Fault-Tolerant Edge-Disjoint Paths -- Beyond Uniform Faults
David Adjiashvili, Felix Hommelsheim, Moritz Mühlenthaler, Oliver Schaudt
aa r X i v : . [ c s . D S ] S e p Fault-Tolerant Edge-Disjoint Paths — Beyond Uniform Faults
David Adjiashvili , Felix Hommelsheim ∗ , Moritz M¨uhlenthaler , and Oliver Schaudt Department of Mathematics, ETH Z¨urich Department of Mathematics, TU Dortmund University Laboratoire G-SCOP, Grenoble INP, Univ. Grenoble-Alpes Department of Mathematics, RWTH Aachen UniversitySeptember 14, 2020
Abstract
The overwhelming majority of survivable (fault-tolerant) network design models assume auniform fault model. Such a model assumes that every subset of the network resources (edgesor vertices) of a given cardinality k may fail. While this approach yields problems with cleancombinatorial structure and good algorithms, it often fails to capture the true nature of thescenario set coming from applications. One natural refinement of the uniform model is obtainedby partitioning the set of resources into vulnerable and safe resources. The scenario set containsevery subset of at most k faulty resources. This work studies the Fault-Tolerant Path (FTP)problem, the counterpart of the Shortest Path problem in this fault model and the
Fault-TolerantFlow problem (FTF), the counterpart of the ℓ -disjoint Shortest s - t Path problem. We presentcomplexity results alongside exact and approximation algorithms for both models. We emphasizethe vast increase in the complexity of the problem with respect to the uniform analogue, theEdge-Disjoint Paths problem. ∗ Research partially supported by the German Research Foundation (DFG), RTG 1855 Introduction
The
Minimum-Cost Edge-Disjoint Path (EDP) problem is a classical network design problem,defined as follows. Given an edge-weighted directed graph D = ( V, A ), two terminals s, t ∈ V and an integer parameter k ∈ Z ≥ , find k edge-disjoint paths connecting s and t with minimumtotal cost. EDP is motivated by the following survivable network design problem: what is theconnection cost of two nodes in a network, given that any k − Fault-TolerantPath (FTP) problem, in which we consider a subset of the edges to be vulnerable. The problemasks for a minimum-cost subgraph of a given graph that contains an s - t path after removing any k vulnerable edges from the graph. Formally, it is defined as follows. Fault-Tolerant Path (FTP)
Instance: edge-weighted directed graph D = ( V, A ), two nodes s, t ∈ V , subset M ⊆ A of vulnerable edges, and integer k ∈ Z ≥ . Task:
Find minimum-cost set S ⊆ A , such that S \ F contains an s - t path for every F ⊆ M with | F | ≤ k .Observe that FTP becomes EDP when M = A . We will also study EDP with a simpler, but stillnon-uniform, fault model: The problem Fault-Tolerant Flow (FTF) asks for ℓ ≥ s - t paths, assuming that only a single edge can be a-posteriori removed from the graph.The problem is defined as follows. Fault-Tolerant Flow (FTF)
Instance: edge-weighted directed graph D = ( V, A ), two nodes s, t ∈ V , set M ⊆ A of vulnerable arcs, and integer ℓ ∈ Z ≥ . Task:
Find minimum cost set S ⊆ A , such that S \ f contains ℓ disjoint s - t pathsfor every f ∈ M . A well-known polynomial algorithm for EDP works as follows. Assign unit capacities to all edgesin G and find a minimum-cost k -flow from s to t . The integrality property of the Minimum-Cost s - t Flow (MCF) problem guarantees that an extreme-point optimal solution is integral, hence itcorresponds to a subset of edges. It is then straightforward to verify that this set is an optimalsolution of the EDP problem (for a thorough treatment of this method we refer to the book ofSchrijver [18]).The latter algorithm raises two immediate questions concerning FTP. The first question iswhether FTP admits a polynomial time algorithm. In this paper we give a negative answer con-ditioned on P = NP , showing that FTP is NP -hard. In fact, the existence of constant-factorapproximation algorithms is unlikely already for the restricted case of directed acyclic graphs.Consequently, it is natural to ask whether polynomial algorithms can be obtained for restricted2ariants of FTP to this question. In particular we provide polynomial-time algorithms for arbitrarygraphs and k = 1, directed acyclic graphs and fixed k and series-parallel graphs. A second questionconcerns the natural fractional relaxation FRAC-FTP of FTP, in which the task is to find a mini-mum cost capacity vector x ∈ [0 , A such that for every set F of at most k vulnerable edges, themaximum s - t flow in G F = ( V, A \ F ), capacitated by x , is at least one. As we previously observed,one natural relaxation of EDP is the MCF problem. This relaxation admits an integrality gapof one, namely the optimal integral solution value is always equal to the corresponding optimalfractional value. We later show that, in contrast to MCF, the integrality gap of FRAC-FTP isbounded by k + 1. Furthermore, we show that this bound is tight, namely that there exists aninfinite family of instances with integrality gap arbitrarily close to k + 1. This result also leads toa simple ( k + 1)-approximation algorithm for FTP, which we later combine with an algorithm forthe case k = 1 to obtain a k -approximation algorithm for FTP.The second variant of the EDP we study is FTF, which asks for ℓ ≥ s - t paths in thepresence of non-uniform faults. Note that if we consider uniform faults (every edge is vulnerable),an optimal solution is a minimum-cost s - t flow of value k + ℓ , which can be computed in polynomialtime. We show that, again, the presence of non-uniform faults makes the problem much harder.In fact, it is as hard to approximate as FTP, despite the restriction to single-arc faults (the sameresult holds for FTF on undirected graphs). On the positive side, we give a simple polynomial-time ( ℓ + 1)-approximation algorithm for FTF which computes a MCF with appropriately chosencapacities.Note that our positive results for FTP imply a polynomial-time algorithm for FTF and ℓ = 1.Hence it is natural to investigate the dependence of the complexity of FTF on the number ℓ ofdisjoint paths. To this end, we fix ℓ and study the corresponding slice Fault-Tolerant ℓ -Flow ofFTF. Our main result in this setting is a 2-approximation algorithm for Fault-Tolerant ℓ -Flow. In anutshell, the algorithm first computes minimum-cost ℓ -flow and then makes the resulting ℓ disjointpaths fault tolerant by solving the corresponding augmentation problem . We solve the augmentationproblem by reducing it to a shortest path problem; it is basically a dynamic programming algorithmin disguise. The reduction is quite involved: in order to construct the instance of Shortest s - t -Path,we solve at most n ℓ instances of the Min-cost Strongly Connected Subgraphs problem on ℓ terminalpairs, all of which can be done in polynomial time since ℓ is fixed.Given our approximation results, one may wonder whether Fault-Tolerant ℓ -Flow might admita polynomial-time algorithm (assuming P = NP , say). An indication in this direction is that fornumber of problems with a similar flavor, including robust paths [3], robust matchings [15] or robustspanning trees [2], hardness results were obtained by showing that the corresponding augmentationproblems are hard. In the light of our results above this approach does not work for Fault-Tolerant ℓ -Flow. On the other hand, we show that such a polynomial-time algorithm for Fault-Tolerant ℓ -Flow implies polynomial-time algorithms for 1-2-connected Directed 2 Steiner Tree and a specialcase of 2-connected Directed k Steiner Tree. Whether these two problems are NP -hard or not arelong-standing open questions. The shortest path problem is one of the classical problems in combinatorial optimization, and assuch, it has received considerable attenation also in the context of fault tolerance/robustness, seefor example [4, 5, 9, 12, 17, 19, 20]. Considering FTP and FTF, one of the most relevant notions ofrobustness is bulk-robust , introduced by Adjiashvili, Stiller and Zenklusen [3]. Here, we are given aset of failure scenarios , that is, a set of subsets of resources that may fail simultaneously. The taskis to find a minimum-cost subset of the resources, such that a desired property (e.g., connectivity of3 graph) is maintained, no matter which failure scenario emerges. Both FTP and FTF are specialcases of this model. Adjiashvili, Stiller and Zenklusen considered bulk-robust counterparts of theShortest Path and Minimum Matroid basis problems. For bulk-robust shortest paths on undirectedgraphs they give a O ( k + log n )-approximation algorithm, where k is the maximum size of a failurescenario. However, not that the running-time of this algorithm is exponential in k . Note thattheir bulk-robust shortest path problem generalizes FTP, and therefore the same approximationguarantee holds for FTP. Our approximation algorithm for FTP significantly improves on thisbound, on both the approximation guarantee and the running-time.The robustness model used in this paper is natural for various classical combinatorial optimiza-tion problems. Of particular interest is the counterpart of the Minimum Spanning Tree problem.This problem is closely related to the Minimum k -Edge Connected Spanning Subgraph ( k -ECSS)problem, a well-understood robust connection problem. There are numerous results for the un-weighted version of k -ECSS. Gabow, Goemans, Tardos and Williamson [11] developed a polyno-mial time (1 + ck )-approximation algorithm for k -ECSS, for some fixed constant c . The authorsalso show that for some constant c ′ < c , the existence of a polynomial time (1 + c ′ k )-approximationalgorithm implies P = NP . An intriguing property of k -ECSS is that the problem becomes easier toapproximate when k grows. Concretely, while for every fixed k , k -ECSS is NP -hard to approximatewithin some factor α k >
1, the latter result asserts that there is function β ( k ) tending to one as k tends to infinity such that k -ECSS is approximable within a factor β ( k ). This phenomenon wasalready discovered by Cheriyan and Thurimella [8], who gave algorithms with a weaker approxi-mation guarantee. The more general Generalized Steiner Network problem admits a polynomial2-approximation algorithm due to Jain [16]. This is also the best known bound for weighted 2-ECSS.Adjiashvili, Hommelsheim and M¨uhlenthaler[2] considered the bulk-robust minimum spanningtree problem with non-uniform single-edge failures. Their main result is a 2 . − ε -approximationalgorithm unless NP ⊆ ZTIME ( n polylog ( n ) ) [14]. We will later show that FTF generalizes WeightedRobust Matching Augmentation. We mostly consider directed graphs, which we denote by (
V, A ), where V is the set of vertices setand A the set of arcs. Undirected graphs are denoted by ( V, E ), where E is a set of edges. An orientation of a set E of undirected edges is an arc-set that orients each edge vw ∈ E as an arc vw or wv . For some vertex set V ′ ⊆ V we denote by δ ( V ′ ) := { vw ∈ E | v ∈ V ′ , w ∈ V \ V ′ } . Fortwo vertex sets X, Y ⊆ V we write E ( X, Y ) := { xy ∈ E | x ∈ X \ Y, y ∈ Y \ X } for the set ofedges joining X and Y (the graph should be clear from the context). In a directed graph we simplyreplace E by A . In this paper we usually consider edge-weighted graphs and assume throughoutthat weights are non-negative. The arcs of A that are not vulnerable are called safe , denoted by M := A \ M .For the sake of a clearer presentation, we moved proofs of results marked by ( ∗ ) to the appendix.A preliminary version of this paper can be found here [1].4 .4 Organization The remainder of this paper is organized as follows: We present our results on the problem FTPin Section 2 and our results on the problem FTF in Section 3. In Section 2.1, we show that FTFon undirected graphs is a special case of FTF on directed graphs. We study the approximationhardness of FTF in Section 2.2 and we provide some exact polynomial algorithms for specialcases in Section 2.3. In Section 2.4 we relate FTP and FRAC-FTP by proving a tight boundon the interagrality gap and show how this result leads to a k -approximation algorithm for FTP.In Section 3.1 we prove approximation hardness of FTF. We then give an ( ℓ + 1)-approximationalgorithm in Section 3.2, followed by a 2-approximation algorithm for FTF with a fixed flow value ℓ . Furthermore, in Section 3.3, we relate the complexity of FTF with fixed flow value to otherproblems of open complexity status. Section 4 concludes the paper and mentions some interestingopen problems. The classical shortest path problem is set on directed graphs. Assuming non-negative edge-weights,undirected graphs are a special case, since we may replace each undirected edge by two antiparalleldirected edges and conclude that any shortest path in the resulting digraph corresponds to a shortestpath in the original undirected graph. Here, we show that the same is true for FTP. The maininsight is that, even if at most k vulnerable edges may fail, no undirected edge is used in bothdirections. As a consequence, all our positive results for directed graphs in this section also holdfor FTF on undirected graphs. Proposition 1.
