Building the fault-tolerant infrastructure that lets communities deploy AI safely at the network edge.
The planning algorithms, state estimation methods, and explainability frameworks described across our other research areas all share one assumption: there is a reliable computational platform underneath them. In practice, that assumption is the hardest part to satisfy. When an AI-powered dispatch system runs at the edge — inside a transit vehicle, on a substation controller, aboard a spacecraft — it operates in an environment where networks are unreliable, sensors fail, hardware resources are constrained, and software faults can cascade into safety hazards. An optimal planning algorithm is worthless if the middleware hosting it crashes and takes the transit command center offline.
Our systems research builds the infrastructure layer that makes it possible to deploy decision-making algorithms safely in real-world cyber-physical systems — from safety-critical avionics to distributed smart grid controllers to city-scale transit platforms.
Our work in this area began with a fundamental question in safety-critical computing: how do you build software for systems where a missed deadline or an uncontained fault can be catastrophic?
The aerospace industry standardized on ARINC-653 as the partitioning model for safety-critical avionics — it provides strict temporal and spatial isolation between software applications running on shared hardware, ensuring that a fault in one partition cannot corrupt another. But ARINC-653 alone doesn’t tell you how to compose complex applications from reusable parts, or how to reason about the behavior of composed systems.
Our ARINC-653 component model addressed this by bridging the CORBA Component Model (CCM) with ARINC-653 partitioning semantics. We defined formal semantics for component interactions in hard real-time systems — specifying exactly what happens when components communicate synchronously or asynchronously across partition boundaries, with timing constraints expressed as timed transition graphs. This formalization enables developers to compose safety-critical applications from modular, reusable components while rigorously verifying that timing and isolation properties hold in the assembled system. The accompanying model-driven development environment automates code generation and deployment configuration, reducing the manual effort and error-prone boilerplate that dominate traditional avionics software development.
This work was directly applied in the DARPA System F6 program for fractionated spacecraft — clusters of independent satellite modules that interact wirelessly to perform missions traditionally handled by monolithic satellites. The F6 software platform extended our component model to handle the extreme challenges of space: highly fluctuating wireless connectivity between modules, the need for autonomous fault management without ground intervention, and multi-level security requirements when different organizations share the same spacecraft cluster. The layered architecture — a secure real-time operating system, a middleware layer supporting publish-subscribe and request-response interactions, and a component model for application structuring — established patterns we would reuse across every subsequent platform.
The DREMS toolchain generalized these ideas into a wide-spectrum architecture design language for distributed real-time embedded systems, providing a unified modeling environment where system architects specify component structures, deployment configurations, and real-time scheduling policies, then generate the infrastructure code needed to realize them. CHARIOT pushed further into IoT, introducing goal-driven orchestration middleware that autonomously manages edge applications — handling deployment, failure avoidance, failure recovery, and incremental updates using satisfiability modulo theory (SMT) solvers to compute optimal system configurations at runtime.
The component-based, fault-tolerant architecture principles developed for aerospace found a new and urgent application in distributed energy systems. Microgrids — small-scale power networks that can operate independently or connected to the main grid — need distributed control algorithms running on heterogeneous embedded controllers scattered across a physical site. These controllers must coordinate in real time, tolerate node failures, and maintain stability even when communication is intermittent.
RIAPS (Resilient Information Architecture Platform for Smart Grid), now a Linux Foundation project, provides exactly this infrastructure. Built on the component-based design philosophy from our earlier work, RIAPS gives microgrid developers a design-time tool suite for composing distributed control algorithms and a runtime platform that handles the hard systems problems: component lifecycle management, publish-subscribe messaging with quality-of-service guarantees, automatic failure detection and recovery, and Byzantine fault tolerance.
The fault-tolerance design within RIAPS deserves particular attention. In a decentralized power system, some nodes may fail, behave erratically, or even be compromised — and the system must continue to make correct control decisions despite this. Our approach integrates consensus protocols that tolerate Byzantine faults (nodes that may send conflicting information to different peers) with the component framework, so that distributed control algorithms automatically benefit from fault tolerance without requiring application developers to implement it from scratch. This has been validated on real microgrid testbeds where RIAPS supports distributed secondary voltage control, achieving synchronized and proportional compensation of voltage unbalance using distributed generators.
