• No results found

Leroʼs Vision for a Competence Centre in Cloud Computing 1

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Leroʼs Vision for a Competence Centre in Cloud Computing 1"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

Lero

ʼ

s Vision for a Competence

Centre in Cloud Computing

1

Executive Summary

This white paper outlines some core challenges for Cloud Computing and shows how our strengths and experience could be used to address them. We stress the importance of acting now and outline the medium and long-term impact that a new Competence Centre in Cloud Computing could have on the national IT landscape.

Why Cloud now?

The dependence of organisations on IT has increased steadily in the last 50 years and continues to do so. As a result, the provision of the IT expertise and infrastructure necessary to support organisations is a growing challenge. The costs of providing that IT capability have been increasing, despite the improving cost/performance curve of hardware. Cloud Computing2 is characterised as providing the illusion of infinite computing resources available on demand, the elimination of an upfront commitment by users, and the ability to pay for use of computing resources on a short-term basis as needed. Cloud offers a way of providing a high-quality IT capability at lower cost and makes high-level capability available to smaller organisations for the first time.

Strategic Impact

Although much of the technology that makes Cloud Computing possible has been available for some time, only recently have we seen a large migration of applications and services to the Cloud. Some of the early barriers to adoption were related to the availability of fast network connections to massive computing resources. These barriers are being overcome by many companies, including Amazon, Microsoft, IBM, and Google, who have invested heavily in building data centres with the required hardware and networking capacity. Simultaneously Cloud providers have been writing software that enables clients and customers to utilise these resources. It is primarily these factors that have fuelled this rapid adoption to-date. However, there are still a number of barriers to more widespread adoption: the ability of Cloud providers to offer better assurances about reliability, security, privacy, and data integrity; the ability of providers to scale elastically and manage their hardware resources more cost-efficiently; and tools, APIs, and standards that lower the cost of deployment, migration, and administration of software to the Cloud. We believe that a new research agenda, focussed on improving the Cloud Computing software infrastructure can best address these challenges.

1 Lorcan Coyle, Lero-the Irish Software Engineering Research Centre, University of Limerick, [email protected]

2 We follow Berkeleyʼs view of Cloud Computing, from Armbrust et al., Above the Clouds: a Berkeley View of Cloud Computing. Technical Report No. UCB/ EECS-2009-28, University of California at Berkeley.

(2)

Lero seeks to provide Irish-based companies a competitive advantage in Cloud Computing through access to expertise and research outputs in the area. In the medium term, these will address issues identified by existing companies in Ireland; in the longer term, commercialisation of research through IP licensing and spinouts will enable new Irish businesses to provide new products and services to global customers.

Our Vision for Cloud Computing

Goodbody carried out a recent study3 of the economic opportunity that Cloud Computing presents for Ireland. Among their key findings was that, “[Cloud turns] computing [into] an

operating cost rather than a capital cost” and that, “Business will no longer have to raise

money to invest in capital equipment for IT”. They believe that Cloud could result in the formation of up to 2,000 additional non-IT small and medium sized businesses. Even though these businesses will conduct a large portion of their business electronically they will need to minimise their IT overhead. Already we are seeing Cloud providers selling access to software, which is administered centrally. Future savings will be derived from deploying techniques that allow clients to customise and administer their software to use the underlying Cloud infrastructure easier, leading to lower maintenance costs.

Goodbody identified a number of specific quality benefits to the user, which we list in the table below, with a commentary showing our interpretation of the research challenges that will enable these benefits to be realised.

Quality Benefit Commentary

Applications will always be kept up to date for all users. Updating software can be a significant burden on the ICT staff of a small or medium enterprise.

Advances that enable applications to be kept up to date more efficiently, and more reliably (i.e., without failure, or without introducing new faults) will be a key value proposition. Leroʼs focus on Evolving

Critical Systems is highly aligned to this goal. We are dedicated to the

invention and development of new techniques, methodologies, and tools needed to design, implement, and maintain critical software systems that evolve successfully without degradation of dependability. This requirement is highly complementary to successful software deployed in the Cloud.

(3)

Quality Benefit Commentary Security and data protection technology and procedures will be state of the art. Virus controls will be of the highest standards, and will be kept updated. Backup and disaster recovery precautions will be carried out to the highest standards by specialists.

One of the key characteristics of Cloud Computing is that is it a multi-tenancy collaborative environment, i.e., that multiple users share the same underlying infrastructure. This raises important challenges relating to policing the boundaries between different tenants and between different parts of the infrastructural environment.

Many serious breaches in software security occur as a result of zero-day vulnerabilities, whereby attackers are aware of vulnerabilities before the developers of the software (and its clients). The public perception of security in the Cloud will only improve if providers can prove their ability to keep ahead of attackers. Careful monitoring of the usage of services to identify unusual behaviour may serve to reduce the length of the vulnerability window and the opportunity for harm to be inflicted. Self-protecting techniques could be applied to allow software identify these vulnerabilities quickly and protect itself – by shutting down or restricting the vulnerable services. Cloud Computing allows all users to benefit from the umbrella of protection offered by the provider – when a vulnerability is fixed all users benefit immediately.

Problems in this space come under the broader topic of Assurance and Governance. If governments and large corporate entities are going to delegate the operation of their computing infrastructure and management of their data to a third party operator then that operator will have to offer cast-iron guarantees. These guarantees must involve both technical guarantees (e.g., availability, reliability, throughput) and legal guarantees far beyond the typical model whereby services are typically offered “as-is” and without liability to the provider.

Maintenance and support can be provided centrally.

Deployment of software in the Cloud enables software providers to understand more quickly how its users are interacting with the software. By monitoring usage centrally, at runtime, service providers can respond to changing customer requirements in a more proactive fashion. The ability to do this depends on the development of new monitoring and user-modelling approaches. As software becomes more autonomous, capable of reconfiguring itself at runtime, more of the maintenance process can be automated.

To maximise these benefits, a number of fundamental software engineering research challenges stand in the way. Software will have to become more autonomous – capable of monitoring its performance and adapting itself to use the available Cloud resources most cost-effectively. The Cloud infrastructure should be capable of recognising when client software is not performing optimally and diagnosing the reasons why – whether it is due to increased load of legitimate or malicious use, or whether through software failure. Owing to the significant energy load associated with running a Cloud there is considerable value to the development of novel self-managing algorithms that improve the efficiency of the overall Cloud infrastructure – further increasing the incentive to migrate services to the Cloud.

Lero is already addressing many of the challenges of Cloud Computing that are highly applicable, e.g., autonomous systems, software reliability, distributed systems, and parallel computing. In the following subsections we identify some specific research contributions

(4)

that we believe a national Competence Centre in Cloud Computing should seek to address.

Governance, Assurance, Trust, Privacy, and Security in the Cloud

The fact that different Cloud models exist: public, private, hybrid, or community Clouds is in no small way a reflection of the level of control the users of a Cloud infrastructure (whether an organisation or government) want to have over their data and the infrastructure on which it resides. This desire for control is rooted in the trust that the user has in the Cloud providerʼs ability to protect their data. Likewise the full provenance of data should be available a customer should be able to ask where her data is stored, where computation is performed, who has access, and who is accessing it. It should be possible to collect and store provenance information in a standard manner and without excessive overhead. Effective provenance management will make it easier to ensure that private data, remains so, even to the extent of stipulating where data can be physically stored. This is particularly important when organisations are migrating data or services from private infrastructure (e.g., corporate data centres or private Clouds) to public Clouds. Governance in the Cloud is central. Clients and customers need assurance that their policies are supported and enforced. Ideally, Cloud providers should provide customisable policy options that clients can use to define their own policies. These policies must be integrated into SLAs that can be enforced from end-to-end. The overhead for the client in understanding, generating, and maintaining the acceptability of these policies should be minimised.

More Efficient Clouds – Adapting to Resource Demand

The cost of providing power and cooling infrastructure to a data centre is estimated by Microsoft at nearly 50% of the total (see Fig below4). They claim that as server costs drop and power becomes more expensive, power will dominate other costs. Therefore any efficiency that can be gained in power consumption will offer competitive advantage to the Cloud provider.

Power consumption can be reduced either by using more power-efficient hardware or by improving the software that manages the available infrastructure. At a global scale, it might even be economical to migrate computation to a different data centre to benefit from differential power and cooling costs. When selling computing resources for the execution of a job with a well-defined compute load this might be a trivial problem, which could be addressed directly in the service level agreement. However many client applications will vary their requirements in response to activities that occur outside the Cloud infrastructure,

(5)

e.g., due to customer demand. The ability of Cloud infrastructure to respond efficiently to highly elastic, bursty resource demand will be a significant competitive advantage to in such scenarios. This is particularly important if new resources need to be provisioned quickly, e.g., on AWS it typically takes minutes rather than seconds to spin-up new images and due to the typical pay-by-hour payment structure spin-down times are whatever portion of the billing hour remains (i.e., 30 mins on average).

