The Fail-Heterogeneous Architectural Model

Fault tolerant distributed protocols typically utilize a homogeneous fault model, either fail-crash or fail-Byzantine, where all processors are assumed to fail in the same manner. In practice, due to complexity and evolvability reasons, only a subset of the nodes can actually be designed to have a restricted, fail-crash failure mode, provided that they are free of design faults. Based on this consideration, the authors propose a fail-heterogeneous architectural model for distributed systems which considers two classes of nodes: full-fledged execution nodes, which can be fail-Byzantine, and lightweight, validated coordination nodes, which can only be fail-crash. To illustrate the model they intro-duce HeterTrust as a practical trustworthy service replication protocol.