Reading Group on Reliable & Secure System Design
2002 - Fall

Topics:

1. Analytical Modeling and Simulation
2. Dependability Measurements
3. Validation ¡V Fault injection & Formal methods
4. Case studies of intrusion detection systems
5. Case studies of reliable system design
6. Error detection & Control flow checking
7. Checkpointing & Recovery

Content of the Presentation

Pay particular emphasis on the following points in your presentation:

• What is the motivation behind the work? Is it driven by real-world problems?
• What are the one or two key ideas in the paper? Generally, you can distill out the complexities of the paper and find the key ideas which should be expressed succinctly in one slide. When the audience walks out of the presentation, a majority will forget the details. Here you must drive in the points that you want the audience to leave the room with. Remind the audience of the key points in the paper towards the end of the presentation.
• Give an illustration of the approach in the paper applied to a problem. You can use the example presented in the paper, but it will be highly appreciated if you can also sketch out the application of the idea to another problem.
• What are the assumptions made in the paper? When are these assumptions valid and when are they not? What would it take to weaken the assumptions?
• In presenting a paper, focus on the part of the paper that has relevance to reliable and secure systems. For example, there may be a discussion of a particular cryptography algorithm, but that may be worthy of less emphasis than the way it is integrated into the whole system to enhance system resilience.
• Give an idea of the related work in the area. What is the state of the art, and how is this paper extending that? Is there more recent work on this problem?
• Are there efforts to commercialize the ideas in the paper? For example, the paper may be proposing a processor architecture and you are to see if any commercial vendors are using the architecture or a variant of it.

Here are some parts that may be of less importance in a reading group presentation such as ours:

• Details of a particular technique that does not deal with reliability or security per se. For example, a hardware fault tolerant system may have an architecture that is speculative and therefore suitable for high performance. You may want to spend less time on that than on an aspect that improves the resilience of the hardware platform.
• Going through the paper from A through Z. The written paper has the compulsion of trying to be complete in its presentation. Here, we are trying to get the main lessons from the paper and therefore can pick and choose the parts we want to highlight.
• Don¡¦t present half a dozen experimental results if they all have the objective of proving one idea. Show one of the experimental results and see how it supports the author claims, and perhaps mention how other experiments also bear the claims out.

Tips for the Presentation

Here are some points the presenter should keep in mind and the other participants should use while critiquing the presentation.

• At the end does the presentation give me an idea of the key contribution of the paper?
• Did the presentation bring out the shortcomings of the paper?
• Did the presentation have a smooth flow or was the presenter jumping back and forth between the topics?
• Did the presenter try to understand audience questions and respond to them directly and clearly?
• Did the presenter speak forcefully stressing on the important points? Did the presenter appear to connect with the audience? A key to this is to speak looking at the audience, as opposed to looking at the transparencies and reading off them.
• Before the actual presentation, give a dry run, even if it is only to yourself.

For the feedback on the presentation, speak your mind out. Don¡¦t be offensive, but be candid. We are doing this so that we can help each other improve in the way we give presentations. This is a very important skill in all walks of life ¡V industry jobs and academic jobs, and this group is meant to give you a non-threatening environment in which to improve this skill.

List of Papers

Here is an initial list of a superset of the papers we will look at. We will be sticking to this list for the first few weeks and after that, if students express interest in some other papers on the topic, we will consider those too.

Analytical Modeling and Simulation

Z. Kalbarczyk, R. K. Iyer, G.L. Ries, J.U. Patel, M.S. Lee, and Y. Xiao Hierarchical Simulation Approach to Accurate Fault Modeling for System Dependability Evaluation,IEEE Transactions on Software Engineering, vol. 25, no.5, September/October 1999, pp.619-632.

K. K. Goswami, R. K. Iyer, and L. Young, "DEPEND: A Simulation-Based Environment for System Level Dependability Analysis," IEEE Transactions on Computers, vol. 46, no. 1, Jan. 1997, pp. 60-74.

J. F. Meyer, "On Evaluating the Performability of Degradable Computing Systems," IEEE Transactions on Computers, vol. C-29, no.8, Aug. 1980, pp. 720-731.

W.H. Sanders and L.M. Malhis, "Dependability Evaluation Using Composed SAN-Based Reward Models," Journal of Parallel and Distributed Computing, Special Issues on Petri Net Models of Parallel and Distributed Computers, vol.15, no.3, 1992, pp.238-254.

Dependability Measurements

R. Iyer, Z. Kalbarczyk, M. Kalyanakrishnam Measurement-Based Analysis of Networked System Avilability, in "Performance Evaluation Origins and Directions," Ed. G. Haring, Ch. Lindemann, M. Reiser, Lecture Notes in Computer Science, Springer Verlag 1999.

J. Xu, Z. Kalbarczyk, R. Iyer, Networked Windows NT System Filed Failure Data Analysis, Proc. of Pacific Rim International Symposium on Dependable Computing, PRDC'99, Hong Kong, 1999.

S. Chandra and P. Chen, "Whither Generic Recovery from Application Faults?A Fault Study Using Open-Source Software," Proc. International Conference on Dependable Systems, DSN 2000, pp. 97-106.

J. Gray, "A Census of Tandem System Availability Between 1985 and 1990," IEEE Transactions on Reliability, vol. 39, no. 4, July 1990, pp. 409-418.

Validation

J. Arlat, et al., "Fault Injection for Dependability Validation: A Methodology and Some Applications," IEEE Transactions on Software Engineering, vol.16, no. 2, Feb. 1990, pp. 166-182.

R. K. Shehady and D. P. Siewiorek, "A Method to Automate User Interface Testing Using Variable Finite State Machines," Proc. IEEE Fault-Tolerant Computing Symp., 1997, pp. 80-88.

D. Stott, N. Speirs,Z. Kalbarczyk, S. Bagchi, J. Xu, R. K. Iyer, Comparing Fail-Silence Provided by Process Duplication versus Internal Error Detection for DHCP Server, Proc. of Int'l Parallel and Distributed Processing Symposium, IPDPS'01, April 2001, pp. 91-100.

Case Studies of Intrusion Detection Systems

Wenke Lee and Sal Stolfo, A Framework for Constructing Features and Models for Intrusion Detection Systems ACM Transactions on Information and System Security, Volume 3, Number 4 (November 2000)

S. Chen, J. Zu, R. K. Iyer and K. Whisnant. Evaluating the Security Threat of Firewall Data Corruption Caused by Instruction Transient Errors. Proc. International Conference on Dependable Systems, DSN 2002.

J. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, and K. Levitt. The Design and Implementation of an Intrusion Tolerant System. Proc. International Conference on Dependable Systems, DSN 2002.

Readings taken from CS 590-I course on "Introduction to Information Security". http://www.cerias.purdue.edu/homes/spaf/CS590I/index.html#read

Case Studies of Reliable System Design

D. Jewett, "Integrity S2: A Fault-tolerant Unix Platform," Proc. IEEE Fault-Tolerant Computing Symp., 1991, pp.512-519.

O. Serlin, "Fault-Tolerant Systems in Commercial Applications," IEEE Computer, August, 1984, pp. 19-30.

R. W. Horst,, " TNet: A Reliable System Area Network," IEEE Micro, February 1995, pp. 37-45.

Error Detection & Control Flow Checking

S. Bagchi, Y. Liu, Z. Kalbarczyk, R. K. Iyer, Y. Levendel, L. Votta, A Framework for Database Audit and Control Flow Checking for a Wireless Telephone Network Controller, in Proc. of Conference on Dependable Systems and Networks, DSN'01, July 2001, pp. 225-234.

Z. Alkhalifa, V.S.S. Nair, N. Krishnamurthy, and J.A. Abraham, ¡§Design and Evaluation of System-Level Checks for On-Line Control Flow Error Detection,¡¨ IEEE Trans. On Parrallel & Distributed Systems, June 1999, pp. 627-641.

J. H. Patel and L. Y. Fung, "Concurrent Error Detection in ALU¡¦s by Recomputing with Shifted Operands, " IEEE Transactions on Computers, vol. C-31, no. 7, July 1982, pp. 589-595.

A. Mahmood and E. J. McCluskey, "Concurrent Error Detection Using Watchdog Processors - A Survey," IEEE Transactions on Computers, vol. 37, no. 2, Feb. 1988, pp. 160-174.

Checkpointing & Recovery

K. M. Chandy and L. Lamport, "Distributed Snapshots: Determining Global States of Distributed Systems," ACM Transactions on Computer Systems, vol. 3, no. 1, Feb. 1985, pp. 63-75.

E. N. Elnozahy and W. Zwaenepoel, "On the Use and Implementation of Message Logging," Proc. IEEE Fault-Tolerant Computing Symp., 1994, pp.298-307.

N. Vaidya, "A Case for Two-level Recovery Schemes," IEEE Transactions on Computers, vol. 47, no.6, June 1998, pp. 656-666.

R. Prakash, M. Singhal, "Low-cost Checkpointing and Failure Recovery in Mobile Computing Systems,"IEEE Transaction on Parallel and Distributed Systems, vol. 7, no. 10, Oct. 1996, pp. 1035-1048.

2010

2009

2008

2007