Abstraction Layer for Development and Deployment of Cloud Services

Binh Minh Nguyen, Viet D. Tran, Ladislav Hluchy Institute of Informatics, Slovak Academy of Sciences, Slovakia

In the recent years, cloud computing becomes an attractive option for scientific communities as well for industry. As present, there are several large providers including Amazon [4], Microsoft [5], ElasticHosts, and so on. There are also open-source cloud middleware for building clouds like Eucalyptus [1], OpenNebula [2], as well as proprietary cloud software from VMWare, Citrix, IBM, and so on. Unfortunately, these softwares are often incompatible from each other, that can increase the cost of porting applications to clouds as well as create potential vendor lock-in. There are efforts to standardize cloud middleware, mostly notable by Open Grid Forum with OCCI (Open Cloud Computing Interface) [3], however, it only defines unified interface and does not solve all problems with compatibilities, e.g. virtual images. In this paper, we will present an abstraction layer for development and deployment of cloud services. The aims of the abstraction layer are as follows: • Abstraction of cloud resources: resources in the clouds (virtual machines, images, storages) are abstracted as objects and users can manipulate with them via methods provided by the objects. The abstraction will allow changes in the backend without affecting functionalities and modification of developed applications in the abstraction layer. • Simplifying and unifying user interface: Users can manipulate resources as objects without dealing with implementation details. • Interoperability: Applications and user scripts developed in the abstraction layer will work for different cloud middleware from different providers. • Optimization: The abstraction layer will allow optimization mechanisms like brokering, substitutions, load balancing and so on. For example, when the user create a new virtual machine, the optimization layer can choose which provider is best for the current instance. In our design, we use object-oriented approach for abstraction of computing resources: • The resource is represented as an object where all information related to the resource is encapsulated as data member of the object. Implementation details are hidden from users and developers can change them without affecting users. • Manipulation with the resource will be done via member methods of the object. Assume that a virtual machine in the cloud is represented by an object vm, then starting the machine is done by vm.start(), uploading data/application code to the machine is done by vm.upload(data, destination), execution of a program on the machine is done by vm.exec(command-line), and so on. It means that developers can define interfaces and control what and how the users can manipulate with cloud resources. Furthermore, users can manipulate with cloud resources without learning underlying cloud middlewares. • Developers can create new services based on existing ones using derived class and inheritance in OOP. For example, a Cluster class is used for representation of generic cluster, a derived class HadoopCluster can be used for abstraction of cluster with Hadoop software installed. • Abstraction also makes space for resource optimization. The optimization layer can decide which options are best for users. The abstraction layer has been tested with EC2/Eucalyptus and OpenNebula middlewares. OCCI interface is natively supported. Current work is focusing on creation of unified graphical user interface. Acknowledgements: This work is supported by projects SMART ITMS: 26240120005, SMART II ITMS: 26240120029, VEGA No. 2/0211/09, VEGA 2/0184/10.

References 1. Daniel Nurmi, Rich Wolski, Chris Grzegorczyk, Graziano Obertelli, Sunil Soman, Lamia Youseff,

Dmitrii Zagorodnov: The Eucalyptus Open-Source Cloud-Computing System. In Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID '09) pp. 124-131, IEEE Computer Society, Washington, DC, USA.

2. Dejan Milojičić, Ignacio M. Llorente, Ruben S. Montero, OpenNebula: A Cloud Management Tool. IEEE Internet Computing, vol. 15, no. 2, pp. 11-14, 2011.

3. Open Cloud Computing Interface – Infrastructure. http://www.gridforum.org/ Public_Comment_Docs/ Documents/2010-12/ogf_draft_occi_infrastructure.pdf. Last visited on August 2011.

4. Amazon Elastic Compute Cloud (Amazon EC2). http://aws.amazon.com/ec2/. . Last visited on August 2011.

5. Windows Azure. http://www.microsoft.com/windowsazure/. . Last visited on August 2011.

ACARM-ng: Next Generation Correlation Framework

Barłlomiej Balcerek, Bartosz 'BaSz' Szurgot, Mariusz Uchroński, Wojciech Waga WCSS bartlomiej.balcerek@pwr.wroc.pl, bartosz.szurgot@pwr.wroc.pl , mariusz.uchronski@pwr.wroc.pl, wojciech.waga@pwr.wroc.pl Keywords: correlation, alerts, IDMEF, notification, framework, IDS, IPS 1 Introduction Administrative tasks are well automated when working with a single computer or server nowadays. There are a number of tools available to administrators to perform these tasks. Some of the most important are [2, 3, 4]. Using these tools gives a good overview of a system's state for a single machine, but does not scale to multiple hosts. One example of such a situation is an ssh scan from a single source on multiple targets being reported as tens or even thousands reports on incorrect login attempts. This paper presents ACARM-ng1[5] real-world implementation of extendible framework for alerts correlation. Some effects of its work in the network environment at the Wroclaw Center for Networking and Supercomputing[1] are presented as well. 2 State of the art Event correlation problem is known throughout the literature [10]. Apart from theoretical studies several implementations have been created, differing in the idea of processing, scope of interest and correlation handling. Some of them are discussed in this section. Theoretical correlation engine's architecture has been proposed in [10] and later implemented as ACARM2 [9]. Main issues related to this system were its strong connection between correlation and reporting and closed architecture. Also, correlated events could only be written to disk { there was no build-in notification mechanism. One of the commonly used correlation engines is Prelude-Correlator, delivered with Prelude package [4]. 1ACARM-ng stands for: Alert Correlation, Assessment and Reaction Module { next generation 2As for Q3 of 2010 project is discontinued. It has been replaced with ACARM-ng, presented in this article. It is a set of scripts that perform simple rule-matching. When a required number of alerts are gathered (typically: 5), they are reported as a correlated entry. OSSEC [6] is an example of more complex system gathering pieces of information. Correlation is only one of the tasks it performs. Similarly to [4], correlation means basic pattern-matching and direct log analysis. The most advanced system found by authors at the time of writing these words, is OSSIM [7]. It is a complex security information management3 system, including event correlation engine and a web interface for data visualisation. A unique feature of aforementioned correlator is recurrent processing. 3 Proposed solution Having in mind limitations of currently existing solutions a novel framework for correlation of events has been proposed. Ideological foundations for a new architecture have been derived mostly from experience gained during development of the ACARM [9] system and evaluation of Prelude-Correlator [4]. 3.1 Goal The main goal was to provide a correlation engine with following features: flexible framework, efficient processing of events, independent processing and reporting, flexible reporting and reaction modules, web-based view of system's state, scalable to multi-core architectures, persistent storage independence, generic input mechanism, recursive information processing, fault tolerance, arbitrary long time windows for correlation.

3.2 Architecture overview To achieve the presented goal a parallel queue processing mechanism has been proposed. Main system's part is a FIFO queue of events (meta-alerts in ACARM-ng's terminology). All other system's parts Or shortly: "SIM" have been split into the following sub-system categories: lters, triggers, inputs and persistencies. Each category has a generic interface and user-provided implementations can be provided as plug-ins. All categories are described shortly in separate subsections. 3.3 Filters Most of them perform correlation of events but they are not limited to do so. Some of the filters thanks to the very flexible abstraction layer are able to perform tasks concerning only a single alert such as reprioritization based on rules like IPs suspiciousness. DNS resolving is also performed using this mechanism. 3.4 Triggers Main purpose of triggers is reaction and reporting of meta-alerts. Exemplary triggers can send messages via e-mail or instant messengers as well as run scripts. Triggers are an important feature of ACARM-ng, making it IPS4. They provide user with a powerful mechanism for automating security management. 3.5 Inputs Input provides a generic interface for gathering events from external systems. It does not make any assumptions on input data form, nor the arrival channel. It is up to the specific input implementation to translate its input to ACARM-ng-compatible one. Each input is run in a separate thread, to avoid blocking the whole system on I/O, that is usually much slower than processing mechanisms. 3.6 Persistencies Implementation of persistent storage is done via "persistency" interface. Its operations within the system are transparent to developers. Abstraction is generic enough to allow any storage in the back-end, as far as it supports transactions. Current implementation uses PostgreSQL for data storage. 4 Results Basing on the concept described in the section 3 real-world system has been implemented, namely: ACARM-ng [5]. Tests of existing software base are being performed at WCSS' [1] supercomputers' environment, namely Nova and SuperNova clusters. Work is being done as a part of PL-Grid project [8]. 4.1 Performance Our installation runs on 3 CPU, AMD Opteron, XEN-based virtual machine, with 1GB RAM. Real world load is, on average one alert every 20[s]. This 4Intrusion Prevention System load makes ACARM-ng idle nearly all the time in real configuration (i.e. reasonable and useful). Having F enabled filters, S alerts per second and T second time windows for each filter we can esteem the computational complexity as: O(F*T *S). Since F and T totally depend on the configuration and S << F, S << T, computational complexity depends almost exclusively on the configuration. 4.2 Alerts reduction One of the key elements of the correlation engine is alerts' reduction. It gives us a view on how many meta-alerts an admin has to read, after the correlation is done, to have a full view on the system's activity. After three weeks of work, system gathered about 147k alerts. This makes around 7k alerts a day, on average. Output set, from all filters gave 126k events. From input 147k alerts 1:6k events have been reported. Out of the 1:6k reported 266 were reported as important, giving, on average, less than 13 reports per day.

5 Conclusions In this paper a novel approach to alerts correlation has been proposed. Basing on presented concept actual framework has been implemented. Unique features of independent reporting and correlating along with multi-threaded processing have been shown to work. Further work include mostly extending ACARM-ng implementation with new correlation techniques. References [1] http://www.wcss.wroc.pl. [2] http://www.tripwire.com. [3] http://www.snort.org. [4] http://www.prelude-technologies.com. [5] http://www.acarm.wcss.wroc.pl. [6] http://www.ossec.net. [7] http://www.ossim.net. [8] http://www.plgrid.pl. [9] http://www.acarm.wcss.wroc.pl, 2009. [10] Fredrik Valeur, Giovanni Vigna, Christopher Kruegel, Richard A. Kemmerer, A comprehensive approach to intrusion detection alert correlation, IEEE Transactions On Dependable And Secure Computing, 1 (2004).

An application scaling system in Elastic Compute Cloud Włodzimierz Funika(1,2), Kamil Mazurek(1), Wojciech Kruczkowski(1) (1) Department of Computer Science, AGH - University of Science and Technology, al. Mickiewicza 30, 30-059 Krakow, Poland (2) ACC CYFRONET AGH, ul. Nawojki 11, 30-950 Krakow, Poland e-mail: funika@agh.edu.pl, mkamil@student.agh.edu.pl, krwojc@student.agh.edu.pl Since the implementation of Amdahl’s law in 1960s parallel computing has changed, but the goal was always the same: to execute computations as fast as possible. Many models of parallel computing have been introduced over the years, for example: Grid Computing, computation on multi processor machines and computing on clusters. Lately, a new approach known as Cloud Computing has been introduced. A Cloud Computing system must combine dynamic allocation with effective external and internal cloud communication and data storing. Such a system can be used in multi-category computations, yet assembling such a system is not a trivial task. One of the main cloud features is transparency - people who are using a cloud system do not need to know what is the system architecture, where the machines are placed and what roles they play. With transparency a problem comes to solve - finding a way to balance the load of machines and use them with the best performance. Many different algorithms and systems supporting parallel computing have been created so far, e.g. the popular EC2 (Elastic Compute Cloud) [1] and PiCloud [3]. Still usable remains the PBS job scheduling system [4]. One of the interesting trends is the use of agents in scheduling and LB mechanisms [5]. There are applied different LB algorithms, e.g. Virtual Tree Algorithm [6], an algorithm used in the Condor system, A*, Bryant and Finkel's Algorithm. The concept of our solution relates to the UE Urban Flood project. It is aimed at processing huge quantities of data coming from a network of sensors by the Internet. Our aim is to create a mechanism for processing such data as a system which executes jobs while exploiting load balancing for Amazon EC2. The idea is to create an experimental hybrid architecture in which some parts of the system are centralised, whereas other ones are not. We will try to balance dependencies between the system units by using a hierarchic structure consisting of masters and slaves, with one distinct root unit. Scientific objectives are focused on the efficiency measurement of such a solution and finding the best load balancing algorithm under given load conditions. In the system under discussion (please see Fig. 1) we are coupling the concept of agent-based systems with LB algorithms. Thus we introduce a high level elastic API written in Python and Java for job execution, communication, and dynamic allocation. This API provides also mechanisms for easy extending the current functionality. In our system we distinguish between three types of entities (agents): Commanders, Workers and Load Balancer. The Worker is responsible mainly for executing delegated jobs. This kind of agent needs to communicate with Commander in order to obtain jobs. The Commander can be considered as a supervisor for some set of Workers. It dispatches messages between them, collects reports, calculates overall load and balances load between Workers. Load Balancer’s role is to distribute jobs between Commanders, manage resources, and to communicate with the user. Commanders and Workers are parts of the system’s Cloud-side, being driven driven by Python scripts. Web services (File Storage Web Service, one of Load Balancer’s module) and frontend parts (Control Panel, File Storage Unit) are written in Java. Communication between EC2 web services is provided by Amazon Web Services SDK which is compatible with EC2 type clouds, e.g. the Eucalyptus system [2]. Communication between cloud components and the Load Balancer service is based on low level sockets with JSON supported by XDR for object serialization.

Fig. 1 Cloud-bound LB-based job-execution system architecture

The final user will be able to add any algorithm to the system and execute it (by adding a task) whenever necessary, provided with needed data. LBEC2 is assumed to execute this task by finding a relevant machine within optimal time. Algorithms, data and result files are stored in a distributed file storage system and accessible at any time to a user or software entity. In our research we seek to investigate the efficiency of our hybrid structure, find the most efficient load balancing algorithm for it and to provide a fast and user friendly system.

Acknowledgement: The authors are grateful to prof. K. Cetnarowicz for valuable discussions. This research is partly supported by the the European Union within the European Regional Development Fund program no. POIG.02.03.00-00-007/08-00 as part of the PL-Grid Project (http://plgrid.pl).

References:

1. Amazon EC2 web site: http://aws.amazon.com/ec2 2. Eucalyptus web site: http://open.eucalyptus.com 3. PiCloud web site: http://www.picloud.com 4. PBS web site: http://www.nas.nasa.gov/Software/PBS/pbshome.html 5. Cetnarowicz, K. From algorithm to agent. In: Sloot, P. et al. (eds.) Proc. 9th international conference ICCS 2009, LNCS 5544, Springer, pp. 825–834. 6. Antonis, K., Garofalaskis, J., Mourtos, I., and Spirakis, P.: A Hierarchical Adaptive Distributed Algorithm for Load Balancing, Journal of Parallel and Distributed Computing, Vol. 64 (2004): 151-162

Application Repository and Science Gateway for Molecular Docking Simulations

Gabor Testyanszky(1), Tamas Kiss (1)and Stephen Winter (1) Pamela Greenwell (2) and Hans Heindl(2) (1) School of Electronics and Computer Science (2) School of Life Science, University of Westminster, The FP7 European Desktop Grid Initiative (EDGI) project created a production infrastructure that integrates clouds, (built on OpenNebula and OpenStack), desktop Grids (based on BOINC and XWHEP) and service Grids (built on ARC, gLite and Unicore) into a single platform to support European Grid Initiative (EGI) user communities. The EDGI science gateway provides access to the EDGI infrastructure. It contains the EDGI Portal and the EDGI Application Repository. The EDGI Portal [3] is the GUI to submit and monitor applications, and retrieve and display results. The security models of desktop and service Grids are significantly different. While service Grids trust the users and identify them by unique certificates, desktop Grid systems trust the applications. As a result, only trusted and validated applications can run on DG systems. If users of a service Grid infrastructure want to utilise desktop Grid resources, the applications should be priori validated and pre-deployed on the supporting desktop Grid. This requires uploading validated applications into a repository and make them publicly available. Users can browse and search the repository in order to find and download applications they want to execute. The infrastructure contains two bridges: SG→DG bridge and DG→Cloud bridge. The bridges manage differences between job description and job submission of desktop and service grids. The paper gives an overview of the above described infrastructure specifically concentrating on its newly designed application repository. The applicability of the described framework is demonstrated via an application case study describing an in-silico docking simulation ported to and executed on the EDGI infrastructure. Carbohydrate modifying enzymes [1], [2] play a central role in life, for example in the quality checking of newly synthesized proteins. The current studies target core carbohydrate modifying enzymes and utilizes high throughput in silico modelling to discover and validate novel ligands or inhibitors of those macromolecules. The in-silico modelling is a compute- and data-intensive The EDGI infrastructure can provide computational and data resources required for the in-silico docking simulation. In the first two phases of the simulation the receptor and ligands molecules are selected to create a homology model. This model is optimised through energy minimization and a consecutive short molecular dynamics (MD) simulation using AMBER. After defining the target region for the docking, sets of ten ligand molecules are established and together with the receptor molecule are submitted as inputs to the Autodock Vina program which is used as a docking program. It provides a measure of the docking quality expressed as a so called “docking energy”, which is the measure for the ability of the algorithm to fit the ligand into the binding pocket of the receptor. As the Autodock Vina “docking energy” tends to bias the results towards the more flexible and bigger molecules it may be appropriate to divide the result by the molecular weight of the docked structure thereby getting a measure for the specific affinity of the small molecule to the target. The docking and docking evaluation phases are the compute- and data intensive phases of the simulation. The Autodock Vina was ported to desktop Grid and deployed on the EDGI infrastructure: on the Carmen cluster and on the Westminster Campus Grid. The Campus Grid is a BOINC based private desktop Grid. It consists of approximately 1600 PCs installed in student labs. E-scientist can run the docking simulation through the EDGI Portal. The EDGI infrastructure enables significant speed-up of the simulation. The paper will present outputs of the docking simulation. Acknowledgements. This research work is partially supported by the EDGI (European Desktop Grid Initiative) project funded by the European Commission within the FP7 framework (project number RI 261556). References 1. Varghese JN. (1999) Development of neuraminidase inhibitors as anti-influenza virus drugs.

Drug Dev. Res., 46:176-196. 2. Padilla-Vaca F, Anaya-Velazquez F. (1997) Biochemical properties of a neuraminidase of

Trichomonas vaginalis. J Parasitol, 83:1001–6.,

3. Z. Farkas and P. Kacsuk: P-GRADE Portal: A generic workflow system to support user communities, Future Generation Computer Systems, Volume 27 Issue 5, May, 2011,

4. doi>10.1016/j.future.2010.12.001 Anderson, D. P. 2004, BOINC: A System for Public-Resource Computing and Storage. 5th IEEE/ACM International Workshop on Grid Computing, November 8, 2004, Pittsburgh, USA,

Assessing the Performance of Desktop Grid Applications

Alexander Afanasiev (1), Nickolay Khrapov (1), Mikhail Posypkin (1) (1) Institute for Systems Analysis of the Russian Academy of Sciences, Moscow, Russia

Desktop grids (DGs) is a relatively new and rapidly emerging technology for distributed computing [1]. They deliver huge amount of cheap computational resources coming for a price of relatively low efficiency with respect to dedicated resources (HPC clusters). The performance losses are caused by high communication overhead, unreliability and heterogeneity of computing nodes which are common in volunteer computing. The actual performance of the DG application is difficult to track and evaluate. It is clear that the traditional framework for performance evaluation (speedup, efficiency) widely adopted for homogeneous systems [2] is not applicable for DGs systems. Though this issue was well understood by the research community [3,4] there is still a lack of comprehensive performance evaluation and analysis theory for grid systems. This important problem is addressed in this paper.

Consider the bag-of-task application that starts at the moment startt and finishes at the moment

stopt . According to [3] we define the makespan (Ms) as the time elapsed between the start of the first

task of the job and the finish of its last task, i.e. startstop ttMs . We define the speedup (Sp) as a

ratio between the total amount of (useful) CPU time consumed by the application and the makespan.

