A framework for open distributed system design

Building open distributed systems is an even more challenging task than building distributed systems, as their components are loosely synchronised, can move, become disconnected, and their behaviour may depend on the changing context. The approach we are putting forward relies on using a combination of formal methods applied for rigorous development of the critical parts of the system and a set of design abstractions proposed specifically for the open context-aware applications and supported by a special middleware. Our middleware provides system structuring through the concepts of roles, agents, locations and scopes, making it easier for application developers to achieve fault tolerance. We demonstrate our approach using a case study, in which we show the whole process of developing an ambient campus application - an example of open distributed systems - including its formal specification, refinement, and implementation

On rigorous design and implementation of fault tolerant ambient systems

Developing fault tolerant ambient systems requires many challenging factors to be considered due to the nature of such systems, which tend to contain a lot of mobile elements that change their behaviour depending on the surrounding environment, as well as the possibility of their disconnection and re-connection. It is therefore necessary to construct the critical parts of fault tolerant ambient systems in a rigorous manner. This can be achieved by deploying formal approach at the design stage, coupled with sound framework and support at the implementation stage. In this paper, we briefly describe a middleware that we developed to provide system structuring through the concepts of roles, agents, locations and scopes, making it easier for the developers to achieve fault tolerance. We then outline our experience in developing an ambient lecture system using the combination of formal approach and our middleware

Self-Recovering Sensor-Actor Networks

Wireless sensor-actor networks are a recent development of wireless networks where both ordinary sensor nodes and more sophisticated and powerful nodes, called actors, are present. In this paper we formalize a recently introduced algorithm that recovers failed actor communication links via the existing sensor infrastructure. We prove via refinement that the recovery is terminating in a finite number of steps and is distributed, thus self-performed by the actors. Most importantly, we prove that the recovery can be done at different levels, via different types of links, such as direct actor links or indirect links between the actors, in the latter case reusing the wireless infrastructure of sensors. This leads to identifying coordination classes, e.g., for delegating the most security sensitive coordination to the direct actor-actor coordination links, the least real-time constrained coordination to indirect links, and the safety critical coordination to both direct actor links and indirect sensor paths between actors. Our formalization is done using the theorem prover in the RODIN platform

A Pattern based Modelling for Self-Organizing Multi-Agent Systems with Event-B

International audienceSelf-Organizing Multi-Agent Systems (SO-MAS) are defined as a set of autonomous entities called agents interacting together in order to achieve a given task. Generally, the development process of these systems is based on the bottom-up approach which focuses on the design of the entities individual behavior. The main question arising when developing SO-MAS is how to insure that the designed entities, when interacting together, will give rise to the desired behavior? Our proposition to deal with this question is to use formal methods. We propose a correct by construction method for systematic design of SO-MAS based on the use of design patterns and formal stepwise refinements. Our work gives guidelines to assist the designer when developing the individual behavior of the entities and prove its correctness at the early stages of the design process. The method is illustrated with the foraging ants’ case study

The Re-entrance Problem and Its Solution

In this paper we take a formal look at the nature of the re-entrance problem. We see the essence of the problem in a conflict between the assumptions components make about each other's behavior. We argue that to ensure safe composability of mutually dependent components in an open system one needs to reason about them modularly. We propose an approach for extending component specifications with rely/guarantee conditions, explicitly expressing the assumptions components can safely make about each other. Accordingly, we define how to refine components in accordance with the rely/guarantee conditions. By extending the refinement calculus, we define a customized theory of components necessary for reasoning about composability. Then we formally prove that refining components taking into account the rely/guarantee conditions permits to reason about component systems modularly and in this way avoid the re-entrance problem. Keywords : re-entrance problem, modular reasoning, component substitut..