Stabilization, safety, and security of distributed systems

445 40 0
  • Loading ...
1/445 trang
Tải xuống

Thông tin tài liệu

Ngày đăng: 14/05/2018, 12:38

LNCS 10083 Borzoo Bonakdarpour Franck Petit (Eds.) Stabilization, Safety, and Security of Distributed Systems 18th International Symposium, SSS 2016 Lyon, France, November 7–10, 2016 Proceedings 123 Lecture Notes in Computer Science Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, Lancaster, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M Kleinberg Cornell University, Ithaca, NY, USA Friedemann Mattern ETH Zurich, Zurich, Switzerland John C Mitchell Stanford University, Stanford, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel C Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Dortmund, Germany Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbrücken, Germany 10083 More information about this series at http://www.springer.com/series/7407 Borzoo Bonakdarpour Franck Petit (Eds.) • Stabilization, Safety, and Security of Distributed Systems 18th International Symposium, SSS 2016 Lyon, France, November 7–10, 2016 Proceedings 123 Editors Borzoo Bonakdarpour McMaster University Hamilton, ON Canada Franck Petit LIP6, INRIA, UPMC Sorbonne Universities Paris France ISSN 0302-9743 ISSN 1611-3349 (electronic) Lecture Notes in Computer Science ISBN 978-3-319-49258-2 ISBN 978-3-319-49259-9 (eBook) DOI 10.1007/978-3-319-49259-9 Library of Congress Control Number: 2015943848 LNCS Sublibrary: SL1 – Theoretical Computer Science and General Issues © Springer International Publishing AG 2016 This work is subject to copyright All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed The use of general descriptive names, registered names, trademarks, service marks, etc in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made Printed on acid-free paper This Springer imprint is published by Springer Nature The registered company is Springer International Publishing AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland Preface The papers in this volume were presented at the 18th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), held November 8–10, 2016, in Lyon, France SSS is an international forum for researchers and practitioners in the design and development of distributed systems with self-* properties: self-stabilizing, selfconfiguring, self-organizing, self-managing, self-healing, self-optimizing, self-adaptive, self-repairing, self-protecting, etc They mainly aim to tolerate different kinds of undesirable phenomena without human intervention Research in distributed systems is now at a crucial point in its evolution, marked by the importance of dynamic systems such as peer-to-peer networks, large-scale wireless sensor networks, mobile ad hoc networks, cloud computing, mobile agent computing, opportunistic networks, and robotic networks Moreover, new applications with self-* requirements are currently coming up in different fields such as grid and Web services, banking and e-commerce, e-health and robotics, aerospace and avionics, automotive, and industrial process control, among others SSS started as the Workshop on Self-Stabilizing Systems (WSS), the first two of which were held in Austin in 1989 and in Las Vegas in 1995 Since 1995, the workshop has been held biennially; it was held in Santa Barbara (1997), Austin (1999), and Lisbon (2001) As interest grew and the community expanded, in 2003, the title of the forum was changed to the Symposium on Self-Stabilizing Systems (SSS) SSS was organized in San Francisco in 2003 and in Barcelona in 2005 As SSS broadened its scope and attracted researchers from other communities, significant changes were made in 2006 It became an annual event, and the name of the conference was changed to the International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS) From then, SSS conferences were held in Dallas (2006), Paris (2007), Detroit (2008), Lyon (2009), New York (2010), Grenoble (2011), Toronto (2012), Osaka (2013), Paderborn (2014), and Edmonton (2015) This year the Program Committee was organized into three groups reflecting the major trends related to self-* systems: (a) Self-* and Autonomic Computing, (b) Foundations, and (c) Networks, Multi-Agent Systems, and Mobility We received 53 submissions from 30 countries Each submission was reviewed by at least three Program Committee members with the help of external reviewers Out of the 53 submitted papers, 23 papers were selected for presentation The symposium also included nine short papers Selected papers from the symposium will be published in a special issue of Theory of Computing Systems (TOCS) journal This year, we were very fortunate to have three distinguished invited speakers: Hagit Attiya (Technion, Israel), Joseph Halpern (Cornell University, USA), and Maurice Herlihy (Brown University, USA) We would like to deeply thank the program vice chairs, Stéphane Devismes, Vijay Garg, Manish Parashar, Yvonne-Anne Pignolet, Sergio Rajsbaum, and Roger Wattenhofer We sincerely acknowledge the tremendous time and effort that the VI Preface Program Committee members have put in for the symposium We are grateful to the external reviewers for their valuable and insightful comments We also thank the members of the Steering Committee for their invaluable advice We gratefully acknowledge the publicity chair, Janna Burman, local organization chair, Eddy Caron, and the Organizing Committee members for their time and invaluable