The total useful time uT and the speedup Sp are defined as follows:

Ux

u xtT )( , Ms

TSp u , (1)

where U is a set of all tasks and )(xt is a time of execution of the task x . The execution times of

tasks are collected during the computations on different nodes. The useful time uT can be interpreted

as a total time of application running on a node with an average performance. For the homogeneous system the speedup given by (1) is identical to the traditional speedup definition. We implemented a set of scripts for BOINC [5] projects that perform periodic logging of the running times of the jobs, their start and stop times. The web-based user interface (UI) has been created and integrated to the BOINC project web-site. Based on collected logging information the UI calculates and presents to the user the average running time of jobs, the distribution of jobs over computing nodes, the speedup according to (1) and some other useful metrics. The developed methodology and tools have been applied to evaluating the performance of the OPTIMA@HOME BOINC project [6] aimed at solving optimization problems. Analysis of the metrics collected in several experiments helped to identify best parameter set to make the system working on maximal performance. For our system that contained about 1000 nodes at the time of experimenting we increased the speedup from 100-120 to 200-300 times. The suggested notion of the speedup together with the methodology and tools for applying it to the BOINC projects provide a solid assitance to assess the performance of the DG application and to improve it. Acknowledgements. This work was supported by EU FP7 project DEGISCO (GA 261561). References 1. Péter Kacsuk, József Kovács, Zoltan Farkas, Csaba Attila Marosi, Zoltán Balaton: Towards a

Powerful European DCI Based on Desktop Grids. J. Grid Comput. 9(2): 219-239 (2011) 2. Ananth Grama, Anshul Gupta, George Karypis, Vipin Kumar, Introduction to Parallel Computing,

Addison-Wesley, 2003. 3. Walfredo Cirne, Francisco Brasileiro, Daniel Paranhos, Luís Fabrício W. Góes, William Voorsluys.

On the efficacy, efficiency and emergent behavior of task replication in large distributed systems // Parallel Computing, Volume 33, Issue 3, April 2007, Pages 213-234.

4. D. Paranhos, W. Cirne, and F. Brasileiro. Trading Cycles for Information: Using Replication to Schedule Bag-of-Tasks Applications on Computational Grids. Proceedings of the Euro-Par 2003: International Conference on Parallel and Distributed Computing, pp. 169-80.

5. Anderson, D.: BOINC: a system for public-resource computing and storage. In: Proceedings of the 5th IEEE/ACM International GRID Workshop, Pittsburgh, USA (2004)

6. OPTIMA@HOME http://dcs.isa.ru/dcsdg

Automatic proxy generation and load-balancing-based dynamic choice of services.

Jarosław Dąbrowski (1), Sebastian Feduniak (1), Bartosz Baliś (1), Tomasz Bartyński (2), Włodzimierz Funika (1) (1) Institute of Computer Science AGH, Krakow, Poland (2) ACC CYFRONET AGH, Krakow, Poland

Workflow paradigm is becoming now more and more popular model of resolving business and scientific problems. To provide complex functionality, the use of different functional modules is needed. Such modules can have many instances working in a distributed environment and load balancing should be ensured to achieve the best performance. Moreover adding a further module to ensure a new behavior should be easy. It would be preferable to separate the design and development of such modules, which means that someone who wants to add a new functionality does not have to know how to place it into a working environment. Also extending working the system with existing modules should be easy and need no implementation changes. In this paper we are going to present a system which is aimed to solve the issues describe above. First of all have a look on system architecture.

1. Clients of the system, generate requests. 2. CIS – Common Information Space 3. GlassFish Server – this is application server to host load balancer, proxies and

ProxyGenDeploy service. 4. ProxyGenDeploy – it is EJB service responsible for producing proxies for services, as input

service's interface description is needed (WSDLs and XSDs), after successful service invocation, new proxy will be deployed on the GlassFish server and proxy's address will be returned, admin is responsible for providing service interface

5. Proxy – responsible for forwarding a request to the concrete service instance, address of this service instance is provided by the Load Balancer service

6. LB – it is EJB service responsible for making load balancing, admin is responsible for registering/unregistering service instances

8. Concrete service instance, responsible for executing client's requests. The project is based on the JEE technology. Our system consists of two main modules: a proxy and a load balancer (LB). The relation between these modules is built on the assumption that the proxy requests the LB to get an address of a concrete service of a given type. LB is an EJB web service which has a functionality such as registering and unregistering VMs, collecting VM-related measurements, and load-balancing-based choosing of services. To enable VM-related measurements UFoReg Cloud monitoring [4] is used. Information about cpu, memory, disk and network load is obtained periodically. Collecting this data per request may be too expensive due to the use of HTTP's

GET method. Additionally, the proxy provides the time needed to execute each request to a service so we collect this data for each VM. We are able to change load balancing algorithms [1] owing to using the Strategy pattern. Different models of load balancing are going to be tested to achieve the best performance. The proxy is realized as a BPEL module generated by the EJB service.

Input for the generator is a service interface description (WSDL and XSDs files). Having got such an input, the steps that follow are required to create a proxy and deploy it on GlassFish server :

generating BPEL [2] proxy module – XSLT transform engine is used,

generating additional files to create a service assembly that can be deployed to the JBI server(GlassFish in our case) – Java DOM library is used,

packing the proxy into a required archive – standard Java libraries are used,

deploying and starting the service assembly – GlassFish API [3] is used. Once WSDL and XSDs are prepared for a new service we have to invoke a generator service passing it URLs to these files. As a response, the address of the proxy will be returned. After having registered new service instances in LB, the proxy is ready to use. No more steps are required. The configuration data is kept in the file and can be changed while the system is running, so no development activities are needed. Use described above system can significantly improve workflow execution performance in complex system, which consists of many instances of the modules of the same type. In the future it is possible to implement another load balancing strategies (LBS), including per module type balancing strategies, which means, that every type of module can have its own LBS according to its behavior. Using approach described in [5], LB can be improved to make its behavior depend on actual service state, which means that eg CPU or memory will have greater impact on load indicator. Acknowledgements. This work is supported by EU project UrbanFlood EU ICT 248767. References

1. Willy Tarreau: Making applications scalable with load balancing, September 2006, http://www.exceliance.fr/sites/default/files/biblio/art-2006-making_applications_scalable_with_lb.pdf

2. Web Services Business Process Execution Language Version 2.0, OASIS Standard 11 April 2007 http://docs.oasis-open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.pdf

3. The OpenESB Wiki, http://wiki.open-esb.java.net 4. UFoReg - UrbanFlood Registry, http://urbanflood.cyfronet.pl/uforeg 5. George Porter, Randy H. Katz : Effective Web Service Loadbalancing through Statistical

Monitoring, http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.70.4945&rep=rep1&type=pdf

Automation of System Monitoring Based on Fuzzy Logic or Rules –

Comparison of Two Designed Approaches with regard to

Computational Infrastructures

Włodzimierz Funika (1,2), Filip Szura (1), Jacek Kitowski (1,2)

(1) Institute of Computer Science AGH-UST, ul. Mickiewicza 30, 30-059 Krakow, Poland (2) ACC CYFRONET AGH, ul. Nawojki 11, 30-950 Krakow, Poland {funika,szura,kito@agh.edu.pl}

1. Introduction. Since PL-GRID is meant to be a country-wide compute- and data-intensive platform,

facilitating administrator’s operations, e.g. due to the size of infrastructure is one of key issues. An installation of this size can be endangered by malfunctioning of its resources, which needs detection of their failures and fast reactions to them. Developing intelligent software which will be able to help the administrator of a large computational infrastructure to cope with everyday duties at lower costs, is connected with automating administrators’ functions. In this paper we focus on two approaches to building a monitoring tool aimed at handling faulty operation of PL-Grid resources. 2. Related work. We analyzed a few monitoring systems [1,6,7]. Some of them use knowledge to resolve problems referring to the fault-tolerance of computer systems. Some monitoring tools use fuzzy logic as their knowledge engine, others use rules to determine the system behavior when errors (failures) occur. These systems are designed as agent-based or agent-less ones. Some systems like Zabbix use both approaches. The intelligent ones use fuzzy sets, e.g. Autopilot [1]. 3. Description of the solutions. Our two concepts of automation of system monitoring are: rule-

oriented monitoring and semantic-oriented agent-based monitoring, represented by the Saude-Net system [2] and SAMM compliant Agent (SAMM-CA) [3], accordingly, both of them being capable to react to captured system failures. Both concepts allow to manage monitored resources to optimize their work and usage, by re-arranging a system configuration being in the scope of the system administrator’s responsibility. The first of the two systems, Saude-Net, is built on top of existing low-level monitoring facilities. This system uses predefined actions as a response to the reported faults. The Saude-Net exploits rules [5] that determine which action should be used. It is possible that more than one action will be suitable for an observed situation. In this case Saude-Net creates a ranking of possible actions. The system

involves a rule-based knowledge engine. The architecture of the Saude-Net system is shown in Fig. 1.

Fig. 1: Basic architecture of the Saude-Net system.

The second of the systems under discussion is SAMM compliant Agent. This solution is an extension to the SAMM monitoring system [4]. It exploits the agent-based approach [6,7] for automation of system management. The agent (SAMM-CA) uses predefined actions and its personal knowledge like Saude-Net. As opposed to the above system, the agent knowledge exploits not only rules [5] but also fuzzy sets [8], being part of the agent knowledge engine. Five operation modes of SAMM-CA specify the behaviour of our agent. This agent is capable of learning - modifying its knowledge, exchanging statistic information. The agent is fully configurable by the SAMM system. The SAMM-CA component comprises four modules as shown in Fig. 2.

Fig. 2: Basic architecture of the SAMM compliant Agent.

4. Results and discussion. When comparing the knowledge representation handled by these

systems we could note that the first one – Saude-Net uses rules which determine possible actions for every service. This solution is not as dynamic as in SAMM-CA which uses fuzzy sets as well. These allow to match a better action with a failure at a lower cost. Another difference is partially related with system architecture: while Saude-Net uses the external monitoring tools to obtain data which are transmitted to a central point which is Saude-Net server, SAMM-CA is able to monitor resources by itself and to perform actions locally. The Saude-Net responses are slower than those performed by SAMM-CA, mostly due to communication costs. SAMM-CA uses local actions so they may be more complex. It also contributes to the whole performance of monitoring process since each agent is independent from others and may possess different actions and knowledge. 5. Conclusions and future work. Summing up we consider that the SAMM compliant Agent is a

more suitable solution for the automation of monitoring of large grid infrastructures: it uses fuzzy sets which are more flexible than rules thus allowing for better action matching. On the other hand, the Saude-Net system is quite sufficient for the automation of monitoring of parts of infrastructures, where communication costs can be outweighed by efficient event handling. Acknowledgements. This research has been partially supported by EU within the European Regional Development Fund, program no. POIG.02.03.00-00-007/08-00 as part of the PLGrid Project (www.plgrid.pl).

References 1. R. L. Ribler, H. Simitci, D. A. Reed: The Autopilot Performance-Directed Adaptive Control System.

FGCS, vol. 18(1), September 2001, pp. 175-187 2. Funika, W., Szura, F.: Automation of decision making for monitoring systems, in: M. Bubak, M.

Turała, K. Wiatr (Eds.), Proc. CGW'10, October 11-13 2010, ACC-Cyfronet AGH, pp. 164-171, Krakow, 2011

3. Funika, W., Szura, F.: Agent-Based Monitoring Using Fuzzy Logic and Rules, in: Proc. 4th ACC Cyfronet AGH Users’ Conference – KU KDM’11, March 9-11 2011, pp. 28-30, ACC-Cyfronet AGH, Krakow, 2011

4. Funika, W., Kupisz, M., P. Koperek, P.: Towards autonomic semantic-based management of distributed applications, in: Computer Science Annual of AGH-UST, v. 11, 2010, pp. 51-63, AGH Press, Krakow, 2010

5. Drools Expert User Guide, The JBoss Drools team, http://downloads.jboss.com/drools/docs/5.1.1.34858.FINAL/drools-expert/html/index.html

6. Bievans, A., Hulbert, M.F., Szymanski, B. K.: Agent-Based Network Monitoring. in: Proc. Autonomous Agents 99 Conference, 1999, pp. 41-53

7. Madejski J., Cooperating agents approach to task execution planning, Journal of Achievements in Materials and Manufacturing Engineering, vol. 37(1), November 2009

8. Hellmann, M.: Fuzzy Logic Introduction, http://diuf.unifr.ch/ds/courses/dss2002/pdf/FuzzyLogic.pdf

Biological Clock – is the Need for a Clock a Common Factor for Cells and Computers?

Paweł Spólnik (1), Leszek Konieczny (1), Irena Roterman (2) (1) Jagiellonian University – Medical college – Chair of Medical Biochemistry, Krakow, Poland (2) Jagiellonian University – Medical College – Department of Bioinformatics and Telemedicine, Krakow, Poland

Ongoing rapid developments in biological sciences enable us to understand the mechanisms and phenomena of nature, providing a basis upon which to pursue medical and also technical breakthroughs. One of the “hot” topics currently being intensively studied concerns the biological clock. Although the clock subject seems commonly familiar and predictable neither the mechanism of biological clock nor its biological role are still understood. The presence and operation of the clock manifests itself as the recurring 24-hour oscillations of biological activity known as circadian rhythms. The mechanism which generates such oscillations operates as independent in individual cells: in the organism, circadian rhythms are coordinated through adaptive synchronization triggered by the superchiasmatic nucleus, which is part of the hypothalamus [1]. Metabolic processes and – in particular – protein synthesis, are responsible for providing a stable time basis [2,3]. Synthesis of clock proteins is upregulated during periods of increased activity and subsequently downregulated during rest. The resulting oscillation propagates via intrinsic signals, in contrast to other similar non-clock phenomena involved in protein synthesis and degradation, which are steered by external “flow-through” signals. The intrinsic signals which switch the system off or on are created in the result by complexation, of proteins when they accumulate beyond the critical threshold. According to the presented model circadian rhythms are generated through the action of two feedback loops running out of phase with each other, with the clock gene products downregulating their own production. Circadian oscillators in various species follow the same general principle, in spite of differing molecular representations [4]. As a result, the biological clock resembles a computer clock in that it ensures proper synchronization of processes (including energy supply and demand as well as transcription processes affecting entire metabolic chains) [5]. There is, however, another reason for biological clocks to trigger cyclic metabolic changes: it is the need to keep cells in a permanent state of alertness, preventing excessive buildup of metabolic dependencies as a result of adaptation to long-lasting unaltered conditions and hence blunting any potential response to rapid changes. Identifying the system responsible for establishing circadian rhythms allows us to simulate its constituent processes in silico. Construction of such systems and its adaptation to models of in silico form is the key aim of the project. Acknowledgements. This work was supported by the Jagiellonian University – Medical College grant no. K/Z/DS-001531. References 1. Green CB, Menaker M. Clock on the brain. Science 301, 319-320, 2003 2. Duong HA, Robles MS, Knutti D, Weitz CJ; A molecular mechanism for circadian clock negative

feedback; Science 332, 1436-1439, 2011 3. Johnson CH, Egli M, Stewart PL; Structure insight into a circadian oscillator; Science 322, 697-701,

2008 4. van Gelder RN, Herzog ED, Schwartz WJ, Taghert PH; Circadian rhythms: In the loop at last;

Science 300, 15341-1535, 2003 5. Bass J, Takahashi JS; Circadian integration of metabolic and energetics; Science 330, 1349-1354

2010.

Common Information Space – a Framework for Service-Oriented Scientific Computi ng

Bartosz Baliś (1,2), Marek Kasztelnik (2), Tomasz Bartyński (2), Grzegorz Dyk (2), Tomasz Gubała (2,3),

Piotr Nowakowski (2), and Marian Bubak (1,2,3)

(1) AGH University of Science and Technology, Department of Computer Science, Krakow, Poland

(2) AGH University of Science and Technology, ACC CYFRONET AGH, Krakow, Poland

(3) Informatics Institute, University of Amsterdam, The Netherlands

As science increasingly relies on large-scale, collaborative computations which integrate results

from many disciplines, the Service-Oriented approach has been recognized as a promising paradigm

for scientific computing [2]. The Common Information Space (CIS) is a service-oriented software

framework facilitating development, deployment and robust operation of complex systems which rely

on scientific computations on top of clouds.

CIS organizes systems into a collection of services, as shown in Fig. 1. The basic services (aka

appliances) encapsulate the computational backend of a system. They are any piece of software

(typically a scientific application) wrapped as a virtual image (containing platform, software and

configuration necessary to run the application) and exposed as a service which means it can be

accessed through the network. Existing services can be composed and published as a composite

service (aka system parts). CIS supports three approaches for service composition: (1) orchestration

(BPEL workflows), (2) integration patterns, and (3) loosely-coupled publish-subscribe-based data

exchange through a message bus.

Fig. 1: Architecture of the CIS framework for Service-Oriented scientific computing.

Thanks to employing virtualization at the level of basic services, CIS manages resource allocation at

this level by dynamic deployment of virtual appliances to a cloud infrastructure. This allows to control

the amount of resources allocated to a system, prioritize the execution among concurrent systems,

and respond to variable resource demands.

Both basic and composite services contain mechanisms for monitoring and management. Self-

monitoring, applied to services and the CIS infrastructure itself, includes collection of information

about availability, health, performance, and also provenance tracking. Services are manageable; they

provide well-defined interfaces for starting, stopping, and changing configuration. Configuration

parameters are exposed and can be adjusted on-demand (in some cases even during runtime, e.g.

endpoints of invoked services). Each service (basic or composite one) can be executed in many

instances with variable configurations. Running instances can be dedicated or shared between

multiple systems.

The CIS framework has been employed to implement a Flood Early Warning System [1] which

monitors selected sections of dikes through wireless sensor networks and detects anomalous dike

conditions. Anomaly detection triggers further analysis which includes CPU-intensive inundation

simulations used for prediction and damage assessment in the event of a dike failure.

Acknowledgements. The research presented in this paper has been partially supported by the

European Union within the IST-248767 project UrbanFlood.

References

[1] B. Balis, M. Kasztelnik, M. Bubak, T. Bartynski, T. Gubala, P. Nowakowski, and J. Broekhuijsen. The

UrbanFlood Common Information Space for Early Warning Systems. Procedia Computer Science, 4:96-

105, 2011. Proceedings of the International Conference on Computational Science, ICCS 2011.

[2] I. Foster, C. Kesselman, Scaling System-Level Science: Scientific Exploration and IT Implications,

Computer 39 (11) (2006) 31–39.

Dataspace Support Platform for e-Science

Ibrahim Elsayed and Peter Brezany Faculty of Computer Science, University of Vienna, Austria

Scientific data, collected in various research domains are made accessible for significant analysis through portals by the means of e-Infrastructures. Managing the outcome of these analyses in conjunction with its corresponding input data, by enriching the existing relationship with semantics to facilitate reuse of data and analytical methods is nowadays more important than ever. Systems providing advanced integrated view to large-scale and distributed scientific data such as the integrated Rule-Oriented Data System (iRODS) [1] are described in the literature to a great extent, however the key (dataspace) feature managing semantic relationships is not well considered and thus it represents an open research challenge to be addressed in this work. Data management systems for e-Science strongly need to consider relationships that exist among input data and derived results in scientific studies. Furthermore these relationships need to be semantically enriched to allow computer programs to query that knowledge. This challenge is referred in this work to as preservation of the data lifecycle in scientific studies. Influenced by the vision of dataspaces introduced in [2] several dataspace systems have been proposed, including Paygo [3], Semex [4], and iMeMex [5] out of which the most are focusing on personal information management. This work focuses its effort on scientific dataspaces, which, if applied in e-Science applications can provide a highly efficient and powerful scientific data management solution for e-Infrastructures. Our approach is to semantically enrich the existing relationship among primary and derived datasets and to preserve both, relationships and datasets together within a dataspace to be reused by owners and others. To enable reuse, data must be well preserved, which can best be established if the full life cycle of data is addressed. We present a novel OWL ontology for the creation of semantically rich relationships among primary and derived datasets in scientific studies. The major contributions of this thesis include: (1) e-Science life cycle model, a specific model addressing the complete data life cycle to provide well-preserved scientific studies, (2) Semantic markup for scientific studies enabling to describe relationships among datasets of scientific studies with a semantic model, (3) Long-term preservation framework providing preservation of the complete life cycle of data in scientific studies, (4) Large-scale scientific dataspace platform - jSpace integrating the achievements presented in this work enabling to interconnect multiple dataspace instances from various domains, and (5) jSpace Java API providing all needed methods to construct semantic data about scientific studies and a model for their management within a distributed data environment. Cloud computing [6] has recently emerged as the paradigm for the next generation of large-scale scientific computing and data management with the main advantage in eliminating the need for hosting expensive hardware. We extend of the e-Science cloud introduced in [7] with core dataspace services and propose a scientific dataspace cloud. Acknowledgements. The Faculty of Computer Science at the University of Vienna supported this work. References [1] Reagan Moore, Arcot Rajasekar, and Michael Wan, Data grids, digital libraries, and persistent

archives: An integrated approach to sharing, publishing, and archiving data, Proceedings of the IEEE 93 (2005), no. 3, 578–588.

[2] Michael Franklin, Alon Halevy, and David Maier, From Databases to Dataspaces: A New Abstraction for Information Management, SIGMOD Rec. 34 (2005), 27–33.

[3] Jayant Madhavan, Shirley Cohen, Xin L. Dong, Alon Y. Halevy, Shawn R. Jeffery, David Ko, and Cong Yu, Web-Scale Data Integration: You can afford to Pay as You Go, CIDR, 2007, pp. 342–350.

[4] Yuhan Cai, Xin Dong, Alon Halevy, Jing Michelle Liu, and Jayant Madhavan, Personal Information Management with Semex, SIGMOD, June 2005, pp. 921–923.

[5] Lukas Blunschi, Jens peter Dittrich, Olivier Ren Girard, Shant Kirakos, Karakashian Marcos, and Antonio Vaz Salles, A dataspace odyssey: The iMeMex Personal Dataspace Management Systems, In Third Biennial Conference on Innovative Data Systems Research, CIDR, 2007, pp. 114–119.

[6] Rajkumar Buyya, James Broberg, and Andrzej M. Goscinski (eds.), Cloud Computing Principles and Paradigms (Wiley series on parallel and distributed computing), Wiley, 3 2011.

[7] Paul Watson, Phillip Lord, Frank Gibson, Panayiotis Periorellis, and Georgios Pitsilis, Cloud Computing for e-Science with Carmen, In 2nd Iberian Grid Infrastructure Conference Proceedings, 2008, pp. 3–14.

Design and Implementation of the IkarosEG Resource Management System

Christos Filippidis (1,2), Yiannis Cotronis(1), Christos Markou (2) (1) Department of Informatics & Telecommunications, University of Athens, Greece (2) Institute of Nuclear Physics , ”NCSR” Demokritos, Greece The past few years have shown a substantial increase in the amount of data produced by large-scale collaborative science applications, which now also applies at an enterprise level and everyday users. These types of applications require continuous increase of available resources. Nowadays the necessary resources are mainly provided by HPCs, scientific clusters, university campus desktop computers or by infrastructures constructed by "volunteers' computers". We also observe an intense effort for coexistence and cooperation between data networks and telecommunications networks expressed by producing hardware like smart phones and tablet PC's. It is clear that the telecom service providers are trying to enter the field of data networks using these devices as a gateway. With the proposed architecture we intend to extend the existing global Grid infrastructure by incorporating these devices, while creating a platform for interoperability with telecommunication providers. Obviously, a smart phone or a tablet PC is not capable to satisfy the needs of an WLCG [1] ”job” which may demand a device capable to provide 2GB of ram and 2 GHZ of CPU, taking in account that nowadays a typical tablet PC can have an 1 GHZ CPU and a typical smart phone a 500 MHz CPU this may be feasible at the near future. IkarosEG is using these types of devices in order to build additional features in addition to those provided by the underlying system, in order to reduce the load from our infrastructure and focus its use at the core processes. To implement the architecture we used the “IKAROS: Low-Cost, Low-Power, High-Throughput Storage Management System” [2] located at NCSR Demokritos. IkarosEG is a data-oriented Resource Management System for Grid environments. By using IkarosEG as our Resource Management System we manage to use our infrastructures only for the core data transfer mechanism implemented by IKAROS. All the additional features such as accounting, statistics, data searching utilities or further data formatting in order to connect the system with other utilities or applications, are running on smart phones and tablet PCs which are using the NCSR Demokritos campus Internet infrastructure by creating “jobs” that can perform in such devices. These mobile devices are running an android [3] application which communicates with IkarosEG infrastructure from which they download available “jobs” to execute and return the results back to the system. The IkarosEG can be described as a batch system. Traditional batch systems like Condor [4] requires continuous knowledge of the status and the configuration of the available resources in order to match the “job” requirements with the available resources. In contrast to this logic IkarosEG operates as a content provider for smart phones and tablet PCs. In this way we solve the mobility problem of resources. The “job” execution process is not affected if the device change its configuration, its network setup whether it operates on a private or public network. Additionally, if, as we perceive mobility as the freedom to change, in an ad-hoc manner, the configuration of a HPC or a campus IT Infrastructure participating in a Grid, in order to cover new demands, without affecting the “job” execution process then IkarosEG architecture can offer much even to traditional computing infrastructures. IkarosEG can be categorized as an architecture between a traditional Grid infrastructure, such as a gLite [5] and an infrastructure which implements the “volunteers' computing” concept, such as BOINC [6]. IkarosEG tries to attract new resources for leveraging the infrastructure capabilities while trying to fully benefit by the characteristics of these resources. At an enterprise level and everyday life IkarosEG could incorporate telecom providers at a Grid infrastructure, in a transparent way. These providers have a big base of users with smart phones and tablet PCs and can provide paid services to enterprises and scientific experiments while their users will have the opportunity to gain from this process with reductions at their bills. References

1. http://lcg.web.cern.ch/lcg/ 2. Christos Filippidis, Yiannis Cotronis, Christos Markou: IKAROS: Low-Cost, Low-Power, High-

Throughput Storage Management System,under review, Proceedings of PDP 2012 3. http://developer.android.com/index.html 4. Douglas Thain, Todd Tannenbaum, and Miron Livny, "Distributed Computing in Practice: The

Condor Experience" Concurrency and Computation: Practice and Experience, Vol. 17, No. 2-4, pages 323-356, February-April, 2005.

5. Cristina Aiftimiei et al ,Design and Implementation of the gLite CREAM Job Management Service, Future Generation Computer Systems, December 24, 2009

6. David P. Anderson, Gilles Fedak,The Computational and Storage Potential of Volunteer Computing, IEEE/ACM International Symposium on Cluster Computing and the Grid, Singapore, May 16-19, 2006

Enabling Generic Distributed Computing Infrastructure Compatibility for Workflow Management Systems

Miklos Kozlovszky (1), Krisztian Karoczkai(1), Istvan Marton(1), Akos Balasko(1), Attila Marosi(1), Peter Kacsuk(1) (1) MTA SZTAKI, Budapest, Hungary

Existing workflow management systems are different in middleware support, workflow engines and workflow description languages. They interpret, execute and manage workflows differently, implementing diverse functionalities since they have been defined by different scientific communities. In most cases workflow management systems (and therefore their workflows) are bounded tightly to some small number of specific Distributed Computing Infrastructure (DCIs), and efforts required to allow additional DCI support. As a result, solving workflow management system’s DCI incompatibility, or their workflow interoperability [1] issues are very challenging and complex tasks. In this paper we are specifying a generic concept how to enable generic DCI compatibility, which is feasible for many major grid workflow management systems (such as ASKALON [2], MOTEUR [3], gUSE/WS-PGRADE [4]) on workflow level. To enable DCI compatibility among the different workflow management systems we have developed the DCI Bridge, which become one of the main components of the so called fine-grain interoperability approach developed by the SHIWA (SHaring Interoperable Workflows for large-scale scientific simulations on Available DCIs) project. Other key elements of the fine-grain interoperability approach are the services (Proxy Manager, Repository, Translator, DCI Bridge) and the intermediate workflow language IWIR (Interoperable Workflow Intermediate Representation [5]). In this paper we will focus only on the generic DCI Bridge service component and describe its internal architecture, provide case studies to show how the used service resolve the DCI interoperability issues between various middleware types (gLite, ARC and UNICORE).

The generic DCI bridge service enables the execution of workflows onto any DCI platform (such as Globus, gLite, Web services, or even Cloud-based) by the compliant core engines. Workflow end users and developers benefit by such (fine grained) interoperability as they can submit jobs into different infrastructure (e.g.: Tera Grid, Austrian Grid, Grid5000, Amazon EC2, EGI) in a generic way.

Acknowledgements. This work was supported by EU project SHIWA (SHaring Interoperable Workflows for large-scale scientific simulations on Available DCIs), which is an Integrated Infrastructure Initiative (I3) project (contract number 261585). The SHIWA project aims to leverage existing workflow solutions and enable cross-workflow and inter-workflow federative exploitation of DCI Resources by applying both a coarse- and fine-grained strategy. Full information is available at http://www.shiwa-workflow.eu. References 1. Dagmar Krefting, Tristan Glatard, V. Korkhov, Johan Montagnat, Silvia Olabarriaga. "Enabling Grid

Interoperability at Workflow Level" in Proceedings of the Grid Workflow Workshop 2011 (GWW'11), Köln, Germany, mar 2011

2. Rubing Duan, Thomas Fahringer, Radu Prodan, Jun Qin, Alex Villazón, Marek Wieczorek, Real World Workflow Applications in the Askalon Grid Environment, EGC 2005, pp. 454-463.

3. Glatard, T., J. Montagnat, D. Lingrand, and X. Pennec. “Flexible and efficient workflow deployment of data-intensive applications on grids with MOTEUR.” International Journal of High Performance Computing Applications, 2008: 347-360.

4. Kacsuk, P. (2011), P-GRADE portal family for grid infrastructures. Concurrency and Computation: Practice and Experience, 23: 235–245. doi: 10.1002/cpe.1654

5. [28] K. Plankensteiner, R. Prodan, T. Fahringer, J. Montagnat, T. Glatard, G. Hermann, A. Harrison; IWIR Specification v0.3, SHIWA project deliverable, 22. November 2010.

Keywords: workflow management system; infrastructure interoperability

Examining Protein Folding Process Simulation and Searching for Common Structure Motifs in a Protein Family as Experiments in the

GridSpace2 Virtual Laboratory

Tomasz Jadczyk (1), Maciej Malawski (2), Marian Bubak (2, 3), Irena Roterman (4) (1) ACC CYFRONET AGH, Krakow, Poland (2) Institute of Computer Science AGH, Krakow, Poland (3) Informatics Institute, University of Amsterdam, The Netherlands (4)

Department of Bioinformatics and Telemedicine, JU MC, Krakow, Poland

1. Introduction. The mechanism of protein folding is still unknown despite of long lasting research in

biochemistry and bioinformatics. The goal expressed as: “Prediction of protein structure for known amino acid sequence” is suggested to be changed to the form: “Protein folding process simulation” makes the computer models close to experimental observation suggesting more than one mechanism of folding and multi-intermediate character of the process. The “Fuzzy Oil Drop” model [1] satisfying these conditions assumes the folding process as directed by water environment in form of introduction of external force field of hydrophobic character. Before the model can be applied for protein folding simulation the accordance of the assumed model shall be checked using the proteins of known structure deposited in Protein Data Bank. The second part of the research takes into account wide and complex problem of protein comparison [2]. Common structure motifs and conservative areas in a protein family may be found by performing comparison on three levels of protein description: amino acid sequences, secondary structures and 3D structures comparison. This approach is useful for detection of areas in protein that may be responsible for protein function or prediction of ligand binding sites and also for providing standardized methods for testing quality of protein structure prediction. 2. Related work. Bioinformatics analysis often requires creation of advanced workflows. Available environments, like Taverna or Galaxy, are well suited to running common bioinformatics applications. The main advantage of GridSpace2 Virtual Laboratory [3] is that user can easily run his own algorithms on Grid resources. Previous research on accuracy of models for protein folding simulation has focused on comparing the results of simulation with structure of real protein that has been analysed with X-Ray or NMR. This research does not take into account hydrophobicity of protein and was not executed on large data sets. There are available many programs for solving protein sequence and structure comparison problem. However, this software is able to perform only sequence: e.g. ClustalW, Muscle, or structure: e.g. Dali, Mammoth, comparison. We will use them in standard ways and combine results to find conservative areas in protein families. 3. Description of the solution. The examining the “FOD” model was focused on answering following question. Are there many proteins representing the structure of “fuzzy oil drop” character in respect to hydrophobicity distribution? Large scale calculation was performed using the complete set of proteins present in Protein Data Bank aimed to identify the proteins representing assumed structure. The expected hydrophobicity distribution was calculated according to 3-D Gauss function, based only on residues position and size of protein molecule. The observed hydrophobicity distribution was calculated according to Levitt function, which takes into account empirical hydrophobic interactions of the residue with all other residues. The similarity of both distribution (expected and observed, denoted as O/T) was calculated according to Kullback-Leibler distance entropy. The protein for which O/T is lesser than the distance between observed distribution and the random one was taken as the protein representing hydrophobic core of the “fuzzy oil drop” character. The second experiment - Protein Sequence and Structure Comparison – was focused on finding conservative area for proteins belonging to Igg, Vcam and Icam families. For each chain in selected proteins, amino acid sequence, structural code sequence and 3D structure was examined and aligned. Sequences were aligned with ClustalW algorithm, while Mammoth was used to align 3D structures. For each residue and every type of an alignment, the W score that depicts the conservation of the area to which the residue belongs to, was calculated. 4. Results. The “Fuzzy Oil Drop” experiment was run with the complete set of proteins deposited in PDB. The structural unit was defined in two ways: the protein complexes were taken as the one unit,

each chain was taken separately (Tab. 1.). The information concerning the: source organism (Tab.2.), length of polypeptide, enzyme characteristics was collected. Tab. 1: The percentage of proteins of the

structure accordant with the assumed

model.

CHAINS 96,41

COMPLEXES 26,27

The “Protein Sequence and Structure Comparison” experiment was executed to analyse the mechanism of signal transduction in immunoglobulins. The proteins belonging to the immunoglobulin

super-family like ICAM, VCAM and IgG were analyzed. As a processor of sequences and structural codes alignment, the ClustalW was used. The Mammoth was employed for computing structures alignment. An experiment was performed separately for proteins belonging to each super-family (except ICAM) and for all combinations of listed super-families. 5. Conclusions and future work. For further examining the “FOD” model, the non-redundant set shall be extracted from PDB to make the frequency of “fuzzy oil drop” model structures reliable. Also analysis that will use different functions for observed hydrophobicity and other hydrophobicity scales are planned. Protein Sequence and Structure Comparison

experiment will be executed to search conservative areas that may be responsible for protein functions in other protein families.

Acknowledgements. The research presented in this paper has been partially supported by the European Union within the European Regional Development Fund program no. POIG.02.03.00-00-007/08-00 as part of the PL-Grid project (www.plgrid.pl).

References 1. Konieczny L, Brylinski M, Roterman I. (2006) Gauss-function-based model of hydrophobicity density in proteins. In Silico Biol, 6, 15-22. 2. M. Brylinski, L. Konieczny, A. Kononowicz, and I. Roterman. Conservative secondary structure motifs already present in early-stage folding (in silico) as found in serpines family. Journal of Theoretical Biology, 251:275–285, 2008 3. E. Ciepiela, D. Harezlak, J. Kocot, T. Bartynski, M. Kasztelnik, P. Nowakowski, T. Gubała, M. Malawski, M. Bubak (2010) Exploratory Programming in the Virtual Laboratory. Proceedings of the International Multiconference on Computer Science and Information Technology pp. 621–628

CHAINS COMPLEXES

92,4 31,6

90,8 16,8

engineered 61,0 19,6

91,8 25,6

87,6 22,8

87,8 27,7

homo sapiens

escherichia coli

mus musculus

saccharomyces cerevisiae

bos taurus

Tab. 2: The percentage of proteins of the structure

accordant with the assumed model classified for

selected organism for individual chains and

complexes.

Federating Cloud Resources for VPH Applications Piotr Nowakowski (1), Tomasz Bartyński (1), Daniel Harężlak (1), Marek Kasztelnik (1), Jan Meizner (1), and Marian Bubak (1,2)

(1) AGH University of Science and Technology, ACC Cyfronet AGH, Krakow, Poland (2) Informatics Institute, University of Amsterdam, The Netherlands The advent of cloud computing technologies enables domain scientists to make use of distributed high performance computing and storage resources in new ways – including the ability to run custom software on HPC machines procured from external providers. However, taking advantage of such solutions requires users to upload their applications and research data to shared cloud infrastructures, where they can be accessed and processed by collaborating researchers. Given this requirement it becomes imperative to equip scientists with tools which would enable them to share their applications in a user-friendly, trustworthy and secure manner [1]. The VPH-Share cloud computing platform is an attempt to meet this challenge. The goal of the VPH-Share Cloud Computing Platform (which we call Atmosphere) is to develop, integrate and maintain an IaaS (Infrastructure as a Service) [2] environment which will enable the VPH-Share workflows [3], as well as any application making use of VPH-Share resources, to operate on top of the cloud and high-performance computing infrastructure provided by the project. In order to fulfil this task, Atmosphere needs to deliver a consistent service-based system which will enable end users to deploy the basic components of VPH-Share application workflows (known as Atomic Services) on the available computing resources, and then enact workflows using these services. Both types of activity need to be supported concurrently – note that the developer of an application workflow is not necessarily the person interacting with the workflow once it has been prepared. Thus, the end-user interfaces (and – by extension – the services which support them) must cater to both groups of users. The goal of this paper is thus to present the assumptions underpinning the development of Atmosphere as well as the specific technical solutions which have been employed in its construction. The paper will present the requirements posed by the VPH-Share application services, both in terms of demand for resources (computational and storage-oriented) and the organizational and security constraints which need to be met in order to ensure operation of VPH-Services on top of the available cloud hardware. It will introduce the architecture of Atmosphere and the services it offers to each group of VPH-Share end users (system administrators, application developers and end users). We will describe the origins of the Atmosphere approach on the basis of our experience in developing virtual laboratory [4] and distributed resource management solutions [5]. We will also present a selection of use cases, showing how Atmosphere lends itself to the deployment and sharing of actual research applications and datasets. Acknowledgements. This work was supported by EU project VPH-Share IST-269978 with the related Polish grant. References

1. M. Bubak, T. Gubala, M. Kasztelnik, M. Malawski. Building Collaborative Applications for System-

level Science. Advances in Parallel Computing, Volume 18, 2009, High Speed and Large Scale

Scientific Computing, Edited by Wolfgang Gentzsch, Lucio Grandinetti, Gerhard Joubert, ISBN 978-

1-60750-073-5 DOI: 10.3233/978-1-60750-073-5-299

2. Jeffery K, Neidecker-Lutz B, The Future of Cloud Computing, Expert Group Report published by the European Commission Information Society and Media Directorate General – available at http://cordis.europa.eu/fp7/ict/ssai/docs/cloud-report-final.pdf (accessed May 9, 2011)

3. Virtual Physiological Human: Sharing for Healthcare – A Research Environment, Integrated Project, http://www.vph-share.eu/

4. M. Bubak et al., Virtual Laboratory for Collaborative Applications, In: M. Cannataro (Ed.) Handbook of Research on Computational Grid Technologies for Life Sciences, Biomedicine and Healthcare, Chapter 27, pp. 531-551, Information Science Reference, 2009, IGI Global

5. B. Balis, M. Kasztelnik, M. Bubak, T. Bartynski, T. Gubala, P. Nowakowski, and J. Broekhuijsen. The UrbanFlood Common Information Space for Early Warning Systems. Procedia Computer Science, 4:96-105, 2011. Proceedings of the International Conference on Computational Science, ICCS 2011

Flexible and Extendable Mechanism Enabling Secure Access to e-Infrastructures and Storage of Confidential Data for the GridSpace2

Virtual Laboratory

Jan Meizner (1), Eryk Ciepiela (1), Piotr Nowakowski (1), Joanna Kocot (1), Maciej Malawski (2), Marian Bubak (2, 3) (1) ACC CYFRONET AGH, Krakow, Poland (2) Institute of Computer Science AGH, Krakow, Poland (3) Informatics Institute, University of Amsterdam, The Netherlands

1. Introduction. One of the perpetual goals in development of scientific software for various types of

HPC infrastructures is to provide adequate security mechanisms. GridSpace2 [1] is a platform which

enables scientific users to prototype and test their experiments on heterogeneous computing

resources provided by PL-Grid [2] partners, in addition to European e-Infrastructures. It is clear that an

adequate level of protection and smooth integration with such systems is required. Providing an

interoperability layer between various security mechanisms, including Shibboleth and the Grid Security

Infrastructure (GSI), has been an important scientific challenge, resulting in the development of such

technologies as GridShib [5] and ShibGrid [6]. At the outset of our research we studied the

requirements of the PL-Grid security framework and the needs of its users. As a result, we

enumerated two basic types of computing resources – directly accessed clusters and the Grid. Also

ability to provide access to data sources, including RDBMSes was needed. On this basis we were able

to declare the goals of our research – namely, to create a flexible security solution that would fully

support the above-mentioned heterogeneous systems while remaining extensible.

2. Related work. We first analyzed usual mechanisms used to access those resources. For clusters it

is an SSH connection to the User Interface node. The Grid uses middleware suites, including Globus

and UNICORE, which security solutions are based on X.509 certificates. Mentioned data sources are

protected by various mechanisms based on various types of credentials. Then we analyzed the

security solutions in the previous version of GridSpace [3], based on Shibboleth. However, despite

being well suited for Web tools (such as the GridSpace2 Experiment Workbench) and providing the

ability to protect SSH servers with mechanisms such as pam_shib [4] this technology wasn’t suitable

for GridSpace2 due to two drawbacks: the need to maintain additional Shibboleth infrastructure, as

well as the need to install special modules on computing resources, which was unfeasible.

3. Description of the solution. As a result we decided to base our solution on the well-known

username/password concept. With the help of the Ganymede SSH-2 library providing native Java

support for SSH, we enabled users to access the UI node from the Experiment Workbench. In addition

to this user/password mechanism we also later added support for accessing the Experiment

Workbench with a standard Grid Proxy certificate, with the help of COG JGlobus and COG JGlobus

Feature Extension libraries. As previously mentioned, we also needed to securely store various

atypical user credentials (such as RDBMS passwords, credentials for external e-Infrastructures etc.),

for greater flexibility. For this reason we deployed two variants of the so-called Wallet mechanism. The

simpler one, called “local wallet”, stores user credentials in flat files on the experiment host. The

security of those credentials is ensured by appropriate UNIX files permissions. This solution doesn’t

require any additional infrastructure; however, it is not always sufficient. Its most notable drawback is

the lack of mobility: credentials cannot easily be accessed from external nodes. Hence, we also

developed and deployed a separate “remote wallet”, which is free of this limitation. However, the use

of the remote wallet requires setting up one additional component: the Remote Central Wallet

(ReCeW), a small, lightweight UNIX daemon written for extra efficiency in C++, providing the ability to

securely store and access credentials from various locations. The security of such credentials in

ensured by a very strong encryption algorithm (AES256) and the actual credentials are stored on a

separate node. In addition, ReCeW is highly extensible – being based on four types of plugins, it can

be customized to provide any type of remote API (currently REST), encryption mechanism (e.g.

AES256), backend (e.g. SQLite) and authentication mechanism (at present, it is integrated with the UI

system via SSH).

4. Results. The general architecture of our solution is outlined in Fig. 1. As can be observed,

GridSpace2 components use industry-standard protocols. User credentials (both those needed to

access the infrastructure and those stored in the Wallet) are well protected at all times. Once the user

logs in, his/her credentials are sent in an encrypted manner to the experiment host, first via HTTPS

and then via SSH. At the same time they’re also sent (via HTTPS) to ReCeW, which also uses the

SSH protocol to authenticate users.

5. Conclusions and future work. We’ve created a

stable and secure mechanism providing sufficient

user access to all of the required infrastructures.

Moreover, our solution is flexible, manageable and

ready for future extensions, including EW access to

cloud environments by using the Wallet mechanism

to store credentials (in fact, this scenario is already

partially supported).

Acknowledgements. The research presented in this

paper has been partially supported by the European

Union within the European Regional Development

Fund program no. POIG.02.03.00-00-007/08-00 as

part of the PL-Grid project (www.plgrid.pl).

References

1. E. Ciepiela, D. Harezlak, J. Kocot, T. Bartynski, M. Kasztelnik, P. Nowakowski, T. Gubała, M. Malawski, and M. Bubak, "Exploratory programming in the virtual laboratory," in Proceedings of the International Multiconference on Computer Science and Information Technology, Wisla, Poland, 2010, pp. 621-628

2. The PL-Grid project, http://www.plgrid.pl/en 3. J. Meizner, M. Malawski, E. Ciepiela, M. Kasztelnik, D. Harezlak, P. Nowakowski, D. Krol, T.

Gubala, W. Funika, M. Bubak, T. Mikolajczyk, P. Plaszczak, K. Wilk, and M. Assel; ViroLab Security and Virtual Organization Infrastructure, in Y. Dou, R. Gruber, and J. Joller (Eds.): APPT 2009, Advanced Parallel Processing Technologies 8th International Symposium, APPT 2009, Rapperswil, Switzerland, August 24-25, 2009 Proceedings, LNCS 5737, pp. 230–245, Springer-Verlag Berlin Heidelberg 2009

4. J. Meizner, M. Malawski, and M. Bubak, Flexible and Secure Access to Computing Clusters. Computer Science, Annual of University of Science and Technology, 11. pp. 21-36, 2010.

5. T. Barton, J. Basney, T. Freeman, T. Scavo, F. Siebenlist, V. Welch, R. Ananthakrishnan, B. Baker, M. Goode, and K. Keahey, "Identity federation and attribute-based authorization through the globus toolkit, shibboleth, gridshib, and MyProxy," in 5th Annual PKI R&D Workshop, Apr. 2006.

6. D. Spence, N. Geddes, J. Jensen, A. Richards, M. Viljoen, A. Martin, M. Dovey, M. Norman,

K. Tang, A. Trefethen, D. Wallom, R. Allan, and D. Meredith, "ShibGrid: Shibboleth access for the

UK national grid service," Dec. 2006, p. 75. [Online]. Available: http://dx.doi.org/10.1109/E-

SCIENCE.2006.261159

Fig. 1: General architecture of the Gris Space 2 Security Framework showing all its main components.

From Quantity to Quality: Massive Molecular Dynamics Simulation of Nanostructures under Plastic Deformation in Desktop and

Service Grid Distributed Computing Infrastructure Olexandra Baskova (1), Olexander Gatsenko (1), Lev Bekenev (1),Evgen Pavlov (2), Yuri Gordienko (1) (1) G.V.Kurdyumo Institute for Metal Physics, National Academy of Sciences of Ukraine, Kiev, Ukraine (2) Taras Shevchenko National University of Kiev, Kiev, Ukraine

Search for new nanoscale functional devices is considered as El Dorado and stimulates Gold Rush in material science now. But controlled fabrication of nanoscale functional devices takes careful selection and tuning the critical parameters (elements, interaction potentials, regimes of external influence, temperature, etc) of atomic self-organization in designed patterns and structures for nanoscale functional devices. That is why molecular dynamics (MD) simulations of nanofabrication processes with physical parameter decomposition for parameter sweeping in a brute force manner are very promising. Usually MD-simulations for realistic configurations take huge resources of supercomputers with large shared memory and big number of CPUs. But the recent advances in computing hardware, algorithms, and infrastructures, especially in development of distributed computing infrastructures, allow us to elaborate the efficient methods for solving these tasks without expensive scaling-up. For example, the distributed computing model on the basis of the BOINC, XtremWeb-HEP, OurGrid, EDGeS platforms for high-performance distributed computing becomes very popular due to feasibility to use donated computing resources of idle PCs and integration with global computing grid [1,2]. Usually, a sequential application by slight modifications in its code could to be ported to the parallel version for worker nodes of a distributed computing environment (DCI) as Desktop Grid (DG) by means of the BOINC software platform and availability of simple and intuitive Distributed Computing Application Programming Interface (DC-API) [3]. For this purpose the very popular non-commercial open-source package LAMMPS by Sandia Labs (http://lammps.sandia.gov) was selected as a candidate for porting to DCI on the basis of DG. The typical simulation of the investigated nanostructure under 1 configuration of physical parameters — for instance, metal single crystal with 10

7 atoms with embeded atom potentials for 1-10 picoseconds of

the simulated physical process — takes approximately 1-7 days on a single modern processor. By means of the new technology of high-performance computations on the basis of Service Grid and Desktop Grid infrastructures the massive MD simulations of plastic deformation processes were carried out for the large quantity of Al nanocrystals (>1000). As an example, the change of plastic deformation mode was investigated under severe plastic strain: from homogeneous (laminar) mode (on the basis of easy dislocation glide) to heterogeneous localized (hydrodynamic) mode (on the basis of correlated displacement of groups of atom-vacation or strongly excited states). Statistical analysis (with moment and bootstrapping analysis) of the defect density distribution over the ensemble of nanocrystals (>1000) shown that such quantitative change of plastic deformation mode is followed by the qualitative change of defect density distribution type over ensemble of nanocrystals. This suggests that some linked local zones (links of chain according to the «chain with a weak link» model) of correlated (hydrodynamic) plastic flow appear in a nanocrystal, which manifests as collective displacements of point-like defects and their aggregates in a «weak link», with power-law (scale-invariant or fractal) basic distribution of defect density over links of the chain. Deploying LAMMPS on a DG DCI, utilising hundreds of machines at the same time, allows to get new scientific quality from the simulated quantity of numerous configurations by harnessing sufficient computational power to undertake the MD simulations in a wider range of physical parameter (configuration) in a much shorter timeframe. Acknowledgements. The work presented here was partially funded by FP7 DEGISCO (Desktop Grids for International Scientific Collaboration) (http://degisco.eu) project, which is supported by the FP7 Capacities Programme under grant agreement number RI-261561). References 1. P. Kacsuk, J. Kovács, Z. Farkas, A. Cs. Marosi, G. Gombás, Z. Balaton: SZTAKI Desktop Grid

(SZDG): A Flexible and Scalable Desktop Grid System, Journal Of Grid Computing, 2009, Vol. 7 , No. 4, 439-461.

2. F. Cappello, S. Djilali, G. Fedak, T. Herault, F. Magniette, V. Néri, and O. Lodygensky, Computing on large-scale distributed systems: XtremWeb architecture, programming models, security, tests and convergence with grid, Future Generation Computer Systems, 21 (2005) 417–437.

3. Z.Balaton, Z.Farkas, G.Gombás, P.Kacsuk, R.Lovas, A.Marosi, A.Emmen, G.Terstyánszky, T.Kiss, I.Kelley, I.Taylor, O.Lodygensky, M.Cardenas-Montes, G.Fedak, F.Araujo, EDGeS: the common boundary between service and desktop grids, Parallel Processing Letters, v.18, 3, (433-445) 2008

Full-text Web-Scale Search with Spatial Support on a Distributed Architecture

Stefan Dlugolinsky (1), Martin Seleng (1), Michal Laclavik (1), Ladislav Hluchy (1) (1) Institute of Informatics, Slovak Academy of Sciences, Bratislava, Slovakia

Building a robust web-scale search service covers plenty of problems resulting from the fact that the Web content is very diverse. There are many heterogeneous sources of information in different languages and there are many different formats of information representation too. According to latest W3C surveys, there are about 65.5% of top 1 million websites using XHTML markup language, while the rest is using HTML. The trend of XHTML usage is slightly growing, but the semantic standards like RDF, GRDDL, RDFa, SPARQL, OWL, RIF or SKOS are used sporadically in XHTML documents. Therefore general semantic Web solutions cannot be applied. We need to do information extraction and semantic analysis of the crawled data to allow “intelligent searching” over this data. Another aspect of a robust web-scale search service is the scalability, which can be fulfilled by distributed architecture [1]. In our work, we focus on extraction of spatial information located in a text of a web document and full-text search with spatial support in the domain of crawled and analyzed web documents; all performed on a scalable distributed architecture based on a MapReduce paradigm [2]. Our approach was to build a search service, which automatically builds its search domain by crawling the Web and automatically discovers the geographic coordinates related to crawled documents. Spatial search or search by geographic distance is useful, for example if we are looking for the nearest restaurant, hotel or any other business near our location (reference point). Almost every company today presents its business on the Internet sharing business information along with its contact information. There can be miscellaneous geographic information extracted from the contact page for example, but not only from it. Extracted information can be used to determine the geographic location related to the document, so it is later possible to use it in the search (restrict results by an area, search results within a desired distance from arbitrary location, order results by geographic distance, etc.). There are many services, which have something to do with searching in the maps. Well known are Google Maps, YellowPages.com or Yahoo! Local Maps. Search domain of these and other existing services is generally built by users, who submit the location and description of their businesses into the service database. Search domain of such systems is also often built from specialized catalogues (e.g. restaurant or hotel catalogues), where the geographic location is present. There are also some spatial search solutions in the open-source domain. For example GeoPosition plug-in for Apache Nutch web-search system (prior to Nutch versions with Solr integration), which automatically retrieves geographic position of the document from its content, but with the limitation of one geographic position per document. In addition, geographic position must be explicitly defined by a special meta tag. Another solution is Solr spatial search, but it has also a limitation of single-valued spatial field for indexing (one geographic location per indexed document). In our previous work [3] we have presented a solution for indexing and searching documents related to more than one geographic location, where we showed how can be geo-hash strings and their prefixes used in geospatial search in Nutch (independent of the reference search point). In this work, we have integrated our information extraction system Ontea together with GATE and Stanford NLP API into Apache Nutch to improve the semantic analysis and extraction of geo-spatial information from the textual content of a web document. We have also integrated our geo-spatial search into Solr, so it is possible to select an interest area in a map viewport and perform a full-text search over it. Finally, we discuss several possibilities of improving the system.

Acknowledgements. This work is supported by projects Projekt ITMS: 26240220029, SMART II ITMS: 26240120029, VEGA 2/0184/10. References 1. Seleng, M.: Distribuované spracovanie dát nad MapReduce architektúrou (Hadoop a Hive). In:

Proceedings of the 5th Workshop on Intelligent and Knowledge oriented Technologies (WIKT 2010), november 2010, Bratislava. 141 p., ISBN 978-80-970145-2-0

2. Dean J., Ghemawat S.: MapReduce: Simplified Data Processing on Large Clusters, Google, Inc. OSDI’04, San Francisco, CA (2004)

3. Dlugolinsky, S., Laclavik, M., Hluchy, L.: Towards a Search System for the Web Exploiting Spatial Data of a Web Document. In: Database and Expert Systems Applications, DEXA, International Workshops, Bilbao, Spain, August 30 - September 3, 2010, pp. 27-31. IEEE Computer Society (2010)

1 On 10.09.2011 there were total 118411 hosts registered in SZTAKI Desktop Grid (http://szdg.lpds.sztaki.hu/szdg) : 96601

Windows based, 17592 Linux based and 4218 other.

GBAC: Virtualization based execution environment for Desktop Grids

Attila Csaba Marosi, József Kovács, Péter Kacsuk

MTA SZTAKI, Budapest, Hungary

Desktop Grid (DG) systems provide an easy to maintain and powerful alternative to traditional Grids, Clusters and even to Clouds in some cases. Clusters and cluster based grids are very flexible in the sense that they can efficiently run any kind of applications including tightly- and loosely-coupled, compute- and data-intensive applications. DG systems represent the least expensive form of collecting resources, there are the two main variants: global volunteer computing systems and the institutional DG systems. In the global version the spare cycles of typically home computers are donated on a volunteer basis. Volunteer DG systems collect large number of resources, the most popular volunteer DG platform is BOINC [1] with more than 2.2M users and 6.5M hosts combined [2].

However, there are several drawbacks of (BOINC based) Desktop Grids in general: a.) they are not suitable for all kind of applications, they can efficiently support only bag-of-task (parameter sweep and master/worker) compute-intensive applications; b.) legacy applications require lot of effort, since applications need to be specially ported and thus modified; and c.) applications need to be pre-deployed and registered at the DG before use. For volunteer DG systems several other problems arise: i.) large chunk of the gathered volunteer resources are Windows based while the scientific applications come usually from the Unix domain, thus rendering large number of resources "unusable" by default (in case of SZTAKI Desktop Grid the ratio is 1:5.78 in favor of the Windows hosts

1 ); and ii.) resources even in the

same class (e.g., Linux hosts) are not homogenous, thus complex applications with dependencies (libraries, specific OS version requirement) are nearly impossible to deploy.

The problems described here lead to the emerge of several application porting methodologies for DG systems. In this paper we are going to compare the different existing methodologies with focus on the results of our new virtualization based solution which aims to solve the shortcomings of the others.

First BOINC by default provides a C/C++/Fortran API for developing applications. Second there are several “Meta” API’s (e.g., DC-API [3] and PyMW [5]) available which allow developing and deploying the same application for different (DG) systems. Third by using wrapper technologies (e.g., GenWrapper [4]) most legacy applications can be ported easily without any modifications to the application itself. However these methodologies not address the problem of heterogeneous resources and resource classes, the registration prerequisite or complex dependencies. The advent and wide-spread of virtualization made it possible to rely on it for volunteer computing [6]. Building on our previous results [7] we developed GBAC (“Generic BOINC Application Client”) which is methodology that builds on a VirtualBox based solution and a.) provides a generic wrapper for legacy applications; b.) provides a homogenous execution environment and sandbox; and c.) allows executing applications with complex dependencies. With GBAC any application that fits the bag-of-task criteria can be easily executed without pre-deployment and modification on a (BOINC based) DG system.

Acknowledgements. The research leading to these results has received funding from the European Community's Seventh Framework Programme FP7/2007-2013 under grant 261556 (EDGI).

References

1. David P. Anderson: BOINC: A System for Public-Resource Computing and Storage. 5th IEEE/ACM International Workshop on Grid Computing. November 8, 2004, Pittsburgh, USA.

2. http://boincstats.com. Retrieved 10. 09. 2011. 3. Attila Csaba Marosi, Gabor Gombas, Zoltan Balaton, Peter Kacsuk: Enabling Java applications for

BOINC with DC-API. In Distributed and Parallel Systems, proceedings of the 7th International Conference On Distributed And Parallel Systems, pp3-12, 2009.

4. Attila Csaba Marosi, Zoltan Balaton, Peter Kacsuk: GenWrapper: A Generic Wrapper for Running Legacy Applications on Desktop Grids. 3rd Workshop on Desktop Grids and Volunteer Computing Systems (PCGrid 2009), 2009 May, Rome, Italy

1 On 10.09.2011 there were total 118411 hosts registered in SZTAKI Desktop Grid (http://szdg.lpds.sztaki.hu/szdg) : 96601

Windows based, 17592 Linux based and 4218 other.

5. Heien, E.M.; Takata, Y.; Hagihara, K.; Kornafeld, A.: PyMW - A Python module for desktop grid and volunteer computing, Parallel & Distributed Processing, 2009. IPDPS 2009. IEEE International Symposium on , vol., no., pp.1-7, 23-29 May 2009. doi: 10.1109/IPDPS.2009.5161132

6. Ben Segal: Early experience with CERN's Volunteer Cloud. BOINC Workshop 2011. Hannover, Germany, 18-19 August 2011.

7. Attila Csaba Marosi, Peter Kacsuk, Gilles Fedak, Oleg Lodygensky: Sandboxing for Desktop Grids Using Virtualization, Parallel, Distributed and Network-Based Processing (PDP), 2010 18th Euromicro International Conference on , vol., no., pp.559-566, 17-19 Feb. 2010.

GPU Enhanced Simulation of Angiogenesis Rafał Wcisło, Marcin Worecki AGH University of Science and Technology, Krakow, Poland

Angiogenesis is a biological process of new blood vessels growth. It is an important natural process accompanying wound healing and tissue reproduction. It is the fundamental process in many diseases including cancer, skin diseases, age-related blindness, diabetic ulcers, cardiovascular diseases. Good understanding of angiogenesis can help to develop new medical treatments [1]. There are many models and simulations of angiogenesis. For example, M. Aubert et al. [2] have presented angiogenesis modeling based on set of nonlinear partial differential equations (PDEs). Abbas Shirinifard et al. [3] have used multi-cell GGH model to simulate 3D solid tumor growth and angiogenesis. In our simulations we use complex automata approach (CxA), which combines the cellular automata modeling (CA) with off-grid particle dynamics coupled by continuum reaction-diffusion equations. However, to simulate spatio-temporal scales enabling to observe tumor development in all growth phases: avascular, angiogenic and metastasis, more computational power is required.

