This dissertation studies the problems to solve in order to use the invocation paradigm to express replicated object communication in fault-tolerant distributed systems. The ultimate goal is to define abstractions which achieve replication encapsulation, ie which give the illusion that replication is an internal property of objects. Thus, object communication could be always expressed using the invocation paradigm, whether objects are replicated or not. Background The invocation paradigm defines a "request-reply" communication model which matches exactly the client-server model. The latter is generally used to express service interactions in distributed systems. For this reason, the object-oriented approach is well suited to the design of distributed system services. A service can be implemented as a set of objects, located on remote computers (or nodes). Service fault-tolerance is achieved by replicating the objects which implement the service. Most of the previous works about replicated objects consider only server object replication. This study is more general: both client and server can be replicated. Furthermore, replication policies of objects can be different. Four replication policies had been studied: active replication, passive replication, semi-active replication, and coordinator-cohort replication. Replication encapsulation Replication encapsulation means both plurality encapsulation and replication policy encapsulation. Plurality encapsulation consists in hiding from other objects, that a replicated object is actually a set of replicas located on several nodes. Replication policy encapsulation consists in hiding from other objects, the communication protocol to use in order to interact with object replicas without breaking their consistency. The symmetric invocation model Most of the related works are based on an asymmetric invocation model. In this model, the invocation reply follows exactly the reverse of the request communication path. The asymmetric invocation model can not be used to achieve replication encapsulation of client objects. This dissertation proposes a symmetric invocation model which solves this problem. The symmetric invocation model considers the request transmission and the reply transmission as two instances of the same problem: the transmission of a message to a replicated object. Both the analysis of the replication encapsulation problem and the symmetric invocation model were used to define a specification of replicated object invocation. This specification is a set of generic formal properties based on parameters which values depend on replication policies. The properties include object failure semantics which is expressed using the group paradigm and the view-synchronous communication paradigm. Every replicated object is built using an object group which membership changes whenever object replicas fail or restart. The N2M invocation service The main result of this study is the design1 of N2M, an invocation service which supports replicated objects. Objects using N2M are called application objects whereas objects implementing N2M are called communication objects. Communication objects take care of every aspect related to application object replication. Thus, replicated application objects communicate using regular invocations, just as if they were not replicated. There are actually two kinds of communication objects: encapsulators and mailers. Each replicated application object is built using an encapsulator group. Each application object replica is associated with a private encapsulator which acts as an invocation filter for this replica. To communicate with a replicated application object O, every object must interact with O's local mailer. On every node, a replicated application object is represented by a mailer which is responsible for transmitting requests and replies to the application object replicas. The originality of this model is its symmetry: there are both mailers of the server on the client nodes, and mailers of the client on the server nodes. This symmetry is directly inherited from the symmetric invocation model. Each replication policy is implemented using an encapsulator class and a mailer class. These classes replicate objects according to a specific replication policy, while respecting the invocation paradigm. In other words, communication object classes achieve replication encapsulation. The GARF-v2 programming environment The N2M service has been implemented in the context of the GARF project2. The GARF project aimed to provide a programming environment which faciltates the design of fault-tolerant distributed applications. The environment prototype was implemented in Smalltalk. It is based on the group communication layer provided by ISIS toolkit. --------------------------------------- 1this logo refers to the n to m expression which usually names the interaction between n client replicas and m server replicas. 2GARF is the french acronym for automatic generation of fault-tolerant applications.