














Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An overview of various voting schemes and agreement algorithms used in dependable computing. The slides cover topics such as fault-tolerant computing, voting in dependable computing, generalized weighted voting, median voting, approximate voting, approval voting, distributed voting, and byzantine generals problem. The document also discusses the challenges of achieving agreement and consensus in distributed systems, and the importance of reliable communication and fault tolerance.
Typology: Study notes
1 / 22
This page cannot be seen from the preview
Don't miss anything!















Nov. 2007
Agreement and Adjudication
Slide 1
Nov. 2007
Agreement and Adjudication
Slide 2
Released
Revised
Revised
First^
Dec. 2006
Nov. 2007
This presentation has been prepared for the graduatecourse ECE 257A (Fault-Tolerant Computing) byBehrooz Parhami, Professor of Electrical and ComputerEngineering at University of California, Santa Barbara.The material contained herein can be used freely inclassroom teaching or any other educational setting.Unauthorized uses are prohibited. © Behrooz Parhami
Nov. 2007
Agreement and Adjudication
Slide 4
Software Specification
Abe, I just noticed – our marriagelicense has an expiration date!And it’s today! Do you know anythingabout this, Abe?... Abe?... Abe?^ “Next case: the Internet economyversus millions of investorswho should have known better.”
Nov. 2007
Agreement and Adjudication
Slide 5
Component
Logic
Service
Result
Information
System
Level^ →
Low-Level Impaired
Mid-Level Impaired
High-Level Impaired
Unimpaired
Entry Legend:
Deviation
Remedy
Tolerance
Ideal
Defective
Faulty
Erroneous
Malfunctioning
Degraded
Failed
Nov. 2007
Agreement and Adjudication
Slide 7
Virtually all voting schemes of practical interest can be formulated interms of the generalized weighted voting model, as follows: Given
n^ input data objects
x ,^ x^12
x^ and associated nonnegative n^
real votes
v ,^ v^12
v^ , with n
Σ v^ =^ i^
V , compute output
y^ and its vote
w
such that
y^ is “supported by” a set of input objects with votes totaling
w ,
where
w^ satisfies a condition associated with the voting subscheme Possible voting subschemes:Unanimity
w^ =^ V Majority
w^ >^ V
Supermajority
w^ ≥^
Byzantine
w^ > 2
Plurality
( w^ for
y )^ ≥^ (
w^ for any
z^ ≠^ y )
Threshold
w^ > a preset lower bound
Gen.weightedvoter
... 〈 x ,^ v 〉^11 〈 x ,^ v 〉^22 〈 x^ ,^ vnn
〉
〈 y ,^ w 〉
Nov. 2007
Agreement and Adjudication
Slide 8
One can classify generalized weightedvoting schemes into 2
4 = 16 categories
based on dichotomies associated withinput data (the
x^ s), output data ( i
y ),
input votes (the
v^ s), and output vote ( i
w )
Vote
Exact/Inexact Data
Output Input
Consensus/Mediation Oblivious/Adaptive
Threshold/Plurality
Gen.weightedvoter
... 〈 x ,^ v 〉^11 〈 x ,^ v 〉^22 〈 x^ ,^ vnn
〉
〈 y ,^ w 〉
Input objectsinflexible, orrepresentingflexible“neighborhoods” Input weights setat design time, orallowed to changedynamically(adjustable/variable)
Total support froma subset of inputs(quorum), orshades of supportfrom all inputs Support exceedsa lower bound, oris max over allpossible outputs
First entry in each boxis the simpler of the twoA term such as “threshold voting”stands for 8 different methods
Nov. 2007
Agreement and Adjudication
Slide 10
The notion of an input object “supporting” a particular output (akin to a hypothesis supporting an end result or conclusion) allows us to treatapproximate and exact voting in the same way Example 1:
Input objects are points in the 2D space and the level of “support” between them is a function of their Euclidean distance Example 2:
Input objects are conclusions of character recognizers as to the identity of a character, with varying degrees of mutual support
Median selection fromthe maximal mutuallysupportive set of inputs
Largestmaximalcompatibleclass^
Proximitylimit
Nov. 2007
Agreement and Adjudication
Slide 11
Approval voting was introduced to prevent the splitting of votes amongseveral highly qualified candidates from leading to the election of a lessqualified candidate in plurality voting In approval voting, a voter divides the set of candidates into two subsetsof “qualified” and “not qualified” and indicates approval of the first subset^ A B C D In the context of computing, approval voting is useful when a questionhas multiple answers or when the solution process is imprecise or fuzzy Example question: What is a safe setting for a particular parameter in aprocess control system? When the set of approved values constitute a continuous interval of realvalues, we have “interval” inputs and “interval” voting
