4,190 research outputs found
Efficient System-Enforced Deterministic Parallelism
Deterministic execution offers many benefits for debugging, fault tolerance, and security. Current methods of executing parallel programs deterministically, however, often incur high costs, allow misbehaved software to defeat repeatability, and transform time-dependent races into input- or path-dependent races without eliminating them. We introduce a new parallel programming model addressing these issues, and use Determinator, a proof-of-concept OS, to demonstrate the model's practicality. Determinator's microkernel API provides only “shared-nothing” address spaces and deterministic interprocess communication primitives to make execution of all unprivileged code—well-behaved or not—precisely repeatable. Atop this microkernel, Determinator's user-level runtime adapts optimistic replication techniques to offer a private workspace model for both thread-level and process-level parallel programing. This model avoids the introduction of read/write data races, and converts write/write races into reliably-detected conflicts. Coarse-grained parallel benchmarks perform and scale comparably to nondeterministic systems, on both multicore PCs and across nodes in a distributed cluster
Plugging Side-Channel Leaks with Timing Information Flow Control
The cloud model's dependence on massive parallelism and resource sharing
exacerbates the security challenge of timing side-channels. Timing Information
Flow Control (TIFC) is a novel adaptation of IFC techniques that may offer a
way to reason about, and ultimately control, the flow of sensitive information
through systems via timing channels. With TIFC, objects such as files,
messages, and processes carry not just content labels describing the ownership
of the object's "bits," but also timing labels describing information contained
in timing events affecting the object, such as process creation/termination or
message reception. With two system design tools-deterministic execution and
pacing queues-TIFC enables the construction of "timing-hardened" cloud
infrastructure that permits statistical multiplexing, while aggregating and
rate-limiting timing information leakage between hosted computations.Comment: 5 pages, 3 figure
Rethinking State-Machine Replication for Parallelism
State-machine replication, a fundamental approach to designing fault-tolerant
services, requires commands to be executed in the same order by all replicas.
Moreover, command execution must be deterministic: each replica must produce
the same output upon executing the same sequence of commands. These
requirements usually result in single-threaded replicas, which hinders service
performance. This paper introduces Parallel State-Machine Replication (P-SMR),
a new approach to parallelism in state-machine replication. P-SMR scales better
than previous proposals since no component plays a centralizing role in the
execution of independent commands---those that can be executed concurrently, as
defined by the service. The paper introduces P-SMR, describes a "commodified
architecture" to implement it, and compares its performance to other proposals
using a key-value store and a networked file system
Independence in constraint logic programs
Studying independence of literals, variables, and substitutions has proven very useful in the context of logic programming (LP). Here we study independence in the broader context of constraint logic programming (CLP). We show that a naive extrapolation of the LP definitions of independence to CLP is unsatisfactory (in fact, wrong) for two reasons. First, because interaction between variables through constraints is more complex than in the case of logic programming. Second, in order to ensure the efUciency of several optimizations not only must independence of the search space be considered, but also an orthogonal issue - "independence of constraint solving." We clarify these issues by proposing various types of search independence
and constraint solver independence, and show how they can be combined to allow different independence-related optimizations, from parallelism to intelligent backtracking. Sufficient conditions for independence which can be evaluated "a-priori" at run-time are also proposed. Our results suggest that independence, provided a suitable definition is chosen, is even more useful in CLP than in LP
- …