-
Carbon-aware Software Services
Authors:
Stefano Forti,
Jacopo Soldani,
Antonio Brogi
Abstract:
The significant carbon footprint of the ICT sector calls for methodologies to contain carbon emissions of running software. This article proposes a novel framework for implementing, configuring and assessing carbon-aware interactive software services. First, we propose a methodology to implement carbon-aware services leveraging the Strategy design pattern to feature alternative service versions wi…
▽ More
The significant carbon footprint of the ICT sector calls for methodologies to contain carbon emissions of running software. This article proposes a novel framework for implementing, configuring and assessing carbon-aware interactive software services. First, we propose a methodology to implement carbon-aware services leveraging the Strategy design pattern to feature alternative service versions with different energy consumption. Then, we devise a bilevel optimisation scheme to configure which version to use at different times of the day, based on forecasts of carbon intensity and service requests, pursuing the two-fold goal of minimising carbon emissions and maintaining average output quality above a desired set-point. Last, an open-source prototype of such optimisation scheme is used to configure a software service implemented as per our methodology and assessed against traditional non-adaptive implementations of the same service. Results show the capability of our framework to control the average quality of output results of carbon-aware services and to reduce carbon emissions from 8% to 50%.
△ Less
Submitted 21 May, 2024;
originally announced May 2024.
-
From Quantum Mechanics to Quantum Software Engineering: A Historical Review
Authors:
Giuseppe Bisicchia,
Jose Garcia-Alonso,
Juan M. Murillo,
Antonio Brogi
Abstract:
Victor Hugo's timeless observation, "Nothing is more powerful than an idea whose time has come", resonates today as Quantum Computing, once only a dream of a physicist, stands at the threshold of reality with the potential to revolutionise the world. To comprehend the surge of attention it commands today, one must delve into the motivations that birthed and nurtured Quantum Computing. While the pa…
▽ More
Victor Hugo's timeless observation, "Nothing is more powerful than an idea whose time has come", resonates today as Quantum Computing, once only a dream of a physicist, stands at the threshold of reality with the potential to revolutionise the world. To comprehend the surge of attention it commands today, one must delve into the motivations that birthed and nurtured Quantum Computing. While the past of Quantum Computing provides insights into the present, the future could unfold through the lens of Quantum Software Engineering. Quantum Software Engineering, guided by its principles and methodologies investigates the most effective ways to interact with Quantum Computers to unlock their true potential and usher in a new era of possibilities. To gain insight into the present landscape and anticipate the trajectory of Quantum Computing and Quantum Software Engineering, this paper embarks on a journey through their evolution and outlines potential directions for future research. By doing so, we aim to equip readers (ideally software engineers and computer scientists not necessarily with quantum expertise) with the insights necessary to navigate the ever-evolving landscape of Quantum Computing and anticipate the trajectories that lie ahead.
△ Less
Submitted 8 May, 2024; v1 submitted 30 April, 2024;
originally announced April 2024.
-
Challenges of Quantum Software Engineering for the Next Decade: The Road Ahead
Authors:
Juan M. Murillo,
Jose Garcia-Alonso,
Enrique Moguel,
Johanna Barzen,
Frank Leymann,
Shaukat Ali,
Tao Yue,
Paolo Arcaini,
Ricardo Pérez Castillo,
Ignacio García Rodríguez de Guzmán,
Mario Piattini,
Antonio Ruiz-Cortés,
Antonio Brogi,
Jianjun Zhao,
Andriy Miranskyy,
Manuel Wimmer
Abstract:
As quantum computers evolve, so does the complexity of the software that they can run. To make this software efficient, maintainable, reusable, and cost-effective, quality attributes that any industry-grade software should strive for, mature software engineering approaches should be applied during its design, development, and operation. Due to the significant differences between classical and quan…
▽ More
As quantum computers evolve, so does the complexity of the software that they can run. To make this software efficient, maintainable, reusable, and cost-effective, quality attributes that any industry-grade software should strive for, mature software engineering approaches should be applied during its design, development, and operation. Due to the significant differences between classical and quantum software, applying classical software engineering solutions to quantum software is difficult. This resulted in the birth of Quantum Software Engineering as a discipline in the contemporary software engineering landscape. In this work, a set of active researchers is currently addressing the challenges of Quantum Software Engineering and analyzing the most recent research advances in this domain. This analysis is used to identify needed breakthroughs and future research directions for Quantum Software Engineering.
