If you can't read please download the document
Upload
german-gera-shegalov
View
459
Download
1
Embed Size (px)
Citation preview
2. E-Business Scenario Your server command (process id #20) has been terminated. Re-run your command (severity 13) in /opt/www/your-reliable-eshop.biz/mb_1300_db.mb1 place your order! 3.
Problem Statement 4. Transaction recovery is idempotent. However, Web Client Web ApplicationServer DatabaseServer Timeline Non-idempotent execution ! ACK Purchase Request Order Confirmation Start Transaction SQL Request SQL Response SQL Request SQL Response Commit Transaction ACK Transaction Restart Purchase RequestResubmission 5. Real-Worldn -Tier ApplicationExpediaSabre Server Amadeus ExpediaApp ServerSabre App Server Amadeus App Server Client Web ServerDB 1 DB 2 DB 3 DB 4 6. IC Framework
7. Pcom Design
PCom1 PCom2 C 2 C 2 C 2 8. Committed IC Sender *EVENT_OK = EVENT LINK_OUTAGE STABLE_SSENDINGINSTALLED_SRECOVERYMSG_LOOKUPPREPARE_PERSISTENCESNDR_MSG_TM and not (STABLE_OK orINSTALLED_OK)/ SEND_MSGSNDR_ND/ SEND_MSG SNDR_TRIGGER [SNDR_LAST_LOGGED=='']/ SNDR_ND MSG_RECOVERED_TM/ SEND_MSGGET_MSG_OK[SNDR_LAST_LOGGED=='INSTALLED']INSTALLED_OK/ SNDR_LAST_LOGGED:='INSTALLED' STABLE_OKSNDR_STABLE_TM and not (INSTALLED_OK or GET_MSG_OK)/ IS_INSTALLED CIC_SNDR_SCSTABLE_SSENDINGMSG_LOOKUPSNDR_MSG_TM and INSTALLED_OK)/ SEND_MSGSNDR_ND/ SEND_MSG [SNDR_LAST_LOGGED=='']/ SNDR_ND MSG_RECOVERED_TM/ SEND_MSGGET_MSG_OKINSTALLED_OK/ SNDR_STABLE_TM and not (INSTALLED_OK or GET_MSG_OK)/ IS_INSTALLED SNDR_CRASHTTSTABLE_SSENDINGMSG_LOOKUPSNDR_MSG_TM and INSTALLED_OK)/ SEND_MSGSNDR_ND/ SEND_MSG [SNDR_LAST_LOGGED=='']/ SNDR_ND MSG_RECOVERED_TM/ SEND_MSGGET_MSG_OKINSTALLED_OK/ SNDR_STABLE_TM and not (INSTALLED_OK or GET_MSG_OK)/ IS_INSTALLED CIC_SNDR_SCSTABLE_SSENDINGMSG_LOOKUPINSTALLED_OK/ SNDR_MSG_TM and INSTALLED_OK)/ SEND_MSGSNDR_ND/ SEND_MSG SNDR_LAST_LOGGED SNDR_ND MSG_RECOVERED_TM/ SEND_MSGGET_MSG_OKINSTALLED_OK/ SNDR_STABLE_TM and not (INSTALLED_OK or GET_MSG_OK)/ IS_INSTALLED TTSNDR_LAST_LOGGED:='INSTALLED' _TM means TIMEOUT 9. Committed IC Receiver MSG_RECOVERYSTABLE_RINSTALLED_RMSG_RECEIVEDRECOVERYMSG_PROCESSEDRCVR_INSTALL_TM/ RCVR_LAST_LOGGED:='INSTALLED'; INSTALLED[RCVR_LAST_LOGGED=='INSTALLED'][RCVR_LAST_LOGGED=='STABLE']SEND_MSG_OK[RCVR_LAST_LOGGED=='STABLE']/ GET_MSG [ICIC]/ RCVR_LAST_LOGGED:='INSTALLED'; INSTALLEDMSG_EXEC_TM/RECEIVED;( RCVR_STABLE_TM orRCVR_ND [MSG_ORDER_MATTERS]) [not ICIC and RCVR_LAST_LOGGED=='']/ RCVR_LAST_LOGGED:='STABLE'; SEND_MSG_OK [RCVR_LAST_LOGGED=='']not SEND_MSG_OK and GET_MSG_TM/ GET_MSGRCVR_CRASHTCIC_RCVR_SCMSG_RECEIVEDRECOVERYMSG_PROCESSED[RCVR_LAST_LOGGED=='INSTALLED'][RCVR_LAST_LOGGED=='STABLE']SEND_MSG_OK[RCVR_LAST_LOGGED=='STABLE']/ GET_MSG [ICIC]/ RCVR_LAST_LOGGED:='INSTALLED'; INSTALLEDMSG_EXEC_TM/RECEIVED;[not ICIC and RCVR_LAST_LOGGED=='']/ RCVR_LAST_LOGGED:='STABLE'; SEND_MSG_OK [RCVR_LAST_LOGGED=='']not SEND_MSG_OK and GET_MSG_TM/ GET_MSGRCVR_CRASHTSEND_MSG or IS_INSTALLED/ SEND_MSG or IS_INSTALLED/ INSTALLEDSTABLE_RINSTALLED_RMSG_RECEIVEDRECOVERYMSG_PROCESSED[RCVR_LAST_LOGGED=='INSTALLED'][RCVR_LAST_LOGGED=='STABLE']SEND_MSG_OK[RCVR_LAST_LOGGED=='STABLE']/ GET_MSG [ICIC]/ RCVR_LAST_LOGGED:='INSTALLED'; INSTALLEDMSG_EXEC_TM/RECEIVED;STABLESEND_MSG_OK [RCVR_LAST_LOGGED=='']not SEND_MSG_OK and GET_MSG_TM/ GET_MSGRCVR_CRASHTCIC_RCVR_SCMSG_RECEIVEDRECOVERYMSG_PROCESSED[RCVR_LAST_LOGGED=='INSTALLED'][RCVR_LAST_LOGGED=='STABLE']SEND_MSG_OK[RCVR_LAST_LOGGED=='STABLE']/ GET_MSG [ICIC]/ RCVR_LAST_LOGGED:='INSTALLED'; INSTALLEDMSG_EXEC_TM/RECEIVED;SEND_MSG_OK [RCVR_LAST_LOGGED=='']not SEND_MSG_OK and GET_MSG_TM/ GET_MSGRCVR_CRASHTSEND_MSG or IS_INSTALLED/ STABLE SEND_MSG or IS_INSTALLED/ INSTALLED*EVENT_OK = EVENT LINK_OUTAGE, _TM means TIMEOUT RCVR_LAST_LOGGED:='INSTALLED' 10. CIC Verification
28. EOS
29. Transacted IC Activities
TIC_AC @TIC_SC FAILURE_PRONE_ENVIRONMENT XACT_CLIENT_CRASHLINK_OUTAGE XACT_CLIENT_AC XACT_SERVER_AC SQL_REQ SQL_REP @XACT_CLIENT_SC @XACT_SERVER_SC EXTERNAL_APP_LOGIC XACT_TRIGGER XACT_COMMITTED COMMITTED SYSTEM_ADMINISTRATOR TIMEOUTS XACT_ABORTED XACT_SERVER_CRASHCOMMIT USER_ABORT ABORTED 30. Transactional IC Server 31. Transactional IC Client 32. Execution Abstraction
p ,q P p p q p q 33.
Computation Tree Logic 34. Explicit Model Checking
35. TIC Verification