面向分布式关键任务系统的自律可信性模型及其分析
|
摘要
分布式关键任务系统对可信性有较高要求,然而随着网络环境的日益恶化,蓄意攻击、系统随机故障和偶发事故等可信性威胁(Threats to Dependability, TtD)不可避免地发生,由此导致偏离使命、中断运行、软件失效、崩溃死机,甚至造成失泄密或人身财产危害,使得分布式关键任务系统面临的可信性威胁日益严峻。与此同时,由于并行计算、泛在计算和移动计算技术的推动,系统规模持续扩大、结构愈发复杂、目标日益多样性,系统自身的管理复杂性已成为一项巨大的挑战,然而传统可信性增强方法在获得可信性提升的同时往往极大地加剧了系统复杂性,已不再适应当前的发展,亟需一种新的细粒度可信性方法来解决分布式关键任务系统面临的问题。在此条件下,自律计算技术由于其“以技术管理技术”的特性,具备自主管理的能力,并在“自恢复”、“自保护”等属性中蕴含可信特性,被认为可信性实现的一种新途径,因此自律可信性应运而生。但是当前对自律可信性的研究尚处于初期阶段,自律可信性实现大多采用基于规则的模式进行,对于自律可信性模型尤其是形式化模型缺少研究,无法从全局上分析各种影响因素,指导自律可信性后续研究和发展。
针对目前自律可信性模型面临的问题,本文首先提出一种分布式关键任务系统自律可信性形式化模型,分级应对各种可信性威胁,为后续研究提供理论基础。在此基础上对自律可信性的三项核心属性“自省”、“自恢复”和“自毁”分别进行研究,分析影响分布式关键任务系统自律可信性的关键因素,为自律可信性模型的改进和完善提供参考。主要研究内容组织如下:
首先,提出一种基于SM-PEPA (Semi-Markov Performance Evaluation Process Algebra)的分布式关键任务系统自律可信性形式化模型。通过对自律可信性概念及其核心属性的研究,建立分布式关键任务系统自律可信性模型,在自省机制控制下综合采用“自容忍”、“自恢复”、“自毁”等手段分级应对不同程度的可信性威胁。在此基础上,采用SM-PEPA形式化语言对模型进行描述,允许动作变迁速率服从一般分布以提高模型的普适性,并从稳态概率角度提出了一种自律可信性的量化方法,尝试利用自律可信指数分析各属性对于自律可信性的影响。自律可信性模型是后续章节开展的基础。
其次,提出一种分布式关键任务系统分层自省方法。通过借鉴自律计算领域现有研究成果,对分布式关键任务系统系统组件进行自律化处理。在此基础上,综合考虑内外部环境感知提出一种分层自省框架,利用局部自省降低自省时延和开销,利用全局自省保证系统层面可信目标的实现。进而针对现有自省模型缺乏理论推导基础,提出了一种基于π演算的自省描述方法,从更高地抽象层次检验自省机制,减少自省框架的漏洞,满足系统对可信性的需求。自省机制为后续自恢复和自毁研究提供了自管理基础。
再次,提出一种基于PEPA (Performance Evaluation Process Algebra)流近似的自恢复分析方法。针对分布式关键任务系统自恢复过程中的分析复杂性问题,在对自恢复需求和代表性恢复结构研究的基础上,提出一种基于PEPA流近似的分布式关键任务系统自恢复分析方法,综合考虑了自律控制过程和组件的加入与退出。通过把PEPA转化为ODEs (Ordinary Deferential Equations),避免了传统markov过程分析的状态空间爆炸问题。实验结果显示,与传统的基于状态的自恢复分析方法相比,本方法可把模型求解时间控制在线性时间内,在组件数量较多时具有良好的效果。
最后,提出一种基于细胞凋亡启发的自毁方法。借鉴生物细胞凋亡过程,以自省结构为依托,建立具有主被动结合方式的自毁结构,实现分布式关键任务系统的软件自毁。在此基础上,采用MRSPN (Markov Regeneration Stochastic Petri Net)对自毁过程进行描述,以提供一种量化分析的手段,提出的自毁方法具有平台和语言无关性,可以被广泛的用作自律可信性保障的终极手段。通过对模型各关键参数的分析,实验结果显示,减小心跳失效和自毁执行时间,可以增加系统的自律可信性。
The special application of distributed mission-critical system raises higher demands for dependability. However, as the increasing deterioration of the network environment, the occurrence of various of Threats to Dependability(TtD), such as attacks, error and accidents is inevitable, which leads to deviations from the mission, operation interrupted, software failure, collapse of the crash, or even compromised or personal/property damages. Thus the TtD of distributed mission-critical system becomes increasingly serious. At the same time, the advancements in parallel computing, ubiquitous computing and mobile technology bring larger system scales, more complex architectures and growing diversity of targets, therefore the system management complexity has also become a great challenge. However, the traditional methods usually greatly increase the complexity of systems while improving dependability, thus they are not adaptable to the new situation and an new fine-grained approach of improving dependability for distributed mission-critical system is in great needs. In this case, for the characteristic of "technology ruled by technology", Autonomic Computing (AC) has the capability of self-management and its features of self-healing and self-protection contain dependability characteristics, so autonomic computing has been thought to be a new method to realize dependability and autonomic dependability is brought to public attention. But nowadays, the researches about autonomic dependability are still in their early stages, and most of autonomic dependability applications are rule-based, lacking of autonomic dependability model, specially a formal one. The status causes it hard to analyze the impacts from the key parameters in a global perspective, and hinders further developments.
For the current problem of autonomic dependability, firstly a formal model of autonomic dependability for distributed mission-critical system is proposed in this paper, which can response to TtD in different levels and provide a theory basement for further study. On this basis, the core features of autonomic dependability, that is, self-reflection, self-healing and self-destruction are separately studied to analyze key factors to autonomic dependability, which can be used for refining and improving the model. The main contents are organized as follows.
Firstly, a formal model of autonomic dependability for distributed mission-critical system is proposed based on SM-PEPA(Semi-Markov Performance Evaluation Algebra). The concepts and core features are studied at the beginning. And then an autonomic dependability model for distributed mission-critical system is built, in which the approaches of self-tolerance, self-healing and self-destruction are used to response to TtD in different levels under control of self-reflection. Furthermore, the model proposed is described by a formal language, SM-PEPA, which allows a rate of action following a general distribution. Based on this, a qualification method of autonomic computing is presented from a steady-state probability perspective, and autonomic dependability index is used as a metric to analyze the impacts of parameters on autonomic dependability. The autonomic dependability model is the base for subsequent chapters.
Secondly, a layered self-reflection method for distributed mission-critical system is proposed. Accounting for existing research results of autonomic computing, the Autonomic Feedback Control loop(AFC) is designed, and the components are modified to be autonomic by adding the AFCs. Then we combine the context -awareness and self-awareness to set up a two-layered self-reflection architecture. In the architecture, the local self-reflection is helpful to decrease the cost of Autonomic Element(AE) in the self-reflection process, and the global self-reflection acts as a safeguard for the consistency of all parts. Due to the shortcoming of current model based on natural language or graph,π-calculus is used to describe the self-reflection architecture formally from higher and abstract level, reducing vulnerabilities. The self-reflection mechanism provides a precondition of self-management for self-healing and destruction in chapter 3 and 4.
Thirdly, an analysis method of self-healing for distributed mission-critical system is proposed based on fluid-flow approximation of PEPA. According to the complexity of analyzing self-healing, a new analysis method of self-healing is built on the use of fluid-flow approximation of PEPA after studying requirements and representative architectures of self-healing for distributed mission-critical systems. In the method, we consider the process of self-reflection as well as the addition and deletion of components. Then PEPA could be converted to Ordinary Differential Equations (ODEs) to avoid state-space explosion confronted by Markov process currently. The experimental results show that comparing to traditional state-based methods, our work is with a good result by limiting the solution time in linear time, when there are a large number of component in the process of self-healing.