△ Less
Submitted 10 April, 2024;
originally announced April 2024.
-
Comparison of Static Analysis Architecture Recovery Tools for Microservice Applications
Authors:
Simon Schneider,
Alexander Bakhtin,
Xiaozhou Li,
Jacopo Soldani,
Antonio Brogi,
Tomas Cerny,
Riccardo Scandariato,
Davide Taibi
Abstract:
Architecture recovery tools help software engineers obtain an overview of their software systems during all phases of the software development lifecycle. This is especially important for microservice applications because their distributed nature makes it more challenging to oversee the architecture. Various tools and techniques for this task are presented in academic and grey literature sources. P…
▽ More
Architecture recovery tools help software engineers obtain an overview of their software systems during all phases of the software development lifecycle. This is especially important for microservice applications because their distributed nature makes it more challenging to oversee the architecture. Various tools and techniques for this task are presented in academic and grey literature sources. Practitioners and researchers can benefit from a comprehensive overview of these tools and their abilities. However, no such overview exists that is based on executing the identified tools and assessing their outputs regarding effectiveness. With the study described in this paper, we plan to first identify static analysis architecture recovery tools for microservice applications via a multi-vocal literature review, and then execute them on a common dataset and compare the measured effectiveness in architecture recovery. We will focus on static approaches because they are also suitable for integration into fast-paced CI/CD pipelines.
△ Less
Submitted 11 March, 2024;
originally announced March 2024.
-
Continuous QoS-compliant Orchestration in the Cloud-Edge Continuum
Authors:
Giuseppe Bisicchia,
Stefano Forti,
Ernesto Pimentel,
Antonio Brogi
Abstract:
The problem of managing multi-service applications on top of Cloud-Edge networks in a QoS-aware manner has been thoroughly studied in recent years from a decision-making perspective. However, only a few studies addressed the problem of actively enforcing such decisions while orchestrating multi-service applications and considering infrastructure and application variations. In this article, we prop…
▽ More
The problem of managing multi-service applications on top of Cloud-Edge networks in a QoS-aware manner has been thoroughly studied in recent years from a decision-making perspective. However, only a few studies addressed the problem of actively enforcing such decisions while orchestrating multi-service applications and considering infrastructure and application variations. In this article, we propose a next-gen orchestrator prototype based on Docker to achieve the continuous and QoS-compliant management of multiservice applications on top of geographically distributed Cloud-Edge resources, in continuity with CI/CD pipelines and infrastructure monitoring tools. Finally, we assess our proposal over a geographically distributed testbed across Italy.
△ Less
Submitted 4 October, 2023;
originally announced October 2023.
-
Leasing the Cloud-Edge Continuum, à la Carte
Authors:
Stefano Forti,
Ahmad Ibrahim,
Antonio Brogi
Abstract:
Next-gen computing paradigms foresee deploying applications to virtualised resources along a continuum of Cloud-Edge nodes. Much literature focussed on how to place applications onto such resources so as to meet their requirements. To lease resources to application operators, infrastructure providers need to identify a portion of their Cloud-Edge assets to meet set requirements. This article propo…
▽ More
Next-gen computing paradigms foresee deploying applications to virtualised resources along a continuum of Cloud-Edge nodes. Much literature focussed on how to place applications onto such resources so as to meet their requirements. To lease resources to application operators, infrastructure providers need to identify a portion of their Cloud-Edge assets to meet set requirements. This article proposes a novel declarative resource selection strategy prototyped in Prolog to determine a suitable infrastructure portion that satisfies all requirements. The proposal is showcased over a lifelike scenario.
△ Less
Submitted 30 August, 2023;
originally announced August 2023.
-
Green Application Placement in the Cloud-IoT Continuum
Authors:
Stefano Forti,
Antonio Brogi
Abstract:
Green software engineering aims at reducing the environmental impact due to developing, deploying, and managing software systems. Meanwhile, Cloud-IoT paradigms can contribute to improving energy and carbon efficiency of application deployments by (i) reducing the amount of data and the distance they must travel across the network, (ii) by exploiting idle edge devices to support application deploy…
▽ More
Green software engineering aims at reducing the environmental impact due to developing, deploying, and managing software systems. Meanwhile, Cloud-IoT paradigms can contribute to improving energy and carbon efficiency of application deployments by (i) reducing the amount of data and the distance they must travel across the network, (ii) by exploiting idle edge devices to support application deployment. In this article, we propose a declarative methodology and its Prolog prototype for determining placements of application services onto Cloud-IoT infrastructures so to optimise energy and carbon efficiency, also considering different infrastructure power sources and operational costs. The proposal is assessed over a motivating example.
