Design and Evaluation of Online Fault Diagnosis Protocols forwireless Networks

Any node in a network, or a component of it may fail and show undesirable behavior due to physical defects, imperfections, or hardware and/or software related glitches. Presence of faulty hosts in the network affects the computational efficiency, and quality of service (QoS). This calls for the development of efficient fault diagnosis protocols to detect and handle faulty hosts. Fault diagnosis protocols designed for wired networks cannot directly be propagated to wireless networks, due to difference in characteristics, and requirements. This thesis work unravels system level fault diagnosis protocols for wireless networks, particularly for Mobile ad hoc Networks (MANETs), and Wireless Sensor Networks (WSNs), considering faults based on their persistence (permanent, intermittent, and transient), and node mobility. Based on the comparisons of outcomes of the same tasks (comparison model ), a distributed diagnosis protocol has been proposed for static topology MANETs, where a node requires to respond to only one test request from its neighbors, that reduces the communication complexity of the diagnosis process. A novel approach to handle more intractable intermittent faults in dynamic topology MANETs is also discussed.Based on the spatial correlation of sensor measurements, a distributed fault diagnosis protocol is developed to classify the nodes to be fault-free, permanently faulty, or intermittently faulty, in WSNs. The nodes affected by transient faults are often considered fault-free, and should not be isolated from the network. Keeping this objective in mind, we have developed a diagnosis algorithm for WSNs to discriminate transient faults from intermittent and permanent faults. After each node finds the status of all 1-hop neighbors (local diagnostic view), these views are disseminated among the fault-free nodes to deduce the fault status of all nodes in the network (global diagnostic view). A spanning tree based dissemination strategy is adopted, instead of conventional flooding, to have less communication complexity. Analytically, the proposed protocols are shown to be correct, and complete. The protocols are implemented using INET-20111118 (for MANETs) and Castalia-3.2 (forWSNs) on OMNeT++ 4.2 platform. The obtained simulation results for accuracy and false alarm rate vouch the feasibility and efficiency of the proposed algorithms over existing landmark protocols

Achieving fault-tolerant consensus in ad hoc networks

Tese de mestrado em Engenharia Informática (Arquitectura, Sistemas e Redes de Computadores), apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2013Consensus plays a fundamental role in distributed systems. This operation consists in having every process in a distributed system, or a subset of processes, to agree upon a value that was proposed by any of the processes. Consensus is used to solve several problems in distributed systems computation, such as: state machine replication, leader election and atomic broadcast, allowing the coordination of the network. Its applicability becomes more important and difficult to implement in wireless ad hoc networks that are vulnerable to intrusions. When dealing with a wireless ad hoc network, specially one composed by mobile devices that are constantly moving, there are several obstacles that have to be overcome such as the unreliability in the communication, the hardware limitations of the devices, the limited communication range and the exposure to malicious users. The project consists in the design, implementation, test and analysis of Byzantine fault-tolerant consensus protocols for wireless ad hoc networks. It is assumed that the number of participants is unknown and the consensus protocols execute in a group of processes called sink. The protocols are byzantine fault-tolerant and circumvent both FLP and Santoro-Widmayer impossibility results. Three forms of consensus protocols were considered: binary, multivalued and vector. The protocols were organized in a stack, where lower level protocols were used to build higher ones. The stack was implemented as a library and was tested in a simulation environment. Some preliminary tests were also performed with Android devices. The evaluation of the protocols shows that they exhibit good performance in several scenarios and even under attack.O consenso tem um papel fundamental em sistemas distribuídos. Esta operação consiste em ter todos os processos num sistema distribuído, ou um subconjunto de processos, a acordar num valor que foi proposto por algum dos processos. O consenso é usado para resolver vários problemas na computação de um sistema distribuído, como por exemplo: máquina de estados replicada, eleição de líder e difusão atómica, permitindo a coordenação da rede. A sua utilidade torna-se mais importante e difícil de implementar em redes ad hoc móveis sem fios que estão vulneráveis a intrusões. Quando se está a lidar com uma rede ad hoc sem fios, especialmente uma composta por dispositivos móveis que apresentam uma mobilidade constante, existe um conjunto de obstáculos relacionados com a falta de fiabilidade na comunicação, as limitações dos equipamentos, o seu reduzido alcance de comunicação e a exposição¸ ao a utilizadores mal intencionados. O projecto consiste no desenho, implementação, teste e análise de protocolos de consenso tolerantes a faltas bizantinas para redes ad hoc sem fios. ´E assumido que o número de participantes é desconhecido e os protocolos de consenso são executados num grupo de processos denominado poço. Os protocolos são tolerantes a faltas bizantinas e contornam os resultados de impossibilidade de FLP e de Santoro-Widmayer. Foram considerados três tipos de protocolos de consenso: binário, multi-valor e vector. Os protocolos estão organizados numa pilha, onde protocolos de baixo nível foram usados para construir os protocolos de níveis superiores. A pilha foi implementada como uma biblioteca e foi testada em ambiente de simulação. Alguns testes preliminares foram também efectuados com dispositivos Android. A avaliação dos protocolos revela que estes exibem um bom desempenho em vários cenários e mesmo sobre ataque

