Principles of Multi-Level Reflection for Fault Tolerant - - PowerPoint PPT Presentation

principles of multi level reflection for fault tolerant
SMART_READER_LITE
LIVE PREVIEW

Principles of Multi-Level Reflection for Fault Tolerant - - PowerPoint PPT Presentation

Mar 22, 2023 192 likes •435 views

* # Principles of Multi-Level Reflection for Fault Tolerant Architectures PRDC'02 (Dec 16-18 2002, Tsukuba, Japan) Franois Taani, Jean-Charles Farbre, Marc-Olivier Killijian Context Software COTS now in systems with high FT

slide-1
SLIDE 1

Principles of Multi-Level Reflection for Fault Tolerant Architectures

PRDC'02 (Dec 16-18 2002, Tsukuba, Japan) François Taïani, Jean-Charles Farbre, Marc-Olivier Killijian #

*

slide-2
SLIDE 2

2

  • F. Taïani et al.

Context

  • Software COTS now in systems with high FT requirements
  • Market products don’t meet dependability requirements

⇒ Adaptation needed

  • Dependability is a cross-cutting concern

⇒ Reflective architectures seem a good choice

  • But multi-component systems are a challenge for reflection
slide-3
SLIDE 3

3

  • F. Taïani et al.

Outline

  • Introducing reflection for fault-tolerance
  • The Fault-Tolerance of Multi-component systems
  • Our proposal: Multi-Level Reflection
  • Conclusion
slide-4
SLIDE 4

4

  • F. Taïani et al.

Outline

  • Introducing reflection for fault-tolerance
  • The Fault-Tolerance of Multi-component systems
  • Our proposal: Multi-Level Reflection
  • Conclusion
slide-5
SLIDE 5

5

  • F. Taïani et al.

What is Reflection?

separating fault-tolerance from functional concerns

"the ability of a system to think and act about itself"

  • riginal system

meta-model (generic connector)

fault-tolerance

meta-interfaces meta-level base-level

  • bservation

control

slide-6
SLIDE 6

6

  • F. Taïani et al.

Reflection & Fault-Tolerance

  • Meta-model provides observation and control features that

are needed to implement fault-tolerance

– State capture (observation) / State recovery (control) – Method interception (observation) / Duplication (control) – Non-deterministic decision points – …

  • In a multi-component system:

– Information/controls possible in different layers / abstraction levels – Higher levels (application, language): partial info / rich semantics – Lower layers (OS, middleware): complete info / poor semantics

slide-7
SLIDE 7

7

  • F. Taïani et al.

Outline

  • Introducing reflection for fault-tolerance
  • The Fault-Tolerance of Multi-component systems
  • Our proposal: Multi-Level Reflection
  • Conclusion
slide-8
SLIDE 8

8

  • F. Taïani et al.

Ad Hoc FT in Multi-Level Systems

ad hoc interlevel coordination fault-tolerance "patches"

OS application middleware

ad hoc connection FT code↔original code

slide-9
SLIDE 9

9

  • F. Taïani et al.

OS application middleware

Reflective Approach

fault-tolerance

generic, uniform meta-interface

meta- model

slide-10
SLIDE 10

10

  • F. Taïani et al.

FT in Multi-Level Systems

OS application middleware fault-tolerance

?

  • What information/control from which level?
  • How to aggregate information/control from ≠ levels?
slide-11
SLIDE 11

11

  • F. Taïani et al.

Example

POSIX C++ Appli CORBA

  • What information/control from which level?
  • How to aggregate information/control from ≠ levels?

class, object, method, attribute, invocation request, concurrency-model, interoperable object reference threads, address space, stack, locks, sockets, queues

slide-12
SLIDE 12

12

  • F. Taïani et al.

Outline

  • Introducing reflection for fault-tolerance
  • The Fault-Tolerance of Multi-component systems
  • Our proposal: Multi-Level Reflection
  • Conclusion
slide-13
SLIDE 13

13

  • F. Taïani et al.

Multi-Level Reflection

  • 1. Construct a meta-model for each level / layer
  • 2. Analyze inter-level dependencies & coupling
  • 3. Aggregate single meta-models into a system wide model
  • 4. Use system wide meta-model for fault-tolerance
slide-14
SLIDE 14

14

  • F. Taïani et al.

Multi-Level Reflection

  • 1. Construct a meta-model for each level / layer
  • 2. Analyze inter-level dependencies & coupling
  • 3. Aggregate single meta-models into a system wide model
  • 4. Use system wide meta-model for fault-tolerance
slide-15
SLIDE 15

15

  • F. Taïani et al.

Inter-Level Coupling

  • A Level = 1..n COTS = A set of interfaces =

– Concepts – Primitives / base entities (keywords, syscalls, data types, …) – Rules on how to use them

  • (concepts, base entities, rules) = programming model

– Very broad notion (includes programming languages) – Self contained

  • Base entities “a-tomic” within that programming model

– Can’t be split in smaller entities within the programming model. – Implemented by more elementary entities within the component. – Implementation is internal ⇒ hidden to component user.

(I)

slide-16
SLIDE 16

16

  • F. Taïani et al.

Inter-Level Coupling (II)

abstraction level CORBA interaction

client server client server

mutex socket thread signal transparent interaction composite interaction chain

Mw. Appli. OS

slide-17
SLIDE 17

17

  • F. Taïani et al.

Inter-Level Coupling

  • Within a COTS :

– Coupling between emerging entities of next upper level and implementation entities of lower levels

  • Structural coupling relationships (“abstraction mappings”)

– translation / aggregation / multiplexing / hiding

  • Dynamic coupling relationships (“interactions”)

– creation / binding / destruction / observation / modification

(III)

abstraction level CORBA interaction client server client server mutex socket thread signal

Mw. Appli. OS

slide-18
SLIDE 18

18

  • F. Taïani et al.

Example: Coupling POSIX / CORBA

  • Behavioral model of connection oriented

Berkeley sockets as seen by the middleware programmer

×

close | shutdown

×

send

bound idle accepting connections

accept call accept return

unbound

bind ; listen socket call to recv return from recv

idle new socket waiting for reception

* *

OS

(I)

slide-19
SLIDE 19

19

  • F. Taïani et al.

Example: Coupling POSIX / CORBA

Object Creation Thread Creation Method Invocation

Socket API

* * ×

bind listen accept recv send shutdown

Mw. OS

(II)

slide-20
SLIDE 20

20

  • F. Taïani et al.

Using Multi-Level Reflection for FT

Executive Layer Ln+1 Executive Layer Ln Abstraction Level Levn+1 Abstraction Level Levn System's Functional Interface Application Layer LA

  • Top-down observation & control

– State capture – Monitoring of non-determinism

Abstraction Level Levn-1

(I)

slide-21
SLIDE 21

21

  • F. Taïani et al.

Using Multi-Level Reflection for FT

Executive Layer Ln+1 Executive Layer Ln Abstraction Level Levn+1 Abstraction Level Levn System's Functional Interface Application Layer LA

  • Bottom-up observation & control

– Fault propagation analysis / confinement – Rollback propagation / state recovery

Abstraction Level Levn-1

(II)

slide-22
SLIDE 22

22

  • F. Taïani et al.

Outline

  • Introducing reflection for fault-tolerance
  • The Fault-Tolerance of Multi-component systems
  • Our proposal: Multi-Level Reflection
  • Conclusion
slide-23
SLIDE 23

23

  • F. Taïani et al.

Conclusion

  • Multi-Level Reflection

(≈ Translucent Interfaces) can be very powerful

– Accuracy of action & observation from lower levels – Power of correlation and understanding from higher level

  • In practice:

– Some low implementation decisions are equivalent when observed at higher levels ( a.b ⇔ b.a, for instance memory management) – Identifying higher level patterns (for instance queue managmnt for Corba requests) can help reduce instrumentation costs.

  • Join to be done between accuracy and understanding

⇒"Adding higher level semantics to low-level entities"

slide-24
SLIDE 24

24

  • F. Taïani et al.

Future Actions

  • Finalize understanding of several ORBs + metamodel
  • Start prototype implementation of multi-level meta-interfaces
  • Proof of concept and evaluation with existing FT algorithms
  • Adaptive Reflection (Customizable meta-models…)