Proceedings of the Third Large Scale Complex IT Systems Postgraduate Workshop

8/3/2019 Proceedings of the Third Large Scale Complex IT Systems Postgraduate Workshop

1/38

Proceedings of the Third

Large Scale Complex IT Systems

Postgraduate Workshop

Goodenough Club, London, UK31st October 2011

Editor:

Jason S. Reich

Co-chairs:

Yasmin RafiqJason S. Reich

Copyright 2011 by the authors.


2/38


3/38

Preface

The Large Scale Complex IT Systems (LSCITS) initiative was established toimprove existing technical approaches to complex systems engineering and todevelop new socio-technical approaches that help us understand the complexinteractions between organisations, processes and systems.

We hold an annual postgraduate workshop to collect experience and res-ults from the community of LSCITS researchers, both within the initiative and

beyond. The topics we seek to cover include:

complexity in organisations, socio-technical systems engineering, high-integrity systems engineering, predictable software systems, novel computational methods, and mathematical foundations of complexity.

This year, we are fortunate to present a programme that touches the fullrange of LSCITS interests. Researchers based in both academia and industryare participating in the talk and poster presentation strands, a testament to thereach and activity of the field.

The chairs would like to express their gratitude to Professor Dave Cliff forhis overall direction and advice, to Mrs Clare Williams for providing organ-ising our wonderful venue and accommodation and to Professor Richard Paigefor helping with the selection of an invited speaker.

Finally, we would like to thank the invited speaker and participants fortheir support of the workshop and the programme committee for providinginvaluable feedback to developing researchers.

Yasmin Rafiq and Jason S. Reich October 2011Co-chairs, LSCITS PGR Workshop 2011

Programme Committee

Leon Atkins (Bristol)

Alex Fargus (York, Cybula)David Greenwood (St. Andrews)Ken Johnson (Aston)Christopher Poskitt (York)

Yasmin Rafiq (Aston)

Asia Ramzan (Aston)Jason S. Reich (York)Owen Rogers (Bristol)

James Williams (York)


4/38


5/38

Contents

I Talk Abstracts

Invited talk: Managing Complexity in Large Scale Organizations . . . . . . 1

Simon Smith

CloudMonitor: Software Energy Monitoring for Cloud . . . . . . . . . . . . . . . . . . 2

James Smith

Socio-technical Simulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Matthew Hudson

Multiple Time Series Analysis Through Dimensionality Reductionand Subspace Tracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Chris Musselle

Making Smart Devices more Reliable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Lu Feng

Lazy generation of canonical programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Jason S. Reich, Matthew Naylor and Colin Runciman

Optimising the Speed Limit: Improving Speed Scaling by LimitingMaximum Processor Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Leon Atkins

II Poster Abstracts

Securing offline integrity and provenance of virtual machines . . . . . . . . . . . 19

Mustafa Aydin

Sleep Stage Classification in Rodents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Alex Fargus

Cloud Objects: Programming the Cloud with Data-Parallel, MulticastObjects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Julian Friedman

Control-theoretical approach for workflow management . . . . . . . . . . . . . . . . 22Hashem Ali Ghazzawi

Socio-technical Analysis of Enterprise-scale Systems . . . . . . . . . . . . . . . . . . . 24

David Greenwood and Ian Sommerville


6/38

VI

The Cloud Adoption Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Ali Khajeh-Hosseini

Stack usage analysis for large complex embedded real-time systems . . . . 26William Lunniss

Examining the Relative Agreement model with Clustered Populations . . 27Michael Meadows

Techniques for Learning the Parameters of QoS Engineering Models . . . . 28Yasmin Rafiq

Dynamic Energy Footprinting of Online Media Services . . . . . . . . . . . . . . . . 29Daniel Schien, Chris Preist, Paul Shabajee and Mike Yearworth

Continuous dynamics of automated algorithmic trading . . . . . . . . . . . . . . . . 30

Charlotte Szostek


7/38

Part I

Talk Abstracts


8/38


9/38

1

Invited talk:

Managing Complexity in Large Scale Organizations

Simon Smith

MooD International

[email protected]

Biography

Simon sets the technology strategy at MooD International. He works withMooD Internationals customers and partners to progress MooD Internationals

vision for how architecture-based technologies will be exploited in the fu-ture, and manages the companys software delivery organization to realizethis strategy.

Prior to joining MooD International Simon lectured in software engineer-ing at the University of Durham, UK, managing research and developmentin corporate knowledge and evolutionary software architectures. This workwas funded equally by government science councils and major UK industrialpartners. Simon began his career as a Research Associate at the University ofYork, UK where, in conjunction with researchers from Logica, he developedhis interests in applying enterprise architecture methods and formal logics toachieving better business outcomes.


10/38

2

CloudMonitor:

Software Energy Monitoring for Cloud

James Smith

School of Computer Science,

University of St Andrews

[email protected]

1 Cloud Computing and Energy

Cloud Computing has the potential to have a massive impact on the future car-bon footprint of the ICT sector. It may lead to an increasing demand for energy

to power large datacentres or those very datacentres may shift the location oftraditional computer resources from relatively inefficient local machine roomsto the extremely efficient plants of computation that are now being developed[1].