Let X ⊆ E be a feasible solution to an instance of FTP on an undirected graph ( V, E ) . Then there is an orientation −→ X of X such that ( V, −→ X − F ) contains a directed s - t path forevery F ⊆ M with | F | ≤ k .Proof. Let us assume for a contradiction that there is no such orientation. A set Y of (undirectedand directed) edges is a partial orientation of X if there is a partition of X into sets X and X ,such that Y = X ∪ −→ X , where −→ X is an orientation of X . Let Y be a partial orientation of X that maximizes the number of directed edges, such that ( V, −→ X − F ) contains a directed s - t pathfor every F ⊆ M with | F | ≤ k . By our assumption, there is at least one undirected edge e = vw in Y . Furthermore, there are two sets S , S ⊂ V of vertices, such that { s } ⊆ S , S ⊆ V \ { t } , v ∈ S \ S , and w ∈ S \ S . Note that vw ∈ δ ( S ) and wv ∈ δ ( S ).Since e is needed in both directions for Y to be feasible, there is some F ⊆ M , | F | ≤ k , suchthat X \ F contains an s - t path that must leave S via vw . Therefore, the cut δ ( S ) containsat most k + 1 edges and all of them except possibly e are vulnerable. The same holds for δ ( S )and therefore we have | δ ( S ) | = | δ ( S ) | = k + 1. From the feasibility of Y and the fact that alledges in δ ( S ) and δ ( S ) except possibly e are vulnerable, it follows that | δ ( S ∩ S ) | ≥ k + 1 and | δ ( S ∪ S ) | ≥ k + 1. By the submodularity of the cut function | δ ( · ) | we have2 k + 2 = | δ ( S ) | + | δ ( S ) | ≥ | δ ( S ∩ S ) | + | δ ( S ∪ S ) | ≥ k + 2and it follows that | δ ( S ) | = | δ ( S ) | = | δ ( S ∩ S ) | = | δ ( S ∪ S ) | = k + 1 . (1)5he cut-function | δ ( · ) | satisfies the following identity | δ ( S ) | + | δ ( S ) | = | δ ( S ∩ S ) | + | δ ( S ∪ S ) | + | A ( S \ S , S \ S ) | + | A ( S \ S , S \ S ) | , but the observation that e is an edge connecting S \ S and S \ S , together with (1) yields acontradiction to the previous identity. Our first observation is that FTP generalizes the
Directed m -Steiner Tree Problem ( m -DST). Theinput to m -DST is a weighted directed graph D = ( V, A ), a source node s ∈ V , a collections of terminals T ⊆ V and an integer m ≤ | T | . The goal is to find a minimum-cost arboresence X ⊆ A rooted at s , that contains a directed path from s to some subset of m terminal.The m -DST is seen to be a special case of FTP as follows. Given an instance I = ( D, s, T, m )of m -DST define the following instance of FTP. The graph D is augmented by | T | new zero-costarcs A ′ connecting every terminal u ∈ T to a new node t . Finally, we set M = A ′ and k = m − s to t in the new graph. It is now straightforward tosee that a solution S to the FTP instance is feasible if and only if S ∩ A contains a feasible solutionto the k -DST problem (we can assume that all arcs in A ′ are in any solution to the FTP instance).The latter observation implies an immediate conditional lower bound on the approximability ofFTP. Halperin and Krauthgamer [14] showed that m -DST cannot be approximated within a factorlog − ǫ m for every ǫ >
0, unless NP ⊆ ZTIME ( n polylog ( n ) ). As a result we obtain the following. Proposition 2.
FTP admits no polynomial-time approximation algorithms with ratio log − ǫ k forevery ǫ > , unless NP ⊆ ZTIME ( n polylog ( n ) ) . The reduction above can be easily adapted to obtain a k ǫ -approximation algorithm for FTP forthe special case that M ⊆ { e ∈ A : t ∈ e } using the algorithm of Charikar et. al. [6]. In fact, anyapproximation algorithm with factor ρ ( k ) for FTP is an approximation algorithm with factor ρ ( m )for m -DST. The best known algorithm for the latter problem is due to Charikar et. al. [6]. Theirresult is an approximation scheme attaining the approximation factor of m ǫ for every ǫ > Simultaneous Directed m -Steiner Tree ( m -SDST), as a special case. An input to m -SDSTspecifies two arc-weighted graphs D = ( V, A , w ) and D = ( V, E , w ) on the same set of vertices V , a source s , a set of terminals T ⊆ V and an integer m ≤ | T | . The goal is to find a subset U ⊆ T of m terminals and two arboresences S ⊆ E and S ⊆ A connecting s to U in the respectivegraphs, so as to minimize w ( S ) + w ( S ). m -SDST is seen to be a special case of FTP via thefollowing reduction. Given an instance of m -SDST, construct a graph D = ( V ′ , A ) as follows. Takea disjoint union of D and D , where the direction of every arc in D is reversed. Connect everycopy of a terminal u ∈ T in D to its corresponding copy in D with an additional zero-cost arc e u . Finally, set M = { e u : u ∈ T } and k = m −
1. A fault-tolerant path connecting the copy of s in D to the copy of s in D corresponds to a feasible solution to the m -SDST instance with thesame cost, and vice-versa. This section is concerned with tractable restrictions of FTP. Concretely we give polynomial algo-rithms for arbitrary graphs and k = 1 and directed acyclic graphs (DAGs) and fixed k and forSeries-parallel graphs. We denote the problem FTP restricted to instances with some fixed k by k -FTP. 6 -FTP We start by giving the following structural insight.
Lemma 3 ( ∗ ) . Let X ∗ be an optimal solution to FTP on the instance ( D, M, k ) . The minimum s - t flow in the graph ( V, X ∗ ) capacitated by the vector c e = 1 if e ∈ M and c e = ∞ , otherwise is atleast k + 1 . An s - t bipath in the graph D = ( V, A ) is a union of two s - t paths P , P ⊆ A In the context of1-FTP, we call a bipath Q = P ∪ P robust , if it holds that P ∩ P ∩ M = ∅ . Note that every robust s - t bipath Q in G is a feasible solution to the 1-FTP instance. Indeed, consider any vulnerableedge e ∈ M . Since e P ∩ P it holds that either P ⊆ Q − e , or P ⊆ Q − e . It follows that Q − e contains some s - t path. The next lemma shows that every feasible solution of the 1-FTP instancecontains a robust s - t bipath. Lemma 4 ( ∗ ) . Every feasible solution S ∗ to an -FTP instance contains a robust s - t bipath. We can conclude from the previous discussion and Lemma 4 that all minimal feasible solutionsto the 1-FTP instance are robust bipaths. This observations leads to the simple algorithm, whichis given in the proof of the following theorem.
