Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 5150 1 CS 5150 Software Engineering Lecture 24 Reliability 4.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 5150 1 CS 5150 Software Engineering Lecture 24 Reliability 4."— Presentation transcript:

1 CS 5150 1 CS 5150 Software Engineering Lecture 24 Reliability 4

2 CS 5150 2 Administration Quiz 4 Thursday, April 23

3 CS 5150 3 Security in the Software Development Process The security goal The security goal is to make sure that the agents (people or external systems) who interact with a computer system, its data, and its resources, are those that the owner of the system would wish to have such interactions. Security considerations need to be part of the entire software development process. They may have a major impact on the architecture chosen. Example. Integration of Internet Explorer into Windows

4 CS 5150 4 Agents and Components A large system will have many agents and components: each is potentially unreliable and insecure components acquired from third parties may have unknown security problems commercial off-the-shelf (COTS) problem The software development challenge: develop secure and reliable components protect whole system so that security problems in parts of it do not spread to the entire system

5 CS 5150 5 Techniques: Barriers Place barriers that separate parts of a complex system: Isolate components, e.g., do not connect a computer to a network Firewalls Require authentication to access certain systems or parts of systems Every barrier imposes restrictions on permitted uses of the system Barriers are most effective when the system can be divided into subsystems with simple boundaries

6 CS 5150 6 Techniques: Authentication & Authorization Authentication establishes the identity of an agent: What does the agent know (e.g., password)? What does the agent possess (e.g., smart card)? Where does the agent have physical access to (e.g., crt-alt-del)? What are the physical properties of the agent (e.g., fingerprint)? Authorization establishes what an authenticated agent may do: Access control lists Group membership

7 CS 5150 7 Example: An Access Model for Digital Content Digital material Attributes User Roles Actions Operations Access Policies

8 CS 5150 8 Techniques: Encryption Allows data to be stored and transmitted securely, even when the bits are viewed by unauthorized agents Private key and public key Digital signatures Encryption Decryption X Y Y X

9 CS 5150 9 Security and People People are intrinsically insecure: Careless (e.g, leave computers logged on, use simple passwords, leave passwords where others can read them) Dishonest (e.g., stealing from financial systems) Malicious (e.g., denial of service attack) Many security problems come from inside the organization: In a large organization, there will be some disgruntled and dishonest employees Security relies on trusted individuals. What if they are dishonest?

10 CS 5150 10 Design for Security: People Make it easy for responsible people to use the system (e.g., make security procedures simple) Make it hard for dishonest or careless people (e.g., password management) Train people in responsible behavior Test the security of the system thoroughly and repeatedly, particularly after changes Do not hide violations

11 CS 5150 11 Programming Secure Software Programs that interface with the outside world (e.g., Web sites) need to be written in a manner that resists intrusion. For the top 25 programming errors, see: Common Weakness Evaluation: A Community-Developed Dictionary of Software Weakness Types. http://cwe.mitre.org/top25/ Insecure Interaction Between Components Risky Resource Management Porous Defenses Project management must ensure that all programs avoid these errors.

12 CS 5150 12 Programming Secure Software The following list is from the SANS Security Institute, Essential Skills for Secure Programmers Using Java/JavaEE, http://www.sans.org/ Input Handling Authentication & Session Management Access Control (Authorization) Java Types & JVM Management Application Faults & Logging Encryption Services Concurrency and Threading Connection Patterns

13 CS 5150 13 Suggested Reading Trust in Cyberspace, Committee on Information Systems Trustworthiness, National Research Council (1999) http://www.nap.edu/readingroom/books/trust/ Fred Schneider, Cornell Computer Science, was the chair of this study.

14 CS 5150 14 Performance of Computer Systems In most computer systems The cost of people is much greater than the cost of hardware Yet performance is important Future loads may be much greater than predicted A single bottleneck can slow down an entire system The choice of systems architecture may lead to a system that places great demands on the skills of the implementers.

