Feasibility of Stepwise Addition of Multitolerance to High Atomicity Programs

We present sound and (deterministically) complete algorithms for stepwise design of two families ofmultitolerant programs in a high atomicity program model, where a program can read and write all itsvariables in an atomic step. We illustrate that if one needs to add failsafe (respectively, nonmasking)fault-tolerance to one class of faults and masking fault-tolerance to another class of faults, then such anaddition can be done in separate polynomial-time (in the state space of the fault-intolerant program)steps regardless of the order of addition. This result has a significant methodological implication inthat designers need not be concerned about unknown fault tolerance requirements that may arise due tounanticipated types of faults. Further, we illustrate that if one needs to add failsafe fault-tolerance to oneclass of faults and nonmasking fault-tolerance to a different class of faults, then the resulting problemis NP-complete in program state space. This is a counterintuitive result in that adding failsafe andnonmasking fault-tolerance to the same class of faults can be done in polynomial time. We also presentsufficient conditions for polynomial-time addition of failsafe-nonmasking multitolerance to programs.Finally, we demonstrate the stepwise addition of multitolerance in the context of a token ring protocoland a repetitive agreement protocol that is subject to Byzantine and transient faults.