- AboutThis should describe the systems research collaboration, and present the overall research goals of the new group.
- PeopleHere are the different labs in the SRC…
- PublicationsA page where you will find categorized publications!
- ProjectsA page where you will find our projects
- ResourcesVarious resources for prospective students, current students, alumni. Maybe put something here about life in NYC and at Columbia…
Publications from 2010
Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS 2010), June 2010
We present SCRIBE, the first system to provide transparent, low- overhead application record-replay and the ability to go live from replayed execution. SCRIBE introduces new lightweight operat- ing system mechanisms, rendezvous and sync points, to efficiently record nondeterministic interactions such as related system calls, signals, and shared memory accesses. Rendezvous points make a partial ordering of execution based on system call dependen- cies sufficient for replay, avoiding the recording overhead of main- taining an exact execution ordering. Sync points convert asyn- chronous interactions that can occur at arbitrary times into syn- chronous events that are much easier to record and replay. We have implemented SCRIBE without changing, relinking, or re- compiling applications, libraries, or operating system kernels, and without any specialized hardware support such as hardware perfor- mance counters. It works on commodity Linux operating systems, and commodity multi-core and multiprocessor hardware. Our re- sults show for the first time that an operating system mechanism can correctly and transparently record and replay multi-process and multi-threaded applications on commodity multiprocessors. SCRIBE recording overhead is less than 2.5% for server applications includ- ing Apache and MySQL, and less than 15% for desktop applica- tions including Firefox, Acrobat, OpenOffice, parallel kernel com- pilation, and movie playback.
Proceedings of the 3rd Annual Haifa Experimental Systems Conference (SYSTOR 2010), May 2010
Operating system (OS) virtualization can provide a num- ber of important benefits, including transparent migration of applications, server consolidation, online OS maintenance, and enhanced system security. However, the construction of such a system presents a myriad of challenges, even for the most cautious developer, that if overlooked may result in a weak, incomplete virtualization. We present a detailed dis- cussion of key implementation issues in providing OS virtu- alization in a commodity OS, including system call interposi- tion, virtualization state management, and race conditions. We discuss our experiences in implementing such functional- ity across two major versions of Linux entirely in a loadable kernel module without any kernel modification. We present experimental results on both uniprocessor and multiproces- sor systems that demonstrate the ability of our approach to provide fine-grain virtualization with very low overhead.
Ph.D. Thesis, Department of Computer Science, Columbia University, March 2010
This dissertation demonstrates that operating system virtualization is an effective method for solving many different types of computing problems. We have designed novel systems that make use of commodity software while solving problems that were not conceived when the software was originally written. We show that by leveraging and extending existing virtualization techniques, and introducing new ones, we can build these novel systems without requiring the applications or operating systems to be rewritten. We introduce six architectures that leverage operating system virtualization. *Pod creates fully secure virtual environments and improves user mobility. AutoPod re- duces the downtime needed to apply kernel patches and perform system maintenance. PeaPod creates least-privilege systems by introducing the pea abstraction. Strata im- proves the ability of administrators to manage large numbers of machines by introduc- ing the Virtual Layered File System. Apiary builds upon Strata to create a new form of desktop security by using isolated persistent and ephemeral application containers. Finally, ISE-T applies the two-person control model to system administration. By leveraging operating system virtualization, we have built these architectures on Linux without requiring any changes to the underlying kernel or user-space ap- plications. Our results, with real applications, demonstrate that operating system virtualization has minimal overhead. These architectures solve problems with min- imal impact on end-users while providing functionality that would previously have required modifications to the underlying system.
Proceedings of the 41st ACM Technical Symposium on Computer Science Education (SIGCSE 2010), March 2010
Students learn more through hands-on project experience for computer science courses such as operating systems, but pro- viding the infrastructure support for a large class to learn by doing can be hard. To address this issue, we introduce a new approach to managing and grading operating system home- work assignments based on virtual appliances, a distributed version control system, and live demonstrations. Our solu- tion is easy to deploy and use with studentsâ€™ personal com- puters, and obviates the need to provide a computer labora- tory for teaching purposes. It supports the most demanding course projects, such as those that involve operating system kernel development, and can be used by both on-campus and remote distance learning students even with intermit- tent network connectivity. Our experiences deploying and using this solution to teach operating systems at Columbia University show that it is easier to use, more flexible, and more pedagogically effective than other approaches.