Dependable Distributed Systems
The main goal of this course is to specialize the knowledge of the students in the area of Dependable Distributed Systems. This knowledge is addressed by gaining a better understanding on foundations and proposals from the recent research on dependable computing systems, advanced techniques, algorithms and mechanisms involved in the design of large-scale and complex distributed systems, with fault-tolerance, security, privacy and intrusion tolerance services.
The course addresses the study of foundations and formalisms on algorithms, mechanisms and services used in the design of distributed dependable systems for critical applications, in which the above properties must be conjugated in the identified requirements. This knowledge is strongly supported by the domain of practical implementation tools and techniques, experimental evaluation criteria and critical analysis form design foundations and experimental observation of practical dependable distributed systems.
Skills as objectives:
- Concepts, principles, paradigms to the analysis and synthesis of dependable distributed systems, namely their mechanisms and services for design goals and operation support;
- Foundations and abstractions for the design and construction of mechanisms and services for dependable distributed systems;
- Techniques to combine security, privacy, reliability, fault-tolerance and intrusion tolerance for dependable distributed systems and their software components;
- Domain of technqiues and solutions for trusted execution environments and related support at hardware-level.
- Designing mechanisms and services, including their components and algorithms to build critical distributed systems;
- Analysis and experimental assessement of dependable properties in a dependable distributed system;
- Programming and development of dependable distributed systems to support critical applications and services, incolving blockchain platforms, dependable services for cloud computing and cloud-storage platforms, trusted mobile computing and trustworthy solutions for IoT platfroms and applications
Henrique João Lopes Domingos, Nuno Manuel Ribeiro Preguiça
Weekly - 4
Total - 52
The MIEI course dont have a formal precedence regime with mandatory requirements, beyond the normal sequence and adequacy of knowldge bases and practical skills, as addressed by previous related courses in the study plan of the MIEI curricula (Mestrado em Engenharia Informática). However, the following aspects must be considered as relevant base knowledge by the students interested in following the course, for the achievment of the proposed objectives.
- Completion of the Distributed Systems course (as a consolidation course). Recommended skills on Operating Systems Fondations and Computer and Networks System Security. Backgound on Distributed Systems Algorithms and Distributed Systems Programming can be very useful for the CSD course.
- Strong knowldge on Computer Networks and TCP/IP stack protocols (including HTTP, DNS, TCP, UDP, IP, IEEE802.1/802.11, as well as proramming skills for applications using the TCP/IP Stack (Sockets and Rest/HTTP in Java, C# or C++)
- A solid knowledge on principles and practice on distributed systems programming tools and paradigms (ex., Sockets, Webservices, Rest). Some practice in web-programming enviroments or programming with cloud-platforms ican be also interesting as well as initial practice in the design, implementation and debungging of distributed systems'' algorithms.
- Very important to have backgorund in applied cryptography and programming with cryptographic methods and algorithms (ex., Java/JCE and CryptoProviders, Programming with TLS channels - Java JSSE and REST/HTTPS)
- Strong skills in programming with Java language, as well practive with programming environments and tools (ex., Eclipse IDE) and related tools for project management with maintenance repositories (ex., GitHub, Git Plufings in IDE or git command line)
- Is strongly recommended a previous knowldege and practical experience on Operating Systems Foundations and practical skills for UNIX (ex., Linux distributions or Mac OS X), practice in using shell-environment and command-line consoles, and in using virtualized OS or application-support environments (ex., VMWare, Virtual Box, or initial practice with Docker-based Containerization - Docker and Docker deployment with Docker Compose)
- . Anderson, A Guide to Building Dependable Distributed Systems, Wiley, 2020W. Zhao, Building Dependable Distributed Systems, Wiley, 2014
- C. Cachin, R. Guerraoui, L. Rodrigues, Introduction to Reliable and Secure Distributed Programming (2nd Ed), - Springer, 2011.
- W. Stallings, L. Brown, Computer Security - Principles and Practice, Prent. Hall, 2014
- W. Stallings, Information Privacy Engineeirng and Privacy by Design, Pearson, 2020
- W. Stallings, Cryptography and Network Security 8th Ed. Pearson, 2020
- M. Correia, P. Sousa, Segurança no Software, FCA Ed. 2017
Obs) Suggested readings and selected research papers will be presented, analyzed and proposed for discussion on the lectures. Additonal materials for practical/lab activities and guidelines or for use in practical work-assignments will be available as lab materials.
The classes (lectures and laboratories) and the provided materials are prepared for the course to be taught in English.
The course is organized in lectures for presenting and discussing foundations, concepts, principles, paradigms, techniques or algorithms, covering the course program topics, as well as, to conduct specific discussions, analysis and clarifications on suggested readings.
Labs are organized for conducting programming exercises involving mechanisms, techniques and algorithms involving software and hardware components and cloud-based resources. Some labs also involve the demonstration of techniques or related components, including demonstrations supporting tutorial explanations on the use of tools. Some labs are planned to support students in the development of practical work assignments and mini-projects, discussion and clarification of requirements and design criteria, and orientation on implementation options.
Evaluation of Students:
- 2 midterm frequencty tests (T1, T2)
- Tests can be done without the presence requirement (giving the covid19 circumstances). Frequency tests cover the program topics presented and initially discussed in lecture.
- Tests will be conducted without presence requirement (due to Covid-19 constraints), by using an evaluation platform for remotely assigned tests. Each test is divided into two parts: part I is organized as a quiz with time-constraints for answers; part II is organized with a set of open questions using variations of questions on the tested topics, from a test bank, avoiding interceptions of the same questions on different personalized tests.
- Practical evaluation is composed by five workassignmemts and one final project. For the development, a set of different development tools are used: IDEs, Github shared repositories and Jupyter/Notes platform, provided runtime environments for experimental testbench platforms and benchmarking tools. The course provides access to cloud-based dedicated instances and tools, used by the students for the development of the final project.
- 5 Lab work group-assignments are practical/programming exercises (E) (developed in groups of 3 students max.). Development, demonstration, correctness proof and evaluation is coordinated and takes place in videoconference sessions. These work-assignments will be conducted and evaluated during the activities in six labs.
- 1 Final project (P)
Grade and Evaluation Criteria
Frequency assessment and grade conditions, as well as, all the related evaluation criteria are presented in detail in the section "Métodos de Avaliação" (Evaluation Methods).
- 2 midterm frequency tests (T1, T2) covering the program topics and suggested lectures and bibliography covered in Lectures
- Tests cover different parts of the program topics and reference bibliography
- Foolowing the indications, 19/April is planned as the date for possible restart of presence-ativities. Evaluation dates are planned to be conducted after 19/April and in thi sway frequency tests are planned to be conducted in presence at FCT/UNL, according to the established rules applied to students by the FCT/UNL authorities and specific indications at DI/FCT/UNL
- Tests have two parts: a closed-book part and an open-book part, with students authorized to use printed and personal elements (not computers or any other electronic and communication devices)
- Practical evaluation: (TP1, TP2) developed as groupwork miniprojects (2 students/group as reference)
- Assignments TP1 and TP2 are developed as mini-projects developed in groups of 2 students
- Evaluation criteria cover the development process and defined delivery dates (with possible penalizations in case of non-compliance
- There is an individual evaluation part (25% of each work) requiring an indivdual practical test, with a related quizz performed individually as a proof of domain about the implementation and experimental evaluation
Frequency conditions (F)
- F= 40% TP1 + 60% TP2
- Individual frequency condition: F > 9,5/20
Grade with Frequency Evaluation (AF)
- Frequency condition verified (F)
- Rule and grade conditions (AF):
- AF = 20%(T1) + 30% (T2) + 50% (F)
- Grade condition rules: AR>= 9,5/20, T1 >7,5/20, T2>7,5/20 and AF>9,5/20
Grade with Appeal Exam (AR w/ ER)
- Frequency condition verified (F)
- Rule and grade conditions (AR):
- AR = 50% (F) + 50 % (ER)
- Grade condition:
- ER > 7,5/20 and AR > 9,5/20
- Frequency already obtained in 2019/2020 is valid
- Project evaluation crterua cover:
- Design, development and experimental demonstration with practical demonstration in Lab, if required: 60%
- Report quality, testbecnh and data analysis or other requestd elements: 15%
- Individual evaluation elements by proof-of-knowledge quizzes: 15%
- Individual evaluation in the group: 10%
- Principles and concepts for dependable distributed systems: dependability properties, attributes, metrics, support typology, desigm models and implementation techniques
- Reliable and secure communication channels
- Pont-to-Point vs. End-to-End channels
- Reliable group-oriented communication and secure group-oriented communication
- Group communication and message prdering guarantees
- Perimeter defenses and Intrusion prevention systems
- Intrusion detection (HIDS, NIDS and HIDS platforms)
- Intrusion recovery: reactive recovery and pro-active recovery
- Mechanisms, technique and services for intrusion tolerance
- Intrusion tolerance and diversity approaches
- Consensus, FLP impossibility and probabilistic consensus
- Services stack for consensus in asyncronous distributed systems
- Byzantine quorum systems
- Consensus with Byzantine Fault Tolerance
- Platforms typology and applications
- Service planes in Blockchain platforms
- Blockchain programming and programming with smart contracts
- Consensus solutions with different Blockchain models and proofs
- Scalability guarantees and sustainability issues
- Case studies
- Advanced techniques for privacy-enhanced data management and computation
- Replication and data fragmentation, fragmentation with erasure-coding
- Availability and replication with data confidentiality, authentication and integrity
- Operations with encrypted data: security-at-the-rest techniques and homomorphic encryption
- Systems and solutions using Searchable Encryption
- Case studies: SQL databases, NoSQL platforms and storage clouds
- Techniques, mechanisms and environments for trusted computing
- Trusted computing with software attestation
- Trusted execution environments (TEE) and Hardware-based platforms
- Programming with TEE platforms
- Case-studies: IntelSGX, TrustZone and Virtualized Trusted Computing
Programs where the course is taught: