49,350 research outputs found
Distributed System Contract Monitoring
The use of behavioural contracts, to specify, regulate and verify systems, is
particularly relevant to runtime monitoring of distributed systems. System
distribution poses major challenges to contract monitoring, from
monitoring-induced information leaks to computation load balancing,
communication overheads and fault-tolerance. We present mDPi, a location-aware
process calculus, for reasoning about monitoring of distributed systems. We
define a family of Labelled Transition Systems for this calculus, which allow
formal reasoning about different monitoring strategies at different levels of
abstractions. We also illustrate the expressivity of the calculus by showing
how contracts in a simple contract language can be synthesised into different
mDPi monitors.Comment: In Proceedings FLACOS 2011, arXiv:1109.239
Policy Conflict Analysis in Distributed System Management
Accepted versio
Building a generalized distributed system model
A modeling tool for both analysis and design of distributed systems is discussed. Since many research institutions have access to networks of workstations, the researchers decided to build a tool running on top of the workstations to function as a prototype as well as a distributed simulator for a computing system. The effects of system modeling on performance prediction in distributed systems and the effect of static locking and deadlocks on the performance predictions of distributed transactions are also discussed. While the probability of deadlock is considerably small, its effects on performance could be significant
Integrating security in a group oriented distributed system
A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized
Distributed System Fuzzing
Grey-box fuzzing is the lightweight approach of choice for finding bugs in
sequential programs. It provides a balance between efficiency and effectiveness
by conducting a biased random search over the domain of program inputs using a
feedback function from observed test executions. For distributed system
testing, however, the state-of-practice is represented today by only black-box
tools that do not attempt to infer and exploit any knowledge of the system's
past behaviours to guide the search for bugs.
In this work, we present Mallory: the first framework for grey-box
fuzz-testing of distributed systems. Unlike popular black-box distributed
system fuzzers, such as Jepsen, that search for bugs by randomly injecting
network partitions and node faults or by following human-defined schedules,
Mallory is adaptive. It exercises a novel metric to learn how to maximize the
number of observed system behaviors by choosing different sequences of faults,
thus increasing the likelihood of finding new bugs. The key enablers for our
approach are the new ideas of timeline-driven testing and timeline abstraction
that provide the feedback function guiding a biased random search for failures.
Mallory dynamically constructs Lamport timelines of the system behaviour,
abstracts these timelines into happens-before summaries, and introduces faults
guided by its real-time observation of the summaries.
We have evaluated Mallory on a diverse set of widely-used industrial
distributed systems. Compared to the start-of-the-art black-box fuzzer Jepsen,
Mallory explores more behaviours and takes less time to find bugs. Mallory
discovered 22 zero-day bugs (of which 18 were confirmed by developers),
including 10 new vulnerabilities, in rigorously-tested distributed systems such
as Braft, Dqlite, and Redis. 6 new CVEs have been assigned
- …