△ Less
Submitted 18 October, 2021;
originally announced October 2021.
-
A Declarative Goal-oriented Framework for Smart Environments with LPaaS
Authors:
Giuseppe Bisicchia,
Stefano Forti,
Antonio Brogi
Abstract:
Smart environments powered by the Internet of Things aim at improving our daily lives by automatically tuning ambient parameters (e.g. temperature, interior light) and by achieving energy savings through self-managing cyber-physical systems. Commercial solutions, however, only permit setting simple target goals on those parameters and do not consider mediating conflicting goals among different use…
▽ More
Smart environments powered by the Internet of Things aim at improving our daily lives by automatically tuning ambient parameters (e.g. temperature, interior light) and by achieving energy savings through self-managing cyber-physical systems. Commercial solutions, however, only permit setting simple target goals on those parameters and do not consider mediating conflicting goals among different users and/or system administrators, and feature limited compatibility across different IoT verticals. In this article, we propose a declarative framework to represent smart environments, user-set goals and customisable mediation policies to reconcile contrasting goals encompassing multiple IoT systems. An open-source Prolog prototype of the framework is showcased over two lifelike motivating examples.
△ Less
Submitted 18 June, 2021;
originally announced June 2021.
-
Anomaly Detection and Failure Root Cause Analysis in (Micro)Service-Based Cloud Applications: A Survey
Authors:
Jacopo Soldani,
Antonio Brogi
Abstract:
The momentum gained by microservices and cloud-native software architecture pushed nowadays enterprise IT towards multi-service applications. The proliferation of services and service interactions within applications, often consisting of hundreds of interacting services, makes it harder to detect failures and to identify their possible root causes, which is on the other hand crucial to promptly re…
▽ More
The momentum gained by microservices and cloud-native software architecture pushed nowadays enterprise IT towards multi-service applications. The proliferation of services and service interactions within applications, often consisting of hundreds of interacting services, makes it harder to detect failures and to identify their possible root causes, which is on the other hand crucial to promptly recover and fix applications. Various techniques have been proposed to promptly detect failures based on their symptoms, viz., observing anomalous behaviour in one or more application services, as well as to analyse logs or monitored performance of such services to determine the possible root causes for observed anomalies. The objective of this survey is to provide a structured overview and a qualitative analysis of currently available techniques for anomaly detection and root cause analysis in modern multi-service applications. Some open challenges and research directions stemming out from the analysis are also discussed.
△ Less
Submitted 26 May, 2021;
originally announced May 2021.
-
Smells and Refactorings for Microservices Security: A Multivocal Literature Review
Authors:
Francisco Ponce,
Jacopo Soldani,
Hernán Astudillo,
Antonio Brogi
Abstract:
Context: Securing microservice-based applications is crucial, as many IT companies are delivering their businesses through microservices. If security smells affect microservice-based applications, they can possibly suffer from security leaks and need to be refactored to mitigate the effects of security smells therein. Objective: As the currently available knowledge on securing microservices is sca…
▽ More
Context: Securing microservice-based applications is crucial, as many IT companies are delivering their businesses through microservices. If security smells affect microservice-based applications, they can possibly suffer from security leaks and need to be refactored to mitigate the effects of security smells therein. Objective: As the currently available knowledge on securing microservices is scattered across different pieces of white and grey literature, our objective here is to distill well-known smells for securing microservices, together with the refactorings enabling to mitigate the effects of such smells. Method: To capture the state of the art and practice in securing microservices, we conducted a multivocal review of the existing white and grey literature on the topic. We systematically analyzed 58 studies published from 2014 until the end of 2020. Results: Ten bad smells for securing microservices are identified, which we organized in a taxonomy, associating each smell with the security properties it may violate and the refactorings enabling to mitigate its effects. Conclusions: The security smells and the corresponding refactorings have pragmatic value for practitioners, who can exploit them in their daily work on securing microservices. They also serve as a starting point for researchers wishing to establish new research directions on securing microservices.
△ Less
Submitted 27 April, 2021;
originally announced April 2021.
-
Continuous Reasoning for Managing Next-Gen Distributed Applications
Authors:
Stefano Forti,
Antonio Brogi
Abstract:
Continuous reasoning has proven effective in incrementally analysing changes in application codebases within Continuous Integration/Continuous Deployment (CI/CD) software release pipelines. In this article, we present a novel declarative continuous reasoning approach to support the management of multi-service applications over the Cloud-IoT continuum, in particular when infrastructure variations i…
▽ More
Continuous reasoning has proven effective in incrementally analysing changes in application codebases within Continuous Integration/Continuous Deployment (CI/CD) software release pipelines. In this article, we present a novel declarative continuous reasoning approach to support the management of multi-service applications over the Cloud-IoT continuum, in particular when infrastructure variations impede meeting application's hardware, software, IoT or network QoS requirements. We show how such an approach brings considerable speed-ups compared to non-incremental reasoning.
△ Less
Submitted 21 September, 2020;
originally announced September 2020.
-
FaaSten Your Decisions: Classification Framework and Technology Review of Function-as-a-Service Platforms
Authors:
Vladimir Yussupov,
Jacopo Soldani,
Uwe Breitenbücher,
Antonio Brogi,
Frank Leymann
Abstract:
Function-as-a-Service (FaaS) is a cloud service model enabling developers to offload event-driven executable snippets of code. The execution and management of such functions becomes a FaaS provider's responsibility, hereby included their on-demand provisioning and automatic scaling. Key enablers for this cloud service model are FaaS platforms, e.g., AWS Lambda, Microsoft Azure Functions or OpenFaa…
▽ More
Function-as-a-Service (FaaS) is a cloud service model enabling developers to offload event-driven executable snippets of code. The execution and management of such functions becomes a FaaS provider's responsibility, hereby included their on-demand provisioning and automatic scaling. Key enablers for this cloud service model are FaaS platforms, e.g., AWS Lambda, Microsoft Azure Functions or OpenFaaS. At the same time, the choice of the most appropriate FaaS platform for deploying and running a serverless application is not trivial, as various organizational and technical aspects have to be taken into account. In this work, we present (i) a FaaS platform classification framework derived using a mixed method study and (ii) a systematic technology review of the ten most prominent FaaS platforms, based on the proposed classification framework. Moreover, we present (iii) a FaaS platform selection support system, called \faastener, which helps researchers and practitioners to choose the FaaS platform most suited for their requirements.
△ Less
Submitted 1 April, 2020;
originally announced April 2020.
-
Component-aware Orchestration of Cloud-based Enterprise Applications, from TOSCA to Docker and Kubernetes
Authors:
Matteo Bogo,
Jacopo Soldani,
Davide Neri,
Antonio Brogi
Abstract:
Enterprise IT is currently facing the challenge of coordinating the management of complex, multi-component applications across heterogeneous cloud platforms. Containers and container orchestrators provide a valuable solution to deploy multi-component applications over cloud platforms, by coupling the lifecycle of each application component to that of its hosting container. We hereby propose a solu…
▽ More
Enterprise IT is currently facing the challenge of coordinating the management of complex, multi-component applications across heterogeneous cloud platforms. Containers and container orchestrators provide a valuable solution to deploy multi-component applications over cloud platforms, by coupling the lifecycle of each application component to that of its hosting container. We hereby propose a solution for going beyond such a coupling, based on the OASIS standard TOSCA and on Docker. We indeed propose a novel approach for deploying multi-component applications on top of existing container orchestrators, which allows to manage each component independently from the container used to run it. We also present prototype tools implementing our approach, and we show how we effectively exploited them to carry out a concrete case study.
△ Less
Submitted 6 May, 2020; v1 submitted 5 February, 2020;
originally announced February 2020.
