Budapest University of Technology and Economics Department of Measurement and Information Systems 1 Fault Tolerant CORBA (FT-CORBA) - Modeling and Analysis.

Slides:



Advertisements
Similar presentations
Modeling Main issues: What do we want to build How do we write this down ©2008 John Wiley & Sons Ltd. vliet.
Advertisements

Chapter 22 Object-Oriented Systems Analysis and Design and UML Systems Analysis and Design Kendall and Kendall Fifth Edition.
3. Hardware Redundancy Reliable System Design 2010 by: Amir M. Rahmani.
Making Services Fault Tolerant
E-Transactions: End-to-End Reliability for Three-Tier Architectures Svend Frølund and Rachid Guerraoui.
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
Distributed Systems Architectures
A brief look at CORBA. What is CORBA Common Object Request Broker Architecture developed by OMG Combine benefits of OO and distributed computing Distributed.
CORBA Case Study By Jeffrey Oliver March March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
CS 582 / CMPE 481 Distributed Systems Replication.
Distributed Service Architectures Yitao Duan 03/19/2002.
FTMP: A Fault-Tolerant Multicast Protocol Louise E. Moser Department of Electrical and Computer Engineering University of California, Santa Barbara.
Distributed Systems Fall 2009 Replication Fall 20095DV0203 Outline Group communication Fault-tolerant services –Passive and active replication Highly.
II. Middleware for Distributed Systems
7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.
Constructing Reliable Software Components Across the ORB M. Robert Rwebangira Howard University Future Aerospace Science and Technology.
Dept. of Computer Science & Engineering, CUHK Fault Tolerance and Performance Analysis in Wireless CORBA Chen Xinyu Supervisor: Markers: Prof.
Object Based Operating Systems1 Learning Objectives Object Orientation and its benefits Controversy over object based operating systems Object based operating.
Case Study: The E1 Distributed Operating System Chris Krentz 3/20/2007.
The ANSA project Failures and Dependability in ANSA.
1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Presented at University of Alabama CIS, Birmingham Monday, April 9, 2001 Patterns-based Fault Tolerant CORBA Implementation for Predictable Performance.
Wireless Access and Terminal Mobility in CORBA Dimple Kaul, Arundhati Kogekar, Stoyan Paunov.
Copyright 2002 Prentice-Hall, Inc. Modern Systems Analysis and Design Third Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich Chapter 20 Object-Oriented.
Unified Modeling Language, Version 2.0
1 Distributed Systems Distributed Objects & Remote Invocation II (CORBA VS DCOM) Dr. Sunny Jeong. With Thanks to.
Dependable Systems (CSE 890), Thursday, 27 th 2003 IRL Interoperable Replication Logic: A three-tier approach to FT-CORBA Infrastructures Authors: R. Baldoni,
What is MOF? The Meta Object Facility (MOF) specification provides a set of CORBA interfaces that can be used to define and manipulate a set of interoperable.
RELATIONAL FAULT TOLERANT INTERFACE TO HETEROGENEOUS DISTRIBUTED DATABASES Prof. Osama Abulnaja Afraa Khalifah
1 MAIN TABLE OF CONTENTS Definition: SOFTWARE AGENT HOW MANY TYPES OF AGENT? DEFINITION OF MOBILE AGENT: SOFTWARE AGENTS PROPERTIES, WORKING OF MOBILE.
Abhishek Bachchan Vishal Patangia
CORBA IS 8030 – Integrated Computing Environments Dr. Hoganson CORBA Common Object Request Broker Architecture Published by Object Management Group (OMG)
Sunday, October 15, 2000 JINI Pattern Language Workshop ACM OOPSLA 2000 Minneapolis, MN, USA Fault Tolerant CORBA Extensions for JINI Pattern Language.
ISADS'03 Message Logging and Recovery in Wireless CORBA Using Access Bridge Michael R. Lyu The Chinese Univ. of Hong Kong
Modeling Component-based Software Systems with UML 2.0 George T. Edwards Jaiganesh Balasubramanian Arvind S. Krishna Vanderbilt University Nashville, TN.
Distributed Objects and Middleware. Sockets and Ports Source: G. Coulouris et al., Distributed Systems: Concepts and Design.
CSC 480 Software Engineering Lecture 18 Nov 6, 2002.
1 Reliable Web Services by Fault Tolerant Techniques: Methodology, Experiment, Modeling and Evaluation Term Presentation Presented by Pat Chan 3 May 2006.
Slide 1 Systems Analysis and Design With UML 2.0 An Object-Oriented Approach, Second Edition Chapter 2: Introduction to Object-Oriented Systems Analysis.
Fault Tolerance in CORBA and Wireless CORBA Chen Xinyu 18/9/2002.
Implementing Simple Replication Protocols using CORBA Portable Interceptors and Java Serialization T. Bennani, L. Blain, L. Courtes, J.-C. Fabre, M.-O.
CORBA Common Object Request Broker Architecture. Basic Architecture A distributed objects architecture. Logically, an object client makes method calls.
CS 501: Software Engineering Fall 1999 Lecture 12 System Architecture III Distributed Objects.
 Common Object Request Broker Architecture  An industry standard developed by OMG to help in distributed programming.
Slide 1 Systems Analysis and Design With UML 2.0 An Object-Oriented Approach, Second Edition Chapter 2: Introduction to Object-Oriented Systems Analysis.
1 Unified Modeling Language, Version 2.0 Chapter 2.
Introduction to Active Directory
Middleware for Fault Tolerant Applications Lihua Xu and Sheng Liu Jun, 05, 2003.
1 Developing Aerospace Applications with a Reliable Web Services Paradigm Pat. P. W. Chan and Michael R. Lyu Department of Computer Science and Engineering.
Chapter 7 Classes and Methods III: Static Methods and Variables Lecture Slides to Accompany An Introduction to Computer Science Using Java (2nd Edition)
Introduction to Distributed Systems and CORBA Slides for CSCI 3171 Lectures E. W. Grundke.
(C) 2003 University of ManchesterCS31010 Lecture 14: CORBA.
Topic 4: Distributed Objects Dr. Ayman Srour Faculty of Applied Engineering and Urban Planning University of Palestine.
Object Interaction: RMI and RPC 1. Overview 2 Distributed applications programming - distributed objects model - RMI, invocation semantics - RPC Products.
CORBA Antonio Vasquez, John Shelton, Nidia, Ruben.
1 Distributed Systems Architectures Distributed object architectures Reference: ©Ian Sommerville 2000 Software Engineering, 6th edition.
Object Interaction: RMI and RPC 1. Overview 2 Distributed applications programming - distributed objects model - RMI, invocation semantics - RPC Products.
03 – Remote invoaction Request-reply RPC RMI Coulouris 5
Main issues: • What do we want to build • How do we write this down
CORBA Alegria Baquero.
CORBA Alegria Baquero.
Fault Tolerance Distributed Web-based Systems
Component--based development
Fault-Tolerant CORBA By, Srinivas Seshu.
Group Service in CORBA Xing Gang Supervisor: Prof. Michael R. Lyu
Reliable Web Services: Methodology, Experiment and Modeling International Conference on Web Services (ICWS 2007) Pat. P. W. Chan, Michael R. Lyu Department.
Fault-Tolerant CORBA By, Srinivas Seshu.
Presentation transcript:

Budapest University of Technology and Economics Department of Measurement and Information Systems 1 Fault Tolerant CORBA (FT-CORBA) - Modeling and Analysis István Majzik Budapest University of Technology and Economics Department of Measurement and Information Systems June 2000

Budapest University of Technology and Economics Department of Measurement and Information Systems 2 Introduction Basis: –FT-CORBA specification –UML-based automatic dependability modeling Topics: –Support to construct optimal FT-CORBA schemes –Evaluate existing architectures Part I: The FT-CORBA proposal Part II: UML-based dependability analysis Part III: Dep. modeling of FT-CORBA

Budapest University of Technology and Economics Department of Measurement and Information Systems 3 Part I The FT-CORBA Proposal

Budapest University of Technology and Economics Department of Measurement and Information Systems 4 CORBA OMG CORBA: standard of open OO systems –Provides transparent access to services of remote objects (like local method calls) –ORB: Object Request Broker communication of requests/responses (location, activation, parameter passing etc.) IOR: interoperable object reference GIOP: general inter-ORB protocol IIOP: Internet inter-ORB protocol –IDL: Interface definition language consistency between client and server interfaces

Budapest University of Technology and Economics Department of Measurement and Information Systems 5 FT-CORBA Goal: Fault tolerance in CORBA environment History: –April 1998: Request for Proposal issued –October 1998: Initial submissions –December 1999: Joint revised submission by Ericsson, Inprise, Iona, Lucent, Oracle, Sun,... –April 2000: Final adopted specification