Facebook, Inc. announced in April 2011 that their new data center in Ore-gon, USA has a power Usage Effectiveness (PUE) rating of 1.07 [2], meaningthat 1 in every 1.07 Watts of electrical power entering their plant goes directlyto powering servers doing useful work. The margins for improving powerconsumption by decreasing the amount spent on auxiliary work and othermechanical areas (such as cooling) are increasingly slim. The largest remain-ing potential for reducing power costs is increas-ing the efficiency of the ITsystems themselves.

2 Machine Utilisation

The key in the field of IT energy efficiency is that most systems today do notgracefully adjust their power consumption according to the amount of usefulwork they are doing. An ideal scenario would be that computers consume anamount of power directly corresponding to their current level of utilization.Far more commonly, current IT systems consume a disproportionate amountof power compared to their level of utilization, particularly at low workloads.For example, at a 10% level of utilization a typical blade server will consume50% of its peak power. So after some initial threshold, power consumption isdirectly effected by workload

It is therefore possible to reduce energy consumption by introducing virtu-alisation to increase physical machine utilisation levels and reduce the numberof devices required.The energy required to run a particular Virtual Machine isdictated by the activity of the application and the resources it consumes (e.g.CPU, Disk, Memory, Network) [3].


11/38

3

3 Private Cloud

At present there are a number of barriers to creating an energy efficient work-load scheduler for a Private Cloud based data center. Firstly, the relation-ship between different workloads and power consumption must be invest-igated. Secondly, current hardware-based solutions to providing energy us-age statistics are unsuitable in warehouse scale data centers where low costand scalability are desirable properties. Recent work at the Cloud ComputingCo-Laboratory in St Andrews (StACC) to ascertain the connection betweenworkload and power consumed by computing devices has uncovered a no-ticeable, yet predictable, difference in energy consumption when servers aregiven tasks that dominate various resources (CPU, Memory, Hard Disk andNetwork). This insight lead to development of CloudMonitor, a software utilitythat is capable of greater than 95% accurate power predictions from monit-oring resource consumption of workloads, after a training phase in which adynamic power model is calculated. More discussion of CloudMonitor bey-ond that presented here, including a statistical breakdown of its power model,can be found in [4].

4 Informing Workload Schedulers

CloudMonitor reads the resource (CPU, Memory, Hard Disk and Network) us-age levels of the system it is monitoring in real time. In the initial training

phase, these are correlated with power usage levels from an attached PowerDistribution Unit (PDU). Linear regression analysis is performed to developa power model, after which the PDU can be disconnected and the softwarewill be able to use this model to produce Energy utilisation values basedsolely on the computational resources consumed. CloudMonitor can then bedeployed across all machines of the same configuration, proving a low-cost,scalable, cross-platform solution for monitoring energy consumption and com-putational performance in Cloud Computing systems [5].

Evaluating the work done and energy used of a VM may lead to the pos-sibility of producing a mix of work, a collection of running VMs, which isoptimal for a given physical machine or Private cloud system. This opens thedoor to the possibility of scheduling workload mixes for optimal performance

or for energy efficiency. If VMs are consistently run executing specific work-loads, then each of those tasks can be profiled, allowing great accuracy in thescheduling decisions for each subsequent deployment.

Additional research is now required to investigate optimal mixes of work-load types, with the view to scheduling in such a manner.


12/38

4

Bibliography

[1] Environmental Protection Agency, Report to Congress on Server and DataCentre Energy Efficiency. Public Law, Vol 109, p109-431, 2007.[2] Facebook Inc, Faceboook Launchs Open Computer Project; Press Release. ht-

tps://www.facebook.com/press/releases.php?p=214173, 2011.[3] A. Kansal, F. Zhao and A.A. Bhattacharya, Virtual Machine Power Metering

and Provisioning. ACM Symposium on Cloud Computing (SOCC), 2010.[4] J.W. Smith and Ian Sommerville, Workload Classification and Software

Energy Measurement for Efficient Scheduling on Private Cloud Systems,http://arxiv.org/pdf/1105.2584, 2011.

[5] Bohra H, Ata E, Chaundhary, V VMeter: power modelling for virtualizedclouds, IEEE International Symposium on Parallel and Distributed Pro-cessing Workshops and PhD Forum (IPDPSW) 2010.

[6] Sharifi, Mohsen and Salimi, Hadi and Najafzadeh, Mahsa, Power-efficientdistributed scheduling of virtual machines using workload-aware consolidationtechniques, The Journal of Supercomputing, Springer Netherlands,
https://www.facebook.com/press/releases.php?p=214173https://www.facebook.com/press/releases.php?p=214173http://arxiv.org/pdf/1105.2584http://arxiv.org/pdf/1105.2584https://www.facebook.com/press/releases.php?p=214173https://www.facebook.com/press/releases.php?p=214173


13/38

5

Socio-technical Simulations

Matthew Hudson

Department of Computer Science

The University of York [email protected]

1 Introduction

This abstract introduces the research topics which are central to the industrybased work which I will carry out during the course of the EngD. The leadingmotivation of this research is to investigate immersion, learning and social pres-ence in Virtual Environments (VEs), specifically Live Virtual Constructed (LVC)

environments. LVC simulations are used in military training and involve realpilots in real planes interacting with real pilots flying in simulators, virtuallyconstructed enemies, and so on. Simply put an LVC is a socio-technical systemused for multi-user training, a virtual environment populated by constructedentities and accessed by real humans via virtual or augmented reality techno-logy from a variety of geographical locations.

The purpose of the research is to establish the importance of various fea-tures and phenomena within the LVC simulations, finding a balance betweenthe technology and human elements so that effective transfer of skills, know-ledge and competency is achieved by all trainees involved.

2 BackgroundMuch of the current literature on simulation focuses on the notion of phys-ical fidelity and physical presence (the feeling of physically being in the VE),however there are other more subtle issues in simulation training which arerarely addressed yet are potentially more important to the efficient and ef-fective training of personnel. The research which I will conduct over the next3 years will be focused upon the social presence (social connections withinthe VE) and psychological fidelity (the conceptual realism), and how socio-technical systems such as LVC simulations might evolve to encourage thesecognitive phenomena. In essence it is the using of the technology for teachinga potential pilot not simply how to fly, but how to fight.

It is often the case that the advancement of computational technologydrives advances in simulation [6][7], and that these advances go on to influ-ence training [5], however this research aims to show that the human mind

Supervisor: Paul Cairns, Department of Computer Science, The University of York.Industrial Supervisor: Bruce Daughtrey, BAE Systems.


14/38

6

is at the center of any training exercise and thus the human mind should bethe driving force for future advances in simulation training. Technology is not

at a point where we are able to create high quality simulations which createreal physiological responses [1][3][9] even when using relatively simple simu-lators. However, while these may give the trainee physical realism, in realityflying the plane is only half the battle, learning to fight in a pragmatic andstrategic way is critical for success. This heightened state of knowledge, skilland experience is known as competency.

This research hopes to aid in training pilots in this competency by discov-ering ways to create psychological fidelity within LVC simulations, exploringhow to manipulate the socio-technical systems to create realism in the socialaspects of the environment. To accomplish this it will be important to cla-rify and explore key notions in simulations and virtual worlds. Issues such asthe difference between presence and telepistemic access[2] (remote viewing), thedifference between a virtual space and a virtual place [8], and the debate overhow the concept of mediationplays a role in presence and immersion intovirtual worlds[4].

3 Current Work

The research conducted for this project will consist of a number of experi-mental, sociology and ethnography based studies. One methodology whichwill be used throughout the EngD will be the use of games as research in-struments. Games are similar to simulations in many ways, differing mostlyin their purpose, games can provide a useful experimental environment inwhich to test social and cognitive phenomena. The first study planned us-

ing this methodology will attempt to capture the essence of social connectionsthrough socio-technical systems such as LVC simulations, and explore or phys-ical and conceptual difference between users can affect social presence. In thisexperiment participants will play a cooperative version of Tetris, in a numberof experimental conditioned designed to explore how people react to physicaland conceptual distance between anonymous operators working on a collab-orative task over a network.

4 Future Research

Future work in this study will investigate immersion and social presence inVirtual Environments (simulations, augmented reality environments and games).To

work towards this the aims of the future research in this study will be toinvestigate cognitive and behavioural differences between actors working inreal and virtual environments, explore the notions of immersion and socialpresence in the context of LVC environments, and to empirically investigatelearning within virtual environments. To this end a number of studies have


15/38

7

been planned, experimental and sociological studies of attitudes towards col-laborative action in virtual environments, and investigating effective method-

ologies for assessing cognitive and behavioural differences between virtualityand reality.

Bibliography

[1] N. Dahlstrom and S. Nahlinder. Mental workload in aircraft and simulatorduring basic civil aviation training. The International Journal of AviationPsychology, 19(4), 2009.

[2] L. Floridi. The philosophy of presence: From epistemic failure to success-ful observability. PRESENCE: Teleoperators and Virtual Environments. SpecialIssue on Legal, Ethical, and Policy Issues Associated with Wearable Computers,Virtual Environments, and Computer Mediated Reality., 2005.

[3] S. Magnusson. Similarities and differences in psychophysiological reac-tions between simulated and real air-to-ground missions. The International

Journal of Aviation Psychology, 12(1), 2002.[4] G. Mantovani and G. Riva. Real presence: How different ontologies gen-

erate different criteria for presence, telepresence, and virtual presence.Presence-Teleoperators and Virtual Environments 8, no. 5, 1999.

[5] N.J. Maran and R.J. Glavin. Low- to high-fidelity simulation a continuumof medical education? Medical Education 37 (Suppl. 1):2228, 2003.

[6] J. McHale. High-fidelity COTS technology drives flight simulation. [Online]Retrieved: 09/10/11, Available: http://tinyurl.com/6crojdz, 2009.

[7] W. Pang, J. Qin, Y. Chui, and P. Heng. Fast prototyping of virtual realitybased surgical simulators with physx-enabled gpu. Transactions on Edutain-

ment IV LNCS, Volume 6250, 176-188, 2010.[8] A. Spagnolli and L. Gamberini. A place for presence. understanding the

human involvement in mediated interactive environments. PsychNologyJournal, 3 (1), 2005.

[9] J.A. Veltman. A comparative study of psychophysiological reactions dur-ing simulator and real flight. The International Journal of Aviation Psychology,12(1), 2002.


16/38

8

Multiple Time Series Analysis Through

Dimensionality Reduction and Subspace Tracking

Chris Musselle

University of Bristol

Multiple data stream analysis has received increasing attention in recentyears as many applications are now able to generate large quantities of con-tinuous streaming data in parallel. Such applications include computer net-work analysis, sensor network monitoring, moving object tracking, financialdata analysis, and scientific data processing among many others. In LSCITS,a major application area is in monitoring large scale data centres, where mul-

tiple traffic volumes, CPU temperatures, and power usages are continuallyproducing data. It is desirable to carry out monitoring, prediction and anom-aly detection across these data streams, however their properties present theirown set of problems to overcome.

