genie
play

Genie Distributed Systems Synthesis and Verification Marc Rosen - PowerPoint PPT Presentation

Nov 09, 2023 •139 likes •504 views

Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed Systems and Networks May 1, 2017 1 / 35 Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it

  1. Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed Systems and Networks May 1, 2017 1 / 35

  2. Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it work? Distributed Systems How does it work? Programming Languages Conclusion 2 / 35

  3. Problem Statement (Background) Distributed Systems are Useful § Partition tolerant (i.e. offline-capable) § Scalable Distributed Systems are Hard § Typically requires formal training or study § Even then, it’s easy to make mistakes § Even simple systems can be time-consuming to implement properly 3 / 35

  4. Problem Statement (Goals) § Can we come up with a way to specify the semantics of a distributed system, and then generate the code for the specified system? § Can we also make it fool-proof , and accessible to users without formal distributed systems training? 4 / 35

  5. Prior Art (Industry Solutions) § Apache Cassandra has: [8] § 9 write consistency levels § 10 read consistency levels § Apache CouchDB lets the developer choose between: [10] § Using a CAS-loop for strict consistency § Arbitrarily picking a “winner” on conflict. All conflicting versions are stored. The developer should manually resolve the conflict. 5 / 35

  6. Prior Art (Interactive Theorem Provers) § The Coq Proof Assistant [13] § SAML (System Analysis Modelling Language) [5] § Constable’s EventML [4] § ...and many others 6 / 35

  7. Prior Art (Model Checking Solutions) § Leslie Lamport’s TLA+ [12] § CISE [6] & Indigo [2] § The Leon Verification System [3] § ...and many others 7 / 35

  8. Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it work? Distributed Systems How does it work? Programming Languages Conclusion 8 / 35

  9. Demo: Mail § This is the final project from the Fall 2016 Distributed Systems Course § Users can connect to one of five mail servers, and “login” as a specific user § The following operations are supported: 1. List email messages 2. Send an email message 3. Delete an email message 4. Mark an email message as read § The entire system must be partition-tolerant and crash-tolerant 9 / 35

  10. Demo: Chat § This is the final project from the Fall 2014 Distributed Systems Course § Users can connect to one of five chat servers, and “login” as a specific user § The following operations are supported: 1. Join a room 2. Send a message to the room 3. Like a message 4. Unlike a message § The entire system must be partition-tolerant and crash-tolerant 10 / 35

  11. Demo: Simple verification example § In order to be able have meaningful verification, we need a way to express domain-specific invariants about the system... 11 / 35

  12. Questions (before the next part)? 12 / 35

  13. Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it work? Distributed Systems How does it work? Programming Languages Conclusion 13 / 35

  14. Code Generation: Overview § The AST is type-checked § We generate C++ code from Twirl templates (a templating language for Scala) § We generate one struct per class in the source to hold the properties. § We generate one struct per exposed method. 14 / 35

  15. Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it work? Distributed Systems How does it work? Programming Languages Conclusion 15 / 35

  16. Algorithmic Overview § All updates/operations have a (Lamport timestamp, server, per-server monotonic counter) triple for an ID. § Servers maintain and exchange the matrices consisting of the highest ID update that they’ve received from another server. § Servers maintain lists (by server of origin) of all updates they’ve ever received. These lists are used for reconciliation. § The current state of objects are stored as a mapping from ID to object. 16 / 35

  17. Reconciliation Algorithm 1. On partition change, start queuing any incoming client requests. (In the even that a partition occurs during this algorithm, keep adding to the current queue, but otherwise reset other state associated with this algorithm.) 2. Buffer (into an array) any server-to-server updates that come in during this reconciliation period. 3. Once a server has sent out all of its updates for reconciliation, it sends out a “finished reconciliation message” to all the other servers 4. Once the server has received a “finished reconciliation message“ from every server in the partition, then it sorts the updates that came in by p ℓ, s, c q and then applies them in that order (which is guaranteed to be causal). 5. Process any queued incoming client requests, and stop queuing future client requests. Instead, process them immediately. 17 / 35

  18. CRDTs [9] § a Commutative (or Convergent) Replicated Data Type § In general, they’re data types that have the properties that you’d want for eventual consistency in a distributed system. 18 / 35

  19. Two equivalent formulations [11] State-based (CvRDT) Operations are homomorphisms on a join semilattice. (Operations respect a partial ordering on the set of possible states. Any two states in the semilattice have a least upper bound.) Operation-based (CmRDT) Operations are transmitted in causal order. Any operations that can happen concurrently must commute. 19 / 35

  20. Object Model § The Universe consists of several mappings (classes) from identifiers to fields of atomic type (i.e. they’re not class instances). § There are two kinds of IDs: Unique IDs Totally ordered (in a causal order), but opaque otherwise. You get a fresh Unique ID every time you ask for one. Primary Key Meaningful keys that can be used to tie an object to some quantity § The ID of an object witnesses its existence 20 / 35

  21. Operations Model § Each operation has a precondition that must be met in order for the operation to take effect § Non-strict consistency operations must commute with all other operations 21 / 35

  22. Proof Rules Let 1. The invariants are satisfiable (they don’t conflict) 2. @ u, o where u is a universe and o is an operation Pre p u q ^ Inv p u q ù ñ Inv p op p u qq 3. The default values for objects with primary keys don’t violate invariants 4. @ u, o, o 1 where u is a universe, o is an operation, and o 1 is an operation that doesn’t require strict consistency. Then: ñ Pre 1 p op p u qq 4.1 Inv p u q ^ Pre p u q ù 4.2 Inv p u q ^ Pre 1 p u q ù ñ Pre p op 1 p u qq 4.3 Inv p u q^ Pre p u q^ Pre 1 p u q ù ñ op p op 1 p u qq “ op 1 p op p u qq 22 / 35

  23. Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it work? Distributed Systems How does it work? Programming Languages Conclusion 23 / 35

  24. The Specification Language: Some Highlights § Is highly inspired by C# (it’s not C#, though) § The query syntax is very similar to LINQ in C# [7] § No recursion. No higher-order functions. Strongly normalizing. § The query and iteration syntax is rigged such that there’s no way to access the i -th element of a list, which means that we can reason about lists as sets. § The type of a Unique ID is tagged with the class that it is identifying (since otherwise it wouldn’t act as a witness) 24 / 35

  25. How Verification Works (an overview) § We encode a given proof rule into SMTLIB2 format for the Z3 SMT solver [14] § This amounts to converting the program, as viewed by the proof rule into a logical expression § Objects are represented by sets (i.e. arrays from the object to booleans) § Lists are represented as triples of (class to quantify over, map, filter). Lists get encoded to @ x P C such that φ p x q , f p x q . § for(x in l) { assert f(x); } get encoded in the same way 25 / 35

  26. Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it work? Distributed Systems How does it work? Programming Languages Conclusion 26 / 35

  27. Conclusion We’ve created a basic prototype to meet the ease-of-use goals that we set out to solve. We think that this prototype should help to demonstrate the viability and the utility of having an easy-to-use tool to generate distributed systems. The key idea that makes such tooling viable is that specifying the system all at once makes these sorts of analyses possible. 27 / 35

  28. Ideas for Future Work § Finishing this prototype § Determine the optimal (especially state-based) CRDT to use in a given situation based on the specification. § Add support for other CRDTs like a numeric escrow CRDT [1] § Can we automatically determine when we can relax the constraints of causal consistency in reconciliation to weak consistency, so that we can improve performance? § And much much more... 28 / 35

  29. Questions? 29 / 35

  30. References I [1] Valter Balegas et al. “Extending eventually consistent cloud databases for enforcing numeric invariants”. In: Reliable Distributed Systems (SRDS), 2015 IEEE 34th Symposium on . IEEE. 2015, pp. 31–36. [2] Valter Balegas et al. “Putting consistency back into eventual consistency”. In: Proceedings of the Tenth European Conference on Computer Systems . ACM. 2015, p. 6. 30 / 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using GENIE Combating Loneliness Inquiry https://genie.soton.ac.uk Anne Kennedy and Anne

Using GENIE Combating Loneliness Inquiry https://genie.soton.ac.uk Anne Kennedy and Anne

Using GENIE Combating Loneliness Inquiry https://genie.soton.ac.uk Anne Kennedy and Anne Rogers The team behind GENIE at Southampton University NIHR CLAHRC Wessex GENIE Online Intervention Steps Map personal community of support in

873 views • 27 slides
GENIE Systematic Errors GENIE Systematic Errors GENIE Systematic Errors Hugh Gallagher, Tufts

GENIE Systematic Errors GENIE Systematic Errors GENIE Systematic Errors Hugh Gallagher, Tufts

GENIE Systematic Errors GENIE Systematic Errors GENIE Systematic Errors Hugh Gallagher, Tufts University July 11, 2016 - NUTUNE 16, U. Liverpool OUTLINE 1) History/Context 2) Neutrino-Nucleon Interaction Modeling Free nucleon cross

905 views • 43 slides
Directions Most interaction is between Dorky Computer Scientist, the Genie and the crowd. Dialogue

Directions Most interaction is between Dorky Computer Scientist, the Genie and the crowd. Dialogue

Characters : 1. Computer Science GeniusMark 2. Computer Science Genie (or just Genie)GWA Overview : After the Dorky Computer Scientist summons the Power Agile Genie (with the help of the crowd) he is granted three wishes. As a first wish,

195 views • 8 slides
GENIE Status Gabriel N. Perdue Simulations for Neutrinos 30 January 2017 Overview Recent

GENIE Status Gabriel N. Perdue Simulations for Neutrinos 30 January 2017 Overview Recent

GENIE Status Gabriel N. Perdue Simulations for Neutrinos 30 January 2017 Overview Recent release: GENIE 2.12.2 Planned releases: - GENIE 3.0 - GENIE 4.0 2 Gabriel Perdue | GENIE news | Simulations for Neutrinos 30 January 2017 GENIE

397 views • 13 slides
Introducing 2) Develop skills to utilize the online GENIE GENIE checklist and become familiar

Introducing 2) Develop skills to utilize the online GENIE GENIE checklist and become familiar

3/18/2014 The Guide for Effective Nutrition Interventions and Education Learning Objectives 1) Explain the process used in developing and validating the Guide for Effective Nutrition Interventions and Education (GENIE). Introducing 2) Develop

500 views • 10 slides
First look at new GENIE syst CAFs LBL meeting 30 Jul 2018 Chris Backhouse University

First look at new GENIE syst CAFs LBL meeting 30 Jul 2018 Chris Backhouse University

First look at new GENIE syst CAFs LBL meeting 30 Jul 2018 Chris Backhouse University College London Introduction Using example file /dune/data/users/marshalc/CAF FHC.root Weights now readable in CAFAna as dune.genie wgt[][]

442 views • 11 slides
GENIE update a personal view Steve Dytman, Univ. of Pittsburgh NusTec 11 December, 2018

GENIE update a personal view Steve Dytman, Univ. of Pittsburgh NusTec 11 December, 2018

GENIE update a personal view Steve Dytman, Univ. of Pittsburgh NusTec 11 December, 2018 group changes v3 + reweighting model advances, plans electron scattering v4 GENIE group changes FNAL After contributing many

616 views • 24 slides
rSMILE, an interface to the Bayesian Network package GeNIe/SMILE Roman Klinger, Christoph M.

rSMILE, an interface to the Bayesian Network package GeNIe/SMILE Roman Klinger, Christoph M.

rSMILE, an interface to the Bayesian Network package GeNIe/SMILE Roman Klinger, Christoph M. Friedrich { klinger,friedrich } @scai.fraunhofer.de July 9, 2009 Outline Bayesian Networks Existing Implementations GeNIe/SMILE rSMILE Applications

642 views • 17 slides
The Genie in the Bottle Implementing and Sustaining Lean Pg 1 What Well Cover Introduction

The Genie in the Bottle Implementing and Sustaining Lean Pg 1 What Well Cover Introduction

The Genie in the Bottle Implementing and Sustaining Lean Pg 1 What Well Cover Introduction 1. The Definition of True North 2. Key Philosophies Successful Lean Organizations 3. Quick review of the Toyota House 4. Discussion

1.37k views • 92 slides
The Genie is out of the bottle: DNA testing and the end of donor anonymity DNA testing is on the

The Genie is out of the bottle: DNA testing and the end of donor anonymity DNA testing is on the

The Genie is out of the bottle: DNA testing and the end of donor anonymity DNA testing is on the rise www.varta.org.au N=312 Ancestry DNA tests how do they work? 3 main types 1. Y-DNA 2. mtDNA 3. Autosomal www.varta.org.au Autosomal

811 views • 18 slides
TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone

TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone

TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone @uffeux Principal Consultant @ NCC Group Focus on hardware and embedded systems security Previously: 10 years product security @

1.41k views • 54 slides
GENIE: Valida,on and Tuning status report Julia Yarba,

GENIE: Valida,on and Tuning status report Julia Yarba,

GENIE: Valida,on and Tuning status report Julia Yarba, FNAL Simula,on for Neutrinos mee,ng Jan.30, 2016 GENE Valida,on and Tuning

369 views • 16 slides
FFPSA Implementation Efforts in LA County LA County DCFS Kym Renner & Genie Chough FFPSA

FFPSA Implementation Efforts in LA County LA County DCFS Kym Renner & Genie Chough FFPSA

FFPSA Implementation Efforts in LA County LA County DCFS Kym Renner & Genie Chough FFPSA Convening CWDS Training Center Riverside, CA November 20, 2019 Highlights Introductions LA County Governance Structure &

574 views • 10 slides
Learning Genie Staff Training 1 Welcome! Loved by thousands of teachers and directors, 40+ lab

Learning Genie Staff Training 1 Welcome! Loved by thousands of teachers and directors, 40+ lab

Learning Genie Staff Training 1 Welcome! Loved by thousands of teachers and directors, 40+ lab school partners, 200+ school districts /agencies 2 8:00-8:10am Introduction 8:10am-9:30am Training Session I (Mobile Devices) Portfolios Daily

694 views • 23 slides
The Genie Is Out of the Bottle Richard E. Ya Deau, MD FACS, FACHCE (HON) 23andme Your genetic