Two additional platforms address challenges that arise when distributed CPS must coordinate economic transactions or share computational resources across metropolitan-scale networks.
TRANSAX provides transactional guarantees for peer-to-peer energy trading between microgrids and buildings. When one node initiates a power trade and communication fails midway, the system must either complete or abort the trade atomically — leaving one party delivering energy without compensation is both financially and physically dangerous. TRANSAX uses blockchain-based mechanisms to ensure that energy exchanges are atomic, consistent, and auditable, enabling trustworthy decentralized energy markets without requiring a central clearinghouse.
MODiCuM extends decentralized coordination to computation itself — providing mechanisms for outsourcing computation via a decentralized market. In city-scale CPS where edge devices have varying computational capacity, MODiCuM enables nodes to bid on and execute computational tasks with verifiable correctness guarantees, addressing the challenge of running demanding AI algorithms on resource-constrained edge hardware.
The progression from ARINC-653 component models through F6 spacecraft platforms through RIAPS smart grid middleware through CHARIOT IoT orchestration reflects a consistent research program: building the reliable, composable, fault-tolerant infrastructure that complex AI-driven CPS require. Each platform was motivated by a concrete deployment challenge — avionics certification, spacecraft autonomy, microgrid resilience, IoT management — but the underlying principles carry across: component-based composition with formal semantics, autonomous fault management, Byzantine fault tolerance, and model-driven development that reduces the gap between system design and deployed code.
These platforms are what make it possible to take the planning algorithms, state estimation methods, and decision-support systems developed in our other research areas and run them reliably in the real world — on transit vehicles, in substations, at the network edge — where “the server went down” is not an acceptable explanation for a missed emergency dispatch or an unstable power grid.
Selected Publications:
@article{Dubey2011,
author = {Dubey, Abhishek and Karsai, Gabor and Mahadevan, Nagabhushan},
journal = {Softw., Pract. Exper.},
title = {A component model for hard real-time systems: {CCM} with {ARINC-653}},
year = {2011},
number = {12},
pages = {1517--1550},
volume = {41},
bibsource = {dblp computer science bibliography, https://dblp.org},
biburl = {https://dblp.org/rec/bib/journals/spe/DubeyKM11},
contribution = {lead},
doi = {10.1002/spe.1083},
file = {:Dubey2011-A_component_model_for_hard_real-time_systems_CCM_with_ARINC-653.pdf:PDF},
keywords = {component-based development, hard real-time systems, ARINC-653, CORBA, model-based design, middleware},
project = {cps-reliability,cps-middleware},
tag = {platform},
timestamp = {Sun, 28 May 2017 01:00:00 +0200},
url = {https://doi.org/10.1002/spe.1083},
what = {This paper presents a component model for hard real-time systems that extends the CORBA Component Model with ARINC-653 partitioning concepts to enable safe composition of components in critical systems. The work develops a middleware layer that bridges component-based software development with real-time operating system constraints through implementation of CORBA concepts on ARINC-653 partitions. It includes a modeling environment using Model Integrated Computing tools that enables developers to specify component assemblies and automatically generate deployment configurations and timing analysis.},
why = {The increasing complexity of real-time systems and the need for component reusability create tension with the strict isolation and timing requirements of safety-critical systems. This work innovates by demonstrating how standard component middleware concepts can be adapted to operate within hard real-time constraints while maintaining system safety properties. The model-based approach enables design-time verification of system properties while allowing developers to leverage familiar component-based development paradigms.},
results = {The framework successfully implements CORBA component semantics on top of ARINC-653 partitions using less than 15,000 lines of C++ code, demonstrating practical feasibility of the approach. Case studies with GPS example components show that the system can generate code that respects timing constraints while enabling component reuse. The modeling environment successfully captures real-time properties and enables design-time verification of system assemblies before deployment.},
project_tags = {middleware, CPS}
}
Size and complexity of software in safety critical system is increasing at a rapid pace. One technology that can be used to mitigate this complexity is component-based software development. However, in spite of the apparent benefits of a component-based approach to development, little work has been done in applying these concepts to hard real time systems. This paper improves the state of the art by making three contributions: (1) we present a component model for hard real time systems and define the semantics of different types of component interactions; (2) we present an implementation of a middleware that supports this component model. This middleware combines an open source CORBA Component Model (CCM) implementation (MICO) with ARINC-653: a state of the art RTOS standard, (3) finally; we describe a modeling environment that enables design, analysis, and deployment of component assemblies. We conclude with a discussion of lessons learned during this exercise. Our experiences point towards extending both the CCM as well as revising the ARINC-653.