Budapest University of Technology and Economics Department of Measurement and Information Systems 6 FT-CORBA Concepts Avoiding SPOF of single (server) objects Fault tolerance by entity redundancy, fault detection and recovery –creation of (server) object groups –infrastructure to maintain object replicas Basic properties: –replication transparency (access independent of number/location) –failure transparency (access independent of faulty server objects)

Budapest University of Technology and Economics Department of Measurement and Information Systems 7 Fault Tolerance Domains FT domain: –Object groups of server object replicas –Single Replication Manager Object groups: –different hosts –single object per host Replication Manager: –Creation and management of object groups –Support of application-controlled management

Budapest University of Technology and Economics Department of Measurement and Information Systems 8 Fault Tolerance Domain Domains, object groups, hosts and replicas

Budapest University of Technology and Economics Department of Measurement and Information Systems 9 Architecture Overview Set of CORBA objects to support FT –Replication Manager –Fault Detector –Fault Notifier –Fault Analyzer ORB extensions –logging mechanism –recovery mechanism Commercial implementations?

Budapest University of Technology and Economics Department of Measurement and Information Systems 10 Fault Tolerance Infrastructure

Budapest University of Technology and Economics Department of Measurement and Information Systems 11 Replication Management Infrastructure controlled case: –application: create_object() method of the RM –RM: invokes local factory objects on hosts –RM manages membership, consistency Application controlled case: –application’s responsibility to manage replicas Parameters: ReplicationStyle: stateless, cold / warm passive, active MembershipStyle ConsistencyStyle InitialNumberReplicas, MinimumNumberReplicas

Budapest University of Technology and Economics Department of Measurement and Information Systems 12 Fault Detection and Notification Fault model: –object crash (incorrect results are not tolerated) Fault detection by polling –application objects inherit the PullMonitorable interface: is_alive() method –Fault Detector invokes it periodically –hierarchy of fault detectors Fault notification and fault analysis Parameters: –FaultMonitoring (Style, Granularity, IntervalAndTimeout)

Budapest University of Technology and Economics Department of Measurement and Information Systems 13 Logging and Recovery Application objects inherit: –Checkpointable interface: get_state(), set_state() –Updateable interface: get_update(), set_update() Logging Mechanism: –storing GIOP messages –periodically storing state of the objects Recovery Mechanism: –restore object state and retrieve stored messages Parameters: –CheckpointInterval

Budapest University of Technology and Economics Department of Measurement and Information Systems 14 Client Failover Identification of object groups: –IOGR: interoperable object group reference –multiple IIOP profiles addressing object group members or gateways Basic mechanisms of the client ORB: –retry all alternative IIOP profiles –transparent reinvocation of requests (“at most once” execution semantics at the server) –heartbeating of the server IIOP

Budapest University of Technology and Economics Department of Measurement and Information Systems 15 Part II Dependability Modeling of Object-Oriented Systems Described in UML

Budapest University of Technology and Economics Department of Measurement and Information Systems 16 Dependability Analysis Approach by A. Bondavalli, I. Majzik, I. Mura HIDE - High-level Integrated Design Environment for Dependability ESPRIT Open LTR No From UML-based models (class, object, deployment diagrams) to Timed Petri Nets standard PN evaluation tools can be used Supports –comparison of design choices –identification of bottlenecks System-wide, structural model

Budapest University of Technology and Economics Department of Measurement and Information Systems 17 Modeling Approach 1. UML model: Diagrams with extensions stereotypes to identify roles (variant, tester,...) tagged values to assign parameters 2. Intermediate model: Simplified structure elements: software, hardware, with/wo states dependencies: „uses the service of” „is composed of” class based redundancy  fault tree 3. Dependability model: Timed Petri net sub-nets for elements and dependencies

Budapest University of Technology and Economics Department of Measurement and Information Systems 18 Failure/Propagation Sub-models > UML model elements Petri net modules O1O2O1

Budapest University of Technology and Economics Department of Measurement and Information Systems 19 Repair Sub-model > UML model Petri net module O1

Budapest University of Technology and Economics Department of Measurement and Information Systems 20 Redundancy Sub-models RMV1V2 UML model Fault treePetri-net

Budapest University of Technology and Economics Department of Measurement and Information Systems 21 Part III Dependability Modeling of FT-CORBA Architectures

