Software defined applications: a DevOps approach to monitoring

Dissertação de mestrado integrado em Informatics EngineeringDevOps presents a mix of agile methodologies that allow an application’s release cycle to be shortened. This translates into a faster delivery of value to the stakeholders. However, the value creation chain does not finish at the end of that cycle. It is necessary to monitor the artifacts produced at a system level, and at the application level, in order to ensure the compliance of the functional and non functional requirements. Today, there seems to be a clear separation between the monitoring process and the application development process. As the development and operations processes have merged in DevOps, this dissertation pretends to investigate how to integrate several aspects of monitoring into the regular lifecycle of an application’s development. The inclusion of external services further emphasizes the need to include an observability component into an infrastructure. The main goal of this dissertation is to develop a solution for the deployment of an infrastructure using stateof- the-art technologies and frameworks, while also providing observability to the system and to the applications running on it. To do so, it required the investigation of the methodologies and concepts that are the base of the software development lifecycle, focusing on the latter stages of that process: the deployment, and monitoring phases. These methodologies and concepts were complemented with the study of state-of-the-art technologies and frameworks that aim to ease the burden of setting up an infrastructure quickly and with the necessary tools to evolve it after the initial setup and with each new software release. Furthermore, it also involved the research of tools that enable the collection of metrics from applications, as well as processing such data and displaying it in useful ways for operators and stakeholders. In this context, this dissertation aims to provide a solution for the deployment of MobileID applications at INESC TEC, using the Mobile Driving Licence as the primary case study. The proposed design and implementation with a container orchestration framework and CI/CD pipelines, enables faster development of different MobileID applications, while also providing continuous monitoring to the deployments. With this implementation, it was possible to assess how container orchestration frameworks provide greater flexibility to applications, and how this observability can be augmented with the use of dedicated monitoring systems.DevOps baseia-se na utilização de um conjunto de metolodogias ágeis que permitem encurtar o ciclo de desenvolvimento de uma aplicação de forma a que as alterações efetuadas pelos programadores se traduzam no valor desejado pelas partes interessadas. No entanto, a criação de valor não termina na parte final desse ciclo. É necessário monitorizar os artefactos produzidos tanto a nível de sistema, como a nível aplicacional, de forma a garantir o cumprimento de requisitos funcionais e não funcionais. Todavia, parece existir uma separação entre o processo de monitorização e o processo de desenvolvimento de aplicações. Tal como os processos de desenvolvimento e de operações se uniram no conceito de DevOps, pretende-se também investigar como será possível integrar vários aspetos de monitorização no ciclo normal de desenvolvimento de uma aplicação. O principal objetivo desta dissertação é desenvolver uma solução de operacionalização de infraestruturas de suporte a aplicações com recurso às tecnologias e ferramentas mais adequadas. Esta solução deverá ser acompanhada, em paralelo, por mecanismos de observabilidade dessa infraestrutura e das aplicações que nela são executadas. Para isso, foi necessária a investigação de metodologias e conceitos que formam a base do processo de desenvolvimento de software. O foco esteve nas partes finais do processo: a fase de deployment e a de monitorização. Estas metodolodogias e conceitos foram complementados com o estudo de tecnologias e ferramentas que pretendem facilitar o processo de montar uma infraestrutura rapidamente, bem como permitir a evolução da arquitetura inicial consoante os subsequentes lançamentos de aplicações. Para além disso, também envolveu a pesquisa de ferramentas que permitem extrair e armazenar métricas de aplicações, bem como processar essa informação e disponibilizá-la em formato útil quer para operadores, quer para outras partes interessadas. Neste contexto, esta dissertação pretende desenvolver uma solução que permita efetuar o deployment de aplicações de Identidade Digital no INESC TEC, utilizando a Carta de Condução Móvel como caso de estudo. A arquitetura proposta, e a respetiva implementação com recurso a um orquestrador de containers e pipelines de CI/CD, permite o desenvolvimento mais ágil de novas aplicações de Identidade Digital, e proporciona monitorização contínua a cada iteração do desenvolvimento. A partir do resultado prático obtido, foi possível aferir de que forma os orquestradores de containers permitem melhorar a observabilidade de aplicações, e de que forma ela pode ser aumentada com recurso a sistemas dedicados de monitorização contínua

LLM for SoC Security: A Paradigm Shift

As the ubiquity and complexity of system-on-chip (SoC) designs increase across electronic devices, the task of incorporating security into an SoC design flow poses significant challenges. Existing security solutions are inadequate to provide effective verification of modern SoC designs due to their limitations in scalability, comprehensiveness, and adaptability. On the other hand, Large Language Models (LLMs) are celebrated for their remarkable success in natural language understanding, advanced reasoning, and program synthesis tasks. Recognizing an opportunity, our research delves into leveraging the emergent capabilities of Generative Pre-trained Transformers (GPTs) to address the existing gaps in SoC security, aiming for a more efficient, scalable, and adaptable methodology. By integrating LLMs into the SoC security verification paradigm, we open a new frontier of possibilities and challenges to ensure the security of increasingly complex SoCs. This paper offers an in-depth analysis of existing works, showcases practical case studies, demonstrates comprehensive experiments, and provides useful promoting guidelines. We also present the achievements, prospects, and challenges of employing LLM in different SoC security verification tasks.Comment: 42 page

Logic-based Technologies for Intelligent Systems: State of the Art and Perspectives

Together with the disruptive development of modern sub-symbolic approaches to artificial intelligence (AI), symbolic approaches to classical AI are re-gaining momentum, as more and more researchers exploit their potential to make AI more comprehensible, explainable, and therefore trustworthy. Since logic-based approaches lay at the core of symbolic AI, summarizing their state of the art is of paramount importance now more than ever, in order to identify trends, benefits, key features, gaps, and limitations of the techniques proposed so far, as well as to identify promising research perspectives. Along this line, this paper provides an overview of logic-based approaches and technologies by sketching their evolution and pointing out their main application areas. Future perspectives for exploitation of logic-based technologies are discussed as well, in order to identify those research fields that deserve more attention, considering the areas that already exploit logic-based approaches as well as those that are more likely to adopt logic-based approaches in the future