As data is continuously being generated at a high rate, and any delay inprocessing must be minimised, traditional batch machine learning approachesare typically not sufficient for the task, as mining the data off-line is simplynot an option. Any online testing will also require substantial training withno guarantee the modelled normal of anomalous behaviour remains constant.This can be very problematic in cases where the data streams drift over time.

Another approach is to use techniques focused on using fast online/in-cremental methods, which utilise a sliding window approach or sequential

updating, so as to operate on a single pass over the data as it is generated.Such algorithms are typically a lot faster, and so can provide prompt feed-

back, though at the expense of some accuracy.

My PhD looks at synthesising a novel algorithm to perform anomaly de-tection in multiple data streams. Here, an anomaly is defined as a suddenchange point in the data e.g. a brief spike in traffic patterns, sudden shift intemperature, or drop in power usage.

To do this I will be using a technique from signal processing known as sub-space tracking [2] used in adaptive filters. Subspace trackers are pre-processingalgorithms which recursively estimate the principle subspace of the approxim-ated covariance matrix of the input data. In a way they are similar to conduct-ing Principle Component Analysis (PCA), picking up the dominant subspace

that accounts for the greatest amount of data variation. However one main dif-ference between the two is the iterative nature of subspace trackers, comparedto the batch methods of conducting PCA.

The plan is then to use the subspace tracker in [2] to monitor for changesin variation across the data streams. The assumption being that a change in


17/38

9

variation across multiple data streams could signal the presence of an anomalyor change point in the data.

In this talk I will be presenting a recent algorithm that aims to employthis idea in an adaptive fashion (the Fast Rank Adaptive Householder Sub-space Tracker or FRAHST algorithm [1]). I will then present my own empiricalevaluations of the algorithm on synthetically generated data sets designed toassess FRAHSTs input and parameter sensitivity.

Bibliography

[1] P.H. Pedro Henriques dos Santos Teixeira and Ruy Luiz R.L. Milidiu. Datastream anomaly detection through principal subspace tracking. Proceed-ings of the 2010 ACM Symposium on Applied Computing, pages 16091616,September 2010.

[2] Peter Strobach. The fast recursive row-Householder subspace tracking al-gorithm. Signal Process., 89(12):25142528, December 2009.


18/38

10

Making Smart Devices more Reliable

Lu Feng

Department of Computer Science, University of Oxford,

Parks Road, Oxford, OX1 3QD, UK

[email protected]

We are entering an era of ubiquitous computing [4], in which smart devicesare witnessed everywhere in our everyday life, from smart phones to pol-lution sensors, from personal mobile office to intelligent household devices,and from invisible embedded computing miniatures to wireless human bodyhealth monitoring system.

Our reliance on the functioning of smart devices is growing rapidly; how-ever, the breakdown of these devices may cause catastrophic damages. For ex-ample, a single faulty piece of embedded software on a network card broughtthe entire system of the LA Airport to a halt in 2007, causing over 17,000 planesgrounded for the duration of the outage; and the Mars Polar Lander failure in1999 due to a software flaw cost about $154 million. So, how can we makesmart devices more reliable?

I think (probabilistic) model checking offers a good solution. For a givensystem, model checking is capable of analysing every possible execution pathof a computer program and detecting any potential errors. Model checkingprovides more rigorous results than software testing, and it has been used inindustry, e.g. by Microsoft to verify the Windows device drivers and by Cover-

ity to detect flaws in the HTC Incredible Smartphone Software. Meanwhile,probabilistic model checking targets more complex programs, and could beused to analyse quantitative, dependability properties, e.g., what is the expec-ted time to transfer data between two wireless devices? what is the probabilityof device failure in the first hour of operation? My research aims to improve thescalability of probabilistic model checking for realworld applications, by de-veloping automated compositional verification techniques. The key idea is touse the assume-guarantee reasoning, in which a large program is decomposedinto several small components and individual components are verified underassumptions about their environment. I have contributed to the automatedassumptions generation in particular, developing novel algorithmic learningtechniques. I have also implemented a prototype and successfully applied it to

several case studies, such as the flight control software for JPLs Mars Explora-tion Rovers, to help avoid problems mentioned above. For more details pleaserefer to [2], [3] and [1].

I am very optimistic about the future of my research, and believe that itcould be used to improve the reliability of smart devices everywhere!


19/38

11

Acknowledgments. The author is sponsored by the Predictable SoftwareSystems (PSS) project of the UK Large-Scale Complex IT Systems (LSCITS)

Initiative (EPSRC grant EP/F001096/1).

Bibliography

[1] Feng, L., Han, T., Kwiatkowska, M., Parker, D.: Learning-based composi-tional verification for synchronous probabilistic systems. In: Proc. 9th Inter-national Symposium on Automated Technology for Verification and Ana-lysis (ATVA11). LNCS, vol. 6996, pp. 511521. Springer (2011), to appear

[2] Feng, L., Kwiatkowska, M., Parker, D.: Compositional verification of prob-abilistic systems using learning. In: Proc. 7th International Conference onQuantitative Evaluation of SysTems (QEST10). pp. 133142. IEEE CS Press(2010)

[3] Feng, L., Kwiatkowska, M., Parker, D.: Automated learning of probabilisticassumptions for compositional reasoning. In: Giannakopoulou, D., Orejas,F. (eds.) Proc. 14th International Conference on Fundamental Approachesto Software Engineering (FASE11). LNCS, vol. 6603, pp. 217. Springer(2011)

[4] Kwiatkowska, M., Rodden, T., Sassone, V. (eds.): Proc. From computers toubiquitous computing by 2020. Royal Society (November 2008)


20/38

12

Lazy generation of canonical programs

Jason S. Reich, Matthew Naylor and Colin Runciman

Department of Computer Science, University of York, UK{jason,mfn,colin}@cs.york.ac.uk

Testing, when used effectively, can reveal a wide variety of programmingerrors. For the time invested in the implementation of testing, it can return alarge improvement in confidence of software correctness. For example, a suiteof programs is often used for verifying a compilers correct behaviour.

Property-based testing [1] is a lightweight but often highly effective formof verification. Under this scheme, properties are defined in the host languageas functions returning a Boolean value. A property-based testing library then

instantiates the arguments of these functions, searching for negative results.Unfortunately, it relies critically on the method used to generate test cases.

Compilers and related tools are frequently used to manage the complex-ity of software development. Any errors in the implementation of these toolscould propagate bugs through to output executables. Therefore, one couldverify the properties of compilers and minimise these risks, if a generator fortest source-programs can be defined.

Writing an effective program generator for property-based testing is typ-ically challenging because (1) the conditions for a valid program are quitecomplex, (2) a large number of programs are produced, and (3) many of theseprograms are only distinct for insignificant reasons.

The data generation technique available in Lazy SmallCheck [2] offers a

way to overcome these challenges. Lazy SmallCheck supports the lazy evalu-ation of constraining conditions on partially-defined test data. A single test forwhich a condition fails may allow a large family of cases to be pruned fromthe search space. A test for which a condition is undefined (because of thepartiality of data) drives a refinement of the test data at just the place where itis needed.

We describe experiments generating functional programs in a core first-order language with algebraic data types. Candidate programs are generatedfreely over a syntactic representation with positional names indexed by lazynatural numbers. Static conditions for program validity are defined quite sep-arately. So too are conditions for a program to be a canonical representative ofa large equivalence class. The goal is an exhaustive enumeration of all valid,

canonically representative programs up to some small but useful size.

Acknowledgements This research was supported, in part, by the EPSRC throughthe Large-Scale Complex IT Systems project, EP/F001096/1.


21/38

13

Bibliography

[1] Koen Claessen and John Hughes. QuickCheck: a lightweight tool for ran-dom testing of haskell programs. In Proceedings of the fifth ACM SIGPLANInternational Conference on Functional programming, ICFP 00, pages 268279.ACM, 2000.

[2] Colin Runciman, Matthew Naylor, and Fredrik Lindblad. SmallCheck andLazy SmallCheck: automatic exhaustive testing for small values. In Pro-ceedings of the first ACM SIGPLAN symposium on Haskell, Haskell 08, pages3748. ACM, 2008.


22/38

14

Optimising the Speed Limit: Improving Speed

Scaling by Limiting Maximum Processor Speed

Leon Atkins1

Department of Computer Science, University of Bristol

In 1995, the groundbreaking paper of Yao et al. [1] introduced the idea ofspeed scaling a processor in order to save energy. The concept was extended in[7] to the online flow time model we introduce here. In this model, a processorconsumes power at a rate of P(s) = s where > 1 is a fixed constant, usuallyaround 2 or 3 for current generation CMOS based processors[2]. Each job i isreleased at time ri, and has an associated processing requirement pi. The processor

runs at a speed s between 0 and , where the processor is able to process sunits of work in one unit of time. The goal is to select which job to work onfrom the set of released but uncompleted jobs and at what speed to run. Assuch, any algorithm will have two components: a job selection policy and aspeed scaling policy. The overall goal of the algorithm is to minimise the totalflow time plus energy used, where the flow time of a job Fi is the time betweenthe job being released (ri) and being completed (ci). Energy usage is definedas the integral of power with respect to time. The problem of minimising alinear combination of total flow plus energy can be viewed in an economicperspective as how much energy (and by extension, money), a user is willingto spend for an improvement of one unit of flow time.

The standard measure for success or failure of an online algorithm is com-

petitive analysis, where the performance of the online algorithm is measuredagainst an adversary who decides the job sizes and release schedule. The ad-versary is seen as choosing the release times and job sizes in order to exploitany weaknesses in the online algorithm, and because of this, competitive ana-lysis can be viewed as a worst-case measure.

In our work, we have created a simulator to explore real world perform-ance of speed scaling algorithms. With the advent of cloud computing servicessuch as Amazon EC2, the worst case of an algorithm is of less importance thanhaving a good average case, and making good use of standard resources. Byusing our simulator we can examine many different quality of service meas-ures of given algorithms when run on a real world dataset. In our testing, wehave used data made publicly available which represents a job execution trace

over a production Google cluster 1. This dataset gives us the details of pro-cesses over a seven hour period on this cluster. We have also sampled the datato create a second, smaller dataset with the same job size distribution.

1 http://code.google.com/p/googleclusterdata/
http://code.google.com/p/googleclusterdata/http://code.google.com/p/googleclusterdata/


23/38

15

The majority of previous work has focussed on optimising for the infin-ite maximum speed case, where the maximum speed of the processor is un-

limited, although some previous work on speed bounded processors can befound in [4]. Unbounded maximum speed processors are clearly unrealistic,and their use is a simplification to ease analysis. In our work we explore intel-ligently limiting the maximum processor speed in addition to speed scaling toimprove the real world performance of speed scaling algorithms.

