Table Of ContentInstitut für Informatik
Lehr- und Forschungseinheit für Programmierung und Softwaretechnik
Oettingenstraße 67 D-80538 München
Masterarbeit im Elitestudiengang Software Engineering
Formal Specification and Analysis of
Cloud Computing Management
Tobias Johann Mühlbauer
Report Documentation Page Form Approved
OMB No. 0704-0188
Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and
maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information,
including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington
VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it
does not display a currently valid OMB control number.
1. REPORT DATE 3. DATES COVERED
24 JAN 2012 2. REPORT TYPE 00-00-2012 to 00-00-2012
4. TITLE AND SUBTITLE 5a. CONTRACT NUMBER
Formal Specification And Analysis Of Cloud Computing Management
5b. GRANT NUMBER
5c. PROGRAM ELEMENT NUMBER
6. AUTHOR(S) 5d. PROJECT NUMBER
5e. TASK NUMBER
5f. WORK UNIT NUMBER
7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION
Institute for Computer Science ,Teaching and research unit for REPORT NUMBER
programming and software engineering ,Oettingenstr. 67. D-80538
Munich, Germany, ,
9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSOR/MONITOR’S ACRONYM(S)
11. SPONSOR/MONITOR’S REPORT
NUMBER(S)
12. DISTRIBUTION/AVAILABILITY STATEMENT
Approved for public release; distribution unlimited
13. SUPPLEMENTARY NOTES
14. ABSTRACT
Cloud Computing-based systems (i) are safety- and security-critical systems which have strong qualitative
and quantitative formal requirements, (ii) have equally important timecritical performance-based quality
of service properties (e.g., availability), and (iii) need to dynamically adapt to changes in the potentially
hostile (e.g., distributed denial of service attacks) and often probabilistic environment they operate in.
These aspects make distributed and Cloud-based systems complex and hard to design, build, test, and
verify; and in this context, Cloud Computing management has to deal with a multitude of obstacles for the
growth and adoption of the Cloud Computing paradigm. In this thesis, we focus on three of these obstacles:
bugs in large distributed systems, service availability, and performance unpredictability. To tackle these
challenges and the aforementioned complexity, we propose solutions based on executable formal
specifications and formal analysis, using an adequate semantic framework. We chose rewriting logic as the
semantic framework and Maude, a language and system based on rewriting logic that offers the possibility
of executing and formally analyzing specifications, as the foundation for our work. The main contributions
of this thesis are ? The specification of formal languages for the design and analysis of Cloud-based
architectures. In particular, the rewriting logic-based specification of formal languages based on the
coordination language and mobile calculus KLAIM. ? The specification of a modularized actor model of
computation which incorporates the Russian Dolls model and fulfills the requirements for statistical model
checking; thus allowing the specification of hierarchically structured distributed systems and their
quantitative and qualitative formal analysis. ? The formal specification and formal analysis of the denial of
service (DoS) defense mechanism ASV+SR, which is a combination of the DoS defense mechanism ASV
and the Cloud-based resource provisioning mechanism SR. We show that ASV+SR provides stable
availability at a reasonable cost; where stable availability means that with very high probability service
quality remains very close to a threshold, regardless of how bad the DoS attack can get. ? The formal
specification of a Publish/Subscribe system that is used to (a) answer the question of how a
Publish/Subscribe architecture can be enriched with Cloud-based dynamic resource provisioning
mechanisms to better meet quality of service (QoS) requirements and (b) show that predictions about QoS
properties can be made using statistical analysis.
15. SUBJECT TERMS
16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF 18. NUMBER 19a. NAME OF
ABSTRACT OF PAGES RESPONSIBLE PERSON
a. REPORT b. ABSTRACT c. THIS PAGE Same as 236
unclassified unclassified unclassified Report (SAR)
Standard Form 298 (Rev. 8-98)
Prescribed by ANSI Std Z39-18
Institut für Informatik
Lehr- und Forschungseinheit für Programmierung und Softwaretechnik
Oettingenstraße 67 D-80538 München
Masterarbeit im Elitestudiengang Software Engineering
Formal Specification and Analysis of
Cloud Computing Management
Tobias Johann Mühlbauer
Matrikelnummer: 1110475
Erstgutachter: Prof. Dr. Martin Wirsing
Zweitgutachter: Prof. Dr. Alexander Knapp
Betreuer: Prof. Dr. José Meseguer
Abgabe: 24. Januar 2012
Hiermit versichere ich, dass ich diese Masterarbeit selbständig verfasst habe. Ich habe dazu
keine anderen als die angegebenen Quellen und Hilfsmittel verwendet.
Tobias Johann Mühlbauer Augsburg, den 24. Januar 2012
Acknowledgements
This thesis would not have been possible without helpful guidance and advice. I want to
express my gratitude to everyone involved. My special thanks go to
Prof. Dr. José Meseguer,
for all his contributions of time, ideas, and guidance without which this thesis would
nothavebeenpossible. IwanttothankProf. Meseguerforofferingmetheopportunity
to work on this thesis at the University of Illinois at Urbana-Champaign and for the
productive, inspiring, and funtime we spent inthe “Moraira research institute”. Ithas
been my great honor to be your student.
Prof. Dr. Martin Wirsing,
for offering me this great thesis opportunity and for all his guidance and support
throughout. His academic experience was invaluable during the work on this thesis.
Prof. Dr. Alexander Knapp,
for being a great teacher. Without the knowledge gained through his lectures I would
have lacked the fundamentals to work on this thesis.
Prof. Dr. Santiago Escobar,
for all the inspiring conversations and fun I enjoyed with him, especially during coffee
breaks.
Prof. Musab Al-Turki, Ph.D.,
for all the great help he provided with the ASV protocol, statistical model checking,
and the Maude system in general.
Kyungmin Bae, Prof. Dr. Francisco Durán, Michael Katelman, Ph.D.,
Camilo Rocha, Dr. Raúl Gutiérrez, and Ralf Sasse,
my colleagues andfriends, notonly forbeingsupportive during the work onthis thesis
but also for the fun times we spent together.
Prof. Klara Nahrstedt, Ph.D., and Guijun Wang, Ph.D.,
for all the advice they provided to the work on the formal specification and analysis
of Publish/Subscribe systems.
Denise and Ron Mazza,
for giving me the possibility to stay in beautiful Cardiff-by-the-Sea where parts of this
thesis originated.
vii
Acknowledgements
Anita, Johann, and Verena Mühlbauer,
my parents and my sister, for all their love and encouragement, and their support in
all my pursuits. Thank you.
Lastly,myveryspecialthanksgotoJonas Eckhardt,whohasbeenagreatcolleagueand
friend over the past several months. The work in this thesis originated in collaboration with
him and would not have been possible without his contributions of ideas and inspiration.
Thank you for our sincere friendship and the fun time we spent together in the United
States, in Spain, and throughout our studies in Germany.
This work was funded in part by NSF Grant CCF 09-05584, AFOSR Grant FA8750-
11-2-0084, the EU-funded projects FP7-257414 ASCENS and FP7-256980 NESSoS, the
PROSALMU scholarship forresearchstaysabroad, andtheSoftware Engineering EliteGrad-
uate Program.
viii
