Inter-Disciplinary Research Challenges in Computer Systems for the 2020s
Albert CohenXipeng ShenJosep TorrellasJames TuckYuanyuan ZhouSarita V. Adveİsmail AktürkSaurabh BagchiRajeev BalasubramonianRajkishore BarikMicah BeckRas BodikAli R. ButtLuís CezeHaibo ChenYiran ChenTrishul ChilimbiMihai ChristodorescuJohn CriswellChen DingYufei DingSandhya DwarkadasErik ElmrothPhil GibbonsXiaochen GuoRajesh K. GuptaGernot HeiserHank HoffmanJian HuangHillery C. HunterJohn KimSam KingJames R. LarusChen LiuShan LuBrandon LuciaSaeed MalekiSomnath MazumdarIulian NeamtiuKeshav PingaliPaolo RechMichael L. ScottYan SolihinDawn SongJakub SzeferDan TsafrirBhuvan UrgaonkarMarilyn WolfYuan XieJishen ZhaoLin ZhongYuhao Zhu
14
Citation
81
Reference
20
Related Paper
Citation Trend
Abstract:
The broad landscape of new technologies currently being explored makes the current times very exciting for computer systems research. The community is actively researching an extensive set of topics, ranging from the small (e.g., energy-independent embedded devices) to the large (e.g., brain-scale deep learning), simultaneously addressing technology discontinuities (End of Moore's Law and EnergyWall), new challenges in security and privacy, and the rise of artificial intelligence (AI).
While industry is applying some of these technologies, its efforts are necessarily focused on only a few areas, and on relatively short-term horizons. This offers academic researchers the opportunity to attack the problems with a broader and longer-term view. Further, in recent times, the computer systems community has started to pay increasing attention to non-performance measures, such as security, complexity, and power. To make progress in this multi-objective world, the composition of research teams needs to change. Teams have to become inter-disciplinary, enabling the flow of ideas across computing fields.
While many research directions are interesting, this report outlines a few high-priority areas where inter-disciplinary research is likely to have a high payoff:
a) Developing the components for a usable planet-scale Internet of Things (IoT), with provably energy-efficient devices. This report envisions a highly-available, geographically distributed, heterogeneous large-scale IoT system with the same efficiency, maintainability, and usability as today's data centers. This planet-scale IoT will be populated by many computationally-sophisticated IoT devices that are ultra-low power and operate energy-independently.
b) Rethinking the hardware-software security contract in the age of AI. In light of the recent security vulnerabilities, this report argues for building hardware abstractions that communicate security guarantees, and for allowing software to communicate its security and privacy requirements to the hardware. Further, security and privacy mechanisms should be integrated into the disruptive emerging technologies that support AI.
c) Making AI a truly dependable technology that is usable by all the citizens in all settings. As AI frameworks automate an increasing number of critical operations, this report argues for end-to-end dependable AI, where both the hardware and the software are understood and verified. Further, AI needs to turn from a centralized tool into a capability easily usable by all the citizens in all settings to meet an ever expanding range of needs.
d) Developing solutions to tackle extreme complexity, possibly based on formal methods. This report argues for the need to tame the explosion of system complexity and heterogeneity by creating new abstractions and complexity-management solutions. Such solutions need to be accessible to domain experts. An important step towards this goal is to scale out and extend formal methods for the real world.
This report also describes other, related research challenges.Keywords:
USable
Discipline
Cite
In a world of pervasive computing, embedded systems can be found in a wide range of products and are employed in various heterogeneous domains. The abovementioned devices often need to access, store, manipulate and/or communicate sensitive or even critical information, making the security of their resources and services an important concern in their design process. These issues are further exacerbated by the resource-constrained nature of the devices, in conjunction with the ever-present need for smaller size and lower production costs. This paper aims to provide an overview of the challenges in designing secure embedded systems, covering both node hardware and software issues, as well as relevant network protocols and cryptographic algorithms. Moreover, recent advances in the field are identified, highlighting opportunities for future research.