Lastly, a self-destruction method for distributed mission-critical system inspired by apoptosis is proposed. According to the process of apoptosis in biological systems, a self-destruction structure in a combination of active and passive mode is designed for the software destruction of distributed mission-critical system on the basis of self-reflection. Based on this, MRSPN(Markov Regeneration Stochastic Petri Net) is used to modeling the process of self-destruction to provide a qualification analysis approach. This self-destruction method can be widely used as an ultra protection way for autonomic dependability. After analyzing the key parameters in the MRSPN model, simulation experiments prove that decreasing the failure of heartbeat and time used for destruction can improve the autonomic dependability.
针对目前自律可信性模型面临的问题,本文首先提出一种分布式关键任务系统自律可信性形式化模型,分级应对各种可信性威胁,为后续研究提供理论基础。在此基础上对自律可信性的三项核心属性“自省”、“自恢复”和“自毁”分别进行研究,分析影响分布式关键任务系统自律可信性的关键因素,为自律可信性模型的改进和完善提供参考。主要研究内容组织如下:
首先,提出一种基于SM-PEPA (Semi-Markov Performance Evaluation Process Algebra)的分布式关键任务系统自律可信性形式化模型。通过对自律可信性概念及其核心属性的研究,建立分布式关键任务系统自律可信性模型,在自省机制控制下综合采用“自容忍”、“自恢复”、“自毁”等手段分级应对不同程度的可信性威胁。在此基础上,采用SM-PEPA形式化语言对模型进行描述,允许动作变迁速率服从一般分布以提高模型的普适性,并从稳态概率角度提出了一种自律可信性的量化方法,尝试利用自律可信指数分析各属性对于自律可信性的影响。自律可信性模型是后续章节开展的基础。
其次,提出一种分布式关键任务系统分层自省方法。通过借鉴自律计算领域现有研究成果,对分布式关键任务系统系统组件进行自律化处理。在此基础上,综合考虑内外部环境感知提出一种分层自省框架,利用局部自省降低自省时延和开销,利用全局自省保证系统层面可信目标的实现。进而针对现有自省模型缺乏理论推导基础,提出了一种基于π演算的自省描述方法,从更高地抽象层次检验自省机制,减少自省框架的漏洞,满足系统对可信性的需求。自省机制为后续自恢复和自毁研究提供了自管理基础。
再次,提出一种基于PEPA (Performance Evaluation Process Algebra)流近似的自恢复分析方法。针对分布式关键任务系统自恢复过程中的分析复杂性问题,在对自恢复需求和代表性恢复结构研究的基础上,提出一种基于PEPA流近似的分布式关键任务系统自恢复分析方法,综合考虑了自律控制过程和组件的加入与退出。通过把PEPA转化为ODEs (Ordinary Deferential Equations),避免了传统markov过程分析的状态空间爆炸问题。实验结果显示,与传统的基于状态的自恢复分析方法相比,本方法可把模型求解时间控制在线性时间内,在组件数量较多时具有良好的效果。
最后,提出一种基于细胞凋亡启发的自毁方法。借鉴生物细胞凋亡过程,以自省结构为依托,建立具有主被动结合方式的自毁结构,实现分布式关键任务系统的软件自毁。在此基础上,采用MRSPN (Markov Regeneration Stochastic Petri Net)对自毁过程进行描述,以提供一种量化分析的手段,提出的自毁方法具有平台和语言无关性,可以被广泛的用作自律可信性保障的终极手段。通过对模型各关键参数的分析,实验结果显示,减小心跳失效和自毁执行时间,可以增加系统的自律可信性。
The special application of distributed mission-critical system raises higher demands for dependability. However, as the increasing deterioration of the network environment, the occurrence of various of Threats to Dependability(TtD), such as attacks, error and accidents is inevitable, which leads to deviations from the mission, operation interrupted, software failure, collapse of the crash, or even compromised or personal/property damages. Thus the TtD of distributed mission-critical system becomes increasingly serious. At the same time, the advancements in parallel computing, ubiquitous computing and mobile technology bring larger system scales, more complex architectures and growing diversity of targets, therefore the system management complexity has also become a great challenge. However, the traditional methods usually greatly increase the complexity of systems while improving dependability, thus they are not adaptable to the new situation and an new fine-grained approach of improving dependability for distributed mission-critical system is in great needs. In this case, for the characteristic of "technology ruled by technology", Autonomic Computing (AC) has the capability of self-management and its features of self-healing and self-protection contain dependability characteristics, so autonomic computing has been thought to be a new method to realize dependability and autonomic dependability is brought to public attention. But nowadays, the researches about autonomic dependability are still in their early stages, and most of autonomic dependability applications are rule-based, lacking of autonomic dependability model, specially a formal one. The status causes it hard to analyze the impacts from the key parameters in a global perspective, and hinders further developments.
For the current problem of autonomic dependability, firstly a formal model of autonomic dependability for distributed mission-critical system is proposed in this paper, which can response to TtD in different levels and provide a theory basement for further study. On this basis, the core features of autonomic dependability, that is, self-reflection, self-healing and self-destruction are separately studied to analyze key factors to autonomic dependability, which can be used for refining and improving the model. The main contents are organized as follows.
Firstly, a formal model of autonomic dependability for distributed mission-critical system is proposed based on SM-PEPA(Semi-Markov Performance Evaluation Algebra). The concepts and core features are studied at the beginning. And then an autonomic dependability model for distributed mission-critical system is built, in which the approaches of self-tolerance, self-healing and self-destruction are used to response to TtD in different levels under control of self-reflection. Furthermore, the model proposed is described by a formal language, SM-PEPA, which allows a rate of action following a general distribution. Based on this, a qualification method of autonomic computing is presented from a steady-state probability perspective, and autonomic dependability index is used as a metric to analyze the impacts of parameters on autonomic dependability. The autonomic dependability model is the base for subsequent chapters.
Secondly, a layered self-reflection method for distributed mission-critical system is proposed. Accounting for existing research results of autonomic computing, the Autonomic Feedback Control loop(AFC) is designed, and the components are modified to be autonomic by adding the AFCs. Then we combine the context -awareness and self-awareness to set up a two-layered self-reflection architecture. In the architecture, the local self-reflection is helpful to decrease the cost of Autonomic Element(AE) in the self-reflection process, and the global self-reflection acts as a safeguard for the consistency of all parts. Due to the shortcoming of current model based on natural language or graph,π-calculus is used to describe the self-reflection architecture formally from higher and abstract level, reducing vulnerabilities. The self-reflection mechanism provides a precondition of self-management for self-healing and destruction in chapter 3 and 4.
Thirdly, an analysis method of self-healing for distributed mission-critical system is proposed based on fluid-flow approximation of PEPA. According to the complexity of analyzing self-healing, a new analysis method of self-healing is built on the use of fluid-flow approximation of PEPA after studying requirements and representative architectures of self-healing for distributed mission-critical systems. In the method, we consider the process of self-reflection as well as the addition and deletion of components. Then PEPA could be converted to Ordinary Differential Equations (ODEs) to avoid state-space explosion confronted by Markov process currently. The experimental results show that comparing to traditional state-based methods, our work is with a good result by limiting the solution time in linear time, when there are a large number of component in the process of self-healing.
Lastly, a self-destruction method for distributed mission-critical system inspired by apoptosis is proposed. According to the process of apoptosis in biological systems, a self-destruction structure in a combination of active and passive mode is designed for the software destruction of distributed mission-critical system on the basis of self-reflection. Based on this, MRSPN(Markov Regeneration Stochastic Petri Net) is used to modeling the process of self-destruction to provide a qualification analysis approach. This self-destruction method can be widely used as an ultra protection way for autonomic dependability. After analyzing the key parameters in the MRSPN model, simulation experiments prove that decreasing the failure of heartbeat and time used for destruction can improve the autonomic dependability.
引文
[1]Kephart J,Chess D. The vision of autonomic computing. Computer,2003,36(1):41-50P
[2]J.C. Laprie, ed. Dependability: basic concepts and terminology-in English, French, German, Italian and Japanese. Dependable Computing and Fault Tolerance. Springer-Verlag, Vienna, Dec 1,1991. ISBN:9780387822969.