Theorem 5 ( ∗ ) . k -FTP and Directed Acyclic Graphs Let us first consider the case of a layered graph. Thegeneralization to a directed acyclic graph is done via a standard transformation, which we describelater. Recall that a layered graph D = ( V, A ) is a graph with a partitioned vertex set V = V ∪· · ·∪ V r and a set of edges satisfying A ⊂ S i ∈ [ r − V i × V i +1 . We assume without loss of generality that V = { s } and V r = { t } . For every i ∈ [ r −
1] we let A i = A ∩ V i × V i +1 .Analogously to the algorithm in the previous section, we reduce k -FTP to a shortest pathproblem in a larger graph. The following definition sets the stage for the algorithm. Definition 6. An i -configuration is a vector d ∈ { , , · · · , k + 1 } V i satisfying P v ∈ V i d v = k + 1.We let supp ( d ) = { v ∈ V i : d v > } . For an i -configuration d and an ( i + 1)-configuration d we let V ( d , d ) = supp ( d ) ∪ supp ( d ) and A ( d , d ) = A [ V ( d , d )] . We say that an i -configuration d precedes an ( i + 1)-configuration d if the following flowproblem is feasible. The graph is defined as H ( d , d ) = ( V ( d , d ) , A ( d , d )). The demand vector ν and the capacity vector c are given by ν u = ( − d u if u ∈ supp ( d ) d u if u ∈ supp ( d ) and c e = ( e ∈ M ∞ if e ∈ E \ M, respectively. If d precedes d we say that the link ( d , d ) exists. Finally, the cost ℓ ( d , d ) of thislink is set to be minimum value w ( A ′ ) over all A ′ ⊆ A ( d , d ), for which the previous flow problemis feasible, when restricted to the set of edges A ′ .The algorithm constructs a layered graph H = ( V , A ) with r layers V , · · · , V r . For every i ∈ [ r ]the set of vertices V i contains all i -configurations. Observe that V and V r contain one vertex each,denoted by c s and c t , respectively. The edges correspond to links between configurations. Everyedge is directed from the configuration with the lower index to the one with the higher index. Thecost is set according to Definition 6. The following lemma provides the required observation, whichimmediately leads to a polynomial algorithm. 7 emma 7 ( ∗ ) . Every c s - c t path P in H corresponds to a fault-tolerant path S with w ( S ) ≤ ℓ ( P ) ,and vise-versa. Finally, we observe that the number of configurations is bounded by O ( n k +1 ), which impliesthat k -FTP can be solved in polynomial time on layered graphs.To obtain the same result for directed acyclic graphs we perform the following transformation ofthe graph. Let v , · · · , v n be a topological sorting of the vertices in D . Replace every edge e = v i v j ( i < j ) with a path p e = v i , u ei +1 , · · · , u ej − , v j of length j − i + 1 by subdividing it sufficiently manytimes. Set the cost of the first edge on the path to w ′ ( v i u ei +1 ) = w ( v i v j ) and set the costs of allother edges on the path to zero. In addition, create a new set of faulty edges M ′ , which contains alledges in a path p e if e ∈ M . It is straightforward to see that the new instance of FTP is equivalentto the original one, while the obtained graph after the transformation is layered. We summarizethe result as follows. Theorem 8.
There is a polynomial algorithm for k -FTP restricted to instances with a directedacyclic graph. Series-Parallel Graphs
Recall that a graph is called series-parallel (SRP) with terminal s and t if it can be composed from a collection of disjoint edges using the series and parallel compositions.The series composition of two SRP graphs with terminals s , t and s ′ , t ′ respectively, takes thedisjoint union of the two graphs, and identifies t with s ′ . The parallel composition takes thedisjoint union of the two graphs and identifies s with s ′ and t with t ′ . Given a SRP graph it is easyto obtain the aforementioned decomposition.The algorithm we present has linear running time whenever the robustness parameter k is fixed.The algorithm is given as Algorithm 1. In fact, the algorithms computes the optimal solutions S k ′ for all parameters 0 ≤ k ′ ≤ k . The symbol ⊥ is returned if the problem is infeasible. Theorem 9 ( ∗ ) . Algorithm 1 returns an optimal solution to the FTP problem on SRP graphs. Therunning time of Algorithm 1 is O ( nk ) . In this section we study the natural fractional relaxation of FTP. We prove a tight bound on theintegrality gap of this relaxation. This results also suggests a simple approximation algorithm forFTP with ratio k + 1. We later combine this algorithm with the algorithm for 1-FTP to obtain a k -approximation algorithm. Fractional FTP and Integrality Gap
Let us start by introducing the fractional relaxationof FTP, which we denote by FRAC-FTP. The input to FRAC-FTP is identical to the input toFTP. The goal in FRAC-FTP is to find a capacity vector x : A → [0 ,
1] of minimum cost w ( x ) = P e ∈ A w e x e such that for every F ⊆ M of size at most k , the maximum s - t flow in D − F , capacitatedby x is at least one. Note that by the Max-Flow Min-Cut Theorem, the latter condition is equivalentto requiring that the minimum s - t cut in D − F has capacity of at least one. We will use this factin the proof of the main theorem in this section.Observe that by requiring x ∈ { , } E we obtain FTP, hence FRAC-FTP is indeed a fractionalrelaxation of FTP.In the following theorem by ’integrality gap’ we mean the maximum ratio between the optimalsolution value to an FTP instance, and the optimal value of the corresponding FRAC-FTP instance.8 lgorithm 1 : FTP-SeriesParallel( G, s, t, k )Input: G = ( V, E ) a series-parallel graph, s, t ∈ V and M ⊂ E , k ∈ Z ≥ . Ensure:
Optimal solution to FTP for parameters 0 , , · · · , k . if E = { e } ∧ e ∈ M then Return ( { e } , ⊥ , · · · , ⊥ ) if E = { e } ∧ e M then Return ( { e } , · · · , { e } ) ⇒ G is a composition of H , H . ( S , · · · , S k ) ← FTP-SeriesParallel ( H , M ∩ E [ H ] , k ) ( S , · · · , S k ) ← FTP-SeriesParallel ( H , M ∩ E [ H ] , k ) if G is a series composition of H , H then for i = 0 , · · · , k do if S i = ⊥ ∨ S i = ⊥ then S i ←⊥ else S i ← S i ∪ S i if G is a parallel composition of H , H then m ← max { i : S i = ⊥} m ← max { i : S i = ⊥} for i = 0 , · · · , k do if i > m + m + 1 then S i ←⊥ else r ← argmin − ≤ j ≤ i { w ( S j ) + w ( S i − j − ) } // S − = S − := ∅ S i ← S r ∪ S i − r − Return ( S , · · · , S k ) Theorem 10 ( ∗ ) . The integrality gap of FTP is bounded by k + 1 . Furthermore, there exists aninfinite family of instances of FTP with integrality gap arbitrarily close to k + 1 . The proof of Theorem 10 implies a simple ( k + 1)-approximation algorithm for FTP. Thisalgorithm simply solves the integer minimum-cost flow problem, defined in proof of the theorem,and returns the set of edges corresponding to the support of an optimal integral flow z ∗ as thesolution. This result is summarized in the following corollary. Corollary 11.
There is a polynomial ( k + 1) -approximation algorithm for FTP. A k -Approximation Algorithm In this paragraph we improve the approximation algorithmfrom the previous paragraph. The new algorithm can be seen as a generalization of the algorithmfor 1-FTP to arbitrary FTP instances. The main observation is the following. The reason why theapproximation algorithm implied by Theorem 10 gives an approximation ratio of k + 1 is that thecapacity of edges in A \ M is set to k + 1, hence, if the flow z ∗ uses such edges to their full capacity,the cost incurred is k + 1 times the cost of these edges. This implies that the best possible lowerbound on the cost w ( z ∗ ) is ( k + 1) OP T
F RAC , where
OP T
F RAC denotes the optimal solution valueof the corresponding FRAC-FTP instance. To improve the algorithm we observe that the edges in z ∗ , which carry a flow of k + 1 are cut-edges in the obtained solution.9o conveniently analyze our new algorithm let us consider a certain canonical flow defined byminimal feasible solutions. Definition 12.
Consider an inclusion-wise minimal feasible solution S ⊆ A of an instance I =( D, s, t, M ) of FTP. A flow f S induced by S is any integral s - t ( k + 1)-flow in D respecting thecapacity vector c Se = e ∈ S ∩ Mk + 1 if e ∈ S \ M e ∈ A \ S. To this end consider an optimal solution X ∗ ⊆ A to the FTP instance and consider any corre-sponding induced flow f ∗ . Define X P AR = { e ∈ X ∗ : f ∗ ( e ) ≤ k } and X BRIDGE = { e ∈ X ∗ : f ∗ ( e ) = k + 1 } . As we argued before, every edge in X BRIDGE must be a bridge in H = ( V, X ∗ ) disconnecting s and t . Let u e denote the tail vertex of an edge e ∈ A . Since every edge e ∈ X BRIDGE constitutes an s - t cut in H , it follows that the vertices in U = { e u : e ∈ X BRIDGE } ∪ { s, t } can be unambiguouslyordered according to the order in which they appear on any s - t path in H , traversed from s to t .Let s = u , · · · , u q = t be this order. Except for s and t , every vertex in U constitutes a cut-vertexin H . Divide H into q − H , · · · , H q − by letting H i = ( V, Y i ) contain the union of all u i - u i +1 paths in H . We observe the following property. Proposition 13.
For every i ∈ [ q − the set Y i ⊆ A is an optimal solution to the FTP instance I i = ( G, u i , u i +1 , M ) . Consider some i ∈ [ q −
1] and let f ∗ i denote the flow f ∗ , restricted to edges in H i . Note that f ∗ i can be viewed as a u i - u i +1 ( k + 1)-flow. Exactly one of the following cases can occur. Either H i contains a single edge e ∈ A \ M , or max e ∈ Y i f ∗ i ( e ) ≤ k. In the former case, the edge e is the shortest u i - u i +1 path in ( V, A \ M ). In the latter case we canuse a slightly updated variant of the algorithm in Corollary 11 to obtain a k -approximation of theoptimal FTP solution on instance I i . Concretely, the algorithm defines the capacity vector c ′ e = ( k if e M , and finds an integral minimum-cost u i - u i +1 ( k + 1)-flow Y ∗ in D , and returns the support Y ⊆ A of the flow as the solution. The existence of the flow f ∗ i guarantees that w ( y ∗ ) ≤ w ( f ∗ i ), while thefact that the maximum capacity in the flow problem is bounded by k gives w ( Y ) ≤ kw ( y ∗ ). Itfollows that this algorithm approximates the optimal solution to the FTP instance I i to within afactor k .To describe the final algorithm it remains use the blueprint of the algorithm for 1-FTP. There isonly one slight difference. Instead of finding two edge-disjoint u - v paths, the new algorithm solvesthe aforementioned flow problem. We summarize the main result of this section in the followingtheorem. The proof is omitted, as it is identical to that of Theorem 5, with the exception of thepreceding discussion. Theorem 14.
