Ken Birman Cornell University. CS5410 Fall 2008..

Slides:



Advertisements
Similar presentations
Lecture 1: Logical, Physical & Casual Time (Part 2) Anish Arora CSE 763.
Advertisements

COS 461 Fall 1997 Time and Clocks u uses of time in distributed systems: –time-based algorithms (e.g. in security) –distributed make –gathering event traces.
Timed Distributed System Models  A. Mok 2014 CS 386C.
Logical Clocks.
Clock Synchronization. Problem 5:33 5:57 5:20 4:53 6:01.
Time and synchronization (“There’s never enough time…”)
Section 2.2 ~ Dealing With Errors
Time and Clock Primary standard = rotation of earth De facto primary standard = atomic clock (1 atomic second = 9,192,631,770 orbital transitions of Cesium.
From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Exercises for Chapter 14: TIME.
CS514: Intermediate Course in Operating Systems Professor Ken Birman Vivek Vishnumurthy: TA.
Distributed Systems Fall 2010 Time and synchronization.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.
CMPT 431 Dr. Alexandra Fedorova Lecture VIII: Time And Global Clocks.
Teaching material based on Distributed Systems: Concepts and Design, Edition 3, Addison-Wesley Copyright © George Coulouris, Jean Dollimore, Tim.
Synchronization Clock Synchronization Logical Clocks Global State Election Algorithms Mutual Exclusion.
CS514: Intermediate Course in Operating Systems Professor Ken Birman Vivek Vishnumurthy: TA.
1 Principles of Reliable Distributed Systems Lecture 5: Failure Models, Fault-Tolerant Broadcasts and State-Machine Replication Spring 2005 Dr. Idit Keidar.
Clock Synchronization Ken Birman. Why do clock synchronization?  Time-based computations on multiple machines Applications that measure elapsed time.
Distributed Systems CS Synchronization – Part II Lecture 8, Sep 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
SynchronizationCS-4513, D-Term Synchronization in Distributed Systems CS-4513 D-Term 2007 (Slides include materials from Operating System Concepts,
Synchronization in Distributed Systems CS-4513 D-term Synchronization in Distributed Systems CS-4513 Distributed Computing Systems (Slides include.
Logical Clocks Ken Birman. Time: A major issue in distributed systems  We tend to casually use temporal concepts  Example: “p suspects that q has failed”
EEC-681/781 Distributed Computing Systems Lecture 10 Wenbing Zhao Cleveland State University.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
EEC-681/781 Distributed Computing Systems Lecture 10 Wenbing Zhao Cleveland State University.
Lecture 12 Synchronization. EECE 411: Design of Distributed Software Applications Summary so far … A distributed system is: a collection of independent.
Time Supriya Vadlamani. Asynchrony v/s Synchrony Last class: – Asynchrony Event based Lamport’s Logical clocks Today: – Synchrony Use real world clocks.
Lecture 9: Time & Clocks CDK4: Sections 11.1 – 11.4 CDK5: Sections 14.1 – 14.4 TVS: Sections 6.1 – 6.2 Topics: Synchronization Logical time (Lamport) Vector.
Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport (1978) Presented by: Yoav Kantor.
CS514: Intermediate Course in Operating Systems Professor Ken Birman Vivek Vishnumurthy: TA.
Lecture 2-1 CS 425/ECE 428 Distributed Systems Lecture 2 Time & Synchronization Reading: Klara Nahrstedt.
1 Physical Clocks need for time in distributed systems physical clocks and their problems synchronizing physical clocks u coordinated universal time (UTC)
1 Constant Following Distance Simulations CS547 Final Project December 6, 1999 Jeremy Elson.
Reliable Communication in the Presence of Failures Based on the paper by: Kenneth Birman and Thomas A. Joseph Cesar Talledo COEN 317 Fall 05.
Computer Science Lecture 10, page 1 CS677: Distributed OS Last Class: Naming Name distribution: use hierarchies DNS X.500 and LDAP.
Parallel and Distributed Simulation Synchronizing Wallclock Time.
Issues with Clocks. Context The tree correction protocol was based on the idea of local detection and correction. Protocols of this type are complex to.
CS514: Intermediate Course in Operating Systems Professor Ken Birman Krzys Ostrowski: TA.
CS603 Clock Synchronization February 4, What is the best we can do? Lundelius and Lynch ‘84 Assumptions: –No failures –No drift –Fully connected.
Agenda Fail Stop Processors –Problem Definition –Implementation with reliable stable storage –Implementation without reliable stable storage Failure Detection.
Communication & Synchronization Why do processes communicate in DS? –To exchange messages –To synchronize processes Why do processes synchronize in DS?
Global Positioning Systems. Why GPS? Challenges of finding exact location by traditional methods Astronomical observation Adjustments based on gravity.
Lecture 9: Time and clocks (Chap 11) Haibin Zhu, PhD. Assistant Professor Department of Computer Science Nipissing University © 2002.
Time This powerpoint presentation has been adapted from: 1) sApr20.ppt.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Real-Time & MultiMedia Lab Synchronization Distributed System Jin-Seung,KIM.
D u k e S y s t e m s Asynchronous Replicated State Machines (Causal Multicast and All That) Jeff Chase Duke University.
CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.
SMAC: An Energy-efficient MAC Protocol for Wireless Networks
Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.
Logical Clocks. Topics r Logical clocks r Totally-Ordered Multicasting.
Hwajung Lee. Primary standard = rotation of earth De facto primary standard = atomic clock (1 atomic second = 9,192,631,770 orbital transitions of Cesium.
Synchronization in Distributed Systems In a single CPU system, critical regions, mutual exclusion and other synchronization problems are generally solved.
Distributed Systems Lecture 5 Time and synchronization 1.
Proof of liveness: an example
Distributed Systems – Paxos
Distributed Computing
Time and Clock Primary standard = rotation of earth
CSC 8320 Advanced Operating System
Time and Clock.
Logical time (Lamport)
COT 5611 Operating Systems Design Principles Spring 2012
Time and Clock.
Exercises for Chapter 11: TIME AND GLOBAL STATES
CDK: Sections 11.1 – 11.4 TVS: Sections 6.1 – 6.2
Logical time (Lamport)
Logical time (Lamport)
Logical time (Lamport)
COT 5611 Operating Systems Design Principles Spring 2014
Presentation transcript:

Ken Birman Cornell University. CS5410 Fall 2008.

Real time and clocks Lamport showed that if we care about event ordering, the best option is to use logical clocks But suppose we care about real time? How well can clocks be synchronized? To what extent can the operating system help us build applications that are sensitive to time?

Introducing “wall clock time” There are several options “Extend” a logical clock or vector clock with the clock time and use it to break ties Makes meaningful statements like “B and D were concurrent, although B occurred first” But unless clocks are closely synchronized such statements could be erroneous! We use a clock synchronization algorithm to reconcile differences between clocks on various computers in the network

Synchronizing clocks Without help, clocks will often differ by many milliseconds Problem is that when a machine downloads time from a network clock it can’t be sure what the delay was This is because the “uplink” and “downlink” delays are often very different in a network Outright failures of clocks are rare…

Synchronizing clocks Suppose p synchronizes with time.windows.com and notes that 123 ms elapsed while the protocol was running… what time is it now? p time.windows.com What time is it? 09: Delay: 123ms

Synchronizing clocks Options? P could guess that the delay was evenly split, but this is rarely the case in WAN settings (downlink speeds are higher) P could ignore the delay P could factor in only “known” delay For example, suppose the link takes at least 25ms in each direction…

Synchronizing clocks Suppose p synchronizes with time.windows.com and notes that 123 ms elapsed while the protocol was running… what time is it now? p time.windows.com What time is it? 09: Delay: 123ms 25ms

Synchronizing clocks In general can’t do better than uncertainty in the link delay from the time source down to p Take the measured delay Subtract the “certain” component We are left with the uncertainty Actual time can’t get more accurate than this uncertainty!

