WADS-DSN 2004 Invited Talk From Dependable Architectures ... · WADS-DSN 2004 Invited Talk From...
Transcript of WADS-DSN 2004 Invited Talk From Dependable Architectures ... · WADS-DSN 2004 Invited Talk From...
WADS-DSN 2004 Invited Talk
FromDependable Architectures
ToDependable Systems
Nenad MedvidovicComputer Science DepartmentUniversity of Southern CaliforniaLos Angeles, [email protected]
Goals of the Talk
Identify some challengesSuggest some solutionsMotivate future researchInvite dissenting opinions
Goals of the Talk
The problem is this bigand sometimes ill-definedThe problem is this big
and sometimes ill-defined
Goals of the Talk
I will talk to youabout this much of it
Goals of the Talk
I will suggest a solutionfor this much of it
Goals of the Talk
But, hopefully, we will havethis much fun!
What Is Dependability?Degree of user confidence that the system will operate as expectedKey dimensions
AvailabilityReliabilitySecuritySafety
But alsoRepairabilityMaintainabilitySurvivabilityFault tolerance
What Is Architecture?A high-level model of a system
The system’s “blueprint”Represents system organization
DataComputationInteractionStructure
Embodies system propertiesCommunication integrity, performance, throughput, liveness, . . .Can/does it embody dependability?(how) Can those properties be transferred to the system itself?
A “Traditional” Architectural Model
A “Traditional” Architectural Model
What/where is the dependability?
A “Standard” Architectural Model
Segment(from ssi)
AttributeDescription(from serializati...
ResourceDescription(from serializati...
HttpCredential(from ht.. .
PlainRemoteResource(from adm...
HtmlHead(from ht...
SampleMuxHandler(from m...
Stresser(from tes...
JigsawHttpSessionContext(from servl...
HtmlStyle(from ht...
AdminContext(from admin)
AuthUserPrincipal(from a...
IPMatcherNode(from au...
HttpBag(from ht...
HtmlGenerator(from ht...
DirectoryResource(from resourc...
FileResource(from resourc...
HttpEntityTag(from ht...
HttpManager(from ht...
CGIHeaderHolder(from fram...
Shuffler(from ht...
IndexersCatalog(from index...
ResourceIndexer(from index...
MuxClientFactory(from m.. .
ResourceContext(from resourc...
EventManager(from time...
ResourceStoreManager(from sto...PropertySet
(from conf...
FramedResource(from resourc...
ServerHandlerManager(from daem...
AdminWriter(from adm...
Serializer(from serializati...
RequestTimeout(from ht...
MimeType(from mime)
IPMatcher(from auth)
ExternalContainer(from resourc. ..
PICS(from pi...
SSIFrame(from s...
SSIStream(from s...
ArrayDictionary(from ut...
CommandRegistry(from comman...
VariantState(from NegotiatedFra...
SampleResourceIndexer(from index...
ProtocolFrame(from frames)
MimeClientFactory(from ht...
MimeParser(from mi...
DAVMimeClientFactory(from webd...
ResourceException(from resourc...
SocketOutputBuffer(from sock...
DebugThread(from sock...
ThreadCache(from ut...
SocketClientFactoryStats(from sock...
httpd(from http)
MuxSession(from m...
ResourceFilter(from resources)
HttpMimeType(from ht...
HttpTokenList(from ht...
ResourceReference(from resources)
HTTPPrincipal(from a...
ProxyRequestObserver(from pro...
ProfileRef(from cc...
HttpExtList(from ht...
Client(from http)
CCPPRequest(from cc...
A “Standard” Architectural Model
: WebBrowser : SocketClient : httpd : DirectoryResource : ContainerResource : FramedResource
: LookupResult
processRequest(Request) perform(RequestInterface) <<create>>
lookup(LookupState, LookupResult)
[lookup(LookupState, LookupResult)] [lookup(LookupState, LookupResult)]
setTarget(resourceReference)
internalLookup()
lookup(LookupState, LookupResult) [moreComponents]:
HTTPD Resources
Figure 10: Sequence diagram for the request processing use case.
A “Standard” Architectural Model
: WebBrowser : SocketClient : httpd : DirectoryResource : ContainerResource : FramedResource
: LookupResult
processRequest(Request) perform(RequestInterface) <<create>>
lookup(LookupState, LookupResult)
[lookup(LookupState, LookupResult)] [lookup(LookupState, LookupResult)]
setTarget(resourceReference)
internalLookup()
lookup(LookupState, LookupResult) [moreComponents]:
HTTPD Resources
Figure 10: Sequence diagram for the request processing use case. What/where is the dependability?
