Organ Transplantation Management

Organ transplantation is a widespread and effective technique to treat important diseases and can often make the difference between life and death of some patients. Given a donor, finding the best recipient for one of his organs means finding, in the shortest time possible, the patient in the waiting list that best represents the compromise between numerous constraints related to donor-recipient physical compatibility and logistical arrangements. Currently, this process is still done in a non-automated, non-coordinated way, often leading to a non-optimal choice of the eventual recipient. This project aims at easing the organ transplantation management by representing it into a multi-agent system and by completely delegating the operation of matchmaking to the agents in the system

Unreliable Failure Detectors via Operational Semantics

The concept of unreliable failure detectors for reliable distributed systems was introduced by Chandra and Toueg as a fine-grained means to add weak forms of synchrony into asynchronous systems. Various kinds of such failure detectors have been identified as each being the weakest to solve some specific distributed programming problem. In this paper, we provide a fresh look at failure detectors from the point of view of programming languages, more precisely using the formal tool of operational semantics. Inspired by this, we propose a new failure detector model that we consider easier to understand, easier to work with and more natural. Using operational semantics, we prove formally that representations of failure detectors in the new model are equivalent to their original representations within the model used by Chandra and Toueg

Modeling Consensus in a Process Calculus

We give a process calculus model that formalizes a well-known algorithm (introduced by Chandra and Toueg) solving consensus in the presence of a particular class of failure detectors; we use our model to formally prove that the algorithm satisfies its specification

Distributed Consensus, Revisited

We provide a novel model to formalize a well-known algorithm, by Chandra and Toueg, that solves Consensus among asynchronous distributed processes in the presence of a particular class of failure detectors (Diamond S or, equivalently, Omega), under the hypothesis that only a minority of processes may crash. The model is defined as a global transition system that is unambigously generated by local transition rules. The model is syntax-free in that it does not refer to any form of programming language or pseudo code. We use our model to formally prove that the algorithm is correct

A formal approach to fault tolerant distributed consensus

The term distributed Consensus denotes the problem of getting a certain number of processes, that could be far away from each other and that exchange messages through some communication means, to all agree on the same value. This problem has been proved impossible to solve in asynchronous settings when at least one process can crash, i.e., stop working. Since the problem of reaching Consensus among processes is recurrent in the domain of distributed computation, many algorithms have been proposed for solving it, circumventing the impossibility result through the introduction of some kind of synchrony in the system. Such algorithms are traditionally expressed in natural language or in pseudocode, thus sometimes generating ambiguities on their contents and on their correctness proofs. In this thesis, we propose a simple, yet efficient way of providing formal descriptions and proofs of distributed Consensus algorithms. Such method is based on the use of inference rules, it requires very little prior knowledge in order to be understood, and follows closely the way algorithms are expressed in pseudocode, thus being intuitive for the users. To show the validity of our claims, we use our method to formalize two of the major distributed Consensus algorithms, namely the Chandra-Toueg and the Paxos algorithms. Using our rigorous description, we then formally prove that such algorithms guarantee the respect of the Validity, Agreement and Termination properties that every solution to the Consensus problem should provide. This proving exercise actually reveals interesting results. We see that the Chandra-Toueg and the Paxos algorithms have strong points of resemblance and their correctness proofs can be carried out in very similar manners. However, while the Chandra-Toueg algorithm proves to be correct under the point of view of the three properties, we discover that Paxos does not give any guarantee of terminating. This generates a philosophical question: should such algorithm be considered a Consensus algorithm or not

An Algebraic Approach to Fault Tolerant Distributed Computing

Even though they relate to the same field of research (concurrency and distributed processes), Concurrency Theory and Distributed Algorithms do not cooperate with each other and constitute two completely separated worlds. I believe the reason for this is the difficulty in mutual understanding, due to the absence of common terminology between the two fields and to the dfference in the approach: more "intuition oriented" for Distributed Algorithms, more "formal proof oriented" for Concurrency Theory. Experience has tought me that proofs based on intuition can sometimes lead to wrong conclusions and natural language descriptions often leave space to open questions and different interpretations. The more the systems under study get complex, the more it is necessary to have a deep understanding of them, the less it is allowed to rely on just natural language, informal descriptions and informal proofs. In particular, for the composition of modules, it is fundamental to have formal descriptions of the properties required and provided by each module and to know, with the level of certainity that only formal proofs can guarantee, that a given module behaves exactly as described in its specifications

Much Ado About Nothing?

AbstractIn our quest on formalizing distributed algorithms, notably one to solve Distributed Consensus, we have at first found it natural to describe the algorithm using an algebraic process calculus. However, both for the purpose of the mere description as well as for proving its correctness (i.e., its satisfaction of the required properties), process calculus technology has not (yet?) quite come out as the ideal tool to use. In this short paper, we try to point out why. In doing so, we try to hint at what we feel missing in currently existing algebraic process calculi and suggest what could or should be added in order to make them helpful tools for distributed algorithms proofs