Download seminar_1112

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Computer security wikipedia , lookup

Transcript 
ECE Department Seminar
Fall 2008
Declarative Infrastructure Configuration Synthesis and Debugging
Speaker:
Dr. Sanjai Narain
Telcordia Technologies, Inc.
Joint work with
Dr. Gary Levin, Telcordia
Professor Daniel Jackson, MIT
Professor Sharad Malik, Princeton
Time: 11/12/2008 3PM-4PM
Location: Babbio 319
Abstract:
There is a large conceptual gap between end-to-end infrastructure requirements and detailed component
configuration implementing those requirements. Today, this gap is manually bridged causing large numbers of
configuration errors. Their adverse effects on infrastructure security, availability, and cost of ownership are
well documented. This talk presents the ConfigAssure system for automatically bridging this gap. It proposes
solutions to four fundamental problems: specification, configuration synthesis, configuration error diagnosis,
and configuration error repair. Central to ConfigAssure is a Requirement Solver. It takes as input a
configuration database containing variables, and a requirement as a first-order logic constraint in finite
domains. The Solver tries to compute as output, values for variables that make the requirement true of the
database when instantiated with these values. If unable to do so, it computes a proof of unsolvability. The
Requirement Solver exploits the power of Kodkod, a SAT-based model finder for first-order logic. In turn,
Kodkod exploits the power of modern SAT solvers, such as ZChaff, that can solve millions of constraints in
millions of variables in seconds. However, a straightforward encoding of requirements in Kodkod does not
scale to infrastructure of realistic size. ConfigAssure achieves scalability via two methods. The first is the use
of a new quantifier-free form language called QFF consisting of Boolean combinations of simple arithmetic
constraints. QFFs are efficiently implemented in Kodkod. The second is the use of a partial evaluator that
transforms a first-order logic requirement into an equivalent QFF that truly requires Kodkod. ConfigAssure
has been successfully trialed on a real enterprise network. Time permitting, a complementary diagnosis-only
Telcordia product called ConfigAssure, deployed in a real enterprise, will also be outlined.
Biography:
Sanjai Narain is a Senior Research Scientist in the Information Assurance and Security Department at
Telcordia Technologies in Piscataway, NJ. His current research is on systematic planning of secure and
reliable infrastructure. This is based on his experience designing, building, testing and analyzing such
infrastructure for large enterprises. To support his research, he has obtained funding from major government
agencies such as DARPA, DISA, DHS and IARPA. He has organized and led several university-industry
teams with partners such as MIT, Princeton, Cornell, Johns Hopkins, Boeing and Sparta. He is the lead editor
of a new IEEE JSAC issue on network infrastructure configuration. He has served on program committees for
ACM, IEEE and USENIX conferences or workshops. He is coauthoring a chapter on network configuration
validation in Building and Running Robust Networks and Applications: A Handbook. He joined Telcordia in
1990 when it was called Bellcore. His earlier research at Telcordia was on network management tools for
SONET, ATM and DSL networks. From 1981 to 1990 he worked at RAND Corporation where he developed
technologies to reason about discrete-event simulation models. He has one issued patent on low-cost DSL loop
qualification and three filed patents on configuration validation and synthesis. He has over twenty
publications in journals, conferences and workshops. His formal training is in mathematical logic,
programming languages, and electrical engineering. He studied logic with Professor Alonzo Church at UCLA.
He obtained a Ph.D. in Computer Science from UCLA in 1988 where his thesis was nominated for the ACM
Distinguished Dissertation Award. He obtained an M.S. in Computer Science from Syracuse University in
1981. He obtained a B.Tech. in Electrical Engineering from Indian Institute of Technology, New Delhi, in
1979 and graduated First Class with Honors.
Contact:
Yingying Chen < [email protected] >
Related documents
Home Network Management
Home Network Management
0.5mm Movement Free Space MEMS Attenuator/Shutter Product Description
0.5mm Movement Free Space MEMS Attenuator/Shutter Product Description
Bio260 - drug target activity
Bio260 - drug target activity
Telcordia-NSIS - Columbia University
Telcordia-NSIS - Columbia University
TI 83 Plus and the Equation Solver
TI 83 Plus and the Equation Solver
Chemical Synthesis
Chemical Synthesis
PDF
PDF
The World of Chemistry
The World of Chemistry
Atelier régional de capitalisation des expériences en Adaptation au
Atelier régional de capitalisation des expériences en Adaptation au
Tenets of the modern synthesis
Tenets of the modern synthesis