automatic synthesis of fault-tolerance ali ebnenasir software engineering and network systems...
Post on 15-Jan-2016
214 views
TRANSCRIPT
![Page 1: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/1.jpg)
Automatic Synthesis of Fault-Tolerance
Ali Ebnenasir
Software Engineering and Network Systems Laboratory
Computer Science and Engineering Department
Michigan State University
Advisor: Dr. Sandeep Kulkarni
![Page 2: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/2.jpg)
2
Problem
• Given a program p and a class of faults f,
Question: How do we add desired fault-tolerance properties to p in order to create a new program p’ such that:
Requirements:
1. In the absence of f, the resulting fault-tolerant program p’ behaves similar to p
2. In the presence of f, the resulting fault-tolerant program p’ satisfies the desired fault-tolerance property.
![Page 3: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/3.jpg)
3
Solution Strategies
• Two possible approaches
1. Redesign p’ and verify its correctness w.r.t problem requirements• Expensive approach
2. Automatically synthesize p’ from p• Correct by construction
![Page 4: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/4.jpg)
4
Previous Work on Automated Synthesis
![Page 5: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/5.jpg)
5
Synthesis: Specification-Based
Specification of p(Temporal Logic Expressions/
Automata)
Synthesis Algorithm(prove the satisfiability
of the specification)
FaultsFault-tolerance requirements
(Temporal Logic Expressions)
Fault-tolerant program p’
Program synthesis: Fault-Tolerance synthesis:
[EmersonClarke 1982] [AroraAttieEmerson 1998][AttieEmerson 2001][KupfermannVardi 2001]
![Page 6: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/6.jpg)
6
Synthesis: Calculational
[KulkarniArora 2000] [KulkarniAroraChippada 2001]
Fault-intolerant program p(Transitions)
Synthesis Algorithm(Calculate the set of transitions)
Fault-tolerant program p’(Transitions)
Fault-tolerancerequirements Faults
(Transitions)
![Page 7: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/7.jpg)
7
The Complexity of Calculational Synthesis
• High atomicity model: processes can atomically read/write all program variables– Polynomial in the state space of the fault-intolerant program p [KA00]
• Low atomicity model (distributed programs): processes have read/write restrictions with respect to program variables
– Exponential in the state space of the fault-intolerant program p for synthesizing masking fault-tolerance [KA00]
[KA00] S.S. Kulkarni and A. Arora, Automating the addition of fault-tolerance, FTRTFT 2000.
Propose techniques for the synthesis of fault-tolerant distributed programs
![Page 8: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/8.jpg)
8
Outline• Preliminary concepts
• Synthesis problem
• Current results
– Theoretical issues
• Step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues
• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 9: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/9.jpg)
9
Preliminary Concepts:Programs and Faults
• Program– Finite number of variables with finite domains
– Finite number of processes
• State: a valuation of program variables
• Finite state space Sp
• State predicate X X Sp
• Program p, Fault f { (s0, s1) | (s0, s1) Sp Sp }
• Closure: X is closed in p
XSp
p
![Page 10: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/10.jpg)
10
Preliminary Concepts:Specifications and Fault-Tolerance
• Safety specification: something bad never happens
– Representation { (s0, s1) | (s0, s1) Sp Sp }• E.g., transitions that change the value of a counter from non-zero
values to zero• Liveness specification: something good will eventually happen
– In the absence of faults, fault-tolerant program p’ satisfies the liveness specification of the fault-intolerant program p
• Invariant S, fault-span T Sp
• Fault-tolerance: Failsafe, Nonmasking, Masking
ST
p/f p
f
Sp Program
Fault
![Page 11: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/11.jpg)
11
Preliminary Concepts:Distribution Model
• Read/Write restrictions (low atomicity model)– Assumption: a process cannot write a variable that it cannot read.
• Example: program p• Two processes j, k• Two Boolean variables a and b• Process j cannot read b, but can read and write a
• Write restrictions– Can we include the following transition in the set of transitions of process j?