There is a polynomial k -approximation algorithm for FTP. Fault-Tolerant Flows
In this section we present our results on the problem FTF. We show that it admits no log − ε ℓ -approximation under standard complexity assumptions. We then investigate its complexity for flowsof fixed value ℓ . Our main result is a polynomial-time algorithm for the corresponding augmentationproblem, which we use to obtain a 2-approximation for Fault-Tolerant ℓ -Flow. Finally, we showthat a polynomial-time algorithm for Fault-Tolerant ℓ -Flow implies polynomial-time algorithms fortwo problems whose complexity status is open. We show that FTF is as hard to approximate as Directed Steiner Forest by using an approximationhardness result from [15] for the problem Weighted Robust Matching Augmentation. The problemWeighted Robust Matching Augmentation asks for the cheapest edge-set (assuming non-negativecosts) to add to a bipartite graph such that the resulting graph is bipartite and contains a perfectmatching after a-posteriori removing any single edge. The idea of our reduction is similar to thatof the classical reduction from the Bipartite Maximum Matching problem to the Max s - t Flowproblem. Note that since matchings are required to be perfect, we may assume that both parts ofthe input graph have the same size. We add to the bipartite input graph (
U, W, E ) on n vertices ofa Weighted Robust Matching Augmentation instance two terminal vertices s and t , and connect s to each vertex of U as well as each vertex of W to t by an arc. Now we add all possible arcs from U to W , marking those as vulnerable that correspond to an edge in E . It is readily observed thata fault-tolerant n/ s or t ). We thus obtain the followinghardness result. Lemma 15 ( ∗ ) . A polynomial-time f ( ℓ ) approximation algorithm for FTF implies a polynomial-time f ( n/ -approximation algorithm for Weighted Robust Matching Augmentation, where n is thenumber of vertices in the Weighted Robust Matching Augmentation instance. We combine Proposition 15 with two results from [15] and [14] to obtain the following approx-imation hardness result for FTF.
Theorem 16 ( ∗ ) . FTF admits no polynomial-time log − ε ( ℓ ) -factor approximation algorithm forevery ε > , unless NP ⊆ ZTIME ( n polylog ( n ) ) . Note that all results presented in this section also hold for the undirected variant of FTF.
We first present a simple polynomial-time ( ℓ + 1)-approximation algorithm for FTF, which is verysimilar to the ( k + 1)-approximation for FTP. The algorithm computes (in polynomial time) aminimum-cost s - t flow of value ℓ +1 on the input graph with the following capacities: each vulnerablearc receives capacity 1 and any other arc capacity 1 + 1 /ℓ . To see that for this choice of capacitieswe obtain a feasible solution, recall that the value of any s - t cut upper-bounds the value of any s - t flow. Therefore, each s - t cut C has value at least ℓ + 1, so C contains either at least ℓ safe arcs orat least ℓ + 1 arcs. To prove the approximation guarantee, we show that any optimal solution toan FTF instance contains an s - t flow of value ℓ + 1 and observe that we over-pay for safe arcs bya factor of at most (1 + 1 /ℓ ). We obtain the following result. Theorem 17 ( ∗ ) . FTF admits a polynomial-time ( ℓ + 1) -factor approximation algorithm. ℓ -approximation for FTF, since a solution to FTF in general does not have cutvertices, which are essential for the decomposition approach for the k -approximation for FTP.We now show that for a fixed number ℓ of disjoint paths, a much better approximation guaranteecan be obtained. That is, we give a polynomial-time 2-approximation algorithm for Fault-Tolerant ℓ -Flow (however, its running time is exponential in ℓ ). The algorithm first computes a minimum-cost s - t flow of value ℓ and then augments it to a feasible solution by solving the following augmentationproblem .Fault-Tolerant ℓ -Flow Augmentation Instance: arc-weighted directed graph D = ( V, A ), two nodes s, t ∈ V , arc-set X ⊆ A that contains ℓ disjoint s - t paths, and set M ⊆ A of vulnerable arcs. Task:
Find minimum weight set S ⊆ A \ X , such that for every f ∈ M , the set( X ∪ S ) \ f contains ℓ disjoint s - t dipaths.Our main technical contribution is that Fault-Tolerant ℓ -Flow Augmentation can be solved inpolynomial time for fixed ℓ . Our algorithm is based on a dynamic programming approach and itinvolves solving many instances of the problem Directed Steiner Forest, which asks for a cheapestsubgraph connecting ℓ given terminal pairs. This problem admits a polynomial-time algorithm forfixed ℓ [10], but it is W [1]-hard when parameterized in the number of terminal pairs, so it is likelynot fixed-parameter tractable [13]. Roughly speaking, we traverse the ℓ disjoint s - t paths computedpreviously in parallel, proceeding one arc at a time. In order to deal with vulnerable arcs, at eachstep, we solve an instance of Directed Steiner Forest connecting the ℓ current vertices (one on eachpath) to ℓ destinations on the same path by using backup paths. That is, we decompose a solutionto the augmentation problem into instances of Directed Steiner Forest connected by safe arcs. Anoptimal decomposition yields an optimal solution to the instance of the augmentation problem.We find an optimal decomposition by dynamic programming. Essentially, we give a reduction to ashortest path problem in a graph that has exponential size in ℓ .Let us fix an instance I of Fault-Tolerant ℓ -Flow Augmentation on a digraph D = ( V, A ) witharc-weights c ∈ Z A ≥ and and terminals s and t . Let P , P , . . . , P ℓ be ℓ disjoint s - t paths containedin X . In fact, we assume without loss of generality, that X is the union of P , P , . . . , P ℓ . If X contains an arc e that is not on any of the ℓ paths, we remove e from X and assign to it weight 0.We now give the reduction to the shortest path problem. We construct a digraph D = ( V , A );to distinguish it clearly from the graph D of I , we call the elements in V ( A ) of D vertices ( arcs )and elements of V ( A ) nodes ( links ). We order the vertices of each path P i , 1 ≤ i ≤ ℓ , accordingto their distance to s on P i . For two vertices x i , x i of P i , we write x i ≤ x i if x i is at least asclose to s on P i as x i . Let us now construct the node set V . We add a node v to V for every ℓ -tuple v = ( x , ..., x ℓ ) of vertices in V ( X ) satisfying x i ∈ P i , for every i ∈ { , , . . . , ℓ } . Note thatthe corresponding vertices of a node are not necessarily distinct, since the ℓ edge- disjoint paths P , P , . . . , P ℓ may share vertices. We also define a (partial) ordering on the nodes in V . For twonodes v = ( x , ..., x ℓ ) and v = ( x , ..., x ℓ ) we write v ≤ v if x i ≤ x i for every 1 ≤ i ≤ ℓ .Additionally, let Q i ( x, y ) be the sub-path of P i from a vertex x to a vertex y of P i .We now construct the link set A := A ∪ A of D as the union of two link-sets A and A ,which we will define next. We add to A an arc xy , if x precedes y and the subpaths of each P i from x i to y i contain no vulnerable arc. That is, we let A := { xy | x, y ∈ V , x ≤ y, Q i ( x i , y i ) ∩ M = ∅ for 1 ≤ i ≤ ℓ } .
12e now define the link set A . For two nodes x, y ∈ V such that x precedes y , if there is some1 ≤ i ≤ ℓ , such that Q i ( x i , y i ) contains at least one vulnerable arc, then we first need to solvean instance of Directed Steiner Forest on ℓ terminal pairs in order to know whether we add thelink xy and, if so, at which cost. We construct an instance I ( x, y ) of Directed Steiner Forest asfollows. The terminal pairs are ( x i , y i ) ≤ i ≤ ℓ . The input graph is given by D ′ = ( V, A ′ ), where A ′ = ( A \ X ) ∪ S ≤ i ≤ ℓ ←− Q i ( x i , y i ), where ←− Q i ( x i , y i ) are the arcs of Q i ( x i , y i ) in reversed directionThe arc costs are given by c ′ e := ( c e if e ∈ A \ X , and0 if e ∈ ←− Q i ( x i , y i ) for some i ∈ { , , . . . , ℓ } . That is, for 1 ≤ i ≤ ℓ , we reverse the path Q i ( x i , y i ) connecting x i to y i and make the correspondingarcs available at zero cost. We then need to connect x i to y i without using arcs in X . Since thenumber of terminal pairs is at most ℓ and thus constant, the Directed Steiner Forest instance I ( v , v ) can be solved in polynomial time by the algorithm of Feldman and Ruhl given in [10]. LetOPT( I ( x, y )) be the cost of an optimal solution to I ( v, v ). We add a link xy to A if the computedsolution of I ( x, y ) is strongly connected. This completes the construction of A .For a link e ∈ A we let the weight w e be given by w e := ( e ∈ A , andOPT( I ( x, y )) if e ∈ A .We now argue that a shortest path P from node s = ( s, . . . , s ) ∈ V to node t = ( t, . . . , t ) ∈ V in D corresponds to an optimal solution to I . For every link xy ∈ P , we add the optimal solutionto I ( x, y ) computed by the Feldman-Ruhl algorithm to our solution Y . A summary is given inAlgorithm 2. Proving that Algorithm 2 is quite technical and requires another auxiliary graph anda technical lemma. The details can be found in Appendix D. Theorem 18 ( ∗ ) . The set Y computed by Algorithm 2 is an optimal solution to the instance I ofFault-Tolerant ℓ -Flow Augmentation. Algorithm 2 runs in polynomial time for a fixed number ℓ of disoint s - t paths, since it computesat most n ℓ Min-cost Strongly Connected Subgraphs on ℓ terminal pairs, which can be done inpolynomial time by a result of Feldman and Ruhl [10]. Theorem 19 ( ∗ ) . Algorithm 2 runs in time O ( | A || V | ℓ − + | V | ℓ − log | V | ) . From theorems 18 and 19 we obtain a polynomial-time 2-approximation algorithm for Fault-Tolerant ℓ -Flow: Let OPT( I ) be the cost of an optimal solution to an instance I of Fault-Tolerant ℓ -Flow. The algorithm first computes a minimum-cost s - t flow X and then runs Algorithm 2 using X as initial arc-set. The algorithm returns the union of the arc-sets computed in the two steps.By Theorem 18 we can augment X in polynomial time to a feasible solution X ∪ Y to I . Since wepay at most OPT( I ) for the sets X and Y , respectively, the total cost is at cost at most 2 OPT( I ). Corollary 20.
