Rachid Guerraoui – Adversary Oriented Computing
•Als PPT, PDF herunterladen•
0 gefällt mir•647 views
This document introduces Adversary-Oriented Computing (AOC), which aims to simplify the design of distributed algorithms by accounting for different types of adversaries. It discusses three acts: (1) moving from centralized to distributed systems, (2) shifting focus from algorithms to systems, and (3) the introduction of AOC. AOC objects provide speculative linearizability depending on the adversary. Composition theorems allow combining AOC objects to handle different adversaries. Examples demonstrate how AOC can simplify testing, proofs, and optimizations by targeting specific adversaries. The goal is to modularize algorithms based on the dimension of the adversary.
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Andere mochten auch
Andere mochten auch (18)
Ähnlich wie Rachid Guerraoui – Adversary Oriented Computing
Ähnlich wie Rachid Guerraoui – Adversary Oriented Computing (20)
Mehr von Yandex
Mehr von Yandex (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Rachid Guerraoui – Adversary Oriented Computing
- 1. Rachid Guerraoui, EPFL Adversary-Oriented Computing
- 6. Act 1: from centralized to distributed Act 3: Adversary-Oriented Computing Act 2: from algorithms to systems
- 10. enQueue() deQueue() Queue Queue Queue clients messages messages
- 14. The Game
- 15. Object (e.g., Queue) State: a history of requests A client invokes a request req and delivers a response h(req)
- 16. Linearizable Shared Object Safety: if c1 delivers history h1 and c2 delivers history h2, then one is the prefix of the other Liveness: if a correct client c invokes a request req, then c eventually delivers response h (req)
- 17. Asynchronous: infinity Sequential: 0 step Concurrency: k steps Node failures: n steps What Complexity?
- 18. Act 1: from centralized to distributed C(O,A) Act 2: from algorithms to systems
- 19. enQueue() deQueue() Queue Queue Queue messages messages Current Practices? clients
- 20. Polymorphic adversary C(O,A1,A2,A3,A4) = (2,O(k),O(f),infinity) What Complexity?
- 21. Paxos saga Tons of examples X.000 lines of intricate C code The Distributed System’s Nightmare In each implementation
- 22. Act 1: from centralized to distributed Act 2: from algorithms to systems C(O,A) C(O,A1,A2,..An)
- 23. Act 1: from centralized to distributed Act 3: Adversary-Oriented Computing Act 2: from algorithms to systems C(O,A) C(O,A1,A2,..An)
- 24. Dissecting Adversaries Equivalence classes Disagreement power (DISC 2010) Complexity relations (STOC 2009)
- 25. Switch(adversary) Case A1: algorithm1(); Case A2: algorithm2(); … Case AK: algorithmK(); … Case AN: algorithmN() Adversary-Oriented Computing
- 26. ”Premature optimization is the root of all evil” Knuth Adversary-Oriented Computing
- 27. Queue Queue Queue Adversary detector Adversary-Oriented Computing Progressive abortability clients
- 28. Object State: a history of requests A client invokes a request req and delivers a response h(req)
- 29. Shared Object (linearizable) Safety: if c1 delivers history h1 and c2 delivers history h2, then one is the prefix of the other Liveness: if a correct client c invokes a request req, then c eventually delivers response h (req)
- 30. AOC Object (A) speculative linearizability Liveness (1): if a correct client c invokes a request req, then c commits or aborts h (req) Liveness (2) : h (req) is committed if the adversary is weaker than A
- 31. AOC Object Safety (1): if c1 commits history h1 and c2 commits h2, then one is prefix of the other Safety (2): if c1 commits history h1 and c2 aborts h2, then h1 is prefix of h2
- 32. Composition Theorem AOC Object A1 + AOC Object A2 AOC Object (A1 U A2) =
- 33. Examples/References Indulgent algorithms (PODC 00,PODC 02) 700 BFT protocols (Eurosys 10) Test-and-Set (SPAA 12) Speculative Linearizability (PLDI 12) Speculation & Stabilization (PODC 13)
- 34. Simplifying Tests Revisiting The Paxos Family Proofs Optimizations (online)
- 35. Act 1: from centralized to distributed Act 3: Adversary-Oriented Computing C(O,A) C(O,A1,A2,..An) Act 2: from algorithms to systems C(O,A1) C(O,A2) C(O,An)..
