6 research outputs found
Auditable Restoration of Distributed Programs
We focus on a protocol for auditable restoration of distributed systems. The
need for such protocol arises due to conflicting requirements (e.g., access to
the system should be restricted but emergency access should be provided). One
can design such systems with a tamper detection approach (based on the
intuition of "break the glass door"). However, in a distributed system, such
tampering, which are denoted as auditable events, is visible only for a single
node. This is unacceptable since the actions they take in these situations can
be different than those in the normal mode. Moreover, eventually, the auditable
event needs to be cleared so that system resumes the normal operation.
With this motivation, in this paper, we present a protocol for auditable
restoration, where any process can potentially identify an auditable event.
Whenever a new auditable event occurs, the system must reach an "auditable
state" where every process is aware of the auditable event. Only after the
system reaches an auditable state, it can begin the operation of restoration.
Although any process can observe an auditable event, we require that only
"authorized" processes can begin the task of restoration. Moreover, these
processes can begin the restoration only when the system is in an auditable
state. Our protocol is self-stabilizing and has bounded state space. It can
effectively handle the case where faults or auditable events occur during the
restoration protocol. Moreover, it can be used to provide auditable restoration
to other distributed protocol.Comment: 10 page
Preserving Stabilization while Practically Bounding State Space
Stabilization is a key dependability property for dealing with unanticipated
transient faults, as it guarantees that even in the presence of such faults,
the system will recover to states where it satisfies its specification. One of
the desirable attributes of stabilization is the use of bounded space for each
variable. In this paper, we present an algorithm that transforms a stabilizing
program that uses variables with unbounded domain into a stabilizing program
that uses bounded variables and (practically bounded) physical time. While
non-stabilizing programs (that do not handle transient faults) can deal with
unbounded variables by assigning large enough but bounded space, stabilizing
programs that need to deal with arbitrary transient faults cannot do the same
since a transient fault may corrupt the variable to its maximum value. We show
that our transformation algorithm is applicable to several problems including
logical clocks, vector clocks, mutual exclusion, leader election, diffusing
computations, Paxos based consensus, and so on. Moreover, our approach can also
be used to bound counters used in an earlier work by Katz and Perry for adding
stabilization to a non-stabilizing program. By combining our algorithm with
that earlier work by Katz and Perry, it would be possible to provide
stabilization for a rich class of problems, by assigning large enough but
bounded space for variables.Comment: Moved some content from the Appendix to the main paper, added some
details to the transformation algorithm and to its descriptio
Automated Synthesis of Timed and Distributed Fault-Tolerant Systems
This dissertation concentrates on the problem of automated synthesis and repair of fault-tolerant systems. In particular, given the required specification of the system, our goal is to synthesize a fault-tolerant system, or repair an existing one. We study this problem for two classes of timed and distributed systems.
In the context of timed systems, we focus on efficient synthesis of fault-tolerant timed models from their fault-intolerant version. Although the complexity of the synthesis problem is known to be polynomial time in the size of the time-abstract bisimulation of the input model, the state of the art lacked synthesis
algorithms that can be efficiently implemented. This is in part due to the fact that synthesis is in general a
challenging problem and its complexity is significantly magnified in the context of timed systems. We
propose an algorithm that takes a timed automaton, a set of fault actions, and a set of safety and bounded-time response properties as input, and utilizes a space-efficient symbolic representation of the timed
automaton (called the zone graph) to synthesize a fault-tolerant timed automaton as output. The output
automaton satisfies strict phased recovery, where it is guaranteed that the output model behaves similarly
to the input model in the absence of faults and in the presence of faults, fault recovery is achieved in two
phases, each satisfying certain safety and timing constraints.
In the context of distributed systems, we study the problem of synthesizing fault-tolerant systems from their
intolerant versions, when the number of processes is unknown. To synthesize a distributed fault-tolerant
protocol that works for systems with any number of processes, we use counter abstraction. Using this
abstraction, we deal with a finite-state abstract model to do the synthesis. Applying our proposed algorithm,
we successfully synthesized a fault-tolerant distributed agreement protocol in the presence of Byzantine fault. Although the synthesis problem is known to be NP-complete in the state space of the input
protocol (due to partial observability of processes) in the non-parameterized setting, our parameterized
algorithm manages to synthesize a solution for a complex problem such as Byzantine agreement within less than two minutes.
A system may reach a bad state due to wrong initialization or fault occurrence. One of the well-known
types of distributed fault-tolerant systems are self-stabilizing systems. These are the systems that converge
to their legitimate states starting from any state, and if no fault occurs, stay in legitimate states thereafter.
We propose an automated sound and complete method to synthesize self-stabilizing systems starting from
the desired topology and type of the system. Our proposed method is based on SMT-solving, where the
desired specification of the system is formulated as SMT constraints. We used the Alloy solver to
implement our method, and successfully synthesized some of the well-known self-stabilizing algorithms.
We extend our method to support a type of stabilizing algorithm called ideal-stabilization, and also the case
when the set of legitimate states is not explicitly known.
Quantitative metrics such as recovery time are crucial in self-stabilizing systems when used in practice
(such as in networking applications). One of these metrics is the average recovery time. Our automated
method for synthesizing self-stabilizing systems generate some solution that respects the desired system
specification, but it does not take into account any quantitative metrics. We study the problem of repairing
self-stabilizing systems (where only removal of transitions is allowed) to satisfy quantitative limitations.
The metric under study is average recovery time, which characterizes the performance of stabilizing
programs. We show that the repair problem is NP-complete in the state space of the given system
Emerging trends proceedings of the 17th International Conference on Theorem Proving in Higher Order Logics: TPHOLs 2004
technical reportThis volume constitutes the proceedings of the Emerging Trends track of the 17th International Conference on Theorem Proving in Higher Order Logics (TPHOLs 2004) held September 14-17, 2004 in Park City, Utah, USA. The TPHOLs conference covers all aspects of theorem proving in higher order logics as well as related topics in theorem proving and verification. There were 42 papers submitted to TPHOLs 2004 in the full research cate- gory, each of which was refereed by at least 3 reviewers selected by the program committee. Of these submissions, 21 were accepted for presentation at the con- ference and publication in volume 3223 of Springer?s Lecture Notes in Computer Science series. In keeping with longstanding tradition, TPHOLs 2004 also offered a venue for the presentation of work in progress, where researchers invite discussion by means of a brief introductory talk and then discuss their work at a poster session. The work-in-progress papers are held in this volume, which is published as a 2004 technical report of the School of Computing at the University of Utah