ARTEMIS-ARC系统协同模型的自省式实现技术研究

基于运行时体系结构的协同模型能够为面向服务的协同应用系统的动态演化提供有效的支持。但是在实现层面上,如何使软件体系结构从抽象的规约转化为运行时实际的对象实体,并成为系统演化行为的直接载体,是一个较为困难的技术挑战。针对这个问题,本文提出一种基于计算自省的实现途径,主要包括基于面向对象程序设计语言构造的体系结构层面的元表示和元协议、基于体系结构上下文中对象引用重解释构建的因果互连机制,以及基于该因果互连机制的应用系统的动态重配置。以上实现方式在自行开发的服务协同系统ARTEMIS-ARC时得以实施。     

基于QoS的网络存活性动态重配置管理模型

传统的安全技术已经不足以保护无边界网络环境中高分布信息系统的存活性问题.针对网络存活性系统中由于外来攻击或自身故障等原因导致失效时,提供关键服务自恢复能力的不足,从容错QoS角度出发,提出了一个有效的网络存活性自适应重配置模型,讨论了存活性重配置策略,并给出存活性重配置的具体实现环节和相应的动态重配置算法.该模型可以实时监测系统当前状态,并能在系统遭受攻击或自身故障时,迅速确定动态调整算法,为系统有效实施存活性动态重配置策略提供了一种可行思路.     

OnceAS/Q:一个面向QoS的Web应用服务器

网络分布计算环境下应用系统的需求多样化和复杂性的增长,要求位于中间件层次的Web应用服务器(web application server,简称WAS)从原来的"尽力而为"服务模型转变为服务质量(quality of service,简称QoS)保障模型,为具有不同需求的应用分别提供适宜的服务质量保障.目前的WAS系统在此方面仍然比较薄弱.OnceAS/Q是一个面向QoS的WAS系统,它以QoS规约为基础,为不同应用提供不同的QoS保障能力.OnceAS/Q实现了一个应用QoS保障框架,提供了一组QoS服务组件支持具有QoS需求的应用开发和运行.介绍了OnceAS/Q的体系结构和主要组件,详细阐述了两个关键问题,一是QoS规约的定义及其映射,另一个是面向QoS的服务组件和资源的动态重配.OnceAS/Q原型在Ecperf测试基准下,对其QoS保障能力进行了实验.实验数据表明,在较大规模的应用环境下,OnceAS/Q能够提供更好的服务质量,并且开销是可接受的.     

一种基于赋时Petri网和ZBDD的装配序列规划方法

机载航空电子系统设计采用综合化系统体系结构,可实现计算系统及其计算资源和计算设施的"物理集成";以及机载嵌入式软件系统的"功能集成";提供对系统计算功能的动态配置管理和实时动态冗余,以期得到较高的计算性能和保障系统的高可靠性。基于软件系统架构的层次关系研究了复杂嵌入式计算任务的运行模态表示方法,分析了嵌入式软件系统任务模态的迁移关系,提出了基于AADL软件体系结构的嵌入式软件模态划分方法,制定了系统动态重构蓝图,并设计了基于模态的嵌入式软件动态重构实施方法。基于软件架构的模态分析及其动态重构,有助于提高复杂嵌入式软件系统的可靠性、安全性和重用性。     

Real-time workflows oriented online scheduling in uncertain cloud environment

Workflow scheduling has become one of the hottest topics in cloud environments, and efficient scheduling approaches show promising ways to maximize the profit of cloud providers via minimizing their cost, while guaranteeing the QoS for users’ applications. However, existing scheduling approaches are inadequate for dynamic workflows with uncertain task execution times running in cloud environments, because those approaches assume that cloud computing environments are deterministic and pre-computed schedule decisions will be statically followed during schedule execution. To cover the above issue, we introduce an uncertainty-aware scheduling architecture to mitigate the impact of uncertain factors on the workflow scheduling quality. Based on this architecture, we present a scheduling algorithm, incorporating both event-driven and periodic rolling strategies (EDPRS), for scheduling dynamic workflows. Lastly, we conduct extensive experiments to compare EDPRS with two typical baseline algorithms using real-world workflow traces. The experimental results show that EDPRS performs better than those algorithms.     