But, We Can Model AnythingMeta-H, ROOM, UniCon, etc. can help ensure real-time properties in modelsMarkov chains can help ensure reliability in modelsMulti-versioning connectors can help ensure fault toleranceCode/data mobility and replication formalisms can help ensure availability. . .
But, We Can Model AnythingMeta-H, ROOM, UniCon, etc. can help ensure real-time properties in modelsMarkov chains can help ensure reliability in modelsMulti-versioning connectors can help ensure fault toleranceCode/data mobility and replication formalisms can help ensure availability. . .
So then the problem is solved, right?
Why the Problem Isn’t Solved
Why the Problem Isn’t SolvedArchitecture
(ADL)
Architecture(ADL)
Design(UML)
Why the Problem Isn’t Solved
Architecture(ADL)
Implementation(middleware, bus
technolgies)
Design(UML)
Object-Oriented
Programming Language (OOPL)D/COM
CORBAC++
Java
Visual Basic
JEDI
Java Beans
C2
Why the Problem Isn’t Solved
Problem SpaceDomain Entities
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
OperationClass Name
Attributes
Operation
Architecture Space
Design Space
ComponentsConnectors
ClassesCOTS Components
Why the Problem Isn’t Solved
Problem SpaceDomain Entities
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
OperationClass Name
Attributes
Operation
Architecture Space
Design Space
ComponentsConnectors
ClassesCOTS Components
ΩWhy the Problem Isn’t Solved
Problem SpaceDomain Entities
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
OperationClass Name
Attributes
Operation
Architecture Space
Design Space
ComponentsConnectors
ClassesCOTS Components
Ω1
ΩΩ2 Ω3
Why the Problem Isn’t Solved
Problem SpaceDomain Entities
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
Operation
Class Name
Attributes
OperationClass Name
Attributes
Operation
Architecture Space
Design Space
ComponentsConnectors
ClassesCOTS Components
Ω1
ΩΩ2 Ω3
Ω11Ω21Ω31Ω12 Ω22
Ω13Θ
Why the Problem Isn’t Solved
From Models to Systems
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
From Models to Systems
Host 2Host 1
Host 3 Host 4 Host 5
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
From Models to Systems
The remainder of this talk will focus on two key questions:
1. How do we get from
1. How do we get from
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
and
Host 2Host 1
Host 3 Host 4 Host 5
1. How do we get from
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
Host 2Host 1
Host 3 Host 4 Host 5
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
to
and
Host 2Host 1
Host 3 Host 4 Host 5
1. How do we get from
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
Host 2Host 1
Host 3 Host 4 Host 5
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Commander UI
SoldierUI
to
andto
Host 2Host 1
Host 3 Host 4 Host 5
?
2. How do we know
2. How do we know
2. How do we know
?is “better” than
OutlineFrom architectures to systemsEnsuring dependability
Problem definitionProposed solution
Concluding remarks
OutlineFrom architectures to systemsEnsuring dependability
Problem definitionProposed solution
Concluding remarks
How Do I Dependably Implement an Architecture?
Architectures provide high-level conceptsComponents, connectors, ports, events, configurations
Programming languages provide low-level constructsVariables, arrays, pointers, procedures, objects
Bridging the two often is an art-formMiddleware can help “split the difference”
Existing middleware technologiesSupport some architectural concepts (e.g., components, events)but not others (e.g., connectors, configurations)Impose particular architectural styles
How Do I Dependably Implement an Architecture?