Computational power of GPUs has been increased dramatically and currently it exceeds CPUs by orders of magnitude. Development of GPU computational environments, like CUDA, enables to harness this power in scientific applications. As shown by J.A. van Meel et al. [4] and Joshua A. Anderson et al. [5], who have successfully implemented molecular dynamics simulation on GPU, significant speedup greater than 20 can be obtained. These works motivated us for speeding up CxA modeling.

Profiling of existing CPU implementation has shown that 95% of time is spent in only two simulation phases: cells-cells and vessels-cells forces calculation. Those two stages have been rewritten to utilize computational power of GPUs. By use of advanced CUDA mechanisms such as shared memory, textures, atomic operations, we managed to achieved speedups of CUDA kernels up to 50. However, in our simulations we use GPU as a co-processor and data from CPU is copied back and forth in each phase. It decreases speedup of whole phase to 20x and 16x for cells-cells and tubes-cells (tubes – elongated fragments of vasculature), respectively. We show that the performance of the entire simulation can be improved by the factor of 10.

The speedup obtained is quite satisfactory,

taking into account the complexity of system modeled. However, there are still implementation problems that can be solved better. Overhead introduced by memory moving can be totally eliminated by implementing entire simulation on GPU. It would also enable to make visualization more efficient. Objects positions could be stored in an OpenGL vertex array object (VBO) so that they could be rendered directly from GPU memory [6].

The modeling system can be used in the future as a framework of virtual laboratory and problem solving environment for educational purposes and finally for in silico experiments, which can play the role of angiogenesis assays in planning cancer treatment. Acknowledgements. This research is financed by the Polish Ministry of Higher Education and Science, project N519 579338 and partially by AGH grant No. 11.11.120.777. References 1. http://www.angio.org 2. M. Aubert, M.A.J. Chaplain, S.R. McDougall, A. Devlin, C.A. Mitchell “A Continuum Mathematical

Model of the Developing MurineRetinal Vasculature ” January 2011

94000 96000 98000 100000 102000 104000 1060008

9

10

11

12

13

14Speedup

Number of Objects (Cells + Tubes)

3. Abbas Shirinifard, J. Scott Gens, Benjamin L. Zaitlen, Nikodem J.Popławski, Maciej Swat, James A. Glazier “3D Multi-Cell Simulation of Tumor Growth and Angiogenesis”

4. J.A. van Meel, A. Arnold, D. Frenkel, S.F. Portegies Zwart, R.G.Belleman “Harvesting graphics power for MD simulations” February 2, 2008

5. Joshua A. Anderson, Chris D. Lorenz, A. Travesset “General purpose molecular dynamics simulations fully implemented on graphics processing units” February 2008

6. Simon Green "Particle Simulation using CUDA" May 2010

GridSpace2 Virtual Laboratory Case Study: Implementation of

Algorithms of Quantitative Analysis of the Grain Morphology in

Self-Assembled Hexagonal Lattices according to Hillebrand Method

Eryk Ciepiela (1), Leszek Zaraska (2), Grzegorz Sułka (2) (1) ACC CYFRONET AGH, Krakow, Poland (2) Department of Chemistry, Jagiellonian University, Krakow, Poland 1. Introduction. The development of GridSpace2 [2] is intended to be driven by real-life scientific

applications that demand for Virtual Laboratory capabilities as identified in GridSpace2 objectives and

motivations [1]. Therefore, a portfolio of e-science applications were developed in parallel to

GridSpace2 efforts indicating the roadmap and functional requirements to implement.

One of the examples of that kind of feedback and synergy between the platform and an application

being developed on its foundation is implementation of the method of Quantitative Analysis of the

Grain Morphology in Self-Assembled Hexagonal Lattices [4]. The method, originally published in top

nano-chemistry journal ACS Nano, turned out suitable to apply in the research conducted by the team

of Department of Chemistry of Jagiellonian University.

2. Description of the solution. Despite precise description of the method, the chemists' team was

still lacking of its executable implementation to be ready-to-use for their purposes. In collaborative

effort with DICE Team [5] the method was implemented as an GridSpace2 experiment.

3. Results. The experiment takes advantage of general-purpose scripting languages (Python, Bash),

domain-specific (Mathematica) and purpose-specific (Gnuplot). Code snippets written in above

mentioned languages were combined together in a single experiment that carries out whole workflow

starting from input in a form of SEM image files, up to the result files (figures, tables) that are ready to

use in publications and are subject for result discussion.

4. Conclusions. This activity could be carried out thanks to PL-Grid [3] founding and turned out very

fruitful as it got involved scientist as PL-Grid e-Infrastructure users on one hand, on gave better

understanding for GridSpace2 development team of real scientists' needs, on the other hand.

Acknowledgements. The research presented in this paper has been partially supported by the

European Union within the European Regional Development Fund program no. POIG.02.03.00-00-

007/08-00 as part of the PL-Grid project (www.plgrid.pl).

References

1. E. Ciepiela, D. Harezlak, J. Kocot, T. Bartynski, M. Kasztelnik, P. Nowakowski, T. Gubała, M. Malawski, and M. Bubak, "Exploratory programming in the virtual laboratory," in Proceedings of the International Multiconference on Computer Science and Information Technology, Wisla, Poland, 2010, pp. 621-628

2. GridSpace technology home site, http://dice.cyfronet.pl/gridspace/ 3. The PL-Grid project, http://www.plgrid.pl/en

4. Reinald Hillebrand, Frank Muller, Kathrin Schwirn, Woo Lee, and Martin Steinhart „Quantitative Analysis of the Grain Morphology in Self-Assembled Hexagonal Lattices”, ACS Nano, vol. 2, no. 5, pp. 913-920

5. Distributed Computing Environments (DICE) Team home site – http://dice.cyfronet.pl

Heterogeneous Distributed Computing Infrastructure with Desktop Girds for Large Scale Data Processing in Materials Science

Olexandra Baskova, Olexander Gatsenko, Yuri Gordienko (1) G.V.Kurdyumov Institute for Metal Physics, National Academy of Sciences of Ukraine, Kiev, Ukraine (2) Taras Shevchenko National University of Kiev, Kiev, Ukraine

Routine experimental data processing tasks such as video and image data extraction, statistical analysis, and graphical summary, require intensive use of computing resources. These tasks with independent vector-type data (images and video) can be performed much quickly in a parallel computing environment where extensive calculations can be performed simultaneously. Recent advances in hardware and distributed computing technologies make high-performance parallel computing widely available to most users. Firstly, the domestic video cards in many modern PCs support parallel computing operations besides the routine graphical functions by the so-called graphics processing units (GPU) with significant performance speedup. Secondly, the distributed computing model on the basis of Desktop Grid (DG) platform for high-performance distributed computing becomes very popular due to feasibility to use donated computing resources of idle PCs and integration with global computing grid [1,2]. Thirdly, the big reserve of scaling-up is related with delivering the workunits to EDGeS DG->EGEE Service Grid (SG) Bridge and global computing resources of EGEE (Enabling Grids for E-sciencE) [3]. Usually, a sequential application by slight modifications in its code could to be ported to the parallel version for worker nodes of a distributed computing environment (DCI) as DG by means of the BOINC software platform. The problem consists in adaptation of available codes and programs for such heterogeneous DCI without huge expenses of human and financial resources. We demonstrated how simple and intuitive Distributed Computing Application Programming Interface (DC-API) [1] could be used in relation to available custom and standard software (like R and MATLAB) for smooth porting of the available codes to heterogeneous DCI DG-SG for large scale data processing in materials science. The special attention was paid to resource intensive tasks: video and image processing (with focus on the most popular functions used in MATLAB) and statistical processing (with functions for simulating and fitting distributions, analyzing and modeling data, and conducting trends analysis in R).

The new multiscale video and statistical processing method is used to observe and characterize the dynamic behavior of metals under mechanical deformation, record its surface evolution, and process the observed surface statistical parameters. The calculations include many parameters of physical process and video processing parameters (size distribution, anisotropy, localization, scaling parameters, etc.). The typical multiscale analysis of the dynamic video sequence (with 10

3-10

6 frames)

of deformed metal surface (depicting it time evolution) takes approximately several weeks on a single modern processor. The high-performance grid-enabled version of the video processing software is designed and tested in our DCI DG-SG.

The main achievement is the practical possibility to port, distribute, and use DG-enabled version of applications in heterogeneous DCI DG-SG with CPUs and GPUs for video and statistical processing the experimental data in materials science. It could open the new way to more powerful calculations and can be attractive in academia and industry as user-friendly and powerful computing infrastructure in complement to more classical infrastructures such as clusters or supercomputers. Acknowledgements. The work presented here was partially funded by FP7 DEGISCO (Desktop Grids for International Scientific Collaboration) (http://degisco.eu) project, which is supported by the FP7 Capacities Programme under grant agreement number RI-261561). References 1. P. Kacsuk, J. Kovács, Z. Farkas, A. Cs. Marosi, G. Gombás, Z. Balaton: SZTAKI Desktop Grid

(SZDG): A Flexible and Scalable Desktop Grid System, Journal Of Grid Computing, 2009, Vol. 7 , No. 4, 439-461.

2. F. Cappello, S. Djilali, G. Fedak, T. Herault, F. Magniette, V. Néri, and O. Lodygensky, Computing on large-scale distributed systems: XtremWeb architecture, programming models, security, tests and convergence with grid, Future Generation Computer Systems, 21 (2005) 417–437.

3. Z.Balaton, Z.Farkas, G.Gombás, P.Kacsuk, R.Lovas, A.Marosi, A.Emmen, G.Terstyánszky, T.Kiss, I.Kelley, I.Taylor, O.Lodygensky, M.Cardenas-Montes, G.Fedak, F.Araujo, EDGeS: the common boundary between service and desktop grids, Parallel Processing Letters, v.18, 3, (433-445) 2008

Heterogeneous GPU Cluster for High-Performance Computing in Cryptography

Michał Marks (1,2), Jarosław Jantura (1), Krzysztof Góźdź (3), Ewa Niewiadomska-Szynkiewicz (1,2) (1) Research and Academic Computer Network (NASK), Warsaw, Poland (2) Institute of Control and Computation Engineering, Warsaw University of Technology, Poland (3) Hewlett-Packard Poland

One of the biggest advantages of distributed systems over standalone computers is an ability to share the workload between computers, processors and cores. Clusters, grids and cloud computing are one of the most progressive branches in a field of parallel computing and data processing nowadays. A new model for parallel computing rely on usage of CPU and GPU units to solve a general purpose scientific and engineering problems revolutionized data computation last years. Using CUDA or OpenCL in many real-world applications can be easily implemented and run significantly faster than on multi-processor or multi-core systems.

We have designed and developed a hybrid cluster system – a novel computing architecture with multi-core CPUs working together with parallel-core GPUs. Our cluster consists of 24 nodes and integrates two types of CPUs: 12 servers with Intel processors and 12 with AMD processors – see Figure 1. All servers are equipped with advanced GPUs, adequately, NVidia and AMD units. The novelty of our solution is not only the proposed hybrid architecture of the cluster but a new software environment that can support a potential user in its task execution. The goal of this software is to divide data into separate domains, allocate the calculation processes to cluster nodes, manage calculations and communication. Therefore, from the user’s perspective, the cluster system serves as one server - its heterogeneity is hidden.

Figure 1. Hybrid system architecture with Intel+NVidia and AMD+ATI/AMD nodes.

Our CPU/GPU cluster is dedicated to perform complex calculations and processing of large number of data. The focus is on parallel implementation of cryptography algorithms. We have performed multiple tests to show the efficiency and scalability. The selected results are presented in Tables 1 and 2. More detailed results and the comparative study of the efficiency of two architectures: AMD+ATI/AMD and Intel+NVidia will be presented.

Intel Xeon X5650 Nvidia Tesla M2050 AMD Opteron 6172 AMD FirePro V7800

342 789 969 502 758 621 443 610 548 332 707 911

Table 1. Number of generated MD5 hashes per second

Nodes MD5(CPU) [c/s] MD5(GPU) [c/s] SHA1(CPU) [c/s] SHA1(GPU) [c/s]

1 node 342 789 969 502 758 621 156 028 537 180 993 103

4 nodes 1 330 831 643 1 740 318 302 580 106 101 707 004 310

8 nodes 2 513 793 103 2 828 017 241 1 131 206 897 1 414 008 621

Table 2. Scalability of hasehes geneartion using MD5 and SHA1 algorithms

References 1. V. Kindratenko, J. Enos, G. Shi, M. Showerman, G. Arnold, J. Stone, J. Phillips, W. Hwu, GPU

Clusters for High-Performance Computing, In Proc. PPAC'09 Workshop, 2009.

2. K. Hung Tsoi, W. Luk. Axel: a heterogeneous cluster with FPGAs and GPUs. Proc. of the 18th ACM/SIGDA international symposium on Field programmable gate arrays (FPGA '10). ACM, pp. 115-124, New York, USA, 2010.

3. D.M. Kunzma, L.V. Kalé. Programming heterogeneous clusters with accelerators using object-based programming, Scientific Programming, 19, 1 pp. 47-62, 2011.

Identifying Limits of Scalability in Distributed, Heterogeneous, Layer Based Monitoring Concepts like SLAte

Marcus Hilbrich (1), Ralph Mueller-Pfefferkorn (1) (1) Technische Universität Dresden, Center for Information Services and High Performance Computing (ZIH) One of the consequences of using external, distributed resources for computing is to give up direct observability of your computing tasks. The concept which jumps into this gap is called job centric monitoring. The academic challenge of this field of research is how to get from the old fashioned visualization concepts of tools like top [1] [2] or the system monitor of the gnome desktop project [3], to a new kind of analysis and visualization system like addressed by AMon [4] [5] [6]. This system has to offer methods to handle thousands of jobs running on different hardware with changing side effects like the influence of jobs of other users using the same computing systems. Before we can launch into this challenge we have to develop methods to handle huge amounts of monitoring data generated in a heterogeneous infrastructure like cloud or grid, e.g. the resources of the German D-Grid community [7]. Therefore we need concepts for deploying highly scalable infrastructures. SLAte [8] is a system which adresses this challenge. A layer based concept is used where each layer can grow with the demand by adding additional servers. Another task of SLAte is to give a unified view to all monitoring data stored on the distributed storage system. In the paper we will introduce the SLAte architecture which offers a uniform access layer allowing the user to access data as easy as on a system with central storage technology. Additionaly we discus the impact of a uniform access layer on scalability. Acknowledgements. This work is supported by Bundesministerium für Bildung und Forschung. References TODO

1. Procps - The /proc filesystem utilities, http://procps.sourceforge.net/index.html. 2. debian - Package: procps, http://packages.debian.org/lenny/procps 3. GNOME Documentation Library - System Monitor Manual V2.2,

http://library.gnome.org/users/gnome-system-monitor/stable/index.html.en 4. R. Müller-Pfefferkorn , R. Neumann, A. Hammad, T. Harenberg, M. S. Hüsken, P. Mättig, M.

Mechtel, D. Meder-Marouelli , St. Borovac, P. Ueberholz: Monitoring of Jobs and their Execution for the LHC Computing Grid, in Proceedings of the Cracow Grid Workshop (CGW 06), Cracow, Poland, October 15-18, pages 224-231, 2006

5. R. Müller-Pfefferkorn, R. Neumann, Th. William: AMon - a User-Friendly Job Monitoring for the Grid, In "Towards Next Generation Grids: Proceedings of the CoreGRID Symposium 2007", pp. 185-192, ISBN: 978-0-387-72497-3, New York, Springer, 2007

6. Henrik Eichenhardt, Ralph Müller-Pfefferkorn, Reinhard Neumann, Thomas William: "User- and Job-Centric Monitoring: Analysing and Presenting Large Amounts of Monitoring Data"; In Proceedings of the 2008 9th IEEE/ACM International Conference on Grid Computing; Sep 29th - Oct 1st, 2008; Tsukuba/Japan, ISBN 978-1-4244-2579-2; pages 225-232; 2008

7. Deutsche Grid-Initiative, http://www.dgrid.de/ 8. M. Hilbrich, R. Müller-Pfefferkorn, A Scalable Infrastructure for Job-Centric Monitoring Data

from Distributed Systems in Proceedings of the Cracow 09 Grid Workshop, ACC CYFRONET AGH, Krakow, 2009

Implementing Virtual Data Infrastructures – A Case Study with iRODS

Thomas Röblitz Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen (GWDG), Germany

Scientific discoveries increasingly require the storing and processing of vast amounts of data owned by international collaborations that need to share different data sets and analysis tools operating on them. Ensuring reproducibility of scientific results necessitates provenance information for the complete research lifecycle: from data taking or simulation to data analysis to publishing and eventually to its long-term preservation. State-of-the-Art data intensive computing utilizes world-spread storage and compute resources to implement different types of systems, APIs, programming models and security infrastructures. Over the last decade, research in Grid computing essentially followed two approaches to relieve the scientists from learning many of the resources' specific details: basic low-level services such as Globus toolkit

1, gLite

2 or UNICORE

3, and comfortable application specific

portals such as MultiDark4 or PANGAEA

5. While the former provides a high degree of flexibility for

implementing a wide range of scenarios, it typically requires deep understanding of the underlying concepts, and requires many manual operations for analyzing data, its maintenance and preservation. In contrast, the latter does not require expert knowledge, but is usually limited to very specific use cases. In [1] we developed VISPA, a conceptual framework of a virtual infrastructure for storing and processing scientific data. The two key concepts of VISPA are: (1) views which encapsulate data in specific context, and (2) the declarative description of views. We devised VISPA after studying applications from different scientific domains exhibiting various requirements on the sharing and processing of data. Besides flexible and dynamic data sharing schemes, the key requirements are to easily incorporate different types of resources (eg, clusters, Grids, Clouds, servers, PCs, laptops), support for different access methods / programming models (eg, flat file I/O, relational database operations, data parallel computing), and being able to capture the whole lifecycle of data, that is from data taking over filtering, combining, moving, analyzing, publishing to its long-term preservation. The key concepts of VISPA are implemented by a runtime system operating in a feedback loop that retrieves view descriptions from a store, monitors the state of data storage and processing, and compiles operations to let the descriptions eventually conform with the state of the data. We are not aware of any standard Grid computing toolkit or portal that provides such a complete data management solution. In the Cracow Grid Workshop series, research on virtual research infrastructures has seen some attention in recent years, for example ViroLab [3]. However, most of them focus on orchestrating workflows of compute activities instead of managing data sets. This paper evaluates iRODS (Integrated Rule-Oriented Data System)

6 version 3.0 beta as the

runtime system for implementing the two key concepts mentioned above. Data sets managed by iRODS are split into zones, each being served by a single metadata catalog and one to many data servers. Data may be stored on different types of resources such as traditional file servers, relational databases and storage provided as a service (eg Amazon S3 [2]). For ease of use a single command-line interface is provided that hides the specific interfaces of a resource. Access authorization is implemented via iRODS internal accounts or GSI certificates. Data objects are registered with iRODS by either uploading them to a storage resource or by registering an existing URL. Data objects are organized in hierarchical collections that may be automatically replicated to one or more storage resources. Each data object may be described by metadata given as an arbitrary list of (attribute,value) pairs. iRODS provides a sound basis for implementing the key concepts of VISPA. Although it does not support provenance data explicitly, one may utilize metadata with specific attributes for this purpose. While users can easily assign data objects to resources – especially without knowing the particular interface to access them – iRODS does not support casting data objects for a specific access method or programming model nor does it support temporal aspects of data provisioning. On the other hand, the ability to customize the system behavior with rules and micro-services may be used to implement such features of VISPA.

1 Globus toolkit, http://www.globus.org/toolkit [Last access September 30, 2011]

2 gLite, http://glite.cern.ch [Last access September 30, 2011]

3 UNICORE, http://www.unicore.eu [Last access September 30, 2011]

4 MultiDark, http://www.multidark.org [Last access September 30, 2011]

5 PANGAEA, http://www.pangaea.de [Last access September 30, 2011]

6 iRODS, http://www.irods.org [Last access September 30, 2011]

In the presentation and final paper, we will provide further details of the studied application scenarios, on implementing non-hierarchical data layouts, supporting temporal aspects of data provisioning, user-defined functions, and on the sharing of data across different iRODS zones.

References

1. T. Röblitz, H. Enke, K. Riebe, B. Fritzsch, and J. Klump. Vision of a Virtual Infrastructure for Storing and Processing Scientific Data. Technical Report No. 839, University of Technology Dortmund, Germany, September 2011.

2. M. Wan, R. Moore, and A. Rajasekar. Integration of Cloud Storage with Data Grids. In Proc. of the Third International Conference on the Virtual Computing Initiative. Research Triangle Park, North Carolina, USA, October 22-23, 2009.

3. T. Gubala, M. Kasztelnik, M. Malawski, M. Bubak. Development and Execution of Collaborative Application on the ViroLab Virtual Laboratory. In Proc. of the Cracow Grid Workshop 2009, Cracow, Poland, October 12-14, 2009.

Improving large scale software systems by high level flow control analysis in early development phases

Piotr Poznański (1), Mariusz Wawrowski (2) (1) Institute of Teleinformatics PK, Kraków, Poland (2) Motorola Solutions Polska, Kraków, Poland

This paper describes a proposed approach to find possible deficiencies in software architecture at the stage of its formulation and at the same time facilitates planing the tests of the final software solution. In addition to improving the software architecture, probably also revealing areas where the analysis might not have been done properly, for example in terms of incomplete requirements, testing plan is created very early, which may streamline the development, valuable in case of large development teams and projects. This extra activity may be valuable in AGILE era while design activities does not have to be transparently separated, while bigger system development activities impose still high quality requirements and there are no good communication channels between customer and team as it is for small AGILE teams. Most of the large systems or applications be them telecommunication or grid systems have parallel and distributed nature. They present a set of objects/processes interacting with some sort of messages. Analysts and architects most often use some kind of formalism and tool to capture the requirements and architecture of the system such as UML. The system is documented and projected using UML primitives such as sequence / state machine diagrams or some proprietary format. However these tools lack possibility of analyzing the requirements or the architecture for completeness and design flaws. Neither they support testing the design or establishing a test plan of final product. A tool-suite was developed to process design documents expressed in plain text proprietary language. They let for:

1. system message flow control visualization on a directed graph 2. querying objects (endpoints) for protocols and protocols for endpoints 3. identification of orphaned signals or finding lacks in design description 4. identification of uncovered or duplicated areas and paths 5. to have plain-text model representation that could be testable

As a result of analysis of a data obtained by the tool-suite, it is possible to: 1. identify critical paths through the system and plan for tests 2. identify possible points of failure and risk areas 3. identify possible flaws and suboptimal design

Future plans of enhancing the tool-suite: 1. introducing code analysis for reeingering design and requirements, allowing for

aforementioned analysis 2. recommendation system for establishing testing strategy 3. extension for other formalisms (for example UML) 4. capture of time regime events and time dependencies in the system to identify and protect

against performance issues (especially in real time systems)

References 1. Górski J, Orłowski C. red.: Inżynieria oprogramowania w procesach intergracji systemów

informatycznych, Gdańsk, 2010 2. Poznański P., Wawrowski M., Smagłowski J.: ”Trendy rozwoju architektury aplikacji osadzonych na

systemach czasu rzeczywistego”, KKIO 2011, Rzeszów

3. Michal Bartyzel, Mariusz Sieraczkiewicz „ Wiecej niż zarzadzanie czasem” http://sdjournal.pl/system/articles/attachment1s/14472/original/SDJ_8-2011_ebook.pdf?1309442

Improving Submission Scalability for DesktopGrid Systems Adam Visegradi*, Jozsef Kovacs* {a.visegradi,smith}@sztaki.hu *Computer and Automation Research Institute (MTA SZTAKI), Hungary As desktop grids are emerging, the vast resources opened up by them must be made available to the scientific community. The purpose of the EDGeS[1] (Enabling Desktop Grids for e-Science) project was to achieve this, and in this framework was the 3G Bridge (Generic Grid-Grid Bridge) developed. The motivating problem was to enable service grid (notably gLite) users to access desktop grid, particularly BOINC-based resources. For this, EDGeS has developed an infrastructure, utilizing the 3G Bridge, which forwards eligible jobs sent to specific computing elements to assigned desktop grids. Also, the 3G Bridge proved to be useful on its own, outside this infrastructure. As a submission UI to BOINC, the 3G Bridge enabled new users to easily utilize desktop grid resources, without having to develop a workunit generator component.

Because of the properties of desktop grids, only ported and registered applications can be submitted to them. The EDGI[2] (European Desktop Grid Initiative) project, as a successor of EDGeS, assists users in porting their applications to desktop grids, enabling even more resources to them, and it extends the capabilities of the existing infrastructure.

One extension implemented by the EDGI project is the Meta-job feature of the 3G Bridge. Desktop grids were designed for parameter studies, thus it was a natural step to enable users to exploit this capability. The Meta-job feature is actually a parameter study support in the 3G Bridge, specialized for desktop grids and the EDGI infrastructure. However, constraints imposed on the solution by the existing infrastructure and the nature of desktop grids actually resulted in a feature which offers more than its primary purpose.

There are two constraints defined by the properties of desktop grids. First, arbitrary executables are not allowed. Only registered applications can be executed in a desktop grid. Second, the set of input/output files of an application are also fixed. Most of the times, parameter studies fit these constraints, thus they don't need to be overcome. However, they enable us to make the solution less generic, consequently more simple. We have defined a simple language for specifying meta-jobs.

Another constraint is that the existing infrastructure must work as-is. When gLite users submit jobs to the desktop grid through gLite and the EDGI infrastructure, there are components other than 3G Bridge involved. They must not be changed for this feature to work. This is a natural expectation, and it's affected several decisions. Interestingly, the result was not a limited feature, but a better one. gLite users can submit meta-jobs through the infrastructure transparently. They only have to submit a single job, which will unfold only at the end of the chain: in the Bridge. The overhead of pushing multiple jobs through the infrastructure is reduced from Θ(n) to Θ(1). Also, the links from the user (inclusive) to the Bridge only have to deal with a single job, relieving the user and the gLite infrastructure. Furthermore, polling of the jobs and aggregating their statuses is done inside the Bridge, which is extremely efficient, since it only means a single, local database query instead of multiple web service calls. Again for polling, linear time is reduced to constant time. This reduction also applies when using the 3G Bridge directly as a UI to BOINC. Additionally, the user doesn't need to bother with calculating the overall status of the parameter study. The Bridge will calculate the status of the meta-job from the status of its sub-jobs by parameters the user supplied in the meta-job description.

Starting from a natural requirement and its constraints, we have created a solution which allows users to efficiently utilize desktop grids either through their existing gLite VO or directly, using 3G Bridge as a user interface. The Meta-job solution not only enables users to submit parameter studies to desktop grids. By handling sub-jobs itself, 3G Bridge relieves the user and the components preceding the 3G Bridge in the infrastructure from network load (single submission, a single job is polled), and management load (a single job is tracked).

Acknowledgements

The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement n° 261556 (EDGI).

References [1] http://edges-grid.eu/ [2] http://edgi-project.eu/

Interactive Cloud Data Farming Environment for Military Mission Planning Support

Bartosz Kryza1, Dariusz Krol

1, Michal Wrzeszcz

1, Lukasz Dutka

1 and Jacek Kitowski

1,2

1) AGH Academic Computer Centre CYFRONET, Krakow, Poland 2) AGH Faculty of Electrical Engineering, Automatics, Computer Science and Electronics, Institute of Computer Science, Krakow, Poland Mission planning support in military applications is a very complex process, involving several issues, such as analysis of physical environment of the incident, social and cultural aspects of the location and definition of proper Measures of Effectiveness for assessment purposes. In particular, asymmetric threats in urban territory, which involve an operation of a relatively small group of soldiers within a city with civilian population ranging from neutral to hostile. Due to the large amount of possible civilians it is very difficult to predict the possible outcomes of different rules of engagement. This task can be aided through computer agent based simulation system, which allows the higher echelons to assess different strategies for the operation. However, in order to get meaningful data from a system, a significant number of runs with different parameters must be performed, where the combination of number of parameters and their ranges often exceeds 1010 possible combinations. Obviously this is infeasible, requiring both an extreme amount of computing power and time, while in military applications it is often critical to have even rough assessment of the strategy and possible outcomes in certain amount of time. In this paper we present a data farming environment developed within the EUSAS (European Urban Simulation for Asymmetric Scenarios) project, which is financed by 20 nations under the Joint Investment Program Force Protection of the EDA. The aim of this system is to manage data farming experiments for MASON [1] based agent simulation implementation for military operations in urban territory. The implementation of the agents logic (both civilians and soldiers) and environment is based on advanced psychological models, which require each run of the simulation to run for several minutes, taking on the input configuration file with all parameters set to proper values and providing on the output a log file with all events within the simulation relevant for further analysis [2,3]. Our data farming systems goal is to provide the experimenter with the ability to minimize the time (and computational cost) of the simulation by limiting the number of simulation runs necessary for obtaining relevant results as well as dynamically monitoring the intermediate results and fine tuning the parameter space on the fly. The first goal is achieved through implementation of several design of experiment algorithms and the second one by providing the user with an interactive web based interface for monitoring the progress, results and adding new simulations for interesting parameter combination ranges. References [1] Horne, G. E. & Schwierz, K.-P. (2008), Data Farming around the world overview., in Scott J. Mason; Raymond R. Hill; Lars Mönch; Oliver Rose; Thomas Jefferson & John W. Fowler, ed., 'Winter Simulation Conference' , WSC, , pp. 1442-1447 . [2] Hluchy, L. Kvassay, M. Dlugolinsky, S. Schneider, B. Bracker, H. Kryza, B. Kitowski, J., Handling internal complexity in highly realistic agent-based models of human behaviour , proc. of 6th IEEE International Symposium on Applied Computational Intelligence and Informatics (SACI 2011), 2011, pp. 11-16 [3] Kvassay, M.; Hluchy, L.; Kryza, B.; Kitowski, J.; Seleng, M.; Dlugolinsky, S.; LaclaviÌk, M., Combining object-oriented and ontology-based approaches in human behaviour modelling, proc. of IEEE 9th International Symposium on Applied Machine Intelligence and Informatics (SAMI), 27-29 Jan. 2011, Smolenice, Slovakia, pp. 177 - 182

Large Scale Infrastructure for Crawling/indexing and Searching over Job Offers with Semantic Support

Martin Seleng (1), Stefan Dlugolinsky (1), Michal Laclavik (1), Ladislav Hluchy (1) (1) Institute of Informatics, Slovak Academy of Sciences, Slovakia

Building a robust web-scale search service cover plenty of problems. All these problems result from the fact that the Web content is very diverse. There are many heterogeneous sources of information in different languages and there are also many different formats of information representation. According to W3C surveys, there are about 65.5% of top 1 million websites using XHTML markup language, while the rest is using HTML. The trend of XHTML usage is slightly growing, but the semantic standards like RDF, GRDDL, RDFa, SPARQL, OWL, RIF or SKOS are used sporadically in XHTML documents. Therefore general solutions cannot be applied. We need to do information extraction and semantic analysis of the crawled data to allow “intelligent searching” over this data. Another aspect of a robust web-scale search service is the scalability, which can be fulfilled by distributed architecture.

In our proposed solution we are exploiting Apache Hadoop framework and it’s under laying file system, Hadoop Distributed File System (HDFS). The whole framework extends Apache Nutch ecosystem, which parsing and indexing methods are based on the Apache Lucene tool. The searching part of our framework is based on the projects Apache Solr and Apache Velocity. Apache Solr is sub project of the Lucene framework and it extends searching capabilities of the Lucene tool. Apache Velocity Velocity permits us to use a simple, but powerful template language to reference objects defined in Java code.

First we have selected resources for a job offers. We have selected two sources LinkedIn (http://www.linkedin.com) and Monster (http://ww.monster.com). Up to date we have crawled just LinkedIn site which claimed that it is offering 79 871 jobs (at the time of writing this abstract – 10

th of

October). To allow intelligent searching in our domain of job offers we have developed few plugins to the Nutch ecosystem for processing crawled pages. We have developed two plugins for parsing the job offers: HTML converter which preserves the paragraphs in the converted HTML page and parser which tries to extract relevant objects of the job offers, e.g. job offering company, industry in which is the job offered, Country, City and state, required skills, addresses and expecting experience. We have already in our database 58 083 crawled job pages with overall size 1.8GB of crawled/parsed data and metadata and size of index is around 400MB big (also content is included). In the searching phase we have customize the Apache Solr facets search to support intelligent searching over extracted objects described above.

Our next mission is to download job offers and CVs of the users from the Monster site and try to allow intelligent matching between the offered jobs and users CVs for recruiters and also for the users. We want also evaluate our solution with real users using our framework. Acknowledgements. This work is supported by projects Projekt ITMS: 26240220029, SMART II ITMS: 26240120029, TRA-DICE APVV-0208-10, VEGA 2/0184/10. References

1. Michal Laclavík, Martin Šeleng, Marek Ciglan, and Ladislav Hluchý. Supporting collaboration by large scale email analysis. In Cracow´08 Grid Workshop : proceedings. Editor Marian Bubak, Michal Turala, Kazimierz Wiatr. - Kraków : Academic Computer Centre CYFRONET AGH, 2009, p. 382-387. ISBN 978-83-61433-00-2

2. Marek Ciglan, Marian Babik, Martin Šeleng, Michal Laclavík and Ladislav Hluchý. Running MapReduce type jobs in grid infrastructure. In Cracow´08 Grid Workshop : proceedings. Editor Marian Bubak, Michal Turala, Kazimierz Wiatr. - Kraków : Academic Computer Centre CYFRONET AGH, 2009, p. 393-398. ISBN 978-83-61433-00-2

3. Jeffrey Dean, Sanjay Ghemawat. MapReduce: simplified data processing on large clusters. In Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6 (OSDI'04), Vol. 6. USENIX Association, Berkeley, CA, USA, 10-10 (2004)

4. Stefan Dlugolinsky, Michal Laclavik and Ladislav Hluchy. Towards a Search System for the Web Exploiting Spatial Data of a Web Document. In: Database and Expert Systems Applications, DEXA, International Workshops, Bilbao, Spain, August 30 - September 3, 2010, pp. 27-31. IEEE Computer Society (2010)

Making X.509 Certificates Simple to Use in PL-Grid Project Marcin Teodorczyk, Bartlomiej Balcerek Wroclaw Centre for Networking and Supercomputing, Wroclaw University of Technology X.509 digital certificates are the base of the grid security. By using them, users can authenticate their identity claim and achieve integrity and confidentiality of their data. Thanks to certificates, administrators can implement required authorization, accountability and non repudiation. With all their advantages, digital certificates have at least one major disadvantage though. Most users find the process of obtaining and using them time consuming, inconvenient and confusing. PL-Grid Simple CA, Portal and KeyFS were designed to minimize those disadvantages with as small as possible security-usability trade-off. Typically, users who want to obtain a certificate, have to do two things:

1. Request a certificate from their national or regional issuing authority (Certification Authority) 2. Prove their identity to the local representative of RA (Registration Authority)

In its guidelines for traditional X.509 PKI CAs [1] requires from users face to face meeting with local representative of RA and presenting passport or other ID with photo. At the same time the one statement certificate policies (1SCP) [2] managed by EUGridPMA define two Certificate Policies with different identity vetting rules: Face to Face and Trusted Third Party mediated. The first policy requires face to face meeting with the RA representative, but the second one relies on the identity vetting mediated by a trusted third party (TTP). Adoption of the second option gives less restricting policies and procedures of particular CA and a chance to avoid face to face meetings with every end user. Although, there is still a recommendation that TTP should be personally known to the RA, and a requirement that the end user must be personally known to the TTP. This is another way to build a trust relation between the end user and the CA - upon a chain of personal contacts. Simple CA and Portal make use of the above technique and do not require the user to attend face-to-face meeting with RA. The Portal is a Web application, which lets users to manage their account information and certificates, apply for services and access the grid. It also plays role of RA. The Portal registration procedure implements identity verification sufficient for granting user an access to the Grid services, and membership in the VO PL-Grid. In general the procedure relies on the external database with polish scientists, e-mails and telephone calls. After near 2 years of service Simple CA and Portal work well. A few hundred certificates have been issued and a few revoked. Above 70% of PL-Grid users use Simple CA certificates. In the near future we are planning to implement KeyFS system. This will let a user to deploy his private key and certificate on grid machines making them instantly available from his home directory for grid applications and SSH. References 1. EuGridPMA: Authentication Profile for Classic X.509 Public Key Certification Authorities with secured infrastructure, 2010 2. IGTF: IGTF One Statement Certificate Policies, http://www.eugridpma.org/guidelines/1scp, 2011

Management Methods in SLA-aware Distributed Storage Systems

Darin Nikolow (1), Renata Słota (1), Danilo Lakovic (1), Jacek Kitowski (1,2)

(1) AGH University of Science and Technology, Faculty of Electrical Engineering,

Automatics, Computer Science and Electronics, Department of Computer Science, Kraków, Poland

(2) AGH University of Science and Technology, ACC CYFRONET AGH, Krakow, Poland

Traditional data storage systems provide access to user’s data on the “best effort” basis. While this

paradigm is sufficient in many use cases it becomes an obstacle for application with Quality of Service

(QoS) constrains. These application are sensitive to the QoS of the data stream and can fail or not

behave correctly if the QoS constrains are not met. An example of QoS sensitive application is a video

player displaying video sequences from a data stream. Another example is recording events, e.g.

from scientific experiment, coming at certain rate.

Service Level Agreement (SLA) is a part of the contract agreed between the service provider and

the client and contains a set of well defined QoS requirements regarding the provided service and the

penalties applied in case of violations. If the provider does not redeem the SLA then additional costs

are generated thus appropriate management is highly desirable.

In multiuser SLA-aware environment clients may have different SLA/QoS requirements, which

makes the management more complicated. The successful implementing of SLA in a distributed

environments strongly depends on the proper defining of meaningful SLA parameters and QoS

metrics [1] and the relevant monitoring of these metrics as well.

In the paper we propose a set of SLA parameters and QoS metrics relevant to data storage

processes and also we describe the management methods necessary for avoiding SLA violations. A

key assumption here is that the underlying distributed storage system does not provide functionality

for resource or bandwidth reservation for a given client request. The management methods for

achieving the best possible SLA fulfillment relies on monitoring of the QoS metrics for identifying SLA

violations threads and are based on replication techniques and parallel file transfers for increasing the

bandwidth for the threatened requests or for increasing the data protection level of the files which have

accidentally lowered redundancy.

The proposed methods are considered for implementing in the NDS2 project – the successor of the

National Data Storage project [2] in which prediction and load balancing techniques have been

implemented to address performance aspects [3]. The goal of the NDS2 project is to provide backup,

archiving and general data storage services at high security and data availability levels using

geographically spread storage nodes and advanced encryption techniques.

Aknowledgements. This work is supported by Polish MNiSW grant nr N R02 0025 10. AGH-UST grant

is also acknowledged.

References

1. Paschke, A., Schnappinger-Gerull, E.,”A Categorization Scheme for SLA Metrics”, Service Oriented Electronic Commerce, Gesellschaft für Informatik, 2006, pp.25-40.

2. National Data Storage project, http://nds.psnc.pl 3. Słota, R., Nikolow, D., Polak, S., Kuta, M., Kapanowski, M., Skałkowski, K., Pogoda, M., Kitowski, J.,

“Prediction and load balancing system for distributed storage”, Scalable Computing. Practice and Experience, 2010 vol. 11 no. 2, pp. 121–130.

GridSpace2 – Comprehensive Platform for Managing e-

Science Applications

Eryk Ciepiela (1), Daniel Harężlak (1), Joanna Kocot (1), Marek Kasztelnik (1), Jan Meizner (1),

Grzegorz Dyk (1), Piotr Nowakowski (1), Tomasz Gubała (1), Tomasz Bartyński (1), Maciej Malawski

(2), Marian Bubak (2, 3)

(1) ACC CYFRONET AGH, Krakow, Poland

(2) Institute of Computer Science AGH, Krakow, Poland

(3) Informatics Institute, University of Amsterdam, The Netherlands

GridSpace2 constitutes a comprehensive platform intended to provide users with convenient

web interface for managing e-science applications throughout their entire life-cycle: from

prototyping, testing, authoring, through sharing and publishing to operation and subsequent

iterations of refinement and evolution. On the other hand it's aimed at providing a generic interface

to heterogeneous computational resources ranging from PCs, private clusters to supercomputers, grid

and custom external systems. This approach allows for specifying and publishing e-science

applications in a portable execution-agnostic format, which is being late-bound to the concrete

computational resources at the execution step.

In spite of many existing scientific and enterprise workflow systems and in-silico

computations platforms like Kepler, Taverna, Triana, BPEL we experienced during ViroLab project that

e-scientists suffers from convenient environment suited for effective writing and easy web-like way of

overall managing of scientific programs. Moreover, above mentioned solutions are rather limited to a

specific distributed computing technology what hinders a portable technology-agnostic application

format and technologically heterogeneous workflows that take advantage of diverse characteristics of

various computational resources.

The aim of GridSpace2 [1] is to support writing e-science applications (virtual experiments)

using code fragment (snippets) expressed in either one of general-purpose scripting programming

languages (Python, Ruby, Perl, Bash etc.), domain-specific (e.g. specifying quantum chemistry

problem using high-level chemistry notions) or purpose-specific notations (e.g. for drawing plots). A

set of languages and notations supported is unbound and new ones can be easily plugged on a

configuration level. We find that e-science applications mostly emerge in an exploratory and iterative

manner therefore we enable and promote coding in an interactive and tight write-run loops what

significantly can improve productivity of scientific programmers [2]. The snippets are computed by, so

called interpreter programs which vary in terms of resource requirements and the way how and on

which resources they can be executed. Therefore, the entity of executor was introduced which is

responsible for dispatching computations to computational resources. It deals with specifics of

resource type, its interface, security mechanisms being used etc. The architecture of executors is

open and allows for adding new and custom ones. At the execution step users decide how to arrange

computations on the resources available by attributing executors to the snippets.

Pervasive accessibility to the capabilities of GridSpace2 is realized through a single entry-point

of a web interface called Experiment Workbench. With this approach, writing, running and managing

applications take place through a single workbench. Thanks to a URL-mappable resources

(experiments or results they produce), we can share them, pass or catalogue as any other web

resources. Experiments can be also embedded on arbitrary web sites owing to the Collage Authoring

Environment [3] and thus enrich web content by allowing application execution by one click trigger.

Behind the scenes of web interface a tremendous computational capabilities are enabled to be used

by scientific applications including public e-infrastructure sites and private clusters. Depending on

heaviness and interactivity demanded the computations can be submitted to the cluster, single

computational node or can take place within a user's web browser in a form of applet.

T

he

solution

was

successful

ly applied

as PL-Grid

[4] Virtual

Laborator

y and

enabled

compositi

on and

execution

of in-silico

experime

nts like

analysis

of nano-

materials

[6] and

protein

structures

[7] by using the specialized software installed on the PL-Grid HPC e-infrastructure. GridSpace2 is also

being applied as a platform for multiscale applications within the Mapper [4] project where it

implements an engine for workflow applications that span over divers resources and e-infrastructures

Acknowledgements. The research presented in this paper has been partially supported by the European Union within the European Regional

Development Fund program no. POIG.02.03.00-00-007/08-00 as part of the PL-Grid project (www.plgrid.pl).and the MAPPER project

- grant agreement no 261507.

Literature:

1. GridSpace home site, http://dice.cyfronet.pl/gridspace/

2. E. Ciepiela, D. Harezlak, J. Kocot, T. Bartynski, M. Kasztelnik, P. Nowakowski, T. Gubała, M. Malawski,

and M. Bubak, "Exploratory programming in the virtual laboratory," in Proceedings of the International

Multiconference on Computer Science and Information Technology, Wisla, Poland, 2010, pp. 621-628

3. P. Nowakowski, E. Ciepiela, D. Harężlak, J. Kocot, M. Kasztelnik, T. Bartyński, J.

Meizner, G. Dyk, M. Malawski: The Collage Authoring Environment. In: Proceedings of the International Conference on Computational Science, ICCS 2011 (2011)

4. The PL-Grid project, http://www.plgrid.pl/en

5. Mapper Project http://mapper-project.eu

6. E. Ciepiela, L. Zaraska, G.D. Sulka: GridSpace2 Virtual Laboratory Case Study:

Implementation of Algorithms of Quantitative Analysis of the Grain Morphology in

Self-Assembled Hexagonal Lattices According to Hillebrand Method, PL-Grid Book

7. T. Jadczyk, M. Malawski, M. Bubak, I. Roterman: Examining Protein Folding Process

Simulation and Searching for Common Structure Motifs in a Protein Family as

Experiments in the GridSpace2 Virtual Laboratory, PL-Grid Book

Methodology and Tool Supporting Cooperative Composition of Semantic Domain Models

for Experts and Developers

Marian Bubak (1,2), Tomasz Gubała (2), Maciej Rząsa (1) (1) Institute of Computer Science AGH, Krakow, Poland (2) ACC CYFRONET AGH, Krakow, Poland

Development of specialised software requires from computer science specialists deep understanding of the problem domain. The need of such cooperation is especially important in scientific environments [1]. To obtain knowledge required for creation proper application model, cooperation with a domain expert is essential. An expert is characterised by extensive domain knowledge. He also uses language specific tor his discipline. A developer, as a computer science specialist, describes problems using formal methods and languages. These differences in a method of world description by experts and developers may lead to inconvenience and failures in the collaboration.

The aim of our work is to facilitate knowledge transmission between experts and developers. To obtain this aim, we propose semantic domain models as a common language that is convenient for both participants of the cooperation (a ubiquitous language [3]). To enable efficient use of domain models we present a methodology of models elaboration and a tool that not only supports the

methodology but also allow its validation.

This problem is similar to requirements identification. Solutions adapted for small, motivated teams was proposed in Agile methodologies [2]. However, most of them (e.g. Scrum, XP) validates domain understanding with software tests that fail to take a full advantage of expert knowledge. This lack is resolved in Domain-Driven Design [3], an approach of software design that is based on deep understanding of a problem domain. DDD, though, omit to define precise manner of knowledge passing and verifying.

This work describes firstly a framework of knowledge passing: a metamodel that is a bridge between expert's description consisting with a set of definitions and a developer one: an object-oriented model. The main element of the metamodel is entity that encapsulates a definition of a single

Figure 1: Iterative development of a domain model.

domain concept and is mapped to class. Simple features of the described concept is represented with entity attributes (mapped to class fields) and the complex ones as entity associations that links two entities (mapped to class association). As a model is a dynamic structure, we define operation (called model transitions) to evolve it: split, merge and extract. Split is used to divide entity that is related to more that one concept; merge enables transfer elements and definition parts between two entities; extract serves to create new entity basing on an initial domain definition.

Development of the model is an iterative process that consist in elaborating an initial structure prepared during first phase of the cooperation (Fig. 1). Firstly, participants organise domain knowledge in a one document (an initial definition) and a developer should extract entities that relate to most important elements of the domain. Afterwards, in iterative steps, participants add details to the model by enhancing definitions, creating attributes and linking entities with associations. This process consists in alternate extracting model elements or asking for clarifications (by a developer) and checking model correctness or adding new information (by an expert). Iterations are finished when participants decide that a model is sufficiently coherent, complete and consistent. To validate these features, three-step verification is conducted, Firstly, both participants checks domain correctness of the entity set. Then this set is transformed into a class structure and developer check programming characteristics of the source code. Finally, this structure is used as a basis of prototype application that is tested by an expert to verify its features. If validation fails in any stage, participants may return to the iterative process of model development.

As a result of this work, the Domain Model Builder was implemented. It is the tool that supports iterative cooperation oriented to knowledge passing. The DMB allows to create and evolve a domain model: participants are able to define entities (using wiki pages) and create their formal elements (attributes and associations). The model is visualised using a diagram based on the UML class diagram. A cooperation process is logged, thus one may review it to verify quality of the methodology.

Using the DMB presented concepts were evaluated during two sessions consisting in model creation according to presented methodology. Experiments results and participants opinions approved that the methodology is suitable to domain modelling in cooperation with an expert in that domain. The tools is Implemented as a Redmine plugin that allowed us to focus on creating functions related to modelling and using functions provided in Redmine (wiki, user management, activity log).

To evaluate proposed solutions, we conducted two experimental modelling sessions involving various experts of various domains. First one was related to flood forecasting (UrbanFlood project) and the second one – to road surface designing. The experiments confirmed that presented methodology is well suited to knowledge passing. They also pointed enhancement possibilities. One of them is adding an entity relate to the associations to the metamodel, as it would facilitate representation of many to many relationships. The tool need to be enriched with a module for model-focused discussion that would organise cooperation.

The methodology presented in this document enables effective knowledge passing between experts end developers by building a common language: semantic domain model. The DMB not only supports the methodology but it also enable its verification. Usefulness of this approach was approved by experimental cooperation with domain experts. Acknowledgements. This thesis is related with the UrbanFlood project (grant 248767). Authors are grateful to Marek Kasztelnik and Dominik Siwiec for their contribution.

References 1. T. Gubala, M. Bubak and P.M.A. Sloot; Semantic Integration of Collaborative Research

Environments, in: M. Cannataro (Ed.) Handbook of Research on Computational Grid Technologies for Life Sciences, Biomedicine and Healthcare, Chapter 26, pp. 514-530, Information Science Reference, 2009, IGI Global

2. P. Abrahamsson, O. Salo, J. Ronkainen, and J. Warsta. Agile software development methods. Technical report, VTT Publications, 2002.

3. F. Marinescu and A. Avram. Domain-Driven Design Quickly. Lulu.com, 2007. 4. B. Hailpern and P. Tarr. Model-Driven Development: the good, the bad, and the ugly. IBM Syst. J.,

45:451–461, July 2006.

5. M. Rząsa. Methodology and Tool Supporting Cooperative Composition of Semantic Domain Models for Experts and Developers. Master's Thesis, AGH University of Technology, 2011. Published: http://dice.cyfronet.pl/cis/msc/rzasa-msc-22-09-2011.pdf

Model Driven Architecture for Collaborative Application Design

Maciej Zygmunt (1), Marek Budyn (1) (1) ABB Corporate Research, Kraków, Poland

The most important element of industrial software development is creation of common vocabulary of terms for exchanging information between software and industrial engineers. Basing on this cooperation, technical domain knowledge is converted into data structures, algorithms and rules. Currently, when people are used to have short and quick messages communicates, the most efficient way of knowledge extraction is working on examples or mockups to facilitate better understanding of the problem. Shorter rounds in presentation of mockups allows continuous work on live object models rather than specifications which makes experts more open for sharing their knowledge and provides quicker and more reliable feedback on data structure and completeness of the model. Latest research and progress in area of Model Driven Architecture (MDA) [2] resulted in advanced tools for creation of models, automatic source code generation as well as whole frameworks for creating application skeletons basing on these models. In the paper there is presented collaborative process which uses MDA approach (model, tools and frameworks) for extracting knowledge from domain experts. During presented process, a cooperation of software engineer and domain expert utilizing phone calls and one live workshop resulted in complete model of machine and drive including specific machine features and diagnostic processes. Finally, an working application was verified by the domain expert proving that MDA resulted in expected results. Additionally to the process itself, article presents identified risks, benefits from applying MDA approach and lessons learned from applying new innovative process. For the further work possibilities of extending and dynamically extending existing models should be studied. In previous works [1] we have focused on ontology-based approach, which does not meet all expectations when comes to applying in real world environment. As simpler and more mature technology, MDA showed to be more productive and easier to adapt for building industrial applications. References 1. Zygmunt, M.; Kozik, J.; Piekło, S. & Sipowicz, J. Semantic Extraction and Transformation of

Distributed Data in a Business Warehousing System Proceedings of the Fourth Cracow Grid Workshop (CGW'04), 2004,

2. B. Hailpern and P. Tarr. Model-Driven Development: the good, the bad, and the ugly. IBM Syst. J., 45:451–461, July 2006.

New Capabilities in QosCosGrid Middleware for Advanced Job Management, Advance Reservation and Co-allocation of Computing

Resources Bartosz Bosak, Piotr Kopta, Krzysztof Kurowski, Mariusz Mamoński, Tomasz Piontek Poznań Supercomputing and Networking Center, Poznań, Poland [bosak, kopta, krzysztof.kurowski, mamonski, piontek]@man.poznan.pl

1. Introduction. Grid computing systems could be viewed as large-scale computing systems with

considerable levels of hardware resources, but often without the basic features that make

supercomputers so powerful. The term supercomputer typically refers to dedicated special-purpose

multiprocessor computing system that provides close to best achievable performance for demanding

parallel workloads. The distributed nature of the Grid, in which geographically distant resources

offered by many providers are connected by relatively slow wide-area network, causes that Grids

usually lack sophisticated support for highly parallel applications with significant inter-process

communication requirements.

2. Related work. Grids typically rely on an opportunistic marshaling of resources into coordinated

action to meet the basic needs of computing applications offering simple resource brokering. However,

they do not address more and more popular sophisticated scenarios that require a particular quality of

service. The demanding nature of scientific simulations and computing modeling require a new e-

Infrastructure which is able to simultaneously manage many kinds of resources, such as computing

resources, storage and network in order to guarantee the level of Quality of Service (QoS) required by

end-users [1].

3. Description of the solution. A new middleware infrastructure called QosCosGrid (QCG) was

designed to bring supercomputer-like performance and structure to cross-cluster computations,

developed and successfully adopted to the PL-Grid environment [2] and, in turn, to address the needs

of scientists to run large-scale simulations. Various well-known application tools and services,

including the OpenMPI programming and execution environment, have been tuned to work in multi -

cluster QosCosGrid environment. We have designed and successfully integrated many new services

and tools to build in PL-Grid a new multilayered e-Infrastructure to make it deal efficiently with

computationally intensive large scale simulations, including parameter sweep, workflows and more

importantly large parallel applications. The QosCosGrid middleware consists of two logical layers: grid

level and administrative domain (AD) one. The Grid-level QCG-Broker (metascheduler) that controls,

schedules and generally supervises the execution of tasks that are spread between independent

administrative domains. QCG-Broker is based on dynamic resource selection, mapping and advanced

scheduling methodology, combined with feedback control architecture, deals with dynamic Grid

environment and resource management challenges, e.g. load-balancing among clusters, remote job

control or file staging support. The metascheduling service in QCG in tight cooperation with

administrative domain-level components and in particular SMOA Computing service available on

access nodes to batch systems, is able to deliver new QoS capabilities that are missing in other e-

Infrastructures, e.g. based on Unicore or gLite. SMOA Computing, as a key underlying service,

provides secure and efficient remote access to resources controlled by various queuing systems and

exposing their advance reservation capabilities. Thus, it enables computing clusters in different

administrative domains to be virtually integrated into a single powerful computing resource that can be

treated as a quasi-opportunistic supercomputer, which computational power exceeds the power

offered by a single administrative domain (data center). Running large scale simulations, both

sequential and parallel, on a virtual environment requires not only services starting and controlling

processes on resources, but also some means to allow inter-process communication between parts of

parallel application. Parallel processes running on different computing clusters must be able to

communicate with one another without the necessity to limit security mechanisms protecting typical

cluster like firewalls blocking connections and NATs reducing the number of public IPs needed by the

cluster. To address this primary need the open-source implementation of MPI standard OpenMPI was

extended by several basic and advanced connectivity techniques aiming at firewall and NAT

bypassing and integrated with QosCosGrid services. All these services create a consistent, adaptive

and robust Grid middleware layer that enables large scale simulations and ensures requested level of

Quality of Service.

4. Results. Many existing and new end-users interested in the PL-Grid initiative have already declared

their needs for efficient programming and execution tools to run larger parallel simulations. To meet

end-users needs, the QosCosGrid infrastructure supports many scenarios focusing on providing

capabilities needed by highly parallel tightly coupled applications with significant inter-process

communication requirements. The cross-cluster scheduling allows not only to run parallel simulations

on many clusters, but also to use computing resources in PL-Grid in a more efficient way increasing

the overall system throughput. Additionally, QosCosGrid services are able to schedule and to execute

parallel applications consisting of groups of processes with different and often mutually contradictory

resource requirements. For example the functional decomposition of application and its

implementation can result in situation where some processes for performance reason should be run

on vector machine while others on cluster. To avoid lower performance and high communication cost

caused by the fact that local connections have lower latency and higher bandwidth than long-distance

ones by two to four orders of magnitude, the QosCosGrid resource manager can either schedule the

application in a topology-aware manner to meet its requirements or expose the physical topology to

the application that has to dynamically adapt itself to the available topology. The topology-awareness

implies that matching of the resource offers and requests scheduler must take into account not only

the computational properties of the resources, but also their interconnections. All these scenarios

except for the one with self adaptation of application to available topology do not require any changes

in application code and are possible thanks to tight integration between QosCosGrid services and

adopted OpenMPI execution environment.

5. Conclusions and future work. Recently, the QosCosGrid infrastructure has been extended to

support new types of parallel applications based on hybrid programming and execution environments,

such as MPI/OpenMP or MPI/CUDA/OpenCL approaches. The QosCosGrid middleware was

successfully deployed in some productive HPC environments (e.g. INRIA, UPF, Dortmund University,

PSNC, etc.) extending functionalities of infrastructure services based on UNICORE or gLite. Currently,

the QosCosGrid middleware is being enhanced and tested under the national Polish Grid

Infrastructure (PL-Grid) project and is in the last phase of deployment in production alongside with

gLite and UNICORE middleware stacks.

Acknowledgements. This work was made possible thanks to the PL-Grid project: contract number:

POIG.02.03.00-00-007/08-00, website: www.plgrid.pl. The project is co-funded by the European

Regional Development Fund as part of the Innovative Economy program.

References 1. Kurowski K., Oleksiak A., Weglarz, J. (2010). Multicriteria, multi-user scheduling in Grids with

advance reservation. Journal of Scheduling, 13(5), 493-508, DOI:10.1007/s10951- 009-0142-8. 2. Kurowski K., Back W., Dubitzky W., Gulyás L, Kampis G., Mamoński M., Szemes G., Swain M.,

(2009). Complex System Simulations with QosCosGrid, In Proceedings of ICCS, Baton Rouge, Springer.

One Year of International Desktop Grid Federation - Desktop Grids Narrow the Gap between Science and Society

Bernhard Schott (1& 2), Ad Emmen (1), Leslie Versweyveld (1) (1) AlmereGrid, Almere, The Netherlands – partner in DEGISCO {ad, bernhard.schott, leslie}@almeregrid.nl (2) VCodyne SAS, Le Chesnay, France

Currently, about half a million computers from people at home contribute each day unused computing time to science. However, with more than one billion PCs in the world the computational power, available to scientists could easily be increased a hundred fold, speeding up the process of scientific discovery [1]. The International Desktop Grid Federation (IDGF) [2] assists in that process, by bringing together operators of and developers for Volunteer Desktop Grids. By exchanging information, providing training and support to its members, and by helping new Volunteer Desktop Grids to be started. The International Desktop Grid Federation is an initiative from the partners of the EDGI [3] and DEGISCO [4] projects, but open to other communities. IDGF takes care Volunteer Desktop Grids can be seamlessly integrated into the European Grid Infrastructure. IDGF started about one year ago. In this paper we summarize the experiences and evaluate the results. This paper more specifically describes how Volunteer Desktop Grids contribute to narrowing the gap between

science and citizens during the past year and how local Desktop Grids at research institutes save money. What has

been established is a strong collaboration between Desktop Grids and the general eScience infrastructure, such as

EGI and the NGIs. To enhance this synergy, the costs of eScience infrastructure need to be addressed as well as the

existing gap between the academic world of scientific researchers and the citizens. The International Desktop Grid

Federation constitutes a valuable instrument to analyse these two aspects. To this end, the IDGF community

provided a number of specific tools: this includes a Road Map [5], a community portal, and a Green IT policy.

