150 likes | 281 Views
Mikhail Nesterenko Kent State University. Anish Arora Ohio State University. Local Tolerance to Unbounded Byzantine Faults. faulty. affected. localize tolerance to unbounded complex faults. Tolerating Faults in System of Large Scale.
E N D
Mikhail Nesterenko Kent State University Anish Arora Ohio State University Local Tolerance to Unbounded Byzantine Faults
faulty affected • localize tolerance to unbounded complex faults Tolerating Faults in System of Large Scale • large system size presents uniquechallenges to ensuring dependability: • faults occur often • multiple regions can be affected by faults • faults may interact unpredictably • faults can be spatially/temporally unbounded & complex • how to tolerate such faults?
2 3 4 5 1 sink Execution model & Example problems • execution model • asynchronous • interleaving • communication via shared registers • examples • graph coloring – color (assign numbers) vertices of a graph so that colors of adjacent onse do not match • if graph has degree d, can always color in d+1 colors • routing – assign parent to each process such that there is a path from each process to the sink (destination)
Outline • fault containment & tolerance • strict fault containment • strict fault tolerance • strict stabilization • examples of strictly fault tolerant programs • graph coloring • dining philosophers • routing • limits of strict fault containment • critique and further directions
Spatial Fault Hierarchy • bounded faults – processes outside certain locality of a fault perform correctly (according to specification) • unbounded faults – process performs correctly in spite of faults outside its locality • unbounded Byzantine faults - each process behaves correctly regardless of actions outside its locality if a program is tolerant to unbounded Byzantine faults, it is also tolerant to bounded and unbounded faults of any fault class
Containment of Unbounded Faults • What does it mean for an individual process to perform correctly? • Proposition 4. P is strictly fault containing if there exists a constant l such that for each process p there exists and invariant I.p which is closed with respect to Byzantine actions of processes whose distance to p is greater than l • what is the form of this invariant? • can it include variables outside locality? • can you always come up with an invariant of this form?
Tolerance Inside Locality • What if faults occur inside the containment locality? • can achieve additional tolerance • two process specifications • ideal (no faults) • tolerant (faults of some class present) • example – safety is never violated • which spec do processes outside fault locality satisfy?
Strict Stabilization • stabilization – special case of tolerantspec – eventual satisfaction of ideal spec when (transient) faults stop occurring • strict stabilization – process p eventuallysatisfies ideal spec regardless of behaviorof processes outside its locality • what is the difference between traditional stabilization and strict stabilization? • is strict containment required for strict stabilization? • more formally:
Vertex Coloring Program (PVC) • Lemma 2. when node has a neighbor with matchingcolor it can select a new color without affecting any of its neighbors • Invariant: • Theorem 1.PVC is strictly fault-containing and strictly stabilizing(with locality of 1) Byzantine node nodes that may recolor following Byzantine
cycle of requesting process thinking(T) hungry (H) eating (E) Dining Philosophers Problem (DP) [D72] • graph of processes, each may request to eat • properties • no two neighbors eat together • each requesting process eats eventually
T T T a b c executes T T H a b c T E T a b c T T T a b c E E T a b c DP: Fault-Free Operation [CM84] actions: • if thinking, needs to eat & all parents thinking become hungry • if hungry & no neighbors eating eat • when finished think & become child of each neighbor b eats &gives upprivilege a & c eat
T H E E T H H H T T T E Dining Philosophers Program (PDP) • a hungry faulty process may block immediate thinking neighbors • an eating faulty process may block hungry neighbors and their thinking neighbors
Dining Philosophers Program (PDP) Lemma 4. non-Byzantine eating process eventually thinks Lemma 5. a hungry process whose immediate neighborhood is not Byzantine eventually eats Lemma 6. If a Byzantine process is at least 2 hops away a thinking process eventually becomes hungry Invariant Theorem 2.PDP is strictly fault-containing and strictly stabilizing(with locality of 2)
Limits of Containment s1ands2differ in values of a process at least r away from p s1 σ is in p’s spec s2 • Theorem 3. the containment radius of a solution to an r-restrictive problem is at least r • graph coloring and dining-philosophers are 1-restrictive • routing is restrictive for arbitrary r
Critique and Further Research • interesting and useful examples of strict containment • geometric spanners, spanners of fixed degree • low-atomicity dining-philosophers • ?? • better bounds on containment • r-restriction is obvious but too crude a bound for containment • some non-containing problems appear “almost” the same as containing • example: • maximal independent set – 1-containing • maximal independent set with distance of at most 2 – not containing for any l