Model of Distributed Computer System Operation

ISSN 03617688, Programming and Computer Software, 2013, Vol. 39, No. 5, pp. 233–241. © Pleiades Publishing, Ltd., 2013. Original Russian Text © R.L. Smeliansky, 2013, published in Programmirovanie, 2013, Vol. 39, No. 5.

Model of Distributed Computer System Operation with Time R. L. Smeliansky Moscow State University, Department of Computational Mathematics and Cybernetics, Moscow, 119899 Russia email: [email protected] Received February 2, 2013

Abstract—A formal mathematical model of the operation of distributed computer systems is presented. This model covers the joint operation of the hardware and software components. The model provides a theoretical basis for performance, reliability, and consistency analysis, checking the correctness of operation, designing computer system architecture. Keywords: distributed computer systems, formal models of behavior, performance analysis, simulation. DOI: 10.1134/S0361768813050046

1. INTRODUCTION A mathematical model of the operation dynamics of distributed computer systems (DCSs) is presented. More precisely, by the mathematical model, we mean a system of interrelated mathematical concepts and relationships between them that adequately describe important features of distributed computer systems, which were considered in detail in [1, 2, 3] and in the editorial of this issue. The model provides a theoretical basis for the development of a theory of computer systems. The theory of computer systems can be defined as a divi sion of information science that uses mathematical methods to study the behavior of computer systems with the purpose to predict their efficiency, create methods of analysis, design, and maintenance of com puter systems and networks. The subject of this theory is the characteristics of the behavior of computer sys tems. These characteristics depend on various param eters of computer systems, such as the structure of the physical environment, the type of access to the system supported by the logical environment, the composi tion of workload, etc. The assurance that this model can be used as such a foundation is based on two facts. On the one hand, none of the available theories such as Hoare’s [4], Millner’s [5], Degano’s and Montanary’s [6], Nivat’s [7], Kapitonova’s and Letichevskii’s [8], as well as [9– 11], covers the fundamental features of distributed computer systems. In these theories, either the pro gram and the physical environment of its execution are not separated or the physical environment and, therefore, time as a metric value is not taken into account. In all the publications cited above, the semantics of parallelism and the conditions of its applicability are not always clearly defined. On the other hand, the model proposed in this paper could be

useful for resolving some theoretical issues. For exam ple, it can provide a formal framework for proving cer tain properties of distributed system (e.g., those con sidered in the CAP theorem [12, 13]). The main cause of those issues is the absence of a clearly defined con cept of the operation of distributed systems. The proposed model proved to be useful for resolv ing the following issues. 1. Description of the DCS operation (algorithmic analysis of DCSs). 2. Performance analysis of DCSs (quantitative analysis). 3. Description of the influence of the physical envi ronment (PE) on the DBS operation. 4. Automation of computer environment (CE) restructuring aimed at improving the DCS perfor mance. 5. Development of specification languages of the behavior of programs with parallel data processing. 6. Development of the theory of equivalent opti mizing transformations of programs with parallel data processing. 7. Verification of correctness of simulation models of DCSs. 8. Verification of interprocess interaction and syn chronization. The model that is systematically described in this paper was used as the theoretical basis for the develop ment of the simulation system described in [14–18], for the classification of temporal synchronization algorithms in distributed simulation systems [19], for the creation of the method and tools for evaluating program execution time [20, 21], for the statement of the DCS design problem and for the development of approaches to its solution [22–27], for the verification of programs and algorithmic analysis of their behavior

233

234

SMELIANSKY

[28, 29], and for the development of methods for the balanced choice of tools ensuring the fault tolerance of DCSs [30]. This model describes not only the behavior of programs but also the characteristics of hardware and the software environment that ensures the pro gram execution; it describes the influence of the hard ware on the dynamics of interaction of programs; it also contains multiple time as a quantitative entity; furthermore, the proposed model reflects the hierar chical nature and the structured organization of com puter systems. The model is based on three notions: behavior, which provides a model of software operation; execu tor, which provides a model of hardware; and the observer, which is the calculus determining the choice of a particular history from the program behavior on a specific executor for the given input data. The dynamics of DCS operation is determined by the interaction of the processes of an application with the logical environment and the executor. The proto type of the executor is the physical environment. Schematically, this interaction can be described as fol lows. Each sequential process determines a logical sequence of actions. Some of these actions assume access to dynamic logical resources, while the others assume access to static logical resources. (These types of logical resources and the concept of a logical resource are thoroughly considered in [1]). Access to dynamic logical resources is accompanied by passing messages of an appropriate type. A message is a set of access parameters. A message type is defined as an equivalence class on the set of fea sible messages. Each dynamic resource is a process with a known behavior. Both the control and messages are transferred by an entity called sequential observer. This is an external entity for the processes and the executor. With respect to the observer, we define the “degree of transparency” of processes, the equivalence of processes, the equiva lence of message types, and so on. The transfer of con trol from the process A to the process B implies that the process B begins to use the logical resources and the resources of the executor. The executor performs internal actions (the ones that form the static logical resource) determined by the process. These actions are invisible to the observer. From the observer’s view point, the result of these actions is the formation of a certain type of message and the identification of a pro cess name (dynamic logical resource) to which the observer must transfer the control and this message. The transfer of control can be initiated by the pro cess itself or it can occur under an external influence (interruption), e.g., of another executor executing another process on this executor. An executor may be assigned several processes. There are two classes of executors—distributed and sequential ones. A sequential executor can simul taneously execute commands of only one sequential

process. A sequential executor can manage several sequential processes in a timesharing mode. In what follows, we assume that 1. Each sequential executor is associated with a set of other sequential executors. This set is finite, fixed, and is not changed in the course of the program exe cution. 2. Each sequential process of the program is associ ated with some other processes. The set of these pro cesses is also fixed, and is not changed in the course of the program execution. 3. Atomic processes cannot be interrupted. 2. BASIC CONCEPTS Definition of a Distributed Computer System Distributed computer system is an object consist ing of the following components: 1. Physical environment (PE) sting of the hardware components of the DCS and communication facilities between them. 2. Logical environment (LE) consists of a set of pro grams PL that ensure the execution of application pro grams. The elements of the set PL are called LE pro cesses. 3. Work load consisting of the set Pπ of processes of the application programs. The elements of this set are called application processes. The first two components of the DCS (i.e., the components PE and LE) form the computation envi ronment (CE). The operation of the DCS is to ensure the interac tion between the programs in the set Pπ with the PE and LE. 3. EXECUTOR The PE consists of executors and communication channels. The executors can be distributed and sequential. Informally, a distributed executor (DE) is a set of sequential executors {SEi |i ∈ ᑣ} connected by communication channels (CCs) through which the processes executed on different sequential executors SEi (i ∈ ᑣ) exchange messages. A rigorous definition of the distributed executor is given below. The control in DEs is decentralized in the sense that some sequen tial executors belonging to the DE work autonomously (i.e., they execute individual reloadable programs). There is no unified time for the DE; that is, each SEi (i ∈ ᑣ) uses its own time scale. 3.1. Sequential Executor A sequential executor SE (also called processor) is an object characterized by the following attributes. def

• Carrier is the pair Cr = (ISE, OSE), where ISE and OSE are linearly ordered finite sets called the set of

PROGRAMMING AND COMPUTER SOFTWARE

Vol. 39

No. 5

2013

MODEL OF DISTRIBUTED COMPUTER SYSTEM

inputs and outputs of Cr, respectively. It is assumed that ISE ∩ OSE = ∅. ISE, where • Arbiter is a function ΦSE : P(ISE) P() is the operation of taking the power of a set: for each set M, P(M) is the set of all subsets of M. ΦSE is not defined at the point ∅. • ASE (ASE ⊆ PL) is the set of atomic processes asso ciated with the sequential executor SE. • NSE is an integer interpreted as the amount (number of units) of memory available to the sequen tial executor SE. • ρSE is the astronomical time of one cycle of the SE with the deviation ±εSE. • RSE is the set of parameters characterizing the stack and register structure, organization of the cache memory of different levels, and the pipeline structure of the sequential executor. • vSE : ASE Δ, where Δ is an interval of the set of integers N denoting the number of processor cycles needed to execute the corresponding atomic process. The last attribute needs an explanation. For each a ∈ ASE, vSE(a) is an interval because vSE(a) cannot be predicted exactly. We say that vSE(a) has an entropy. The source of this entropy is the complexity of the architecture of modern processors [31] due to which an instruction can have several execution variants [32] taking different numbers of processor cycles. The number of processor cycles depends on various parameters from RSE, such as lookahead algorithms, page updates in the cache memory, number of cache memory levels, the context in which the instruction is executed (i.e., the preceding instructions), and the instruction pipeline organization. Denote by μ = (μ1, …, μk), where 0 ≤ μi ≤ 1 (k is the number of different variants to execute the atomic process a). The entropy * (a) = of the execution time of a is defined as v SE

∑

i k μ v (a) , i = 1 i SE

i

where v SE (a) is the number of pro cessor cycles in the ith execution variant. When an SE executes any atomic process, it does not response to external actions, i.e., to the initiation of its inputs. In addition, as the SE is working, the fol lowing functions are defined at every processor cycle: 1. The input initiation function φSE : ISE {0, 1}. The input i ∈ ISE is said to be initiated if φSE(i) = 1. 2. The output initiation function (also called the activity function) χSE : OSE {0, 1}. The output o ∈ OSE is said to be initiated if χSE(o) = 1. If an output is initiated at a certain processor cycle, then SE executes the atomic process a = BindSE(o) PL is during this cycle, where BindSE : ISE ∪ OSE the function associating LE processes to SE for which it holds that ∀o ∈ OSE, BindSE(o) ∈ ASE. For each sequential executor in the set {SEi |i ∈ ᑣ}, a function PROGRAMMING AND COMPUTER SOFTWARE

235 –1

St i : Bind SE ( P i ) N is specified that determines the number of memory units needed to store on the sequential executor SEi the processes assigned to it by the function Bind. –1 St i ( p ) ≤ (If the set P' ⊆ Bind DE (i) is such that p ∈ P'

∑

N SEi (the notation NSE was introduced above), then all the processes from the set P' can be simultaneously stored on the sequential executor SEi.) Below, we need a special sequential executor Plug, which plays a technical role. This executor is defined as follows. 1. The sets of inputs and outputs of this executor are singletons. 2. All the other attributes of this executor are trivial; that is, NPlug = 0 and APlug = ∅. Informally, Plug is a “conductor” whose sole role is to pass messages from its input to the output without changing them and without delay. 3.2. Distributed Executor A distributed executor DE is a fivetuple def

DE = ({SEi |i ∈ ᑣ}, EDE, WDE, IDE, ODE), where • {SEi |i ∈ ᑣ} is a finite set of sequential executors (indexed by elements from a set ᑣ). • EDE is a finite set whose elements are called arcs or communication channels (CC). Each arc arc ∈ EDE is a pair (arc(out), arc(in)), where arc(out) ∈ O i ∈ ᑣ SE i and

arc(in)

∈

∪

∪

I . i ∈ ᑣ SE i

Additionally, it is assumed ( out )

that, for any two arcs arci( arc i ( out )

1, 2, it holds that arc 1

( in )

, arc i ( out )

≠ arc 2

), where i = ( in )

and arc 1

∩

( in ) arc 2

= ∅. • WDE is a function WDE : EDE N × N that assigns a pair of positive integers (ωarc, varc) to every arc arc ∈ EDE, where ωarc and varc have the following physical meaning. – ωarc is the greatest size (in bits) of a block of simultaneously transferred data over the CC arc (channel width). – varc is the time (the number of processor cycles) needed to transfer one block of data over the CC arc@1 (Footnote 1: This quantity also has entropy. However, to simplify the presentation, we assume it to be a constant for the time being.)@ Therefore, the time needed to transfer an arbitrary message over the CC arc is

Vol. 39

message size × v .  arc ω arc • IDE is a linearly ordered set of elements of the set I that do not belong to any arc arc ∈ EDE. i ∈ ᑣ SE i

∪

No. 5

2013

236

SMELIANSKY

The elements of IDE are called inputs of the distributed executor DE. • ODE is a linearly ordered set of elements of the set O that do not belong to any arc arc ∈ EDE. i ∈ ᑣ SE i The elements of ODE are called outputs of the distrib uted executor DE. Note that the linear orders on the sets IDE and ODE make it possible to identify them with the sets {1, …, |IDE|} and {1, …, |ODE|}, respectively. Therefore, we may assume that the inputs and outputs of the distributed executor DE are indexed by positive integers, and the phrases like the ith input of the distributed executor DE and the jth output of the distributed executor DE have a clear meaning.

def

parameters v and w producing the executor CLDE = [ DE ] i; jn, …, jn ; ( v, w ) is explained in Fig. 2.

∪

It may be said that CLDE is obtained from the executor DE by introducing the feedback. 4.1.2. Derived operations. In this paper, we do not give definitions of derived operations (input merging, sequential composition, identification of outputs, and so on) but only give explanations for some of them. These operations are called derived because they can be defined in terms of the union and closure opera tions using executors of the type Plug. For example, input merging is graphically illustrated in Fig. 3. Sequential composition is illustrated in Fig. 4. It is easy to see that input of merging is a derived operation of the union and closure operations.

4. ALGEBRA OF DISTRIBUTED EXECUTORS 4.1. Algebraic Operations on Distributed Executors We define the following algebraic operations on the set of carriers Cr of all distributed executors. 1. Basic algebraic operations: (a) Union (binary operation denoted by +). (b) Closure of the ith output to the inputs i1, …, jn (unary operation denoted by [] i; j1, …, jn ). 2. Derived algebraic operations: (a) Input merging (binary operation denoted by #). (b) Sequential composition (binary operation denoted by ∗). (c) Identification of the ith and jth inputs (unary operation denoted by Idij). (d) Branching of the jth output (unary operation denoted by Brj). (e) Renaming of inputs (unary operation denoted by Riσ, where σ is an arbitrary permutation of an arbi trary initial segment of the natural sequence). (f) Renaming of outputs (unary operation denoted by Roσ, where σ is an arbitrary permutation of an arbi trary initial segment of the natural sequence). In addition, the following operations on distributed executors are useful. 1. Adding a dummy input (unary operation denoted by Add). 2. Removal of the ith output (unary operation denoted by Remi). 4.1.1. Basic operations. A formal definition of these operations can be found in [2]. Here, we only briefly illustrate them in a graphical form. The union of the pair DE1 and DE2 produces the

Indeed, let us construct the union DE(0) = Plug1 + … + Plug2 + DE1 + DE2, where Plugi = (i = 1, …, n) denotes an instant of the executor Plug. We denote the input of Plugi = (i = 1, …, n) by ini, and its output is denoted by outi. Let us define the sequence of execu tors

def

executor DE = DE1 + DE2 shown in Fig. 1. The boxes in this diagram depict executors and the arrows show the inputs and outputs, which are reindexed as a result of the union operation. The definition of the closure of the ith output of the distributed executor to its inputs j1, …, jn with the

def

def

DE(i) = [ DE

i–1

] outi ; ini( 1 ), in (2 ) ; 0; 0 ,

where i ∈ {1, …, n}. It is clear that the distributed executor DE(n) coin cides with DE1#DE2. 4.2. Representation of Distributed Executors by Algebraic Expressions Theorem. Every distributed executor DE = ( { SE i i ∈ ᑣ }, E DE, W DE, I DE, O DE ) can be represented as an algebraic expression (term) in the signature def

Ω = { + } ∪ { [] i; j1, …, jn ; v, w i, n, j 1, …, j n, v, w ∈ N } over the set of generators consisting of sequential exec utors. Indeed, denote by DE(0) the union of all the sequential executors from the set {SEi |i ∈ ᑣ}. Note that the set I DE ( 0 ) coincides with the set and i ∈ ᑣI the set O DE ( 0 )

∪ coincides with the set ∪

i∈ᑣ

SE i

O SEi . Let

out1, …, outn be the list of all elements of O DE( 0 ) . Define the sequence of distributed executors DE(1), …, DE(n) as follows. For each i = 1, …, n, 1. if there exists an arc arc ∈ EDE containing the ele ment outi for which WDE(arc) = (v, w), then we denote by in j1 , …, in jk the inputs of the Plug associated with the arc and set the executor DE(i) equal to the executor (i – 1) [ DE ] outi ; inj1, …, injk ; v, w ;

PROGRAMMING AND COMPUTER SOFTWARE

Vol. 39

No. 5

2013

MODEL OF DISTRIBUTED COMPUTER SYSTEM

2. if there exists no arc arc ∈ EDE containing the element outi for which WDE(arc) = (v, w), then we set the executor DE(i) equal to the executor DE(i – 1). It is clear that the distributed executor DE(n), which, by construction, is a term in the signature Ω over the set of sequential executors, is equivalent to DE in the sense DE(n) = ({SEi |i ∈ ᑣ}, EDE, WDE, IDE, ODE). A rigorous proof of this fact can be found in [2]. 5. DESCRIPTION OF THE DCS OPERATION 5.1. A System of Concepts and Notation for the Description of the Operation of DCSs Let us introduce the following notation. def

1. P = PL ∪ Pπ is the set of all processes in the DCS (where, as has already been mentioned above, PL and Pπ are the sets of LE processes and the application pro cesses, respectively). 2. Stop is a fixed process in PL (access to this process stops the process that accessed Stop). 3. A ⊆ PL is the alphabet of atomic processes DE: A = A . i ∈ ᑣ SE i

∪

4. IA is the alphabet of internal actions of the pro cesses in P. 5. FIA : IA A* (A* denotes the set of all words in the alphabet, including the empty word) is a function that assigns to each internal action of the process p a sequence of atomic processes of the SE corresponding to this P. (Informally, this is a compiler image). 6. M is the set of message types that the processes in P can send to each other. For every α ∈ M, a positive integer z(α) is specified that denotes the size of the message α. Each process p in P is assigned the graph of process behavior, which is the fivetuple bhp = (Vp, Rp, rootp, labelp), where (a) (Vp, Rp) is an acyclic graph with the set of verti ces Vp and the reachability relation Rp. The set Vp is called the set of process states. (b) rootp is an element in Vp called the root vertex V of the graph; the root vertex satisfies the relation –1 R p (rootp) = ∅. (c) labelp the labeling function that labels the set of graph vertices (except for the root vertex) by the ele ments of the set S of processor steps (the definition of a processor step is given below); that is, this is a func tion labelp : Vp\{rootp} S. Note that it is sometimes more convenient to label arcs of the transition graph by the process steps. 7. An arbitrary (maybe infinite) path in the graph bhp starting at the root vertex is called the history of the process p. 8. Denote by S the set of steps of the processes in P and define S = M × IA* × M × (PL ∪ Dm ∪ {back}), PROGRAMMING AND COMPUTER SOFTWARE

237

where back is an external symbol. By Sp, we denote the set of steps of the process p ∈ P. The elements of S are called steps. The compo nents of the step s = (αs, qs, βs, ps) have the following names. (a) The component αs ∈ M is called the action mes sage of the step s; it is denoted by inf(s). 1

n

(b) The sequence qs = ( q s , …, q s ) of elements of the set IA is called the sequence of internal actions of the step s; it is denoted by cx(s). (c) The component βs ∈ M is called the response message of the step s. (d) The process ps is said to the process to which s passes the control and the message βs. The pair (βs, ps) is called the response of the step s; it is denoted by rpl(s). The step s = (αs, qs, βs, ps) will be written in the form (αs qs βs, ps) or, briefly, (αs βs, ps) with the sequence of internal actions qs omitted. 9. The graph of the system behavior is defined as the forest BH =

∪ bh . p

p∈P

The set of its vertices is denoted by V =

∪V . p

p∈P

The relationship between the processes in PL and the processes in Pπ is defined as follows. In the behav ior graphs bhp of the processes in PL, the processes of Pπ are represented by the names of application pro cesses Dm. On the set Dm, a function Shd : Dm Pπ is defined, which is called the function associating appli cation processes with the logical environment. Thus, we have 1. The distributed executor DE. 2. {bhp|p ∈ P = PL ∪ Pπ}. Informally, the operation of a DCS is to form his tories of all the processes of P. At the initial time, the control is passed to a certain fixed process p1. At the next time i ∈ {2, …, n}, the process pi is determined on the corresponding SE, which gets control from the preceding step. The process pi forms the step si ∈ S(pi) and then does the following. 1. If pi is not an atomic process (i.e., pi ∉ A), then it passes control to the process pi + 1 whose name is spec ified in the step si (we can say that this process is called). 2. If pi is an atomic process (i.e., pi ∈ A), then it passes control to the process pi – 1 by which it was called.

Vol. 39

No. 5

2013

238

SMELIANSKY

5.2. Cause–Effect Relations on the Set V 5.2.1. Relation on the set V. For each process, denotes the reachability relation on the graph bhp; i.e., =

∪

+ Rp ,

p∈P +

where R p is the transitive closure of the binary relation Rp. 5.2.2. Relation ~ on the set V. For each pair of pro cesses p, q ∈ P and each pair of states sp ∈ Vp, sq ∈ Vq, we say that the pair vp, vq is in the relation ~ (this is denoted by vp ~ vq) if the step sp = labelp(vp) has the form (α β.q) and the step sq = labelq(vq) has the form (β γ.r) (i.e., if the response message at the step sp coincides with the action message at the step sq and sp passes control to the process q). 5.2.3. Relation ⇒ on the set V. The relation ⇒ on the set V is defined as the transitive reflexive closure of the union of the relations and ~. 5.3. Observer The concept of observer is intended to formalize the process of DBS operation. Observers can be distributed or sequential. 5.3.1. Definition of a sequential observer. Denote by PSE the set of processes executed on the sequential executor SE; this is the set –1

P SE = Bind DE ( SE ). Sequential observer associated with the sequential executor SE is a nondeterministic multiple input mul tiple output stack finite state machine (FSM) ObsSE with the components defined as follows. 1. The set of inputs of this FSM coincides with the set ISE. 2. For each input, the set set of input signals is defined as A = (M × V) ∪ {*} , where ∗ is an external symbol. If the signal * is fed at the input i ∈ ISE, then the input i is not initiated, i.e., φSE(i) = 0. If the element (α, v) ∈ M × V is fed, then the input i is initiated and the message α initiated by the step that labels the state v was fed at this input. The set of input signals for all the inputs will be sometimes specified as a map from ISE to A. 3. Stack alphabet is the set Γ = ( P × V ) ∪ { * }, where ∗ is an external symbol. 4. The set of states is the set Q = Z + × P × F, where Z+ ⊆ N ∪ {0}, P' ⊆ P, and the set F is defined by F = { f : PSE V}.

For arbitrary element f ∈ F, process p ∈ PSE, and state v ∈ V, we denote by f [p := u] the element of F defined by ⎧ u, q = p f [ p := u ] ( q ) = ⎨ ⎩ f ( q ), q ≠ p. 5. The set of outputs of this FSM coincides with the set OSE ∪ inf, where inf is an external symbol. 6. For each output o ∈ OSE, the set of output signals is the set B = ( M × V ) ∪ { * }, where ∗ is an external symbol. If the signal * is fed at the output o ∈ OSE, then the output o is not initiated, i.e., χSE(o) = 0. If the element (β, u) ∈ M × V is fed, then the output o is initiated and the message β initi ated by the step that labels the state u was received at this output. The set of output signals for all the outputs in OSE will be sometimes specified as a map from OSE to B. 7. For the output inf, the set of output signals is the set V ∪ {∗}, where ∗ is an external symbol. If the ele ment v ∈ V is fed at the output inf, then a message ini tiated by the state v affected the choice of the current state. 8. The initial state is the element q 0 = ( i 0, p, r ), where i0 is an active input, p ∈ PSE, and r(p) = rootp for all p ∈ PSE. When the FSM starts to operate, its stack contains the symbol ∗. 9. The relation between the transitions and outputs of this FSM is specified by the multifunction I SE

O SE

δ:A ×Q×Γ Q × B × V × Γ*, which assigns to a given set of input signals, state, and the top of the stack new states, set of output signals, and a chain replacing the top of the stack. More details about the relations between the tran sitions and outputs of the FSM ObsSE and a description of the sequential observer operation can be found in [33]. 5.3.2. Definition of an arc observer. Each arc arc = (Iarc, outarc) is assigned an arc observer Obsarc that is a multiple output nondeterministic FSM defined as fol lows. 1. The input alphabet of this observer is the set A = ( M × V ) ∪ { * }, where ∗ is an external symbol. If the element ∗ is fed at the input, then the output outarc is not initiated. If the element (α, v) ∈ M × V is fed, then the output outarc is initiated and the message α initiated by the step that labels the state v was received at this output. 2. The alphabet of the states of this FSM is { READY } ∪ { WAIT, SET } × Z + × A, where READY, WAIT, and SET are external symbols.

PROGRAMMING AND COMPUTER SOFTWARE

Vol. 39

No. 5

2013

MODEL OF DISTRIBUTED COMPUTER SYSTEM

3. The set of inputs of this FSM coincides with the set Iarc. 4. For each output, the set of output signals is B = ( M × V ) ∪ { * }. If the signal ∗ is fed at the input in ∈ ISE, then the input is not initiated. If the element (β, u) ∈ M × V is fed, then the input in is initiated and the message β ini tiated by the step that labels the state u was received at this input. The set of output signals for all the outputs in Iarc will be sometimes specified as a map from Iarc to B. 5. The function of transitions and outputs of this FSM written as

For each process p ∈ P, we define the sequence w(p) (p)

Bind DE

by removing from the sequence q all the states not belonging to the set Vp. The history of the distributed computer system con structed based on the result of operation of the DCS is the graph with two kinds of edges H = ( V, R ) , defined as follows:

of sequential observers associated with each sequential executor included in the distributed executor DE and the arc observers associated with the arcs belonging to its set of arcs. For each sequential executor SEi and the output out ∈ OSE such that there exists an arc arc = (Iarc, out) ∈ EDE, the output out of the sequential observer Obs SEi is closed to the input out of the arc observer Obsarc. For each arc = (Iarc, outarc) ∈ EDE and input in ∈ Iarc, the input in of the arc observer is closed to the input in of the observer Obs SEi of the sequential exec utor SEi such that in ∈ ISE. It follows from the proper ties of the set EDE that these closure operations are cor rect, i.e., not more than one output is closed to one input. Let i ∈ ᑣ. Denote the sequence of states of the observer Obs SEi generated by the operation of the dis tributed executor by q(i) and the sequence of the signals at its output inf by r(i). Let q(i) be (i)

q = v 1 …, v 1, v 2, …, v 2, …. Form the sequence (i) q˜ = v 1, v 2, …, by replacing in q(i) all the subsequences consisting of identical states by one such state. Form the set ˜r ( i ) = { ( q k( i ), r k( i ) ) k ∈ N, r k( i ) ≠ * }. PROGRAMMING AND COMPUTER SOFTWARE

∪

1. V = 2. R

I arc

δ:Q×A Q×B assigns to the current state and input signal the next state and the set of output signals. A description of the function of transitions and outputs can be found in [33]. 5.3.3. Definition of a distributed observer. The distributed observer associated with the dis tributed executor DE = ( { SE i i ∈ ᑣ }, E DE, W DE, I DE, O DE ) is the set Obs DE = { Obs SEi i ∈ ᑣ } ∪ { Obs arc arc ∈ E DE }

239

→ ~

p∈P

w

where

(p)

(i)

R = R

→

∪R

~

,

(p)

= { ( w k , w k + 1 ) p ∈ P, k ∈ N } ,

3. R =

∪

i∈ᑣ

˜r ( i ) .

5.3.4. Construction of the time diagram of the DCS operation. The time diagram of the DCS operation (also called time profile) is the set G = { g i i ∈ ᑣ } of the functions gi : R P × S × IA × A parameterized by the same set ᑣ that was used to parameterize the sequential executors in the DCS (each sequential executor SEi is assigned a special function gi). For each i ∈ ᑣ, the function gi is an ana log of the sequence of steps formed by the sequential observer Obs SEi in the course of SEi operation. The function gi is also constructed in the course of SEi operation. For each time t ∈ [0, T], the components of def

the quadruple gi(t) = (p(t), s(t), q(t), a(t)) have the fol lowing meaning: 1. p(t) is the name of the current process; 2. s(t) ∈ S(p(t)) is the name of the current step; 3. q(t) ∈ IA is the name of the current internal action at the step s(t) (q(t) is the current component of the sequence qs of internal actions at the step s); 4. a(t) ∈ A is the name of the current atomic process (a(t) is the current component of the chain fIA(q(t)) ∈ A*). The algorithm used to construct the function gi (i ∈ ᑣ) is a slight modification of the algorithm of opera tion of the sequential observer Obs SEi that was thor oughly described in [1]. This algorithm, in distinction from the algorithm of Obs SEi , checks the presence of initiated inputs after the execution of each atomic pro cess rather than between the steps s ∈ S. After each check of the existence of initiated inputs, the quadruple (p, s, q, a) ∈ P × S × IA × A is produced in an obvious fashion, and the value of gi on the interval ⎣t, t + v SEi (a)⎦ (where t is the time at which the check was performed) is set to this quadru ple (p, s, q, a). If an initiated input is found, then the sequence of algorithm actions is the same as in the

Vol. 39

No. 5

2013

240

SMELIANSKY

algorithm of Obs SEi (the current quadruple (p, s, q, a) is written to the stack, etc.). Examples of application of the model presented in this paper for the quantitative analysis of DCS opera tion can be found in [3]. 6. CONCLUSIONS A mathematical model of the operation dynamics of distributed computer systems is presented. It describes the operation of both software and hardware. This model provides a theoretical basis for analyzing performance, reliability, consistency, and correctness of operation; it also helps design the architecture of DCSs. In this model, the concept of time as a metric measurable value and as a relation on the set of events (actions of the system) is introduced. The concept of entropy of the execution time in modern processors is introduced, which makes it possible to describe some features of modern processors. A finitely generated partial algebra is constructed that makes it possible to describe the structure of distributed computer systems. REFERENCES 1. Smeliansky, R.L., An invariant of program behavior, Vestn. Mosk. Univ., Ser. 15, Vychisl. Mat. Kibern., 1990, no. 4, pp. 54–60. 2. Smeliansky, R.L., A model of the operation of distrib uted computer systems, Vestn. Mosk. Univ., Ser. 15, Vychisl. Mat. Kibern., 1990, no. 3, pp. 3–21. 3. Smeliansky, R.L., Problems of the development and analysis of the operation of embedded realtime sys tems, in Trudy Pervoi Vserossiiskoi nauchnoi konferentsii po Metodam i sredstvam obrabotki informatsii (Proc. of the 1st AllRussia Conf. on Methods and Means of Information Procesing), Moscow: Mosk. Gos. Univ., 2003, pp. 57–72 [in Russian]. 4. Hoare, C.A.R., Communicating Sequential Processes, Englewood Cliffs, N.J.: Prentice Hall, 1985. 5. Milner, R.A., A calculus of communicatinï systems, Lect. Notes Comput. Sci., vol.2, 1980. 6. Degano, P. and Montanary, U., Distributed systems, partial orderings of events, and event structures, in Con trol Flow and Data Flow: Concepts of Distributed Pro gramming, Berlin: Springer, 1981, pp. 7–106. 7. Nivat, M., Behaviors of Processes and Synchronizing System of Processes. Theoretical Foundations of Pro gramming Methodology, Hingham, Mass.: Reidel, 1982, pp. 473550. 8. Letichevskii, A.A. and Kapitonova, Yu.V., Mathemati cal Theory of Designing Computer Systems, Moscow: Nauka, 1988 [in Russian]. 9. Lamport, L., Formal Model for Parallel and Distrib uted Systems, 2009. http://research.microsoft.com/ enus/um/people/lamport/pubs/pubs.html 10. Olveczky, P., Formal Modeling and Analysis of Distrib uted Systems in Maude 2008. http://folk.uio.no/ peterol/komp081.pdf

11. Clarke, E.M., Jr., Grumberg, O., and Peled, D., Model Checking Cambridge, Mass.: MIT Press, 1999. 12. Lynch, N. and Gilbert, S., Brewer’s conjecture and the feasibility of consistent, available, partitiontolerant web services, ACM SIGACT News, vol. 33, no. 2, 2002, pp. 5159. 13. Brewer, E.A., A certain freedom: Thoughts of the CAP theorem, in Proc. of the 29th ACM SIGACTSIGOPS Symposium on Principles of Distributed Computing, New York: ACM, 2010, Vol. 29, pp. 335336. 14. Bakhmurov, A.G. and Smeliansky, R.L., DYANA  the pilot project of investigation of distributed programs and computer systems, in Proc. of the 2nd Russian Turkish Seminar on New High Information Technologies, Gebre, Turkey, 1994. 15. Smeliansky, R.L. and Bakhmurov, A.G., DYANA: An environment for distributed system design and analysis, in Proc. of the VII Int. Workshop on Parallel Processing by Cellular Automata and Arrays, Parcella 96, Berlin, 1996, pp. 85–92. 16. Bakhmurov, A., Kapitonova, A., and Smeliansky, R., DYANA: An environment for embedded system design and analysis, in Proc. of the 5th Int. Conf. TACAS'99, Amsterdam, 1999, Lect. Notes Comput. Sci., 1999, vol.1579, pp. 390–404. 17. Smeliansky, R.L., Chistolinov, M.V., Bakhmurov, A.G., and Zakharov, V.A., On the international project of embedded systems verification, in Software Systems and Tools: Special Issue of the Department of Computational Mathematics and Cybernetics, Moscow State University, Moscow: MAKS Press, 2000, no. 1, pp. 24–30 [in Rus sian]. 18. Chistolinov, M.V. and Bakhmurov, A.G., Simulation environment of multiprocessor computer systems, in Software Systems and Tools: Special Issue of the Depart ment of Computational Mathematics and Cybernetics, Moscow State University, Moscow: MAKS Press, 2000, no. 1, pp. 42–47 [in Russian]. 19. Kazakov, Yu.P. and Smeliansky, R.L., On the organiza tion of distrubuted simulation Programmirovanie, 1994, no. 2, pp. 45–64. 20. Kapitonova, A.P. Smeliansky, R.L., and Terekhov, I.V., A system for evaluating the time characteristics of pro grams: Architecture and implementation, in Software and Hardware of Computer Systems, Moscow: Mosc. Gos. Univ., 1994, pp. 92–103. 21. Balashov, V.V., Kapitonova, A.P., Kostenko, V.A., and Smeliansky, R.L., Methodology and Tools for Predict ing the Execution Time of Optimized Programs, Progr. Comput. Software, 1999, vol. 25, no. 5, pp. 282–289. 22. Kostenko, V.A., Scheduling algorithms for realtime computer systems admitting the use of simulation mod els, Progr. Comput. Software, 2013, vol. 39, no. 5. 23. Podgornyi, S.A. and Smeliansky, R.L., On the study of designing the structure of computer systems based on program behavior, in Issues of Software Organization and Decision Making, Moscow: Mosc. Gos. Univ., 1993 [in Russian]. 24. Kostenko, V.A., Romanov, V.G., and Smeliansky, R.L. An algorithm for minimization of hardware resources in computer systems, Iskusstvennyi Intellect (Artificial Intelligence), Donetsk: 2000, no. 2, pp. 383–388.

PROGRAMMING AND COMPUTER SOFTWARE

Vol. 39

No. 5

2013

MODEL OF DISTRIBUTED COMPUTER SYSTEM 25. Kostenko, V.A., Smeliansky, R.L., and Trekin, A. G., Genetic Algorithms: Designing the structure of com puter systems, in Abstracts of the AllRussia Conf. on Fundamental and Applied Aspects of Designing Large Scale Distributed Software Systems, Moscow: Mosc. Gos. Univ., 1998, pp. 35–41 [in Russian]. 26. Kostenko, V.A., Smelyanskii, R. L., and Trekin, A. G., Synthesizing structures of realtime computer systems using genetic algorithms, Progr. Comput. Software, 2000, vol. 26, no. 5, pp. 281–288. 27. Kostenko, V., Methods of schedule construction at joint hardware and software design of computing sys tems, in Abstracts of the 3rd Moscow Int. Conf. on Oper ations Research (ORM2001), Moscow, 2001, pp. 60–61. 28. Bakalov, Yu.V. and Smeliansky, R.L., A Language for specification of the behavior of distributed programs, Progr. Comput. Software, 1996, vol. 22, no. 5, pp. 233– 240. 29. Zakharov, V.A. and Tsarkov, D.V., Efficient model checking algorithms for the computation tree logic and their application to the verification of parallel programs Progr. Comput. Software, 1998, vol. 24, no. 4, pp. 151– 161. 30. Bakhmurov, A.G., Balashov, V.V., Pashkov, V.N., Sme liansky, R.L., and Volkanov, D.Yu., Method for choos ing an effective set of fault tolerance mechanisms for realtime embedded systems based on simulation mod eling, in Problems of Dependability and Modelling, Ed. Mazurkiewicz, J., Wroclaw : Oficyna Wydawnicza Politechniki Wroclawskiej, 2011. p. 1326. 31. Volkanov, D.Yu., Baula, V.G., and Tomilin, A.N., Com puter Architecture and Operating Environments, Ìoscow: Akademiya, 2011 [in Russian]. 32. Kornykhin, E.V., Development of Test Programs for Verifying Memory Management in Microprocessors, Cand. Sci. (Phys. and Math.) Dissertation, Moscow: Department of Computational Mathematics and Cybernetics, Moscow State University, 2010. 33. Smeliansky, R.L., On the theory of operation of distrib uted computer systems, in Trudy mezdunarodnoi kon ferentsii “Parallel’nye vychisleniya I zadachi upravleniya (Proc. of the Int. Conf. On Parallel Computations and Control Problems), Moscow: Inst. Problem Upravleniya, Russ. Akad. Nauk, 2001, pp. 161–182 [in Russian].

FIGURE CAPTIONS Fig. 1. Fig. 2. Fig. 3. Fig. 4.

Translated by A. Klimontovich PROGRAMMING AND COMPUTER SOFTWARE

Vol. 39

No. 5

2013

241