Through simulation work on both the original Google dataset and our sim-ulated version of the dataset, we find that limiting the maximum speed of theprocessor can improve the performance of a speed scaling algorithm. Further-more, when speed limited, the best speed scaling algorithm may change. Mostinterestingly, in many cases a good flow/energy trade-off can be found simply

by limiting the maximum speed and running at this constant speed, withoutany speed scaling. This is of importance as changing the frequency and voltagein the real world has a time and energy penalty which is not accounted for ineither the theoretical literature, or the simulator.

Specifically, we show that when a server is underloaded, processors shoulduse a speed scaling algorithm that will increase in speed quickly when jobsarrive, but that the processor should be limited to a comparatively low max-imum speed. When the processor is becoming more overloaded however, theprocessor should use a speed scaling algorithm that increases in speed moreslowly when more jobs arrive but that the overall maximum speed should beraised. We show on our simulated Google data set, where we sampled jobsfrom the downloaded dataset, that the AJC speed scaler introduced in [5] wasthe best speed scaling algorithm in the unlimited case, but when we optimallylimit the maximum speed that the faster LAPS speed scaler [6] was better. Onthe original Google dataset, where job arrivals are overloaded, we find that the

AJC* speed scaling algorithm[5] is the best speed scaler in both the limitedand unlimited case, but that by limiting the maximum speed the total flowplus energy used can be improved significantly.

In our current work we are looking at creating a speed scaling algorithmusing these findings, speeding up and slowing down based on the rate ofarrivals. We are also looking at finding a way to set the maximum processorspeed to improve the overall flow plus energy used based on a knowledge ofthe arrival rate and job size distribution.

Bibliography

[1] F. Yao, A. Demers, and S. Shenker, A scheduling model for reduced CPUenergy, Proceedings of the 36th Annual Symposium on Foundations ofComputer Science (1995) pp. 374-382

[2] D. M. Brooks, P. Bose, S. E. Schuster, H. Jacobson, P. N. Kudva, A.Buyuktosunoglu, J.D. Wellman, V. Zyuban, M. Gupta, and P. W. Cook.


24/38

16

Power-aware microarchitecture: Design and modeling challenges for next-generation microprocessors. IEEE Micro, 20(6):2644, 2000.

[3] N. Bansal, T. Kimbrel, and K. Pruhs. Speed scaling to manage energy andtemperature. Journal of the ACM (2007) vol. 54 (1)[4] N. Bansal, H.L. Chan, T.W. Lam, and L.K. Lee. Scheduling for speed

bounded processors. Lecture Notes in Computer Science (2008) vol. 5125pp. 409-420

[5] T.W. Lam, L.K. Lee, I. To, and P. Wong. Speed scaling functions for flowtime scheduling based on active job count. ESA 08: Proceedings of the 16thannual European symposium on Algorithms (2008) pp. 647-659

[6] H.L Chan, J. Edmonds, T.W. Lam, L.K. Lee, A. Marchetti-Speccamela, andK. Pruhs. Nonclairvoyant speed scaling for flow and energy. Algorithmicapp. 1-11

[7] S. Albers and H. Fujiwara. Energy-efficient algorithms for flow time min-imization. ACM Transactions on Algorithms (TALG) (2007) vol. 3 (4) pp.49


25/38

Part II

Poster Abstracts


26/38


27/38

19

Securing offline integrity and provenance of virtual

machines

Mustafa Aydin

University of York, BT

[email protected]

Security is one of the main concerns of cloud computing users, with theisolation of virtual machines being a particular worry. Part of this uncertaintycomes from the ability to suspended, resume, copy, migrate, and roll backto previous states of virtual machines. Each of these provides new ways tocompromise and attack the integrity of virtual machines, and the data residingon them. With so many ways to attack virtual machines offline, there is a worry

about whether a resumed virtual machine can be trusted.Integrity measurements are able to provide uniquely identifiable measure-

ments of the state of a system by using trusted computing, a hardware chipkept seperate from the processor able to provide a unique digital signaturewhich only it has access to. Signing integrity measurements using this tech-nique can provide a higher level of trust when checking them at a later date.

In addition, this technique could be used to provide a history of a virtualmachine from its inception, providing a higher level of trust for those whorequire more knowledge about the each interaction a virtual machine has had.

A further aim would be to provide this through a cloud broker, an interme-diary who looks after the cloud services of a user on multiple cloud providers.This would enable the integrity measurements to be used even when migrating

to different services.By incorporating these techniques, the offline security of virtual machines

can be made more secure and its users can be given better guarantees thattheir security needs are being met on and offline.


28/38

20

Sleep Stage Classification in Rodents

Alex Fargus

University of York, Cybula Ltd.

[email protected]

Removed from published proceedings due to commercial sensitivity.


29/38

21

Cloud Objects: Programming the Cloud with

Data-Parallel, Multicast Objects

Julian Friedman

University of York

[email protected]

We describe our library, Cloud Objects, which allows Object-oriented pro-grams written in Java to be easily parallelised using Map/Reduce, with theaddition of simple, declarative annotations to the code.

We show that using Cloud Objects we can rewrite many data-intensiveprograms in a simple, readable, object-oriented manner, while maintainingthe performance and scalability of the Map/Reduce platform. The system has

been validated using a set of sample applications.