effort that greatly contributed to the success of this symposium Last but not least, on behalf of the Program Committee, we thank all the authors who submitted their work to SSS Finally, the process of paper submission, selection, and compilation of the proceedings was greatly simplified thanks to the strong and friendly interface of the EasyChair system (http://www.easychair.org) November 2016 Borzoo Bonakdarpour Franck Petit Organization General Chair Franck Petit UPMC, Sorbonne Universities, France Program Chair Borzoo Bonakdarpour McMaster University, Canada Vice Chairs Track 1: Self-* and Autonomic Computing Stéphane Devismes Manish Parashar University of Grenoble, France Rutgers University, USA Track 2: Foundations Vijay Garg Sergio Rajsbaum University of Texas Austin, USA UNAM, Mexico Track 3: Networks, Multi-Agent Systems, and Mobility Yvonne Anne Pignolet Roger Wattenhofer ABB Corporate Research, Switzerland ETH-Zurich, Switzerland Local Arrangements Chairs Eddy Caron Sara Bouchenak ENS de Lyon, LIP, France INSA Lyon LIRIS, France Publicity Committee Janna Burman (Chair) Anissa Lamani Fahiyeh Faghih University of Paris-Sud, France Kyushu University, Japan McMaster University, Canada Webmasters Daniel Balouek-Thomert Violaine Villebonnet ENS de Lyon/NewGeneration-SR, LIP, France Inria, LIP, Lyon, France VIII Organization Program Committee Self-* and Autonomic Computing Chairs: Stéphane Devismes and Manish Parashar Eddy Caron Abhishek Chandra Sylvie Delaet Simon Dobson Swan Dubois Pascal Felber Salima Hassas Taisuke Izumi Yoonhee Kim Adrian Lebre David Peleg Omer Rana Elad Schiller Alexander Schwarzmann Naveen Sharma Alan Sill Rafael Tolosana Volker Turau Giuseppe Valetto Vladimir Vlassov Yukiko Yamauchi Franco Zambonelli ENS de Lyon, LIP, France University of Minnesota, USA Université Paris Sud, LRI, France University of St Andrews, UK Université Pierre et Marie Curie, LIP6, France University of Neuchatel, Switzerland LIRIS, France Nagoya Institute of Technology, Japan Sookmyung Women’s University, South Korea Inria, France Weizmann Institute, Israel Cardiff University, UK Chalmers University, Sweden University of Connecticut, USA Rochester Institute of Technology, USA Texas Tech University, USA University of Zaragoza, Spain Hamburg University of Technology, Germany Fondazione Bruno Kessler, Italy KTH, Sweden Kyushu University, Japan University of Modena and Reggio Emilia, Italy Foundations Chairs: Vijay Garg and Sergio Rajsbaum Costas Busch Fathiyeh Faghih Ylies Falcone Panagiota Fatourou Leszek Gasieniec Danny Hendler Ted Herman Prasad Jayanti Kishore Kothapalli Evangelos Kranakis Fabian Kuhn Petr Kuznetsov Hammurabi Mendes Neeraj Mittal Achour Mostefaoui Louisiana State University, USA McMaster University, Canada University of Grenoble, France University of Ioannina, Greece University of Liverpool, UK Ben-Gurion University, Israel University of Iowa, USA Dartmouth College, USA IIIT Hyderabad, India Carleton University, Canada University of Freiburg, Germany Telecom ParisTech, France University of Rochester, USA University of Texas Dallas, USA University of Nantes, France Organization David Peleg Alper Sen Josef Widder Philipp Woelfel Weizmann Institute, Israel Bogazici University, Turkey TU Vienna, Austria University of Calgary, Canada Networks, Multi-Agent Systems, and Mobility Chairs: Yvonne Anne Pignolet and Roger Wattenhofer Lelia Blin Michael Borokhovich Shiri Chechik Yuval Emek Olga Goussevskaia Kim Larsen Stephan Holzer Francis Lau Erwan Le Merrer Uwe Nestmann Merav Parter Paolo Santi Christian Scheideler Gilles Tredan Masafumi Yamashita LIP6, France AT&T, USA Tel Aviv University, Israel Technion, Israel UFMG, Brazil Aalborg University, Denmark MIT, USA Hong Kong University, SAR China Technicolor, France TU Berlin, Germany MIT, USA MIT, USA University of Paderborn, Germany LAAS CNRS, France Kyushu University, Japan Steering Committee Anish Arora Ajoy K Datta (Chair) Shlomi Dolev Sukumar Ghosh Mohamed Gouda Ted Herman Toshimitsu Masuzawa Franck Petit Sébastien Tixeuil The Ohio State University, USA University of Nevada, Las Vegas, USA Ben-Gurion University of the Negev, Israel University of Iowa, USA National Science Foundation, USA University of Iowa, USA Osaka University, Japan UPMC, Sorbonne Universities, France UPMC, Sorbonne Universities, France Additional Reviewers Andrew Berns Wyatt Clements Hardy Corentin Alain Cournier Gianlorenzo D’Angelo Ajoy K Datta Klaus-Tycho Förster Robert Gmyr Emmanuel Godard Shreyas Gokhale Zhenhua Han Ladislas Jacobe de Naurois Christina Kolb Yavuz Koroglu Hari Krishnan Ivan Li IX Wait-Free Solvability of Colorless Tasks 417 and the present paper is that they have assumed traditional single-writer/multireader (SWMR) registers Thus, their results are not immediately applicable to our setting, where processes are not allowed to use identifiers at all and assume MWMR registers To summarize, the major contributions of the present paper are: Full-information protocol We propose the anonymous full-information protocol for colorless tasks; Characterization We give a topological characterization of colorless tasks that are wait-free solvable in the model; Computational equality We show that the computational power of the anonymous model is essentially the same as that of the non-anonymous one, as long as colorless tasks are concerned This leads to the undecidability of the wait-free solvability of decision tasks in the anonymous model