엣지 클라우드 환경을 위한 연산 오프로딩 시스템

학위논문(박사)--서울대학교 대학원 :공과대학 전기·정보공학부,2020. 2. 문수묵.The purpose of my dissertation is to build lightweight edge computing systems which provide seamless offloading services even when users move across multiple edge servers. I focused on two specific application domains: 1) web applications and 2) DNN applications. I propose an edge computing system which offload computations from web-supported devices to edge servers. The proposed system exploits the portability of web apps, i.e., distributed as source code and runnable without installation, when migrating the execution state of web apps. This significantly reduces the complexity of state migration, allowing a web app to migrate within a few seconds. Also, the proposed system supports offloading of webassembly, a standard low-level instruction format for web apps, having achieved up to 8.4x speedup compared to offloading of pure JavaScript codes. I also propose incremental offloading of neural network (IONN), which simultaneously offloads DNN execution while deploying a DNN model, thus reducing the overhead of DNN model deployment. Also, I extended IONN to support large-scale edge server environments by proactively migrating DNN layers to edge servers where mobile users are predicted to visit. Simulation with open-source mobility dataset showed that the proposed system could significantly reduce the overhead of deploying a DNN model.본 논문의 목적은 사용자가 이동하는 동안에도 원활한 연산 오프로딩 서비스를 제공하는 경량 엣지 컴퓨팅 시스템을 구축하는 것입니다. 웹 어플리케이션과 인공신경망 (DNN: Deep Neural Network) 이라는 두 가지 어플리케이션 도메인에서 연구를 진행했습니다. 첫째, 웹 지원 장치에서 엣지 서버로 연산을 오프로드하는 엣지 컴퓨팅 시스템을 제안합니다. 제안된 시스템은 웹 앱의 실행 상태를 마이그레이션 할 때 웹 앱의 높은 이식성(소스 코드로 배포되고 설치하지 않고 실행할 수 있음)을 활용합니다. 이를 통해 상태 마이그레이션의 복잡성이 크게 줄여서 웹 앱이 몇 초 내에 마이그레이션 될 수 있습니다. 또한, 제안된 시스템은 웹 어플리케이션을 위한 표준 저수준 인스트럭션인 웹 어셈블리 오프로드를 지원하여 순수한 JavaScript 코드 오프로드와 비교하여 최대 8.4 배의 속도 향상을 달성했습니다. 둘째, DNN 어플리케이션을 엣지 서버에 배포할 때, DNN 모델을 전송하는 동안 DNN 연산을 오프로드 하여 빠르게 성능향상을 달성할 수 있는 점진적 오프로드 방식을 제안합니다. 또한, 모바일 사용자가 방문 할 것으로 예상되는 엣지 서버로 DNN 레이어를 사전에 마이그레이션하여 콜드 스타트 성능을 향상시키는 방식을 제안 합니다. 오픈 소스 모빌리티 데이터셋을 이용한 시뮬레이션에서, DNN 모델을 배포하면서 발생하는 성능 저하를 제안 하는 방식이 크게 줄일 수 있음을 확인하였습니다.Chapter 1. Introduction 1 1.1 Offloading Web App Computations to Edge Servers 1 1.2 Offloading DNN Computations to Edge Servers 3 Chapter 2. Seamless Offloading of Web App Computations 7 2.1 Motivation: Computation-Intensive Web Apps 7 2.2 Mobile Web Worker System 10 2.2.1 Review of HTML5 Web Worker 10 2.2.2 Mobile Web Worker System 11 2.3 Migrating Web Worker 14 2.3.1 Runtime State of Web Worker 15 2.3.2 Snapshot of Mobile Web Worker 16 2.3.3 End-to-End Migration Process 21 2.4 Evaluation 22 2.4.1 Experimental Environment 22 2.4.2 Migration Performance 24 2.4.3 Application Execution Performance 27 Chapter 3. IONN: Incremental Offloading of Neural Network Computations 30 3.1 Motivation: Overhead of Deploying DNN Model 30 3.2 Background 32 3.2.1 Deep Neural Network 33 3.2.2 Offloading of DNN Computations 33 3.3 IONN For DNN Edge Computing 35 3.4 DNN Partitioning 37 3.4.1 Neural Network (NN) Execution Graph 38 3.4.2 Partitioning Algorithm 40 3.4.3 Handling DNNs with Multiple Paths. 43 3.5 Evaluation 45 3.5.1 Experimental Environment 45 3.5.2 DNN Query Performance 46 3.5.3 Accuracy of Prediction Functions 48 3.5.4 Energy Consumption. 49 Chapter 4. PerDNN: Offloading DNN Computations to Pervasive Edge Servers 51 4.1 Motivation: Cold Start Issue 51 4.2 Proposed Offloading System: PerDNN 52 4.2.1 Edge Server Environment 53 4.2.2 Overall Architecture 54 4.2.3 GPU-aware DNN Partitioning 56 4.2.4 Mobility Prediction 59 4.3 Evaluation 63 4.3.1 Performance Gain of Single Client 64 4.3.2 Large-Scale Simulation 65 Chapter 5. RelatedWorks 73 Chapter 6. Conclusion. 78 Chapter 5. RelatedWorks 73 Chapter 6. Conclusion 78 Bibliography 80Docto

Universal Mobile Service Execution Framework for Device-To-Device Collaborations

There are high demands of effective and high-performance of collaborations between mobile devices in the places where traditional Internet connections are unavailable, unreliable, or significantly overburdened, such as on a battlefield, disaster zones, isolated rural areas, or crowded public venues. To enable collaboration among the devices in opportunistic networks, code offloading and Remote Method Invocation are the two major mechanisms to ensure code portions of applications are successfully transmitted to and executed on the remote platforms. Although these domains are highly enjoyed in research for a decade, the limitations of multi-device connectivity, system error handling or cross platform compatibility prohibit these technologies from being broadly applied in the mobile industry. To address the above problems, we designed and developed UMSEF - an Universal Mobile Service Execution Framework, which is an innovative and radical approach for mobile computing in opportunistic networks. Our solution is built as a component-based mobile middleware architecture that is flexible and adaptive with multiple network topologies, tolerant for network errors and compatible for multiple platforms. We provided an effective algorithm to estimate the resource availability of a device for higher performance and energy consumption and a novel platform for mobile remote method invocation based on declarative annotations over multi-group device networks. The experiments in reality exposes our approach not only achieve the better performance and energy consumption, but can be extended to large-scaled ubiquitous or IoT systems

Liquid stream processing on the web: a JavaScript framework

The Web is rapidly becoming a mature platform to host distributed applications. Pervasive computing application running on the Web are now common in the era of the Web of Things, which has made it increasingly simple to integrate sensors and microcontrollers in our everyday life. Such devices are of great in- terest to Makers with basic Web development skills. With them, Makers are able to build small smart stream processing applications with sensors and actuators without spending a fortune and without knowing much about the technologies they use. Thanks to ongoing Web technology trends enabling real-time peer-to- peer communication between Web-enabled devices, Web browsers and server- side JavaScript runtimes, developers are able to implement pervasive Web ap- plications using a single programming language. These can take advantage of direct and continuous communication channels going beyond what was possible in the early stages of the Web to push data in real-time. Despite these recent advances, building stream processing applications on the Web of Things remains a challenging task. On the one hand, Web-enabled devices of different nature still have to communicate with different protocols. On the other hand, dealing with a dynamic, heterogeneous, and volatile environment like the Web requires developers to face issues like disconnections, unpredictable workload fluctuations, and device overload. To help developers deal with such issues, in this dissertation we present the Web Liquid Streams (WLS) framework, a novel streaming framework for JavaScript. Developers implement streaming operators written in JavaScript and may interactively and dynamically define a streaming topology. The framework takes care of deploying the user-defined operators on the available devices and connecting them using the appropriate data channel, removing the burden of dealing with different deployment environments from the developers. Changes in the semantic of the application and in its execution environment may be ap- plied at runtime without stopping the stream flow. Like a liquid adapts its shape to the one of its container, the Web Liquid Streams framework makes streaming topologies flow across multiple heterogeneous devices, enabling dynamic operator migration without disrupting the data flow. By constantly monitoring the execution of the topology with a hierarchical controller infrastructure, WLS takes care of parallelising the operator execution across multiple devices in case of bottlenecks and of recovering the execution of the streaming topology in case one or more devices disconnect, by restarting lost operators on other available devices