What about GPS? GPS has a network of satellites that send out the time, with microsecond precision Each radio receiver captures several signals and compares the time of arrival This allows them to triangulate to determine position

GPS Triangulation

Issues in GPS triangulation Depends on very accurate model of satellite position In practice, variations in gravity cause satellite to move while in orbit Assumes signal was received “directly” Urban “canyons” with reflection an issue DOD encrypts low-order bits

GPS as a time source Need to estimate time for signals to transit through the atmosphere This isn’t hard because the orbit of the satellites is well known Must correct for issues such as those just mentioned Accurate to +/- 25ms without corrections Can achieve +/1 1us accuracy with correction algorithm, if enough satellites are visible

Consequences? With a cheap GPS receiver, 25ms accuracy, which is large compared to time for exchanging messages 10,000 msgs/second on modern platforms … hence.1ms “data rates” Moreover, clocks on cheap machines have 10ms accuracy But with expensive GPS, we could timestamp as many as 100,000 msgs/second

Accuracy and Precision Accuracy is a measure of how close a clock is to “true” time Precision is a measure of how close a set of clocks are to one-another Both are often expressed in terms of a window and a drift rate

Thought question We are building an anti-missile system Radar tells the interceptor where it should be and what time to get there Do we want the radar and interceptor to be as accurate as possible, or as precise as possible?

Thought question We want them to agree on the time but it isn’t important whether they are accurate with respect to “true” time “Precision” matters more than “accuracy” Although for this, a GPS time source would be the way to go Might achieve higher precision than we can with an “internal” synchronization protocol!

Real systems? Typically, some “master clock” owner periodically broadcasts the time Processes then update their clocks But they can drift between updates Hence we generally treat time as having fairly low accuracy Often precision will be poor compared to message round-trip times

Clock synchronization To optimize for precision we can Set all clocks from a GPS source or some other time “broadcast” source Limited by uncertainty in downlink times Or run a protocol between the machines Many have been reported in the literature Precision limited by uncertainty in message delays Some can even overcome arbitrary failures in a subset of the machines!

Adjusting clocks: Not easy! Suppose the current time is 10:00.00pm Now we discover we’re wrong It’s actually 9:59.57pm! Options: Set the clock back by 3 seconds… But what will this do to timers? Implies a need for a “global time warp” Introduce an artificial time drift E.g. make clock run slowly for a little while

Real systems Many adjust time “abruptly” Time could seem to freeze for a while, until the clock is accurate (e.g. if it was fast) Or might jump backwards or forwards with no warning to applications This causes many real systems to use relative time: “now + XYZ” But measuring relative time is hard

Some advantages of real time Instant common knowledge “At noon, switch from warmup mode to operational mode” No messages are needed Action can be more accurate that would be possible (due to speed of light) with message agreement protocols!

Some advantages of real time The outside world cares about time Aircraft attitude control is a “real time” process People and cars and planes move at speeds that are measured in time Physical processes often involve coordinated actions in time

Disadvantages of real time On Monday, we saw that causal time is a better way to understand event relationships in actual systems Real time can be deceptive Causality can be tracked… and is closer to what really mattered! For example, a causal snapshot is “safe” but an instantaneous one might be confusing

Internal uses of time Most systems use time for expiration Security credentials are only valid for a limited period, then keys are updated IP addresses are “leased” and must be refreshed before they time out DNS entries have a TTL value Many file systems use time to figure out whether one file is fresher than another

The “endless rebuild problem” Suppose you run Make on a system that has a clock running slow File xyz is “older” than xyz.cs, so we recompile xyz… … creating a new file, which we timestamp … and store The new one may STILL be “older” than xyz.cs!

Implications? In a robust distributed system, we may need trustworthy sources of time! Time services that can’t be corrupted and won’t run slow or fast Synchronization that really works Algorithms that won’t malfunction if clocks are off by some limited amount

Fault-tolerant clock sync Assume that we have 5 machines with GPS units Each senses the time independently Challenge: how to achieve optimal precision and accuracy?