30/38

22

Control-theoretical approach for workflow

management

Hashem Ali Ghazzawi

The University of York, Computer Science Department, Real-Time Systems Group

[email protected]

Modern aerodynamic simulation techniques demand utilizing complex pro-cesses run on a range of computer resources. These complex processes includeworkflows of ever-growing complexity. These workflows represent simulation

jobs, where each job contains several tasks. There are dependencies betweenworkflows, and/or between jobs, and/or between tasks. Identifying and in-corporating the required computational power for these simulation jobs into

a dynamic computer platform on top of some end-user requirements suchas deadline/priority etc. forms a real-time and scheduling problem [1]. Lit-erature suggests looking for dynamic approaches that guarantee end-to-endtasks while maintaining good utilisation of the available compute resources[4]. Traditional scheduling approaches have some answers but lack adaptivityto sudden changes in, for instance, workload and CPU/memory etc. The au-thors initial work is based on Lus admission control [2]. A PID controller iscomposed of Proportional, Integral and Derivative parts. The main objective ofsuch controller is to minimise the system error in order to achieve the desiredperformance expressed as a function of time. In other words, it takes into con-sideration the current system error (the proportional part) along with the pasterror (the derivative part) and the rate of change (the integral part) [3]. There

was the need to adopt multi-CPU platform as well as incorporating multipleoptimisation objectives. Thus, model predictive (MPC) control was adoptedfor the current work. MPC features support for non-square non-linear multi-input multi-output (MIMO) systems. The controller predicts how much eachsystem output deviates from its set-point (desired value) within the predictionhorizon. It multiplies each deviation by the system outputs weight (i.e. wor-thiness in control computation), and computes the sum of squared deviationsaccordingly [3].

References

1. Hellerstein, J. L., Diao, Y., Parekh, S. and Tilbury, D. M. (2004). FeedbackControl of Computing Systems. John Wiley & Sons.

2. Lu, C., Stankovic, J. A., Tao, G. and Son, S. H. (1999). Design and Evaluationof a Feedback Control EDF Scheduling Algorithm. The 20th IEEE Real-Time Systems Symposium , 5667.

3. Ogata, K. (2001). Modern Control Engineering. 4th edition, Prentice HallPTR, Upper Saddle River, NJ, USA.


31/38

23

4. Sha, L., Abdelzaher, T., rzn, K.-E., Cervin, A., Baker, T., Burns, A., Buttazzo,G., Caccamo, M., Lehoczky, J. and Mok, A. K. (2004). Real Time Scheduling

Theory: A Historical Perspective. Real-Time Systems, 28, 101155.


32/38

24

Socio-technical Analysis of Enterprise-scale Systems

David Greenwood and Ian Sommerville

School of Computer Science, University of St Andrews, UK

[email protected]

www.dgreenwood.com

Understanding socio-technical issues and risk is particularly important tomanagers and engineers of enterprise systems. This is because their carefulmanagement reduces the likelihood of a system failing to deliver its intended

benefits. The principal aim of my research is to develop approaches to socio-technical analysis for enterprise systems. My thesis provides four key contri-

butions. Firstly that the notion of responsibility provides a suitable abstraction

for assessing the socio-technical dependability of coalitions-of-systems thatis systems whose continuing operation are dependent upon a coalition of tech-nical and organisational agents fulfilling obligations. The second contributionis that the notion of responsibility provides a suitable abstraction for repres-enting and understanding system deployment and adoption situations wherea human agents abilities to resist/conflict with a change need to be takeninto account. The third contribution is that responsibilities provide a suitablecomponent for an abstraction for troubleshooting problematic enterprise-scaleinformation systems. The fourth contribution is that responsibilities form partof a potentially highly scalable abstraction when used with techniques from so-cial network analysis. These techniques aid an analyst by indicating elementsthat may be important or complex in situations where the number of nodesand their interconnections are too large for a human to be able to analyse in atimely manner.
http://www.dgreenwood.com/http://www.dgreenwood.com/


33/38

25

The Cloud Adoption Toolkit

Ali Khajeh-Hosseini

University of St Andrews

[email protected]

www.cs.st-andrews.ac.uk/akh

Enterprises are interested in using public clouds, especially infrastructure-as-a-service (IaaS), because of its scalability, flexibility and apparent cheapness.However, unlike start-ups that develop systems from scratch, enterprises oftenhave to deal with so-called brownfield development where new systemshave to inter-operate with a range of existing systems. Decisions to migrateexisting systems to public IaaS clouds can be complicated as evaluating the

benefits, risks and costs of using cloud computing is far from straightforward.Organisational and socio-technical factors must also be considered during thedecision making process as the shift towards the cloud is likely to result innoticeable changes to how systems are developed and supported.

The St Andrews Cloud Computing Co-laboratory is developing the CloudAdoption Toolkit that aims to support decision makers using a collection ofimpartial tools:

1. Technology Suitability Analysis: is IaaS suitable for a given system?2. Benefits and Risks Assessment: what are the risks and benefits?3. Stakeholder Impact Analysis: how will it affect my organisation?4. Cost Modelling: how much will it cost?5. Service Pricing Analysis: how much should I charge for my computing

services if I deploy them on the cloud?

