1. No category

Self-Stabilizing Systems

Self-Stabilizing Systems
Seminar of Distributed systems
University of L’Aquila
Date:19/01/2016
Giuseppe Tomei
Giuseppe Di Lena
Topics
•
Introduction to Self-stabilizing Systems
•
Dijkstra’s approch:
•
•
•
•
K-state machines (K>N)
Four-state machines
Three-state machines
Mutual Exclusion with K-State machines
Introduction
• The synchronization task of processes in a distributed-system can be viewed
as keeping the system in a legitimate state.
• If there is a shared memory, every process can access it by mutex.In this
scenario the current state of system is stored in the shared memory .
• If there isn’t a shared memory, then every process must have some
distributed variables and each process can only exchange information with
its neighbors.
Introduction
• In our presentation we discuss the second case, in particular we consider ring
topology which is a connected graph in which the majority of the edge are
missing.
• What’s the problem?


Each process only knows the state of its neighbors;
The behavior of a process is influenced only by a part of the total system state .
Assumptions
• In each node there is a finite state machine
• Each machine has one or more «privileges»
• Privilege is defined such as boolean function, where its input is the state of
the machine and the states of its neighbors.
• The result of the function is «True» if the privilege is present, false otherwise
• There is a central daemon that can select one of the present privileges
• We don’t know how the daemon works
How the system works
• The machine that has the selected privilege will make its «move»
• After its move, the machine will be in a new state, which it depends on its old
state and the states of its neighbors
• After completion of the move the daemon will select a new privilege
Formal Definition
Legitimate state
• What is a «legitimate state»?
• The system is in a legitimate state when it satisfies the following properties:
1.
2.
In each legitimate state one or more privileges will be present;
3.
4.
Each privilege must be present in at least one legitimate state
In each legitimate state each possible move will bring the system again in a legitimate
state ;
For any pair of legitimate states there exists a sequence of moves transferring the
system from the one into the other
Self-stabilizing System
• We call the system self-stabilizing if and only if, regardless of the initial state
and regardless of the privilege selected each time for the next move, at least
one privilege will always be present and the system is guaranteed to find
itself in a legitimate state after a finite number of moves
Dijkstra’s Approach
Dijkstra assumptions
• We consider 𝑁 + 1 machines numbered from 0 to 𝑁 in a ring topology
• We shall use for machine number 𝑖:



L: to refer to the state of its lefthand neighbor, machine nr. (𝑖 − 1)𝑚𝑜𝑑(𝑁 + 1);
S:to refer to the state of itself, machine nr. 𝑖
R: to refer to the state of its righthand neighbor, machine nr. (𝑖 + 1)𝑚𝑜𝑑(𝑁 + 1);
Dijkstra assumptions
• Machine number 0 will also be called the «bottom machine»
• Machine number 𝑁 will also be called the «top machine»
• The legitimate state has exactly one privilege present
• Sintax:
•
if privilege then corresponding move fi;
Solution with K-state machines (𝐾 > 𝑁)
• Each machine state is represented by an integer value 𝑆, where 0 ≤ 𝑆 < 𝐾
• For each machine one privilege is defined:

Code for the bottom machine :

Code for the other machines:
Example for 𝐾 > 𝑁
Who has the privilege???
Bottom
N=4
L
K=5
p0
R
p1 p2 p4
S = 23
The demon chooses one
p1 = L
I choose p1
p4
p1
S = 20
S = 12
Now the only machine that
has the privilege is p4
p4 = L
Now the bottom machine
has the privilege
p3
p2
S=2
S=2
p0 = (S + 1)mod K
And so on…
Solution with 4-state machines
• Each machine state is represented by two booleans :𝑥𝑆 and 𝑢𝑝𝑆.
• For the bottom machine 𝑢𝑝𝑆 = 𝑡𝑟𝑢𝑒 by definition, for the top machine
𝑢𝑝𝑆 = 𝑓𝑎𝑙𝑠𝑒 by definition
• For each machine the privilege is defined:

Code for the bottom machine:

Code for the top machine:

Code for the other machines:
Example 4-state machines
bottom
L
Who has the privilege???
p1 p2 p3 p4
p0
x = true
false
up = true
R
The demon chooses p3
The demon can still choose p3
The demon chooses p1
Only p1 has the privilege now
After the last execution of p1, p1.up = false
and this «unlock» the bottom machine
top
p4
p1
x = true
up = false
x = false
true
up = false
true
p3
p2
xx == false
true
up = false
true
x = true
up = false
See how it evolves…
Bottom:
Top:
Other:
Example 4-state machines
bottom
L
Who has the privilege???
p1 p2 p3 p4
p0
x = false
up = true
R
top
p4
p1
x = true
up = false
x = false
up = true
p3
p2
x = true
up = false
x = true
up = false
The demon chooses p3
The demon can still choose p3
The demon chooses p1
Only p1 has the privilage now
After the last execution of p1, p1.up = false
and this «unlock» the bottom machine
See how it evolves…
Solution with 3-state machines
• Each state is represented by an integer value 𝑆, where 0 ≤ 𝑆 < 3.
• For each machine the privilege is defined:

Code for the bottom machine:

Code for the top machine:

Code for the other machines:
Example 3-state machines
Who has the privilege???
p1 p2
p2.S = R
Only p2 has the privilege now
bottom
L
p0
R
S =1
The system is stabilized
top
II’m
choose
p2
back!!!
p4
p1
S =2
S =1
See how it evolves…
p3
p2
SS == 01
S = 10
2
Bottom:
Top:
Other:
Example 3-state machines
Who has the privilege???
p1 p2
p2.S = R
Only p2 has the privilege now
bottom
L
p0
R
The system is stabilized
top
p4
p1
See how it evolves…
p3
p2
Mutual Exclusion with
K-State machines
Introduction
• Now we present Dijkstra self-stabilizing algorithm for the mutual exclusion
on a ring.
• The notation used in this example is :






𝑁 = number of processes
𝑆 = state of process
𝐾 = total number of states per machine
𝐿 = state of left neighbor
𝑅 = state of right neighbor
𝐵 = state of bottom machine
Assumptions
• A machine can enter in the critical section only if it has a privilege.
• The system is in a legal state if exactly one machine has a privilege
• The goal of the self-stabilizing algorithm is to determinate who has the
privilege and how the privileges move in the network.
• There are 𝑁 machines numbered 0 … 𝑁 − 1
• The state of any machine is determinated by its label from the set
• Remember the pseudocode:


Code for the bottom machine : if (𝐿 = 𝑆) then 𝑆 = (𝑆 + 1) 𝑚𝑜𝑑 𝐾
Code for the other machines: if (𝐿 ≠ 𝑆) then 𝑆 = 𝐿
0…𝐾 − 1
Proof of correctness
• The system is in a legal state if exactly one machine has the privilege.
• It is easy to verify that (𝑥0, 𝑥1 … 𝑥𝑁 − 1) is legal if and only if either all 𝑥𝑖 are
equal or there exists 𝑚 < 𝑁 − 1 such that all 𝑥𝑖 with 𝑖 ≤ 𝑚 are equal to
some value and all other 𝑥𝑖 are equal to some other value
• In the first case the bottom machine has the privilege, in the second case the
machine 𝑝𝑚 + 1 has the privilege
• 𝑳𝒆𝒎𝒎𝒂 𝟏: if the system is in a legal state, then it will stay legal.
Proof of correctness
• 𝑳𝒆𝒎𝒎𝒂 𝟐: a sequence of moves in which the bottom machine does not
move is at most 𝑶(𝑵𝟐)
• 𝑷𝒓𝒐𝒐𝒇: in the best case the number of moves is 𝑂(1), obviously;
bottom
• Let’s analyze the worst case:
L
R
0
• For the sake of semplicity we consider 𝑁 = 𝐾
In the first step we have N-1 moves
In the second step we have N-2 moves
And so on for N – 2 step
where we have this situation
at the 𝑁 − 1 step the bottom get the privilege
𝑁 − 1 𝑁2 N
𝑁∗
=
− → 𝑶(𝑵𝟐 )
2
2
2
2
𝑁−
1 = 𝑁 − 1 − (𝑁 − 2)
01 3
1
0
04
3
2
𝑁−
2
1
0
So the bottom machine waits a finite number of moves
4
05
𝑁−
3
0
3
1
2
Proof of correctness
• 𝑳𝒆𝒎𝒎𝒂 𝟑: Given any configuration of the ring, either:



1: no other machine has the same label as the bottom, or
2: there exist a label that is different from all machines.
Furthermore, within a finite number of moves, (1) will be true
• 𝑷𝒓𝒐𝒐𝒇: We show that if (1) does not hold, then (2) is true. If there exist a
machine that has the same label as that of bottom, then there are now 𝑘 − 1
labels left to be distributed among 𝑁 − 2 machines. Since 𝐾 ≥ 𝑁, we get
that there is some label which is not used.
• To show the second part, first note that if some label is missing from the
network, then it can only be genereted by the bottom machine.
(continue)
Proof of correctness
• Makeover, the bottom machine simply cycles among all labels. Since, from
lemma(2), the bottom machine moves after some finite number of moves by
normal machines, we get that the bottom machine will eventually get the
missing label.
• 𝑳𝒆𝒎𝒎𝒂 𝟒: If the system is in illegal state, then within O(𝑵𝟐) moves it
reaches a legal state
• Proof: It is easy to see that once the bottom machine gets the unique label,
the system stabilizes in 𝑂(𝑁 2 ) moves.
(continue)
Proof of correctness
• The bottom machine can move at most 𝑁 times before it acquires the
missing label. Machine 1 therefore can move at most 𝑁 + 1 times before the
bottom acquires the label. Similarly, machine 𝑖 can move at most 𝑁 + 𝑖
times before the bottom gets the label.
• By adding up all the moves, we get 𝑁 + (𝑁 + 1) + ⋯ + (𝑁 + 𝑁 − 1) =
𝑂(𝑁2) moves
References
• [1] Self-Stabilizing System in Spite of Distributed Control, E.W. Dijkstra
• [2] cap 23, 82.130.102.95/lectures/ss06/distcomp/lecture/self_stabilization.pdf
THANK YOU!!!!

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz