Virtual Machine Workloads: The Case for New NAS Benchmarks

Network Attached Storage (NAS) and Virtual Machines (VMs) are widely used in data centers thanks to their manageability, scalability, and ability to consolidate resources. But the shift from physical to virtual clients drastically changes the I/O workloads to seen on NAS servers, due to guest file system encapsulation in virtual disk images and the multiplexing of request streams from different VMs. Unfortunately, current NAS workload generators and benchmarks produce workloads typical to physical machines. This paper makes two contributions. First, we studied the extent to which virtualization is changing existing NAS workloads. We observed significant changes, including the disappearance of file system meta-data operations at the NAS layer, changed I/O sizes, and increased randomness. Second, we created a set of versatile NAS benchmarks to synthesize virtualized workloads. This allows us to generate accurate virtualized workloads without the effort and limitations associated with setting up a full virtualized environment. Our experiments demonstrate that relative error of our virtualized benchmarks, evaluated across 11 parameters, averages less than 10%

Understanding (Un)Written Contracts of NVMe ZNS Devices with zns-tools

Operational and performance characteristics of flash SSDs have long been associated with a set of Unwritten Contracts due to their hidden, complex internals and lack of control from the host software stack. These unwritten contracts govern how data should be stored, accessed, and garbage collected. The emergence of Zoned Namespace (ZNS) flash devices with their open and standardized interface allows us to write these unwritten contracts for the storage stack. However, even with a standardized storage-host interface, due to the lack of appropriate end-to-end operational data collection tools, the quantification and reasoning of such contracts remain a challenge. In this paper, we propose zns.tools, an open-source framework for end-to-end event and metadata collection, analysis, and visualization for the ZNS SSDs contract analysis. We showcase how zns.tools can be used to understand how the combination of RocksDB with the F2FS file system interacts with the underlying storage. Our tools are available openly at \url{https://github.com/stonet-research/zns-tools}

Understanding (Un)Written Contracts of NVMe ZNS Devices with zns-tools

Operational and performance characteristics of flash SSDs have long been associated with a set of Unwritten Contracts due to their hidden, complex internals and lack of control from the host software stack. These unwritten contracts govern how data should be stored, accessed, and garbage collected. The emergence of Zoned Namespace (ZNS) flash devices with their open and standardized interface allows us to write these unwritten contracts for the storage stack. However, even with a standardized storage-host interface, due to the lack of appropriate end-to-end operational data collection tools, the quantification and reasoning of such contracts remain a challenge. In this paper, we propose zns.tools, an open-source framework for end-to-end event and metadata collection, analysis, and visualization for the ZNS SSDs contract analysis. We showcase how zns.tools can be used to understand how the combination of RocksDB with the F2FS file system interacts with the underlying storage. Our tools are available openly at \url{https://github.com/stonet-research/zns-tools}

Automating Software Development for Mobile Computing Platforms

Mobile devices such as smartphones and tablets have become ubiquitous in today\u27s computing landscape. These devices have ushered in entirely new populations of users, and mobile operating systems are now outpacing more traditional desktop systems in terms of market share. The applications that run on these mobile devices (often referred to as apps ) have become a primary means of computing for millions of users and, as such, have garnered immense developer interest. These apps allow for unique, personal software experiences through touch-based UIs and a complex assortment of sensors. However, designing and implementing high quality mobile apps can be a difficult process. This is primarily due to challenges unique to mobile development including change-prone APIs and platform fragmentation, just to name a few. in this dissertation we develop techniques that aid developers in overcoming these challenges by automating and improving current software design and testing practices for mobile apps. More specifically, we first introduce a technique, called Gvt, that improves the quality of graphical user interfaces (GUIs) for mobile apps by automatically detecting instances where a GUI was not implemented to its intended specifications. Gvt does this by constructing hierarchal models of mobile GUIs from metadata associated with both graphical mock-ups (i.e., created by designers using photo-editing software) and running instances of the GUI from the corresponding implementation. Second, we develop an approach that completely automates prototyping of GUIs for mobile apps. This approach, called ReDraw, is able to transform an image of a mobile app GUI into runnable code by detecting discrete GUI-components using computer vision techniques, classifying these components into proper functional categories (e.g., button, dropdown menu) using a Convolutional Neural Network (CNN), and assembling these components into realistic code. Finally, we design a novel approach for automated testing of mobile apps, called CrashScope, that explores a given android app using systematic input generation with the intrinsic goal of triggering crashes. The GUI-based input generation engine is driven by a combination of static and dynamic analyses that create a model of an app\u27s GUI and targets common, empirically derived root causes of crashes in android apps. We illustrate that the techniques presented in this dissertation represent significant advancements in mobile development processes through a series of empirical investigations, user studies, and industrial case studies that demonstrate the effectiveness of these approaches and the benefit they provide developers