Write restrictions identify the set of transitions of each process.
a=0,b=0 a=1,b=1
j k
a b
![Page 12: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/12.jpg)
12
Preliminary Concepts:Distribution Model – Continued
• Read restrictions– Can we include the following transition in the set of
transitions of process j?
Groups of transitions (instead of individual transitions) must be chosen.
a=0,b=0 a=1,b=0
a=0,b=1 a=1,b=1
Only if we include the transition
![Page 13: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/13.jpg)
13
Outline• Preliminary concepts
• Synthesis problem
• Current results
– Theoretical issues
• Step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues
• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 14: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/14.jpg)
14
Synthesis Problem
Synthesis Algorithm
Fault-intolerant program p
Specification Spec
Invariant S
(Masking/Nonmasking/Failsafe) Fault-tolerant program p'
Invariant S'Faults f
Distribution restrictions
• Requirements1. No new behaviors are added in the absence of faults.2. In the presence of faults, p’ provides desired level of fault-tolerance.
Desired level of Fault-intolerance (Masking/Nonmasking/Failsafe)
![Page 15: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/15.jpg)
15
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 16: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/16.jpg)
16
Theoretical Issues:Step-Wise Automation
Intolerant Program
Nonmasking fault-tolerant
Masking fault-tolerant
Failsafe fault-tolerant
Failsafe
[KA
00]
![Page 17: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/17.jpg)
17
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 18: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/18.jpg)
18
Theoretical Issues: Polynomial-Time Boundary
• Complexity: reduction from 3-SAT to the problem of synthesizing failsafe fault-tolerant distributed programs
In general, the problem of synthesizing failsafe fault-tolerant distributed programs from their fault-intolerant version is
NP-complete.• Intuitively, the exponential complexity is due to the inability of a
process to safely estimate unreadable variables even in the absence of faults (grouping issue).
• What are the necessary and sufficient conditions for polynomial synthesis of failsafe fault-tolerant distributed programs?
• Restrictions on– The transitions of the fault-intolerant programs– Specifications
![Page 19: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/19.jpg)
19
Theoretical Issues: Monotonicity of Specifications
• Definition: A specification spec is positive monotonic with respect to a Boolean variable x iff:
• For every (s0, s1) and (s’0, s’1) grouped together due to inability of reading x
s1s0
x = falsex = false
If
Does not violate safety
s’0 s’1
x = truex = true
Does not violate safety
Then
![Page 20: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/20.jpg)
20
Theoretical Issues: Monotonicity of Programs
• Definition: Program p with invariant S is positive monotonic with respect to a Boolean variable x iff:
• For every (s0, s1) and (s’0, s’1) grouped together due to inability of reading x
s1s0
Invariant S
x = falsex = false
s’0 s’1
x = truex = true
Monotonicity requirements capture the notion that safe assumptions can be made about variables that cannot be read
![Page 21: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/21.jpg)
21
Theoretical Issues: Monotonicity Theorem
• Sufficiency: if
• Program is negative monotonic, and• Spec is positive monotonic
– Or• Program is positive monotonic, and• Spec is negative monotonic
Then Synthesis of failsafe fault-tolerance can be done in polynomial time
• Necessity: If only one of these conditions is satisfied then synthesizing failsafe fault-tolerance remains NP-complete.