Fault-Tolerant ℓ -Flow admits a polynomial-time 2-factor approximation algorithm. In the previous section we showed that there is a polynomial-time algorithm for Fault-Tolerant ℓ -Flow Augmentation, from which we obtained a 2-approximation for Fault-Tolerant ℓ -Flow. Ide-ally, one would like to complement such an approximation result with a hardness or hardness-of-approximation result. Since Fault-Tolerant ℓ -Flow Augmentation admits a polynomial-time al-gorithm according to Theorem 19, we cannot use the augmentation problem in order to prove13 lgorithm 2 : Exact algorithm for Fault-Tolerant ℓ -Flow Augmentation Input: instance I of Fault-Tolerant ℓ -Flow Augmentation on a digraph D = ( V, A ) Construct the graph D = ( V , A ) Find a shortest path P in D from ( s, . . . , s ) to ( t, . . . , t ) For each link vw ∈ P ∩ A add the arcs of an optimal solution to I ( v, w ) to Y return Y NP -hardness of Fault-Tolerant ℓ -Flow; an approach that has been used successfully for instance forrobust paths [3], robust matchings [15] and robust spanning trees [2]. Hence, there is some hopethat Fault-Tolerant ℓ -Flow might actually be polynomial-time solvable. However, we show that apolynomial-time algorithm for Fault Tolerant 2-Flow implies polynomial-time algorithms for twoother problems with unknown complexity status, namely 1-2-connected Directed 2 Steiner Treeand a special case of 2-connected Directed k Steiner Tree.We will first consider the relation of Fault-Tolerant ℓ -Flow and 2-connected Directed k SteinerTree, which asks for two disjoint directed paths connecting a root vertex with each terminal:2-connected Directed k Steiner Tree
Instance: directed graph D = ( V, A ), cost function c ∈ Q A , root s ∈ V , and k terminalvertices t , t , . . . , t k ∈ V Task: find a minimum-cost set of edges X ⊆ A , such that ( V, X ) contains twoedge-disjoint s - t paths for each t ∈ { t , t , . . . , t k } .We will denote the set of terminals by T := { t , t , . . . , t k } . According to [7], even the complexityof 1-2-connected Directed 2 Steiner Tree is open, which is the following variant of 2-connectedDirected k Steiner Tree: we have only two terminals t and t and aim to find two disjoint s - t paths and one s - t path of minimal total cost. Note that 2-connected Directed k Steiner Tree isa generalization of Directed Steiner Tree and therefore does not admit a polynomial-time log − ε n approximation algorithm unless NP ⊆ ZTIME ( n polylog ( n ) ) [14]. However, there is a big gap betweenthe complexity of Directed Steiner Tree and 2-connected Directed k Steiner Tree if the number k ofterminals is fixed. While it is known that Directed Steiner Tree is fixed-parameter tractable whenparameterized by the number of terminals (and therefore polynomial-time solvable for constant k ),it is unknown whether 2-connected Directed k Steiner Tree admits a polynomial-time algorithmeven for k = 2 (for k = 1, an optimal solution is a minimum-cost 2-flow). We now show that aspecial case of Fault-Tolerant ℓ -Flow corresponds to 2-connected Directed k Steiner Tree with theadditional constraint that every s - T cut contains at least k + 1 edges. Proposition 21 ( ∗ ) . A polynomial-time algorithm for Fault-Tolerant k -Flow implies a polynomial-time algorithm for 2-connected Directed k Steiner Tree with the additional constraint that every s - T cut contains at least k + 1 edges. Furthermore, we show that 1-2-connected Directed 2 Steiner Tree is a special case of FaultTolerant 2-Flow.
Proposition 22 ( ∗ ) . A polynomial-time algorithm for Fault Tolerant -Flow implies a polynomial-time algorithm for 1-2-connected Directed Steiner Tree. Conclusions and Future Work
This paper presents two problems, FTP and FTF, which add a non-uniform fault model to theclassical edge-disjoint paths problem. In this model, not all k -subsets of edges can be removed fromthe graph after a solution is chosen, but rather a subset of vulnerable edges , which are providedas part of the input. Such an adaptation is natural from the point of view of many applicationdomains. We observed a dramatic increase in the computational complexity due to the faultmodel with respect to EDP. At the same time we identified several classes of instances admittinga polynomial exact algorithm. These classes include the case k = 1, directed acyclic graphs andfixed k and series-parallel graphs. Next, we defined a fractional counterpart of FTP and proved atight bound on the corresponding integrality gap. This result lead to a k -approximation algorithmfor FTP. For FTF, our main results are a ( ℓ + 1)-approximation algorithm and a 2-approximationalgorithm for fixed ℓ .One of the main tasks that remains is to improve the understanding of the approximability ofFTP. In particular, it is interesting to see if the approximation guarantee for FTP can be improvedto the approximation guarantees of the best known algorithms for the Steiner Tree problem. Itis also interesting to relate FTP to more general problems such a Minimum-Cost Fixed-ChargeNetwork Flow and special cases thereof. The complexity of k -FTP in still unknown. It is interestingto see if the methods employed in the current paper for 1-FTP and k -FTP on directed acyclic graphscan be extended to k -FTP on general graphs. Another intriguing open question is whether Fault-Tolerant ℓ -Flow is NP -hard, which is open even for ℓ = 2. We showed that a positive result in thisdirection implies polynomial-time algorithms for two Steiner problems whose complexity status isopen. References [1] David Adjiashvili. Fault-tolerant shortest paths-beyond the uniform failure model. arXivpreprint arXiv:1301.6299 , 2013.[2] David Adjiashvili, Felix Hommelsheim, and Moritz M¨uhlenthaler. Flexible graph connectivity.In
International Conference on Integer Programming and Combinatorial Optimization , pages13–26. Springer, 2020.[3] David Adjiashvili, Sebastian Stiller, and Rico Zenklusen. Bulk-robust combinatorial optimiza-tion.
Mathematical Programming , 149(1-2):361–390, 2015.[4] Hassene Aissi, Cristina Bazgan, and Daniel Vanderpooten. Approximation complexity of min-max (regret) versions of shortest path, spanning tree, and knapsack. In
European Symposiumon Algorithms , pages 862–873. Springer, 2005.[5] Christina B¨using. Recoverable robust shortest path problems.
Networks , 59(1), 2012.[6] Moses Charikar, Chandra Chekuri, To-yat Cheung, Zuo Dai, Ashish Goel, Sudipto Guha, andMing Li. Approximation algorithms for directed steiner problems.
Journal of Algorithms ,33(1):73–91, 1999.[7] Joseph Cheriyan, Bundit Laekhanukit, Guyslain Naves, and Adrian Vetta. Approximatingrooted steiner networks.
ACM Transactions on Algorithms (TALG) , 11(2):1–22, 2014.[8] Joseph Cheriyan and Ramakrishna Thurimella. Approximating minimum-size k-connectedspanning subgraphs via matching.
SIAM Journal on Computing , 30(2):528–560, 2000.159] Kedar Dhamdhere, Vineet Goyal, R Ravi, and Mohit Singh. How to pay, come what may:Approximation algorithms for demand-robust covering problems. In , pages 367–376. IEEE, 2005.[10] Jon Feldman and Matthias Ruhl. The directed steiner network problem is tractable for aconstant number of terminals.
SIAM Journal on Computing , 36(2):543–561, 2006.[11] Harold N Gabow and Suzanne R Gallagher. Iterated rounding algorithms for the smallest k -edge connected spanning subgraph. SIAM Journal on Computing , 41(1):61–103, 2012.[12] Daniel Golovin, Vineet Goyal, Valentin Polishchuk, R Ravi, and Mikko Sysikaski. Improvedapproximations for two-stage min-cut and shortest path problems under uncertainty.
Mathe-matical Programming , 149(1-2):167–194, 2015.[13] Jiong Guo, Rolf Niedermeier, and Ondˇrej Such`y. Parameterized complexity of arc-weighteddirected steiner problems.
SIAM Journal on Discrete Mathematics , 25(2):583–599, 2011.[14] Eran Halperin and Robert Krauthgamer. Polylogarithmic inapproximability. In
Proceedingsof the 35th Annual ACM Symposium on Theory of Computing , pages 585–594, 2003.[15] Felix Hommelsheim, Moritz M¨uhlenthaler, and Oliver Schaudt. How to secure matchingsagainst edge failures. In . Schloss Dagstuhl-Leibniz-Zentrum f¨ur Informatik, 2019.[16] Kamal Jain. A factor 2 approximation algorithm for the generalized Steiner network problem.
Combinatorica , 21(1):39–60, 2001.[17] Christina Puhl. Recoverable robust shortest path problems.
Preprint , pages 034–2008, 2009.[18] Alexander Schrijver.
Combinatorial optimization: polyhedra and efficiency , volume 24.Springer Science & Business Media, 2003.[19] Gang Yu and Jian Yang. On the robust shortest path problem.
Computers and OperationsResearch , 25(6):457468, Jun 1998.[20] Pawe Zieliski. The computational complexity of the relative robust shortest path problem withinterval data.
European Journal of Operational Research , 158(3):570576, Nov 2004.
A Proofs Omitted from Section 2.3
Proof of Lemma 3.