@inproceedings{Dubey2012,
author = {Dubey, Abhishek and {Emfinger}, W. and {Gokhale}, A. and {Karsai}, G. and {Otte}, W. R. and {Parsons}, J. and {Szabo}, C. and {Coglio}, A. and {Smith}, E. and {Bose}, P.},
booktitle = {2012 IEEE Aerospace Conference},
title = {A software platform for fractionated spacecraft},
year = {2012},
month = mar,
pages = {1-20},
category = {conference},
contribution = {lead},
doi = {10.1109/AERO.2012.6187334},
file = {:Dubey2012-A_software_platform_for_fractionated_spacecraft.pdf:PDF},
issn = {1095-323X},
keywords = {component models, formal semantics, ARINC-653, real-time systems, timed transition graphs, safety-critical systems},
tag = {platform},
what = {This technical report presents formalization of component models for real-time systems based on ARINC-653 semantics. The work develops timed transition graphs and formal semantic specifications for component interactions in safety-critical real-time systems, enabling rigorous reasoning about system properties.},
why = {Component-based software development requires formal specifications to ensure correctness in safety-critical applications. This work is innovative in providing formal semantics for real-time component interactions, enabling derivation of system-level properties and supporting rigorous verification of composed systems.},
results = {The formalization captures component port execution semantics, synchronous and asynchronous interactions, and deadline constraints through timed transition traces. The approach enables formal reasoning about component assemblies and supports derivation of system-level fault propagation templates for health management.},
project_tags = {CPS, scalable AI}
}
A fractionated spacecraft is a cluster of independent modules that interact wirelessly to maintain cluster flight and realize the functions usually performed by a monolithic satellite. This spacecraft architecture poses novel software challenges because the hardware platform is inherently distributed, with highly fluctuating connectivity among the modules. It is critical for mission success to support autonomous fault management and to satisfy real-time performance requirements. It is also both critical and challenging to support multiple organizations and users whose diverse software applications have changing demands for computational and communication resources, while operating on different levels and in separate domains of security. The solution proposed in this paper is based on a layered architecture consisting of a novel operating system, a middleware layer, and component-structured applications. The operating system provides primitives for concurrency, synchronization, and secure information flows; it also enforces application separation and resource management policies. The middleware provides higher-level services supporting request/response and publish/subscribe interactions for distributed software. The component model facilitates the creation of software applications from modular and reusable components that are deployed in the distributed system and interact only through well-defined mechanisms. Two cross-cutting aspects - multi-level security and multi-layered fault management - are addressed at all levels of the architecture. The complexity of creating applications and performing system integration is mitigated through the use of a domain-specific model-driven development process that relies on a dedicated modeling language and its accompanying graphical modeling tools, software generators for synthesizing infrastructure code, and the extensive use of model-based analysis for verification and validation.