As more human-centric applications are migrated to the Cloud, with new interaction modalities, we can expect the elasticity of demand to increase significantly, and in ways that might be difficult to model. Comparisons with other utilities might be relevant, for example, electricity suppliers need to plan for massive spikes in electricity (e.g., providing redundant supply in anticipation of millions of electrical appliances being switched on within a minute of the finish of a major televised sporting event). Cloud providers need to be able to scale up the resources they offer very quickly – and automatically. Timing is critical if efficiencies are to be maximised – humans are not capable of responding quickly enough to make those second-by-second decisions. Automated services could make decisions about resource assignment, based on performance observations or estimations. Accurate and non-intrusive performance monitoring would therefore contribute to better decision making regarding cloud resource management. The deployment of novel

intelligent modelling approaches and learning algorithms that are highly responsive will be

key to success.

Dynamic Pricing of Resources to Clients – Adapting to Resource Supply

While the Cloud infrastructure must match the demands of its clients, the demand of these clients might be price-sensitive. Clients might have services that require a speedy response, and therefore might put a premium on the ability of the Cloud infrastructure to satisfy this demand – examples

might include requests for web services, which might need to be satisfied in milliseconds. However, other services might be less timec r i t i timec a l , e . g . , a l a r g e b a t timec h -computation job, which could be satisfied in minutes, or a much larger computation job that could be satisfied in hours – e.g., daily reporting, which could be performed overnight. If the Cloud infrastructure can determine the characteristics of these requests it can better balance the supply of resources over time. To enable this, the Cloud must be able to monitor its overall resource availability effectively and auction the spare capacity to its clients. With cost models available, and innovative SLAs, Cloud clients could benefit from the ability to tune their software, scaling their demand to benefit from the best costing

available. Advances in control theory and cross-layer performance analysis and

(6)

communicate with each other and with the Cloud at runtime to bid for resource provision. To benefit from this scenario, client software should be capable of adapting itself at runtime to maximise the benefit from the available supply.

Understanding Hardware Utilisation in the Cloud – Managing Cloud Infrastructure Understanding critical system hardware utilisation is a difficult challenge for cloud computing providers. Over-utilisation of systems leads to performance degradation and accurate measurements of utilisation are essential for estimating business costs and future investment requirements.

There is currently no automated standard solution for understanding whether current hardware resources are being utilised efficiently such that current resource utilisation can be maximised and potential investment in further hardware resources reduced. This is particularly problematic for the Cloud, where accurate resource planning is required. Similarly, there is a need to monitor customer resource usage such that service charges/ invoices can be sent to customers. Currently cloud providers use in-house solutions for monitoring this information. Current approaches also do not allow for real time billing information for customers of cloud providers, which is a major issue for organisations trying to track day to day costs.

Self-Diagnosis and Self-Healing in the Cloud

Because of the complex architecture and resource management inherent to Clouds, diagnosing faults and rapidly reacting to them is a very challenging task. Accurate and fast diagnosis makes it possible to limit service unavailability and determine responsibilities whenever different components are interacting. Autonomic Computing techniques offer means for system adaptation through enabling software to self-diagnose and self-heal. To date work on this topic has considered architectural adaptation, which relies on some underlying architectural flexibility. Software that resides in the Cloud is an ideal candidate for application of this approach as such flexibility is built into the Cloud infrastructure. Moreover, some self-healing approaches are inherited from the area of fault-tolerant systems, where hardware and software redundancy may be introduced. As Clouds inherently possess hardware and software redundancies, fault-tolerant techniques that take advantage of this can be applied to improve software service reliability.

Mobile Cloud Computing – Expanding the Cloud Beyond the Data Centre

The vision for Cloud computing also incorporates mobile and embedded devices, both from the perspective of leveraging the power of such devices to enhance the Cloudʼs capabilities, and from the perspective of service provisioning to mobile users. Typical Cloud computing environments are large-scale and proprietary to service providers such as IBM, Amazon, Google and Microsoft. However, the broader vision of cloud computing is more flexible than these models, predicting capabilities whereby general users, including mobile ones, can participate in the cloud as a provider of resources. In doing this, computation might be distributed through a mobile Cloud, in much the same way that SETI@home distributes its load across client computers. This has applications in ad hoc communities, such as those that arise in disaster recovery scenarios. In order to realise the implementation of a cloud model incorporating mobile users' devices, significant challenges arise in the design and implementation of, for example join/leave mechanisms, payment models, and usage models. Where mobile users are clients of the Cloud with requirements to discover and use its services, challenges relating to service-oriented computing for mobile users, such as timely, dynamic adaptation of the client device, and location/context management are applicable in the Cloud model.

(7)

Lero

ʼ

s Competency Leaders in Cloud

As the Irish Software Engineering Research Centre, we feel we can make a high-impact contribution to a national Competence Centre in Cloud Computing. We have identified Cloud Computing as a core competency and many of our research strengths are focused in areas that are germane to the challenges of Cloud computing, e.g., in software engineering of reliable software systems, self-managing software, privacy, trust, and security, performance engineering, and service-oriented computing. Leroʼs team includes a diverse team of researchers with the strength to tackle a multifaceted area like Cloud Computing, including:

• Dr. Nour Ali (University of Limerick): Service-Oriented Architectural Models • Dr. Goetz Botterweck (University of Limerick): Model Driven Engineering • Prof. Vinny Cahill (Trinity College Dublin): Autonomic Software Systems • Dr. Siobhán Clarke (Trinity College Dublin): Service-Oriented Computing

• Dr. Lorcan Coyle (University of Limerick): Machine Learning for Self-Managing Software • Dr. Jonathan Dukes (Trinity College Dublin): Resource management and Stream

Processing

• Dr. Benoit Gaudin (University of Limerick): Control Theory for Self-Managing Software • Prof. Mike Hinchey (University of Limerick): Autonomic Software Systems

• Dr. René Meier (Trinity College Dublin): Service Oriented Computing • Prof. John Murphy (University College Dublin): Performance Engineering • Prof. Liam Murphy (University College Dublin): Performance Engineering • Prof. Bashar Nuseibeh (University of Limerick): Privacy, Trust, and Security

• Dr. David O'Callaghan (Trinity College Dublin): Distributed Computing Infrastructures • Dr. Rory O'Connor (Dublin City University): Assurance Standards for Cloud

• Dr. Inah Omoronyia (University of Limerick): Privacy in the Cloud

• Dr. Claus Pahl (Dublin City University): Governance in Mediated Cloud Architectures • Dr. Mazeiar Salehie (University of Limerick): Cloud Security

• Dr. Carlos Solis (University of Limerick): Cloud Coordination

References

Download now ( PDF - 7 Page - 327.96 KB )

Related documents

Sweep Net Recapture of Marked Lygus hesperus Knight (Hemiptera: Miridae) Adults After Different Release Times in Cotton

To examine if the higher sweep net recapture of marked bugs from rows with different release times could be explained by predation, a separate analysis was conducted on sweep

Application Model of Knowledge Management Training Implementation

Successful Deployment Model and Successful Implementation of Knowledge Management System Training: Standard Factor of Human Resource Variables, Knowledge Process,

Accuracy of AVS Life Expectancy Reports

We are able to conclude that Life Equity LLC can assume to pay an additional 2.634 years, or 31.603 months, of premium payments when an insured’s primary impairment is cancer..

Respiratory muscle strength is not decreased in patients undergoing cardiac surgery

Preoperative respiratory dysfunction has been shown to prolong postoperative mechanical ventilation after heart valve surgery and impaired respiratory muscle strength has been

KIFCI, a novel putative prognostic biomarker for ovarian adenocarcinomas: delineating protein interaction networks and signaling circuitries

We speculate that the primary tumor expressed KIFC1 to a high enough level to cause epithelial to mesenchymal transition (EMT) that marks the beginning of the metastatic jour-

Local Fictionality within Global Nonfiction: Roz Chast's Why Can't We Talk about Something More Pleasant?

Furthermore, rhetorical theory believes that attending to fictionality adds an important layer to our understanding of the relation between fiction and nonfiction, be- cause

The Proteomic Response of Gill Tissue in Tidally and Subtidally-Acclimated California Mussels, Mytilus californianus, to Acute Emersion-Induced Anoxia

Gill can act as an informative tissue for determining the effects of anoxia on energy metabolism proteins (Tomanek, 2008) and has already been used in numerous studies

Validation Date: 29/11/2013. Ratified Date: 14/01/2014. Review dates may alter if any significant changes are made

Where the complainant wishes to make a formal complaint, staff should ensure that they give them the appropriate complaints leaflet and support and that the Patient