[3]Laprie J. Dependability: A unifying concept for reliable computing and fault tolerance. Dependability of Resilient Computers,1989:1-28P
[4]Laprie, J.-C. Dependability: A unifying concept for reliable, safe, secure computing. In IFIP Congress,1992(1):585-593P
[5]Laprie J. Dependable computing: Concepts, limits, challenges, The 25th. IEEE International Symposium on Fault-Tolerant Computing, Pasadena, California, USA,1995: 42-54P
[6]Avi ienis A, Laprie J, Randell B, et al. Basic concepts and taxonomy of dependable and secure computing. IEEE transactions on dependable and secure computing,2004:11-33P
[7]IFIPWorkingGroup10.4. Dependable Computing and Fault Tolerance. http://www.dependability.org/wg10.4/,2010
[8]Tcsec D. Trusted computer system evaluation criteria. Technical Report 5200.28-STD, US Department of Defense,1985
[9]NCSC. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria.1988, july.
[10]National Computer Security Center. Trusted Database Management System Interpretation of the Trusted Computer System Evaluation. NCSC-TG-021,1991, Apirl.
[11]Schneider F. Trust in cyberspace, Natl Academy Press,1999.
[12]OpenTC consortium. General activities of OpenTC. http://www.opentc.net/index. php?option=com_content&task=view& id=13&Itemid=28,2006.
[13]Army TUS. Army CIO/G-6 500-Day Plan http://www.army.mil/ciog6/docs/CIOG6_AUSA05.pdf,2007
[14]Mundie C, de Vries P, Haynes P, et al. Trustworthy computing. Microsoft Corporation White Paper, Oktober,2003
[15]Benson J. St. John's University Outfits Students with the Technology Needed to Learn and Succeed. Technological Horizons In Education,2004.31(8):38-39P
[16]Microsoft. Trusted Platform Module Services in Windows Longhorn. http://www. microsoft.com/resources/ngscb/WinHEC05.mspx.2005.4.25
[17]Schoen S. Trusted computing: Promise and risk. Electronic Frontier Foundation Article, October 2003.
[18]NSF. Trustworthy Computing www.nsf.gov/funding/pgm_summ.jsp.2010
[19]李晓勇,左晓栋.沈昌祥.基于系统行为的计算平台可信证明.电子学报,2007.35(007):1234-1239页
[20]罗捷,严飞,余发江,等.可信计算平台模块密码机制研究.计算机应用,2008.28(008):1907-1911页
[21]林闯,田立勤.王元卓.可信网络中用户行为可信的研究.计算机研究与发展,2008.45(012):2033-2043页
[22]黄罡,王千祥,曹东刚,等.PKUAS:一种面向领域的构件运行支撑平台.电子学报,2002.30(12A):1938-1942页
[23]覃志东,雷航,桑楠,等.安全关键软件可靠性验证测试方法研究.航空学报,2005.26(003):334-339页
[24]曾晋,孙海龙,刘旭东,等.基于服务组合的可信软件动态演化机制.软件学报.2010,21(2):261-276页
[25]古亮,郭耀,王华,等.基于TPM的运行时软件可信证据收集机制.软件学报.2010,21(2):373-387页
[26]潘静,徐锋.吕建.面向可信服务选取的基于声誉的推荐者发现方法.软件学报.2010,21(2):388-400页
[27]Dobson S, Bailey E, Knox S, et al. A first approach to the closed-form specification and analysis of an autonomic control system, IEEE Computer Society,2007:229-237P
[28]Dobson S, Denazis S, Fernandez A, et al. A survey of autonomic communications. ACM Transactions on Autonomous and Adaptive Systems (TAAS),2006.1(2):233-259P
[29]Koehler J, Giblin C, Gantenbein D, et al. On autonomic computing architectures. Research Report (Computer Science) RZ,2003.3483-3487P
[30]Garlan D, Cheng S, Huang A, et al. Rainbow: Architecture-based self-adaptation with reusable infrastructure. Computer,2004:46-54P
[31]Sterritt R,Bantz D. Personal autonomic computing reflex reactions and self-healing. IEEE Transactions on Systems, Man, and Cybernetics, Part C:Applications and Reviews, 2006.36(3):304-314P
[32]Manoj B, Rao R.Zorzi M. Architectures and Protocols for Next Generation Cognitive Networking. Cognitive Wireless Networks:Concepts, Methodologies and Visions Inspiring the Age of Enlightenment of Wireless Communications,2007:265-271P
[33]Sterritt R, Parashar M, Tianfield H, et al. A concise introduction to autonomic computing. Advanced Engineering Informatics,2005.19(3):181-187P
[34]Tianfield H. Multi-agent autonomic architecture and its application in e-medicine, IEEE Computer Society Washington, DC, USA,2003:601-604P
[35]Tesauro G, Chess D, Walsh W, et al. A multi-agent systems approach to autonomic computing, IEEE Computer Society Washington, DC, USA,2004:464-471P
[36]White S, Hanson J, Whalley I, et al. An architectural approach to autonomic computing, Integrated Computer-Aided Engineering 2006,13(2):2-9P
[37]Bouchenak S, De Palma N, Hagimont D, et al. Autonomic management of internet services:Experience with self-optimization,2006
[38]Li Y, Sun K, Qiu J, et al. Self-reconfiguration of service-based systems:A case study for service level agreements and resource optimization,2005 IEEE International Conference on Web Services,2005:266-273P
[39]Topol B, Ogle D, Pierson D, et al. Automating problem determination: A first step toward self-healing computing systems. IBM white paper,2003
[40]Jarrett M, Seviora R. Diversity to enhance autonomic computing self-protection, First International Conference on Availability, Reliability and Security (ARES'06) 2006.
[41]Agrawal S, Bruno N, Chaudhuri S, et al. Autoadmin: Self-tuning database systemstechnology. IEEE Data Engineering Bulletin,2006.29(3):7-15P
[42]Patterson D,Brown A. Recovery oriented computing. ROC Retreat, Winter,2002
[43]Wells C. The OceanStore archive:Goals, structures, and selfrepair. UC Berkeley Masters Report,2002
[44]Lehman T,Kaufman J. OptimalGrid: middleware for automatic deployment of distributed FEM problems on an Internet-based computing grid:IEEE International Conference on Cluster Computing,2003:164-172P
[45]Garcia-Arellano C, Lightstone S, Lohman G, et al. Autonomic features of the IBM DB2 universal database for linux, UNIX, and windows. IEEE Transactions on Systems, Man, and Cybernetics, Part C:Applications and Reviews,2006.36(3):365-376P
[46]Microsystems S. N1. http://www.sun.com/software/nlgridsystem/.2007
[47]Pertet S, Narasimhan P, Wilkes J, et al. Prato:databases on demand, The 4th IEEE International Conference on. Autonomic Computing (ICAC'07). Jacksonville, USA, 2007,11.
[48]Dong X, Hariri S, Xue L, et al. Autonomia: an autonomic computing environment, IEEE International Conference on Performance, Computing, and Communications.2003: 61-68P
[49]Muller H, O'Brien L, Klein M, et al. Autonomic computing. Technical Note by Carnegie Mellon University,2006
[50]CORP. I. Automation Assessment Tool Preview.http://www-304.ibm.com/jct03002c/ software/tivoli/resource-center/overall/dem-auto-tool.jsp.2007
[51]MULLE H A O B L, KLEIN M, et al. Autonomic Computing. Carnegie Mellon University Software Engineering Institute technology report.2006, Apirl.
[52]IBM. The Autonomic Computing Edge: The "Standard" Way of Autonomic Computing. Available from:http://www-128.ibm.com/developerworks/autonomic/ library/ac-edge2.htm.2005
[53]M. R A. Standards Supporting Autonomic Computing: CIM. Presented to the Graduate School, Faculty of Engineering Alexandria University,2007
[54]McCann J,Huebscher M. Evaluation issues in autonomic computing. Lecture notes in computer science,2004:597-608P
[55]Paul Lin A M, and John Leaney. Defining autonomic computing: a software engineering perspective[Proceedings of the 2005 Australian conference on Software Engineering, 2005:88-97P
[56]Salehie M,Tahvildari L. Autonomic computing: emerging trends and open problems, SIGSOFT Software Engineering Notes,2005,30:1-7P
[57]IBM. An architectural blueprint for autonomic computing.white paper,2004. http://www-03.ibm.com/autonomic/pdfs/ACBP2_2004-10-04.pdf,2004
[58]IBM. An architectural blueprint for autonomic computing http://www-03. ibm.com_autonomic_pdfs_ACBlueprint White Paper V7,2005.
