16 slides
Fault-Tolerant Distributed Optimization Lili Su, Arun Padakandla, Qiong Hu, Seyyed A. Fatemi,

Fault-Tolerant Distributed Optimization Lili Su, Arun Padakandla, Qiong Hu, Seyyed A. Fatemi,

Fault-Tolerant Distributed Optimization Lili Su, Arun Padakandla, Qiong Hu, Seyyed A. Fatemi, Rehana Mahfuz, Vidyasagar Sadhu CSOI-Data Science Workshop May 27th, 2016 Lili Su et al. (SOI-DSWKSP) Fault-tolerant distributed optimization May

854 views • 6 slides
Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi Distributed Systems Fault tolerance A system or a component fails due to a fault Fault tolerance means that the system continues to provide its

428 views • 40 slides
Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir

Fault Tolerant Communication in 3D Integrated Systems Vladimir Pasca , Lorena Anghel, Mounir Benabdenbi TIMA Laboratory Outline 3D Integration Opportunities Challenges and Solutions Fault Tolerant Communication in 3D Systems

516 views • 24 slides
Fault-tolerant logical gates in quantum error-correcting codes Fernando Pastawski and Beni

Fault-tolerant logical gates in quantum error-correcting codes Fernando Pastawski and Beni

Fault-tolerant logical gates in quantum error-correcting codes Fernando Pastawski and Beni Yoshida (Caltech) arXiv:1408.1720 Phys Rev A xxxxxxx Jan 2015 @ QIP (Sydney, Australia) Fault-tolerant logical gates How do we implement a logical

515 views • 33 slides
Leveraging Lightweight Virtual Machines to Easily and Efficiently Construct Fault-Tolerant

Leveraging Lightweight Virtual Machines to Easily and Efficiently Construct Fault-Tolerant

Tardigrade: Leveraging Lightweight Virtual Machines to Easily and Efficiently Construct Fault-Tolerant Services Jacob R. Lorch Andrew Baumann Lisa Glendenning Dutch T. Meyer Andrew Warfield Our goal: Turn existing binaries into fault-

831 views • 41 slides
A Fault Tolerant Superscalar Processor 1 [Based on Coverage of a Microarchitecture-level

A Fault Tolerant Superscalar Processor 1 [Based on Coverage of a Microarchitecture-level

A Fault Tolerant Superscalar Processor 1 [Based on Coverage of a Microarchitecture-level Fault Check Regimen in a Superscalar Processor by V. Reddy and E. Rotenberg (2008)] P R E S E N T E D B Y N A N Z H E N G [Part of slides borrowed

398 views • 21 slides
Overview Motivation ECE 753: FAULT-TOLERANT About the Course and the Instructor

Overview Motivation ECE 753: FAULT-TOLERANT About the Course and the Instructor

1/20/2014 Overview Motivation ECE 753: FAULT-TOLERANT About the Course and the Instructor Conduct, Outline, Coursepack COMPUTING Introduction Terminology and definitions Sources, Overview and Comments Sources

703 views • 10 slides
Re Resilient Distributed Datasets: A Fa Fault-To Tolerant Abstraction for In In-Me Memor

Re Resilient Distributed Datasets: A Fa Fault-To Tolerant Abstraction for In In-Me Memor

Re Resilient Distributed Datasets: A Fa Fault-To Tolerant Abstraction for In In-Me Memor ory Cl Cluster r Com Computi ting Authors: Matei Zaharia, Mosharaf Chowdhury, Tathagata Das, Ankur Dave, Justin Ma, Murphy McCauley, Michael J.

733 views • 27 slides
Yee Jiun Song i S Cornell University. CS5410 Fall 2008. Fault Tolerant Systems By now,

Yee Jiun Song i S Cornell University. CS5410 Fall 2008. Fault Tolerant Systems By now,

Yee Jiun Song i S Cornell University. CS5410 Fall 2008. Fault Tolerant Systems By now, probably obvious that systems reliability/availability is a key concern Downtime is expensive Replication is a general technique for providing fault

844 views • 34 slides
Fault Tolerant Computing Coping with errors Steven Janke February 2013 Steven Janke (Seminar)

Fault Tolerant Computing Coping with errors Steven Janke February 2013 Steven Janke (Seminar)

Fault Tolerant Computing Coping with errors Steven Janke February 2013 Steven Janke (Seminar) Fault Tolerant Computing February 2013 1 / 30 Outline Problem: How do you design a computer system to avoid errors? Failure Data for laptops,

608 views • 30 slides
BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019

BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019

BFTCBFTP: BYZANTINE-FAULT -TOLERANT CONSTRUCTION OF BFT PROTOCOLS EDWARD TREMEL SIGSEGV 2019 BYZANTINE FAULT TOLERANCE Long-standing problem in systems Byzantine (adj): excessively complicated, and typically involving a great deal of

685 views • 19 slides
Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with

Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults Dian Yu 1/16 Comparison with PBFT (Traditional BFT protocols) Similarities: Build practical Byzantine fault tolerance systems Protocol: Clients Primary Replicas

493 views • 18 slides

More recommend