This document introduces Adversary-Oriented Computing (AOC), which aims to simplify the design of distributed algorithms by accounting for different types of adversaries. It discusses three acts: (1) moving from centralized to distributed systems, (2) shifting focus from algorithms to systems, and (3) the introduction of AOC. AOC objects provide speculative linearizability depending on the adversary. Composition theorems allow combining AOC objects to handle different adversaries. Examples demonstrate how AOC can simplify testing, proofs, and optimizations by targeting specific adversaries. The goal is to modularize algorithms based on the dimension of the adversary.
15. Object (e.g., Queue)
State: a history of requests
A client invokes a request req and
delivers a response h(req)
16. Linearizable Shared Object
Safety: if c1 delivers history h1 and
c2 delivers history h2, then one is the
prefix of the other
Liveness: if a correct client c invokes a
request req, then c eventually delivers
response h (req)
28. Object
State: a history of requests
A client invokes a request req and
delivers a response h(req)
29. Shared Object (linearizable)
Safety: if c1 delivers history h1 and
c2 delivers history h2, then one is the
prefix of the other
Liveness: if a correct client c invokes a
request req, then c eventually delivers
response h (req)
30. AOC Object (A)
speculative linearizability
Liveness (1): if a correct client c
invokes a request req, then c commits
or aborts h (req)
Liveness (2) : h (req) is committed if
the adversary is weaker than A
31. AOC Object
Safety (1): if c1 commits history h1 and c2
commits h2, then one is prefix of the other
Safety (2): if c1 commits history h1 and c2 aborts
h2, then h1 is prefix of h2
35. Act 1: from centralized to distributed
Act 3: Adversary-Oriented Computing
C(O,A)
C(O,A1,A2,..An)
Act 2: from algorithms to systems
C(O,A1) C(O,A2) C(O,An)..
38. Wandida.com
Internet is an opportunity for teaching
Being recorded while giving a long class
Registering and following a full curriculum
Hinweis der Redaktion
Lac de Geneve/Lausanne; Plus grand lac d’Europe
EPFL/ETHZ; Classement premier; 8000 étudiants; pas de prépa; bonne qualité de la vie
A 50mn
A 100m; A 100m en été / programme d’années sabattique / département de 40 profs a peu près; Il n’y a aucun autre corps stable
Anyone who tried to design and prove or implement and test a distributed system has realized how hard it is; This is true for systems that are distributed over the Internet, over a cluster or simply above a dual processor; When I say “distributed” here I mean both concurrent and distributed; So any one who tried to devise a distributed system has realized how hard it is; The more practical the systems seeks to be, the more difficult it is to prove or test;
AOC is a computing discipline that might change our lives (or not) to simplify this state of affairs; I will tell here what it is at some level of abstraction;
Le titre est aiguicheur; je ne présente pas un article technique ici; mais une idée; comme le titre de mon exposé l’indique, il s’agit de spéculation.
La thèse spéculative défendue ici est la suivante: (1) l’informatique théorique est plus que jamais nécessaire pour comprendre ce que peuvent faire les machines et les réseaux; (2) A la base de l’informatique théorique réside ce que l’on appelle la théorie de la complexité: La théorie de la complexité des algorithmes étudie formellement la quantité de ressources (en temps et en espace) nécessitée par l'exécution d'un algorithme ainsi que la difficulté intrinsèque des problèmes algorithmiques.; (3) Cette théorie est très vieille (Euclide), même si le nom est attribué a Mohammed Algorithmi (qui donnerait le tournis à nos Claude Gueant) – 700; (4) Cette théorie repose sur des bases désormais fausses; (5) Les théries alternative sont des versionstrès partielles de la réalité
So what you do, or what you should be doing, is find the best algorithm: if you are running on a single computer, the situation is relatively easy;
it is very likely that the algorithm exists: why; because all machines are the same and are equivalent to a Turing machine; so the complexity of a queue is known; in a centralized system, that is easy; complexity depends only on your object only; universal model
Turing: Record player
The Turing machine is the max that one can compute (Lamdba calculs and recursive functions cannot do more)
The computer is a good approximation of a Turing machine; measuring the time It takes to execute a program by couting the number of steps of a Turing correspond to the number of elementary instructions In modern programming languages
This assumes a program is a batch with a clear input and a clear output
We have to duplicate
What if your problem needs to be solved by several Turing Machines
No universal model anymore; why? Because there are tons of ways according to which these machines communicate and are scheduled with respect to each other;
The adversary is the entity that represents that; and hence the algorithm depends on the adversary
There are all kinds of adversaries out there; strictly speaking: an adversary is a set of runs; the bigger the set, the strongest is the adversary;…
For example: the strongest adversary: every one is a free Turing machine; every one executes the algorithm assigned to it: they might stop at any time
For example, if I need to devise a queue algorithm, my algorithm will depend on the adversary; parler de la pile ici…
No contention; I update the queue locally; I inform the others
Contention; we go through a leader; k steps
Failure: round-robin: a priori; n steps
Tons of algorithms and papers; books
Link Failure: infinity
Intuitition: for instance; there might be contention; but usually there is not; so we send a message to all; if everybody replies, fine; if there is, we abort and try to do something else; so we go one by one; say p1 goes first etc; but what if p1 does not receive a reply; if the system is synchronous We speculate that the system is synchronous; so we approximate a bound; if it does not happen, we increase it; of course, we need to be careful; for example, if we suspect the leader, we should use a majority; so things get very complicated Very messyOnce we measure complexity, it is a vectorOn peut parler de complexité spéculative
Thinks are however more complicated because when building a distributed queue, I need to consider several adversaries at the same time: a polymorphic adversary
Première étape consiste bien entendu à créer des classes d’équivalence entre adversaires; Cette étape est très intéressante en elle-même; elle permet de réduire le nombre de résultats et d’algorithmes
La seconde étape consiste à résoudre les problèmes de la manière suivante: étant donné le pire cas, cad AN, l’idée est de résoudre le problème de la manière suivante: N is the biggest class; les autres sont des sous-classes, incomparables: On va concevoir algorithm1 pour A1; etc; La conception, preuve, test etc sont complètement séparées; We would like to divide the design, test, implementation and verification of the system; how can we do that? Ideally, the switch could be dynamic and adaptive; but let’s focus on this; why is this hard; because it is distributed; you speculate that there is no contention; but if there is, you switch (Notice: the parallel to OO; Polymorphic):
Comment on met en oeuvre ceci: détecteur d’adversaire; détecter la concurrence; détecter l’asymchronisme;
With and without contention
A comparer avec la composition de la linéarizability
En fait: on change le problème, les adversaires et la métrique de complexité
In fact, it is all about divide and conquer; this is complementary to ADT and OOP