Publications (31)0 Total impact
-
Chapter: Distributed programming in GARF
[show abstract] [hide abstract]
ABSTRACT: GARF is an object-oriented programming environment aimed to support the design of reliable distributed applications. Its computational model is based on two programming levels: the functional level and the behavioral level. At the functional level, software functionalities are described using passive objects, named data objects, in a centralized, volatile, and failure free environment. At the behavioral level, data objects are dynamically bound to encapsulators and mailers which support distribution, concurrency, persistence and fault tolerance. Encapsulators wrap data objects by controlling how the latter send and receive messages, while mailers perform communications between encapsulators. This paper describes how the GARF computational model enables to build flexible and highly modular abstractions for the design of reliable distributed applications.04/2006: pages 225-239; -
Article: Evaluating CORBA Portability:
[show abstract] [hide abstract]
ABSTRACT: One of the most attractive aspects of the Common Object Request Broker Architecture (CORBA) lies in its open standard nature. Code that is based only on constructs described in the CORBA specification is portable between Object Request Brokers (ORBs), without depending on any single ORB implementation. However, this portability feature is not completely achieved in real-world applications. This paper discusses CORBA portability issues through our experience in implementing a CORBA Object Group Service (OGS) and porting it on different ORBs. In particular, we discuss some implementation choices we made with Orbix and VisiBroker, and we point the impact of these choices on the service portability and interoperability. This sheds some light on whether the current CORBA specification is mature enough to be deployed in industrial systems that have requirements regarding portability and interoperability. We also present how new CORBA specifications solve part of the shortcomings mentioned in this paper. 111/2002; -
Article: A CORBA Object Group Service
[show abstract] [hide abstract]
ABSTRACT: This paper describes an Object Group Service for the Common Object Request Broker Architecture (CORBA). The service enables to view a group of CORBA objects as a single entity despite concurrent invocations and failures, and thus provides an adequate support for the construction of highly available distributed applications with replicated critical components. The Object Group Service was designed and implemented in accordance with the Object Management Group guidelines. It is itself composed of a set of CORBA objects, and can transparently be used with any CORBA 2.0 multi-thread safe Object Request Broker.11/2002; -
Article: Protocol Classes for Designing
[show abstract] [hide abstract]
ABSTRACT: In this paper, we present Bast, an extensible library of protocol classes. The latter is aimed at helping system programmers to build distributed programming environments. Protocol classes constitute the basic structuring components for higher-level programming models, such as the transactional model, and add flexibility to distributed environments.10/2002; -
Article: Experiences with Object Group Systems: GARF, Bast and OGS
[show abstract] [hide abstract]
ABSTRACT: this paper is to discuss, through two experiences, general issues on (1) how to build system support for object groups and (2) how to build such support using standard # Pascal Felber is currently a#liated with Oracle Corporation (Portland, Oregon). Benot Garbinato and Karim Mazouni are currently a#liated with Union Bank of Switzerland, Zurich10/2002; -
Article: Modeling Protocols As Objects For
[show abstract] [hide abstract]
ABSTRACT: Whenbuilding distributed applications, one has to deal with many complex issues, some of which can be modeled as interacting distributed protocols. Modern operating systems already offer communication facilities such as sockets or RPC-like abstractions, but they have proven to be too low-level or limited in scope. Furthermore, they lack the ability to seamlessly cope with failures. In this paper, we claim that modeling protocols as reusable objects is a good way of structuring distributed systems, since robust protocol implementations and well-tested code reuse are key features in this context. We show how protocol objects can help to build new distributed protocols by composing existing ones, and that they add flexibility to distributed systems. We also give an overview of the design and implementation of BAST, our extensible library of protocol objects.10/2002; -
Article: Replicating Objects using
[show abstract] [hide abstract]
ABSTRACT: The Common Object Request Broker Architecture (CORBA) is becoming a standard for distributed application middleware, but no support is currently provided to handle object replication. In this paper we discuss the relevance of using OMG's Event Service for replicating objects in a CORBA environment and compare it to other approaches.10/2002; -
Article: System Support for Object Groups
[show abstract] [hide abstract]
ABSTRACT: This paper draws several observations from our experiences in building support for object groups. These observations actually go beyond our experiences and may apply to many other developments of object based distributed systems.10/2002; -
Article: Encapsulating Failure Detection: from Crash to Byzantine Failures
[show abstract] [hide abstract]
ABSTRACT: Separating different aspects of a program, and encapsulating them inside well defined modules, is considered a good engineering discipline. This discipline is particularly desirable in the development of distributed agreement algorithms which are known to be difficult and error prone. For such algorithms, one aspect that is important to encapsulate is failure detection. In fact, a complete encapsulation was proven to be feasible in the context of distributed systems with process crash failures, by using black-box failure detectors.03/2002; -
