This presentation is the property of its rightful owner.
1 / 13

# CS603 Clock Synchronization PowerPoint PPT Presentation

CS603 Clock Synchronization. February 4, 2002. What is the best we can do? Lundelius and Lynch ‘84. Assumptions: No failures No drift Fully connected network of n nodes Uncertainty of ε in message delivery time Best guarantee: ε (1 – 1/ n ) This is a tight lower bound.

CS603 Clock Synchronization

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

## CS603Clock Synchronization

February 4, 2002

### What is the best we can do?Lundelius and Lynch ‘84

• Assumptions:

• No failures

• No drift

• Fully connected network of n nodes

• Uncertainty of ε in message delivery time

• Best guarantee:

• ε(1 – 1/n)

• This is a tight lower bound

### Lower bound proof

• Idea: Based on view of each node

• Views indistinguishable even if real time not the same

• Shift execution of a node relative to real time

• Shift of global view and local view equivalent if message delays changed

• Can always shift by at least ε(1 – 1/n) without changing local views

### Proof: Induction

• Clocks synchronized to within γ

• Assume messages one way take time μ, return takes time μ+ε (e1)

• Induction: Assume node i-1 sends with delay μ, receives with delay μ+ε

• Shift processes < i by ε

• Let V1,…,Vn be local times at termination of e1.

• In e1, Vn ≤ V1 + γ

• In ei, Vi-1 ≤ Vi + y – ε

• ∑ Vi ≤ ∑ Vi+nγ – (n-1) ε

• (n-1) nγ

• γ ≥ ε(1-1/n)

### Synchronization with Faulty Clocks(Dolev, Halpern, Strong ‘84)

• Problem: What if some sites are really bad?

• Notation

• C: Logical clock

• D: Physical clock

• C = D + TAR

• Δ: Uncertainty in message delay

• C(t), D(t) – value of clock at REAL time t

### Assumptions

• Fully connected, but not necessarily complete

• Recipient knows source of message

• Given nodes p,q; H(p,q) and L(p,q) are upper/lower bounds on transmission time

• ρ is min(H/L)

• A real time frame (not directly observable)

• Correct physical clock has bounded drift rate: R such that time u>v, (1/R)(u-v) ≤ D(u)-D(v) ≤ R(U-v)

• Correct processor has correct clock, implements algorithm

• No assumptions on behavior of faulty processor

• Don’t care if faulty processor knows correct time

• All processors start within time B (can easily show B ≤ R(n-1)H)

### Weak Synchronization

• Weak Clock Synchronization Condition: Constants PER, DMAX, ADJ such that:

• TAR changes only at times that are multiples of PER by amount less than ADJ

• Difference between clocks bounded by DMAX

• Theorem: There is an algorithm that achieves WCSC, independent of faults, for which C(t) is unbounded

• Proof: Set TAR(t’) = logPER(D(t))-D(t)

### Real clock synchronization

• Changes occur only first time C reads iPER

• If change when C(t)=iPER, then C(t’) ≠ iPER  t’<t

• Gives Linear Envelope Synchronization:

• at+b < C(t) < ct+d, a>0

• Theorem:Linear Envelope Synchronization impossible if  1/3 processors faulty

### Proof Sketch

• Construct algorithm that forces a correct processor to run at rate greater than aρn

• Idea: faulty processor p uses one algorithm for processor q, other for others

• Two-faced behavior

• Can’t tell which is two-faced

• Correct processor caught in the middle – follow fast clock or slow clock?

### Three-processor case (p, q, r)

• Assume algorithm A synchronizes in time N and tolerates one fault

• F0 = A

• Fm+1: p pretends its clock runs at ρ times q’s rate

• p pretends r sends messages soCp(t) > aρmDp(t)+b-mDMAX

• Fm gives these messages

• q cannot distinguish from case where p’s clock is fast, r is sending p messages according to Fm

• Cq(t) > Cp(t) – DMAX> aρmDp(t) + b – (m+1) DMAX= aρm+1Dq(t)+b-(m+1) DMAX (since Dp(t) = ρDq(t)

### Possibility(Fischer, Lynch, Merritt)

• If no uncertainty in message delay, f faulty, can do with 2f+1 processors

• Send messages to all neighbors

• Send all messages back

• Round trip gives time

• Faulty processor will be detected if it tries to be worse than round-trip time

• Messages out of order

### Possibility(Dolev Halpern Simons Strong)

• We CAN do better

• Requires authentication

• Assumptions:

• Messages will be received with bounded delay

• Bounded drift

• Digital signature

• If p has set of messages M at time t with more than f distinct signers, one signer was correct at time signed

• 2ρ(f+1) < 1

• Key: Synchronization time known in advance

• At time, send signed “time is now”

• If receive f+1 messages saying “time is now” before getting to that time, update local time

### Recruiting Bulletin

• Harris Corporation is in the CS lobby until 3pm today