Thursday, 14 December 2017

Session 3: Performance and other Quality Aspects and Domains

Session Chair: Jerry Rolia (Hewlett Packard Laboratories)

Monitoring for Security Intrusion using Performance Signatures

Authors:

Alberto Avritzer (Siemens Corporate Research)
Rajanikanth Tanikella (Siemens Corporate Research)
Kiran James (Siemens Corporate Research)
Robert G. Cole (JHU/Applied Physics Laboratory)
Elaine Weyuker (AT&T Labs - Research)

Abstract:

A new approach for detecting security attacks on software systems by monitoring the software system performance signatures is introduced. We present a proposed architecture for security intrusion detection using off-the-shelf security monitoring tools and performance signatures. Our approach relies on the assumption that the performance signature of the well-behaved system can be measured and that the performance signature of several types of attacks can be identified. This assumption has been validated for operations support systems that are used to monitor large infrastructures and receive aggregated traffic that is periodic in nature. Examples of such infrastructures include telecommunications systems, transportation systems and power generation systems. In addition, significant deviation from well-behaved system performance signatures can be used to trigger alerts about new types of security attacks. We used a custom performance benchmark and five types of security attacks to derive performance signatures for the normal mode of operation and the security attack mode of operation. We observed that one of the types of the security attacks went undetected by the off-the-shelf security monitoring tools but was detected by our approach of monitoring performance signatures. We conclude that an architecture for security intrusion detection can be effectively complemented by monitoring of performance signatures.

DOI: 10.1145/1712605.1712623

Full text: PDF

[#][]

Automatically Improve Software Architecture Models for Performance, Reliability, and Cost Using Evolutionary Algorithms

Authors:

Anne Martens (Karlsruhe Institute of Technology)
Heiko Koziolek (ABB Corporate Research)
Steffen Becker (FZI Karlsruhe)
Ralf Reussner (Karlsruhe Institute of Technology & FZI Karlsruhe)

Abstract:

Quantitative prediction of quality properties (i.e. extra-functional properties such as performance, reliability, and cost) of software architectures during design supports a systematic software engineering approach. Designing architectures that exhibit a good trade-off between multiple quality criteria is hard, because even after a functional design has been created, many remaining degrees of freedom in the software architecture span a large, discontinuous design space. In current practice, software architects try to find solutions manually, which is time-consuming, can be error-prone and can lead to suboptimal designs. We propose an automated approach to search the design space for good solutions. Starting with a given initial architectural model, the approach iteratively modifies and evaluates architectural models. Our approach applies a multi-criteria genetic algorithm to software architectures modelled with the Palladio Component Model. It supports quantitative performance, reliability, and cost prediction and can be extended to other quantitative quality criteria of software architectures. We validate the applicability of our approach by applying it to an architecture model of a component-based business information system and analyse its quality criteria trade-offs by automatically investigating more than 1200 alternative design candidates.

DOI: 10.1145/1712605.1712624

Full text: PDF

[#][]

SLA-driven Planning and Optimization of Enterprise Applications

Authors:

Hui Li (SAP Research Karlsruhe)
Giuliano Casale (SAP Research Belfast)
Tariq Ellahi (SAP Research Belfast)

Abstract:

We propose a model-based methodology to size and plan enterprise applications subject to Service Level Agreements (SLAs). Our approach is illustrated using a real-world Enterprise Resource Planning (ERP) application, namely SAP ERP. Firstly, we develop a closed queueing network model with finite capacity regions describing the SAP ERP application performance and show that this model is effective and robust in capturing measured response times and utilizations. Secondly, we propose an analytical cost model that jointly accounts for fixed hardware costs and dynamic operational costs related to power consumption.

Based on the developed performance and cost models, we propose to use multi-objective optimization to find the Pareto-optimal solutions that describe the best trade-off solutions between conflicting performance and cost-saving goals. Experimental validation demonstrates the accuracy of the proposed models and shows that the attained Pareto-optimal solutions can be efficiently used by service providers for SLA-driven planning decisions, thus making a strong case in favor of the applicability of our methodology for deployment decisions subject to different SLA requirements.

DOI: 10.1145/1712605.1712625

Full text: PDF

[#][]

Agile Resource Management in a Virtualized Data Center

Authors:

Wei Zhang (Worcester Polytechnic Institute)
Hangwei Qian (Case Western Reserve University)
Craig E. Wills (Worcester Polytechnic Institute)
Michael Rabinovich (Case Western Reserve University)

Abstract:

In this paper we develop, implement and evaluate an approach to quickly reassign resources for a virtualized utility computing platform. The approach provides this platform agility using ghost virtual machines (VMs), which participate in application clusters, but do not handle client requests until needed. We show that our approach is applicable to and can benefit different virtualization technologies.

We tested an implementation of our approach on two virtualization platforms with agility results showing that a sudden increase in application load could be detected and a ghost VM activated handling client load in 18 seconds. In comparison with legacy systems needing to resume VMs in the face of harply increased demand, our approach exhibits much better performance across a set of metrics. We also found that it demonstrates competitive performance when compared with scripted resource changes based on a known workload. Finally the approach performs well when used with multiple applications exhibiting periodic workload changes.

DOI: 10.1145/1712605.1712626

Full text: PDF

[#][]