• For many problems, these requirements are easily met (e.g., Byzantine agreement, consensus, atomic commit)
![Page 22: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/22.jpg)
22
Theoretical Issues: An Example for Monotonicity Theorem
• Dijkstra’s guarded commands (actions)– Guard Statement– { (s0, s1) | Guard holds at s0 and atomic execution of Statement yields s1 }
• Example: Byzantine agreement– Safety Specification of Byzantine agreement:
• Agreement: No two non-Byzantine non-generals can finalize with different decisions• Validity: If g is not Byzantine then no non-Byzantine process can finalize with a
different decision with respect to g
– Processes: General, g, and three non-generals j, k, and l– d.g : {0, 1}– d.j, d.k, d.l : {0, 1, ┴ }– b.g, b.j, b.k, b.l : {0, 1}– f.j, f.k, f.l : {0, 1}
g
lkj
![Page 23: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/23.jpg)
23
Theoretical Issues: An Example for Monotonicity Theorem
• Program actions for process jd.j = ┴ f.j = 0 d.j := d.gd.j ≠ ┴ f.j = 0 f.j := 1
• Fault transitions for process j¬b.g ¬b.j ¬b.k ¬b.l b.j := 1b.j d.j :=0|1
• Read/Write restrictions:– Readable variables for process j:
• b.j, d.j, f.j, d.g, d.k, d.l– Process j can write d.j, f.j
![Page 24: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/24.jpg)
24
Theoretical Issues: An Example for Monotonicity Theorem – Continued
• Observation 1: Negative monotonicity of specification with respect to f.j
• Observation 2: Positive monotonicity of program, consisting of the transitions of j, with respect to f.k
• Observation 3: Positive monotonicity of specification with respect to b.j
– The specification does not stipulate anything about the Byzantine processes
• Observation 4: Negative monotonicity of program, consisting of the transitions of j, with respect to b.k
Synthesis of agreement program that is failsafe to Byzantine faults can be done in polynomial time.
![Page 25: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/25.jpg)
25
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 26: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/26.jpg)
26
Theoretical Issues: Heuristics
• Heuristic: A strategy for making deterministic decisions to reduce the complexity of synthesis
– Example: Reuse the structure of nonmasking programs in the synthesis of their masking versions
Intolerant Program
Nonmasking fault-tolerant
Masking fault-tolerant
Fault-ToleranceEnhancement
![Page 27: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/27.jpg)
27
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 28: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/28.jpg)
28
Theoretical Issues:
Pre-Synthesized Fault-Tolerance Components• What if existing heuristics fail?
• How can we reuse the techniques used in the synthesis of a program, in the synthesis of another program?
• Can we encapsulate commonly encountered synthesis patterns in terms of pre-synthesized fault-tolerance components?
• Detectors and correctors are necessary and sufficient in the design of fault-tolerance [AK98]– Detectors and correctors have the potential to provide a rich library of pre-
synthesized fault-tolerance components
[AK98] A. Arora and S.S. Kulkarni, Detectors and Correctors: A Theory of Fault-Tolerance , IEEE ICDCS 1998.
![Page 29: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/29.jpg)
29
Theoretical Issues:Using Pre-Synthesized Components
• If available heuristics fail to add recovery from a deadlock state sd
Automatically specify the required component
Extract the component from the component library
Verify the interference-freedom of the composition
Add extracted component to the fault-intolerant program
![Page 30: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/30.jpg)
30
Theoretical Issues:Pre-Synthesized Components - Achievements
• Reducing the chance of failure in the synthesis
• Providing a mechanism for the reuse of synthesis techniques
• Extending the scope of synthesis problem where the state space is expanded during the synthesis
• Controlling the way new variables are introduced
![Page 31: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/31.jpg)
31
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 32: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/32.jpg)
32
Practical Issues:Framework Goals
• Goals of the framework design
– Ability to synthesize fault-tolerant programs from their fault-intolerant versions
– Ability to integrate new heuristics into the framework
– Ability to change implementation
![Page 33: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/33.jpg)
33
Practical Issues:Synthesis Framework
Synthesis algorithm