Architectures provide high-level conceptsComponents, connectors, ports, events, configurations
Programming languages provide low-level constructsVariables, arrays, pointers, procedures, objects
Bridging the two often is an art-formMiddleware can help “split the difference”
Existing middleware technologiesSupport some architectural concepts (e.g., components, events)but not others (e.g., connectors, configurations)Impose particular architectural styles
What is needed is “architectural middleware”
Architectural MiddlewareNatively support architectural concepts as middleware constructsInclude system design support
Typically via an accompanying ADL and analysis toolsMay support explicit architectural styles
Support round-trip developmentFrom architecture to implementation and back
Support automated transformation of architectural models to implementations
i.e., dependable implementationExamples
ArchJavaAurac2.fwPrism-MW
Dependable ImplementationArchitecture
(ADL)
Implementation(middleware, bus
technolgies)
Design(UML)
Object-Oriented
Programming Language (OOPL)D/COM
CORBAC++
Java
Visual Basic
JEDI
Java Beans
C2
Dependable ImplementationArchitecture
(ADL)
Implementation(middleware, bus
technolgies)Object-Oriented
Programming Language (OOPL)D/COM
CORBAC++
Java
Visual Basic
JEDI
Java Beans
C2
Dependable ImplementationArchitecture
(ADL)
Implementation(middleware, bus
technolgies)Object-Oriented
Programming Language (OOPL)D/COM
CORBAC++
Java
Visual Basic
JEDI
Java Beans
C2
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Example: Prism-MW
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Example: Prism-MW
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Example: Prism-MW
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Example: Prism-MW
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Example: Prism-MW
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Example: Prism-MW
Using Prism-MW
Using Prism-MW
Architecture - DEMO
class DemoArch static public void main(String argv[])
Architecture arch = new Architecture ("DEMO");
Using Prism-MW
Architecture - DEMO
class DemoArch static public void main(String argv[])
Architecture arch = new Architecture ("DEMO");// create componentsComponentA a = new ComponentA ("A");ComponentB b = new ComponentB ("B");ComponentD d = new ComponentD ("D");
Component BComponent A Component D
Using Prism-MW
Architecture - DEMO
class DemoArch static public void main(String argv[])
Architecture arch = new Architecture ("DEMO");// create componentsComponentA a = new ComponentA ("A");ComponentB b = new ComponentB ("B");ComponentD d = new ComponentD ("D");// create connectorsConnector conn = new Connector("C");
Component BComponent A Component D CConnector C
Using Prism-MW
Architecture - DEMO
class DemoArch static public void main(String argv[])
Architecture arch = new Architecture ("DEMO");// create componentsComponentA a = new ComponentA ("A");ComponentB b = new ComponentB ("B");ComponentD d = new ComponentD ("D");// create connectorsConnector conn = new Connector("C");// add components and connectors arch.addComponent(a);arch.addComponent(b);arch.addComponent(d);arch.addConnector(conn);
Component BComponent A
Component D
CConnector C
Using Prism-MW
Architecture - DEMO
class DemoArch static public void main(String argv[])
Architecture arch = new Architecture ("DEMO");// create componentsComponentA a = new ComponentA ("A");ComponentB b = new ComponentB ("B");ComponentD d = new ComponentD ("D");// create connectorsConnector conn = new Connector("C");// add components and connectors arch.addComponent(a);arch.addComponent(b);arch.addComponent(d);arch.addConnector(conn);
Component BComponent A
Component D
CConnector C
// establish the interconnectionsarch.weld(a, conn);arch.weld(b, conn);arch.weld(conn, d)
Deploying a Prism-MW Architecture
Deploying a Prism-MW Architecture
add (DataRepository
weld (TopDistributionConnector,
: source HQ) : HQ;
C1_AvailableTroops) : Commander1;
OutlineFrom architectures to systemsEnsuring dependability
Problem definitionProposed solution
Concluding remarks
OutlineFrom architectures to systemsEnsuring dependability
Problem definitionProposed solution
Concluding remarks
AvailabilityThe degree to which a system is operational and accessible when required for use [IEEE]Deployment architecture influences availability
Components on the same host can communicate regardless of the network’s statusComponents on different hosts are insulated from each other’s failures
Quantifying availabilityRatio of the
number of successfully completed interactionsin the system to the
total number of attempted interactions
Maximizing Availability a prioriWe may not know many relevant system parameters
Dependability of each componentFrequency of component interactionsVolume of component interactionsDependability of component interactionsCPU usage on each hostDependability of each hostEffective bandwidth of each network connectionDependability of each network connection. . .
Maximizing Availability a prioriWe may not know many relevant system parameters
Dependability of each componentFrequency of component interactionsVolume of component interactionsDependability of component interactionsCPU usage on each hostDependability of each hostEffective bandwidth of each network connectionDependability of each network connection. . .