@article{Balasubramanian2015,
author = {Balasubramanian, Daniel and Dubey, Abhishek and Otte, William and Levendovszky, Tihamer and Gokhale, Aniruddha S. and Kumar, Pranav Srinivas and Emfinger, William and Karsai, Gabor},
journal = {Sci. Comput. Program.},
title = {{DREMS} {ML:} {A} wide spectrum architecture design language for distributed computing platforms},
year = {2015},
pages = {3--29},
volume = {106},
bibsource = {dblp computer science bibliography, https://dblp.org},
biburl = {https://dblp.org/rec/bib/journals/scp/Balasubramanian15},
contribution = {colab},
doi = {10.1016/j.scico.2015.04.002},
file = {:Balasubramanian2015-DREMS_ML_A_wide_spectrum_architecture_design_language_for_distributed_computing_platforms.pdf:PDF},
keywords = {architecture description language, distributed systems, real-time embedded systems, model-driven development, scheduling analysis},
project = {cps-middleware},
tag = {platform},
timestamp = {Sat, 27 May 2017 01:00:00 +0200},
url = {https://doi.org/10.1016/j.scico.2015.04.002},
what = {This paper presents DREMS ML, a wide-spectrum architecture description language designed for distributed real-time embedded systems. The language integrates support for component abstractions, scheduling properties, and network characteristics through domain-specific modeling concepts. The work addresses multi-paradigm challenges in describing distributed applications where elements at different abstraction levels must coexist.},
why = {Developing distributed real-time embedded systems requires integrated modeling of application structure, scheduling, and network characteristics, but existing languages provide incomplete support. DREMS ML is innovative because it provides a unified modeling environment that addresses inherent challenges in specifying properties spanning multiple concerns including security, timing, and resource allocation. The language supports correct-by-construction development through automated analysis.},
results = {DREMS ML successfully models distributed real-time applications including scheduling analysis with CPN, network bandwidth analysis, and security properties. The language enables automatic generation of deployment configuration files and analysis of system properties. Case studies demonstrate the language's ability to capture complex application architectures while supporting design-time verification.},
project_tags = {CPS, middleware, Explainable AI}
}
Complex sensing, processing and control applications running on distributed platforms are difficult to design, develop, analyze, integrate, deploy and operate, especially if resource constraints, fault tolerance and security issues are to be addressed. While technology exists today for engineering distributed, real-time component-based applications, many problems remain unsolved by existing tools. Model-driven development techniques are powerful, but there are very few existing and complete tool chains that offer an end-to-end solution to developers, from design to deployment. There is a need for an integrated model-driven development environment that addresses all phases of application lifecycle including design, development, verification, analysis, integration, deployment, operation and maintenance, with supporting automation in every phase. Arguably, a centerpiece of such a model-driven environment is the modeling language. To that end, this paper presents a wide-spectrum architecture design language called DREMS ML that itself is an integrated collection of individual domain-specific sub-languages. We claim that the language promotes “correct-by-construction” software development and integration by supporting each individual phase of the application lifecycle. Using a case study, we demonstrate how the design of DREMS ML impacts the development of embedded systems.
@article{Pradhan2018,
author = {Pradhan, Subhav and Dubey, Abhishek and Khare, Shweta and Nannapaneni, Saideep and Gokhale, Aniruddha and Mahadevan, Sankaran and Schmidt, Douglas C. and Lehofer, Martin},
journal = {ACM Trans. Cyber-Phys. Syst.},
title = {CHARIOT: Goal-Driven Orchestration Middleware for Resilient IoT Systems},
year = {2018},
issn = {2378-962X},
month = jun,
number = {3},
volume = {2},
address = {New York, NY, USA},
articleno = {16},
contribution = {lead},
doi = {10.1145/3134844},
issue_date = {July 2018},
keywords = {IoT systems, edge computing, middleware, autonomous management, constraint solving, service reliability},
numpages = {37},
project = {cps-middleware,cps-reliability},
publisher = {Association for Computing Machinery},
tag = {ai4cps,platform},
url = {https://doi.org/10.1145/3134844},
what = {This paper introduces CHARIOT, a goal-driven orchestration middleware designed for resilient IoT systems managing edge computing resources. CHARIOT provides a three-layer architecture comprising a design layer with system description language, a data layer with persistent storage, and a management layer with autonomous reconfiguration engines. The system uses Satisfiability Modulo Theories solvers to dynamically compute optimal system configurations that satisfy both functional requirements and resource constraints.},
why = {CHARIOT addresses critical challenges in edge computing where resource availability is dynamic and unpredictable, requiring autonomous management without centralized control. Traditional cloud-based approaches fail for IoT systems with resource constraints and distributed nature. This work is innovative because it combines formal constraint solving with practical middleware to enable self-adaptive systems that maintain service availability despite component failures and changing conditions.},