Conformance Checking-based Concept Drift Detection in Process Mining

One of the main challenges of process mining is to obtain models that represent a process as simply and accurately as possible. Both characteristics can be greatly influenced by changes in the control flow of the process throughout its life cycle. In this thesis we propose the use of conformance metrics to monitor such changes in a way that allows the division of the log into sub-logs representing different versions of the process over time. The validity of the hypothesis has been formally demonstrated, showing that all kinds of changes in the process flow can be captured using these approaches, including sudden, gradual drifts on both clean and noisy environments, where differentiating between anomalous executions and real changes can be tricky

Towards Automated Security Validation for Hardware Designs

Hardware provides the foundation of trust for computer systems. Defects in hardware designs routinely cause vulnerabilities that are exploitable by malicious software and compromise the security of the entire system. While mature hardware validation tools exist, they were primarily designed for checking functional correctness. How to systematically detect security-critical defects remains an open and challenging question.In this dissertation, I develop formal methods and practical tools for automated hardware security validation. To identify and develop security-critical properties for hardware design, I developed SCIFinder, a methodology that leverages known vulnerabilities to mine and learn security invariants. I show that security vulnerabilities together with machine learning techniques can give us a set of security properties to detect both known and unknown security bugs in the OR1200 processor. I also proposed another method to develop security-critical properties by leveraging existing ones, and I built a tool, Transys, to translate security properties across similar or different versions of hardware designs. I demonstrate that translating security properties across AES hardware, RSA hardware and RISC processors is feasible and light-weight. Given the security properties, I developed Coppelia to validate the security of hardware designs. I proposed a hardware-oriented backward symbolic execution strategy to find violations and generate exploit programs. I successfully generate exploits for known security bugs on the OR1200 processor, and discovered and generated exploit programs for 4 unknown bugs across two different processors and architectures.Doctor of Philosoph

Obstructions in Security-Aware Business Processes

This Open Access book explores the dilemma-like stalemate between security and regulatory compliance in business processes on the one hand and business continuity and governance on the other. The growing number of regulations, e.g., on information security, data protection, or privacy, implemented in increasingly digitized businesses can have an obstructive effect on the automated execution of business processes. Such security-related obstructions can particularly occur when an access control-based implementation of regulations blocks the execution of business processes. By handling obstructions, security in business processes is supposed to be improved. For this, the book presents a framework that allows the comprehensive analysis, detection, and handling of obstructions in a security-sensitive way. Thereby, methods based on common organizational security policies, process models, and logs are proposed. The Petri net-based modeling and related semantic and language-based research, as well as the analysis of event data and machine learning methods finally lead to the development of algorithms and experiments that can detect and resolve obstructions and are reproducible with the provided software

Encoding process discovery problems in SMT

Information systems, which are responsible for driving many processes in our lives (health care, the web, municipalities, commerce and business, among others), store information in the form of logs which is often left unused. Process mining, a discipline in between data mining and software engineering, proposes tailored algorithms to exploit the information stored in a log, in order to reason about the processes underlying an information system. A key challenge in process mining is discovery: Given a log, derive a formal process model that can be used afterward for a formal analysis. In this paper, we provide a general approach based on satisfiability modulo theories (SMT) as a solution for this challenging problem. By encoding the problem into the logical/arithmetic domains and using modern SMT engines, it is shown how two separate families of process models can be discovered. The theory of this paper is accompanied with a tool, and experimental results witness the significance of this novel view of the process discovery problem.Peer ReviewedPostprint (author's final draft