Cite
Citations (0)
Indisputable, security and interoperability play major concerns in Internet of Things (IoT) architectures and applications. In this paper, however, we emphasize the role and importance of performance and scalability as additional, crucial aspects in planning and building sustainable IoT solutions. IoT architectures are complicated system-of-systems that include different developer roles, development processes, organizational units, and a multilateral governance. Its performance is often neglected during development but becomes a major concern at the end of development and results in supplemental efforts, costs, and refactoring. It should not be relied on linearly scaling for such systems only by using up-to-date technologies that may promote such behavior. Furthermore, different security or interoperability choices also have a considerable impact on performance and may result in unforeseen trade-offs. Therefore, we propose and pursue the vision of a model-driven approach to predict and evaluate the performance of IoT architectures early in the system lifecylce in order to guarantee efficient and scalable systems reaching from sensors to business applications.
Code refactoring
Cite
Citations (2)
Isolation
Cite
Citations (16)
With the introduction of networking into telemetry applications, these systems have become increasingly complex. This imposes significant strain on information security for architecture designs. It has been recognized that an organized or structured approach to developing security architectures is needed. Several enterprise architecture frameworks are available today that address system complexity. However they fall short of addressing security at a high enough level in the enterprise and address security too late in the design process. In this paper a methodology is proposed that bridges the gap between security requirements and architecture design development at the enterprise level. This approach is consistent with and traceable to the original needs of the customer. This paper introduces a systems engineering approach to develop an enterprise level methodology, and presents a worked example of this approach for the integrated Network Enhanced Telemetry system. INTRODUCTION The complex nature of computer and network systems requires an organized approach to addressing network security. Several system of system (SoS) and enterprise architecture tools are available today that address system complexity, however security is hidden in the architecture and is not addressed early enough in the design process. This often leads to an information security design that is not a complete solution. This leads to holes and inconsistencies in the security architecture design. Most of the systems tools which address risk and uncertainties in the system use Bayesian theory which requires prior historical data and knowledge to obtain probability information for risk assessment. This information may not be available for the new complex systems of today. This paper addresses the complexity of information security in SoS engineering. It especially focuses on using tools and techniques that help to properly characterize information security
Cite
Citations (1)
Abstract : This technical note examines some of the complexities of interoperability and some recent research approaches to achieving it. There are many reasons why achieving interoperability between complex, heterogeneous systems is difficult. These include the problem of semantics; the differences between hardware and software; the difference between bounded and unbounded software systems; the need for trust, trustworthiness, and security in software systems; and the difficulty of quantifying interoperability. Many research efforts currently underway are aimed at finding improvements in both technologies and procedures to achieving interoperability more easily. These efforts include work in ontologies, service-oriented architectures, emergent methods, and new approaches to security. While these efforts show many signs of promise, a considerable amount of work will be needed to bring these to a mature state.
Cite
Citations (24)
The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Geographically dispersed real and virtual infrastructures, services and resources are the elementary components of such processes within large-scale, massively interconnected systems of systems. However, this evolving environment also enables new threats and scales up the risks of financial and also physical impact. Elevating dependability of applications in this ambient environment requires the monitoring of a system's operation using process information. Analysis of this information with respect to security and dependability aspects is growing in complexity with the increase in functionality, connectivity, and dynamics of current information technology and industrial control systems. To tackle this complexity, the application of models is becoming standard practice. Considering today's frequent changes to processes, model-based support for security and dependability analysis is not only needed in pre-operational phases but also at runtime.
Scope (computer science)
Cite
Citations (2)
Building large systems by composing reusable services is not a new idea, it is at least 25 years old. Still, only recently the scenario of dynamic interchangeable services that are consumed via public networks is becoming reality. Following the Software as a Service (Saas) paradigm, an increasing number of complex applications is offered as a service that themselves can be used composed for building even larger and more complex applications. This will lead to situations in which users are likely to unknowingly consume services in a dynamic and ad hoc manner.Leaving the rather static (and mostly on-premise) service composition scenarios of the past 25 years behind us, dynamic service compositions, have not only the potential to transform the software industry from a business perspective, they also requires new approaches for addressing the security, trustworthiness needs of users.The EU FP7 project Aniketos develops new technology, methods, tools and security services that support the design-time creation and run-time dynamic behaviour of dynamic service compositions, addressing service developers, service providers and service end users.In this talk, we will motivate several security and trustworthiness requirements that occur in dynamic service compositions and discuss the solutions developed within the project Aniketos. Based on our experiences, we will discuss open research challenges and potential opportunities for potential opportunities for applying type systems.