The current deployment architecture may not work well
Simplified Problem Definition
(1)a set C of n components ( Cn = ), a relation ℜ→×CCfreq : , and a function ℜ→Cmemcomp :
Given:
Simplified Problem Definition
(1)a set C of n components ( Cn = ), a relation ℜ→×CCfreq : , and a function ℜ→Cmemcomp :
Given:
⎭⎬⎫
⎩⎨⎧
≠=
=jiji
jiji ccifcandcbetweencommoffrequency
ccifccfreq
0),(
Simplified Problem Definition
(1)a set C of n components ( Cn = ), a relation ℜ→×CCfreq : , and a function ℜ→Cmemcomp :
⎭⎬⎫
⎩⎨⎧
≠=
=jiji
jiji ccifcandcbetweencommoffrequency
ccifccfreq
0),(
cformemoryrequiredcmemcomp =)(
Given:
(2) a set H of k hardware nodes ( Hk = ), a relation
ℜ→× HHrel : , and a function ℜ→Hmemhost :
Simplified Problem DefinitionGiven:
(2) a set H of k hardware nodes ( Hk = ), a relation
ℜ→× HHrel : , and a function ℜ→Hmemhost :
Simplified Problem DefinitionGiven:
⎪⎭
⎪⎬
⎫
⎪⎩
⎪⎨
⎧
≠
==
jiji
ji
ji
ji
hhifhandhbetweenlinktheofyreliabilithtoconnectednotishif
hhifhhrel 0
1),(
(2) a set H of k hardware nodes ( Hk = ), a relation
ℜ→× HHrel : , and a function ℜ→Hmemhost :
⎪⎭
⎪⎬
⎫
⎪⎩
⎪⎨
⎧
≠
==
jiji
ji
ji
ji
hhifhandhbetweenlinktheofyreliabilithtoconnectednotishif
hhifhhrel 0
1),(
hhostonmemoryavailablehmemhost =)(
Simplified Problem DefinitionGiven:
Simplified Problem DefinitionGiven:(3) Two relations that restrict locations
of software components 1,0: →×HCloc 1,0,1: −→×CCcolloc
Simplified Problem DefinitionGiven:(3) Two relations that restrict locations
of software components 1,0: →×HCloc 1,0,1: −→×CCcolloc
⎭⎬⎫
⎩⎨⎧
=ji
jiji hontodeployedbecannotcif
hontodeployedbecancifhcloc
01
),(
Simplified Problem DefinitionGiven:(3) Two relations that restrict locations
of software components 1,0: →×HCloc 1,0,1: −→×CCcolloc
⎭⎬⎫
⎩⎨⎧
=ji
jiji hontodeployedbecannotcif
hontodeployedbecancifhcloc
01
),(
⎪⎭
⎪⎬
⎫
⎪⎩
⎪⎨
⎧−=
ji
ji
ji
ji
candcofncollocatioonnsrestrictionoarethereifcashostsametheonbetohascifcashostsametheonbecannotcif
cccolloc011
),(
Find a function HCf →: such that the
( )
∑∑
∑∑
= =
= =
∗= n
i
n
jji
n
i
n
jjiji
ccfreq
cfcfrelccfreqA
1 1
1 1
),(
))(),((),(
system’s overall availability
is maximized, and the following three conditions are satisfied:
Simplified Problem Definition
Find a function HCf →: such that the
( )
∑∑
∑∑
= =
= =
∗= n
i
n
jji
n
i
n
jjiji
ccfreq
cfcfrelccfreqA
1 1
1 1
),(
))(),((),(
system’s overall availability
is maximized, and the following three conditions are satisfied:
Simplified Problem Definition
Simplified Problem DefinitionFind a function HCf →: such that the
( )
∑∑
∑∑
= =
= =
∗= n
i
n
jji
n
i
n
jjiji
ccfreq
cfcfrelccfreqA
1 1
1 1
),(
))(),((),(
system’s overall availability
is maximized, and the following three conditions are satisfied:
⎪⎭
⎪⎬⎫
⎪⎩
⎪⎨⎧
≤=∈∀∈∀ ∑j
ihostjcompij hmemcmemhcfnjki )())()(],1[],1[
Find a function HCf →: such that the
( )
∑∑
∑∑
= =
= =
∗= n
i
n
jji
n
i
n
jjiji
ccfreq
cfcfrelccfreqA
1 1
1 1
),(
))(),((),(
system’s overall availability
is maximized, and the following three conditions are satisfied:
Simplified Problem Definition
1))(,(],1[ =∈∀ jj cfclocnj
Find a function HCf →: such that the
( )
∑∑
∑∑
= =
= =
∗= n
i
n
jji
n
i
n
jjiji
ccfreq
cfcfrelccfreqA
1 1
1 1
),(
))(),((),(
system’s overall availability
is maximized, and the following three conditions are satisfied:
Simplified Problem Definition
],1[],1[ nlnk ∈∀∈∀))()(()1),(( lklk cfcfcccolloc =⇒=))()(()1),(( lklk cfcfcccolloc ≠⇒−=
Simplified Problem DefinitionFind a function HCf →: such that the
( )
∑∑
∑∑
= =
= =
∗= n
i
n
jji
n
i
n
jjiji
ccfreq
cfcfrelccfreqA
1 1
1 1
),(
))(),((),(
system’s overall availability
is maximized, and the following three conditions are satisfied:
⎪⎭
⎪⎬⎫
⎪⎩
⎪⎨⎧
≤=∈∀∈∀ ∑j
ihostjcompij hmemcmemhcfnjki )())()(],1[],1[ 1))(,(],1[ =∈∀ jj cfclocnj],1[],1[ nlnk ∈∀∈∀
