self-stabilization and virtual node layer emulations

October 26, 2007 TDS seminarTDS seminar

Self-stabilization and Self-stabilization and Virtual Node Layer EmulationsVirtual Node Layer Emulations

Tina Nolte, Nancy LynchTina Nolte, Nancy Lynch

(MIT CSAIL)(MIT CSAIL)

2TDS seminar

IntroductionIntroduction Model / VSAsModel / VSAs Emulation Emulation StabilizationStabilization Self-stab. emulationSelf-stab. emulation

Main Topics

Virtual Node layer emulations: VSA layer. Example VSA layer application. VSA layer emulation.

Stabilization and Self-stabilization: Def. for TIOA setting. Application to VN layer emulations.

3TDS seminar


Mobile Networks

Increasingly common and important. Ad hoc network scenarios:

Rescue workers Soldiers in battle Robots in novel location Cooperative driving Mobile object tracking

4TDS seminar


Motivation

But application design is hard! No infrastructure Unpredictable reliability Unpredictable motion Unpredictable communication

5TDS seminar


Virtual Node Layers

Q: How do we simplify application design for mobile ad hoc networks?

A: Virtual node infrastructure: Virtual timed automata Fixed virtual automata locations

Application

Virtual Node Layer

6TDS seminar


Prior Virtual Node Work

Virtual Storage: GeoQuorums [DGLSW’03]

Atomic read/write memory Virtual Mobile Nodes [DGLSSW’04, DGSSW’05]

Untimed automata Mobile

Virtual Stationary Automata Timed automata Stationary

7TDS seminar


Virtual Infrastructures

8TDS seminar


GeoCast [DLLN’05]

Route message to a geographical region.

TDS seminar 9


Timed I/O Automata (TIOA) [KLSV’06]

Nondeterministic state machine whose state can change via discrete transitions or according to trajectories.

A TIOA consists of: X: internal variables Q ≤ val(X): states Θ ≤ Q: start states, nonempty I: input actions O: output actions E=I+O H: internal actions A=I+O+H D ≤ QxAxQ: discrete transitions T ≤ trajectories of Q: trajectories

TDS seminar 10


TIOA cont.

Composition A||B of compatible A and B

(A,V)-sequence: act1, traj1, act2, traj2, … Executions and execution fragments Traces and trace fragments (A’,V’)- restriction of an (A,V)-sequence

TDS seminar 11


Physical Layer Model

Carve space up into regions w/ids in U. Physical layer (mobile node) assumptions:

TIOAs Local Broadcast communication (only):

Atomic broadcast within a region. Guaranteed timely delivery.

Might fail and restart. Access to RW.

TDS seminar 12


RW

Source of consistency: Location/ region information. Synchronized real-time clocks. Refreshed at each node every εsample time and

whenever node changes region or fail status. Reasonable assumption.

TDS seminar 13


VSA Layer

Mobile nodes. Virtual Stationary

Automata (VSAs): Timed. Predetermined regions and programs.

V-bcast service: VSAs and mobile nodes in same and neighboring regions can

communicate. Similar comm guarantees as with physical nodes.

RW’

TDS seminar 14


What is a VSA?

Implemented by the underlying real mobile nodes and their broadcast services.

What abstract machines can we emulate? Automata with real-time clocks.

Necessary for many control applications. Can broadcast and receive messages. Can crash, restart.

We provide delay-augmented VSAs: Abstract machines with delayed broadcasts.

TDS seminar 15


RW’

RW augmented with region fail/restart. Region failure predicates over RW’ exe history:

failprec[u]: an alive region is allowed to fail failstop[u]: an alive region must fail

Region restart predicates over RW’ exe history: restartprec[u]: a failed region is allowed to restart restartstop[u]: a failed region must restart

TDS seminar 16


Physical and virtual layer diagrams

P-bcast

RW

Pp Pq Vu Vv

’

V /

C /C /

GPSupdate(u,now)p

GPSupdate(u,now)q

GPSupdate(u,now)p

bcast(m)pbcast(m)q

bcrcv(m)p bcrcv(m)q

……

failp

failq failu

failv

restartp

restartu

restartq restartv

bcast(m)ubcast(m)v

brcv(m)ubrcv(m)v

TDS seminar 17


VSA Layer programs

A V-algorithm, alg, is a mapping from: Mobile node ids to client TIOAs Region ids to VSA TIOAs

Valgs is the set of all V-algorithms Vlayer[alg] is the instantiation by alg of the

abstract VSA layer. Vlayer[alg] is composition of V-bcast, Dout[e]u for u in

U, and alg(q) for q in P+U, with bcast action between VSA and Dout hidden.

TDS seminar 18


Application: algGeo [DLLN’05]

Timed channel automaton allowing geocast, georcv. Say geocast by client in u to region v at time t is

serviceable if exists >= 1 path of non-failed regions from u to v over entire interval [t,t+ ttlgeo].

If client performs geocast(v,m) at time t, and the geocast is serviceable, then all nonfailed clients in region v georcv(m) by time t+ttlgeo.

