Constraint Based Automated Synthesis of Nonmasking and Stabilizing Fault-Tolerance

We focus on constraint-based automated addition of nonmasking and stabilizing fault-tolerance to hi-erarchical programs. We specify legitimate states of the program in terms of constraints that should be satisfied in those states. To deal with faults that may violate these constraints, we add recovery ac-tions while ensuring interference freedom among the recovery actions added for satisfying different con-straints. Since the constraint-based manual design of fault-tolerance is well-known to be applicable in the manual design of nonmasking fault-tolerance, we expect our approach to have a significant benefit in automation of fault-tolerant programs. We illus-trate our algorithms with three case studies: stabi-lizing mutual exclusion, stabilizing diffusing compu-tation, and a data dissemination problem in sensor networks. With experimental results, we show that the complexity of synthesis is reasonable and that it can be reduced using the structure of the hierarchical systems. To our knowledge, this is the first instance where automated synthesis has been successfully used in synthesizing programs that are correct under fair-ness assumptions. Moreover, in two of the case studies considered in this paper, the structure of the recovery paths is too complex to permit exist-ing heuristic based approaches for adding recovery.

On the Limits and Practice of Automatically Designing Self-Stabilization

A protocol is said to be self-stabilizing when the distributed system executing it is guaranteed to recover from any fault that does not cause permanent damage. Designing such protocols is hard since they must recover from all possible states, therefore we investigate how feasible it is to synthesize them automatically. We show that synthesizing stabilization on a fixed topology is NP-complete in the number of system states. When a solution is found, we further show that verifying its correctness on a general topology (with any number of processes) is undecidable, even for very simple unidirectional rings. Despite these negative results, we develop an algorithm to synthesize a self-stabilizing protocol given its desired topology, legitimate states, and behavior. By analogy to shadow puppetry, where a puppeteer may design a complex puppet to cast a desired shadow, a protocol may need to be designed in a complex way that does not even resemble its specification. Our shadow/puppet synthesis algorithm addresses this concern and, using a complete backtracking search, has automatically designed 4 new self-stabilizing protocols with minimal process space requirements: 2-state maximal matching on bidirectional rings, 5-state token passing on unidirectional rings, 3-state token passing on bidirectional chains, and 4-state orientation on daisy chains