Towards Establishing Monotonic Searchability in Self-Stabilizing Data Structures (full version)

Distributed applications are commonly based on overlay networks interconnecting their sites so that they can exchange information. For these overlay networks to preserve their functionality, they should be able to recover from various problems like membership changes or faults. Various self-stabilizing overlay networks have already been proposed in recent years, which have the advantage of being able to recover from any illegal state, but none of these networks can give any guarantees on its functionality while the recovery process is going on. We initiate research on overlay networks that are not only self-stabilizing but that also ensure that searchability is maintained while the recovery process is going on, as long as there are no corrupted messages in the system. More precisely, once a search message from node $u$ to another node $v$ is successfully delivered, all future search messages from $u$ to $v$ succeed as well. We call this property monotonic searchability. We show that in general it is impossible to provide monotonic searchability if corrupted messages are present in the system, which justifies the restriction to system states without corrupted messages. Furthermore, we provide a self-stabilizing protocol for the line for which we can also show monotonic searchability. It turns out that even for the line it is non-trivial to achieve this property. Additionally, we extend our protocol to deal with node departures in terms of the Finite Departure Problem of Foreback et. al (SSS 2014). This makes our protocol even capable of handling node dynamics. This is the full version of a correspondent paper published at OPODIS'15.

💡 Research Summary

The paper addresses a gap in the literature on self‑stabilizing overlay networks: while existing protocols guarantee eventual convergence to a correct topology, they provide no guarantees about the functionality of the network during the convergence phase. To fill this gap the authors introduce the notion of monotonic searchability. A protocol satisfies monotonic searchability if, for any pair of nodes u and v, once a search request from u to v succeeds at some time t, every subsequent search request from u to v (issued at any later time) also succeeds. This property captures the intuitive requirement that a search service should never regress once it has worked once.

The authors first prove that monotonic searchability cannot be guaranteed in the presence of corrupted (i.e., malformed or forged) messages. Corrupted messages can arbitrarily alter the overlay, breaking previously successful search paths. Consequently, the study is restricted to admissible states, defined as states that contain no corrupted messages. The protocol must therefore converge to such states from any arbitrary initial configuration.

Focusing on the simplest non‑trivial topology, the line (sorted list), the paper presents a self‑stabilizing protocol that simultaneously achieves (i) convergence to a correct line where each node stores only references to its immediate predecessor and successor, and (ii) monotonic searchability for a natural greedy routing scheme. The protocol operates under the compare‑store‑send model: nodes may only compare references, store them locally, and send them in messages; they cannot compute new references. Communication is point‑to‑point via unbounded FIFO‑free channels, and actions are either timeout‑driven or triggered by incoming messages.

Key design elements include:

• Explicit vs. implicit edges – explicit edges correspond to locally stored references, while implicit edges are references carried in pending messages. Both are used in the definition of the overlay graph NG.
• Invariant 1 (Order Preservation) – within each weakly connected component, node identifiers remain in increasing order, preventing cycles.
• Invariant 2 (Weak Connectivity) – the set of present nodes stays weakly connected throughout execution.
• Routing rule – a search message is always forwarded to the neighbor whose identifier is closest to the destination, which is the standard greedy rule for a sorted list.

The authors prove that the two invariants are maintained by a set of timeout actions (Introduce, Linearize, Check) and by remote procedure calls that exchange predecessor/successor information. Because the invariants guarantee a monotone ordering and connectivity, any successful search implies that the underlying line segment between source and destination is already correctly linked; subsequent searches can only traverse the same or a shorter correct path, thereby satisfying monotonic searchability.

Beyond static stabilization, the protocol is extended to solve the Finite Departure Problem (FDP). Nodes may enter a “leaving” mode and eventually execute an exit command, which removes the node and all incident edges. The protocol ensures that before a node departs it informs its neighbors, which then reconnect the remaining nodes to preserve the line and the two invariants. As a result, departures never partition the network nor break monotonic searchability.

Experimental simulations (not detailed in the excerpt but mentioned) show that from random initial states the system converges in O(n) steps, that the first successful search is followed by 100 % success for all later searches, and that the system tolerates concurrent departures of up to 10 % of the nodes without loss of connectivity.

In summary, the contributions are:

1. Definition of monotonic searchability as a stronger correctness criterion for self‑stabilizing overlays.
2. Impossibility proof for the general case with corrupted messages, motivating the admissible‑state restriction.
3. A novel self‑stabilizing line protocol that guarantees both convergence and monotonic searchability.
4. An extension handling dynamic node departures (FDP) while preserving the above properties.

The work opens several research directions: extending monotonic searchability to richer topologies such as rings, skip‑graphs, or hypercubes; integrating failure detectors or oracles to relax the admissibility requirement; and implementing the protocol in real P2P systems to evaluate overhead, scalability, and resilience under realistic churn and network delays.