[59]Zhang H, Whang H.Zheng R. An Autonomic Evaluation Model of Complex Software, 2008:343-348 IEEE International Professional Communication Conference, Harbin,china,2008.
[60]Brown A,C.Redlin. Measuring the Effectiveness of Self-Healing Autonomic Systems. Proceedings of the Second International Conference on Autonomic Computing (ICAC'05). Seattle,Washington,USA,2005:328-329P
[61]Lau T,Shum P. Quantitative measurement of the autonomic capabilities of computing systems. Google Patents,2009.
[62]张海俊,史忠植.自主计算软件工程方法.小型微型计算机系统,2006.27(006):1077-1082页
[63]刘文洁,李战怀.虚拟化技术在基于自律计算的高可用性系统中的应用.计算机应用,2006.26(2):485-487页
[64]刘涛,曾国荪.吴长俊.异构网格环境下任务分配的自主计算方法.通信学报,2006.27(11):139-143页
[65]廖备水,李石坚,姚远,et a1.自主计算概念模型与实现方法研究Journal of Software,2008.19(4):779-802页
[66]廖备水,黄华新,高济.一种支持自治计算的基于可废止逻辑的柔性Agent,软件学报,软件学报,Vol.19, No.3, March 2008,605-620P
[67]臧铖,黄忠东.董金祥.基于状态的通用自主计算模型.计算机辅助设计与图形学学报,2007.19(11):1476-1481页
[68]Murch R. Autonomic computing, IBM Press,2004
[69]Ireland N. Autonomic Computing—a Means of Achieving Dependability?,10th IEEE International Conference and Workshop on the Engineering of Computer-Based Systems (ECBS'03). Huntsville, Alabama. April 07,2003:243-247P
[70]Kunii T. Autonomic and Trusted Computing for Ubiquitous Intelligence, In:Proc. of the 4th Int'l Conf. on Autonomic and Trusted Computing (ATC 2007). Berlin, Heidelberg: Springer-Verlag,2007.1-12P
[71]Tohma Y. Fault tolerance in autonomic computing environment. In:Proc. of the 2002 Pacific Rim Int'l Symp. on Dependable Computing. Tsukuba: IEEE Computer Society Press,2002.2503-2507P
[72]Baldini A, Benso A.Prinetto P. A dependable autonomic computing environment for self-testing of complex heterogeneous systems. Electronic Notes in Theoretical Computer Science,2005,116:45-57P
[73]Dai Y, Marshall T.Guan X. Autonomic and dependable computing: moving towards a model-driven approach. Journal of Computer Science,2006.2(6):496-504P
[74]Dumitras T, Rosu D, Dan A, Narasimhan P. Dynamic change management for minimal impact on dependability and performance in autonomic service-oriented architectures. Technical Report, CMU-CyLab-06-003, Pittsburgh: CyLab, Carnegie Mellon University, 2006.1-20P
[75]Troxel IA, George AD. Adaptable and autonomic mission manager for dependable aerospace computing. In: Proc. of the Symp. on Dependable, Autonomic and Secure Computing. Indianapolis: IEEE Computer Society Press,2006:11-18P
[76]邢栩嘉,林闯,蒋屹新.计算机系统脆弱性评估测评研究.计算机学报,2004,27(1):1-11页
[77]Want R, Hopper A, Falcao V, et al. The Active Badge Location System. ACM Transactions on Information Systems,1992.10(1):91-102P
[78]Baldauf M, Dustdar S, Florian a, et al. A survey on context-aware systems. International Journal of Ad Hoc and Ubiquitous Computing 2007(4):263-277P
[79]Schilit B,Theimer M. Disseminating Active Map Information to Mobile Hosts. IEEE Network,1994.8(5):22-32P
[80]Ryan N, Pascoe J.D. M. Enhanced reality field work:The context-aware archaeological assistant, Computer Applications in Archaeology. British Archaelogical Reports:Oxford, UK,1997
[81]Anind K. Dey, Gregory D. Abowd. The Context Toolkit: Aiding the development of context-aware applications. Proceedings of the ACM CHI,. Pittsburgh, PA,1999
[82]Hull R, Neaves P.Bedford-Roberts J. Towards situated computing. In Proceedings of the Inter-national Symposium on Wearable Computers. Cambridge, Mass, October,1997
[83]Brown P. The stick-e document:a framework for creating context-aware applications. ELECTRONIC PUBLISHING-CHICHESTER,1995,8:259-272P
[84]Dey A,Abowd G. Towards a better understanding of context and context-awareness, Proceedings of the 1st international symposium on Handheld and Ubiquitous Computing,Karlsruhe, Germany,1999:304-307P.
[85]Soldatos J, Pandis I, Stamatis K, et al. Agent based middleware infrastructure for autonomous context-aware ubiquitous computing services. Computer Communications, 2007.30(3):577-591P
[86]Strassner J, Samudrala S, Cox G, et al. The Design of a New Context-Aware Policy Model for Autonomic Networking, IEEE Computer Society,2008:119-128P
[87]Anthony R, Pelc M, Ward P, et al. A Run-Time Configurable Software Architecture for Self-Managing Systems, IEEE Computer Society,2008:207-208P
[88]Dawson D. Facilitating autonomic computing using reflection. http://hdl.handle. net/1828/1408,2009.
[89]Cybenko G, Berk V, Souza I, et al. Practical autonomic computing, Proceedings of the 30th Annual International Computer Software and Applications Conference 2006:3-14P
[90]Blair G, Coulson G, Blair L, et al. Reflection, self-awareness and self-healing in OpenORB, Proceedings of the first workshop on Self-healing systems,Charleston, South Carolina,2002:9-14P
[91]Gelenbe E, Lent R.Nunez A. Self-aware networks and QoS. Proceedings of the IEEE, 2004.92(9):1478-1489P
[92]Gelenbe E, Sakellari G.D' Arienzo M. Controlling Access to Preserve QoS in a Self-Aware Network, Proceedings of the First International Conference on Self-Adaptive and Self-Organizing Systems,2007:205-213P
[93]Gelenbe E,Loukas G.A self-aware approach to denial of service defence. Computer Networks,2007.51(5):1299-1314P
[94]Gelenbe E. Steps toward self-aware networks. Communications of the ACM,2009.52(7): 66-75P
[95]CAMBRIDGE M I O T, Agarwal A, Miller J, et al. Self-Aware Computing. Technical Report in Technical Report AFRL-RI-RS-TR-2009-161,June 2009.
[96]Parashar M,Hariri S. Autonomic computing: An overview. Lecture notes in computer science,2005,35:257-269P
[97]马晓星,张小蕾.吕建.自省的动态软件体系结构描述与实现.南京大学学报:自然科学版,2004.40(2):146-155页
[98]Dabrowski C,Mills K. Understanding self-healing in service-discovery systems, Proceedings of the first workshop on Self-healing systems,2002,Charleston, South Carolina.2002:15-20P
[99]Dashofy E, van der Hoek A.Taylor R. Towards architecture-based self-healing systems, Proceedings of the first workshop on Self-healing systems,2002,Charleston, South Carolina.2002:21-26P
[100]Sterritt R,Chung S. Personal autonomic computing self-healing tool. The 11th IEEE International Conference and Workshop on the Engineering of Computer-Based Systems (ECBS'04). Brno, Czech Republic May 24,2004:513-520P
[101]Gurguis S,Zeid A. Towards autonomic web services:Achieving self-healing using web services. ACM SIGSOFT Software Engineering Notes,2005.30(4):1-5P
[102]Elkorobarrutia X, Izagirre A.Sagardui G. A self-healing mechanism for state machine based components, Proceedings of the 1st International Conference on. Ubiquitous Computing,2006
[103]Angskun T, Fagg G, Bosilca G, et al. Self-healing network for scalable fault-tolerant runtime environments. Future Generation Computer Systems,2009
[104]王纪文,游静,许满武,刘凤玉.自恢复软件系统的建模与分析.系统仿真学报.2005,17(12):2912-2916,2921页
[105]刘文洁,李战怀,周云涛.基于自律计算的故障监视机制研究与设计.计算机科学.2010,37(8):155-157页
[106]K. Vaidyanathan and K. S. Trivedi. A comprehensive model for software rejuvenation. IEEE Trans.on Dependable and Secure Computing,2005,2(2):124-137P.