results = {The paper demonstrates CHARIOT's effectiveness through a smart parking system case study that automatically manages edge node deployments and handles resource-constrained conditions. The system successfully allocated virtual machines to edge nodes based on predicted workload demands, adapted to node failures through dynamic reconfiguration, and maintained service availability despite resource fluctuations. Experiments showed the middleware could efficiently compute optimal configurations within required time constraints.},
project_tags = {middleware, CPS, emergency}
}
An emerging trend in Internet of Things (IoT) applications is to move the computation (cyber) closer to the source of the data (physical). This paradigm is often referred to as edge computing. If edge resources are pooled together, they can be used as decentralized shared resources for IoT applications, providing increased capacity to scale up computations and minimize end-to-end latency. Managing applications on these edge resources is hard, however, due to their remote, distributed, and (possibly) dynamic nature, which necessitates autonomous management mechanisms that facilitate application deployment, failure avoidance, failure management, and incremental updates. To address these needs, we present CHARIOT, which is orchestration middleware capable of autonomously managing IoT systems consisting of edge resources and applications.CHARIOT implements a three-layer architecture. The topmost layer comprises a system description language, the middle layer comprises a persistent data storage layer and the corresponding schema to store system information, and the bottom layer comprises a management engine that uses information stored persistently to formulate constraints that encode system properties and requirements, thereby enabling the use of satisfiability modulo theory solvers to compute optimal system (re)configurations dynamically at runtime. This article describes the structure and functionality of CHARIOT and evaluates its efficacy as the basis for a smart parking system case study that uses sensors to manage parking spaces.
@article{Tu2019,
author = {{Tu}, H. and {Du}, Y. and {Yu}, H. and Dubey, Abhishek and {Lukic}, S. and {Karsai}, G.},
journal = {IEEE Transactions on Industrial Electronics},
title = {Resilient Information Architecture Platform for the Smart Grid (RIAPS): A Novel Open-Source Platform for Microgrid Control},
year = {2019},
issn = {1557-9948},
pages = {1-1},
contribution = {colab},
doi = {10.1109/TIE.2019.2952803},
file = {:Tu2019-Resilient_Information_Architecture_Platform_for_the_Smart_Grid(RIAPS)_A_Novel_Open-Source_Platform_for_Microgrid_Control.pdf:PDF},
keywords = {RIAPS, microGrid control, distributed control, smart grid, real-time systems, middleware},
project = {cps-middleware,cps-reliability,smart-energy},
tag = {decentralization,power},
what = {This paper introduces RIAPS (Resilient Information Architecture Platform for Smart Grid), an open-source platform for microGrid distributed control applications. The work provides a comprehensive architecture for implementing distributed microGrid control algorithms on heterogeneous hardware using a component-based development model with built-in real-time capabilities.},
why = {Microgrids require distributed control systems that coordinate voltage and frequency regulation across multiple distributed generators. Existing platforms either focus on simulation or lack the real-time capabilities and fault tolerance needed for practical deployment. RIAPS provides a complete platform with design-time tools and runtime services for distributed control while maintaining hard real-time deadlines.},
results = {The paper demonstrates RIAPS capabilities through implementation of distributed frequency and voltage regulation for microgrids. Results show synchronization and proportional power sharing among distributed generators with millisecond-level control action execution. The platform successfully demonstrates integrated simulation and hardware-in-the-loop testing of distributed microGrid control.},
project_tags = {energy, middleware, CPS}
}
Microgrids are seen as an effective way to achieve reliable, resilient, and efficient operation of the power distribution system. Core functions of the microgrid control system are defined by the IEEE standard 2030.7; however, the algorithms that realize these functions are not standardized, and are a topic of research. Furthermore, the corresponding controller hardware, operating system, and communication system to implement these functions vary significantly from one implementation to the next. In this paper, we introduce an open-source platform, Resilient Information Architecture Platform for the Smart Grid (RIAPS), ideally suited for implementing and deploying distributed microgrid control algorithms. RIAPS provides a design-time tool suite for development and deployment of distributed microgrid control algorithms. With support from a number of run-time platform services, developed algorithms can be easily implemented and deployed into real microgrids. To demonstrate the unique features of RIAPS, we propose and implement a distributed microgrid secondary control algorithm capable of synchronized and proportional compensation of voltage unbalance using distributed generators. Test results show the effectiveness of the proposed control and the salient features of the RIAPS platform.