Interactive user interface
The user(Fault-tolerance developer)
Query
QueryResults
Resultsp, S, f, spec
p, S, f, spec p’, S’
p’, S’
Guarded commands,State predicates
Guarded commands/Promela,State predicates
Library of pre-synthesized fault-tolerance components
Pre-synthesizeddetectors/correctors
Component specification
![Page 34: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/34.jpg)
34
Practical Issues:Framework Internals –Synthesis Algorithm
Remove bad transitions
Remove bad states
Expand the reachability graph
Initialization
Ensure safety
Ensure deadlock freedom
Calculate a valid fault-span
Preserve Invariant
Ensure deadlock freedom
Calculate a valid invariant
Modify Invariant
Resolve non-progress cycles
Reachability graph of the fault-tolerant program
Interaction pointsp, S, f, spec
p’, S’Fault-tolerant program
Fault-intolerant program
![Page 35: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/35.jpg)
35
Practical Issues:Current Status of the Framework
• Example synthesized programs:– Token ring with 7 processes – Byzantine agreement with 4 non-general processes and one general
process– An agreement program that is subject to both Byzantine and fail-stop
faults (1.3 million states)
• Currently, the framework can– handle different types of faults (e.g., process restart, Byzantine, fail-
stop)– synthesize programs that are simultaneously subject to multiple types
of faults
![Page 36: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/36.jpg)
36
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 37: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/37.jpg)
37
Contributions
• Showing the NP-completeness of synthesizing failsafe fault-tolerance
• Identifying the necessary and sufficient conditions for polynomial-time
synthesis of failsafe fault-tolerance
• Reusing the computational structure of fault-intolerant programs to reduce the
complexity of synthesis (enhancement)
• Identifying synthesis patterns as pre-synthesized fault-tolerance components
• Developing a framework for the synthesis of fault-tolerant programs
![Page 38: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/38.jpg)
38
Outline• Preliminary concepts
• Synthesis problem
• Current results– Theoretical issues
• step-wise automation
• Polynomial-time boundary
• Heuristics
• Pre-synthesized fault-tolerance components
– Practical issues• A framework for the synthesis of fault-tolerant programs
• Contributions
• Open problems
![Page 39: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/39.jpg)
39
Open Problems• Theoretical issues
– Non-monotonic programs/specifications to monotonic ones
• Extending the scope of the programs that can reap the benefit of efficient
automation
– Necessary and sufficient conditions for simultaneous addition of multiple
pre-synthesized fault-tolerance components
– Necessary and sufficient conditions for polynomial-time synthesis of
nonmasking fault-tolerant programs
– Automated synthesis of multitolerance
![Page 40: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/40.jpg)
40
Open Problems - Continued
• Practical issues– Distributed synthesis algorithm
– Symbolic synthesis of fault-tolerance
Distributed Synthesis Algorithm
SAT solver SAT solver
Verify safety Y/N Closure Y/N Cycle detection
Y/N
. . .SAT solver
![Page 41: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/41.jpg)
41
Open Problems - Continued
• Using model checkers for acquiring behavioral information during synthesis
Distributed Synthesis Algorithm
. . .SPIN SPIN SPIN
![Page 42: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/42.jpg)
42
Publications• Published papers
– Sandeep S. Kulkarni and Ali Ebnenasir. "Enhancing The Fault- Tolerance of Nonmasking Programs". IEEE ICDCS 2003.
– Ali Ebnenasir. "Algorithmic Synthesis of Fault-Tolerant Distributed Programs". Doctoral Symposium of ICDCS 2003.
– Sandeep S. Kulkarni and Ali Ebnenasir. "The Complexity of Adding Failsafe Fault-Tolerance". IEEE ICDCS 2002.
• Submitted papers – Sandeep S. Kulkarni and Ali Ebnenasir. "Adding Fault-
Tolerance Using Pre-Synthesized Components". Submitted to CBSE7, ICSE 2004.
– Ali Ebnenasir and Sandeep S. Kulkarni . "A Framework for Automatic Synthesis of Fault-Tolerance". Submitted to DSN 2004.
– Sandeep S. Kulkarni and Ali Ebnenasir. "Automated Synthesis of Multitolerance". Submitted to DSN 2004.
![Page 43: Automatic Synthesis of Fault-Tolerance Ali Ebnenasir Software Engineering and Network Systems Laboratory Computer Science and Engineering Department Michigan](https://reader035.vdocuments.us/reader035/viewer/2022062518/56649d625503460f94a44735/html5/thumbnails/43.jpg)
43
Thank you!
Questions and comments?