Byzantine fault-tolerant agreement protocols for wireless Ad hoc networks

Tese de doutoramento, Informática (Ciências da Computação), Universidade de Lisboa, Faculdade de Ciências, 2010.The thesis investigates the problem of fault- and intrusion-tolerant consensus in resource-constrained wireless ad hoc networks. This is a fundamental problem in distributed computing because it abstracts the need to coordinate activities among various nodes. It has been shown to be a building block for several other important distributed computing problems like state-machine replication and atomic broadcast. The thesis begins by making a thorough performance assessment of existing intrusion-tolerant consensus protocols, which shows that the performance bottlenecks of current solutions are in part related to their system modeling assumptions. Based on these results, the communication failure model is identified as a model that simultaneously captures the reality of wireless ad hoc networks and allows the design of efficient protocols. Unfortunately, the model is subject to an impossibility result stating that there is no deterministic algorithm that allows n nodes to reach agreement if more than n2 omission transmission failures can occur in a communication step. This result is valid even under strict timing assumptions (i.e., a synchronous system). The thesis applies randomization techniques in increasingly weaker variants of this model, until an efficient intrusion-tolerant consensus protocol is achieved. The first variant simplifies the problem by restricting the number of nodes that may be at the source of a transmission failure at each communication step. An algorithm is designed that tolerates f dynamic nodes at the source of faulty transmissions in a system with a total of n 3f + 1 nodes. The second variant imposes no restrictions on the pattern of transmission failures. The proposed algorithm effectively circumvents the Santoro- Widmayer impossibility result for the first time. It allows k out of n nodes to decide despite dn 2 e(nk)+k2 omission failures per communication step. This algorithm also has the interesting property of guaranteeing safety during arbitrary periods of unrestricted message loss. The final variant shares the same properties of the previous one, but relaxes the model in the sense that the system is asynchronous and that a static subset of nodes may be malicious. The obtained algorithm, called Turquois, admits f < n 3 malicious nodes, and ensures progress in communication steps where dnf 2 e(n k f) + k 2. The algorithm is subject to a comparative performance evaluation against other intrusiontolerant protocols. The results show that, as the system scales, Turquois outperforms the other protocols by more than an order of magnitude.Esta tese investiga o problema do consenso tolerante a faltas acidentais e maliciosas em redes ad hoc sem fios. Trata-se de um problema fundamental que captura a essência da coordenação em actividades envolvendo vários nós de um sistema, sendo um bloco construtor de outros importantes problemas dos sistemas distribuídos como a replicação de máquina de estados ou a difusão atómica. A tese começa por efectuar uma avaliação de desempenho a protocolos tolerantes a intrusões já existentes na literatura. Os resultados mostram que as limitações de desempenho das soluções existentes estão em parte relacionadas com o seu modelo de sistema. Baseado nestes resultados, é identificado o modelo de falhas de comunicação como um modelo que simultaneamente permite capturar o ambiente das redes ad hoc sem fios e projectar protocolos eficientes. Todavia, o modelo é restrito por um resultado de impossibilidade que afirma não existir algoritmo algum que permita a n nós chegaram a acordo num sistema que admita mais do que n2 transmissões omissas num dado passo de comunicação. Este resultado é válido mesmo sob fortes hipóteses temporais (i.e., em sistemas síncronos) A tese aplica técnicas de aleatoriedade em variantes progressivamente mais fracas do modelo até ser alcançado um protocolo eficiente e tolerante a intrusões. A primeira variante do modelo, de forma a simplificar o problema, restringe o número de nós que estão na origem de transmissões faltosas. É apresentado um algoritmo que tolera f nós dinâmicos na origem de transmissões faltosas em sistemas com um total de n 3f + 1 nós. A segunda variante do modelo não impõe quaisquer restrições no padrão de transmissões faltosas. É apresentado um algoritmo que contorna efectivamente o resultado de impossibilidade Santoro-Widmayer pela primeira vez e que permite a k de n nós efectuarem progresso nos passos de comunicação em que o número de transmissões omissas seja dn 2 e(n k) + k 2. O algoritmo possui ainda a interessante propriedade de tolerar períodos arbitrários em que o número de transmissões omissas seja superior a . A última variante do modelo partilha das mesmas características da variante anterior, mas com pressupostos mais fracos sobre o sistema. Em particular, assume-se que o sistema é assíncrono e que um subconjunto estático dos nós pode ser malicioso. O algoritmo apresentado, denominado Turquois, admite f < n 3 nós maliciosos e assegura progresso nos passos de comunicação em que dnf 2 e(n k f) + k 2. O algoritmo é sujeito a uma análise de desempenho comparativa com outros protocolos na literatura. Os resultados demonstram que, à medida que o número de nós no sistema aumenta, o desempenho do protocolo Turquois ultrapassa os restantes em mais do que uma ordem de magnitude.FC