Assume the statement is not true. Then, by the Max-Flow Min-Cut Theoremthere is some capacitated cut δ ( V ′ ) for some V ′ ⊆ V with s ∈ V ′ and t / ∈ V ′ such that c ( δ ( V ′ )) We assume without loss of generality that S ∗ is a minimal feasible solutionwith respect to inclusion. Let Y ⊆ S ∗ be the set of bridges in ( V, S ∗ ). From feasibility of S ∗ , wehave Y ∩ M = ∅ . Consider any s - t path P in S ∗ . Let u , · · · , u r be be the set of vertices incidentto Y = P ∩ Y . Let u i and u i +1 be such that u i u i +1 Y . (if such an edge does not exist, we have Y = P , which means that P is a robust s - t bipath). Note that S ∗ must contain two edge-disjoint u i - u i +1 paths L , L . Taking as the set Y together with all such pairs of paths L , L results in arobust bipath. 16 roof of Theorem 5. To solve 1-FTP we need to find the minimum cost robust s - t bipath. To thisend let us define two length functions ℓ , ℓ : V × V → R ≥ . For two vertices u, v ∈ V let ℓ ( u, v )denote the shortest path distance from u to v in the graph ( V, A \ M ), and let ℓ ( u, v ) denote the costof the shortest pair of edge-disjoint u - v paths in G . Clearly, both length functions can be computedin polynomial time (e.g. using flow techniques). Finally, set ℓ ( u, v ) = min { ℓ ( u, v ) , ℓ ( u, v ) } .Construct the complete graph on the vertex set V and associate the length function ℓ with it.Observe that by definition of ℓ , any s - t path in this graph corresponds to a robust s - t bipath withthe same cost, and vice versa. It remains to find the shortest s - t bipath by performing a singleshortest s - t path in the new graph. For every edge uv in this shortest path, the optimal bipathcontains the shortest u - v path in ( V, a \ M ) if ℓ ( u, v ) = ℓ ( u, v ), and the shortest pair of u - v pathsin G , otherwise. Proof of Lemma 7. Consider first a fault-tolerant path S ⊆ A . We construct a corresponding c s - c t path in H as follows. Consider any k + 1 s - t flow f S , induced by S . Let p , · · · , p l be a pathdecomposition of f S and let 1 ≤ ρ , · · · , ρ l ≤ k + 1 (with P i ∈ [ l ] ρ i = k + 1) be the correspondingflow values.Since D is layered, the path p j contains exactly one vertex v ji from V i and one edge e ji from A i for every j ∈ [ l ] and i ∈ [ r ]. For every i ∈ [ r ] define the i -configuration d i with d iv = X j ∈ [ l ]: v = v ij ρ i , if some path p j contains v , and d iv = 0, otherwise. The fact that d i is an i -configuration followsimmediately from the fact that f S is a ( k + 1)-flow. In addition, for the same reason d i precedes d i +1 for every i ∈ [ r − d = c s and d r = c t itfollows that P = d , d , · · · , d r is a c s − c t path in H with cost ℓ ( P ) ≤ w ( S ).Consider next an c s − c t path P = d , · · · , d r with cost ℓ ( P ) = P r − i =1 ℓ ( d i , d i +1 ). The cost ℓ ( d i , d i +1 ) is realized by some set of edges R i ⊆ E ( d i , d i +1 ) for every i ∈ [ r − s - t flow in the graph D ′ = ( V, R ) is at least k + 1, where R = ∪ i ∈ [ r − R i . Next,Lemma 3 guarantees that there exists some feasible solution S ⊆ R , the cost of which is at most ℓ ( P ). In the latter claim we used the disjointness of the sets R i , which is due the layered structureof the graph G . This concludes the proof of the lemma. Proof of Theorem 9. The proof of correctness is by induction on the depth of the recursion inAlgorithm 1. Clearly the result returned by Algorithm 1 in lines 1-6 is optimal. Assume next thatthe algorithm computed correctly all optimal solutions for the subgraphs H , H , namely that forevery i ∈ [2] and j ∈ [ k ], the set S ij computed in lines 7-8 is an optimal solution to the problem oninstance I ji = ( H i , M ∩ E [ H i ] , j ).Assume first that G is a series composition of H and H , and let 0 ≤ i ≤ k . If either S i = ⊥ or S i = ⊥ the problem with parameter i is clearly also infeasible, hence the algorithm works correctlyin this case. Furthermore, since G contains a cut vertex (the terminal node, which is in common to H and H ), a solution S to the problem is feasible for G if and only if it is a union of two feasiblesolutions for H and H . From the inductive hypothesis it follows that S i is computed correctly inline 14.Assume next that G is a series composition of H and H . Consider any feasible solution S ′ tothe problem on G with parameter i . Let S ′ and S ′ be the restrictions of S ′ to edges of H and H respectively, and let n and n be the maximal integers such that S ′ and S ′ are robust pathsfor H and H with parameters n and n , respectively. Observe that i ≤ n + n + 1 must hold.17ndeed if this would not be the case, then taking any cut with n + 1 edges in S ′ and another cutwith n + 1 edges in S ′ yields a cut with n + n + 2 edges in G , contradicting the fact that S ′ isa robust path with parameter i . We conclude that the algorithm computes S i correctly in line 23.Finally note that the union any two robust paths for the graphs H and H with parameters n and n with i ≤ n + n + 1 yield a feasible solution S i . It follows that the minimum cost such robustpath is obtained as a minimum cost of a union of two solutions for H and H , with robustnessparameters j and i − j − j . To allow S i = S i or S i = S i we let j range from − k and set S − = S − = ∅ . This completes the proof of correctness.To prove the bound on the running time, let T ( m, k ) denote the running time of the algorithmon a graph with m edges and robustness parameter k . We assume that the graph is given by ahierarchical description, according to its decomposition into single edges. The base case obviouslytakes O ( k ) time. Furthermore we assume that the solution ( S , · · · , S k ) is stored in a data structurefor sets, which uses O (1) time for generating empty sets and for performing union operations. If thegraph is a series composition then the running time satisfies T ( m, k ) ≤ T ( m ′ , k )+ T ( m − m ′ , k )+ O ( k )for some m ′ < m . If the graph is a parallel composition, then T ( m, k ) satisfied the same inequality.We assume that the data structure, which stores the sets S i also contains the cost of the edges inthe set. This value can be easily updates in time O (1) when the assignment into S i is performed.It follows that T ( m, k ) = O ( mk ) = O ( nk ) as required. B Proofs Omitted from Section 2.4 Proof of Theorem 10. Consider an instance I = ( D, M, k ) of FTP. Let x ∗ denote an optimal solu-tion to the corresponding FRAC-FTP instance, and let OP T = w ( x ∗ ) be its cost. Define a vector y ∈ R A as follows. y e = ( ( k + 1) x e if e M min { , ( k + 1) x e } otherwise . (2)Clearly, it holds that w ( y ) ≤ ( k + 1) OP T . We claim that every s - t cut in D with capacities y hascapacity of at least k + 1. Consider any such cut C ⊂ A , represented as the set of edges in the cut.Let M ′ = { e ∈ M : x ∗ e ≥ k +1 } denote the set of faulty edges attaining high fractional values in x ∗ .Define C ′ = C ∩ M ′ . If | C ′ | ≥ k + 1 we are clearly done. Otherwise, assume | C ′ | ≤ k . In this caseconsider the failure scenario F = C ′ . Since x ∗ is a feasible solution it must hold that X e ∈ C \ C ′ x ∗ e ≥ . (3)Since for every edge e ∈ C \ C ′ it holds that y e = ( k + 1) x ∗ e we obtain X e ∈ C \ C ′ y e ≥ k + 1 , (4)as desired. From our observations it follows that the maximum flow in D with capacities y is atleast k + 1. Finally, consider the minimum cost ( k + 1)-flow z ∗ in D with capacities defined by c e = ( k + 1 if e M . (5)From integrality of c and the minimum-cost flow problem we can assume that z ∗ is integral. Notethat y e ≤ c e for every e ∈ A , hence any feasible ( k +1)-flow with capacities y is also a feasible ( k +1)-flow with capacities c . From the previous observation it holds that w ( z ∗ ) ≤ w ( y ) ≤ ( k + 1) OP T .18rom Lemma 3 we know that z ∗ is a feasible solution to the FTP instance. This concludes theproof of the upper bound of k + 1 for the integrality gap.To prove the same lower bound we provide an infinite family of instances, containing instanceswith integrality gap arbitrarily close to k + 1. Consider a graph with p ≫ k parallel edges with unitcost connecting s and t , and let M = A . The optimal solution to FTP on this instance chooses anysubset of k + 1 edges. At the same time, the optimal solution to FRAC-FTP assigns a capacityof p − k to every edge. This solution is feasible, since in every failure scenario, the number of edgesthat survive is at least p − k , hence the maximum s - t flow is at least one. The cost of this solutionis pp − k . Taking p to infinity yields instances with integrality gap arbitrarily close to k + 1. C Proofs Omitted from Section 3.1 Proof of Lemma 15. In the following it will be convenient to denote by E the edge-set of thebipartite complement of a bipartite graph with edge-set E . Let I = ( G, c ) be an instance ofWeighted Robust Matching Augmentation where G = ( U, W, E ) is a balanced bipartite graph on n vertices and c ∈ Z