This paper is organized as follows Section provides some basic definitions and elementary facts in combinatorial topology Section describes the anonymous asynchronous shared-memory model and the colorless task In Sect 4, we give a formal and detailed description of the anonymous full-information protocol and study its space complexity Section presents our main results, a characterization of colorless tasks that are wait-free solvable in the anonymous model and the computational equality between the anonymous model and the nonanonymous one Section concludes the paper and presents directions for further research Related Work Colorless tasks have been firstly introduced by Herlihy and Rajsbaum [18], under the name of convergence tasks, to analyze decidability of distributed decision tasks Herlihy and Rajsbaum [20] have given a characterization of colorless tasks that are solvable in the non-anonymous asynchronous shared-memory model with adversarial schedulers characterized by core and survivor set [26] Mendes et al [28] have given a necessary and a sufficient condition for colorless tasks to have a t-resilient protocol in asynchronous Byzantine systems Herlihy et al [23] have given a topological characterization of colorless tasks that are solvable with n processes in the d-solo model Herlihy et al [17] have discussed (non-anonymous) colorless protocols, in which each process only uses process identifiers for accessing shared objects In other words, the local computation of each process is ignorant of process identifiers Our anonymous full-information protocol can be seen as a totally anonymous variant of the colorless layered immediate snapshot protocol, found in Chap of [17] Gafni and Koutsoupias [15] have firstly shown that the wait-free solvability for three or more processes is undecidable in the non-anonymous asynchronous shared-memory model This undecidability result has been extended to encompass other models by Herlihy and Rajsbaum [18] 418 N Yanagisawa Guerraoui and Ruppert [16] have studied, for the first time, which object can be implemented in the anonymous asynchronous shared-memory model prone to crash failures Especially, they propose an anonymous wait-free implementation of the atomic snapshot object Ruppert [29] has been investigated the wait-free solvability of consensus and naming in anonymous systems with shared objects of various types To the best of author’s knowledge, the nature of the failureprone anonymous model has not been well-studied, not only from the topological viewpoint but also from the operational one Several papers have investigated computability issues over the failure-free anonymous asynchronous shared-memory model with MWMR atomic registers Attiya et al [5] have shown that consensus is solvable in the model, in which shared registers are initialized to some default value, and the number of processes is not known They have also given a characterization of the class of consensus-like decision tasks, called agreement tasks, that are solvable in the model Besides, Jayanti and Toueg [25] have shown that consensus is not solvable if shared registers are not initialized to any known state There have been many papers, starting from [2], that have investigated the computability and complexity of the anonymous message-passing model There has been a series of works, starting from [8], that have investigated the homonymous message-passing model, in which distinct identifiers are assigned to n processes (1 ≤ ≤ n) and several processes may be assigned the same identifier The anonymous model and the non-anonymous model can be seen as the two extreme cases of the homonymous model, i.e., = and = n DelporteGallet et al have studied necessary and sufficient conditions for the Byzantine agreement problem to be solvable in both the asynchronous model [8,9] and the synchronous model [10] Topological Preliminaries In this section, we briefly present some topological notions that are commonly used in the topological theory of distributed computing See [17] or [30] for more detailed discussions 2.1 Abstract Simplicial Complex A finite abstract simplicial complex K on a finite set V (K) of vertices is a family of nonempty subsets of V (K), called abstract simplices, such that {v} ∈ K for every v ∈ V (K) s ∈ K and s ⊆ s imply s ∈ K If there is no ambiguity, we occasionally write simplex and complex, dropping the prefix ‘abstract’ A subset of a simplex s is called a face of s A subcomplex L of a complex K is a subset of K that is also a complex The closure of S ⊆ K, denoted by Cl S, is the smallest subcomplex of K that contains S Wait-Free Solvability of Colorless Tasks 419 A simplex s ∈ K is said to be of dimension #s − 1, denoted by dim s, where #s represents the cardinality of s The dimension of a complex K, denoted by dim K, is defined to be the maximum dimension of simplices contained in K The k-skeleton skelk K of a complex K is a subcomplex of K such that skelk K = {s ∈ K | dim s ≤ k} Let K1 and K2 be complexes A simplicial map φ : K1 → K2 is a function from V (K1 ) to V (K2 ) such that s ∈ K1 implies φ(s) ∈ K2 , where φ(s) is the image of s It is easy to see that the composition of any two simplicial maps is also a simplicial map A carrier map Φ from K1 to K2 is a mapping Φ : K1 → 2K2 such that Φ(s) is a subcomplex of K2 for every s ∈ K1 s ∈ K1 and s ⊆ s imply Φ(s ) ⊆ Φ(s) We write Φ(L1 ) = ∪s∈L1 Φ(s) for a subcomplex L1 of K1 Any pair of carrier maps are composed