Dynamic Resource Reservation and Connectivity Tracking to Support Real-Time Communication among Mobile Units

Wireless communication technology is spreading quickly in almost all the information technology areas as a consequence of a gradual enhancement in quality and security of the communication, together with a decrease in the related costs. This facilitates the development of relatively low-cost teams of autonomous (robotic) mobile units that cooperate to achieve a common goal. Providing real-time communication among the team units is highly desirable for guaranteeing a predictable behavior in those applications in which the robots have to operate autonomously in unstructured environments. This paper proposes a MAC protocol for wireless communication that supports dynamic resource reservation and topology management for relatively small networks of cooperative units (10–20 units). The protocol uses a slotted time-triggered medium access transmission control that is collision-free, even in the presence of hidden nodes. The transmissions are scheduled according to the earliest deadline first scheduling policy. An adequate admission control guarantees the timing constraints of the team communication requirements, including when new nodes dynamically join or leave the team. The paper describes the protocol focusing on the consensus procedure that supports coherent changes in the global system. We also introduce a distributed connectivity tracking mechanism that is used to detect network partition and absent or crashed nodes. Finally, a set of simulation results are shown that illustrate the effectiveness of the proposed approaches

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of-the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: quality-of-service and video communication, routing protocol and cross-layer design. A few interesting problems about security and delay-tolerant networks are also discussed. This book is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

Eighth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, Aarhus, Denmark, October 22-24, 2007

This booklet contains the proceedings of the Eighth Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, October 22-24, 2007. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop0

Contributions on agreement in dynamic distributed systems

139 p.This Ph.D. thesis studies the agreement problem in dynamic distributed systems by integrating both the classical fault-tolerance perspective and the more recent formalism based on evolving graphs. First, we developed a common framework that allows to analyze and compare models of dynamic distributed systems for eventual leader election. The framework extends a previous proposal by Baldoni et al. by including new dimensions and levels of dynamicity. Also, we extend the Time-Varying Graph (TVG) formalism by introducing the necessary timeliness assumptions and the minimal conditions to solve agreement problems. We provide a hierarchy of time-bounded, TVG-based, connectivity classes with increasingly stronger assumptions and specify an implementation of Terminating Reliable Broadcast for each class. Then we define an Omega failure detector, W, for the eventual leader election in dynamic distributed systems, together with a system model, , which is compatible with the timebounded TVG classes. We implement an algorithm that satisfy the properties of W in M. According to our common framework, M results to be weaker than the previous proposed dynamic distributed system models for eventual leader election. Additionally we use simulations to illustrate this fact and show that our leader election algorithm tolerates more general (i.e., dynamic) behaviors, and hence it is of application in a wider range of practical scenarios at the cost of a moderate overhead on stabilization times

