1,119 research outputs found
Resilient Critical Infrastructure Management using Service Oriented Architecture
AbstractâThe SERSCIS project aims to support the use of interconnected systems of services in Critical Infrastructure (CI) applications. The problem of system interconnectedness is aptly demonstrated by âAirport Collaborative Decision Makingâ (ACDM). Failure or underperformance of any of the interlinked ICT systems may compromise the ability of airports to plan their use of resources to sustain high levels of air traffic, or to provide accurate aircraft movement forecasts to the wider European air traffic management systems. The proposed solution is to introduce further SERSCIS ICT components to manage dependability and interdependency. These use semantic models of the critical infrastructure, including its ICT services, to identify faults and potential risks and to increase human awareness of them. Semantics allows information and services to be described in such a way that makes them understandable to computers. Thus when a failure (or a threat of failure) is detected, SERSCIS components can take action to manage the consequences, including changing the interdependency relationships between services. In some cases, the components will be able to take action autonomously â e.g. to manage âlocalâ issues such as the allocation of CPU time to maintain service performance, or the selection of services where there are redundant sources available. In other cases the components will alert human operators so they can take action instead. The goal of this paper is to describe a Service Oriented Architecture (SOA) that can be used to address the management of ICT components and interdependencies in critical infrastructure systems. Index Termsâresilience; QoS; SOA; critical infrastructure, SLA
Recommended from our members
Effecting Runtime Reconfiguration in Managed Execution Environments
Managed execution environments such as MicrosoftĂ€Ă³ûs Common Language Runtime (CLR) and Sun MicrosystemsĂ€Ă³û Java Virtual Machine (JVM) provide a number of services Ă€Ă³ñ including but not limited to application isolation, security sandboxing, garbage collection and structured exception handling Ă€Ă³ñ that are aimed primarily at enhancing the robustness of managed applications. However, none of these services directly enables performing reconfigurations, repairs or diagnostics on the managed applications and/or its constituent subsystems and components. In this paper we examine how the facilities of a managed execution environment can be leveraged to support runtime system adaptations, such as reconfigurations and repairs. We describe an adaptation framework we have developed, which uses these facilities to dynamically attach/detach an engine capable of performing reconfigurations and repairs on a target system while it executes. Our adaptation framework is lightweight, and transparent to the application and the managed execution environment: it does not require recompilation of the application nor specially compiled versions of the managed execution runtime. Our prototype was implemented for the CLR. To evaluate our framework beyond toy examples, we searched on SourceForge for potential target systems already implemented on the CLR that might benefit from runtime adaptation. We report on our experience using our prototype to effect runtime reconfigurations in a system that was developed and is in use by others: the Alchemi enterprise Grid Computing System developed at the University of Melbourne, Australia
Engineering Resilient Space Systems
Several distinct trends will influence space exploration missions in the next decade. Destinations are
becoming more remote and mysterious, science questions more sophisticated, and, as mission experience
accumulates, the most accessible targets are visited, advancing the knowledge frontier to more difficult,
harsh, and inaccessible environments. This leads to new challenges including: hazardous conditions that
limit mission lifetime, such as high radiation levels surrounding interesting destinations like Europa or
toxic atmospheres of planetary bodies like Venus; unconstrained environments with navigation hazards,
such as free-floating active small bodies; multielement missions required to answer more sophisticated
questions, such as Mars Sample Return (MSR); and long-range missions, such as Kuiper belt exploration,
that must survive equipment failures over the span of decades. These missions will need to be successful
without a priori knowledge of the most efficient data collection techniques for optimum science return.
Science objectives will have to be revised âon the flyâ, with new data collection and navigation decisions
on short timescales.
Yet, even as science objectives are becoming more ambitious, several critical resources remain
unchanged. Since physics imposes insurmountable light-time delays, anticipated improvements to the
Deep Space Network (DSN) will only marginally improve the bandwidth and communications cadence to
remote spacecraft. Fiscal resources are increasingly limited, resulting in fewer flagship missions, smaller
spacecraft, and less subsystem redundancy. As missions visit more distant and formidable locations, the
job of the operations team becomes more challenging, seemingly inconsistent with the trend of shrinking
mission budgets for operations support. How can we continue to explore challenging new locations
without increasing risk or system complexity?
These challenges are present, to some degree, for the entire Decadal Survey mission portfolio, as
documented in Vision and Voyages for Planetary Science in the Decade 2013â2022 (National Research
Council, 2011), but are especially acute for the following mission examples, identified in our recently
completed KISS Engineering Resilient Space Systems (ERSS) study:
1. A Venus lander, designed to sample the atmosphere and surface of Venus, would have to perform
science operations as components and subsystems degrade and fail;
2. A Trojan asteroid tour spacecraft would spend significant time cruising to its ultimate destination
(essentially hibernating to save on operations costs), then upon arrival, would have to act as its
own surveyor, finding new objects and targets of opportunity as it approaches each asteroid,
requiring response on short notice; and
3. A MSR campaign would not only be required to perform fast reconnaissance over long distances
on the surface of Mars, interact with an unknown physical surface, and handle degradations and
faults, but would also contain multiple components (launch vehicle, cruise stage, entry and
landing vehicle, surface rover, ascent vehicle, orbiting cache, and Earth return vehicle) that
dramatically increase the need for resilience to failure across the complex system.
The concept of resilience and its relevance and application in various domains was a focus during the
study, with several definitions of resilience proposed and discussed. While there was substantial variation
in the specifics, there was a common conceptual core that emergedâadaptation in the presence of
changing circumstances. These changes were couched in various waysâanomalies, disruptions,
discoveriesâbut they all ultimately had to do with changes in underlying assumptions. Invalid
assumptions, whether due to unexpected changes in the environment, or an inadequate understanding of
interactions within the system, may cause unexpected or unintended system behavior. A system is
resilient if it continues to perform the intended functions in the presence of invalid assumptions.
Our study focused on areas of resilience that we felt needed additional exploration and integration,
namely system and software architectures and capabilities, and autonomy technologies. (While also an
important consideration, resilience in hardware is being addressed in multiple other venues, including
2
other KISS studies.) The study consisted of two workshops, separated by a seven-month focused study
period. The first workshop (Workshop #1) explored the âproblem spaceâ as an organizing theme, and the
second workshop (Workshop #2) explored the âsolution spaceâ. In each workshop, focused discussions
and exercises were interspersed with presentations from participants and invited speakers.
The study period between the two workshops was organized as part of the synthesis activity during the
first workshop. The study participants, after spending the initial days of the first workshop discussing the
nature of resilience and its impact on future science missions, decided to split into three focus groups,
each with a particular thrust, to explore specific ideas further and develop material needed for the second
workshop. The three focus groups and areas of exploration were:
1. Reference missions: address/refine the resilience needs by exploring a set of reference missions
2. Capability survey: collect, document, and assess current efforts to develop capabilities and
technology that could be used to address the documented needs, both inside and outside NASA
3. Architecture: analyze the impact of architecture on system resilience, and provide principles and
guidance for architecting greater resilience in our future systems
The key product of the second workshop was a set of capability roadmaps pertaining to the three
reference missions selected for their representative coverage of the types of space missions envisioned for
the future. From these three roadmaps, we have extracted several common capability patterns that would
be appropriate targets for near-term technical development: one focused on graceful degradation of
system functionality, a second focused on data understanding for science and engineering applications,
and a third focused on hazard avoidance and environmental uncertainty. Continuing work is extending
these roadmaps to identify candidate enablers of the capabilities from the following three categories:
architecture solutions, technology solutions, and process solutions.
The KISS study allowed a collection of diverse and engaged engineers, researchers, and scientists to think
deeply about the theory, approaches, and technical issues involved in developing and applying resilience
capabilities. The conclusions summarize the varied and disparate discussions that occurred during the
study, and include new insights about the nature of the challenge and potential solutions:
1. There is a clear and definitive need for more resilient space systems. During our study period,
the key scientists/engineers we engaged to understand potential future missions confirmed the
scientific and risk reduction value of greater resilience in the systems used to perform these
missions.
2. Resilience can be quantified in measurable termsâproject cost, mission risk, and quality of
science return. In order to consider resilience properly in the set of engineering trades performed
during the design, integration, and operation of space systems, the benefits and costs of resilience
need to be quantified. We believe, based on the work done during the study, that appropriate
metrics to measure resilience must relate to risk, cost, and science quality/opportunity. Additional
work is required to explicitly tie design decisions to these first-order concerns.
3. There are many existing basic technologies that can be applied to engineering resilient space
systems. Through the discussions during the study, we found many varied approaches and
research that address the various facets of resilience, some within NASA, and many more
beyond. Examples from civil architecture, Department of Defense (DoD) / Defense Advanced
Research Projects Agency (DARPA) initiatives, âsmartâ power grid control, cyber-physical
systems, software architecture, and application of formal verification methods for software were
identified and discussed. The variety and scope of related efforts is encouraging and presents
many opportunities for collaboration and development, and we expect many collaborative
proposals and joint research as a result of the study.
4. Use of principled architectural approaches is key to managing complexity and integrating
disparate technologies. The main challenge inherent in considering highly resilient space
systems is that the increase in capability can result in an increase in complexity with all of the
3
risks and costs associated with more complex systems. What is needed is a better way of
conceiving space systems that enables incorporation of capabilities without increasing
complexity. We believe principled architecting approaches provide the needed means to convey a
unified understanding of the system to primary stakeholders, thereby controlling complexity in
the conception and development of resilient systems, and enabling the integration of disparate
approaches and technologies. A representative architectural example is included in Appendix F.
5. Developing trusted resilience capabilities will require a diverse yet strategically directed
research program. Despite the interest in, and benefits of, deploying resilience space systems, to
date, there has been a notable lack of meaningful demonstrated progress in systems capable of
working in hazardous uncertain situations. The roadmaps completed during the study, and
documented in this report, provide the basis for a real funded plan that considers the required
fundamental work and evolution of needed capabilities.
Exploring space is a challenging and difficult endeavor. Future space missions will require more
resilience in order to perform the desired science in new environments under constraints of development
and operations cost, acceptable risk, and communications delays. Development of space systems with
resilient capabilities has the potential to expand the limits of possibility, revolutionizing space science by
enabling as yet unforeseen missions and breakthrough science observations.
Our KISS study provided an essential venue for the consideration of these challenges and goals.
Additional work and future steps are needed to realize the potential of resilient systemsâthis study
provided the necessary catalyst to begin this process
Forum Session at the First International Conference on Service Oriented Computing (ICSOC03)
The First International Conference on Service Oriented Computing (ICSOC) was held in Trento, December 15-18, 2003. The focus of the conference ---Service Oriented Computing (SOC)--- is the new emerging paradigm for distributed computing and e-business processing that has evolved from object-oriented and component computing to enable building agile networks of collaborating business applications distributed within and across organizational boundaries. Of the 181 papers submitted to the ICSOC conference, 10 were selected for the forum session which took place on December the 16th, 2003. The papers were chosen based on their technical quality, originality, relevance to SOC and for their nature of being best suited for a poster presentation or a demonstration. This technical report contains the 10 papers presented during the forum session at the ICSOC conference. In particular, the last two papers in the report ere submitted as industrial papers
Distribution pattern-driven development of service architectures
Distributed systems are being constructed by composing a number of discrete components. This practice is particularly prevalent within the Web service domain in the form of service process orchestration and choreography. Often, enterprise systems are built from many existing discrete applications such as legacy applications exposed using Web service interfaces. There are a number of architectural configurations or distribution patterns, which express how a composed system is to be deployed in a distributed environment. However, the amount of code
required to realise these distribution patterns is considerable. In this paper, we propose a distribution
pattern-driven approach to service composition and architecting. We develop, based on a catalog of patterns, a UML-compliant framework, which takes existing Web service interfaces as its input and generates executable Web service compositions based on a distribution pattern chosen by the software architect
Elastic Business Process Management: State of the Art and Open Challenges for BPM in the Cloud
With the advent of cloud computing, organizations are nowadays able to react
rapidly to changing demands for computational resources. Not only individual
applications can be hosted on virtual cloud infrastructures, but also complete
business processes. This allows the realization of so-called elastic processes,
i.e., processes which are carried out using elastic cloud resources. Despite
the manifold benefits of elastic processes, there is still a lack of solutions
supporting them.
In this paper, we identify the state of the art of elastic Business Process
Management with a focus on infrastructural challenges. We conceptualize an
architecture for an elastic Business Process Management System and discuss
existing work on scheduling, resource allocation, monitoring, decentralized
coordination, and state management for elastic processes. Furthermore, we
present two representative elastic Business Process Management Systems which
are intended to counter these challenges. Based on our findings, we identify
open issues and outline possible research directions for the realization of
elastic processes and elastic Business Process Management.Comment: Please cite as: S. Schulte, C. Janiesch, S. Venugopal, I. Weber, and
P. Hoenisch (2015). Elastic Business Process Management: State of the Art and
Open Challenges for BPM in the Cloud. Future Generation Computer Systems,
Volume NN, Number N, NN-NN., http://dx.doi.org/10.1016/j.future.2014.09.00
- âŠ