@article{GHOSH2020101759,
author = {Ghosh, Purboday and Eisele, Scott and Dubey, Abhishek and Metelko, Mary and Madari, Istvan and Volgyesi, Peter and Karsai, Gabor},
journal = {Journal of Systems Architecture},
title = {Designing a decentralized fault-tolerant software framework for smart grids and its applications},
year = {2020},
issn = {1383-7621},
pages = {101759},
volume = {109},
contribution = {minor},
doi = {https://doi.org/10.1016/j.sysarc.2020.101759},
keywords = {Component, Fault tolerance, Distributed systems, Smart grid},
tag = {platform},
url = {http://www.sciencedirect.com/science/article/pii/S1383762120300539}
}
The vision of the ‘Smart Grid’ anticipates a distributed real-time embedded system that implements various monitoring and control functions. As the reliability of the power grid is critical to modern society, the software supporting the grid must support fault tolerance and resilience of the resulting cyber-physical system. This paper describes the fault-tolerance features of a software framework called Resilient Information Architecture Platform for Smart Grid (RIAPS). The framework supports various mechanisms for fault detection and mitigation and works in concert with the applications that implement the grid-specific functions. The paper discusses the design philosophy for and the implementation of the fault tolerance features and presents an application example to show how it can be used to build highly resilient systems.
@inproceedings{Laszka2018,
author = {Laszka, Aron and Eisele, Scott and Dubey, Abhishek and Karsai, Gabor and Kvaternik, Karla},
booktitle = {24th {IEEE} International Conference on Parallel and Distributed Systems, {ICPADS} 2018, Singapore, December 11-13, 2018},
title = {{TRANSAX:} {A} Blockchain-Based Decentralized Forward-Trading Energy Exchanged for Transactive Microgrids},
year = {2018},
pages = {918--927},
acceptance = {37.7},
bibsource = {dblp computer science bibliography, https://dblp.org},
biburl = {https://dblp.org/rec/bib/conf/icpads/LaszkaEDKK18},
category = {selectiveconference},
contribution = {lead},
doi = {10.1109/PADSW.2018.8645001},
file = {:Laszka2018-TRANSAX_A_Blockchain-Based_Decentralized_Forward-Trading_Energy_Exchanged_for_Transactive_Microgrids.pdf:PDF},
keywords = {transactive energy, blockchain, smart contracts, energy trading, microgrids},
project = {transactive-energy,cps-blockchains},
tag = {decentralization,power},
timestamp = {Wed, 16 Oct 2019 14:14:56 +0200},
url = {https://doi.org/10.1109/PADSW.2018.8645001},
what = {This paper presents TRANSAX, a blockchain-based decentralized energy trading platform for transactive microgrids that addresses three key challenges: privacy protection through encrypted transactions, resilience through distributed ledgers, and efficient resource allocation using smart contracts and linear programming. The system enables individual prosumers to autonomously trade energy with neighbors while maintaining system safety constraints and grid stability.},
why = {Transactive energy systems require mechanisms for distributed market participants to coordinate energy production and consumption without centralized control, but face challenges with privacy, reliability, and fair resource allocation. TRANSAX is innovative because it combines blockchain-based distributed ledgers for trust and transparency with optimization algorithms for efficient matching, enabling scalable transactive energy markets suitable for microgrids.},
results = {TRANSAX successfully enabled forward energy trading among distributed participants with multiple time horizons and flexible resource constraints. The platform maintained system stability by enforcing feeder capacity constraints while maximizing total energy traded. Smart contracts verified transaction feasibility before blockchain execution, and the hybrid solver architecture solved large-scale resource allocation problems efficiently.},
project_tags = {energy, planning}
}