15 CS 5150 15 High-performance computing High-performance computing: Large data collections (e.g., Amazon) Internet services (e.g., Google) Large computations (e.g, weather forecasting) Must balance cost of hardware against cost of software development Some configurations are very difficult to program and debug Sometimes it is possible to isolate applications programmers from the system complexities CS 5300, Architecture of Large-Scale Information Systems

16 CS 5150 16 Performance challenges for all software systems Tasks Predict performance problems before a system is implemented Identify causes and fix problems after a system is implemented Basic techniques Understand how the underlying hardware and networking components interact when executing the system For each component calculate the capacity and load Identify components that are near peak capacity

17 CS 5150 17 Understand the Interactions between Hardware and Software Example: execution of http://www.cs.cornell.edu/ Client Servers domain name service TCP connection HTTP get

18 CS 5150 18 Timescale Operations per second CPU instruction:1,000,000,000 Disk latency: 100 read: 25,000,000 bytes Network LAN: 10,000,000 bytes Actual performance may be considerably less than the theoretical peak

19 CS 5150 19 Look for Bottlenecks CPU performance is important in certain domains, e.g.: large data analysis (e.g., searching) mathematical computation (e.g., weather models) multimedia (e.g., video compression) perception (e.g., image processing)

20 CS 5150 20 Look for Bottlenecks In most domains CPU performance is not the limiting factor. Common bottlenecks: Reading data from disk Shortage of memory (including paging) Moving data from memory to CPU Network load Inefficient software: Parallel and sequential processing

21 CS 5150 21 Look for Bottlenecks: Utilization utilization = mean service time for a request mean inter-arrival time of requests When the utilization of any hardware component exceeds 30%, be prepared for congestion. Peak loads and temporary increases in demand can be much greater than the average. Utilization is the proportion of the capacity of a service that is used on average.

22 CS 5150 22 Predicting System Performance Direct measurement on subsystem (benchmark) Mathematical models Simulation Rules of thumb All require detailed understanding of the interaction between software and hardware systems.

23 CS 5150 23 Mathematical Models Queueing theory Good estimates of congestion can be made for single- server queues with: arrivals that are independent, random events (Poisson process) service times that follow families of distributions (e.g., negative exponential, gamma) Many of the results can be extended to multi-server queues. Much of the early work in queueing theory by Erlang was to model traffic flow in telephone networks

24 CS 5150 24 Mathematical Models: Queues arrivewait in lineservicedepart Single server queue

25 CS 5150 25 Queues arrivewait in line service depart Multi-server queue

26 CS 5150 26 Behavior of Queues: Utilization mean delay before service begins utilization of service 10

27 CS 5150 27 Measurements on Operational Systems Benchmarks: Run system on standard problem sets, sample inputs, or a simulated load on the system. Instrumentation: Clock specific events. If you have any doubt about the performance of part of a system, experiment with a simulated load.

28 CS 5150 28 Example: Web Laboratory Benchmark: Throughput v. number of CPUs on SMP total MB/s average / CPU

29 CS 5150 29 Techniques: Simulation Model the system as set of states and events advance simulated time determine which events occurred update state and event list repeat Discrete time simulation: Time is advanced in fixed steps (e.g., 1 millisecond) Next event simulation: Time is advanced to next event Events can be simulated by random variables (e.g., arrival of next customer, completion of disk latency)

30 CS 5150 30 Case Study: Performance of Disk Array When many transaction use a disk array, each transaction must: wait for specific disk platter wait for I/O channel signal to move heads on disk platter wait for I/O channel pause for disk rotation read data Close agreement between: results from queuing theory, simulation, and direct measurement (within 15%).

31 CS 5150 31 Fixing Bad Performance If a system performs badly, begin by identifying the cause: Instrumentation. Add timers to the code. Often this will reveal that the delays are centered in one specific part of the system. Test loads. Run the system with varying loads, e.g., high transaction rates, large input files, many users, etc. This may reveal the characteristics of when the system runs badly. Design and code reviews. Have a team review the system design and suspect sections of code for performance problems. This may reveal an algorithm that is running very slowly, e.g., a sort, locking procedure, etc. Fix the underlying cause or the problem will return!