Article: Failure Detectors as First Class Objects
[show abstract] [hide abstract]
ABSTRACT: One of the fundamental differences between a centralized system and a distributed one is the notion of partial failures. The ability to efficiently and accurately detect failures is a key element underlying reliable distributed computing. In current distributed systems however, failure detection is either left to the application developer or hidden from the programmer and provided in an ad hoc manner behind the scene. We plead for an intermediate approach where failure detectors are first class objects. We view failure detection as an abstraction, the complexity of which is encapsulated behind well defined interfaces. The various roles of a failure detection service are all represented as first class objects. Following our approach, one can reuse existing failure detection protocols as they are or, through composition or refinement, define new protocols that match the application requirements. We describe an interesting result of a composition that mixes push and pull failure monitoring and we show how scalability issues may be addressed by using a hierarchical failure detection configuration. We also discuss the implementation of our failure service both in CORBA and in Java.03/2002; -
Article: Modeling Protocols As Objects For Structuring Reliable Distributed Systems
[show abstract] [hide abstract]
ABSTRACT: Whenbuilding distributed applications, one has to deal with many complex issues, some of which can be modeled as interacting distributed protocols. Modern operating systems already offer communication facilities such as sockets or RPC-like abstractions, but they have proven to be too low-level or limited in scope. Furthermore, they lack the ability to seamlessly cope with failures. In this paper, we claim that modeling protocols as reusable objects is a good way of structuring distributed systems, since robust protocol implementations and well-tested code reuse are key features in this context. We show how protocol objects can help to build new distributed protocols by composing existing ones, and that they add flexibility to distributed systems. We also give an overview of the design and implementation of BAST, our extensible library of protocol objects. 1 INTRODUCTION This paper introduces the concept of protocol objects and how it can be used to model distributed systems. In parti...02/2001; -
Article: Strategy Pattern for Composing Reliable Distributed Protocols
[show abstract] [hide abstract]
ABSTRACT: Reliable distributed systems involve many complex protocols. In this context, protocol compositions is a central concept, because it allows to reuse robust protocol implementations. In this paper, we describe how the Strategy pattern has been recursively used to support protocol composition in the Bast framework. We also discuss some design alternatives, some of which have been applied in other existing frameworks. 1 Introduction This paper presents how the Strategy pattern has been used to build Bast 1 , an extensible objectoriented framework for programming reliable distributed systems. Protocol composition plays a central role in Bast and relies on the notion of protocol class. In this paper, we focus on the recursive use of the Strategy pattern to overcome the limitations of inheritance, when trying to flexibly compose protocols. In a companion paper [6], we have presented how generic agreement protocol classes can be customized to solve the atomic commitment and the total orde...02/2001; -
Article: Muteness Failure Detectors: Specification and Implementation
[show abstract] [hide abstract]
ABSTRACT: This paper extends the failures detector approach from crash-stop failures to muteness failures. Muteness failures are malicious failures in which a process stops sending algorithm messages, but might continue to send other messages, e.g., "I-am-alive" messages. The paper presents both the specification of a muteness failure detector, denoted by 3MA , and an implementation of 3MA in a partial synchrony model (there are bounds on message latency and clock skew, but these bounds are unknown and hold only after some point that is itself unknown). We show that, modulo a simple modification, a consensus algorithm that has been designed in a crash-stop model with 3S, can be reused in the presence of muteness failures simply by replacing 3MA with 3S. Key words: failure detectors, Byzantine failures, muteness failures, asynchronous systems. ' Ecole Polytechnique F'ed'erale, Lausanne (Switzerland). Email: assia.doudou@epfl.ch. y United Bank of Switzerland, Zurich (Switzerland). Email: benoi...04/1999; -
Article: Reliability with CORBA Event Channels
[show abstract] [hide abstract]
ABSTRACT: fication of the ORB and leads to a non-standard and non-interoperable solution. The Object Group Service [6] provides replication of CORBA objects without using heavy-weight group communication toolkits (e.g. Isis) and would provide the degree of reliability required by our application class. The tradeoff is performance degradation since it introduces replicated intermediary objects. We present here a way to augment CORBA with a reliable broadcast facility. Our approach is pragmatic in the sense that it requires no modification of the Object Request Broker, and we do not build a new CORBA service from scratch. Instead, we add reliability features to the existing CORBA Event Service, which already provides multicastlike communication. The extension we introduce requires no modification of the CORBA specification, and can be applied to any standard Event Service implementation, without any communication overhead. The resulting service, called Reliable Event Service, adeq10/1998; -
Article: Protocol Classes for Designing Reliable Distributed Environments
[show abstract] [hide abstract]
ABSTRACT: . In this paper, we present Bast, an extensible library of protocol classes. The latter is aimed at helping system programmers to build distributed programming environments. Protocol classes constitute the basic structuring components for higher-level programming models, such as the transactional model, and add flexibility to distributed environments. We focus on classes that implement a generic agreement protocol named DTM (Dynamic-Terminating-Multicast). To the programmer, the DTM generic protocol appears as a set of classes that can be specialized to solve agreement problems in distributed systems. In particular, we show how those classes can be derived to build atomic commitment and reliable total order protocols. An overview of the Smalltalk design and implementation of the Bast library is also presented. 1 Introduction This paper describes Bast, an extensible class library of distributed protocols. Bast is aimed at assisting system programmers in building distributed programm...10/1998; -
Article: Programmation d'une Application Distribuée Résistante Aux Pannes avec l'environnement GARF
[show abstract] [hide abstract]
ABSTRACT: Introduction La programmation d'applications distribuees resistantes aux pannes est rendue difficile par les problemes inherents a la distribution, la concurrence, la persistance et a la resistance aux pannes. L'environnement de Generation Automatique d'applications Resistantes aux Fautes (GARF) [10] a pour objectif de simplifier la programmation de telles applications en ajoutant "automatiquement" le comportement distribue et resistant aux pannes desire aux fonctionnalites d'une application. Cet article presente l'environnement GARF et illustre la demarche de programmation d'une application avec cet environnement. L'idee fondamentale de GARF est de programmer separement les aspects fonctionnels (specifiques a chaque application) d'une part, et les aspects comportementaux ("factorisables" d'une application a l'autre) d'autre part. Cette approche a pour avantage d'etre modulaire: la modification du comportement d'un composant d'une application est e09/1998; -
Article: Invocation Support for Replicated Objects
[show abstract] [hide abstract]
ABSTRACT: Most object-based distributed systems do not support replicated objects. Replication is crucial because it is the only means to tolerate partial failures in distributed systems. The key issue for replicated objects is an appropriate invocation support. An object O1 must invoke an object O2 always in the same fashion regardless of their own replication policies. This paper investigates the support needed to invoke replicated objects. Such support should hide both distribution and replication. After reviewing related work, the paper proposes an approach based on a model with two object layers. Application objects interact using regular invocations whereas communication objects exchange network messages in order to manage both distribution and replication. The paper gives details about the implementation of the model in the GARF system, and discusses the approach. 1 Introduction Object-based distributed systems become more and more popular because objects are well suited to implement dis...09/1998; -
Article: Abstractions pour la Programmation Concurrente dans GARF
[show abstract] [hide abstract]
ABSTRACT: GARF is an object-oriented environment that allows the programming of fault-tolerant distributed applications in a modular way. This paper presents the library of classes provided to the programmer by GARF, in order to express and control concurrency. The implementation of the mechanisms introducing concurrency, as well as several classes offering various kinds of intra-object concurrency control, are presented. The extension of some of those classes towards inter-objects concurrency control is also exposed.09/1998; -
Article: Distributed Programming in GARF
[show abstract] [hide abstract]
ABSTRACT: . GARF is an object-oriented programming environment aimed to support the design of reliable distributed applications. Its computational model is based on two programming levels: the functional level and the behavioral level. At the functional level, software functionalities are described using passive objects, named data objects, in a centralized, volatile, and failure free environment. At the behavioral level, data objects are dynamically bound to encapsulators and mailers which support distribution, concurrency, persistence and fault tolerance. Encapsulators wrap data objects by controlling how the latter send and receive messages, while mailers perform communications between encapsulators. This paper describes how the GARF computational model enables to build flexible and highly modular abstractions for the design of reliable distributed applications. 1 Introduction Transparency has been recognized to be a worthwhile goal in the design of distributed systems. A user of a transpa...09/1998; -
Article: Implementation of the GARF
[show abstract] [hide abstract]
ABSTRACT: This paper presents the design and implementation of the GARF system, an objectoriented platform that helps programming fault-tolerant distributed applications in a modular way. The originality of GARF is to separate a distributed object into several objects, the complexity of distribution and fault-tolerance being encapsulated in reusable classes. The use of those classes by the GARF system is based on a run-time mechanism of invocation redirection, where most other systems use inheritance, a compile-time mechanism. Our runtime, which supports the GARF object model, is written in Smalltalk. It is presented in detail, as well as the reusable classes that support fault-tolerance. Fault-tolerant objects are implemented using groups of replicated objects. Our Dependable Object Toolkit provides group management facilities at the object level. Object groups are built on top of the Isis toolkit, which provides group management facilities at the Unix process level. Our mapping of object group...09/1998;
Top co-authors
Institutions
-
1998–2006
-
École Polytechnique Fédérale de Lausanne
- Section d'informatique
Lausanne, VD, Switzerland
-
