The operating systems seminar is held every other Monday afternoon
from 4:00 - 5:00 PM in Computer Sciences & Statistics room 2310
(alternating with the
Keeping up-to-date with current research is a critical task for both students and faculty. A weekly seminar is a fun and social way to keep in touch with other's work. At the seminar, you can eat a few cookies, chitchat about the finer points of finer points of mutual exclusion, and exchange ideas with students and faculty working in your field.
To subscribe to our mailing list, send mail to email@example.com with subscribe os-seminar in the body. The list traffic is about one message per week to announce the next seminar.
Questions about the seminar and arrangements may be directed to Tim Denehy or
Reliability on the cheap
How we learnt to stop worrying and love cheap PCs
I will describe Google's software architecture which aims to harness
the power of thousands of cheap Linux PCs and organize them into a
scalable, reliable, high-performance computing system. Our approach is
to use cheap hardware and to achieve all the fault- tolerance and
reliability in software.
Anurag Acharya is a Principal Engineer at Google. In previous lives,
he has been an undergrad at IIT Kharagpur, a graduate student at Carnegie Mellon, a postdoc at the University of Maryland and an
Assistant Professor at the University of California, Santa Barbara. He
came to Google for a visit couple of years ago. He found the natives
friendly and fascinating, so he stayed.
No Seminar - Distinguished Lecture
Design Considerations for Robust Internet Protocols
Robustness has long been a central design goal of the Internet. While the
Internet has proven robust to hardware failures, the Internet remains
extremely vulnerable to more arbitrary failures where, through either error or
malice, a node issues syntactically correct responses that are not
semantically correct. Such failures, some as simple as misconfigured routing
state, can seriously undermine the functioning of the Internet. With the
Internet playing such a central role in the global telecommunications
infrastructure, this level of vulnerability is no longer acceptable.
In this talk, I argue that to make the Internet more robust to these kinds of
arbitrary failures, we need to change the way we design network protocols. To
this end, I will discuss several past examples of widespread Internet
failures, discussing what could have been done to prevent the problem from
occurring in the first place. The unifying theme behind the examples is that
we need to design protocols more defensively, expecting malicious attack,
misimplementation, and misconfiguration at every turn.
Tom Anderson is a Professor of Computer Science and Engineering at the
University of Washington. His research interests span almost every aspect of
computer systems design, from high-performance computer and network switch
architectures, to operating systems, distributed file systems, wide area
distributed systems, and most recently computer networks.
Policy Management and Comprehension with Classified Advertisements
POSTPONED due to faculty candidate talk
Interfaces & Architectures for Storage - The Changing Landscape
This talk will overview current work in the storage systems
research group at Seagate Research. This is a new group
formed last year with a charter to expand the intelligence
of storage devices. We will outline the goals of our
research, and discuss initial projects we have underway.
One of the key enablers for additional device intelligence
is a change in the interfaces for talking to storage. We
will also outline one current industry proposal -
object-based storage devices (OSD) - for greatly expanding
the SCSI interface that has provided valiant service for the
last 20 years.
Seagate Research is a young organization with an ambitious
charter - to develop the storage technologies that will
carry the company and the industry 5-10 years in the future.
The lab has grown from two people in a rented office to 100
researchers in a brand-new building over the past four
years. In addition to details about the systems efforts,
the talk will very briefly mention ongoing projects in other
parts of the lab and in the company.
Erik Riedel leads the Interfaces & Architecture Department
at Seagate Research in Pittsburgh, Pennsylvania. The group
focusses on novel storage systems with increased
intelligence for optimized performance, automated
management, and content-specific optimizations. A basic
requirement for such systems is new interfaces to storage
systems as the current ones are quite outdated.
Before joining Seagate Research, he was a researcher in the
storage program at Hewlett-Packard Laboratories in Palo
Alto, California working on networked and distributed
storage and security for storage. He received a doctorate
in Computer Engineering from Carnegie Mellon University
working with David Nagle and Garth Gibson in the Parallel
Data Lab (PDL) and Christos Faloutsos in the Center for
Automated Learning and Discovery (CALD). His thesis work
was on Active Disks as an extension to Network-Attached
Secure Disks (NASD). Over the years he has spent time
looking at I/O in a number of areas, including parallel
apps, data mining, database, file systems, and scientific
Dave Anderson is Director of Strategic Planning for Seagate
and has over 20 years experience in the computer field.
His responsibilities include overall interface strategy for
all disc interfaces.
Dave has been involved in the architecture and planning of
Fibre Channel since its first proposal as a disc interface.
He was also one of the principal architects of the disc XOR
commands that are now a part of the standard SCSI interface
specification and was the author and original editor of the
Object based Storage Device (OSD) proposal being developed
by SNIA for submission to the SCSI standards committee.
Dave was one of the original nine elected members of the
SNIA (Storage Networking Industry Association) Technical
Council. He was also one of the founding members of the
Serial Attached SCSI working group, which defined this new
Checkpoints of GUI-based Applications
We describe a new system, called guievict, that enables the graphical
user interface (GUI) of any application to be transparently migrated to
or replicated on another display without premeditative steps such as
re-linking the application program binary or re-directing the
application process's window system communication through a proxy.