[107]Majzik and G. Huszerl. Towards dependability modeling of FT-CORBA architectures. In Proc. of the 4th European Dependable Computing Conference (EDCC'02),Toulouse, France, Oct,23-25,2002.pages 121-139P.
[108]G. Candea et al. Microreboot:A technique for cheap recovery.In the 6th symposium on operation systems design & implementation(OSDI'04), San Francisco, Dec,6-8,2004.pages 31-44P.
[109]Hichem Boudali, Hasan Sozer, Marielle Stoelinga. Architectural Availability Analysis of Software Decomposition for Local Recovery. TheThird IEEE International Conference on Secure Software Integration and Reliability Improvemen, shanghai China, Date:8-10 July 2009:14-21P
[110]Pereira E, Pereira R.Taleb-Bendiab A. Performance evaluation for self-healing distributed services and fault detection mechanisms. Journal of Computer and System Sciences,2006.72(7):1172-1182P
[111]Neti S,Muller H. Quality Criteria and an Analysis Framework for Self-Healing Systems, International Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS'07) Minneapolis, Minnesota, USA, May 26-27,2007,261-271P
[112]Lilien L,Bhargava B. A scheme for privacy-preserving data dissemination. IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans,2006. 36(3):503-506P
[113]赛迪网.文件可自毁和防拷贝.http://www0.ccidnet.com/news/industryexpress/ 2003/06/01/10388627.html.2003.
[114]豆丁网.美国自杀式硬盘防泄密被窃后可自毁数据.http://www.docin.com/ p-9973834.html,2009.
[115]Sterritt R,Hinchey M. Engineering ultimate self-protection in autonomic agents for space exploration missions, Sterritt R,Hinchey M. Engineering ultimate self-protection in autonomic agents for space exploration missions, Proceedings of 12th IEEE International Conference and Workshops on the Engineering of Computer-Based Systems.2005: 506-511P
[116]Geambasu R, Kohno T, Levy A, et al. Vanish:Increasing data privacy with self-destructing data.http://www.zdnetasia.com/whitepaper/vanish-increasing -data-privacy -with -self-destructing-data_wp-1204117.htm,2009.
[117]卢正添,李涛,胡晓勤,等一种数据自毁方法.计算机应用研究,2009,26(1):350-351页
[118]陈恩,刘晓洁,李涛,等.数据库销毁系统的设计与实现.计算机工程与设计,2008,29(10):2499-2501页
[119]杜娟.一种串口安全模块的设计与实现.计算机工程,2007,33(13):272-273页
[120]Jeremy TB. Semi-Markov PEPA:Modelling with generally distributed actions. International Journal of Simulation,2005,6(3):43-51P.
[121]Bingyang Li, Huiqiang Wang, Guangsheng Feng. Adaptive Hierarchical Intrusion Tolerant Model Based on Autonomic Computing.2008 International Conference on Security Technology, Sanya, Hainan China 2008:137-141P
[122]R. J. Ellison, D. A. Fisher, R. C. Linge, et al. Survivable Network Systems:An Emerging Discipline. Technical Report. CMU/SEI -97-TR-013:Pittsburgh, Carnegie Mellon university,1999:1-33P
[123]Jane H. Tuning systems:From composition to performance.the Journal Computer, 2005,48(4):385-400P
[124]Jeremy TB. Semi-Markov PEPA: Compositional modelling and analysis with generally distributed actions. In: Proceedings of 20th Annual UK Performance Engineering Workshop.Irfan Awan:University of Bradford,2004:266-275P
[125]Nicholas JD. Parallel Computation of Response Time Densities and Quantiles in Large Markov and Semi-Markov Models[PhD thesis]. London, United Kingdom:Imperial College, University of London,2004P
[126]Vibhu SS, Kishor ST. Quantifying software performance, reliability and security: An architecture-based approach. The Journal of Systems and Software,2007,80:493-509P
[127]殷丽华,方滨兴.入侵容忍系统安全属性分析.计算机学报.2009,29(8):1505-1512P
[128]Jeremy TB, Nicholas JD, Peter GH, et al. Distributed Computation of Transient State Distributions and Passage Time Quantiles in Large Semi-Markov Models. Future Generation Computer Systems,2006,22(7):828-837P
[129]R. Milner, J. Parrow and D. Walker, "A calculus of mobile processes," Journal of Information and Computation, Elsevier Science Press, Volume 100, Issues 1,1992,1: 1-77P
[130]Alan Jeffrey, Julian Rathke. Full abstraction for polymorphic x-calculus. Theoretical Computer Science, Elsevier Science Press,2008,390(2-3):171-196P
[131]Jonathan Appavoo, Kevin Hui,Craig A. N. Soules,et al.. Enabling Autonomic System Software with Hot-Swapping. http://www.research. ibm.com/K42/papers/auto-vis. pdf,2003.
[132]王一川,石纯一.基于π演算的一种Agent组织模型.计算机研究与发展,2003,2003,40(2):163-167P
[133]Bjorn Victor. The Mobility Workbench.http://www.it.uu.se/research/group/mobility/ mwb,2011
[134]Jeremy T. Bradley, Stephen T. Gilmore, Jane Hillston. Analysing distributed Internet worm attacks using continuous state-space approximation of process algebra models. Journal of Computer and System Sciences.2008,74:1013-1032P
[135]Jane Hillston, Fluid flow approximation of PEPA models, Proceedings of the 2nd International Conference on Quantitative Evaluation of Systems, Torino, IEEE Computer Society Press, September 2005:33-42P
[136]Richard A. Hayden,Jeremy T. Bradley. Fluid semantics for passive stochastic process algebra cooperation.International Conference On Performance Evaluation Methodologies And Tools. Athens, Greece.2008.
[137]Huang Y, Kintala C, Kolettis N, et al. Software rejuvenation:analysis, module and applications. Twenty-Fifth International Symposium on Fault-Tolerant Computing. Pasadena, CA, USA.27-30 Jun 1995:381-390P
[138]Felicita Di Giandomenico, Marta Kwiatkowska, Marco Martinucci, et al. Dependability Analysis and Verification for Connected Systems.4th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISOLA'10), Springer, October 2010,volume 6416 of LNCS,263-277P
[139]S Garg, A Puliafito, M Telek and K S Trivedi. Analysis of Software Rejuvenation using Markov Regenerative, Proc. Of the Sixth International Symposium on Software Reliability Engineering,1995:24-27P
[140]M Degli Esposti. Mitochondria in apoptosis:past, present and future. Biochemical Society Transactions.2004,32:493-495P
[141]Satish A Polshettiwar, C G Deshpande, Anand M Kudal, et al. P53 Gene Therapy: A Potential Panacea To Cancer.http://www.pharmainfo.net/reviews/p53-gene-therapy-potential - panacea-cancer.Nov.30,2007.
[142]John W K. Apoptosis. http://users.rcn.com/jkimball.ma.ultranet/BiologyPages/A/ Apoptosis. html 201 O.July.
[143]Bruce Eckel.Thinking in C++.Upper Saddle River, USA: Prentice-Hall, Inc.2002,Sep.
[144]James F. Allen, George Ferguson. Actions and Events in Interval Temporal Logic. The University of Rochester,Technical Report 521. July 1994.
[145]林闯.随机Petri网和系统性能评价.北京:清华大学出版社.2005,04.
[146]B B Madana, G P Katerina, K Vaidyanathan, et al. A method for modeling and quantifying the security attributes of intrusion tolerant systems. Performance Evaluation. 2004,56:167-186P
[2]J.C. Laprie, ed. Dependability: basic concepts and terminology-in English, French, German, Italian and Japanese. Dependable Computing and Fault Tolerance. Springer-Verlag, Vienna, Dec 1,1991. ISBN:9780387822969.