Prototyping Dynamic Software Product Lines to evaluate run-time reconfigurations

Dynamic Software Product Lines (DSPL) encompass systems that are capable of modifying their own behavior with respect to changes in their operating environment by using run-time reconfigurations. A failure in these reconfigurations can directly impact the user experience since the reconfigurations are performed when the system is already under the users control. In this work, we prototype a Smart Hotel DSPL to evaluate the reliability-based risk of the DSPL reconfigurations, specifically, the probability of malfunctioning (Availability) and the consequences of malfunctioning (Severity). This DSPL prototype was performed with the participation of human subjects by means of a Smart Hotel case study which was deployed with real devices. Moreover, we successfully identified and addressed two challenges associated with the involvement of human subjects in DSPL prototyping: enabling participants to (1) trigger the run-time reconfigurations and to (2) understand the effects of the reconfigurations. The evaluation of the case study reveals positive results regarding both Availability and Severity. However, the participant feedback highlights issues with recovering from a failed reconfiguration or a reconfiguration triggered by mistake. To address these issues, we discuss some guidelines learned in the case study. Finally, although the results achieved by the DSPL may be considered satisfactory for its particular domain, DSPL engineers must provide users with more control over the reconfigurations or the users will not be comfortable with DSPLs.     

一种能耗感知的虚拟集群CPU资源自动再配置方法

系统虚拟化技术可以动态再配置应用环境的计算资源.当前动态资源配置方法主要关注于保证具有动态负载应用的服务质量.这些方法受应用性能驱动并常常增加资源控制系统的响应延迟.针对上述问题提出了以资源使用状态为驱动的资源再配置方法(resource-use-status-drivenresource reconfigurationscheme,RUSiC),自动适应动态负载变化来满足应用性能的资源需求.RUSiC被设计成2层架构的资源再配置模型,基于实时的资源使用状态,及时用较小的开销为应用调整合适的资源配置.同时,RUSiC也考虑到电能的有效使用,在资源的新配置中通过尽可能减少激活物理节点的数量避免大量不必要的电能消耗及相关的冷却费用.实验数据表明,在应用负载变化时,RUSiC能快速监测并响应变化的资源需求,并在保证应用性能的前提下,使用较小数量的激活物理节点.     

Socio-technical systems: From design methods to systems engineering

It is widely acknowledged that adopting a socio-technical approach to system development leads to systems that are more acceptable to end users and deliver better value to stakeholders. Despite this, such approaches are not widely practised. We analyse the reasons for this, highlighting some of the problems with the better known socio-technical design methods. Based on this analysis we propose a new pragmatic framework for socio-technical systems engineering (STSE) which builds on the (largely independent) research of groups investigating work design, information systems, computer-supported cooperative work, and cognitive systems engineering. STSE bridges the traditional gap between organisational change and system development using two main types of activity: sensitisation and awareness; and constructive engagement. From the framework, we identify an initial set of interdisciplinary research problems that address how to apply socio-technical approaches in a cost-effective way, and how to facilitate the integration of STSE with existing systems and software engineering approaches.     

A practical evaluation of spectrum-based fault localization

Spectrum-based fault localization (SFL) shortens the test–diagnose–repair cycle by reducing the debugging effort. As a light-weight automated diagnosis technique it can easily be integrated with existing testing schemes. Since SFL is based on discovering statistical coincidences between system failures and the activity of the different parts of a system, its diagnostic accuracy is inherently limited. Using a common benchmark consisting of the Siemens set and the space program, we investigate this diagnostic accuracy as a function of several parameters (such as quality and quantity of the program spectra collected during the execution of the system), some of which directly relate to test design. Our results indicate that the superior performance of a particular similarity coefficient, used to analyze the program spectra, is largely independent of test design. Furthermore, near-optimal diagnostic accuracy (exonerating over 80% of the blocks of code on average) is already obtained for low-quality error observations and limited numbers of test cases. In addition to establishing these results in the controlled environment of our benchmark set, we show that SFL can effectively be applied in the context of embedded software development in an industrial environment.     

Synthesis of probabilistic models for quality-of-service software engineering

An increasingly used method for the engineering of software systems with strict quality-of-service (QoS) requirements involves the synthesis and verification of probabilistic models for many alternative architectures and instantiations of system parameters. Using manual trial-and-error or simple heuristics for this task often produces suboptimal models, while the exhaustive synthesis of all possible models is typically intractable. The EvoChecker search-based software engineering approach presented in our paper addresses these limitations by employing evolutionary algorithms to automate the model synthesis process and to significantly improve its outcome. EvoChecker can be used to synthesise the Pareto-optimal set of probabilistic models associated with the QoS requirements of a system under design, and to support the selection of a suitable system architecture and configuration. EvoChecker can also be used at runtime, to drive the efficient reconfiguration of a self-adaptive software system. We evaluate EvoChecker on several variants of three systems from different application domains, and show its effectiveness and applicability.     

