Generating a Family of Byzantine- Fault-Tolerant Protocol - - PowerPoint PPT Presentation

generating a family of byzantine fault tolerant protocol
SMART_READER_LITE
LIVE PREVIEW

Generating a Family of Byzantine- Fault-Tolerant Protocol - - PowerPoint PPT Presentation

May 01, 2023 396 likes •599 views

Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model Architecture Graham Kirby, Alan Dearle & Stuart Norcross School of Computer Science, University of St Andrews A Finite State Machine WADS 2007

slide-1
SLIDE 1

Generating a Family of Byzantine- Fault-Tolerant Protocol Implementations Using a Meta- Model Architecture

Graham Kirby, Alan Dearle & Stuart Norcross

School of Computer Science, University of St Andrews

slide-2
SLIDE 2

WADS 2007 2/18

A Finite State Machine

slide-3
SLIDE 3

WADS 2007 3/18

Problem

  • Apply a FSM formulation to an algorithm whose

generality precludes its expression as a single state machine

– algorithm is characterised as a family of related state machines

  • each corresponding to particular values of some parameters to

the general algorithm

  • Family members:

– differ in their individual states and transitions – share a common structure dictated by the general algorithm

slide-4
SLIDE 4

WADS 2007 4/18

Motivating Example

  • Distributed update algorithm

– each data item replicated on a set of n servers (4 for basic Byzantine-fault-tolerance) – servers agree global ordering of updates

  • potentially concurrent
  • symmetric algorithm: no server is special
slide-5
SLIDE 5

WADS 2007 5/18

Approach

  • Designed single generic algorithm

– quorum-based

  • ‘enough’ servers must agree to each update

– parameterised by replication factor n – about 500 lines pseudo-code

  • Developed FSM model for selected

replication factor (n=4)

– 33 states

  • 5 boolean variables, 2 integers ranging 1..n
slide-6
SLIDE 6

WADS 2007 6/18

FSM for Replication Factor 4

slide-7
SLIDE 7

WADS 2007 7/18

Did the FSM Help?

  • No strong correlation between code and

state machine

– algorithm is generic – FSM is specific to replication factor

  • states in FSM correspond to message counts
  • so can’t construct single FSM for algorithm
  • Wish to unify FSM and algorithm

– solution: define meta-model

slide-8
SLIDE 8

WADS 2007 8/18

Generation Scheme

slide-9
SLIDE 9

WADS 2007 9/18

State Transitions

slide-10
SLIDE 10

WADS 2007 10/18

FSM Generation: All States

slide-11
SLIDE 11

WADS 2007 11/18

FSM Generation: Transitions

slide-12
SLIDE 12

WADS 2007 12/18

Pruning Unreachable States

slide-13
SLIDE 13

WADS 2007 13/18

Combining Equivalent States

slide-14
SLIDE 14

WADS 2007 14/18

Final FSM Representation

slide-15
SLIDE 15

WADS 2007 15/18

Example Generated State

state: T/2/F/0/F/F/F Have received initial ‘put’ from client. Have not voted since another update has already been voted for. Have received 2 votes and no commits. Have not sent a ‘commit’ since neither the vote threshold (3) nor the external commit threshold (2) has been reached. May not choose since another ongoing update has been voted for. Have not chosen this update since another ongoing update has been chosen. Waiting for 1 further vote (including local vote if any) before sending ‘commit’. Waiting for 2 further external commits to finish. Transitions: message: VOTE action: send vote message action: send commit message transition to: T/3/T/0/T/F/F message: COMMIT transition to: T/2/F/1/F/F/F message: FREE action: send vote message action: send commit message action: send not free message transition to: T/2/T/0/T/T/T

slide-16
SLIDE 16

WADS 2007 16/18

Example Generated FSM

slide-17
SLIDE 17

WADS 2007 17/18

Example Generated Code

void receiveVote() { switch (getState()) { case (F-0-F-0-F-F-F) : { setState(F-1-F-0-F-F-F); } case (F-0-F-0-F-F-T) : { setState(F-1-F-0-F-F-F); } ... case (T-1-T-1-F-T-T) : { sendCommit(); setState(T-2-T-1-T-T-T); } ... }

handler for ‘vote’ message switch on current state variable representing state action state transition

slide-18
SLIDE 18

WADS 2007 18/18

Conclusions

  • Generative meta-model approach

– allows closer coupling of generic algorithm and specific FSMs – lead to discovery of several errors in original algorithm – may be applicable to other protocols for critical infrastructure

  • Links

– ASA project

  • asa.cs.st-andrews.ac.uk/

– Algorithm details

  • asa.cs.st-andrews.ac.uk/metamodel/
slide-19
SLIDE 19

WADS 2007 19/18

Meta-Model

generateTransitionOnVote(State s) { initialise state variables from s increment votes_received if total votes >= threshold(r): if !vote_sent: if could_choose: set has_chosen record action: send not free message record action: send vote message set vote_sent unset could_choose, if commit_sent: record action: send commit message set commit_sent derive new state s1 from state variables record transition s->s1 in data structure }

slide-20
SLIDE 20

WADS 2007 20/18

Generation Times