[3]Laprie J. Dependability: A unifying concept for reliable computing and fault tolerance. Dependability of Resilient Computers,1989:1-28P
[4]Laprie, J.-C. Dependability: A unifying concept for reliable, safe, secure computing. In IFIP Congress,1992(1):585-593P
[5]Laprie J. Dependable computing: Concepts, limits, challenges, The 25th. IEEE International Symposium on Fault-Tolerant Computing, Pasadena, California, USA,1995: 42-54P
[6]Avi ienis A, Laprie J, Randell B, et al. Basic concepts and taxonomy of dependable and secure computing. IEEE transactions on dependable and secure computing,2004:11-33P
[7]IFIPWorkingGroup10.4. Dependable Computing and Fault Tolerance. http://www.dependability.org/wg10.4/,2010
[8]Tcsec D. Trusted computer system evaluation criteria. Technical Report 5200.28-STD, US Department of Defense,1985
[9]NCSC. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria.1988, july.
[10]National Computer Security Center. Trusted Database Management System Interpretation of the Trusted Computer System Evaluation. NCSC-TG-021,1991, Apirl.
[11]Schneider F. Trust in cyberspace, Natl Academy Press,1999.
[12]OpenTC consortium. General activities of OpenTC. http://www.opentc.net/index. php?option=com_content&task=view& id=13&Itemid=28,2006.
[13]Army TUS. Army CIO/G-6 500-Day Plan http://www.army.mil/ciog6/docs/CIOG6_AUSA05.pdf,2007
[14]Mundie C, de Vries P, Haynes P, et al. Trustworthy computing. Microsoft Corporation White Paper, Oktober,2003
[15]Benson J. St. John's University Outfits Students with the Technology Needed to Learn and Succeed. Technological Horizons In Education,2004.31(8):38-39P
[16]Microsoft. Trusted Platform Module Services in Windows Longhorn. http://www. microsoft.com/resources/ngscb/WinHEC05.mspx.2005.4.25
[17]Schoen S. Trusted computing: Promise and risk. Electronic Frontier Foundation Article, October 2003.
[18]NSF. Trustworthy Computing www.nsf.gov/funding/pgm_summ.jsp.2010
[19]李晓勇,左晓栋.沈昌祥.基于系统行为的计算平台可信证明.电子学报,2007.35(007):1234-1239页
[20]罗捷,严飞,余发江,等.可信计算平台模块密码机制研究.计算机应用,2008.28(008):1907-1911页
[21]林闯,田立勤.王元卓.可信网络中用户行为可信的研究.计算机研究与发展,2008.45(012):2033-2043页
[22]黄罡,王千祥,曹东刚,等.PKUAS:一种面向领域的构件运行支撑平台.电子学报,2002.30(12A):1938-1942页
[23]覃志东,雷航,桑楠,等.安全关键软件可靠性验证测试方法研究.航空学报,2005.26(003):334-339页
[24]曾晋,孙海龙,刘旭东,等.基于服务组合的可信软件动态演化机制.软件学报.2010,21(2):261-276页
[25]古亮,郭耀,王华,等.基于TPM的运行时软件可信证据收集机制.软件学报.2010,21(2):373-387页
[26]潘静,徐锋.吕建.面向可信服务选取的基于声誉的推荐者发现方法.软件学报.2010,21(2):388-400页
[27]Dobson S, Bailey E, Knox S, et al. A first approach to the closed-form specification and analysis of an autonomic control system, IEEE Computer Society,2007:229-237P
[28]Dobson S, Denazis S, Fernandez A, et al. A survey of autonomic communications. ACM Transactions on Autonomous and Adaptive Systems (TAAS),2006.1(2):233-259P
[29]Koehler J, Giblin C, Gantenbein D, et al. On autonomic computing architectures. Research Report (Computer Science) RZ,2003.3483-3487P
[30]Garlan D, Cheng S, Huang A, et al. Rainbow: Architecture-based self-adaptation with reusable infrastructure. Computer,2004:46-54P
[31]Sterritt R,Bantz D. Personal autonomic computing reflex reactions and self-healing. IEEE Transactions on Systems, Man, and Cybernetics, Part C:Applications and Reviews, 2006.36(3):304-314P
[32]Manoj B, Rao R.Zorzi M. Architectures and Protocols for Next Generation Cognitive Networking. Cognitive Wireless Networks:Concepts, Methodologies and Visions Inspiring the Age of Enlightenment of Wireless Communications,2007:265-271P
[33]Sterritt R, Parashar M, Tianfield H, et al. A concise introduction to autonomic computing. Advanced Engineering Informatics,2005.19(3):181-187P
[34]Tianfield H. Multi-agent autonomic architecture and its application in e-medicine, IEEE Computer Society Washington, DC, USA,2003:601-604P
[35]Tesauro G, Chess D, Walsh W, et al. A multi-agent systems approach to autonomic computing, IEEE Computer Society Washington, DC, USA,2004:464-471P
[36]White S, Hanson J, Whalley I, et al. An architectural approach to autonomic computing, Integrated Computer-Aided Engineering 2006,13(2):2-9P
[37]Bouchenak S, De Palma N, Hagimont D, et al. Autonomic management of internet services:Experience with self-optimization,2006
[38]Li Y, Sun K, Qiu J, et al. Self-reconfiguration of service-based systems:A case study for service level agreements and resource optimization,2005 IEEE International Conference on Web Services,2005:266-273P
[39]Topol B, Ogle D, Pierson D, et al. Automating problem determination: A first step toward self-healing computing systems. IBM white paper,2003
[40]Jarrett M, Seviora R. Diversity to enhance autonomic computing self-protection, First International Conference on Availability, Reliability and Security (ARES'06) 2006.
[41]Agrawal S, Bruno N, Chaudhuri S, et al. Autoadmin: Self-tuning database systemstechnology. IEEE Data Engineering Bulletin,2006.29(3):7-15P
[42]Patterson D,Brown A. Recovery oriented computing. ROC Retreat, Winter,2002
[43]Wells C. The OceanStore archive:Goals, structures, and selfrepair. UC Berkeley Masters Report,2002
[44]Lehman T,Kaufman J. OptimalGrid: middleware for automatic deployment of distributed FEM problems on an Internet-based computing grid:IEEE International Conference on Cluster Computing,2003:164-172P
[45]Garcia-Arellano C, Lightstone S, Lohman G, et al. Autonomic features of the IBM DB2 universal database for linux, UNIX, and windows. IEEE Transactions on Systems, Man, and Cybernetics, Part C:Applications and Reviews,2006.36(3):365-376P
[46]Microsystems S. N1. http://www.sun.com/software/nlgridsystem/.2007
[47]Pertet S, Narasimhan P, Wilkes J, et al. Prato:databases on demand, The 4th IEEE International Conference on. Autonomic Computing (ICAC'07). Jacksonville, USA, 2007,11.
[48]Dong X, Hariri S, Xue L, et al. Autonomia: an autonomic computing environment, IEEE International Conference on Performance, Computing, and Communications.2003: 61-68P
[49]Muller H, O'Brien L, Klein M, et al. Autonomic computing. Technical Note by Carnegie Mellon University,2006
[50]CORP. I. Automation Assessment Tool Preview.http://www-304.ibm.com/jct03002c/ software/tivoli/resource-center/overall/dem-auto-tool.jsp.2007
[51]MULLE H A O B L, KLEIN M, et al. Autonomic Computing. Carnegie Mellon University Software Engineering Institute technology report.2006, Apirl.
[52]IBM. The Autonomic Computing Edge: The "Standard" Way of Autonomic Computing. Available from:http://www-128.ibm.com/developerworks/autonomic/ library/ac-edge2.htm.2005
[53]M. R A. Standards Supporting Autonomic Computing: CIM. Presented to the Graduate School, Faculty of Engineering Alexandria University,2007
[54]McCann J,Huebscher M. Evaluation issues in autonomic computing. Lecture notes in computer science,2004:597-608P
[55]Paul Lin A M, and John Leaney. Defining autonomic computing: a software engineering perspective[Proceedings of the 2005 Australian conference on Software Engineering, 2005:88-97P
[56]Salehie M,Tahvildari L. Autonomic computing: emerging trends and open problems, SIGSOFT Software Engineering Notes,2005,30:1-7P
[57]IBM. An architectural blueprint for autonomic computing.white paper,2004. http://www-03.ibm.com/autonomic/pdfs/ACBP2_2004-10-04.pdf,2004
[58]IBM. An architectural blueprint for autonomic computing http://www-03. ibm.com_autonomic_pdfs_ACBlueprint White Paper V7,2005.
