3,175 research outputs found
Automated Synthesis of Distributed Self-Stabilizing Protocols
In this paper, we introduce an SMT-based method that automatically
synthesizes a distributed self-stabilizing protocol from a given high-level
specification and network topology. Unlike existing approaches, where synthesis
algorithms require the explicit description of the set of legitimate states,
our technique only needs the temporal behavior of the protocol. We extend our
approach to synthesize ideal-stabilizing protocols, where every state is
legitimate. We also extend our technique to synthesize monotonic-stabilizing
protocols, where during recovery, each process can execute an most once one
action. Our proposed methods are fully implemented and we report successful
synthesis of well-known protocols such as Dijkstra's token ring, a
self-stabilizing version of Raymond's mutual exclusion algorithm,
ideal-stabilizing leader election and local mutual exclusion, as well as
monotonic-stabilizing maximal independent set and distributed Grundy coloring
Rapid Recovery for Systems with Scarce Faults
Our goal is to achieve a high degree of fault tolerance through the control
of a safety critical systems. This reduces to solving a game between a
malicious environment that injects failures and a controller who tries to
establish a correct behavior. We suggest a new control objective for such
systems that offers a better balance between complexity and precision: we seek
systems that are k-resilient. In order to be k-resilient, a system needs to be
able to rapidly recover from a small number, up to k, of local faults
infinitely many times, provided that blocks of up to k faults are separated by
short recovery periods in which no fault occurs. k-resilience is a simple but
powerful abstraction from the precise distribution of local faults, but much
more refined than the traditional objective to maximize the number of local
faults. We argue why we believe this to be the right level of abstraction for
safety critical systems when local faults are few and far between. We show that
the computational complexity of constructing optimal control with respect to
resilience is low and demonstrate the feasibility through an implementation and
experimental results.Comment: In Proceedings GandALF 2012, arXiv:1210.202
Auditable Restoration of Distributed Programs
We focus on a protocol for auditable restoration of distributed systems. The
need for such protocol arises due to conflicting requirements (e.g., access to
the system should be restricted but emergency access should be provided). One
can design such systems with a tamper detection approach (based on the
intuition of "break the glass door"). However, in a distributed system, such
tampering, which are denoted as auditable events, is visible only for a single
node. This is unacceptable since the actions they take in these situations can
be different than those in the normal mode. Moreover, eventually, the auditable
event needs to be cleared so that system resumes the normal operation.
With this motivation, in this paper, we present a protocol for auditable
restoration, where any process can potentially identify an auditable event.
Whenever a new auditable event occurs, the system must reach an "auditable
state" where every process is aware of the auditable event. Only after the
system reaches an auditable state, it can begin the operation of restoration.
Although any process can observe an auditable event, we require that only
"authorized" processes can begin the task of restoration. Moreover, these
processes can begin the restoration only when the system is in an auditable
state. Our protocol is self-stabilizing and has bounded state space. It can
effectively handle the case where faults or auditable events occur during the
restoration protocol. Moreover, it can be used to provide auditable restoration
to other distributed protocol.Comment: 10 page
Disturbance Observer-based Robust Control and Its Applications: 35th Anniversary Overview
Disturbance Observer has been one of the most widely used robust control
tools since it was proposed in 1983. This paper introduces the origins of
Disturbance Observer and presents a survey of the major results on Disturbance
Observer-based robust control in the last thirty-five years. Furthermore, it
explains the analysis and synthesis techniques of Disturbance Observer-based
robust control for linear and nonlinear systems by using a unified framework.
In the last section, this paper presents concluding remarks on Disturbance
Observer-based robust control and its engineering applications.Comment: 12 pages, 4 figure
The STRESS Method for Boundary-point Performance Analysis of End-to-end Multicast Timer-Suppression Mechanisms
Evaluation of Internet protocols usually uses random scenarios or scenarios
based on designers' intuition. Such approach may be useful for average-case
analysis but does not cover boundary-point (worst or best-case) scenarios. To
synthesize boundary-point scenarios a more systematic approach is needed.In
this paper, we present a method for automatic synthesis of worst and best case
scenarios for protocol boundary-point evaluation.
Our method uses a fault-oriented test generation (FOTG) algorithm for
searching the protocol and system state space to synthesize these scenarios.
The algorithm is based on a global finite state machine (FSM) model. We extend
the algorithm with timing semantics to handle end-to-end delays and address
performance criteria. We introduce the notion of a virtual LAN to represent
delays of the underlying multicast distribution tree. The algorithms used in
our method utilize implicit backward search using branch and bound techniques
and start from given target events. This aims to reduce the search complexity
drastically. As a case study, we use our method to evaluate variants of the
timer suppression mechanism, used in various multicast protocols, with respect
to two performance criteria: overhead of response messages and response time.
Simulation results for reliable multicast protocols show that our method
provides a scalable way for synthesizing worst-case scenarios automatically.
Results obtained using stress scenarios differ dramatically from those obtained
through average-case analyses. We hope for our method to serve as a model for
applying systematic scenario generation to other multicast protocols.Comment: 24 pages, 10 figures, IEEE/ACM Transactions on Networking (ToN) [To
appear
- …