to a carrier map in a trivial way 2.2 Geometric Realization Given an abstract simplicial complex K, we associate a corresponding topological space |K| ⊆ IRd , called the geometric realization of K, for a sufficiently large positive integer d For a simplex s = {v0 , , } ∈ K, |s| denotes the convex hull of v0 , , that are placed in IRd in affinely independent positions Let |K| = ∪s∈K |s|, the union of all convex hulls of simplices in K so that every set of common faces of simplices are identified This construction is unique up to homeomorphism Let K1 and K2 be complexes, and φ : K1 → K2 be a simplicial map The map φ induces a continuous map |φ| : |K1 | → |K2 | such that |φ| maps |v| ∈ |skel0 K1 | to |φ(v)| ∈ |skel0 K2 |, and is extended linearly to other points in |K1 | Let f : |K1 | → |K2 | be a continuous map and Δ : K1 → K2 be a carrier map The map f is said to be carried by Δ if f (|s|) ⊆ |Δ(s)| for every s ∈ K1 A simplicial map φ : K1 → K2 is called a simplicial approximation to f if f (x) ∈ |s2 | implies |φ|(x) ∈ |s2 | for every x ∈ |K1 | and s2 ∈ K2 Lemma ([30, Corollary 3.4.4]) Let f : |K1 | → |K2 | be a continuous map such that f (|L1 |) ⊆ |L2 | for L1 ⊆ K1 and L2 ⊆ K2 and let φ : K1 → K2 be a simplicial approximation to f Then φ|L1 maps L1 to L2 and is a simplicial approximation to f ||L1 | 2.3 Barycentric Subdivision A complex K1 is said to be a subdivision of a complex K2 if |K1 | = |K2 |, and furthermore, for each simplex s2 ∈ K2 , there is a subcomplex L1 of K1 such that |s2 | = |L1 | Let K be a complex Its barycentric subdivision, denoted by BaryK, is defined to be a complex whose every vertex is a simplex of K A simplex of BaryK is a 420 N Yanagisawa Fig A complex K and its barycentric subdivision BaryK set {s0 , , sk } such that s0 ⊆ · · · ⊆ sk To see that the barycentric subdivision is actually a subdivision, see the example Fig Bary s denotes Bary Cl {s} for s ∈ K The barycentric subdivision induces a carrier map from K to BaryK, by which s ∈ K is mapped to Bary s The carrier map is denoted by Bary : K → BaryK for an abuse of notation We write Baryb K for the b-iterated barycentric subdivision of K, that is, Baryb K = Bary(Baryb−1 K) with Bary0 K = K Lemma ([17, Theorem 3.7.5]) Let K1 and K2 be simplicial complexes Given a continuous map f : |K1 | → |K2 |, there is a non-negative integer b such that f has a simplicial approximation φ : Baryb K1 → K2 Anonymous Model and Colorless Tasks In this section, we briefly describe the anonymous asynchronous shared-memory model and the colorless tasks 3.1 Anonymous Asynchronous Shared-Memory Model In the anonymous asynchronous shared-memory model [5], a distributed system consists of n + sequential processes that have no identifiers The processes are programmed identically and communicate through reliable MWMR atomic registers, which are initialized to some default value A register is said to be bounded (resp., unbounded ) if the set of values that can be stored in the register is finite (resp., infinite) We assume that an arbitrary number of processes may fail by crashing, in which case they simply halt and remain silent Moreover, we assume that the number of processes is known in advance In this paper, we are solely concerned with wait-free protocols, in which every non-faulty process terminates in a finite number of steps regardless of other processes’ behavior We call a protocol that works in the anonymous model an anonymous protocol We sometimes refer to the processes by unique identifiers p0 , , pn for the convenience of exposition, but processes themselves have no means to access these identifiers Wait-Free Solvability of Colorless Tasks 421 Without loss of generality, we may assume that, in addition to the ordinary atomic registers, processes can communicate through MWMR atomic snapshot objects [16], which have an anonymous wait-free implementation from atomic registers An atomic snapshot object consists of m-component (1 < m < ∞), and supports two types of operations updatei and scan Each updatei operation atomically writes a value into the i-th component, and each scan operation atomically reads the contents of all the components The traditional asynchronous shared-memory model [27], in which processes have unique identifiers and are capable of using them, is referred to as the non-anonymous asynchronous shared-memory model A protocol for the nonanonymous model is called a non-anonymous protocol 3.2 Colorless Tasks Throughout this paper, we are solely concerned with a class of decision tasks called colorless tasks [17] Definition A colorless task is a triple T = (I, O, Δ), where I and O are simplicial complexes and Δ : I → 2O is a carrier map We assume that dim I < n + and dim O < n + I and O are called input complex and output complex, respectively The set of vertices V (I) (resp., V (O)) consists of possible input (resp., output) values for the system Each simplex in I (resp., O) represents a possible set of inputs (resp., output) values of the task Being colorless, values in V (I) nor V (O) contains no information on processes’ identifiers A colorless task specifies protocols in the following way: Each process starts with its own input value v ∈ V (I), where distinct processes can have the same input value In each execution path, if the set of all input values s is in I, then the set of all output values must be in Δ(s) If there is an anonymous (resp., non-anonymous) wait-free protocol that realizes such executions, we say that the colorless task is anonymously (resp., nonanonymously) wait-free solvable The following observation holds because every anonymous protocol trivially works as a non-anonymous one Lemma If a colorless task T is anonymously wait-free solvable, T is also non-anonymously wait-free solvable Colorless tasks cover a significant class of decision tasks, e.g., consensus, kset agreement, and loop agreement tasks [14], [6], [19], [17] On the other hand, they not cover decision tasks concerning process identifiers (e.g., renaming task [4]) and ones with unbounded input values (e.g., approximate agreement task [11]) Let us see some examples of colorless tasks We define D2 = {{0}, {1}, {2}, {0, 1}, {1, 2}, {2, 0}, {0, 1, 2}} 422 N Yanagisawa Example Let b be a positive integer The b-iterated barycentric agreement task with an input complex I is a colorless task Tb = (I, Baryb I, Baryb ) We will see later that Tb is anonymously wait-free solvable for any input complex I Example The k-set agreement task with an input complex I is a colorless task T = (I, skelk I, skelk ), where skelk s is defined to be skelk (Cl {s}) for s ∈ I It is known that T is not non-anonymously wait-free solvable for k < n + [17,24] Example Assume that K is a 2-dimensional complex, and loop in K, which is divided into three distinct edge path 0,1 , v0 , v1 , v2 (see Fig 2) is a simple edge 1,2 , 0,2 by points Fig A 2-dim complex K and a simple edge loop The loop agreement task with a triangle loop is a colorless task TK, = (D2 , K, Δ), where the carrier map Δ is defined by ⎧ ⎪ if s = {i}, ⎨vi Δ(s) = if s = {i, j}, ≤ i < j ≤ 2, i,j ⎪ ⎩ K if s = {0, 1, 2} See [19] or [17] for more detailed treatments of the loop agreement task The followings are the fundamental theorems about the non-anonymous waitfree solvability of colorless tasks Theorem ([20, Theorem 4.3]) A colorless task T = (I, O, Δ) is nonanonymously wait-free solvable if and only if there is a continuous map f : |I| → |O| carried by Δ Theorem ([18, Theorems and 2]) It is undecidable whether a given loop agreement task is non-anonymously wait-free solvable, where n ≥ Theorem characterize the non-anonymous wait-free solvability of colorless tasks in a purely topological manner and Theorem implies the undecidability of general decision tasks for three or more processes In Sect 5, we will establish counterparts to these theorems for the anonymous systems Wait-Free Solvability of Colorless Tasks 423 Full-Information Protocol and Space Complexity In this section, we introduce a full-information protocol for anonymous systems and study its space complexity 4.1 Anonymous Full-Information Protocol We propose an anonymous full-information protocol, a generic form of protocol that can instantiate any implementable protocol for colorless tasks The protocol makes use of multiple atomic snapshot objects and is a variant of the (nonanonymous) colorless layered immediate snapshot protocol [17], which makes use of SWMR immediate snapshot objects This universality of our protocol will be shown in Sect The fundamental idea that makes the protocol full-informative, even in the anonymous setting, is to let processes write the same value to the same component of an atomic snapshot object This implies that once a value written to a component, the value is never overwritten by a different value To achieve this, we index components by possible values to be written, in place of process identifiers, and permit each process to write a value v only to a register indexed by the very value v Figure presents the anonymous full-information protocol for a colorless task T = (I, O, Δ) The protocol, denoted by P(b,δ) , is characterized by two parameters, i.e., a non-negative integer b and a simplicial map δ : Baryb I → O, called a decision map The protocol uses b distinct atomic snapshot object SM0 , , SMb−1 , where each SM is an m -component atomic snapshot object with m being the cardinality of V (Bary I) Let f : V (Bary I) → [#Bary I] be an injective map for = 0, , b − 1, where [#Bary I] denotes the set of natural numbers less than #Bary I Fig An anonymous full-information protocol P(b,δ) In the protocol P(b,δ) , each process starts with its private input value (line 1) and assigns the value to a local variable view (line 2) Next, the process iterates btimes, writing its view to the component indexed by f (view), taking a snapshot and updating its view (line 3–6) Then the process determines its output value by applying the map δ to the value of view (line 7) 424 N Yanagisawa Example 10 Figure represents an execution path of the protocol P (2, δ) In the figure, the process q starts with value 0, writes its view to the component of SM0 indexed by f0 (0), and takes a snapshot, updating the view by the result {0, 1} of the snapshot, whilst the other processes p and r interleave their updates and scans The protocol execution finishes with process q’s write of its view to the component of SM1 indexed by f1 ({0, 1}) and a snapshot, updating the view by the result {{0}, {0, 1}} of the most recent snapshot Finally, the process q halts with its output δ({{0}, {0, 1}}) Fig An execution of P(2,δ) It might look redundant to hold a value v at each component indexed by the very same value v As a matter of fact, it is enough to write a constant value, say 1, to each component, which is initially 0, as presented in Fig However, we stick to the presentation in Fig because it corresponds fairly