E ≥ . Our reduction is similar to the classical reduction from the perfect matchingproblem in bipartite graphs to the Max s - t Flow problem. We construct in polynomial-time aninstance I ′ = ( D ′ , c ′ , s, t, M ) of FTF as follows. To obtain the digraph D ′ = ( V, A ), we add to thevertex set of G two new vertices s and t and add all arcs from s to U and from W to t . Furthermore,we add all arcs from U to W and consider those that correspondond to an edge in E as vulnerable.That is, we let M := { uw : u ∈ U, w ∈ W, uw ∈ E } . To complete the construction of I ′ , we let ℓ = n/ 2, and let the arc-costs c ′ be given by c ′ uw := ( c uw if uw ∈ E ( G ), and0 otherwise . For X ⊆ E ∪ E we write q ( X ) for the corresponding set of arcs of D ′ . Similarly, for a set Y ⊆ A of arcs we write q − ( Y ) for the corresponding set of undirected edges of G . Observe that for afeasible solution X to I , the arc set q ( X ) ∪ A s ∪ A t is feasible for I ′ , where A s (resp., A t ) is theset of arcs leaving s (resp., entering t ). Furthermore, a feasible solution Y to I ′ corresponds to afeasible solution q − ( Y \ ( A s ∪ A t )) to I . Also note that, by the choice of c ′ , we have that the cost oftwo corresponding solutions is the same. It follows that since ℓ = n/ 2, any polynomial-time f ( ℓ )-factor approximation algorithm for Fault-Tolerant ℓ -Flow implies a polynomial-time f ( n/ n = | U + W | . Proof of Theorem 16. We give a polynomial-time cost-preserving reduction from Directed SteinerForest to FTF via Weighted Robust Matching Augmentation. The intermediate reduction stepfrom Directed Steiner Forest to Weighted Robust Matching Augmentation is given in [15, Prop. 18].Consider an instance I of Directed Steiner Forest on a weighted digraph D = ( V, A ) on n verticeswith k terminal pairs ( s , t ) , ( s , t ) , . . . , ( s k , t k ). According to the reduction given in the proofof [15, Prop. 18], we obtain an instance of Weighted Robust Matching Augmentation on a graph ofat most 2( n + k )+2( n − k ) = 4 n =: n ′ vertices. By the arguments their proof, a f ( n ′ )-approximationalgorithm for Weighted Robust Matching Augmentation yields a f (4 n )-approximation algorithm forDirected Steiner Forest. We apply Proposition 15 to conclude that an f ( ℓ )-approximation algorithmfor FTF yields a f (2 n )-approximation algorithm for Directed Steiner Forest. According to the resultof Halperin and Krauthgamer [14], the problem Directed Steiner Forest admits no polynomial-timelog − ε n -approximation algorithm for every ε > 0, unless NP ⊆ ZTIME ( n polylog ( n ) ). We conclude19hat FTF admits no polynomial-time log − ε ( ℓ/ D Proofs Omitted from Section 3.2 Proof of Theorem 17. Let I be an instance of FTF on a digraph D = ( V, A )) with weight c ∈ Z A ≥ ,terminals s and t , vulnerable arcs M and desired flow value ℓ . We consider an instance I ′ =( D, c, s, t, ℓ + 1 , g ) of MCF, where the arc capacities g are given by g e := ( e ∈ M , and1 + k otherwiseAn optimal solution to I ′ can be computed computed in polynomial-time by standard techniques.We saw in the discussion at the beginning of Section 3.2 that the set of arcs of positive flow in asolution to I ′ yields a feasible solution to I .It remains to bound the approximation ratio. Let Y ∗ be an optimal solution to I of cost OPT( I ).We first show that Y ∗ contains ℓ + 1 disjoint s - t paths. Claim 1. Y ∗ contains an s - t flow of value ℓ + 1 with respect to the capacities g .Proof. First observe that in any feasible solution to I , every s - t cut contains either at least ℓ safe arcs or at least ℓ + 1 arcs. Now, an s - t cut Z in Y ∗ having at least ℓ safe arcs satisfies g ( Z ) ≥ (1 + ℓ ) · ℓ = ℓ + 1. On the other hand, an s - t cut Z ′ in Y ∗ containing at least ℓ + 1 arcssatisfies g ( Z ′ ) ≥ ℓ +1. Hence, each s - t cut in Y ∗ has capacity at least ℓ +1. By the max-flow-min-cuttheorem there is an s - t flow of value at least ℓ + 1.The theorem now follows from the next claim. Claim 2. An optimal solution to I ′ has cost at most ( ℓ + 1) · OPT( I ) .Proof. Let f ∗ ∈ Q A be an optimal s - t flow with respect to the capacities g . Furthermore, let Y bethe set of arcs of positive flow, that is Y := { e ∈ A | f ∗ e > } . Let Y M = Y ∩ M be the vulnerablearcs in Y and let Y S = Y \ Y M be the safe arcs. First, we may assume that each arc e ∈ Y hasflow value at least f ∗ e ≥ /ℓ , since each arc has capacity either 1 or 1 + ℓ . This is true since wecould scale the arc capacities g by a factor ℓ , which allows us to compute (in polynomial time) anintegral optimal solution with respect to the scaled capacity function, using any augmenting pathsalgorithm for MCF. In addition, observe that we may pay a factor of at most 1 + ℓ too much foreach safe arc since the capacity of the safe arc is 1 + ℓ . Therefore, we may bound the cost of a safearc e ∈ Y S by ℓ · (1 + ℓ ) · c e · f e and the cost of each vulnerable arc e ∈ Y M by ℓ · c e · f e , where f e isthe flow-value of arc e according to the solution Y . Hence, we obtain c ( Y ) = c ( Y S ) + c ( Y M ) ≤ ℓ · (1 + 1 ℓ ) · X e ∈ Y S c e · f ∗ e + X e ∈ Y M c e · f ∗ e ≤ ℓ · (1 + 1 ℓ ) · X e ∈ Y S c e · f ∗ e + X e ∈ Y M c e · f ∗ e ≤ ( ℓ + 1) · OPT( I ) , H = ( V, A ∗ ) suchthat X ⊆ A ∗ ⊆ A , we denote the corresponding residual graph by D X ( A ∗ ) = ( V, A ′ ). The arc-set A ′ is given by A ′ := { uv ∈ A | uv / ∈ X } ∪ { vu ∈ A | uv ∈ X } . An illustration of this graph isgiven in Figure 1. We first show that in a feasible solution Y ⊆ A \ X , each vulnerable arc in X is contained in a strongly connected component of D X ( X ∪ Y ). Lemma 23. Let Y ⊆ A \ X . Then Y is a feasible solution to I if and only if each vulnerable arc f ⊆ M ∩ X is contained in a strongly connected component of D X ( X ∪ Y ) .Proof of Lemma 23. We first prove the “if” part, so let f = uv be a vulnerable arc in X that iscontained in a strongly connected component of D X ( X ∪ Y ). Since f ∈ X , the arc f is reversedin D X ( X ∪ Y ) and since f is on a cycle C in D X ( X ∪ Y ), there is a path P from u to v in D X ( X ∪ Y ). Let P ′ be the path corresponding to P in X ∪ Y . Note that P ′ is not a directedpath in D and that an arc e on P ′ is traversed forward if e ∈ P ′ ∩ Y and traversed backward if e ∈ P ′ ∩ X . We partition P ′ into two disjoint parts P ′ X = P ′ ∩ X and P ′ Y = P ′ ∩ Y . We now arguethat ( X − P ′ X − f ) ∪ P ′ Y contains ℓ disjoint s - t paths. Clearly, we have ( X − P ′ X − f ) ∪ P ′ Y ⊆ X ∪ Y .Furthermore, by our assumption that X is the union of ℓ s - t edge-dijoint paths, for each vertex v ∈ V − { s, t } , we have δ + ( v ) = δ − ( v ) and δ + ( s ) = δ − ( t ) = ℓ . Since C is a cycle in D X ( X ∪ Y )the degree constraints also hold for ( X − P ′ X − f ) ∪ P ′ Y . Hence ( X − P ′ X − f ) ∪ P ′ Y is the unionof ℓ disjoint s - t paths.We now prove the “only if” part. Let f = uv ∈ X be a vulnerable arc and suppose f is notcontained in a strongly connected component of D X ( X ∪ Y ). Let L ⊆ V be the set of verticesthat are reachable from u in D X ( X ∪ Y ) and let R = V − L . Note that s ∈ L , since u is on some s - t path in X and t ∈ R , since otherwise there is a path from u to v in D X ( X ∪ Y ) (since everyarc in X is reversed in D X ( X ∪ Y )). Let L ′ = { x , . . . , x ℓ } ⊆ L , x i ∈ P i for 1 ≤ i ≤ ℓ , be thevertices of L that are closest to t in X . We now claim that δ + ( L ) is a cut of size ℓ in X ∪ Y containing f . Since f is vulnerable this contradicts the feasibility of X ∪ Y . We have f ∈ δ + ( L )in X ∪ Y , since otherwise f is contained in a strongly connected component of D X ( X ∪ Y ). Bythe construction of L , we have Y ∩ δ + ( L ) = ∅ . Since X is the union of ℓ disjoint paths, the set δ + ( L ) has size at most ℓ , proving our claim, since this implies that X ∪ Y is not feasible. Proof of Theorem 18. Let P be a shortest path in the auxiliary graph D and let Y be the solutioncomputed by Algorithm 2. We first establish the feasibility of Y . Claim 1. The solution Y computed by Algorithm 2 is feasible.Proof. For a link xy ∈ P ∩ A , let Y ( x, y ) be an optimal solution to the instance I ( x, y ) of DirectedSteiner Forest. We now argue that X ∪ Y is feasible to the instance I of Fault-Tolerant ℓ -FlowAugmentation. By Lemma 23, it suffices to show that each vulnerable arc of X is contained insome strongly connected component of D X ( X ∪ Y ). Consider a vulnerable arc x i y i ∈ X on a path P i contained in X . Two nodes x and y containing x i and y i , respectively, cannot be connectedby a link in A of D , since x i y i is vulnerable. Let u = ( u , u , . . . , u ℓ ) (resp., v = ( v , v , . . . , v ℓ ))be the node on P such that u i (resp., v i ) is closest to x i (resp., y i ) on the subpath from s to x i (resp., y i to t ) of P i . These two nodes exist since P is a path from ( s, . . . , s ) to ( t, . . . , t ) in D . If21 t (a) Graph D and X consisting of two disjoint paths. s t (b) Residual graph D X ( X ∪ Y ). Figure 1: Illustration of the structure of feasible solutions to Fault-Tolerant ℓ -Flow Augmentation.Unsafe arcs are red, safe arcs are black. In Fig. 1a: edges of X are black and red; edges of A − X are light gray and light red. Dashed edges belong to Y . there is more than one such node, let u be a greatest and v be a smallest such node with respectto the ordering ≤ . By this choice of u and v , we have that uv ∈ P ∩ A . Therefore, the optimalsolution Y ( u, v ) to I ( u, v ) has been added to Y by Algorithm 2. Since Y ( u, v ) connects x i and y i in D X ( X ∪ Y ), we have that the arc x i y i is contained in a strongly connected component in theresidual graph D X ( X ∪ Y ).Let Y ∗ be an optimal solution to I of weight OPT( I ). We now show that Y computed byAlgorithm 2 is optimal. Observe that the weight of Y is equal to c ′ ( P ), so it suffices to showthat w ( P ) ≤ OPT( I ). To prove the inequality, we first introduce a partial ordering of the strongcomponents of D X ( X ∪ Y ∗ ). Using this ordering we can construct a path P ′ in D from ( s, . . . , s )to ( t, . . . , t ) of cost w ( P ′ ) = OPT( I ). We conclude by observing that a shortest path P has cost atmost w ( P ′ ).We introduce some useful notation. Let Z be a strongly connected component of D X ( X ∪ Y ∗ )and let L ( Z ) = { i ∈ { , , . . . , ℓ } | E ( P i ) ∩ E ( Z ) = ∅} be the set of indices of the paths P , ..., P ℓ thathave at least one edge in common with Z (ignoring orientations). Additionally, for each i ∈ L ( Z ),let s i ( Z ) be the vertex of Z that is closest to s on P i and let S ( Z ) := S i ∈ L ( Z ) s i ( Z ). Similarly, foreach i ∈ L ( Z ) let t i ( Z ) be the vertex of Z that is closest to t on P i and let T ( Z ) := S i ∈ L ( Z ) t i ( Z ). Claim 2. Let e i , e i ∈ P i ∩ M be two vulnerable arcs of a path P i , such that their correspondingconnected components Z and Z of D X ( X ∪ Y ∗ ) are disjoint. If e i precedes e i on P i , then t i ( Z ) < s i ( Z ) for every i ∈ L ( Z ) ∩ L ( Z ) .Proof. Suppose for a contradiction that there is some i ∈ L ( Z ) ∩ L ( Z ), such that t i ( Z ) ≥ s i ( Z ).By the definition of D X ( X ∪ Y ∗ ), we have that t i ( Z ) is connected to s i ( Z ) in D X ( X ∪ Y ∗ ).But this implies that Z and Z are not disjoint, a contradiction.Using this claim we can construct a path P ′ in D of cost at most OPT( I ). Claim 3. There is a path P ′ from ( s, . . . , s ) to ( t, . . . , t ) in D of cost at most OPT( I ) .Proof. We give an algorithm that constructs a path P ′ from ( s, . . . , s ) to ( t, . . . , t ) in D , such that P ′ only uses links in A that correspond to strongly connected components of Y ∗ in D X ( X ∪ Y ∗ ).Starting from s = ( s, . . . , s ) ∈ V , we perform the following two steps alternatingly until we reach( t, ..., t ) ∈ V .1. From the current node u , we proceed by greedily taking links of A until we reach a node v = ( v , v , . . . , v ℓ ) ∈ V with the property that each vertex v i , 1 ≤ i ≤ ℓ , is either t or part ofsome strongly connected component of D X ( X ∪ Y ∗ ).22. From the current node v , we take a link vw ∈ A to some node w ∈ V , where the link vw corresponds to a strongly connected component Z of D X ( X ∪ Y ∗ ).First, we observe that Step 1 is well-defined: If at some point we reach a node v = ( v , v , . . . , v ℓ )with no out-arcs in A and there is some 1 ≤ i ≤ ℓ , such that v i is not in a strongly connectedcomponent of D X ( X ∪ Y ∗ ), then Y ∗ is not feasible, since Q i ( v i , · ) contains a vulnerable arc butthere is no substitute path in X ∪ Y ∗ . To show that we obtain an s - t path by alternating thetwo steps above it remains to show that whenever we are in Step 2, there is a link vw ∈ A suchthat vw corresponds to a strongly connected component of D X ( X ∪ Y ∗ ). Let v = ( v , ..., v ℓ ) ∈ V be the current node at the beginning of Step 2. Without loss of generality we may assume that v i = t for i ∈ { , , . . . , q } for some 1 ≤ q ≤ ℓ (if v i = t for all i ∈ [ ℓ ] then we are done). Wenow need to show that there is a strongly connected component Z in D X ( X ∪ Y ∗ ) such that S ( Z ) ⊆ { v , ..., v q } . Suppose for each strongly connected component Z in D X ( X ∪ Y ∗ ) satisfying S ( Z ) ∩ { v , ..., v q } 6 = ∅ we have that S ( Z ) * { v , ..., v q } and let Z , ..., Z j be those components. ByClaim 2 we have that for every component Z i , i ∈ [ j ] there is a component Z i ′ , i ′ ∈ [ j ], such thatthere is some l ∈ L i ∩ L i ′ with t l ( Z i ′ ) < s l ( Z i ). But then the ordering of the sets Z , ..., Z j inducesa cycle, a contradiction to the ordering.Hence the algorithm computes an s - t path P ′ ; it remains to bound its cost. Consider anylink e = vw ∈ P ′ ∩ A with v = ( v , ..., v ℓ ) and w = ( w , ..., w ℓ ) and let Z e be its correspondingstrongly connected component in Y ∗ . Let c ( Z e ) := P a ∈ Z e \ X c ( a ), i.e. the cost of the edges in Z e that do not belong to X . For the cost of the link e we now have that w e = OPT( I ( v, w )) ≤ c ( Z e ),since we compute an optimal solution to I ( v, w ) that connects the terminal pairs ( v i , w i ) ≤ i ≤ ℓ inthe residual graph. Hence we have w ( P ′ ) = P e ∈P ′ ∩A w e ≤ P e ∈P ′ ∩A c ( Z e ) = OPT( I ).A shortest path P from s to t in D satisfies c ′ ( P ) ≤ c ′ ( P ′ ) ≤ OPT( I ). Proof of Theorem 19. Let | V | = n and | A | = m . The auxiliary graph D = ( V , A ) has order |V| ≤ n ℓ and size |A| ≤ n ℓ . For each link e ∈ A we need to solve (at most) one instance of DirectedSteinerF orest on at most ℓ terminal pairs, which can be done in time O ( n ℓ · ( mn ℓ − + n ℓ − log n )) using the algorithm from [10] for finding a cost-minimal strongly connected subgraphon ℓ terminal pairs. Hence, D can be constructed in O ( mn ℓ − + n ℓ − log n ). Since D is acyclic,a shortest path from ( s, . . . , s ) to ( t, . . . , t ) in D can be computed in time O ( |V| + |A| ) = O ( n ℓ ).Therefore, Algorithm 2 runs in time O ( mn ℓ − + n ℓ − log n ). E Proofs Omitted from Section 3.3 Proof of Proposition 21. Consider an instance I of 2-connected Directed k Steiner Tree on a graph D = ( V, A ) with edge weights c ∈ Q A , root s ∈ V , and k terminals T = { t , . . . , t k } . We construct(in polynomial time) an instance I ′ = (( V ′ , A ∪ A t ) , c ′ , s, t, A ) of Fault-Tolerant k -Flow as follows.We add to D a vertex t and an arc from each terminal to t ; that is, we add the edge-set A t = { ( t i , t ) : t i ∈ T } . Let D ′ be the resulting graph. The cost function c ′ is given by c ′ e := ( c e if e ∈ A , and0 otherwise . Finally, we set M := A , that is, all original arcs are unsafe, while the new arcs A t are safe.Let X be a feasible solution to I ′ . We have A t ⊆ X , since otherwise X is not feasible. Wenow show that there are two disjoint s - t i paths in ( V, X \ A t ) for every t i ∈ T . Assume this is nottrue and there is some 1 ≤ i ≤ k , such that there are no two disjoint s - t i paths in ( V, X ). By the23ax-flow-min-cut theorem there is a cut edge e ∈ A (or no edge at all) that separates s and t i in( V, X ). But then Y := { ( A t ∪ { e } ) \ ( t i , t ) } is an s - T cut in ( V, X ) of size k containing vulnerableedge, which contradicts the assumption that X is feasible for I ′ . Furthermore, every s - T cut in( V, X \ A t ) contains at least k + 1 edges since all edges in A are unsafe, since otherwise X is notfeasible for I ′ . Finally, observe that there is a one-to-one correspondence between feasible solutionsto I ′ and those of the 2-connected Directed k Steiner Tree instance I with the additional propertythat every s - T cut contains at least k + 1 edges. Proof of Proposition 22. Let I be an instance of 1-2-connected Directed 2 Steiner Tree on a graph D = ( V, A ) with edge-weights c ∈ Q E , root s ∈ V , and terminals T = { t , t } . Similar to the proofof Proposition 21 we construct an instance I ′ of Fault Tolerant 2-Flow as follows. We add to D twovertices u and t and four directed edges ˆ A = { ( s, u ) , ( t , u ) , ( u, t ) , ( t , t ) } . Let the resulting graphbe D ′ . The edge weights c ′ of D ′ are given by c ′ e := ( c e if e ∈ A ( G ), and0 otherwise . Finally, we set M := A ∪ { ( s, u ) , ( t , u ) } , that is, the edges incident to t are safe while all otheredges are unsafe.Let X be a feasible solution to I ′ . We have ˆ A ⊆ X , since otherwise X is not feasible. We nowshow that there is at least one s - t i path and there are at least two disjoint s - t paths in ( V, X \ ˆ A ).Assume first that there is no path from s to t in ( V, X \ ˆ A ). But then { ( s, u ) , ( v, t ) } is a cut ofsize two in D ′ , where ( s, u ) is a vulnerable edge. This contradicts the feasibility of X . Now assumethat there are no two disjoint s - t paths in ( V, X \ ˆ A ). Similar to the proof of Proposition 21we then have a contradiction to the feasibility of X . Finally, observe that there is a one-to-onecorrespondence between feasible solutions to I and feasible solutions to I ′′