Srikanth and Toueg You can’t achieve both at once To achieve the best precision you lose some accuracy, and vice versa Problem is ultimately similar to Byzantine Agreement We looked at this once, assuming signatures Similar approach can be used for clocks

Combining “sensor” inputs “Shout at 10:00.00” True time * * * * *

Combining “sensor” inputs Basic approach Assume that no more than k out of n fail Depending on assumptions, k is usually bounded to be less than n/3 Discard outliers Take mean of resulting values Attacking such a clock? Try and be “as far away as possible” without getting discarded

How do real clocks fail? Bits can stick This gives clocks that “jump around” The whole clock can get stuck, perhaps erratically Clock can miscount and hence drift (backwards) rapidly

Using real-time Consider using a real-time operating system, clock synchronization algorithm, and to design protocols that exploit time Example: MARS system uses pairs of redundant processors to perform actions fault-tolerantly and meet deadlines. Has been applied in process control systems. (Another example: Delta-4)

Using time with sensors Many distributed systems monitor something in the outside world They use “sensors” to capture data such as temperature, video images, etc. Often data comes with build-in precision limits Then label these with time We’ve seen that time comes with imprecision too How does this impact applications that “sense” things?

Time with sensors Suppose that an application tracks temperature in Ithaca At 10:00am, 52 degree F At noon, 68 degrees F At 2:00pm, 74 degrees F At 6:00 pm 58 degrees F And temperature is +/- 2 degrees

Temperatures

Do we really know the value? The 12pm value was really within a “bounding box” The value was between, say, 63 and 67 with a “best estimate” of 65 But the time was also in a range of possible times Perhaps, between 11:59 and 12:01 So we should think of the sensor value as a box time value *

Does this matter? Suppose that we are supposed to only activate the assembly line once all the furnaces have reached operating temperature Or vent the reactor vessel if the pressure goes over 100 lbs per square inch How would we translate these rules to work with sensors that return values in “boxes”?

“Maybe” versus “Definitely” Suppose a sensor returns 67 +/-.8 at 10:00 +/- 10 secs Was it definitely 68 degrees? Or just “maybe”? * :58 9:59 10:00 10:01 10:02 * * * * Actual temperature could be anywhere inside the bounding box!

Wood and Marzullo Looked at issues of clock and sensor synchronization Developed fault-tolerance mechanisms for estimating data values and synchronizing clocks Showed how to deal with imprecision You needed to tell them which behavior you wanted Then they interpreted the question relative to the “bounding box” for the sensor

Overcoming errors If we have n readings and at most k are faulty, intersect boxes (excluding all possible subsets of size k) * :58 9:59 10:00 10:01 10:02 * * * * If at most 1 of 5 is faulty, the value must lie in the red intersection zone This sensor must have failed, or perhaps the associated clock is faulty.

Back to our questions Only activate the assembly line once all the furnaces have [definitely] reached operating temperature We want to know that the temperature is definitely high enough. Entire bounding box must be above the threshold temperature to be safe, since any point in the box is a “possibility” for the current temperature Vent the reactor vessel if the pressure [may be] over 100 lbs per square inch Trigger vent if any portion of the box is over threshold, because (perhaps) the vessel has reached that pressure.

Other issues to consider Source of imprecision is often the operating system Scheduling delays Paging Contenti0n for resources (locking) To overcome these problems it can be helpful to use a real time operating system in addition to using clock synchronization or sensor synchronization protocols By reducing uncertainty these “shrink the box”

Summary On Monday we saw that events in a system are best understood in terms of the logical progression of time Now we’ve looked at real (clock) time, which is one form of sensor, and also other kinds of sensor inputs Imprecise measurements force us to think in terms of bounding boxes with values in the box We can use this to overcome errors And we can also intepret queries over sensors and time in ways that explicitly cope with imprecision

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.