A component-based middleware framework for configurable and reconfigurable Grid computing

Significant progress has been made in the design and development of Grid middleware which, in its present form, is founded on Web services technologies. However, we argue that present-day Grid middleware is severely limited in supporting projected next-generation applications which will involve pervasive and heterogeneous networked infrastructures, and advanced services such as collaborative distributed visualization. In this paper we discuss a new Grid middleware framework that features (i) support for advanced network services based on the novel concept of pluggable overlay networks, (ii) an architectural framework for constructing bespoke Grid middleware platforms in terms of 'middleware domains' such as extensible interaction types and resource discovery. We believe that such features will become increasingly essential with the emergence of next-generation e-Science applications. Copyright (c) 2005 John Wiley & Sons, Ltd

GRIDKIT: Pluggable overlay networks for Grid computing

A `second generation' approach to the provision of Grid middleware is now emerging which is built on service-oriented architecture and web services standards and technologies. However, advanced Grid applications have significant demands that are not addressed by present-day web services platforms. As one prime example, current platforms do not support the rich diversity of communication `interaction types' that are demanded by advanced applications (e.g. publish-subscribe, media streaming, peer-to-peer interaction). In the paper we describe the Gridkit middleware which augments the basic service-oriented architecture to address this particular deficiency. We particularly focus on the communications infrastructure support required to support multiple interaction types in a unified, principled and extensible manner-which we present in terms of the novel concept of pluggable overlay networks

Defending Against Firmware Cyber Attacks on Safety-Critical Systems

In the past, it was not possible to update the underlying software in many industrial control devices. Engineering teams had to ‘rip and replace’ obsolete components. However, the ability to make firmware updates has provided significant benefits to the companies who use Programmable Logic Controllers (PLCs), switches, gateways and bridges as well as an array of smart sensor/actuators. These updates include security patches when vulnerabilities are identified in existing devices; they can be distributed by physical media but are increasingly downloaded over Internet connections. These mechanisms pose a growing threat to the cyber security of safety-critical applications, which are illustrated by recent attacks on safety-related infrastructures across the Ukraine. Subsequent sections explain how malware can be distributed within firmware updates. Even when attackers cannot reverse engineer the code necessary to disguise their attack, they can undermine a device by forcing it into a constant upload cycle where the firmware installation never terminates. In this paper, we present means of mitigating the risks of firmware attack on safety-critical systems as part of wider initiatives to secure national critical infrastructures. Technical solutions, including firmware hashing, must be augmented by organizational measures to secure the supply chain within individual plants, across companies and throughout safety-related industries

Active networks: an evolution of the internet

Active Networks can be seen as an evolution of the classical model of packet-switched networks. The traditional and ”passive” network model is based on a static definition of the network node behaviour. Active Networks propose an “active” model where the intermediate nodes (switches and routers) can load and execute user code contained in the data units (packets). Active Networks are a programmable network model, where bandwidth and computation are both considered shared network resources. This approach opens up new interesting research fields. This paper gives a short introduction of Active Networks, discusses the advantages they introduce and presents the research advances in this field

Toward Network-based DDoS Detection in Software-defined Networks

To combat susceptibility of modern computing systems to cyberattack, identifying and disrupting malicious traffic without human intervention is essential. To accomplish this, three main tasks for an effective intrusion detection system have been identified: monitor network traffic, categorize and identify anomalous behavior in near real time, and take appropriate action against the identified threat. This system leverages distributed SDN architecture and the principles of Artificial Immune Systems and Self-Organizing Maps to build a network-based intrusion detection system capable of detecting and terminating DDoS attacks in progress

The development and technology transfer of software engineering technology at NASA. Johnson Space Center

The United State's big space projects of the next decades, such as Space Station and the Human Exploration Initiative, will need the development of many millions of lines of mission critical software. NASA-Johnson (JSC) is identifying and developing some of the Computer Aided Software Engineering (CASE) technology that NASA will need to build these future software systems. The goal is to improve the quality and the productivity of large software development projects. New trends are outlined in CASE technology and how the Software Technology Branch (STB) at JSC is endeavoring to provide some of these CASE solutions for NASA is described. Key software technology components include knowledge-based systems, software reusability, user interface technology, reengineering environments, management systems for the software development process, software cost models, repository technology, and open, integrated CASE environment frameworks. The paper presents the status and long-term expectations for CASE products. The STB's Reengineering Application Project (REAP), Advanced Software Development Workstation (ASDW) project, and software development cost model (COSTMODL) project are then discussed. Some of the general difficulties of technology transfer are introduced, and a process developed by STB for CASE technology insertion is described