[59]Zhang H, Whang H.Zheng R. An Autonomic Evaluation Model of Complex Software, 2008:343-348 IEEE International Professional Communication Conference, Harbin,china,2008.
[60]Brown A,C.Redlin. Measuring the Effectiveness of Self-Healing Autonomic Systems. Proceedings of the Second International Conference on Autonomic Computing (ICAC'05). Seattle,Washington,USA,2005:328-329P
[61]Lau T,Shum P. Quantitative measurement of the autonomic capabilities of computing systems. Google Patents,2009.
[62]张海俊,史忠植.自主计算软件工程方法.小型微型计算机系统,2006.27(006):1077-1082页
[63]刘文洁,李战怀.虚拟化技术在基于自律计算的高可用性系统中的应用.计算机应用,2006.26(2):485-487页
[64]刘涛,曾国荪.吴长俊.异构网格环境下任务分配的自主计算方法.通信学报,2006.27(11):139-143页
[65]廖备水,李石坚,姚远,et a1.自主计算概念模型与实现方法研究Journal of Software,2008.19(4):779-802页
[66]廖备水,黄华新,高济.一种支持自治计算的基于可废止逻辑的柔性Agent,软件学报,软件学报,Vol.19, No.3, March 2008,605-620P
[67]臧铖,黄忠东.董金祥.基于状态的通用自主计算模型.计算机辅助设计与图形学学报,2007.19(11):1476-1481页
[68]Murch R. Autonomic computing, IBM Press,2004
[69]Ireland N. Autonomic Computing—a Means of Achieving Dependability?,10th IEEE International Conference and Workshop on the Engineering of Computer-Based Systems (ECBS'03). Huntsville, Alabama. April 07,2003:243-247P
[70]Kunii T. Autonomic and Trusted Computing for Ubiquitous Intelligence, In:Proc. of the 4th Int'l Conf. on Autonomic and Trusted Computing (ATC 2007). Berlin, Heidelberg: Springer-Verlag,2007.1-12P
[71]Tohma Y. Fault tolerance in autonomic computing environment. In:Proc. of the 2002 Pacific Rim Int'l Symp. on Dependable Computing. Tsukuba: IEEE Computer Society Press,2002.2503-2507P
[72]Baldini A, Benso A.Prinetto P. A dependable autonomic computing environment for self-testing of complex heterogeneous systems. Electronic Notes in Theoretical Computer Science,2005,116:45-57P
[73]Dai Y, Marshall T.Guan X. Autonomic and dependable computing: moving towards a model-driven approach. Journal of Computer Science,2006.2(6):496-504P
[74]Dumitras T, Rosu D, Dan A, Narasimhan P. Dynamic change management for minimal impact on dependability and performance in autonomic service-oriented architectures. Technical Report, CMU-CyLab-06-003, Pittsburgh: CyLab, Carnegie Mellon University, 2006.1-20P
[75]Troxel IA, George AD. Adaptable and autonomic mission manager for dependable aerospace computing. In: Proc. of the Symp. on Dependable, Autonomic and Secure Computing. Indianapolis: IEEE Computer Society Press,2006:11-18P
[76]邢栩嘉,林闯,蒋屹新.计算机系统脆弱性评估测评研究.计算机学报,2004,27(1):1-11页
[77]Want R, Hopper A, Falcao V, et al. The Active Badge Location System. ACM Transactions on Information Systems,1992.10(1):91-102P
[78]Baldauf M, Dustdar S, Florian a, et al. A survey on context-aware systems. International Journal of Ad Hoc and Ubiquitous Computing 2007(4):263-277P
[79]Schilit B,Theimer M. Disseminating Active Map Information to Mobile Hosts. IEEE Network,1994.8(5):22-32P
[80]Ryan N, Pascoe J.D. M. Enhanced reality field work:The context-aware archaeological assistant, Computer Applications in Archaeology. British Archaelogical Reports:Oxford, UK,1997
[81]Anind K. Dey, Gregory D. Abowd. The Context Toolkit: Aiding the development of context-aware applications. Proceedings of the ACM CHI,. Pittsburgh, PA,1999
[82]Hull R, Neaves P.Bedford-Roberts J. Towards situated computing. In Proceedings of the Inter-national Symposium on Wearable Computers. Cambridge, Mass, October,1997
[83]Brown P. The stick-e document:a framework for creating context-aware applications. ELECTRONIC PUBLISHING-CHICHESTER,1995,8:259-272P
[84]Dey A,Abowd G. Towards a better understanding of context and context-awareness, Proceedings of the 1st international symposium on Handheld and Ubiquitous Computing,Karlsruhe, Germany,1999:304-307P.
[85]Soldatos J, Pandis I, Stamatis K, et al. Agent based middleware infrastructure for autonomous context-aware ubiquitous computing services. Computer Communications, 2007.30(3):577-591P
[86]Strassner J, Samudrala S, Cox G, et al. The Design of a New Context-Aware Policy Model for Autonomic Networking, IEEE Computer Society,2008:119-128P
[87]Anthony R, Pelc M, Ward P, et al. A Run-Time Configurable Software Architecture for Self-Managing Systems, IEEE Computer Society,2008:207-208P
[88]Dawson D. Facilitating autonomic computing using reflection. http://hdl.handle. net/1828/1408,2009.
[89]Cybenko G, Berk V, Souza I, et al. Practical autonomic computing, Proceedings of the 30th Annual International Computer Software and Applications Conference 2006:3-14P
[90]Blair G, Coulson G, Blair L, et al. Reflection, self-awareness and self-healing in OpenORB, Proceedings of the first workshop on Self-healing systems,Charleston, South Carolina,2002:9-14P
[91]Gelenbe E, Lent R.Nunez A. Self-aware networks and QoS. Proceedings of the IEEE, 2004.92(9):1478-1489P
[92]Gelenbe E, Sakellari G.D' Arienzo M. Controlling Access to Preserve QoS in a Self-Aware Network, Proceedings of the First International Conference on Self-Adaptive and Self-Organizing Systems,2007:205-213P
[93]Gelenbe E,Loukas G.A self-aware approach to denial of service defence. Computer Networks,2007.51(5):1299-1314P
[94]Gelenbe E. Steps toward self-aware networks. Communications of the ACM,2009.52(7): 66-75P
[95]CAMBRIDGE M I O T, Agarwal A, Miller J, et al. Self-Aware Computing. Technical Report in Technical Report AFRL-RI-RS-TR-2009-161,June 2009.
[96]Parashar M,Hariri S. Autonomic computing: An overview. Lecture notes in computer science,2005,35:257-269P
[97]马晓星,张小蕾.吕建.自省的动态软件体系结构描述与实现.南京大学学报:自然科学版,2004.40(2):146-155页
[98]Dabrowski C,Mills K. Understanding self-healing in service-discovery systems, Proceedings of the first workshop on Self-healing systems,2002,Charleston, South Carolina.2002:15-20P
[99]Dashofy E, van der Hoek A.Taylor R. Towards architecture-based self-healing systems, Proceedings of the first workshop on Self-healing systems,2002,Charleston, South Carolina.2002:21-26P
[100]Sterritt R,Chung S. Personal autonomic computing self-healing tool. The 11th IEEE International Conference and Workshop on the Engineering of Computer-Based Systems (ECBS'04). Brno, Czech Republic May 24,2004:513-520P
[101]Gurguis S,Zeid A. Towards autonomic web services:Achieving self-healing using web services. ACM SIGSOFT Software Engineering Notes,2005.30(4):1-5P
[102]Elkorobarrutia X, Izagirre A.Sagardui G. A self-healing mechanism for state machine based components, Proceedings of the 1st International Conference on. Ubiquitous Computing,2006
[103]Angskun T, Fagg G, Bosilca G, et al. Self-healing network for scalable fault-tolerant runtime environments. Future Generation Computer Systems,2009
[104]王纪文,游静,许满武,刘凤玉.自恢复软件系统的建模与分析.系统仿真学报.2005,17(12):2912-2916,2921页
[105]刘文洁,李战怀,周云涛.基于自律计算的故障监视机制研究与设计.计算机科学.2010,37(8):155-157页
[106]K. Vaidyanathan and K. S. Trivedi. A comprehensive model for software rejuvenation. IEEE Trans.on Dependable and Secure Computing,2005,2(2):124-137P.