Managing database server performance to meet QoS requirements in electronic commerce systems

The performance of electronic commerce systems has a major impact on their acceptability to users. Different users also demand different levels of performance from the system, that is, they will have different Quality of Service (QoS) requirements. Electronic commerce systems are the integration of several different types of servers and each server must contribute to meeting the QoS demands of the users. In this paper we focus on the role, and the performance, of a database server within an electronic commerce system. We examine the characteristics of the workload placed on a database server by an electronic commerce system and suggest a range of QoS requirements for the database server based on this analysis of the workload. We argue that a database server must be able to dynamically reallocate its resources in order to meet the QoS requirements of different transactions as the workload changes. We describe Quartermaster, which is a system to support dynamic goal-oriented resource management in database management systems, and discuss how it can be used to help meet the QoS requirements of the electronic commerce database server. We provide an example of the use of Quartermaster that illustrates how the dynamic reallocation of memory resources can be used to meet the QoS requirements of a set of transactions similar to transactions found in an electronic commerce workload. We briefly describe the memory reallocation algorithms used by Quartermaster and present experiments to show the impact of the reallocations on the performance of the transactions. Published online: 22 August 2001     

一种时效感知的动态加权Web服务QoS监控方法

服务质量（quality of service,简称QoS）是衡量Web服务好坏的重要标准,也是用户选择Web服务的重要依据.能够实时而准确有效地对Web服务进行监控,是Web服务质量保障的重要基础.为此,提出了一种时效感知的动态Web服务QoS监控方法.该方法在传统加权监控方法中融入了滑动窗口机制和信息增益原理,简称IgS-wBSRM（information gain and sliding window based weighted naive Bayes QoS runtime monitoring）.该方法以一定的初始训练样本进行环境因素权值初始化,利用信息熵（information entropy,简称IE）及信息增益（information gain,简称IG）对样本所处混沌状态的确定作用,依次读取样本数据流,计算样本数据单元出现前后各影响因子组合的信息增益,结合TF-IDF（term frequency-inverse document frequency）算法对早期的初始化权值进行动态更新,修正传统算法对监控分类的类间分布偏差问题和参数未更新问题.另外,考虑训练样本数据的时效性,结合滑动窗口机制来对影响因子组合权值进行同步更新,以消解长期累积的历史累赘数据对近期服务QoS的影响.在模拟数据集和开源数据集上的结果表明：利用滑动窗口机制可以有效摒弃历史数据的过期信息,结合滑动窗口机制实现的基于信息增益的动态权值算法能够更加准确地监控Web服务QoS,总体监控效果明显优先于现有方法.     

An overview of Dynamic Software Product Line architectures and techniques: Observations from research and industry

Over the last two decades, software product lines have been used successfully in industry for building families of systems of related products, maximizing reuse, and exploiting their variable and configurable options. In a changing world, modern software demands more and more adaptive features, many of them performed dynamically, and the requirements on the software architecture to support adaptation capabilities of systems are increasing in importance. Today, many embedded system families and application domains such as ecosystems, service-based applications, and self-adaptive systems demand runtime capabilities for flexible adaptation, reconfiguration, and post-deployment activities. However, as traditional software product line architectures fail to provide mechanisms for runtime adaptation and behavior of products, there is a shift toward designing more dynamic software architectures and building more adaptable software able to handle autonomous decision-making, according to varying conditions. Recent development approaches such as Dynamic Software Product Lines (DSPLs) attempt to face the challenges of the dynamic conditions of such systems but the state of these solution architectures is still immature. In order to provide a more comprehensive treatment of DSPL models and their solution architectures, in this research work we provide an overview of the state of the art and current techniques that, partially, attempt to face the many challenges of runtime variability mechanisms in the context of Dynamic Software Product Lines. We also provide an integrated view of the challenges and solutions that are necessary to support runtime variability mechanisms in DSPL models and software architectures.     

Resource Management Middleware for Dynamic,Dependable Real-Time Systems

Thispaper presents resource management techniques that achieve thequality of service (QoS) requirements of dynamic real-time systemsusing open architectures and commercial off-the-shelf technologies(COTS). Dynamic real-time systems are subject to constant changessuch as a varying external environment, overload of internalsystems, component failure, and evolving operational requirements.Examples of such systems include the emerging generation of computer-based,command and control systems of the U.S. Navy. To enable the engineeringof such systems, we present adaptive resource management middlewaretechniques that achieve the QoS requirements of the system. Themiddleware performs QoS monitoring and failure detection, QoSdiagnosis, and reallocation of resources to adapt the systemto achieve acceptable levels of QoS. Experimental characterizationsof the middleware using a real-time benchmark illustrate itseffectiveness for adapting the system for achieving the desiredreal-time and survivability QoS during overload situations.     