Guievict is based on a small X window server extension that enables an
application to retrieve its window session, a transportable
representation of its GUI, from the window server and a library of GUI
migration functionality that is injected in the application process at
run time. We discuss the underlying technical issues: controlling and
synchronizing the communication between the application and the window
system, identifying and retrieving the GUI resources that form the
window session, regenerating the window session in a new window system,
and maintaining application transparency. We have implemented guievict
for the XFree86 implementation of the X window system. The GUI
migration performance of guievict is measurably but not perceptibly
worse than that of a proxy-based system.
This is joint work with Bart Miller.
Space as a First Class Citizen in a Storage System
POSTPONED due to faculty candidate talk
Using Application Structure to Handle Failures and Improve
Performance in a Migratory File Service
Wide area computing has served CPU-bound workloads very well. However, an
important class of data-bound workloads has struggled to benefit from
distributed computing, despite the ubiquity of capable commodity networking
and storage hardware. This is due to the essential problems of autonomy and
failure natural to wide-area systems. In this talk, we describe Hawk, a
prototype Migratory File Service (MFS) designed to allow data-intensive
applications to scale across the wide area. In contrast to a traditional
file system, Hawk deals gracefully with CPU failure and data loss through
its high-level knowledge of workload structures. It employs aggressive
caching, replication, and I/O classification to reduce wide area traffic and
minimize the impact of such inevitable failures. Through a case study of
data-intensive applications, we demonstrate the benefits of Hawk over
traditional approaches, achieving local-area performance across the wide
Controlling your PLACE in the File System with Gray-box Techniques
We present the design and implementation of PLACE, a gray-box library for
controlling file layout on top of FFS-like file systems. PLACE exploits its
knowledge of FFS layout policies to let users place files and directories into
specific and localized portions of disk. Applications can use PLACE to
collocate files that exhibit temporal locality of access, thus improving
performance. Through a series of microbenchmarks, we analyze the overheads of
controlling file layout on top of the file system, showing that the overheads
are not prohibitive, and also discuss the limitations of our
approach. Finally, we demonstrate the utility of PLACE through two case
studies: we demonstrate the potential of file layout rearrangement in a
web-server environment, and we build a benchmarking tool that exploits control
over file placement to quickly extract low-level details from the disk
system. In the traditional gray-box manner, the PLACE library achieves these
ends entirely at user level, without changing a single line of operating
system source code.
Robust, Portable I/O Scheduling with the Disk Mimic
We propose a new approach for I/O scheduling that performs on-line
simulation of the underlying disk. When simulation is integrated within a
system, three key challenges must be addressed: first, the simulator must be
portable across the full range of devices; second, all configuration must be
automatic; third, the computation and memory overheads must be low. Our
simulator, the Disk Mimic, achieves these goals by building a table-based
model of the disk as it observes the times for previous requests. We show that
a shortest-mimicked-time-first (SMTF) scheduler performs nearly as well as an
approach with perfect knowledge of the underlying device and that it is
superior to traditional scheduling algorithms such as C-LOOK and SSTF; our
results hold as the seek and rotational characteristics of the disk are varied.
Self-Securing Devices: Better Security via Smarter Devices
From all indications, assured OS security seems to be an impossible goal.
In this talk, I'll promote a complementary approach to network security
in which each individual device erects its own security perimeter and
defends its own critical resources (e.g., network link or storage media).
Together with conventional border defenses, such self-securing devices
could provide a flexible infrastructure for dynamic prevention, detection,
diagnosis, isolation, and repair of breaches in borders and device security
perimeters. I'll overview the self-securing devices approach and the siege
warfare analogy that inspired it. In addition to general challenges of
designing and managing self-securing devices, I'll describe self-securing
storage devices and self-securing NICs (network interface cards) as concrete
Greg Ganger is a professor in the ECE department at Carnegie Mellon
University. He has broad research interests in computer systems,
including storage systems, security, and operating systems. Some
current projects explore self-* storage, storage survivability,
more expressive storage interfaces, MEMS-based storage, and of course
self-securing devices. Greg is the Director of CMU's Parallel Data
Lab, academia's premiere storage systems research center. His Ph.D.
in Computer Science and Engineering is from The University of Michigan,
and he spent 2.5 years as a postdoc at MIT working on the Exokernel
The Ethernet Approach to Grid Computing
Despite many competitors, Ethernet became the dominant protocol for local
area networking due to its simplicity, robustness, and efficiency in wide
variety of conditions and technologies. Reflecting on the current frailty of much software, grid and otherwise, we propose that the Ethernet
resource sharing is an effective and reliable technique for combining
coarse-grained software when failures are common and poorly detailed. This
approach involves placing several simple but important responsibilities on
client software to acquire shared resources conservatively, to back off
during periods of failure, and to inform competing clients when resources
are in contention. We present a simple scripting language that simplifies
and encourages the Ethernet approach, and demonstrate its use in several
grid computing scenarios, including job submission, disk allocation, and
data replication. We conclude with a discussion of the limitations of this
approach, and describe how it is uniquely suited to high-level
This is a practice talk for HPDC-12. This is joint work with Miron Livny.
Instructions to Speakers
Two weeks before your talk, mail a title and abstract to the seminar coordinators.
Plan to speak for forty-five minutes and answer questions for fifteen. (Shorter practice talks are also welcome.)
You may use whatever medium you prefer. We will provide a Linux/NT machine, a digital projector, and an analog projector.
After your talk, mail a copy of your slides (.ps or .ppt) to the coordinators to be archived.
Student speakers should bring cookies or a snack to share!
Suggestions for Giving a Good Talk
by David Messerschmit
by David Stock
by Bruce Donald
by Peyton et. al.
by Ian Parberry