Cite
Citations (0)
Due to the advancement in the technology, hype of connected devices (hence forth referred to as IoT) in support of automating the functionality of many domains, be it intelligent manufacturing or smart homes, have become a reality. However, with the proliferation of such connected and interconnected devices, efficiently and effectively managing networks manually becomes an impractical, if not an impossible task. This is because devices have their own obligations and prohibitions in context, and humans are not equip to maintain a bird's-eye-view of the state. Traditionally, policies are used to address the issue, but in the IoT arena, one requires a policy framework in which the language can provide sufficient amount of expressiveness along with efficient reasoning procedures to automate the management. In this work we present our initial work into creating a scalable knowledge-based policy framework for IoT and demonstrate its applicability through a smart home application.
Cite
Citations (2)
How to solve security issues and problems arising in distributed systems. Security is one of the leading concerns in developing dependable distributed systems of today, since the integration of different components in a distributed manner creates new security problems and issues. Service oriented architectures, the Web, grid computing and virtualization form the backbone of todays distributed systems. A lens to security issues in distributed systems is best provided via deeper exploration of security concerns and solutions in these technologies. Distributed Systems Security provides a holistic insight into current security issues, processes, and solutions, and maps out future directions in the context of todays distributed systems. This insight is elucidated by modeling of modern day distributed systems using a four-tier logical model host layer, infrastructure layer, application layer, and service layer (bottom to top). The authors provide an in-depth coverage of security threats and issues across these tiers. Additionally the authors describe the approaches required for efficient security engineering, alongside exploring how existing solutions can be leveraged or enhanced to proactively meet the dynamic needs of security for the next-generation distributed systems. The practical issues thereof are reinforced via practical case studies. Distributed Systems Security: Presents an overview of distributed systems security issues, including threats, trends, standards and solutions. Discusses threats and vulnerabilities in different layers namely the host, infrastructure, application, and service layer to provide a holistic and practical, contemporary view of enterprise architectures. Provides practical insights into developing current-day distributed systems security using realistic case studies. This book will be of invaluable interest to software engineers, developers, network professionals and technical/enterprise architects working in the field of distributed systems security. Managers and CIOs, researchers and advanced students will also find this book insightful.
Security engineering
Cite
Citations (35)
In the upcoming General Data Protection Regulation (GDPR), privacy by design and privacy impact assessments are given an even more prominent role than before. It is now required that companies build privacy into the core of their technical products. Recently, researchers and industry players have proposed employing threat modeling methods, traditionally used in security engineering, as a way to bridge these two GDPR requirements in the process of engineering systems. Threat modeling, however, typically assumes a waterfall process and monolithic design, assumptions that are disrupted with the popularization of Agile methodologies and Service Oriented Architectures. Moreover, agile service environments make it easier to address some privacy problems, while complicating others. To date, the challenges of applying threat modeling for privacy in agile service environments remain understudied. This paper sets out to expose and analyze this gap. Specifically, we analyze what challenges and opportunities the shifts in software engineering practice introduce into traditional Threat Modeling activities; how they relate to the different Privacy Goals; and what Agile principles and Service properties have an impact on them. Our results show that both agile and services make the end-toend analysis of applications more difficult. At the same time, the former allows for more efficient communications and iterative progress, while the latter enables the parallelization of tasks and the documentation of some architecture decisions. Additionally, we open a new research avenue pointing to Amazon Macie as an example of Machine Learning applications that aim to provide a solution to the scalability and usability of Privacy Threat Modeling processes.
Threat model
Cite
Citations (20)