Budapest University of Technology and Economics Department of Measurement and Information Systems 22 Approach UML models: –identification of elements/structures –additional parameters  support of automatic modeling Tailoring to FT-CORBA –subnets to specific mechanisms –based on the parameters Restrictions: –non-replicated client, static structure –infrastructure controlled replication management

Budapest University of Technology and Economics Department of Measurement and Information Systems 23 UML Modeling Identification of elements/structures –Fault Tolerance Domain: package independent of deployment –Object groups: sub-package –Roles: stereotypes FT-CORBA properties as tagged values –ReplicationStyle –MembershipStyle –ConsistencyStyle –FaultMonitoring (Style, Granularity, Interval) –(Initial, Minimum) NumberReplicas

Budapest University of Technology and Economics Department of Measurement and Information Systems 24 Overall Structure FT Domain Alpha Domain2 FTI RMFNFD OG4 OG3 OG2 OG1 S11S12FD1 Domain1 > C1C2

Budapest University of Technology and Economics Department of Measurement and Information Systems 25 Modularity Available building blocks: –failure subnet –propagation subnet –repair subnet –fault tree Sub-models in FT-CORBA: 1. Client failover 2. Server object failure 3. Fault management (detection and notification) 3. Recovery (replication management)

Budapest University of Technology and Economics Department of Measurement and Information Systems Client Failover Semantics: –Primary is tried first –Failover conditions: „crash” Communication failure No response No failover: erroneous response –No failure exception until all profiles have been tried

Budapest University of Technology and Economics Department of Measurement and Information Systems 27 Dependability Sub-model Fault tree (passive replication): –Top event: Client failure –Basic events: Server object crash Server object erroneous response –Composite events (OR): number n of profiles S1 (primary) erroneous S1 crash AND S2 erroneous S1 crash AND S2 crash AND S3 erroneous... S1 crash AND S2 crash AND... AND Sn crash

Budapest University of Technology and Economics Department of Measurement and Information Systems Server Object Failure Distinction of failures: –Crash  Failover in client  Error detected in the object group –Erroneous response (commission fault)  Propagated to clients, application-specific error detection

Budapest University of Technology and Economics Department of Measurement and Information Systems 29 Dependability Sub-model Failure process: –failure subnet –distinguished cases: crash/erroneous response Propagation subnets –standard subnets (toward the client fault tree)

Budapest University of Technology and Economics Department of Measurement and Information Systems Fault Management Fault detection+notification: Chain of events –Source: Fault Detector latency = MonitoringInterval coverage depends on MonitoringGranularity: –each member / single per host / single per host and type –Propagation: Fault Notifier(s) communication failures –Destination: Replication Manager Hierarchy of Fault Detectors Infrastructure objects: Replication is possible

Budapest University of Technology and Economics Department of Measurement and Information Systems 31 Dependability Sub-model Error detection delay –timed PN transition Fault notification subsystem –fault tree (AND) Replicated infrastructure objects –local fault trees (AND)

Budapest University of Technology and Economics Department of Measurement and Information Systems Recovery in the Object Group Triggered by the Fault Notifier in the Replication Manager Goal: Maintain the number of replicas –crashed object is removed –creation of new replica, restoring state –only a single replica on a given host! Repair is possible if: –current host is fault-free –current host is faulty, but there are available hosts i.e. number of hosts >= NumberReplicas

Budapest University of Technology and Economics Department of Measurement and Information Systems 33 Dependability Sub-model Repair subnet: Explicit repair –latency: CheckpointInterval, ReplicationStyle Recovery of the replica: –Static deployment: Standard repair subnet –Pool of identical hosts: Logic condition for repair Free hosts (PN place) marking increased by host repair and server object crash marking decreased by host crash and server object repair Guard on the transition for explicit repair

Budapest University of Technology and Economics Department of Measurement and Information Systems 34 Overall Structure of Subnets Notification Prop. Client Fault Tree S1 err Prop. S1 crash RecoveryRepair NumberReplica FaultMonitoringGranularity FaultMonitoringInterval ReplicationStyle CheckpointInterval Prop.

Budapest University of Technology and Economics Department of Measurement and Information Systems 35 System-wide Dependability Model Analysis of the Petri-net: –standard tools (SPNP, PANDA,...) Sensitivity analysis –system-wide reliability, availability  Optimal selection of FT-CORBA parameters –replication (membership, consistency) styles –number of replicas –monitoring granularity, interval

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.