The Genie Is Out of the Bottle Richard E. Ya Deau, MD FACS, FACHCE (HON) 23andme Your genetic

The Genie Is Out of the Bottle Richard E. Ya Deau, MD FACS, FACHCE (HON) 23andme Your genetic data Participatory Research Richard YaDeau Richard YaDeau Genes vs. Environment 60-80 % Attributable to Genetics The heritability of AD

300 views • 7 slides
The Genie Is Out of the Bottle Richard E. Ya Deau MD, FACS, ACHCE (HON) 23andme Your genetic

The Genie Is Out of the Bottle Richard E. Ya Deau MD, FACS, ACHCE (HON) 23andme Your genetic

The Genie Is Out of the Bottle Richard E. Ya Deau MD, FACS, ACHCE (HON) 23andme Your genetic data Participatory Research Richard YaDeau Richard YaDeau Genes vs. Environment 60-80 % Attributable to Genetics The heritability of AD

252 views • 7 slides
Int ntrod oductio uction n for for Own wners s and nd Ope pera rator ors Steve

Int ntrod oductio uction n for for Own wners s and nd Ope pera rator ors Steve

Small l Data Centers, s, Larg rge Energy rgy Savings: ngs: an Int ntrod oductio uction n for for Own wners s and nd Ope pera rator ors Steve Greenberg erg, , P.E. Lawrence ce Berk rkeley y National onal Laboratory September

510 views • 33 slides
RailsConf Europe 2008 Juggernaut Realtime Rails Alex MacCaw and Stuart Eccles RailsConf Europe

RailsConf Europe 2008 Juggernaut Realtime Rails Alex MacCaw and Stuart Eccles RailsConf Europe

RailsConf Europe 2008 Juggernaut Realtime Rails Alex MacCaw and Stuart Eccles RailsConf Europe 2008 Juggernaut Realtime Rails Alex MacCaw and Stuart Eccles http://www.madebymany.co.uk/ server push HTTP HTTP GET/POST <html/>

1.02k views • 100 slides
David Salz CTO / Co-Founder david@sandbox-interactive.com ABOUT ALBION ONLINE What is Albion

David Salz CTO / Co-Founder david@sandbox-interactive.com ABOUT ALBION ONLINE What is Albion

ALBION ONLINE: A CROSS-PLATFORM MMO David Salz CTO / Co-Founder david@sandbox-interactive.com ABOUT ALBION ONLINE What is Albion Online? Albion Online is a modern interpretation of EVE Online with the skill based combat from League of

673 views • 22 slides
Q3 Highlights November 2015 SAFE HARBOR This presentation contains forward-looking statements,

Q3 Highlights November 2015 SAFE HARBOR This presentation contains forward-looking statements,

Q3 Highlights November 2015 SAFE HARBOR This presentation contains forward-looking statements, including, among other things, statements regarding our growth prospects; our ability to attract and retain customers to use our platform; our ability

284 views • 13 slides
PROXIMA Furkan Bayansar Emre Yiit Alparslan Mehmet Emin Bakr Mazlum Ferhat Arslan

PROXIMA Furkan Bayansar Emre Yiit Alparslan Mehmet Emin Bakr Mazlum Ferhat Arslan

PROXIMA Furkan Bayansar Emre Yiit Alparslan Mehmet Emin Bakr Mazlum Ferhat Arslan Introduction What was the problem ? Lack of Interaction with participant in webinar tools What was current solutions ? Using instant

344 views • 12 slides
Agenda Motivation Introduction to Google Wave SynBioWave Main Robot Add-on Robots

Agenda Motivation Introduction to Google Wave SynBioWave Main Robot Add-on Robots

Agenda Motivation Introduction to Google Wave SynBioWave Main Robot Add-on Robots Live Demo Motivation Scientist in Germany Scientist in the USA Scientist in India SynBioWave offers collaboration for Biologists Free

634 views • 19 slides
SPEE 2018 Petroleum Evaluation Software Symposium The he c cor orporate solutio ion f for

SPEE 2018 Petroleum Evaluation Software Symposium The he c cor orporate solutio ion f for

SPEE 2018 Petroleum Evaluation Software Symposium The he c cor orporate solutio ion f for eval aluating, man manag aging, an and d repo porting r reserves Us Used ed b by over er 2 2700 700 cl clients Ban Banks, o

951 views • 31 slides
Remote Participation Services at ICANN 42 Filiz Yilmaz Sr Director,

Remote Participation Services at ICANN 42 Filiz Yilmaz Sr Director,

Remote Participation Services at ICANN 42 Filiz Yilmaz Sr Director, Par2cipa2on and Engagement Overview Why? How? 2 Why Remote Participation? Cost effective Enables wider inclusion ICANN commitment

254 views • 24 slides

More recommend