System and method for reasoning about the optimality of a configuration parameter of a distributed system
Abstract
Embodiments provide a system and method for reasoning about the optimality of a configuration parameter of a distributed system. During operation, the system obtains a multi-layer graph for a system with a plurality of components, wherein the multi-layer graph comprises a configuration subgraph, a vulnerability subgraph, and a dependency subgraph. The system determines, based on the multi-layer graph, constraint relationships associated with configuration parameters for the components, wherein the constraint relationships include security constraints and functionality constraints. The system computes an unsatisfiable core which comprises a set of mutually incompatible constraints. The system resolves, based on a strategy and over multiple iterations, the unsatisfiable core by analyzing one pair of mutually incompatible constraints per a respective iteration, to obtain a new unsatisfiable core which comprises a smaller number of mutually incompatible constraints than the computed unsatisfiable core or a previously computed unsatisfiable core from a most recent iteration.
- Inventors:
- Issue Date:
- Research Org.:
- Palo Alto Research Center Incorporated, CA (United States)
- Sponsoring Org.:
- USDOE; Defense Advanced Research Projects Agency (DARPA)
- OSTI Identifier:
- 1986758
- Patent Number(s):
- 11483354
- Application Number:
- 16/923,763
- Assignee:
- Palo Alto Research Center Incorporated (Palo Alto, CA)
- DOE Contract Number:
- FA8750-18-2-0147
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 07/08/2020
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Soroush, Hamed, and Rane, Shantanu. System and method for reasoning about the optimality of a configuration parameter of a distributed system. United States: N. p., 2022.
Web.
Soroush, Hamed, & Rane, Shantanu. System and method for reasoning about the optimality of a configuration parameter of a distributed system. United States.
Soroush, Hamed, and Rane, Shantanu. Tue .
"System and method for reasoning about the optimality of a configuration parameter of a distributed system". United States. https://www.osti.gov/servlets/purl/1986758.
@article{osti_1986758,
title = {System and method for reasoning about the optimality of a configuration parameter of a distributed system},
author = {Soroush, Hamed and Rane, Shantanu},
abstractNote = {Embodiments provide a system and method for reasoning about the optimality of a configuration parameter of a distributed system. During operation, the system obtains a multi-layer graph for a system with a plurality of components, wherein the multi-layer graph comprises a configuration subgraph, a vulnerability subgraph, and a dependency subgraph. The system determines, based on the multi-layer graph, constraint relationships associated with configuration parameters for the components, wherein the constraint relationships include security constraints and functionality constraints. The system computes an unsatisfiable core which comprises a set of mutually incompatible constraints. The system resolves, based on a strategy and over multiple iterations, the unsatisfiable core by analyzing one pair of mutually incompatible constraints per a respective iteration, to obtain a new unsatisfiable core which comprises a smaller number of mutually incompatible constraints than the computed unsatisfiable core or a previously computed unsatisfiable core from a most recent iteration.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2022},
month = {10}
}
Works referenced in this record:
Information Handling System Performance Optimization System
patent-application, September 2013
- Farhan, Munif; Sauber, William
- US Patent Application 13/411911; 20130232331
Platform for Protecting Small and Medium Enterprises from Cyber Security Threats
patent-application, July 2017
- Shabtai, Asaf; Elovici, Yuval; Peylo, Christoph
- US Patent Application 15/393272; 20170195349
Network Device Configuration Framework
patent-application, February 2016
- Sheshadri, Sandeep Koushik; Patel, Parveen Kumar; Venkatesh, Varun
- US Patent Application 14/680751; 20160050116