Cornell effort works towards a science of high-assurance cloud computing. Such a science is needed for to support sensitive computing applications that require higher degrees of assurance than is typical for modern cloud platforms, for example in their security, privacy, consistency, fault-tolerance or responsiveness guarantees.
The Cornell group is using a three-pronged approach: 1. Experiments to quantify the properties of today?s cloud platforms. 2. Software solutions that run on today?s clouds but enhance their properties. This entails protocol and system design, implementation, and evaluation, but will also involve creating models and proofs contributing towards a future science of highly assured cloud computing. 3. As these new tools emerge, the group can restart the cycle by using them to prototype critical applications in selected domains (finance, healthcare, control of the smart power grid), reevaluate their performance, and then explore needed optimizations and enhancements to support realistic application workloads.
Intensive access to Microsoft Azure permits the team to create a body of knowledge with immediate practical value for Azure users. However, by working towards a deeper scientific foundation for highly assured cloud computing, the expectation is that any key insights will be equally applicable on non-Microsoft systems.
The Cornell Computing in the Clouds effort was focused on using cloud platforms to develop and test new technologies for high assurance cloud computing applications. Today we have a wide range of cloud success stories in settings like social networking (think of Facebook or Twitter), driving directions (Google maps) and even dialog with our phones and pads (Siri). Yet for all its successes, the cloud remains a problematic choice in what are sometimes called critical infrastructure applications, like managing the smart power grid. On the one hand, we certainly need to make the power grid smarter: doing so will enable it to leverage solar and wind power, and to dispatch electric power on demand when and where needed. A smarter grid would also recover more quickly from damage, such as occurred when Hurricane Sandy slammed into Long Island. Further, the cloud seems like the ideal match for that smart grid: it can monitor at very large scale, and the same efficiencies of cost that are so valuable in social networking make the cloud incredibly cost effective for critical infrastructure uses. But on the other hand, the cloud has been terrible for high assurance needs, as seen with events like the recent OpenSSL HeartBleed bug. Clearly we need the benefits of the cloud, but in a strongly secure and reliable form that can provide high reliability and high integrity at low cost. Our Cornell CiC effort seeks to solve this problem. With support from CiC and other sources, we've created open source solutions aimed at developers who are struggling to create cloud-based services for uses like the smart grid, where the normal properties of the cloud just aren't good enough. One example is our Isis2 system (download it for free from isis2.codeplex.com): it helps people create applications that are secure, fault-tolerant, very adaptive and quite fast. The CiC funding enabled us to do experiments on massive cloud infrastructures from Microsoft and Amazon to evaluate the properties of Isis2 and other systems we've created. Doing so gives us publishable insight into how high assurance technologies scale and handle what are often called "elasticity" events (load surges that cause the cloud to add more machines to a computing pool, or sags that cause the cloud to take resources away). And it also helps us convince potential users that our work is real and can safely be used in demanding situations. CiC is winding down, but our work will continue well into the future. We are forming a consortium with critical infrastructure operators responsible for bulk power transmission in the US Northeast, aimed at monitoring and managing the smart grid using cloud platforms as key elements of the story. Without CiC support, we could never have reached the needed level of credibility to convince these major players that it would be safe and appropriate to team up with us on such an important undertaking. CiC has also enabled us to publish many papers, and to deliver solutions like Isis2 to the nearly 4000 users who had downloaded the platform as of the date of this report.