On the relationships between QoS and software adaptability at the architectural level

Modern software operates in highly dynamic and often unpredictable environments that can degrade its quality of service. Therefore, it is increasingly important having systems able to adapt their behavior. However, the achievement of software adaptability can influence other software quality attributes, such as availability, performance or cost. This paper proposes an approach for analyzing tradeoffs between the system adaptability and its quality of service. The proposed approach is based on a set of metrics that allow the system adaptability evaluation. The approach can help software architects to guide decisions on system adaptation for fulfilling system quality requirements. The application and effectiveness of the approach are illustrated through examples and a wide set of experiments carried out with a tool we have developed.     

Hybrid multi-attribute QoS optimization in component based software systems

Design decisions for complex, component-based systems impact multiple quality of service (QoS) properties. Often, means to improve one quality property deteriorate another one. In this scenario, selecting a good solution with respect to a single quality attribute can lead to unacceptable results with respect to the other quality attributes. A promising way to deal with this problem is to exploit multi-objective optimization where the objectives represent different quality attributes. The aim of these techniques is to devise a set of solutions, each of which assures an optimal trade-off between the conflicting qualities. Our previous work proposed a combined use of analytical optimization techniques and evolutionary algorithms to efficiently identify an optimal set of design alternatives with respect to performance and costs. This paper extends this approach to more QoS properties by providing analytical algorithms for availability-cost optimization and three-dimensional availability-performance-cost optimization. We demonstrate the use of this approach on a case study, showing that the analytical step provides a better-than-random starting population for the evolutionary optimization, which lead to a speed-up of 28% in the availability-cost case.     

Design of reconfiguration mechanism for holonic manufacturing systems based on formal models

One of the key design issues of holonic manufacturing systems (HMS) is to effectively respond to resource failures based on the flexible holonic architecture. The objective of this paper is to propose a viable design methodology to implement reconfiguration mechanism in HMS. A reconfiguration mechanism is developed to accommodate changes based on collaboration of holons without leading to chaos at the shop floor. To deal with resource failures in HMS, an impact function is defined to characterize the impact of resource failures on different holons in a holarchy. A collaborative reconfiguration mechanism based on an impact function is proposed to effectively reconfigure the systems to achieve minimal cost solutions. The design and implementation methodology combines contract net protocol for negotiation of holons, Petri net for the representation of individual product holons and resource holons and FIPA-compliant agent platform for publication/discovery of holons. A simulation system is developed to verify the proposed reconfiguration mechanism.     

Specification and automated validation of staged reconfiguration processes for dynamic software product lines

Dynamic software product lines (DSPLs) propose elaborated design and implementation principles for engineering highly configurable runtime-adaptive systems in a sustainable and feature-oriented way. For this, DSPLs add to classical software product lines (SPL) the notions of (1) staged (pre-)configurations with dedicated binding times for each individual feature, and (2) continuous runtime reconfigurations of dynamic features throughout the entire product life cycle. Especially in the context of safety- and mission-critical systems, the design of reliable DSPLs requires capabilities for accurately specifying and validating arbitrary complex constraints among configuration parameters and/or respective reconfiguration options. Compared to classical SPL domain analysis which is usually based on Boolean constraint solving, DSPL validation, therefore, further requires capabilities for checking temporal properties of reconfiguration processes. In this article, we present a comprehensive approach for modeling and automatically verifying essential validity properties of staged reconfiguration processes with complex binding time constraints during DSPL domain engineering. The novel modeling concepts introduced are motivated by (re-)configuration constraints apparent in a real-world industrial case study from the automation engineering domain, which are not properly expressible and analyzable using state-of-the-art SPL domain modeling approaches. We present a prototypical tool implementation based on the model checker SPIN and present evaluation results obtained from our industrial case study, demonstrating the applicability of the approach.     

一种实时系统软件体系结构风格:NewRob

该文分析了现有的软件体系结构风格描述语言的特点,并结合嵌入式实时系统的领域特征,提出了一个面向嵌入式实时系统的软件体系结构风格:NewRob。NewRob所生成的一个基本说明书,由一个同步控制任务组成,它负责将系统作为包含各类异步组件的集合,进行动态重构。控制任务通过对各组成元件逐级细化、分解,得到进化后的低级控制任务,每个低级任务也都管理一个新的组件集合。采用时序逻辑描述和验证不同抽象级别的软件体系结构的一致性。