[107]Majzik and G. Huszerl. Towards dependability modeling of FT-CORBA architectures. In Proc. of the 4th European Dependable Computing Conference (EDCC'02),Toulouse, France, Oct,23-25,2002.pages 121-139P.
[108]G. Candea et al. Microreboot:A technique for cheap recovery.In the 6th symposium on operation systems design & implementation(OSDI'04), San Francisco, Dec,6-8,2004.pages 31-44P.
[109]Hichem Boudali, Hasan Sozer, Marielle Stoelinga. Architectural Availability Analysis of Software Decomposition for Local Recovery. TheThird IEEE International Conference on Secure Software Integration and Reliability Improvemen, shanghai China, Date:8-10 July 2009:14-21P
[110]Pereira E, Pereira R.Taleb-Bendiab A. Performance evaluation for self-healing distributed services and fault detection mechanisms. Journal of Computer and System Sciences,2006.72(7):1172-1182P
[111]Neti S,Muller H. Quality Criteria and an Analysis Framework for Self-Healing Systems, International Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS'07) Minneapolis, Minnesota, USA, May 26-27,2007,261-271P
[112]Lilien L,Bhargava B. A scheme for privacy-preserving data dissemination. IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans,2006. 36(3):503-506P
[113]赛迪网.文件可自毁和防拷贝.http://www0.ccidnet.com/news/industryexpress/ 2003/06/01/10388627.html.2003.
[114]豆丁网.美国自杀式硬盘防泄密被窃后可自毁数据.http://www.docin.com/ p-9973834.html,2009.
[115]Sterritt R,Hinchey M. Engineering ultimate self-protection in autonomic agents for space exploration missions, Sterritt R,Hinchey M. Engineering ultimate self-protection in autonomic agents for space exploration missions, Proceedings of 12th IEEE International Conference and Workshops on the Engineering of Computer-Based Systems.2005: 506-511P
[116]Geambasu R, Kohno T, Levy A, et al. Vanish:Increasing data privacy with self-destructing data.http://www.zdnetasia.com/whitepaper/vanish-increasing -data-privacy -with -self-destructing-data_wp-1204117.htm,2009.
[117]卢正添,李涛,胡晓勤,等一种数据自毁方法.计算机应用研究,2009,26(1):350-351页
[118]陈恩,刘晓洁,李涛,等.数据库销毁系统的设计与实现.计算机工程与设计,2008,29(10):2499-2501页
[119]杜娟.一种串口安全模块的设计与实现.计算机工程,2007,33(13):272-273页
[120]Jeremy TB. Semi-Markov PEPA:Modelling with generally distributed actions. International Journal of Simulation,2005,6(3):43-51P.
[121]Bingyang Li, Huiqiang Wang, Guangsheng Feng. Adaptive Hierarchical Intrusion Tolerant Model Based on Autonomic Computing.2008 International Conference on Security Technology, Sanya, Hainan China 2008:137-141P
[122]R. J. Ellison, D. A. Fisher, R. C. Linge, et al. Survivable Network Systems:An Emerging Discipline. Technical Report. CMU/SEI -97-TR-013:Pittsburgh, Carnegie Mellon university,1999:1-33P
[123]Jane H. Tuning systems:From composition to performance.the Journal Computer, 2005,48(4):385-400P
[124]Jeremy TB. Semi-Markov PEPA: Compositional modelling and analysis with generally distributed actions. In: Proceedings of 20th Annual UK Performance Engineering Workshop.Irfan Awan:University of Bradford,2004:266-275P
[125]Nicholas JD. Parallel Computation of Response Time Densities and Quantiles in Large Markov and Semi-Markov Models[PhD thesis]. London, United Kingdom:Imperial College, University of London,2004P
[126]Vibhu SS, Kishor ST. Quantifying software performance, reliability and security: An architecture-based approach. The Journal of Systems and Software,2007,80:493-509P
[127]殷丽华,方滨兴.入侵容忍系统安全属性分析.计算机学报.2009,29(8):1505-1512P
[128]Jeremy TB, Nicholas JD, Peter GH, et al. Distributed Computation of Transient State Distributions and Passage Time Quantiles in Large Semi-Markov Models. Future Generation Computer Systems,2006,22(7):828-837P
[129]R. Milner, J. Parrow and D. Walker, "A calculus of mobile processes," Journal of Information and Computation, Elsevier Science Press, Volume 100, Issues 1,1992,1: 1-77P
[130]Alan Jeffrey, Julian Rathke. Full abstraction for polymorphic x-calculus. Theoretical Computer Science, Elsevier Science Press,2008,390(2-3):171-196P
[131]Jonathan Appavoo, Kevin Hui,Craig A. N. Soules,et al.. Enabling Autonomic System Software with Hot-Swapping. http://www.research. ibm.com/K42/papers/auto-vis. pdf,2003.
[132]王一川,石纯一.基于π演算的一种Agent组织模型.计算机研究与发展,2003,2003,40(2):163-167P
[133]Bjorn Victor. The Mobility Workbench.http://www.it.uu.se/research/group/mobility/ mwb,2011
[134]Jeremy T. Bradley, Stephen T. Gilmore, Jane Hillston. Analysing distributed Internet worm attacks using continuous state-space approximation of process algebra models. Journal of Computer and System Sciences.2008,74:1013-1032P
[135]Jane Hillston, Fluid flow approximation of PEPA models, Proceedings of the 2nd International Conference on Quantitative Evaluation of Systems, Torino, IEEE Computer Society Press, September 2005:33-42P
[136]Richard A. Hayden,Jeremy T. Bradley. Fluid semantics for passive stochastic process algebra cooperation.International Conference On Performance Evaluation Methodologies And Tools. Athens, Greece.2008.
[137]Huang Y, Kintala C, Kolettis N, et al. Software rejuvenation:analysis, module and applications. Twenty-Fifth International Symposium on Fault-Tolerant Computing. Pasadena, CA, USA.27-30 Jun 1995:381-390P
[138]Felicita Di Giandomenico, Marta Kwiatkowska, Marco Martinucci, et al. Dependability Analysis and Verification for Connected Systems.4th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISOLA'10), Springer, October 2010,volume 6416 of LNCS,263-277P
[139]S Garg, A Puliafito, M Telek and K S Trivedi. Analysis of Software Rejuvenation using Markov Regenerative, Proc. Of the Sixth International Symposium on Software Reliability Engineering,1995:24-27P
[140]M Degli Esposti. Mitochondria in apoptosis:past, present and future. Biochemical Society Transactions.2004,32:493-495P
[141]Satish A Polshettiwar, C G Deshpande, Anand M Kudal, et al. P53 Gene Therapy: A Potential Panacea To Cancer.http://www.pharmainfo.net/reviews/p53-gene-therapy-potential - panacea-cancer.Nov.30,2007.
[142]John W K. Apoptosis. http://users.rcn.com/jkimball.ma.ultranet/BiologyPages/A/ Apoptosis. html 201 O.July.
[143]Bruce Eckel.Thinking in C++.Upper Saddle River, USA: Prentice-Hall, Inc.2002,Sep.
[144]James F. Allen, George Ferguson. Actions and Events in Interval Temporal Logic. The University of Rochester,Technical Report 521. July 1994.
[145]林闯.随机Petri网和系统性能评价.北京:清华大学出版社.2005,04.
[146]B B Madana, G P Katerina, K Vaidyanathan, et al. A method for modeling and quantifying the security attributes of intrusion tolerant systems. Performance Evaluation. 2004,56:167-186P