If a client in region v performs georcv(m), a geocast(v,m) was performed within last ttlgeo time.

TDS seminar 19


VNLayer GeoCast implementation (alggeo)

Uses VSA layer and a greedy DFS algorithm. If non-destination VSA receives message m (via V-bcast):

It forwards m to a neighboring VSA closer to the destination. If it does not receive an ack that m was received in bd’d time, it

reforwards to the next closest neighbor, etc. Greedy DFS. Persistent greedy DFS.

If destination VSA receives the message: It tells the forwarder that the message has arrived. That forwarder tells the VSA that forwarded m to it that m has

arrived, etc.

TDS seminar 20


Example: VSA u sending m to v

1. VSA u wants to send m to v.

Geocast(v, m)

TDS seminar 21



2. Message is forwarded to nbr closest to v.

bcast(<forward, <m, u, v, now>, u, u’>)

TDS seminar 22



3. Message continues to be forwarded closer…

bcast(<forward, <m, u, v, now>, u”, u”’>)

TDS seminar 23



4. If a hole is reached, the forwarding will time out.

TDS seminar 24



5. The next closest nbr is then forwarded to.

TDS seminar 25



6. The message finally arrives at the destination.

bcast(<forward, <m, u, v, now>, u””, v>)

Georcv(m)

TDS seminar 26



7. Found messages are forwarded backwards to prevent reforwarding.

bcast(<found, <m, u, v, now>>)

TDS seminar 27

IntroductionIntroduction Model / VSAsModel / VSAs EmulationEmulation StabilizationStabilization Self-stab. emulationSelf-stab. emulation

VSA Layer emulation

An emulation (amap, tmap) of the VSA layer is:

TDS seminar 28


A VSA Emulation Algo [DGLLN’05]

Replicated state machine approach: Uses a totally ordered regional broadcast service. Emulates deterministic timed state machine. Each mobile node maintains state and processes messages as

if it was the VSA. Leader-based:

Only leader broadcasts on behalf of the VSA. Leader handles joins of new emulators to maintain

consistency. Provides real-time clock to VSA.

TDS seminar 29


VSA Emulation + Geocast algorithm

Q: What happens if we run the VSA layer emulation algorithm instantiated with the Geocast program?

A: We get a trace that maps to look just like a trace of a “real” VSA layer running Geocast, minus the region fails and restarts.

TDS seminar 30


Stabilization motivation

What if a system could get started in an arbitrary state?

What if system components could suffer from corruption faults?

TDS seminar 31


Stabilization preliminaries

A state-matched t-suffix of an (A,V)-sequence α:

More than one state-matched t-suffix can exist. If t < α.ltime, or t=α.ltime and α is closed,

then a state-matched t-suffix of α exists.

α’ α”tα:

TDS seminar 32


Stabilization

Let B be a set of (AB,V)-sequences,

C be a set of (AC,V)-sequences,

t be a non-negative real. B stabilizes in time t to C if each state-matched t-

suffix of each sequence in B is a sequence in C.

α’ α”t . . .

.:

B C

α”

. . . . .

TDS seminar 33


Stabilization results

Lemma (Restriction). Let A be a set of actions, V be a set of variables, and let B stabilize to C in time t.

{α┌(A,V)|α in B} stabilizes to {α┌(A,V)|α in C} in time t. Lemma (Transitivity). Let B stabilize to C in time t1, and

C stabilize to set D in time t2.

Then B stabilizes to D in time t1+t2.

TDS seminar 34


Self-stabilization

t.

state in L

TDS seminar 35


Self-stabilizing emulation

TDS seminar 36


Self-stabilizing emulation traces

b

ttrace:

tmap[alg](b)

tMtrace:

TDS seminar 37


Proof of Theorem 1

Proof sketch:

TDS seminar 38


Self-stabilization of emulation algo

Previously described emulation algorithm has been made self-stabilizing: Local checking. Periodic checksums.

TDS seminar 39


Htraces

TDS seminar 40


S-s emulations + s-s VLayer applications

TDS seminar 41


Self-stabilization of Geocast

Messages and versions of the DFS are identified with real-time timestamps.

Local checking allows the clean-up of expired or too early DFS attempts.

TDS seminar 42


S-s emulation + s-s geocast VLayer algo

TDS seminar 43


Relate back to VSA failure model…

Assume the example VSA fail/restart predicates. Can describe what it means for a region to be

definitely non-failed through traces of physical nodes interacting with RW.

Can describe weak physgeo spec.

Conclude that traces of U(amap[alggeo])||R(RW) stabilize to traces satisfying physgeo.

TDS seminar 44


MIT, Computer Sc. and AI Lab

Conclusions

The VSA programming layer: Provides a stationary, timed overlay network. Makes building other applications easier.

Self-stabilizing emulations allow us to write self-stabilizing applications over the VSA layer, and know we will eventually observe good behaviour.

self-stabilization and virtual node layer emulations

Documents

virtual node infrastructure

node changes region

example vsa layer

vn layer emulations

emulationvirtual node

physical nodes

underlying real mobile

geographical region