We are also investigating the use of private clouds and how such cloudscan be optimised for energy use.
http://www.cs.st-andrews.ac.uk/~akhhttp://www.cs.st-andrews.ac.uk/~akhhttp://www.cs.st-andrews.ac.uk/~akhhttp://www.cs.st-andrews.ac.uk/~akh


34/38

26

Stack usage analysis for large complex embedded

real-time systems

William Lunniss

University of York

[email protected]

As todays embedded real-time systems become increasing large and com-plex, it is becoming ever more difficult to manually verify that they functioncorrectly. In addition to timing and code coverage, systems that wish to com-ply with DO-178B or ISO 26262 must verify their memory and stack usage.This poster presents a measurement based stack analysis tool that can analysethe stack usage of a system. Rather than using static analysis, it analyses the

system running on the target hardware. The process to go from C, C++ or Adacode to a report is explained and an example report is shown. Limitations ofthe tool are noted and some further work to overcome these limitations aresuggested.


35/38

27

Examining the Relative Agreement model with

Clustered Populations

Michael Meadows


[email protected]

Following on from the corrections presented in (Meadows and Cliff 2011)of Deffuant et al.s Relative Agreement model of Opinion Dynamics (Def-fuant et al. 2002; Deffuant 2006), a further examination is presented of agentsinteraction when the population is not fully connected. The population has

been grown into a clustered arrangement using the Klemm-Eguluz algorithm(Klemm and Eguluz 2002) so that the specific effects of different population

structures can be examined in isolation. It was found that while the under-lying pattern of social conformity and convergences could be seen in manyof the various experiments, there exist a number of parameters that can sig-nificantly alter a populations susceptibility to external influences. Examplesof these variations are presented in this poster along with a discussion as tothe causes behind the variances and their corresponding real-world situationswith ways in which this research could be applied to various situations.


36/38

28

Techniques for Learning the Parameters of QoS

Engineering Models

Yasmin Rafiq

Aston University

[email protected]

Computer systems are increasingly important in modern society. They arewidely used in critical applications in areas ranging from banking and fin-ance to healthcare and government. The likely consequence of failures in suchapplications vary from financial loss to loss of human life. As a result, signi-ficant research has focused on monitoring, modelling, analysing and verifyingthe compliance of computer systems and of their components with their func-

tional and non-functional requirements. Many of the formalisms proposed bythis research are targeted at the analysis of quality-of-service (QoS) proper-ties of computer systems such as reliability, performance and resource usage.Nevertheless, the effectiveness of such analysis depends on the accuracy ofthe models used in the analysis. Building accurate formal models of computersystems is a great challenge for two reasons. First, the necessary knowledgemay not be available until very late in the lifecycle of the system. Second, com-puter systems are increasingly used in applications characterised by continualchange in workload, objectives and environment, so models are often renderedobsolete as the system evolves.

Our research addresses this key challenge by developing a set of rigor-ous approaches for the online learning of the models used in the analysis

of QoS properties of computer systems based on observations of their beha-viour. In particular, the project proposes a broad range of new algorithms forlearning and updating the parameters of several types of Markovian mod-els and queueing networks used in QoS engineering for computer systems.This includes discrete-time Markov models (used to model reliability prop-erties of computer systems), continuous-time Markov models and queueingnetworks(both used to model performance-related properties).


37/38

29

Dynamic Energy Footprinting of Online Media

Services

Daniel Schien, Chris Preist, Paul Shabajee and Mike Yearworth


[email protected]

http://sympact.bris.ac.uk

Energy consumption of digital media services in the Internet has previ-ously been assessed based on assumptions of average use patterns and powerdraw of devices. Existing estimations either vastly overestimate service powerconsumption or only consider certain subsystems. With increasing popularityof these services also grows the need for models which accurately assess the

power consumption for their provision.We present a dynamic modelling approach based on real-time measure-

ments at datacentre servers, the network infrastructure and the end user devices.

For the servers we allocate power consumption based on customer de-mand.

For the network we estimate power consumption based on the networkdistance in hops.

For the end user devices we approximate power consumption based onthe device class.

We find that each subsystem (server, network or consumer device) can havethe most significant power draw depending on the type of service, location in

the network or consumer device.Our method can serve to corroborate previous results and in the future

design of more energy efficient digital services. We recommend better report-ing of power consumption for services. Our assessment method can act as aguideline for the development of such standards.
http://sympact.bris.ac.uk/http://sympact.bris.ac.uk/


38/38

30

Continuous dynamics of automated algorithmic

trading

Charlotte Szostek


[email protected]

Automated trading in global financial markets has systemic level impacts.The need to understand these impacts (for example the flash crash) callsattention to the possibilities and limitations of modeling financial markets asa system. This project explores the capabilities of novel methods to illuminatethe dynamics of heterogeneous financial markets, that is those populated by

both human and automated trading agents.

Our research hypothesis is that this human-automation heterogeneity alsoleads to different market dynamics in a broader sense. Continuous-time math-ematical foundations are an appropriate method of describing heterogeneous-agent populated market at a microsecond resolution.

This research is aimed at understanding the impact of algorithms in thefinancial market system. Adaption of existing algorithm descriptions couldallows the use of traditional continuous analysis. This work asks what cananalysis of a continuously described system contribute to our understandingof global financial markets?

Although established algorithms requires significant interpretation and dis-section, it is possible to produce a continuous system that can be validatedfrom the discrete system. This is achieved by building a validation model. This

validation provides a solid grounding for continuous system analysis.

Documents

Proceedings of the Third Large Scale Complex IT Systems Postgraduate Workshop