A comparison framework for server virtualisation systems a case study

Recent years have seen a revival of interest in virtualisation research. Although this term has been used to refer to various systems, the focus of this research is on systems which partition a single physical server into multiple virtual servers. It is difficult for researchers and practitioners to get a clear picture of the state of the art in server virtualisation. This is due in part to the large number of systems available. Another reason is that information about virtualisation systems lacks structure, and is dispersed among multiple sources. Practitioners, such as data centre managers and systems administrators, may be familiar with virtualisation systems from a specific vendor, but generally lack a broader view of the field. This makes it difficult to make informed decisions when selecting these systems. Researchers and vendors who are developing virtualisation systems also lack a standard framework for identifying the strengths and weaknesses of their systems, compared to competing systems. It is also time-consuming for researchers who are new to the field to learn about current virtualisation systems. The purpose of this research was to develop a framework to solve these problems. The objectives of the research correspond to the applications of the framework. These include conducting comparative evaluations of server virtualisation systems, identifying strengths and weaknesses of particular virtualisation systems, specifying virtualisation system requirements to facilitate system selection, and gathering information about current virtualisation systems in a structured form. These four objectives were satisfied. The design of this framework was also guided by six framework design principles. These principles, or secondary objectives, were also met. The framework was developed based on an extensive literature study of data centres, virtualisation and current virtualisation systems. Criteria were selected through an inductive process. The feasibility of conducting evaluations using the framework was demonstrated by means of literature-based evaluations, and a practical case study. The use of the framework to facilitate virtualisation system selection was also demonstrated by means of a case study featuring the NMMU Telkom CoE data centre. This framework has a number of practical applications, ranging from the facilitation of decision-making to identifying areas for improvement in current virtualisation systems. The information resulting from evaluations using the framework is also a valuable resource for researchers who are new to the field. The literature study which forms the theoretical foundation of this work is particularly useful in this regard. A future extension to this work would be to develop a decision support system based on the framework. Another possibility is to make the framework, and evaluations, available on-line as a resource for data center managers, vendors and researchers. This would also enable other researchers to provide additional feedback, enabling the framework to be further refine

Microkernel mechanisms for improving the trustworthiness of commodity hardware

The thesis presents microkernel-based software-implemented mechanisms for improving the trustworthiness of computer systems based on commercial off-the-shelf (COTS) hardware that can malfunction when the hardware is impacted by transient hardware faults. The hardware anomalies, if undetected, can cause data corruptions, system crashes, and security vulnerabilities, significantly undermining system dependability. Specifically, we adopt the single event upset (SEU) fault model and address transient CPU or memory faults. We take advantage of the functional correctness and isolation guarantee provided by the formally verified seL4 microkernel and hardware redundancy provided by multicore processors, design the redundant co-execution (RCoE) architecture that replicates a whole software system (including the microkernel) onto different CPU cores, and implement two variants, loosely-coupled redundant co-execution (LC-RCoE) and closely-coupled redundant co-execution (CC-RCoE), for the ARM and x86 architectures. RCoE treats each replica of the software system as a state machine and ensures that the replicas start from the same initial state, observe consistent inputs, perform equivalent state transitions, and thus produce consistent outputs during error-free executions. Compared with other software-based error detection approaches, the distinguishing feature of RCoE is that the microkernel and device drivers are also included in redundant co-execution, significantly extending the sphere of replication (SoR). Based on RCoE, we introduce two kernel mechanisms, fingerprint validation and kernel barrier timeout, detecting fault-induced execution divergences between the replicated systems, with the flexibility of tuning the error detection latency and coverage. The kernel error-masking mechanisms built on RCoE enable downgrading from triple modular redundancy (TMR) to dual modular redundancy (DMR) without service interruption. We run synthetic benchmarks and system benchmarks to evaluate the performance overhead of the approach, observe that the overhead varies based on the characteristics of workloads and the variants (LC-RCoE or CC-RCoE), and conclude that the approach is applicable for real-world applications. The effectiveness of the error detection mechanisms is assessed by conducting fault injection campaigns on real hardware, and the results demonstrate compelling improvement