Middleware for Mobile Sensing Applications in Urban Environments

Sensor networks represent an attractive tool to observe the physical world. Networks of tiny sensors can be used to detect a fire in a forest, to monitor the level of pollution in a river, or to check on the structural integrity of a bridge. Application-specific deployments of static-sensor networks have been widely investigated. Commonly, these networks involve a centralized data-collection point and no sharing of data outside the organization that owns it. Although this approach can accommodate many application scenarios, it significantly deviates from the pervasive computing vision of ubiquitous sensing where user applications seamlessly access anytime, anywhere data produced by sensors embedded in the surroundings. With the ubiquity and ever-increasing capabilities of mobile devices, urban environments can help give substance to the ubiquitous sensing vision through Urbanets, spontaneously created urban networks. Urbanets consist of mobile multi-sensor devices, such as smart phones and vehicular systems, public sensor networks deployed by municipalities, and individual sensors incorporated in buildings, roads, or daily artifacts. My thesis is that "multi-sensor mobile devices can be successfully programmed to become the underpinning elements of an open, infrastructure-less, distributed sensing platform that can bring sensor data out of their traditional close-loop networks into everyday urban applications". Urbanets can support a variety of services ranging from emergency and surveillance to tourist guidance and entertainment. For instance, cars can be used to provide traffic information services to alert drivers to upcoming traffic jams, and phones to provide shopping recommender services to inform users of special offers at the mall. Urbanets cannot be programmed using traditional distributed computing models, which assume underlying networks with functionally homogeneous nodes, stable configurations, and known delays. Conversely, Urbanets have functionally heterogeneous nodes, volatile configurations, and unknown delays. Instead, solutions developed for sensor networks and mobile ad hoc networks can be leveraged to provide novel architectures that address Urbanet-specific requirements, while providing useful abstractions that hide the network complexity from the programmer. This dissertation presents two middleware architectures that can support mobile sensing applications in Urbanets. Contory offers a declarative programming model that views Urbanets as a distributed sensor database and exposes an SQL-like interface to developers. Context-aware Migratory Services provides a client-server paradigm, where services are capable of migrating to different nodes in the network in order to maintain a continuous and semantically correct interaction with clients. Compared to previous approaches to supporting mobile sensing urban applications, our architectures are entirely distributed and do not assume constant availability of Internet connectivity. In addition, they allow on-demand collection of sensor data with the accuracy and at the frequency required by every application. These architectures have been implemented in Java and tested on smart phones. They have proved successful in supporting several prototype applications and experimental results obtained in ad hoc networks of phones have demonstrated their feasibility with reasonable performance in terms of latency, memory, and energy consumption.Deploying a network of sensors to monitor an environment is a common practice. For example, cameras in museums, supermarkets, or buildings are installed for surveillance purposes. However, while a decade ago, most deployed sensor networks involved a limited number of sensors, wired to a central processing unit, nowadays, the focus is on wireless, distributed, sensing nodes. Sensor technology has greatly advanced in terms of size, power consumption, processing capabilities, and low cost, thus fostering deployments of self-organizing wireless sensor networks over large geographical areas. For example, sensor networks have been used to detect a fire in a forest, to monitor the level of pollution in a river, or to check on the structural integrity of a bridge. Yet, sensor networks are usually perceived as ``something'' remote in the forest or on the battlefield, and regular users do not yet benefit from them. With the ubiquity and ever-increasing capabilities of mobile devices, such as smart phones and computers embedded in cars, urban environments offer the elements necessary to create people-centric mobile sensor networks and support a large variety of so-called sensing applications ranging from emergency and surveillance to tourist guidance and entertainment. For example, near-ubiquitous smart phones with audio and video sensing capabilities and more sensors in the near future can be used to provide shopping recommender services to inform users of special offers at the mall. Sensor-equipped cars can be used to provide traffic information services to alert drivers to upcoming traffic jams. However, urban mobile sensor networks are challenging programming environments due to the dynamism of mobile devices, the resource constraints of battery-powered devices, the software and hardware heterogeneity, and the large number of concurrent applications that they need to support. These requirements hinder the direct adoption of traditional distributed computing platforms developed for static resource-rich networks. This dissertation presents two architectures that can support the development of mobile sensing applications in urban environments. Contory offers a declarative programming model that views the urban network as a distributed sensor database. Context-aware Migratory Services provides a client-server paradigm, where services are capable of migrating to different nodes in the network in order to maintain a continuous interaction with clients. Compared to previous approaches to supporting mobile sensing urban applications, our architectures are entirely distributed and do not assume constant availability of Internet connectivity. These architectures have been implemented in Java and tested on smart phones. They have proved successful in supporting several prototype applications and experimental results obtained in networks of phones have demonstrated their feasibility with reasonable performance in terms of latency, memory, and energy consumption. The proposed architectures offer many opportunities to flexibly and quickly establish customized services that can greatly enhance the users' urban experience. Further steps to fully accomplish people-centric mobile sensing applications will have to address more technical issues as well as social and legal concerns

Round-Based Consensus Algorithms, Predicate Implementations and Quantitative Analysis

Fault-tolerant computing is the art and science of building computer systems that continue to operate normally in the presence of faults. The fault tolerance field covers a wide spectrum of research area ranging from computer hardware to computer software. A common approach to obtain a fault-tolerant system is using software replication. However, maintaining the state of the replicas consistent is not an easy task, even though the understanding of the problems related to replication has significantly evolved over the past thirty years. Consensus is a fundamental building block to provide consistency in any fault-tolerant distributed system. A large number of algorithms have been proposed to solve the consensus problem in different systems. The efficiency of several consensus algorithms has been studied theoretically and practically. A common metric to evaluate the performance of consensus algorithms is the number of communication steps or the number of rounds (in round-based algorithms) for deciding. A large amount of improvements to consensus algorithms have been proposed to reduce this number under different assumptions, e.g., nice runs. However, the efficiency expressed in terms of number of rounds does not predict the time it takes to decide (including the time needed by the system to stabilize or not). Following this idea, the thesis investigates the round model abstraction to represent consensus algorithms, with benign and Byzantine faults, in a concise and modular way. The goal of the thesis is first to decouple the consensus algorithm from irrelevant details of implementations, such as synchronization, then study different possible implementations for a given consensus algorithm, and finally propose a more general analytical analysis for different consensus algorithms. The first part of the thesis considers the round-based consensus algorithms with benign faults. In this context, the round model allowed us to separate the consensus algorithms from the round implementation, to propose different round implementations, to improve existing round implementations by making them swift, and to provide quantitative analysis of different algorithms. The second part of the thesis considers the round-based consensus algorithms with Byzantine faults. In this context, there is a gap between theoretical consensus algorithms and practical Byzantine fault-tolerant protocols. The round model allowed us to fill the gap by better understanding existing protocols, and enabled us to express existing protocols in a simple and modular way, to obtain simplified proofs, to discover new protocols such as decentralized (non leader-based) algorithms, and finally to perform precise timing analysis to compare different algorithms. The last part of the thesis shows, as an example, how a round-based consensus algorithm that tolerates benign faults can be extended to wireless mobile ad hoc networks using an adequate communication layer. We have validated our implementation by running simulations in single hop and multi-hop wireless networks

Use case scenarios and preliminary reference model

This document provides the starting point for the development of dependability solutions in the HIDENETS project with the following contents: (1) A conceptual framework is defined that contains the relevant terminology, threats and general requirements. This framework is a HIDENETS relevant subset of existing state-of-the-art views in the scientific dependability community. Furthermore, the dependability framework contains a first list of relevant functionalities in the communication and middleware level, which will act as input for the architectural discussions in HIDENETS work packages (WPs) 2 and 3. (2) A set of 17 applications with HIDENETS relevance is identified and their corresponding dependability requirements are derived. These applications belong mostly to the class of car-tocar and car-to-infrastructure services and have been selected due to their different types of dependability needs. (3) The applications have been grouped in six HIDENETS use cases, each consisting of a set of applications. The use cases will be the basis for the development of the dependability solutions in all other WPs. Together with a description of each use-case, application-specific architectural aspects are identified and corresponding failure modes and challenges are listed. (4) The business impact of dependability solutions for these use cases is analysed. (5) A preliminary definition of a HIDENETS reference model is provided, which contains highlevel architectural assumptions. This HIDENETS reference model will be further developed in the course of the HIDENETS projects in close cooperation with the other WPs, which is the reason why the preliminary version also contains a collection of potential contributions from other WPs that shall be developed and investigated in the course of the HIDENETS project. In summary, the identified use-cases and their requirements clearly show the large number of dependability related challenges. First steps towards technical solutions have been made in this report in the preliminary reference model, whereas the other work-packages have started in the meanwhile to develop such solutions further based on 'middleware technology' (WP2), 'communication protocols' (WP3), 'quantitative analysis methodology' (WP4), and 'design and testing methodology' (WP5