Power grids are undergoing major changes due to rapid growth in renewable energy and improvements in battery technology. Prompted by the increasing complexity of power systems, decentralized IoT solutions are emerging, which arrange local communities into transactive microgrids. The core functionality of these solutions is to provide mechanisms for matching producers with consumers while ensuring system safety. However, there are multiple challenges that these solutions still face: privacy, trust, and resilience. The privacy challenge arises because the time series of production and consumption data for each participant is sensitive and may be used to infer personal information. Trust is an issue because a producer or consumer can renege on the promised energy transfer. Providing resilience is challenging due to the possibility of failures in the infrastructure that is required to support these market based solutions. In this paper, we develop a rigorous solution for transactive microgrids that addresses all three challenges by providing an innovative combination of MILP solvers, smart contracts, and publish-subscribe middleware within a framework of a novel distributed application platform, called Resilient Information Architecture Platform for Smart Grid. Towards this purpose, we describe the key architectural concepts, including fault tolerance, and show the trade-off between market efficiency and resource requirements.
@inproceedings{eisele2020mechanisms,
author = {Eisele, Scott and Eghtesad, Taha and Troutman, Nicholas and Laszka, Aron and Dubey, Abhishek},
booktitle = {14TH ACM International Conference on Distributed and Event Based Systems},
title = {Mechanisms for Outsourcing Computation via a Decentralized Market},
year = {2020},
acceptance = {25.5},
category = {selectiveconference},
contribution = {lead},
keywords = {blockchain, decentralized computation, smart contracts, job scheduling, distributed ledger, computation verification},
tag = {platform,decentralization},
what = {This paper introduces MODiCUM, a blockchain-based distributed ledger system for outsourcing computation with mechanisms to address misbehavior and verify results. The work presents a smart contract-based protocol for job outsourcing that enables verification of computation correctness while keeping verification costs low. The system addresses challenges in decentralized computation by implementing dispute resolution mechanisms and ensuring that resource providers receive payment only for correct results.},
why = {Outsourcing computation to distributed resources could enable efficient use of idle computing capacity, but requires mechanisms to verify that results are correct without trusting individual participants. Traditional centralized approaches suffer from single points of failure and may not capture all available computing resources. This work is innovative because it provides a decentralized approach to computation outsourcing using blockchain smart contracts, enabling trustless verification and fair compensation while maintaining computational efficiency.},
results = {MODiCUM successfully demonstrates a working decentralized computation marketplace where jobs are posted, matched with resource providers, and results are verified using smart contracts. The system enables efficient verification through random sampling of results and maintains fairness through mechanisms that prevent collusion. Results show that the approach can support computation outsourcing with reasonable efficiency while ensuring that dishonest participants face consequences.},
project_tags = {middleware, CPS}
}
As the number of personal computing and IoT devices grows rapidly, so does the amount of computational power that is available at the edge. Since many of these devices are often idle, there is a vast amount of computational power that is currently untapped, and which could be used for outsourcing computation. Existing solutions for harnessing this power, such as volunteer computing (e.g., BOINC), are centralized platforms in which a single organization or company can control participation and pricing. By contrast, an open market of computational resources, where resource owners and resource users trade directly with each other, could lead to greater participation and more competitive pricing. To provide an open market, we introduce MODiCuM, a decentralized system for outsourcing computation. MODiCuM deters participants from misbehaving-which is a key problem in decentralized systems-by resolving disputes via dedicated mediators and by imposing enforceable fines. However, unlike other decentralized outsourcing solutions, MODiCuM minimizes computational overhead since it does not require global trust in mediation results. We provide analytical results proving that MODiCuM can deter misbehavior, and we evaluate the overhead of MODiCuM using experimental results based on an implementation of our platform.
These foundational methods power our use-inspired projects: