We define the notion of self-recoverability such that a self-recoverable protocol is capable of resuming its normal operation in a finite time after a loss of synchronization caused by a message loss/duplication/corruption, a loss of send-receive symmetry or a process failure and recovery. We present a construction method starting from a finite state protocol which yields a self-recoverable protocol that can tolerate a loss of synchronization due to one of the above transient faults. Our construction imposes very little overhead on the protocol to make it self-recoverable in the sense that the constructed protocol during normal operation does not require any extra send, receive or internal events, except for a timer to monitor for timeout events and a piggybacking of a message identifier for some send transitions, as long as the protocol continues its normal operation. We prove that the constructed protocol ensures self-recoverability while satisfying the same specification as the given protocol.
展开▼