))()(()1),(( lklk cfcfcccolloc =⇒=))()(()1),(( lklk cfcfcccolloc ≠⇒−=
Note that the possible number of
different functions is
OutlineFrom architectures to systemsEnsuring dependability
Problem definitionProposed solution
Concluding remarks
Overview of the ApproachObjective
Identify the problemLog and examine system eventsActively monitor the system during runtime
Develop a solutionDecide which data to cacheDecide which components to replicateIntroduce multiple execution modesCalculate an improved system deployment
Apply the solution to eliminate the problemCache or hoard data Replicate data or codeRedeploy (parts of) the system
Overview of the ApproachObjective
Identify the problemLog and examine system eventsActively monitor the system during runtime
Develop a solutionDecide which data to cacheDecide which components to replicateIntroduce multiple execution modesCalculate an improved system deployment
Apply the solution to eliminate the problemCache or hoard data Replicate data or codeRedeploy (parts of) the system
Improving Availability via Redeployment
Time
Availability
A1
A2
TM TRT
TOTET’M T’R
T’T’OT’E
A3
A4
First Identify the Problem
Time
Availability
A1
A2
TM TRT
TOTE
First Identify the Problem
Time
Availability
A1
A2
TM TRT
TOTE
IComponentIConnector
AbstractMonitor
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
IArchitecture
#mutualPort
Disconnection Rate
EvtFrequency
Monitoring in Prism-MW
Monitoring in Action
34
31
18
2 615
16
4 12
21
8
3 9
29 1 28
2030
17
14
0
2226
13
27
1033
7
24
25
32
19
23
11
5
Then Develop a Solution
Time
Availability
A1
A2
TM TRT
TOTE
Then Develop a Solution
Time
Availability
A1
A2
TM TRT
TOTE
1
100
10000
1000000
Time taken(in ms)
0
0.2
0.4
0.6
0.8
1
z
Achieved availability
10 comps 100 comps 200 comps 1000 comps 100 comps 30 comps 300 comps 4 hosts 10 hosts 20 hosts 100 hosts 40 hosts 7 hosts 70 hosts
Suite of algorithms:Exact – exponential complexityStochastic – quadratic complexityAdaptive greedy – cubic complexityDecentralized – quadratic complexity
Estimating in Action
Automatic Algorithm Selection
AC
AS
T0STES
GreedyAG
AEExact
TEG TEE
T0G T0E
Time
Availability
TRTR TRT
Stochastic
Automatic Algorithm Selection
AC
AS
T0STES
GreedyAG
AEExact
TEG TEE
T0G T0E
Time
Availability
TRTR TRT
Stochastic
Then Apply the Solution
Time
Availability
A1
A2
TM TRT
TOTE
Then Apply the Solution
Time
Availability
A1
A2
TM TRT
TOTE
IComponentIConnector
Scaffold
AbstractDispatcher
Round RobinDispatcher
AbstractScheduler
FifoScheduler
Brick
Architecture
ExtensibleComponent
Component
Connector
Event
Port
IPort
Serializable
Admin
IArchitecture
#mutualPort
AbstractAdmin
DeployerAbstract
Redeployment Algo
Exact
Stochastic
Adaptive Greedy
Redeployment in Prism-MW
Redeployment in Action
Admin
34
31
18
2 615
16
4 12
21
Admin
8
3 9
29 1
Admin
28
2030
17
14
0Admin
2226
13
27
1033
7
24
25
32
19
23
11
Deployer
5
Goingfrom
Host 2Host 1
Host 3 Host 4 Host 5
Clock
Weather Repository
Map
WeatherAnalyzer
ResourceManager
StrategyAnalysisKB
SimulationAgent
ResourceMonitor
SAKBUI
HQ UI
StrategyAnalyzer
Agent DeploymentAdvisor
Commander UI
SoldierUI
Legend:
User interface component(fixed to a host)
Processing or datacomponent
Commander UI
SoldierUI
Host 2
Hardware host
Network link
Interaction pathbetween components
to
OutlineFrom architectures to systemsEnsuring dependability
Problem definitionProposed solution
Concluding remarks
Concluding RemarksStill so much to do
Enriching/completing the modelsFocusing on additional aspects of dependabilityAddressing feature interactionsAddressing emergent propertiesDetermining which concerns are (not) architectural
Promise or Illusion?If we can define it, we should be able to
Analyze for itBuild itMeasure itAct on it
So, why haven’t we done it yet?