ES6 자바스크립트의 스냅샷 기반 마이그레이션

학위논문(석사) -- 서울대학교대학원 : 공과대학 전기·정보공학부, 2021.8. 문수묵.최근 웹 플랫폼 및 자바스크립트의 인기와 함께, 자바스크립트로 작성된 프로그램을 위한 앱 마이그레이션 기술이 연구된 바 있다. 이는 이종의 기기 간에 연속적인 워크플로우를 제공해 새로운 사용자 경험을 제공하는 기술을 일컫는다. 여러 선행 연구에서 스냅샷 기반 방법론을 사용해 앱의 런타임 상태를 텍스트 형태로 직렬화 및 복원하는 시도를 했다. 그러나, 기존 연구들은 구 버전 자바스크립트 상에서 진행됐다는 한계가 있다. 이에 비해 ECMAScript2015 (ES6) 업데이트 이후 자바스크립트에 다양한 기능이 도입되었기 때문에, 기존 방법들은 오늘날 real-world 애플리케이션을 마이그레이션하기 어렵다. 본 논문은 [19]에서 소개된 우리의 프레임워크를 소개한다. 우리는 선행 연구에서 다뤄지지 않은 block scope, module, class syntax와 같은 ES6의 주요 기능을 분석했으며 이러한 새로운 기능을 사용하는 앱을 마이그레이션 하기 위한 알고리즘을 제안했다. 또한, 우리는 최신 자바스크립트 엔진에 대한 분석을 통해 실행 중인 자바스크립트 프로그램의 런타임 상태를 scope tree라는 자료구조 상에 직렬화하고, 후처리를 거친 scope tree로부터 스냅샷 코드를 생성했다. 이러한 방법론을 V8 자바스크립트 엔진인 상에 구현했으며, 복잡한 최신 자바스크립트 기능을 사용하는 벤치마크 프로그램에 대해 실험했다. 실험 결과를 통해 이러한 방법이 모바일 기기 간에 5개의 벤치마크 프로그램을 성공적으로 마이그레이션 시킨다는 것을 보였다. 복잡도가 가장 높은 앱 (ML 벤치마크, 소스 코드 크기 213KB)에 대한 실험에서 프레임워크로 인한 시간 부하를 측정한 결과, X86 랩톱에서 200ms 미만, ARM 기반 임베디드 보드에서 800ms 미만이었다. 이러한 결과를 통해 자원이 제한된 IoT 기기 등에 대한 적용 가능성을 검증했으며, 추가적으로 프레임워크의 활용 방안 및 향후 연구 방향에 대해 논의한다.With the growing popularity of the web platform and JavaScript, an interesting user experience called application (app) migration has been proposed for JavaScript programs. To enable a non-breaking workflow across different devices, recent studies have proposed snapshot-based techniques in which an app’s runtime state is serialized into a text form that can be restored back later. A limitation of existing literature, however, is that they are based on old JavaScript specifications. Since major updates introduced by ECMASCript2015 (a.k.a. ES6), JavaScript supports various features that cannot be migrated correctly with existing methods. Some of these features are heavily used in today’s real-world apps and thus greatly reduces the scope of previous works. In this thesis, I will mainly introduce my work presented in [19]. In the paper, we analyzed ES6 features such as block scopes, modules, and class syntax that were previously uncovered in app migration. We presented an algorithm that enables migration of apps implemented with these new features. Based on the standards adopted in modern JavaScript engines, our approach serializes a running program into a scope tree and reorganizes it for snapshot code generation. We implemented our idea on the open source V8 engine and experiment with complex benchmark programs of modern JavaScript. Results showed that our approach correctly migrates 5 target programs between mobile devices. Our framework could migrate the most complex app of source code size 213KB in less than 200ms in a X86 laptop and 800ms in an embedded ARM board, showing feasibility in resource-constrained IoT devices. I will also discuss possible use cases and research directions and conclude.Chapter 1. Introduction 1 1.1. JavaScript App Migration 1 1.2. Purpose of Research 2 Chapter 2. Background 4 2.1. Snapshot-based Approach 4 2.2. Function Closure and Scope Tree 6 2.3. Limitations of Previous Works 6 Chapter 3. Proposed Approach 10 3.1. Module Profiling 10 3.2. Migrating Modified Built-in Objects 11 3.3. Scope Tree Building 11 3.4. Syntax-Aware Tree Re-ordering 12 3.5. Tree Partitioning 13 3.6. Snapshot Code Generation 13 Chapter 4. Evaluation 17 4.1. Implementation and Setup 17 4.2. Scope Tree Analysis 18 4.3. Snapshot Code Sizes 19 4.4. Framework Time Overhead 20 Chapter 5. Discussion 22 5.1. Limitations 22 5.2. Alternative Approach 22 5.3. Potential Use Cases 23 Chapter 6. Conclusion 24 Bibliography 25 Abstract in Korean 27석

Towards Seamless IoT Device-Edge-Cloud Continuum:

In this paper we revisit a taxonomy of client-side IoT software architectures that we presented a few years ago. We note that the emergence of inexpensive AI/ML hardware and new communication technologies are broadening the architectural options for IoT devices even further. These options can have a significant impact on the overall end-to-end architecture and topology of IoT systems, e.g., in determining how much computation can be performed on the edge of the network. We study the implications of the IoT device architecture choices in light of the new observations, as well as make some new predictions about future directions. Additionally, we make a case for isomorphic IoT systems in which development complexity is alleviated with consistent use of technologies across the entire stack, providing a seamless continuum from edge devices all the way to the cloud.Peer reviewe

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

Mobile Cloud Computing: A Comparison Study of Cuckoo and AIOLOS Offloading Frameworks

Currently, smart mobile devices are used for more than just calling and texting. They can run complex applications such as GPS, antivirus, and photo editor applications. Smart devices today offer mobility, flexibility, and portability, but they have limited resources and a relatively weak battery. As companies began creating mobile resource intensive and power intensive applications, they have realized that cloud computing was one of the solutions that they could utilize to overcome smart device constraints. Cloud computing helps decrease memory usage and improve battery life. Mobile cloud computing is a current and expanding research area focusing on methods that allow smart mobile devices to take full advantage of cloud computing. Code offloading is one of the techniques employed in cloud computing with mobile devices. This research compares two dynamic offloading frameworks to determine which one is better in terms of execution time and battery life improvement