9 9 9 4
Nov. 2007
Agreement and Adjudication
Slide 13
Properties of an ideal voting scheme: 1. No big brother^ (voters free to express preferences) 2. Independence of irrelevant alternatives^ (preference for one candidate over^ another is independent of all others) 3. Involvement^ (every outcome is possible) 4. No dictatorship or antidictatorship^ (outcome not always conforming to,^ or opposite of, one voter’s view)
Arrow’s Theorem: No voting schemeexists that satisfiesall four conditions
True majority voting scheme: Each voter orders all the candidates; no circular preference allowedChoose a candidate who beats every other one in pairwise competitions(both simple majority and plurality rules fail to choose a candidate)
c voters^3 c^1 c^2
c^3 (^02)
(^12) (^11)
c >^ c^2 c >^ c >^ c^1 2 >^ c^3
3
Nov. 2007
Agreement and Adjudication
Slide 14
Exchange data among nodes so that all healthy nodes end up with the same set of values; this guarantees that running thesame decision process on the healthy nodes produces the same result Errors are possible in both data valuesand in their transmission between sites
X
0 1
〈0,1,1,1,X〉^11 〈0,1,1,1,X
〉 〈0,1,1,1,X
〉
〈0,1,1,1,X
〉
Problem: Agreement algorithms generally usemultiple rounds of communication,with values held at each site comparedand filtered, until the set of values heldat all sites converge to the same set
Derive a highly reliable value from multiple computation results or stored data replicas at multiple sites
Nov. 2007
Agreement and Adjudication
Slide 16
ICA( f
),^ f^ > 0
[ f
failures]
n^ – 1 nodes
v^ be the value received by node i^
i^ from the transmitter, or a default
value
Φ^ if it received no value; node
i^ then becomes the transmitter in
its own version of ICA(
f^ – 1), sending its value to
n^ – 2 nodes
i , let^
v^ be the value it received from node i , j^
j , or a default
value
Φ^ if it received no value from node
j. Node
i^ then uses the value
majority(
v^ ,^ v^ i ,1^ i
v ,^ i , i –
v^ ,... , i , i +
v^ ) i , n
[no failure]
n^ – 1 nodes
Φ^ if it received no value f +1 O( n ) messages needed, in
f^ + 1 rounds, to tolerate
f^ Byzantine failures
Nov. 2007
Agreement and Adjudication
Slide 17
If source and destination are healthy,message is eventually delivered unmodified Source: M. Correia, N. Ferreira Neves, P. Veríssimo, “From Consensus to Atomic Broadcast:Time-Free Byzantine-Resistant Protocols without Signatures,”
The Computer J
., 2005.
The same messages are delivered in thesame order to all participating nodes All healthy participants arrive at vectorswith a majority of elements correctAll healthy participants arrive at vectorswith correct value for every healthy node Agreeing on one of two values, 0 or 1 Message from a good node is eventually delivered to all good nodes unmodified
Nov. 2007
Agreement and Adjudication
Slide 19
Two generals lead divisions of an army camped on the mountains onthe two sides of an enemy-occupied valley The two divisions can only communicate via messengers We need a scheme for the generals to agree on a common attack time,given that attack by only one division would be disastrous Messengers are totally reliable, but may needan arbitrary amount of time to cross the valley(they may even be captured and never arrive)
G
G
G1 decides on
T , sends a messenger to tell G
Tomorrowat noon Got it!
Gotyourack!
G2 acknowledges receipt of the attack time
G2, unsure whether G1 got the ack (without whichhe would not attack), will need an ack of the ack! This can go on forever, without either being sure
Nov. 2007
Agreement and Adjudication
Slide 20
A general and
n^ – 1 lieutenants lead
n^ divisions of the Byzantine army
camped on the outskirts of an enemy city The^ n
divisions can only communicate via messengers We need a scheme for the generals to agree on a common plan ofaction (attack or retreat), even if some of the generals are traitors whowill do anything to prevent loyal generals from reaching agreement^ The problem is nontrivial even ifmessengers are totally reliable^ With unreliable messengers,^ the problem is very complex
G
L
L