A joint project with the

• NIST Advanced Networking Technologies Division and
• The Defense Advanced Research Project Agency (DARPA) program for Dynamic Assembly for System Adaptability, Dependability, and Assurance DASADA

Overall Project Objective

This project investigates the use of ADLs (using Rapide, a research ADL developed by Stanford University in our testbed) to analyze the robustness of distributed systems in response to dynamic change, such as process, node, and link failures. More particularly we seek to apply and evaluate ADLs and related analysis tools to test the behavior and resilience of dynamic distributed systems, and to compare and contrast various approaches to design such systems. As a challenging focus, we selected service discovery protocols, a class of emerging network applications that allow distributed components to find and use needed services within a network. We expect the project will result in: (1) recommendations for improving architecture description languages as tools for modeling and analyzing dynamic distributed systems, (2) increased understanding of dynamic, distributed systems, and (3) metrics for comparative analysis of architectures for service discovery protocols and their robustness to dynamic change.

Motivation

Numerous trends suggest that future software will operate in an environment much more uncertain than today's typical client-server paradigm. Increased deployment of wireless communications, implying greater user mobility, coupled with proliferation of personal digital assistants and other information appliances, foretell a future where software components can never be quite sure about the network connectivity available, about the other software services and components nearby, or about the state of the network neighborhood a few minutes in the future. In the most extreme situations, as found for example in military applications, software components composing a distributed system may find that cooperating components disappear due to physical or cyber attacks or due to jamming of communication channels or movement of computing platforms beyond communications range. Even in less demanding circumstances, increased use of computer chips, network communications, and software to implement a growing range of consumer appliances portends the need for simple, self-contained units that, when powered on, can discover their technical surroundings and then automatically configure themselves into a larger system that might already be deployed. Further, as the consumer rearranges components in such a system, then the system must automatically adapt its configuration as necessary.

Under these conditions, the design of future distributed software systems will demand new analysis approaches and tools. We anticipate these tools will need to analyze system architectures composed of large numbers of heterogeneous components in which system behavior is characterized by dynamic modification, recomposition, and rapid change. Our work investigates the use of architectural description languages and their associated analysis tools to address such demands.

Research Strategy

As a challenging application within the distributed software systems domain, we investigate Service Discovery Protocols, which provide mechanisms for rendezvous and robustness in the face of uncertainty in distributed systems. These mechanisms enable dynamic elements in a network: (1) to discover each other, (2) to express opportunities for collaboration, and (3) to compose themselves into larger collections that co-operate to meet an application need. Dynamic Service Discovery Protocols are designed to operate in environments characterized by frequent change in the system composition, with users, devices, and services coming and going. Service Discovery Protocols must exhibit resilience and maintain a high quality of service in the face of unscheduled interruptions in network service. We investigate the ability of alternative architectural designs to meet this requirement. The architectures currently under investigation are taken directly from representative designs for service discovery protocols, such as Jini ™, Universal Plug and Play, and the Service Location Protocol (SLP). (Note that in doing so, we make no attempt to rank or rate specific commercial products. Nor do we endorse or recommend specific products or imply that they are the best available for a particular purpose.)

We adopt an architecture-based approach that entails the following general steps: (1) construct an architectural model of each discovery protocol using the Rapide ADL, (2) identify and specify relevant consistency conditions that each model should satisfy, (3) define appropriate metrics for comparing the behavior of each model, (4) construct interesting scenarios to exercise the models and to probe for violations of intended properties, and (5) compare the results from executing similar scenarios against each model. Rapide specializes in modeling architectures for real-time, distributed systems and therefore represents behavior in a form suitable to investigate discovery protocols. Rapide also comes with an accompanying suite of analysis tools that can execute a specification and can record and visualize system behavior. Rapide creates partially ordered sets (POSETs) as a residual record of execution that we use to analyze the behavior of a system model. Our analyses take two forms: property analysis and event analysis. We use property analysis to investigate robustness to dynamic change, while we use event analysis to discern underlying causes of observed behavior and performance. Property and event analysis can be used together to evaluate a protocol's resilience in the face of network failures. We also suspect that POSETs can provide a basis for complexity metrics, another dimension along which we expect to compare discovery protocols. We plan to confirm or refute our suspicion.

Expected Results

1. Paper showing our approach, its applicability, and its value already completed. See publications below.

2. Paper comparing and contrasting the robustness, resilience, and performance of several different architectural designs for dynamic discovery systems. See publications below.

3. A general model (in UML) documenting the structure, messages, and behavior inherent to the design space for dynamic discovery protocols. (First draft of a structural model is available, contact authors for a copy)

4. Executable Rapide models, associated scenarios, results, and related analyses that may be used to analyze architectures for Service Discovery Protocols.

1. C. Dabrowski and K. Mills. "Analyzing Properties and Behavior of Service Discovery Protocols using an Architecture-based Approach," Working Conference on Complex and Dynamic Systems Architectures, Brisbane, Australia, December 2001.

2. C. Dabrowski, K. Mills, and J. Elder. "Understanding Consistency Maintenance in Service Discovery Architectures During Communications Failures," Third International Workshop on Software Performance, Rome, Italy, July 2002.

3. C. Dabrowski, K. Mills, and J. Elder. "Understanding Consistency Maintenance in Service Discovery Architectures in Response to Message Loss," Fourth Annual Workshop on Active Middleware Services, Edinburgh, Scotland, July 2002.

4. C. Dabrowski and K. Mills. "Understanding Self-healing in Service-Discovery Systems," ACM Workshop on Self-Healing Systems, Charleston, SC, November 2002.

Other Products

1. Generic Model of Service Discovery Protocols in UML.

2. Jini Model in Rapide (Contact authors) for a copy).

3. UPnP Model in Rapide (Contact authors) for a copy).