Results 1  10
of
49
Stabilizationpreserving atomicity refinement
 IN DISC99 DISTRIBUTED COMPUTING 13TH INTERNATIONAL SYMPOSIUM
, 1999
"... Program renements from an abstract to a concrete model empower designers to reason effectively in the abstract and architects to implement effectively in the concrete. For refinements to be useful, they must not only preserve functionality properties but also dependability properties. In this paper ..."
Abstract

Cited by 41 (5 self)
 Add to MetaCart
Program renements from an abstract to a concrete model empower designers to reason effectively in the abstract and architects to implement effectively in the concrete. For refinements to be useful, they must not only preserve functionality properties but also dependability properties. In this paper, we focus our attention on refinements that preserve the property of stabilization. We distinguish between two types of stabilizationpreserving refinements  atomicity refinement and semantics refinement  and study the former. Specifically, we present a stabilizationpreserving atomicity refinement from a model where a process can atomically access the state of all its neighbors and update its own state, to a model where a process can only atomically access the state of any one of its neighbors or atomically update its own state. (Of course, correctness properties, including termination and fairness, are also preserved.) Our refinement is based on a lowatomicity, boundedspace, stabilizing solution to the dining philosophers problem. It is readily extended to: (a) solve stabilizationpreserving semantics refinement, (b) solve the drinking philosophers problem, and (c) allow further refinement into a messagepassing model.
TimeAdaptive Self Stabilization
, 1997
"... We study the scenario where a transient fault hit f of the n nodes of a distributed system by corrupting their state. We consider the basic persistent bit problem, where the system is required to maintain a 0/1 value in the face of transient failures by means of replication. We give an algorithm ..."
Abstract

Cited by 37 (6 self)
 Add to MetaCart
We study the scenario where a transient fault hit f of the n nodes of a distributed system by corrupting their state. We consider the basic persistent bit problem, where the system is required to maintain a 0/1 value in the face of transient failures by means of replication. We give an algorithm to recover the value quickly: the value of the bit is recovered at all nodes in O(f) time units for an unknown f ! n=2. Moreover, complete state quiescence occurs in O(diam) time units, where diam denotes the actual diameter of the network. This means that the value persists indefinitely so long as any f ! n=2 faults are followed by \Omega\Gamma diam) faultfree time units. We prove matching lower bounds on both the output stabilization time and the state quiescence time. Using our persistent bit algorithm, we present a general transformer which takes a distributed nonreactive nonstabilizing protocol P , and produces a selfstabilizing protocol P 0 which solves the problem P solv...
SelfStabilizing Local Mutual Exclusion and Daemon Refinement
, 2002
"... Refining selfstabilizing algorithms which use tighter scheduling constraints (weaker daemon) into corresponding algorithms for weaker or no scheduling constraints (stronger daemon), while preserving the stabilization property, is useful and challenging. Designing transformation techniques for these ..."
Abstract

Cited by 36 (6 self)
 Add to MetaCart
Refining selfstabilizing algorithms which use tighter scheduling constraints (weaker daemon) into corresponding algorithms for weaker or no scheduling constraints (stronger daemon), while preserving the stabilization property, is useful and challenging. Designing transformation techniques for these refinements has been the subject of serious investigations in recent years. This paper proposes a new transformation technique for daemon refinement. The core of the transformer is a selfstabilizing local mutual exclusion algorithm. The local mutual exclusion problem is to grant a process the privilege to enter critical section if and only if none of its neighbors has the privilege. The contribution of this paper is twofold. First, we present a boundedmemory selfstabilizing local mutual exclusion algorithm for arbitrary networks, assuming any arbitrary daemon. After stabilization, this algorithm maintains a bound on the service time (the delay between two successive executions of critical section by a particular process). This bound is n(n 1) where n is the network size. Another nice feature of our algorithm is that it satisfies the strong safety property  in any configuration, there is at least one privileged processor. Second, we use the local mutual exclusion algorithm to design two transformers which convert the algorithms working under a weaker daemon to ones which work under the distributed, arbitrary (or unfair) daemon. Both transformers preserve the selfstabilizing property. The first transformer refines algorithms written under the central daemon, while the second transformer refines algorithms designed for the kfair (k (n 1)) daemon.
Local Stabilizer
 In Proceedings of the 5th Israel Symposium on Theory of Computing and Systems
, 1997
"... A local stabilizer protocol that takes any online or offline distributed algorithm and converts it into a synchronous selfstabilizing algorithm with local monitoring and repairing properties is presented. Whenever the selfstabilizing version enters an inconsistent state, the inconsistency is ..."
Abstract