well to the colorless layered immediate snapshot protocol [17] and is easier to understand Theorem 11 The full-information protocol P (b, id) solves the b-iterated barycentric subdivision task Tb = (I, Baryb I, Baryb ) for any input complex I, where id : Baryb I → Baryb I denotes an identity map Proof We prove the theorem by induction on b The base case basically follows the structure of the proof of Theorem 4.2.8 in [17] For the base case b = 1, assume that the set of all inputs to P (1, id) is s ∈ I, and si is the output value of the process pi It holds that si ⊆ s for any i, and either si ⊆ sj or sj ⊆ si for any i and j by the atomicity of the atomic snapshot object Thus, the set of all outputs of P (1, id) must be t = {si0 , , sik } for some chain si0 ⊆ · · · ⊆ sik t is a simplex of Bary s by the definition, and this shows that P (1, id) solves T1 Wait-Free Solvability of Colorless Tasks 425 Fig A variant of P (b, δ) that writes only 1-bit For the induction step, we prove that the protocol P (b, id) solves the task Tb = (I, Baryb I, Baryb ) The protocol P (b, id) can be seen as a successive execution of protocols P (b − 1, id) and P (1, id) as shown in Fig 6, where input complexes for P (b − 1, id) and P (1, id) are I and Baryb−1 I respectively Note that P (b − 1, id) and P (1, id) use distinct atomic snapshot objects Fig Protocol P (b, id), unwound If the set of all inputs to P (b, id) is s ∈ I, the set of all inputs to the subprotocol P (b − 1, id) is s or its face In that case, the set t of all outputs of P (b − 1, id) is in Baryb−1 s by induction hypothesis Then, the set of all inputs to the subprotocol P (1, id) is t or its face, and the set of all outputs of P (1, id) is in Bary t, which is a subcomplex of Baryb s, by the case of b = This implies that P (b, id) solves Tb = (I, Baryb I, Baryb ) 4.2 Space Complexity of Anonymous Protocols The anonymous protocol P (b, δ) makes use of a considerably larger number of registers compared to the corresponding non-anonymous protocol that has the same computational power as P (b, δ) The protocol P (b, δ) uses b distinct (#Bary I)-component atomic snapshot object for = 0, , b − 1, where I is the input complex Currently, only a few anonymous wait-free implementation of the atomic snapshot object are known Here we make use of the one proposed by Guerraoui and Ruppert [16] and Ellen et al [12], which uses m + (n + 1) unbounded registers for the m-component snapshot Thus, the number of registers used in the protocol is #Bary I + (n + 1) = =0, ,b−1 #Bary I + b(n + 1) =0, ,b−1 426 N Yanagisawa An m-component atomic snapshot object needs m+(n+1) unbounded registers, even if each update operation only writes 1-bit Let k be dim I It is easy to see that #Baryb I > (k!)b by counting k-dimensional faces of Baryb I Thus, the protocol makes use of more than (k!)b + b(n + 1) unbounded registers On the other hand, the non-anonymous protocol, presented in Fig 7, only makes use of b distinct single-writer (n + 1)-component snapshot objects, and wait-free solves the class of colorless tasks solved by P (b, δ) precisely It is known that n + unbounded registers are enough for non-anonymous wait-free implementation of the single-writer (n + 1)-component snapshot object [1] Thus, the protocol uses only b(n + 1) unbounded registers Fig A non-anonymous full-information protocol for pi The above observation implies that the protocol P (b, δ) requires much more registers compared to the corresponding non-anonymous one, especially when the dimension of the input complex I and the number of iteration b are large Characterization of Wait-Free Solvability We give a topological characterization of colorless tasks that are anonymously wait-free solvable The characterization is formally stated as follows Theorem 12 A colorless task T = (I, O, Δ) is anonymously wait-free solvable if and only if there is a continuous map f : |I| → |O| carried by Δ Proof The only if part immediately follows from Lemma and Theorem For the if part, let f : |I| → |O| be a continuous map carried by Δ and δ : Baryb I → O be its simplicial approximation Lemma implies that δ satisfies δ(Baryb s) ⊆ Δ(s) for every s ∈ I We now prove that the full-information protocol P (b, δ) solves the task T for the above b and δ The protocol P (b, δ) can be seen as an operation, in which each process executes the protocol P (b, id) as a subprotocol, and then the process determines its output according to the decision map δ If the set of all inputs to P (b, δ) is s ∈ I, the set of all outputs of the subprotocol P (b, id) must be in t ∈ Baryb s by Theorem 11, and it is mapped into Δ(s) by δ : Baryb I → O This completes the proof Wait-Free Solvability of Colorless Tasks 427 The theorem shows that the anonymous wait-free solvability of colorless tasks can be characterized in a purely topological manner with no explicit mention to a concrete protocol or its executions A colorless task T = (I, O, Δ) is anonymously wait-free solvable if and only if there is a continuous map f : |I| → |O|, which is consistent with the carrier map Δ The proof of Theorem 12 also implies that the anonymous full-information protocol is universal for colorless tasks, i.e., every anonymously wait-free solvable colorless task is solved by the anonymous full-information protocol Interestingly, the solvability condition of Theorem 12 is superficially the same as one for the non-anonymous model Theorems and 12 establish the following computational equality Theorem 13 A colorless task is anonymously wait-free solvable if and only if it is non-anonymously wait-free solvable As a consequence of Theorem 13, the following undecidability results hold Proposition 14 It is undecidable whether a loop agreement task is anonymously wait-free solvable, where n ≥ Proof The proposition is clear from Theorems and 13 Proposition 15 It is undecidable whether a decision task, which is not necessarily colorless, is wait-free solvable in the anonymous asynchronous sharedmemory model, where n ≥ Proof The proposition immediately follows from Proposition 14 because general decision tasks include colorless tasks We can also show that the classification of loop agreement tasks [19] is possible in the anonymous asynchronous shared-memory model This means that there is an infinite hierarchy based on the mutually implementability of colorless tasks in the anonymous model as so is in the non-anonymous one The proof is similar to the non-anonymous case [17,19] Conclusion and Further Research We have extended the topological theory of distributed computing to encompass the anonymous asynchronous shared-memory model, in which the number of processes is a priori known Specifically, we have proposed the anonymous full-information protocol and given a topological characterization of colorless tasks that are wait-free solvable in the model Our characterization implies that the anonymity does not reduce, as long as colorless tasks are concerned, the computational power of the asynchronous shared-memory model We have also proved that the wait-free solvability of general decision tasks is undecidable in the anonymous model It is easy to see that the very same results would hold for the homonymous asynchronous shared-memory model prone to crash failures, because the 428 N Yanagisawa homonymous model [8] is at least as powerful as the anonymous model On the other hand, we cannot immediately extend our results to anonymous system with unbounded number of processes, because existing anonymous wait-free implementations of atomic snapshot object inherently use the information about the number of processes in the system [16] A promising research direction would be to extend our characterization to the case of general decision tasks, giving a totally anonymous version of the asynchronous computability theorem [24] To this, our anonymous full-information protocol is insufficient because the protocol is ignorant of the initial values given to the processes We would need to devise a new full-information protocol, which conveys richer information including initial values of processes It would also be interesting to investigate solvability of colorless tasks in the anonymous model with adversarial schedulers that are characterized by core and survivor set [26] The situation would be harder than the non-anonymous case [20] because physically different processes with the same local state are indistinguishable, and thus each process cannot simply wait for other processes in the anonymous model, even if only a few processes would fail Acknowledgement I would like to express my gratitude to Prof Susumu Nishimura for enlightening discussion and helpful advice on writing this paper References Afek, Y., Attiya, H., Dolev, D., Gafni, E., Merritt, M., Shavit, N.: Atomic snapshots of shared memory J ACM 40(4), 873–890 (1993) Angluin, D.: Local and global properties in networks of processors In: Proceedings of 12th ACM Symposium on Theory of Computing, pp 82–93 ACM, New York (1980) Angluin, D., Aspnes, J., Diamadi, Z., Fischer, M.J., Peralta, R.: Computation in networks of passively mobile finite-state sensors Distrib Comput 18(4), 235–253 (2006) Attiya, H., Bar-Noy, A., Dolev, D., Peleg, D., Reischuk, R.: Renaming in an asynchronous environment J ACM 37(3), 524–548 (1990) Attiya, H., Gorbach, A., Moran, S.: Computing in totally anonymous asynchronous shared memory systems Inf Comput 173(2), 162–183 (2002) Chaudhuri, S.: More choices allow more faults: set consensus problems in totally asynchronous systems Inf Comput 105(1), 132–158 (1993) Chothia, T., Chatzikokolakis, K.: A survey of anonymous peer-to-peer file-sharing In: Enokido, T., Yan, L., Xiao, B., Kim, D., Dai, Y., Yang, L.T (eds.) EUC 2005 LNCS, vol 3823, pp 744–755 Springer, Heidelberg (2005) doi:10.1007/11596042 77 Delporte-Gallet, C., Fauconnier, H., Guerraoui, R., Kermarrec, A.M., Ruppert, E., et al.: Byzantine agreement with homonyms In: Proceedings of 30th ACM SIGACTSIGOPS Symposium on Principles of Distributed Computing, pp 21–30 ACM, New York (2011) Delporte-Gallet, C., Fauconnier, H., Guerraoui, R., Kermarrec, A.M., Ruppert, E., et al.: Byzantine agreement with homonyms Distrib Comput 26(5–6), 321–340 (2013) Wait-Free Solvability of Colorless Tasks 429 10 Delporte-Gallet, C., Fauconnier, H., Tran-The, H.: Byzantine agreement with homonyms in synchronous systems In: Bononi, L., Datta, A.K., Devismes, S., Misra, A (eds.) ICDCN 2012 LNCS, vol 7129, pp 76–90 Springer, Heidelberg (2012) doi:10.1007/978-3-642-25959-3 11 Dolev, D., Lynch, N.A., Pinter, S.S., Stark, E.W., Weihl, W.E.: Reaching approximate agreement in the presence of faults J ACM 33(3), 499–516 (1986) 12 Ellen, F., Fatourou, P., Ruppert, E.: The space complexity of unbounded timestamps Distrib Comput 21(2), 103–115 (2008) 13 Fich, F., Ruppert, E.: Hundreds of impossibility results for distributed computing Distrib Comput 16(2–3), 121–163 (2003) 14 Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process J ACM 32(2), 374–382 (1985) 15 Gafni, E., Koutsoupias, E.: Three-processor tasks are undecidable SIAM J Comput 28(3), 970–983 (1999) 16 Guerraoui, R., Ruppert, E.: Anonymous and fault-tolerant shared-memory computing Distrib Comput 20(3), 165–177 (2007) 17 Herlihy, M., Kozlov, D., Rajsbaum, S.: Distributed Computing Through Combinatorial Topology Morgan Kaufmann, San Francisco (2013) 18 Herlihy, M., Rajsbaum, S.: The decidability of distributed decision tasks In: Proceedings of Symposium on Theory of Computing, pp 589–598 ACM, New York (1997) 19 Herlihy, M., Rajsbaum, S.: A classification of wait-free loop agreement tasks Theor Comput Sci 291(1), 55–77 (2003) 20 Herlihy, M., Rajsbaum, S.: The topology of shared-memory adversaries In: Proceedings of 29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, pp 105–113 ACM, New York (2010) 21 Herlihy, M., Rajsbaum, S.: Simulations and reductions for colorless tasks In: Proceedings of 2012 ACM Symposium on Principles of Distributed Computing, pp 253–260 ACM, New York (2012) 22 Herlihy, M., Rajsbaum, S., Raynal, M.: Power and limits of distributed computing shared memory models Theor Comput Sci 509, 3–24 (2013) 23 Herlihy, M., Rajsbaum, S., Raynal, M., Stainer, J.: Computing in the presence of concurrent solo executions In: Pardo, A., Viola, A (eds.) LATIN 2014 LNCS, vol 8392, pp 214–225 Springer, Heidelberg (2014) doi:10.1007/978-3-642-54423-1 19 24 Herlihy, M., Shavit, N.: The topological structure of asynchronous computability J ACM 46(6), 858–923 (1999) 25 Jayanti, P., Toueg, S.: Wakeup under read/write atomicity In: Leeuwen, J., Santoro, N (eds.) WDAG 1990 LNCS, vol 486, pp 277–288 Springer, Heidelberg (1991) doi:10.1007/3-540-54099-7 19 26 Junqueira, F.P., Marzullo, K.: Synchronous consensus for dependent process failures In: Proceedings of 23rd International Conference on Distributed Computing Systems, pp 274–283 IEEE (2003) 27 Lynch, N.A.: Distributed Algorithms Morgan Kaufmann, San Francisco (1996) 28 Mendes, H., Tasson, C., Herlihy, M.: Distributed computability in Byzantine asynchronous systems In: Proceedings of 46th ACM Symposium on Theory of Computing, pp 704–713 ACM, New York (2014) 29 Ruppert, E.: The anonymous consensus hierarchy and naming problems In: Tovar, E., Tsigas, P., Fouchal, H (eds.) OPODIS 2007 LNCS, vol 4878, pp 386–400 Springer, Heidelberg (2007) doi:10.1007/978-3-540-77096-1 28 30 Spanier, E.: Algebraic Topology, vol 55 McGraw-Hill, New York (1966) (reprinted by Springer-Verlag) Author Index Acharya, H.B 190 Altisen, Karine Inoue, Michiko 195 Izumi, Taisuke 94 Balabonski, Thibaut Beauquier, Joffroy 20 Binun, Alexander 36 Blanchard, Peva 20 Bouchenak, Sara 298 Bournat, Marjorie 54 Bramas, Quentin 70, 88 Burman, Janna 20 Busch, Costas 327 Johnen, Colette Kassi-Lahlou, Mohammed 36 Khanchandani, Pankaj 213 Kijima, Shuji 383, 399 Köhler, Sven 185 Kulkarni, Sandeep S 310 Kuznetsov, Petr 154 Canepa, Davide 94 Castañeda, Armando 109 Cohen, Johanne 126 Coupaye, Thierry 36 Dambreville, Alexandre Datta, Ajoy K 1, 54 Defago, Xavier 94 Delga, Amélie Delporte, Carole 109 Denysyuk, Oksana 20 Devismes, Stéphane Dolev, Shlomi 36 Dubois, Swan 54 Durand, Anaïs Even, Guy 185 126 131 Fauconnier, Hugues 109 Foreback, Dianne 70, 148 Fraigniaud, Pierre 154 Gmyr, Robert 248 Godard, Emmanuel 170 Gouda, Mohamed G 190 Haddad, Mohammed 185 Heule, Marijn J.H 190 Lacoste, Marc 36 Landsiedel, Olaf 231 Larmore, Lawrence L Lefèvre, Jonas 248 Lenzen, Christoph 213, 263 Levé, Florence 281 Medina, Moti 131 Mohamed, Khaled 281 Nesterenko, Mikhail Ooshita, Fukuhito 70, 148 195 Palesandro, Alex 36 Patt-Shamir, Boaz 131 Perronne, Lucas 298 Petig, Thomas 231 Potop-Butucaru, Maria 94 Rabie, Mikaël 304 Rai, Suresh 327 Rajsbaum, Sergio 109, 154 Raynal, Michel 109 Reaz, Rezwana 190 Rieg, Lionel Rieutord, Thibault 154 Roohitavaf, Mohammad 310 Rybicki, Joel 263 Scheideler, Christian 248 Schiller, Elad M 231 432 Author Index Sharma, Gokarna 327 Siegemund, G 346 Su, Lili 352, 368 Tixeuil, Sébastien 7, 70, 88, 148, 195 Tomasik, Joanna 126 Trahan, Jerry L 327 Travers, Corentin 154 Turau, V 346 Uehara, Taichi 383 Urbain, Xavier Vaidya, Nitin H 352, 368 Vaidyanathan, Ramachandran Villain, Vincent 281 327 Yagel, Reuven 36 Yakami, Takahiro 399 Yamashita, Masafumi 383, 399 Yamauchi, Yukiko 383, 399 Yanagisawa, Nayuta 415 Yankulin, Leonid 36 ... Gewerbestrasse 11, 6330 Cham, Switzerland Preface The papers in this volume were presented at the 18th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), held November... http://www.springer.com/series/7407 Borzoo Bonakdarpour Franck Petit (Eds.) • Stabilization, Safety, and Security of Distributed Systems 18th International Symposium, SSS 2016 Lyon, France, November... the name of the conference was changed to the International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS) From then, SSS conferences were held in Dallas (2006), Paris
- Xem thêm -

Xem thêm: Stabilization, safety, and security of distributed systems , Stabilization, safety, and security of distributed systems , 2 Formalisation, and Key Points to Prove Correctness, 2 Behaviour, Oracle, Problem and Implementation, 2 ? Is the Weakest Oracle for SSLE over Rings, 2 A Version of Cole and Vishkin's Algorithm Suited to a Ring, 3 Wait-Free Algorithm: Then a Local Simulation Stage of AST-CV

Mục lục

Xem thêm

Gợi ý tài liệu liên quan cho bạn

Nhận lời giải ngay chưa đến 10 phút Đăng bài tập ngay