Presentation is loading. Please wait.

Presentation is loading. Please wait.

The ANSA project Failures and Dependability in ANSA.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "The ANSA project Failures and Dependability in ANSA."— Presentation transcript:

1 The ANSA project Failures and Dependability in ANSA

2 System structure Component based: component behaviour can be observed by other components Independent components: own observations and reasoning about events No global observer No global ordering of events No global time

3 Expectations – I V T t0t0 t1t1 An event with value v 0 is expected in time interval t 0 and t 1 v0v0

4 Expectations – II V T t0t0 t1t1 An event with a value between v 0 and v 1 is expected in time interval t 0 and t 1 v1v1 v0v0

5 Expectations – III V T t0t0 t1t1 An event with a value between v 0 and v 1 is expected in time interval t 0 and t 1 The event value is time dependent v0v0 v0v0 E  V x T

6 Occurrences V T t0t0 t1t1 An event can occur exactly once in the ANSA model v0v0 v0v0 O0O0

7 Occurrences V T t0t0 t1t1 An event can occur exactly once in the ANSA model v0v0 v0v0 O  V x T |O| = {0,1} O1O1

8 Correctness Correct occurrence of an event O  E   Correct non-occurrence of an event O  E =  Formal definition of correctness (O  E   )  (O  E =  )

9 Failures Negation of correct event  (O  E   )  (O  E =  ) Simplified (O  E   )  (O  E =  ) Unexpected occurrence O    E =  Omission failure E    O =  Incorrect occurrence O    E    (O  E =  )

10 Consistency between multiple events Events constrain the expectation of future events Local events: Observation by local mechanisms of a component Distributed events: Distributed consensus problem, collaboration of components required Consistency enforcement instead of distributed deviation detection Express global properties as a set of local ones

11 Computability of next expectation Research questions: Does a function f(O) exist to compute the next expectation? How many such functions are need for a simple protocol? V T t0t0 t1t1 v1v1 v0v0 V T t2t2 t3t3 v3v3 v2v2 O0O0 TOTO TOTO

12 Computability of next expectation Research question: Does a function g(O) exist to compute the next expectation in case of a failure? V T t0t0 t1t1 v1v1 v0v0 V T t2t2 t3t3 v3v3 v2v2 O0O0 TOTO TOTO

13 Dependability Principles – I Separation: More (distributed) components reduce dependability Diversity: Designers need to be prepared and mechanisms need to allow for diversity Scaling: Mechanisms must be exchangeable to suit different scenarios

14 Dependability Principles – II Federation: heterogeneous authorities and dependability contracts Transparency: hide dependability mechanisms from the programmer Concurrency: conflicting, inconsistent changes to data Configuration: add and update parts of the system; adapt failure detectors

15 Management Model – I 1.Fault confinement: limitation of propagation to other parts of the system 2.Fault detection: compare time/value observation with expectation 3.Fault diagnosis: if fault detection can not identify the faulty component 4.Reconfiguration: isolate faulty component or replace with spare 5.Recovery: remove effect of fault

16 Management Model – II Restart: after all damaged state has been removed Repair: restores the faulty component to an undamaged state Reintegration: reconfiguration of the system to reintroduce the repaired component

17 Open questions Is our list of principles complete? –Separation, Diversity, Scaling, Federation, Transparency, Concurrency, Configuration Is our D 2 R 3 strategy complete? –Fault confinement, Fault detection, Fault diagnosis, Reconfiguration, Recovery, Restart, Repair, Reintegration Is our CFEF diagram correct? –Do we detect faults, errors of failures?

18 CFEF diagram question ??

Download ppt "The ANSA project Failures and Dependability in ANSA."

Similar presentations

Principles of Engineering System Design Dr T Asokan

Principles of Engineering System Design Dr T Asokan
Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
Christian Delbe1 Christian Delbé OASIS Team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis November 29 2006 Automatic Fault Tolerance in ProActive.

Christian Delbe1 Christian Delbé OASIS Team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis November Automatic Fault Tolerance in ProActive.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Distributed DBMSPage 10-12. 1© 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture Distributed Database.

Distributed DBMSPage © 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture Distributed Database.
COE 444 – Internetwork Design & Management Dr. Marwan Abu-Amara Computer Engineering Department King Fahd University of Petroleum and Minerals.

COE 444 – Internetwork Design & Management Dr. Marwan Abu-Amara Computer Engineering Department King Fahd University of Petroleum and Minerals.
Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.

Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.
Lecture 13 Enterprise Systems Development ( CSC447 ) COMSATS Islamabad Muhammad Usman, Assistant Professor.

Lecture 13 Enterprise Systems Development ( CSC447 ) COMSATS Islamabad Muhammad Usman, Assistant Professor.
Reliable System Design 2011 by: Amir M. Rahmani

Reliable System Design 2011 by: Amir M. Rahmani
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.

CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
Adaptive Systems – Graceful Degrading System Paul Li

Adaptive Systems – Graceful Degrading System Paul Li
Models -1 Scientists often describe what they do as constructing models. Understanding scientific reasoning requires understanding something about models.

Models -1 Scientists often describe what they do as constructing models. Understanding scientific reasoning requires understanding something about models.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
CS-550 (M.Soneru): Recovery [SaS] 1 Recovery. CS-550 (M.Soneru): Recovery [SaS] 2 Recovery Computer system recovery: –Restore the system to a normal operational.

CS-550 (M.Soneru): Recovery [SaS] 1 Recovery. CS-550 (M.Soneru): Recovery [SaS] 2 Recovery Computer system recovery: –Restore the system to a normal operational.
Overview Distributed vs. decentralized Why distributed databases

Overview Distributed vs. decentralized Why distributed databases
A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.

A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.
Dependability Evaluation. Techniques for Dependability Evaluation The dependability evaluation of a system can be carried out either:  experimentally.

Dependability Evaluation. Techniques for Dependability Evaluation The dependability evaluation of a system can be carried out either:  experimentally.
Soft. Eng. II, Spr. 2002Dr Driss Kettani, from I. Sommerville1 CSC-3325: Chapter 9 Title : Reliability Reading: I. Sommerville, Chap. 16, 17 and 18.

Soft. Eng. II, Spr. 2002Dr Driss Kettani, from I. Sommerville1 CSC-3325: Chapter 9 Title : Reliability Reading: I. Sommerville, Chap. 16, 17 and 18.
7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.

7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.

Similar presentations

Ads by Google