32 CS 5150 32 Predicting Performance Change: Moore's Law Original version: The density of transistors in an integrated circuit will double every year. (Gordon Moore, Intel, 1965) Current version: Cost/performance of silicon chips doubles every 18 months.

33 CS 5150 33 Moore's Law: Rules of Thumb Planning assumptions: Every year: cost/performance of silicon chips improves 25% cost/performance of magnetic media improves 30% 10 years = 100:1 20 years = 10,000:1

34 CS 5150 34 Moore's Law and System Design Design system: 2009 Production use: 2012 Withdrawn from production: 2022 Processor speeds: 1 1.9 28 Memory sizes: 1 1.9 28 Disk capacity: 1 2.2 51 System cost: 1 0.40.01

35 CS 5150 35 Moore's Law Example Will this be a typical personal computer? 2009 2021 Processor 2.5 GHz50 GHz Memory 1 GB 30 GB Disc 100 GB 4 TB Network100 Mb/s1 Gb/s Surely there will be some fundamental changes in how this this power is packaged and used.

36 CS 5150 36 Parkinson's Law Original: Work expands to fill the time available. (C. Northcote Parkinson) Planning assumptions: (a) Demand will expand to use all the hardware available. (b) Low prices will create new demands. (c) Your software will be used on equipment that you have not envisioned.

37 CS 5150 37 False Assumptions from the Past Unix file system will never exceed 2 Gbytes (2 32 bytes). AppleTalk networks will never have more than 256 hosts (2 8 bits). GPS software will not last 1024 weeks. Two bytes are sufficient to represent a year (Y2K bug). etc., etc.,.....

38 CS 5150 38 Moore's Law and the Long Term 1965 2009

39 CS 5150 39 Moore's Law and the Long Term 1965 When? What level? 2009? Within your working life?

Download ppt "CS 5150 1 CS 5150 Software Engineering Lecture 24 Reliability 4."

Similar presentations

Section 6.2. Record data by magnetizing the binary code on the surface of a disk. Data area is reusable Allows for both sequential and direct access file.

Section 6.2. Record data by magnetizing the binary code on the surface of a disk. Data area is reusable Allows for both sequential and direct access file.
1 CS 501 Spring 2005 CS 501: Software Engineering Lecture 21 Reliability 3.

1 CS 501 Spring 2005 CS 501: Software Engineering Lecture 21 Reliability 3.
1 CS 501 Spring 2002 CS 501: Software Engineering Lecture 11 Designing for Usability I.

1 CS 501 Spring 2002 CS 501: Software Engineering Lecture 11 Designing for Usability I.
Access Control Methodologies

Access Control Methodologies
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Input/Output Management and Disk Scheduling

Input/Output Management and Disk Scheduling
CS 501: Software Engineering Fall 2000 Lecture 14 System Architecture I Data Intensive Systems.

CS 501: Software Engineering Fall 2000 Lecture 14 System Architecture I Data Intensive Systems.
CS 5150 1 CS 5150 Software Engineering Lecture 19 Performance.

CS CS 5150 Software Engineering Lecture 19 Performance.
CS 5150 1 CS 5150 Software Engineering Lecture 22 Reliability 3.

CS CS 5150 Software Engineering Lecture 22 Reliability 3.
1 CS 501 Spring 2002 CS 501: Software Engineering Lecture 19 Performance of Computer Systems.

1 CS 501 Spring 2002 CS 501: Software Engineering Lecture 19 Performance of Computer Systems.
Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.

Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
CS 501: Software Engineering Fall 2000 Lecture 19 Performance of Computer Systems.

CS 501: Software Engineering Fall 2000 Lecture 19 Performance of Computer Systems.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
OS Fall ’ 02 Performance Evaluation Operating Systems Fall 2002.

OS Fall ’ 02 Performance Evaluation Operating Systems Fall 2002.
Server Platforms Week 11- Lecture 1. Server Market - 2003 $ 46,100,000,000 ($ 46.1 Billion) Gartner.

Server Platforms Week 11- Lecture 1. Server Market $ 46,100,000,000 ($ 46.1 Billion) Gartner.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
Performance Evaluation

Performance Evaluation

Similar presentations

Ads by Google