13,684 research outputs found
Verifying Strong Eventual Consistency in Distributed Systems
Data replication is used in distributed systems to maintain up-to-date copies of shared data across multiple
computers in a network. However, despite decades of research, algorithms for achieving consistency in
replicated systems are still poorly understood. Indeed, many published algorithms have later been shown to
be incorrect, even some that were accompanied by supposed mechanised proofs of correctness. In this work,
we focus on the correctness of Conflict-free Replicated Data Types (CRDTs), a class of algorithm that provides
strong eventual consistency guarantees for replicated data. We develop a modular and reusable framework
in the Isabelle/HOL interactive proof assistant for verifying the correctness of CRDT algorithms. We avoid
correctness issues that have dogged previous mechanised proofs in this area by including a network model
in our formalisation, and proving that our theorems hold in all possible network behaviours. Our axiomatic
network model is a standard abstraction that accurately reflects the behaviour of real-world computer networks.
Moreover, we identify an abstract convergence theorem, a property of order relations, which provides a formal
definition of strong eventual consistency. We then obtain the first machine-checked correctness theorems for
three concrete CRDTs: the Replicated Growable Array, the Observed-Remove Set, and an Increment-Decrement
Counter. We find that our framework is highly reusable, developing proofs of correctness for the latter two
CRDTs in a few hours and with relatively little CRDT-specific code
On Verifying Causal Consistency
Causal consistency is one of the most adopted consistency criteria for
distributed implementations of data structures. It ensures that operations are
executed at all sites according to their causal precedence. We address the
issue of verifying automatically whether the executions of an implementation of
a data structure are causally consistent. We consider two problems: (1)
checking whether one single execution is causally consistent, which is relevant
for developing testing and bug finding algorithms, and (2) verifying whether
all the executions of an implementation are causally consistent.
We show that the first problem is NP-complete. This holds even for the
read-write memory abstraction, which is a building block of many modern
distributed systems. Indeed, such systems often store data in key-value stores,
which are instances of the read-write memory abstraction. Moreover, we prove
that, surprisingly, the second problem is undecidable, and again this holds
even for the read-write memory abstraction. However, we show that for the
read-write memory abstraction, these negative results can be circumvented if
the implementations are data independent, i.e., their behaviors do not depend
on the data values that are written or read at each moment, which is a
realistic assumption.Comment: extended version of POPL 201
Causal Consistency: Beyond Memory
In distributed systems where strong consistency is costly when not
impossible, causal consistency provides a valuable abstraction to represent
program executions as partial orders. In addition to the sequential program
order of each computing entity, causal order also contains the semantic links
between the events that affect the shared objects -- messages emission and
reception in a communication channel , reads and writes on a shared register.
Usual approaches based on semantic links are very difficult to adapt to other
data types such as queues or counters because they require a specific analysis
of causal dependencies for each data type. This paper presents a new approach
to define causal consistency for any abstract data type based on sequential
specifications. It explores, formalizes and studies the differences between
three variations of causal consistency and highlights them in the light of
PRAM, eventual consistency and sequential consistency: weak causal consistency,
that captures the notion of causality preservation when focusing on convergence
; causal convergence that mixes weak causal consistency and convergence; and
causal consistency, that coincides with causal memory when applied to shared
memory.Comment: 21st ACM SIGPLAN Symposium on Principles and Practice of Parallel
Programming, Mar 2016, Barcelone, Spai
Extending Eventually Consistent Cloud Databases for Enforcing Numeric Invariants
Geo-replicated databases often operate under the principle of eventual
consistency to offer high-availability with low latency on a simple key/value
store abstraction. Recently, some have adopted commutative data types to
provide seamless reconciliation for special purpose data types, such as
counters. Despite this, the inability to enforce numeric invariants across all
replicas still remains a key shortcoming of relying on the limited guarantees
of eventual consistency storage. We present a new replicated data type, called
bounded counter, which adds support for numeric invariants to eventually
consistent geo-replicated databases. We describe how this can be implemented on
top of existing cloud stores without modifying them, using Riak as an example.
Our approach adapts ideas from escrow transactions to devise a solution that is
decentralized, fault-tolerant and fast. Our evaluation shows much lower latency
and better scalability than the traditional approach of using strong
consistency to enforce numeric invariants, thus alleviating the tension between
consistency and availability
- …