The Playing FieldDependability
HardwareProperties
SoftwareProperties
Availability
Reliability
Security
Safety
InteractionFrequency
Interaction Volume
Component Size
Interaction Volume
ComponentCPU Usage
AvailableMemory
Available CPU
NetworkReliability
NetworkBandwidth
Survivability
ComponentFailure Rate
H/W Properties
S/WProperties
Dependability
Exploring the Problem Space
Exploring the Problem Space
Exploring the Problem Space
Exploring the Problem Space
Questions?
Using Prism-MW
Component B handles the event and sends a response
public void handle(Event e)
if (e.equals(“Event_D”)) ... Event e1= new Event(“Response_to_D”);e1.addParameter("response", resp);send(e1);...
Sen
d (
e1)
Architecture - DEMO
Component BComponent A
Component D
CConnector C
Component D sends an event
Event e = new Event (“Event_D”);e.addParameter("param_1", p1);send (e);
Sen
d (e)
Assumptions
Time
Availability
A1
A2
TM TRT
TOTE
TM+TE+TR<<T0TM+TE+TR<<T0
•Possible in small amounts of time even for slow links
For example, •dialup (56K), 50% reliability, 100K in 28 sec•1M, 50% reliability, 100K in less than 0.7 sec
Assumptions
Time
Availability
A1
A2
TM TR
TTOTE
TM+TE+TR<<T0TM+TE+TR<<T0
TimeT
Average value ofa parameter
ε
MonitoringHow many samples before I assume stability?Proposed solution
Average for every new event that arrivesCompare averages for small number of samples (e.g., 3)As soon as the difference between the samples is < εassume the parameter is stableSome parameters will take longer to stabilize
Keep comparing all the parameters to ensure stability, until allof them are within their ε
Keep monitoring during redeployment estimation to make sure the parameters have not changed
What Is Needed?
Scalable and lightweight support for distributed architectureswith arbitrary topologies
Support for automatic monitoringEfficient and precise solutions for the exponentially complex redeployment problemSupport for automatic redeployment
Problem breakdown
Problem breakdown1) Lack of knowledge about runtime system parameters
unknown at the time of initial deploymentchange at runtimearchitectural middleware with monitoring support
Problem breakdown1) Lack of knowledge about runtime system parameters
unknown at the time of initial deploymentchange at runtimearchitectural middleware with monitoring support
2) Exponentially complex problemn components and k hosts = kn possible deploymentssystem constraints further complicate the problempolynomial-time approximating algorithms
Problem breakdown1) Lack of knowledge about runtime system parameters
unknown at the time of initial deploymentchange at runtimearchitectural middleware with monitoring support
2) Exponentially complex problemn components and k hosts = kn possible deploymentssystem constraints further complicate the problempolynomial-time approximating algorithms
3) Assessing deployment architecturescomparison of different algorithmsperformance vs. complexity, sensitivity analysis, etc.analysis and simulation environment
Problem breakdown1) Lack of knowledge about runtime system parameters
unknown at the time of initial deploymentchange at runtimearchitectural middleware with monitoring support
2) Exponentially complex problemn components and k hosts = kn possible deploymentssystem constraints further complicate the problempolynomial-time approximating algorithms
3) Assessing deployment architecturescomparison of different algorithmsperformance vs. complexity, sensitivity analysis, etc.analysis and simulation environment
4) Effecting the selected solutionredeploying componentsrequires an automated solutionarchitectural middleware with deployment support
Architecture(ADL)
Implementation(middleware, bus
technolgies)
Design(UML)
Object-Oriented
Programming Language (OOPL)D/COM
CORBAC++
Java
Visual Basic
JEDI
Java Beans
C2
Not Nece
ssarily
Drawn
to Sca
leWhy the Problem Isn’t Solved