-
Design principles, architectural smells and refactorings for microservices: A multivocal review
Authors:
Antonio Brogi,
Davide Neri,
Jacopo Soldani,
Olaf Zimmermann
Abstract:
Potential benefits such as agile service delivery have led many companies to deliver their business capabilities through microservices. Bad smells are however always around the corner, as witnessed by the considerable body of literature discussing architectural smells that possibly violate the design principles of microservices. In this paper, we systematically review the white and grey literature…
▽ More
Potential benefits such as agile service delivery have led many companies to deliver their business capabilities through microservices. Bad smells are however always around the corner, as witnessed by the considerable body of literature discussing architectural smells that possibly violate the design principles of microservices. In this paper, we systematically review the white and grey literature on the topic, in order to identify the most recognised architectural smells for microservices and to discuss the architectural refactorings allowing to resolve them.
△ Less
Submitted 10 September, 2019; v1 submitted 4 June, 2019;
originally announced June 2019.
-
Probabilistic QoS-aware Placement of VNF chains at the Edge
Authors:
Stefano Forti,
Federica Paganelli,
Antonio Brogi
Abstract:
Deploying IoT-enabled Virtual Network Function (VNF) chains to Cloud-Edge infrastructures requires determining a placement for each VNF that satisfies all set deployment requirements as well as a software-defined routing of traffic flows between consecutive functions that meets all set communication requirements. In this article, we present a declarative solution, EdgeUsher, to the problem of how…
▽ More
Deploying IoT-enabled Virtual Network Function (VNF) chains to Cloud-Edge infrastructures requires determining a placement for each VNF that satisfies all set deployment requirements as well as a software-defined routing of traffic flows between consecutive functions that meets all set communication requirements. In this article, we present a declarative solution, EdgeUsher, to the problem of how to best place VNF chains to Cloud-Edge infrastructures. EdgeUsher can determine all eligible placements for a set of VNF chains to a Cloud-Edge infrastructure so to satisfy all of their hardware, IoT, security, bandwidth, and latency requirements. It exploits probability distributions to model the dynamic variations in the available Cloud-Edge infrastructure, and to assess output eligible placements against those variations.
△ Less
Submitted 15 February, 2021; v1 submitted 1 June, 2019;
originally announced June 2019.
-
How to Place Your Apps in the Fog -- State of the Art and Open Challenges
Authors:
Antonio Brogi,
Stefano Forti,
Carlos Guerrero,
Isaac Lera
Abstract:
Fog computing aims at extending the Cloud towards the IoT so to achieve improved QoS and to empower latency-sensitive and bandwidth-hungry applications. The Fog calls for novel models and algorithms to distribute multi-service applications in such a way that data processing occurs wherever it is best-placed, based on both functional and non-functional requirements. This survey reviews the existing…
▽ More
Fog computing aims at extending the Cloud towards the IoT so to achieve improved QoS and to empower latency-sensitive and bandwidth-hungry applications. The Fog calls for novel models and algorithms to distribute multi-service applications in such a way that data processing occurs wherever it is best-placed, based on both functional and non-functional requirements. This survey reviews the existing methodologies to solve the application placement problem in the Fog, while pursuing three main objectives. First, it offers a comprehensive overview on the currently employed algorithms, on the availability of open-source prototypes, and on the size of test use cases. Second, it classifies the literature based on the application and Fog infrastructure characteristics that are captured by available models, with a focus on the considered constraints and the optimised metrics. Finally, it identifies some open challenges in application placement in the Fog.
△ Less
Submitted 27 November, 2019; v1 submitted 17 January, 2019;
originally announced January 2019.
-
Secure Cloud-Edge Deployments, with Trust
Authors:
Stefano Forti,
Gian-Luigi Ferrari,
Antonio Brogi
Abstract:
Assessing the security level of IoT applications to be deployed to heterogeneous Cloud-Edge infrastructures operated by different providers is a non-trivial task. In this article, we present a methodology that permits to express security requirements for IoT applications, as well as infrastructure security capabilities, in a simple and declarative manner, and to automatically obtain an explainable…
▽ More
Assessing the security level of IoT applications to be deployed to heterogeneous Cloud-Edge infrastructures operated by different providers is a non-trivial task. In this article, we present a methodology that permits to express security requirements for IoT applications, as well as infrastructure security capabilities, in a simple and declarative manner, and to automatically obtain an explainable assessment of the security level of the possible application deployments. The methodology also considers the impact of trust relations among different stakeholders using or managing Cloud-Edge infrastructures. A lifelike example is used to showcase the prototyped implementation of the methodology.
△ Less
Submitted 5 September, 2019; v1 submitted 16 January, 2019;
originally announced January 2019.