- 36. Queue Storage e-X Dimensions of modularity control vs. data
- 37. AOC Thank you for your attention
- 38. Wandida.com Internet is an opportunity for teaching Being recorded while giving a long class Registering and following a full curriculum
Hinweis der Redaktion
- Lac de Geneve/Lausanne; Plus grand lac d’Europe EPFL/ETHZ; Classement premier; 8000 étudiants; pas de prépa; bonne qualité de la vie
- A 50mn
- A 100m; A 100m en été / programme d’années sabattique / département de 40 profs a peu près; Il n’y a aucun autre corps stable
- Anyone who tried to design and prove or implement and test a distributed system has realized how hard it is; This is true for systems that are distributed over the Internet, over a cluster or simply above a dual processor; When I say “distributed” here I mean both concurrent and distributed; So any one who tried to devise a distributed system has realized how hard it is; The more practical the systems seeks to be, the more difficult it is to prove or test; AOC is a computing discipline that might change our lives (or not) to simplify this state of affairs; I will tell here what it is at some level of abstraction; Le titre est aiguicheur; je ne présente pas un article technique ici; mais une idée; comme le titre de mon exposé l’indique, il s’agit de spéculation. La thèse spéculative défendue ici est la suivante: (1) l’informatique théorique est plus que jamais nécessaire pour comprendre ce que peuvent faire les machines et les réseaux; (2) A la base de l’informatique théorique réside ce que l’on appelle la théorie de la complexité: La théorie de la complexité des algorithmes étudie formellement la quantité de ressources (en temps et en espace) nécessitée par l'exécution d'un algorithme ainsi que la difficulté intrinsèque des problèmes algorithmiques.; (3) Cette théorie est très vieille (Euclide), même si le nom est attribué a Mohammed Algorithmi (qui donnerait le tournis à nos Claude Gueant) – 700; (4) Cette théorie repose sur des bases désormais fausses; (5) Les théries alternative sont des versionstrès partielles de la réalité
- So what you do, or what you should be doing, is find the best algorithm: if you are running on a single computer, the situation is relatively easy; it is very likely that the algorithm exists: why; because all machines are the same and are equivalent to a Turing machine; so the complexity of a queue is known; in a centralized system, that is easy; complexity depends only on your object only; universal model Turing: Record player The Turing machine is the max that one can compute (Lamdba calculs and recursive functions cannot do more) The computer is a good approximation of a Turing machine; measuring the time It takes to execute a program by couting the number of steps of a Turing correspond to the number of elementary instructions In modern programming languages This assumes a program is a batch with a clear input and a clear output
- We have to duplicate
- What if your problem needs to be solved by several Turing Machines No universal model anymore; why? Because there are tons of ways according to which these machines communicate and are scheduled with respect to each other; The adversary is the entity that represents that; and hence the algorithm depends on the adversary
- There are all kinds of adversaries out there; strictly speaking: an adversary is a set of runs; the bigger the set, the strongest is the adversary;… For example: the strongest adversary: every one is a free Turing machine; every one executes the algorithm assigned to it: they might stop at any time
- For example, if I need to devise a queue algorithm, my algorithm will depend on the adversary; parler de la pile ici… No contention; I update the queue locally; I inform the others Contention; we go through a leader; k steps Failure: round-robin: a priori; n steps Tons of algorithms and papers; books Link Failure: infinity
- Intuitition: for instance; there might be contention; but usually there is not; so we send a message to all; if everybody replies, fine; if there is, we abort and try to do something else; so we go one by one; say p1 goes first etc; but what if p1 does not receive a reply; if the system is synchronous We speculate that the system is synchronous; so we approximate a bound; if it does not happen, we increase it; of course, we need to be careful; for example, if we suspect the leader, we should use a majority; so things get very complicated Very messyOnce we measure complexity, it is a vectorOn peut parler de complexité spéculative Thinks are however more complicated because when building a distributed queue, I need to consider several adversaries at the same time: a polymorphic adversary
- Première étape consiste bien entendu à créer des classes d’équivalence entre adversaires; Cette étape est très intéressante en elle-même; elle permet de réduire le nombre de résultats et d’algorithmes
- La seconde étape consiste à résoudre les problèmes de la manière suivante: étant donné le pire cas, cad AN, l’idée est de résoudre le problème de la manière suivante: N is the biggest class; les autres sont des sous-classes, incomparables: On va concevoir algorithm1 pour A1; etc; La conception, preuve, test etc sont complètement séparées; We would like to divide the design, test, implementation and verification of the system; how can we do that? Ideally, the switch could be dynamic and adaptive; but let’s focus on this; why is this hard; because it is distributed; you speculate that there is no contention; but if there is, you switch (Notice: the parallel to OO; Polymorphic):
- Comment on met en oeuvre ceci: détecteur d’adversaire; détecter la concurrence; détecter l’asymchronisme;
- With and without contention A comparer avec la composition de la linéarizability
- En fait: on change le problème, les adversaires et la métrique de complexité
- In fact, it is all about divide and conquer; this is complementary to ADT and OOP