Cited by 35 (1 self)
 Add to MetaCart
A local stabilizer protocol that takes any online or offline distributed algorithm and converts it into a synchronous selfstabilizing algorithm with local monitoring and repairing properties is presented. Whenever the selfstabilizing version enters an inconsistent state, the inconsistency is detected, in O(1) time, and the system state is repaired in a local manner. The expected computation time that is lost during the repair process is proportional to the largest diameter of a faulty region. An extended abstract of this paper appeared in the Proc. of the 5th Israeli Symposium on Theory of Computing and Systems, June 1997 and a brief announcement in Proc. of the 16th Annual ACM Symp. on Principles of Distributed Computing, August 1997. y Computer Science Department, TelAviv University, TelAviv, 69978, Israel. Email: afek@math.tau.ac.il. z Department of Mathematics and Computer Science, BenGurion University, BeerSheva, 84105, Israel. Partially supported by the Israeli m...
Memory space requirements for selfstabilizing leader election protocols
 IN PODC99 PROCEEDINGS OF THE EIGHTEENTH ANNUAL ACM SYMPOSIUM ON PRINCIPLES OF DISTRIBUTED COMPUTING
, 1999
"... We study the memory requirements of selfstabilizing leader election (SSLE) protocols. We are mainly interested in two types of systems: anonymous systems and idbased systems. We consider two classes of protocols: deterministic ones and randomized ones. We prove that a nonconstant lower bound on t ..."
Abstract

Cited by 34 (17 self)
 Add to MetaCart
We study the memory requirements of selfstabilizing leader election (SSLE) protocols. We are mainly interested in two types of systems: anonymous systems and idbased systems. We consider two classes of protocols: deterministic ones and randomized ones. We prove that a nonconstant lower bound on the memory space is required by a SSLE protocol on unidirectional, anonymous rings (even if the protocol is randomized). We show that, if there is a deterministic protocol solving a problem on idbased systems where the processor memory space is constant and the idvalues are not bounded then there is a deterministic protocol on anonymous systems using constant memory space that solves the same problem. Thus impossibility results on anonymous rings (i.e. one may design a deterministic SSLE protocol, only on prime size rings, under a centralized daemon) can be extended to those kinds of idbased rings. Nevertheless, it is possible to design a silent and deterministic SSLE protocol requiring constant memory space on unidirectional, idbased rings where the idvalues are bounded. We present such a protocol. We also present a randomized SSLE protocol and a token circulation protocol under an unfair, distributed daemon on anonymous and unidirectional rings of any size. We give a lower bound on memory space requirement proving that these protocols are space optimal. The memory space required is constant on average.
A Transformation of SelfStabilizing Serial Model Programs for Asynchronous Parallel Computing Environments
, 1998
"... In 1974, Dijkstra presented the notion of selfstabilization in the context of distributed computing[5]. A system is selfstabilizing (SS) with respect to a set of legitimate states if regardless of its initial state, the system is guaranteed to arrive at a legitimate state in a finite number of ex ..."
Abstract

Cited by 23 (4 self)
 Add to MetaCart
In 1974, Dijkstra presented the notion of selfstabilization in the context of distributed computing[5]. A system is selfstabilizing (SS) with respect to a set of legitimate states if regardless of its initial state, the system is guaranteed to arrive at a legitimate state in a finite number of execution steps and will never leave legitimate states after that. Thus, an SS system need not be initialized and is able to recover from transient failures by itself. Many SS programs have been developed for different models with various assumptions about their execution environments. These assumptions include the semantics of concurrency and communication primitives. Among these models, a serial model (Cdaemon model) has the strongest assumptions. In the serial model, an atomic execution step consists of (1) a read substep, which reads the states of its neighbor processes; followed by (2) a write substep, which modifies its own state (based on the neighbors ' current states and its own state). The communication and concurrency semantics are such that each process can always see the current states of its neighbors, and only one process at a time executes an atomic step.
Proof Labeling Schemes
 Proc. the 24th Annual ACM Symposium on Principles of Distributed Computing (PODC 2005), Las Vegas
, 2005
"... This paper addresses the problem of locally verifying global properties. Several natural questions are studied, such as “how expensive is local verification? ” and more specifically “how expensive is local verification compared to computation? ” A suitable model is introduced in which these questio ..."
Abstract

Cited by 20 (13 self)
 Add to MetaCart
This paper addresses the problem of locally verifying global properties. Several natural questions are studied, such as “how expensive is local verification? ” and more specifically “how expensive is local verification compared to computation? ” A suitable model is introduced in which these questions are studied in terms of the number of bits a node needs to communicate. In addition, approaches are presented for the efficient construction of schemes, and upper and lower bounds are established on the cost of schemes for multiple basic problems. The paper also studies the role and cost of unique identities in terms of impossibility and complexity. Previous studies on related questions deal with distributed algorithms that simultaneously compute a configuration and verify that this configuration has a certain desired property. It turns out that this combined approach enables verification to be less costly, since the configuration is typically generated so as to be easily verifiable. In contrast, our approach separates the configuration design from the verification. That is, it first generates the desired configuration without bothering with the need to verify, and then handles the task of constructing a suitable verification scheme. Our approach thus allows for a more modular design of algorithms, and has the potential to aid in verifying properties even when the original design of the structures for maintaining them was done without verification in mind.
Stabilizing TimeAdaptive Protocols
, 1998
"... We study the scenario where a transient batch of faults hit a minority of the nodes in a distributed system by corrupting their state. We concentrate on the basic persistent bit problem, where the system is required to maintain a 0/1 value in the face of transient failures by means of replication ..."
Abstract

Cited by 19 (4 self)
 Add to MetaCart
We study the scenario where a transient batch of faults hit a minority of the nodes in a distributed system by corrupting their state. We concentrate on the basic persistent bit problem, where the system is required to maintain a 0/1 value in the face of transient failures by means of replication. We give an algorithm to stabilize the value to a correct state quickly; that is, denoting the unknown number of faulty nodes by f , our algorithm recovers the value of the bit at all nodes in O(f) time units for any f ! n=2, where n is the number of all nodes. Moreover,
Distributed Verification of Minimum Spanning Trees
 Proc. 25th Annual Symposium on Principles of Distributed Computing
, 2006
"... The problem of verifying a Minimum Spanning Tree (MST) was introduced by Tarjan in a sequential setting. Given a graph and a tree that spans it, the algorithm is required to check whether this tree is an MST. This paper investigates the problem in the distributed setting, where the input is given in ..."
Abstract

Cited by 19 (17 self)
 Add to MetaCart
The problem of verifying a Minimum Spanning Tree (MST) was introduced by Tarjan in a sequential setting. Given a graph and a tree that spans it, the algorithm is required to check whether this tree is an MST. This paper investigates the problem in the distributed setting, where the input is given in a distributed manner, i.e., every node “knows ” which of its own emanating edges belong to the tree. Informally, the distributed MST verification problem is the following. Label the vertices of the graph in such a way that for every node, given (its own label and) the labels of its neighbors only, the node can detect whether these edges are indeed its MST edges. In this paper we present such a verification scheme with a maximum label size of O(log n log W), where n is the number of nodes and W is the largest weight of an edge. We also give a matching lower bound of Ω(log n log W) (except when W ≤ log n). Both our bounds improve previously known bounds for the problem. Our techniques (both for the lower bound and for the upper bound) may indicate a strong relation between the fields of proof labeling schemes and implicit labeling schemes. For the related problem of tree sensitivity also presented by Tarjan, our method yields rather efficient schemes for both the distributed and the sequential settings.
Stabilization of Maximal Metric Trees
 Workshop on SelfStabilizing Systems ’99
, 1999
"... We present a formal definition of routing metrics and provide the necessary and sufficient conditions for a routing metric to be optimizable along a tree. Based upon these conditions we present a generalization of the shortest path tree which we call the "maximal metric tree". We present a stabilizi ..."
Abstract

Cited by 13 (1 self)
 Add to MetaCart
We present a formal definition of routing metrics and provide the necessary and sufficient conditions for a routing metric to be optimizable along a tree. Based upon these conditions we present a generalization of the shortest path tree which we call the "maximal metric tree". We present a stabilizing protocol for constructing maximal metric trees. Our protocol demonstrates that the distancevector routing paradigm may be extended to any metric that is optimizable along a tree and in a selfstabilizing manner. Examples of maximal metric trees include shortest path trees (distancevector) , depth first search trees, maximum flow trees, and reliability trees. 1. Introduction A number of papers have addressed stabilizing spanning tree construction and selfstabilizing shortest path tree protocols may be found in [DIM93, AKY90, AKM93, AG94]. Although not always explicit about this, most of the stabilizing tree protocols in the literature are based upon a distancevector approach. In the di...