Automated synthesis of multitolerance

We concentrate on automated synthesis of multitolerant programs, i.e., programs that tolerate multiple classes of faults and provide a (possibly) different level of fault-tolerance to each class. We consider three levels of fault-tolerance: (1) failsafe, where in the presence of faults, the synthesized program guarantees safety, (2) nonmasking, where in the presence of faults, the synthesized program recovers to states from where its safety and liveness are satisfied, and (3) masking where in the presence of faults the synthesized program satisfies safety and recovers to states from where its safety and liveness are satisfied. We focus on the automated synthesis of finite-state multitolerant programs in high atomicity model where the program can read and write all its variables in an atomic step. We show that if one needs to add failsafe (respectively, nonmasking) fault-tolerance to one class of faults and masking fault-tolerance to another class of faults then such addition can be done in polynomial time in the state space of the fault-intolerant program. However, if one needs to add failsafe fault-tolerance to one class of faults and nonmasking fault-tolerance to another class of faults then the resulting problem is NP-complete. We find this result to be counterintuitive since adding failsafe and nonmasking fault-tolerance to the same class of faults (which is equivalent to adding masking fault-tolerance to that class of faults) can be done in polynomial time, whereas adding failsafe fault-tolerance to one class of faults and nonmasking fault-tolerance to a different class of faults is NP-complete.