Self-stabilization%20and%20Virtual%20Node%20Layer%20Emulations

1
Self-stabilization and Virtual Node Layer
Emulations

• Tina Nolte, Nancy Lynch
• (MIT CSAIL)

2
Main Topics

• Virtual Node layer emulations
• VSA layer.
• Example VSA layer application.
• VSA layer emulation.
• Stabilization and Self-stabilization
• Def. for TIOA setting.
• Application to VN layer emulations.

3
Mobile Networks

• Increasingly common and important.
• Ad hoc network scenarios
• Rescue workers
• Soldiers in battle
• Robots in novel location
• Cooperative driving
• Mobile object tracking

4
Motivation

• But application design is hard!
• No infrastructure
• Unpredictable reliability
• Unpredictable motion
• Unpredictable communication

5
Virtual Node Layers

• Q How do we simplify application design for
  mobile ad hoc networks?
• A Virtual node infrastructure
• Virtual timed automata
• Fixed virtual automata locations

Application
Virtual Node Layer
6
Prior Virtual Node Work

• Virtual Storage GeoQuorums DGLSW03
• Atomic read/write memory
• Virtual Mobile Nodes DGLSSW04, DGSSW05
• Untimed automata
• Mobile
• Virtual Stationary Automata
• Timed automata
• Stationary

7
Virtual Infrastructures
8
GeoCast DLLN05

• Route message to a geographical region.

9
Timed I/O Automata (TIOA) KLSV06

• Nondeterministic state machine whose state can
  change via discrete transitions or according to
  trajectories.
• A TIOA consists of
• X internal variables
• Q val(X) states
• T Q start states, nonempty
• I input actions
• O output actions EIO
• H internal actions AIOH
• D QxAxQ discrete transitions
• T trajectories of Q trajectories

10
TIOA cont.

• Composition AB of compatible A and B
• (A,V)-sequence act1, traj1, act2, traj2,
• Executions and execution fragments
• Traces and trace fragments
• (A,V)- restriction of an (A,V)-sequence

11
Physical Layer Model

• Carve space up into regions w/ids in U.
• Physical layer (mobile node) assumptions
• TIOAs
• Local Broadcast communication (only)
• Atomic broadcast within a region.
• Guaranteed timely delivery.
• Might fail and restart.
• Access to RW.

12
RW

• Source of consistency
• Location/ region information.
• Synchronized real-time clocks.
• Refreshed at each node every esample time and
  whenever node changes region or fail status.
• Reasonable assumption.

13
VSA Layer

• Mobile nodes.
• Virtual Stationary
• Automata (VSAs)
• Timed.
• Predetermined regions and programs.
• V-bcast service
• VSAs and mobile nodes in same and neighboring
  regions can communicate.
• Similar comm guarantees as with physical nodes.
• RW

14
What is a VSA?

• Implemented by the underlying real mobile nodes
  and their broadcast services.
• What abstract machines can we emulate?
• Automata with real-time clocks.
• Necessary for many control applications.
• Can broadcast and receive messages.
• Can crash, restart.
• We provide delay-augmented VSAs
• Abstract machines with delayed broadcasts.

15
RW

• RW augmented with region fail/restart.
• Region failure predicates over RW exe history
• failprecu an alive region is allowed to fail
• failstopu an alive region must fail
• Region restart predicates over RW exe history
• restartprecu a failed region is allowed to
  restart
• restartstopu a failed region must restart

16
Physical and virtual layer diagrams
RW

GPSupdate(u,now)p
failv
GPSupdate(u,now)p
failp
restartq
restartv
restartp
failq
failu
restartu
GPSupdate(u,now)q
Pp
Pq
C /
C /
Vu
Vv


bcast(m)p
bcast(m)q
bcast(m)u
bcast(m)v
brcv(m)v
brcv(m)u
bcrcv(m)p
bcrcv(m)q
P-bcast
V /
17
VSA Layer programs

• A V-algorithm, alg, is a mapping from
• Mobile node ids to client TIOAs
• Region ids to VSA TIOAs
• Valgs is the set of all V-algorithms
• Vlayeralg is the instantiation by alg of the
  abstract VSA layer.
• Vlayeralg is composition of V-bcast, Douteu
  for u in U, and alg(q) for q in PU, with bcast
  action between VSA and Dout hidden.

18
Application algGeo DLLN05

• Timed channel automaton allowing geocast, georcv.
• Say geocast by client in u to region v at time t
  is serviceable if exists gt 1 path of non-failed
  regions from u to v over entire interval t,t
  ttlgeo.
• If client performs geocast(v,m) at time t, and
  the geocast is serviceable, then all nonfailed
  clients in region v georcv(m) by time tttlgeo.
• If a client in region v performs georcv(m), a
  geocast(v,m) was performed within last ttlgeo
  time.

19
VNLayer GeoCast implementation (alggeo)

• Uses VSA layer and a greedy DFS algorithm.
• If non-destination VSA receives message m (via
  V-bcast)
• It forwards m to a neighboring VSA closer to the
  destination.
• If it does not receive an ack that m was received
  in bdd time, it reforwards to the next closest
  neighbor, etc.
• Greedy DFS.
• Persistent greedy DFS.
• If destination VSA receives the message
• It tells the forwarder that the message has
  arrived.
• That forwarder tells the VSA that forwarded m to
  it that m has arrived, etc.

20
Example VSA u sending m to v

• 1. VSA u wants to send m to v.

Geocast(v, m)
21
Example VSA u sending m to v

• 2. Message is forwarded to nbr closest to v.

bcast(ltforward, ltm, u, v, nowgt, u, ugt)
22
Example VSA u sending m to v

• 3. Message continues to be forwarded closer

bcast(ltforward, ltm, u, v, nowgt, u, ugt)
23
Example VSA u sending m to v

• 4. If a hole is reached, the forwarding will time
  out.

24
Example VSA u sending m to v

• 5. The next closest nbr is then forwarded to.

25
Example VSA u sending m to v

• 6. The message finally arrives at the
  destination.

bcast(ltforward, ltm, u, v, nowgt, u, vgt)
Georcv(m)
26
Example VSA u sending m to v

• 7. Found messages are forwarded backwards to
  prevent reforwarding.

bcast(ltfound, ltm, u, v, nowgtgt)
27
VSA Layer emulation

• An emulation (amap, tmap) of the VSA layer is

28
A VSA Emulation Algo DGLLN05

• Replicated state machine approach
• Uses a totally ordered regional broadcast
  service.
• Emulates deterministic timed state machine.
• Each mobile node maintains state and processes
  messages as if it was the VSA.
• Leader-based
• Only leader broadcasts on behalf of the VSA.
• Leader handles joins of new emulators to maintain
  consistency.
• Provides real-time clock to VSA.

29
VSA Emulation Geocast algorithm

• Q What happens if we run the VSA layer emulation
  algorithm instantiated with the Geocast program?
• A We get a trace that maps to look just like a
  trace of a real VSA layer running Geocast,
  minus the region fails and restarts.

30
Stabilization motivation

• What if a system could get started in an
  arbitrary state?
• What if system components could suffer from
  corruption faults?

31
Stabilization preliminaries

• A state-matched t-suffix of an (A,V)-sequence a
• More than one state-matched t-suffix can exist.
• If t lt a.ltime, or ta.ltime and a is closed,
• then a state-matched t-suffix of a exists.

a
a
a
t
32
Stabilization

• Let B be a set of (AB,V)-sequences,
• C be a set of (AC,V)-sequences,
• t be a non-negative real.
• B stabilizes in time t to C if each state-matched
  t-suffix of each sequence in B is a sequence in C.

a
a
a
.
t
.
.
.
.
.
.
.
.
C
B
33
Stabilization results

• Lemma (Restriction). Let A be a set of actions, V
  be a set of variables, and let B stabilize to C
  in time t.
• a(A,V)a in B stabilizes to a(A,V)a in
  C in time t.
• Lemma (Transitivity). Let B stabilize to C in
  time t1, and C stabilize to set D in time t2.
• Then B stabilizes to D in time t1t2.

34
Self-stabilization
.
t
state in L
35
Self-stabilizing emulation
36
Self-stabilizing emulation traces
b
trace
t
tmapalg(b)
Mtrace
t
37
Proof of Theorem 1
Proof sketch
38
Self-stabilization of emulation algo

• Previously described emulation algorithm has been
  made self-stabilizing
• Local checking.
• Periodic checksums.

39
Htraces
40
S-s emulations s-s VLayer applications
41
Self-stabilization of Geocast

• Messages and versions of the DFS are identified
  with real-time timestamps.
• Local checking allows the clean-up of expired or
  too early DFS attempts.

42
S-s emulation s-s geocast VLayer algo
43
Relate back to VSA failure model

• Assume the example VSA fail/restart predicates.
• Can describe what it means for a region to be
  definitely non-failed through traces of physical
  nodes interacting with RW.
• Can describe weak physgeo spec.
• Conclude that traces of U(amapalggeo)R(RW)
  stabilize to traces satisfying physgeo.

44
Conclusions

• The VSA programming layer
• Provides a stationary, timed overlay network.
• Makes building other applications easier.
• Self-stabilizing emulations allow us to write
  self-stabilizing applications over the VSA layer,
  and know we will eventually observe good
  behaviour.