The community portal has been set up as a working and collaborating environment for the Desktop Grid

community. After one year, about 35 organisations and 170 persons have joined and are using the community portal.

The portal is based on the Liferay [6] portal software that has the advantage that it contains all tools needed to build a

community, including the possibility to make localised versions in different languages, something we use to set up

Chinese, Ukrainian, Portuguese, etc., portal entries.

The Green IT policy is defined by IDGF as a 7-point methodology consisting of ambient metrics based green

optimisation; cool strategy to avoid air-conditioning use; energy profiling of applications; CPU speed steps [7][8];

exploitation of natural ambient conditions; time-of-day dependent energy tariffs; and management of unused

resources in a local Desktop Grid. In this paper we expand on several of these points.

In conclusion, IDGF forms an interactive community of Desktop Grid experts who narrow the gap between

science and citizens by implementing cost-efficient practices described in its Road Map and Green IT policy.

Future work will be focused on further closing of the gap between science and society, by working together with

media, schools and persons as volunteers. Concrete plans include joint media campaigns by IDGF Desktop Grids,

joint communication and educational material.

Acknowledgements. This work was supported by the EU project DEGISCO RI-261561.

References

[1] Towards a Powerful European DCI Based on Desktop Grids, Journal of Grid Computing, p. 219-239, 15-03-2011 [online] http://www.springerlink.com/content/th123506780vt577/ [2] http://desktopgridfederation.org [3] http://edgi-project.eu [4] http://degisco.eu [5] Desktop Grids for eScience - a Road Map http://desktopgridfederation.org/downloads/-/document_library_display/7tEi/view/57919 [6] http://liferay.org [7] Schott, Bernhard and Emmen, Ad, Degisco Green Methodologies in Desktop Grids, International Multiconference on Computer Science and Information Technology, [Online] http://proceedings2010.imcsit.org/pliks/191.pdf

[8] Schott, Bernhard and Emmen, Ad: “Degisco Green Methodologies in Desktop Grids” in International Multiconference on Computer Science and Information Technology http://proceedings2010.imcsit.org/ ISSN 1896-7094; ISBN 978-83-60810-27-9 IEEE Catalog Number CFP1064E-CDR http://proceedings2010.imcsit.org/pliks/191.pdf, [Online] 01-05-2011

PL-Grid e-Infrastructure for the Cherenkov Telescope Array Observatory

Anna Barnacka (1,2), Leszek Bogacz (3), Mira Grudzińska (4), Mateusz Janiak (1), Nukri Komin (5), Giovanni Lamanna (5), Rafal Moderski (1) (1) Nicolaus Copernicus Astronomical Center, Warsaw, Poland (2) DSM / IRFU / SPP, CEA / Saclay, Gif-sur-Yvette, France (3) Department of Information Technologies, Faculty of Physics, Astronomy and Applied Computer Science, Jagellonian University, Krakow,Poland (4) Astronomical Observatory of the University of Warsaw, Poland (5) LAPP, Universit de Savoie et IN2P3/CNRS, Annecy-le-Vieux Cedex, France

1. Introduction, motivation, problem statement. Very high energy (VHE) gamma-ray astronomy (energies >100 GeV) studies the most energetic processes in the Universe. It explores cosmic objects such as active galactic nuclei, binary systems, and remnants of exploding stars which produce extreme conditions that cannot be created in experiments on Earth. The latest generation of γ-ray instruments like H.E.S.S. [1], MAGIC [2] and VERITAS [3] have delivered spectacular astrophysical results. Based on the experience of current instruments the community of more than 100 institutes from 25 countries is going to build a new generation ground-based gamma-ray observatory - the Cherenkov Telescope Array (CTA) [4]. The array will consist of many tens of telescopes and will have an order of magnitude better sensitivity as compared to currently operated instruments. It is expected to provide major impact in astrophysics, particle physics and cosmology. CTA will achieve its performance by combining telescopes of three different classes and in two arrays located at two sites in both southern and northern hemispheres. Large number and variety of the telescopes makes the CTA a very complicated system whose performance depends on many parameters. During the preparatory phase of the project a huge amount of Monte Carlo simulations is used to find out the best configuration and performance of the array at optimal cost. The Monte Carlo studies of only one possible configuration of the array require billions (1010) of cosmic-rays-induced showers simulations which in turn requires years of single CPU time and tens of TB of storage. During operational phase CTA will produce 1-to-3 PB of data per year. All this data will need to be analyzed, archived and shared with the community. Additional massive Monte Carlo simulations will be required at this stage to provide calibration of the scientific data. The high data rate of CTA together with the large computing power requirements from the Monte Carlo simulations demand dedicated computer resources which can be well handled through the grid approach. The EGI grid infrastructure and middleware for distributed computing, data storage and access are considered the most efficient solution for CTA e-infrastructure. 2. State-of-the-art (related works). Since now, all VHE gamma-ray observatories operated as closed facilities and used their own dedicated computer resources - usually in the form of computer clusters. The amount of data and required computing power was small enough to be handled by a single institution with support for a limited number of scientists from closed collaboration. CTA will – for the first time in this field – be operated as a true observatory, open to the entire astrophysics and particle physics communities, and providing support for easy access and analysis of data. Service to professional astronomers will be supplemented by outreach activities and laymen interfaces to the data. A feasibility study of applications of Grid solutions for CTA is in progress within a dedicated CTA Computing Grid (CTACG) project. CTACG is aimed to optimize the application of Grid technology for CTA simulations, data processing and storage, offline analysis and the Virtual Observatory interface through a dedicated global CTA EGI Virtual Organization. 3. Description of the solution. In 2008 during the design study phase of the CTA project an EGI virtual organization (VO), vo.cta.in2p3.fr. It is now supported by 14 sites (computing centres) in 5 countries within EGI infrastructure. ACK CYFRONET is one of the largest supporting institutions. The grid infrastructure was used for massive Monte Carlo simulations of atmospheric showers produced by cosmic ray particles. These simulations were the first step to find the optimal layout of the array. The job submission consisted of the CORSIKA [5] and sim_telarray [6] programs. The CORSIKA is a numerical code to simulate the development of the atmospheric showers and to trace the Cherenkov photons hitting arbitrary arrays of telescopes. The output of CORSIKA was used as an input to the sim_telarray program, which is designed to simulate the response of detector arrays, and include such effects as mirrors reflectance,

photomultipliers characteristic, and trigger electronics. During the study an array of 275 telescopes of 4 types was used, and the investigated layouts were chosen as subarrays of this configuration. 4. Results. The resources available to VO vo.cta.in2p3.fr allowed to produce 43000 good quality runs (output of CORSIKA/sim_telarray programs). These runs contains 7.9 108 simulated showers, from among them 2.3 107 events were triggered by at least one telescope. The number of simulated showers was much larger, but it appeared that the current production jobs were very demanding in memory size up to 4 GB RAM and about 5-10 GB of storage space per job. Especially the memory requirement was difficult to be fulfilled by some sites and some runs had to be rejected not to induce systematic errors. The total number of CPUs potentially available for the CTA VO is of the order of ~ 30 thousands (shared with other VOs), while the effective number of constantly available (and exploited) CPUs are about 2000. The different worker nodes supporting the CTA VO provide also several 100 TB storage elements. 5. Conclusions and future work. The performed simulations prove the grid approach to be very promising for the CTA operations. The amount of acquired data was not possible to obtain with more traditional approach based on single computer clusters. The study also allow for the development of dedicated tool for job submission and storage - EasiJob [7]. The next step of the study would be the investigation of the optimal layout of the array depending on the number of telescopes, their configuration, type and overall performance. Further studies will explore the possibility to use grid infrastructure for international data transfer and storage as well as data access, processing and analysis. References 1. The High Energy Stereoscopic System, http://www.mpi-hd.mpg.de/hfm/HESS/ 2. The MAGIC telescope, http://wwwmagic.mppmu.mpg.de/magic/index.html 3. VERITAS (Very Energetic Radiation Imaging Telescope Array System), http://veritas.sao.arizona.edu/ 4. The CTA Consortium, (2010), "Design Concepts for The Cherenkov Telescope Array" 5. D. Heck et al., CORSIKA: A Monte Carlo code to simulate extensive air showers, Technical Report

FZKA 6019, Forschungszentrum Karlsruhe, 1998, http://www-ik.fzk.de/corsika/ 6. K. Bernlohr, Astropart. Phys. 30 (2008) 149 7. N. Komin et al., CTACG - The Cherenkov Telescope Array Computing Grid,

https://www.egi.eu/indico/materialDisplay.py?contribId=75&sessionId=10&materialId=slides&confId=207

Polish Contribution to the Worldwide LHC Computing A. Binczewski (3), M. Bluj (5), A. Cyz (2), M. Dwużnik (1), M. Filocha (4), Ł. Flis (1), R. Gokieli (4, 5), J. Iwaszkiewicz (4), M. Kowalski (2), P. Lasoń (1), R. Lichwała (3), M. Łopuszyński (4), M. Magryś (1), P. Malecki (2), N. Meyer (3), K. Nawrocki (4, 5), A. Olszewski (2), A. Oziębło (1), A. Padée (4, 5), A. Padée (4), H. Pałka (2), M. Pospieszny (3), M. Radecki (1), R. Rowicki (4), M. Stolarek (4), T. Szepie-niec (1), T. Szymocha (1, 2), M. Turała (1, 2), K. Wawrzyniak (4, 5), W. Wiślicki (4, 5), M. Witek (2), P. Wolniewicz (3) (1) Academic Computing Centre CYFRONET AGH, Kraków, Poland (2) Institute of Nuclear Physics PAN, Kraków, Poland (3) Poznań Supercomputing and Networking Center, Poznań, Poland (4) Interdisciplinary Centre for Mathematical and Computational Modelling, Warsaw, Poland (5) Sołtan Institute for Nuclear Studies, Warsaw, Poland (6) Copernicus Science Centre, Warsaw, Poland

1. Introduction. The modern High Energy Physics (HEP) experiments are very large scale projects

that have to be prepared for many years by international collaborations. Their main goal is to study collisions of elementary particles in order to learn about fundamental structure of the matter and forces governing their interactions. In particular understanding of the high energy particle interactions enables to describe the processes occurring shortly after the Big Bang and explain the evolution of the Universe and its state we observe at present. The Large Hadron Collider (LHC) program was started around 1995 at European Organization for Nuclear Research. Two main tools of scientific research are the LHC machine [1] to accelerate elementary particles to collide them in a controlled way and the detectors to analyze the collision products. Very soon HEP community realized also that the amount of computing resources needed for proper data handling has reached the scale which exceeds capabilities of any single computing center. At the same time in the late 1990’s a new concept of sharing computing resources, called Grid computing, was born. Based on these developments a project of World LHC Grid (WLCG) [2] was launched in 2002 with the goal to provide global computing resources for LHC experiments. WLCG has a hierarchical structure of computing centers classified as Tier-0,1,2,3 according to their size and services the sites are providing. Polish scientists from Kraków and Warsaw participate in all 4 experiments (ATLAS, ALICE, CMS and LHCb) on LHC and Poland contributes to WLCG with computing resources provided by Polish Tier-2 Federation. 2. The LHC experiments and their computing models. The HEP specifics is that data is organized

in so called events containing the information read out from the detector for a single beam-beam collision trigger. Due to a high frequency of beam crossings the LHC provides enormous rates of events, nominally 40 millions per second. Since the interesting events occur with very low probability an online filtering system is used to select them for writing to permanent storage. Even then the amount of data collected is of the order of many petabytes (10

15 bytes) in a year. These huge samples

in initial raw data format have to be later processed and reduced further in many subsequent steps before any physics result can be derived. Fortunately each event can be analyzed separately and this allows for parallellizing the process. In WLCG this happens by users submitting separate jobs to machines on different clusters using grid tools. Due to the scale of operations all LHC experiments developed on top of WLCG middleware their own tools and models of data processing. They will be described in more detail later. The common feature is the use of pilot jobs to increase efficiency of job execution by running pre-checks of the local environment before starting real production jobs. This worked in 2010 well indeed, experiments being able to fill available resources. The largest differences between experiments could be originally found in the area of data access and distribution. The experience gained in the last year leads now experiments to plan a very similar way of dynamic data access using network connectivity between computing sites of WLCG to the maximum. 3. Polish WLCG Tier-2. In Poland computing resources are provided by Polish Tier-2 Federation which combines power of 3 computing centers at Kraków (Cyfronet AGH), Poznań (PSNC) and Warsaw (ICM). In 2010 the total requirements from LHC experiments was estimated for class Tier-2 sites at the level of 502,367 HEP-SPEC06 CPU and 39.255 PB disk space [3]. Computing centers of Polish Tier-2 pledged and installed 10,540 HEP-SPEC06 and 599 TB disk which was order of 1.5% of the total LHC requirements, proportionally to the number of Polish scientists involved. Most of these resources became available thanks to the PLGrid project [6]. An important part of the infrastructure is also the Polish backbone computing network PIONIER connecting the 3 Polish participating sites and German FZK Tier-1 site via a dedicated 1 Gbps VLAN link. The WLCG measures regularly availability and reliability of the computing services. In the last year Polish centers stayed at high levels of

availability most of the time [4]. Each computing center specializes in supporting one main experiment, ATLAS at Kraków, ALICE at Poznań, CMS at Warsaw while LHCb uses all of them opportunistically. This is reflected in the accounting of the resources actually used by experiments [5]. The largest share of CPU power has been delivered by CYFRONET-LCG2 cluster at Kraków, and thanks to this site the use of Polish pledges even exceeds the declared level. 4. Future needs of LHC computing in the next several years. The current way of increasing frequency of collisions (luminosity) in LHC leads to the effect of pile-up when more than 1 collision at a time is registered. In consequence of this triggering on events of interest is less efficient, the average event size is larger than expected, taking more space to store on disk and requiring more CPU time for reconstruction. In order to mitigate potential need to increase required amount of computing resources experiments are introducing changes in their computing models, reducing number and type of data file copies stored permanently and improving at the same time access to the data by implementing dynamical data placing and aggressive data cleaning policies. Thanks to these measures experiments have been able to stay in year 2012 within the budget of resources requested with minimal changes while year 2013 will require increase only of order of 10%. Final requirements for computing resources from LHC experiments for years 2012-2013 will be published in May 2011 and Poland will soon have to pledge what part of them it will be able to provide. Acknowledgements: We acknowledge financial support by POIG.02.03.00-00-007/08-00 PL-Grid project (www.plgrid.pl). We are also grateful to directorates of all institutions involved for good cooperation.

References

1. Evans, L. & Bryant, P. (eds), “LHC Machine”. JINST 3, S08001, 2008. 2. Shiers, J., “The Worldwide LHC Computing Grid (Worldwide LCG)”, Comp. Phys.Commun. 177,

2007, pp. 219-233. See also http://lcg.web.cern.ch/LCG/. 3. WLCG Resources: http://lcg.web.cern.ch/LCG/Resources/WLCGResources-2010-

2012_15DEC2010.pdf 4. Tier-2 Availability and Reliability Report: https://espace.cern.ch/WLCG-document-

repository/ReliabilityAvailability/Tier-2 5. Tier-2 Accounting Summary: http://lcg.web.cern.ch/LCG/accounting/Tier-2 6. The PL-Grid project, http://www.plgrid.pl/en

Practical Experiences with Torque meta-Scheduling Šimon Tóth, Miroslav Ruda Cesnet, Czech Republic Last year we have presented [4] the evaluation of the open source Torque batch system [2] and an overview of features that needed to be back-ported from the commercial PBSPro [1] batch system, which was still used in the production environment. We also introduced a new distributed architecture that would allow us to solve the issues of the centralized single-server setup [3] and allow higher autonomy and stability of individual clusters. These features are an integral part of an ongoing effort to allow new resource providers easy route to join the Czech National Grid and at the same time to allow users and their virtual organizations to easily negotiate the use of resources connected to the Czech National Grid. In this paper we will present our experiences with the transition of our production environment from the commercial PBSPro to Torque and our assessment of Torque's suitability for such environment, as well as features developed during the transition. Building upon the features that were implemented into Torque during the transition, we were able to target new groups of users. Support for scheduling generic resources [3] on computational nodes, which we presented last year, was further enhanced with the ability to schedule physical devices, like GPU cards, to accommodate growing demand for GPU computing. Resource semantics were also modified to allow configurable over-subscribing, to support monitoring of computational resources across the grid using standard batch jobs. Further we will also present advances in the cloud-like features [5][6]. Building on top of our already virtualized infrastructure, we were able to provide on-demand virtual machine building. This allows the system to provide wide range of Linux distributions without the need for them to be preinstalled on target machines. To facilitate user requirements, the system is even capable to provide virtual machines with MS Windows. We will also discuss the advancements in our distributed architecture [7]. With the planned inclusion of multiple large sites with high autonomy demands, the system has to cope with a several cooperating servers and schedulers. We are also announcing a public release of our implementation, which is now publicly available to any sites that would like to test our modified version of Torque. References

1. The Portable Batch System. http://www.pbspro.com

2. Torque Resource Manager. http://www.clusterresources.com/products/torque-resource-manager.php

3. L. Matyska, M. Ruda, Š. Tóth: Peer-to-peer cooperative scheduling architecture for National Grid Infrastructure, Data Driven e-Science / Use Cases and Successful Applications of Distributed Computing Infrastructures (ISGC 2010)

4. L. Matyska, M. Ruda, Š. Tóth: Towards Peer-to-Peer Scheduling Architecture for the Czech National Grid, Cracow '10 Grid Workshop

5. M. Ruda, Z. Šustr, J. Sitera, D. Antoš, L. Hejtmánek, P. Holub: Virtual Clusters as a New Service of MetaCentrum, the Czech NGI, Cracow '09 Grid Workshop

6. M. Ruda, J. Denemark, L. Matyska: Scheduling Virtual Grids: the Magrathea System, Second International Workshop on Virtualization Technology in Distributed Computing, USA, ACM digital library, 2007. p. 1-7. 2007, Reno, USA.

7. M. Ruda, Š. Tóth: Transition to Inter-Cluster Scheduling Architecture in MetaCentrum. Cesnet technical report 21/2009.

Programming and Execution of Multiscale Applications in Distributed Environments

Katarzyna Rycerz(1,2), Eryk Ciepiela(2), Tomasz Gubała(2,3), Daniel Harężlak(2), Joanna Kocot(2), Grzegorz Dyk(2), Jan Meizner(2) and Marian Bubak (1,2,3)

(1) AGH University of Science and Technology, Department of Computer Science, Krakow, Poland (2) AGH University of Science and Technology, ACC CYFRONET AGH, Krakow, Poland (3) Informatics Institute, University of Amsterdam, The Netherlands

This paper describes an environment for composing multiscale applications from single scale models

encapsulated as scientific software components and distributed in various European e-Infrastructures.

Examples of such simulations include e.g. blood flow simulations (assisting in the treatment of in-stent

restenosis [1], nanomaterial applications [2] or stellar system simulations1 . We focus on the

applications with the structure described in Multiscale Modelling Language (MML)[3]. MML was

designed to uniformly describe multiscale models and their computational implementation on the

abstract level. It defines single scale sub-modules, scaleless mappers and the coupling topology

describing how sub-modules and mappers are connected.

The architecture of the programming and execution tools are presented in Fig. 1. Multiscale

Application Designer (MAD) supports applications’ composition using a graphical form of MML and

transforms it to executable format (GridSpace Experiment). MAPPER Memory (MaMe) is a registry for

MML-based descriptions of single scale application modules and mappers used in the composition

step supported by MAD. GridSpace (GS) Experiment Workbench [4] supports high level stage of

execution and interacts with underlying interoperability layer to access the infrastructures.

Software packages on e-infrastructures

Multiscale Application Designer

GridSpace Experiment

Workbench

Execution

Engine

Result and

file

browsing

Mapper Memory

(MaMe)

Direct Experiment hosts

(UIs)(MAPPER Interoperability layer)

Interpreters

Registry

Data flow

REST

REST GSExperiment

ssh sshInteroperability layerclients

Fig. 1 Architecture of programming and execution tools. The user registers single scale modules in

MaMe, composes them in a multiscale application in MAD and executes it in GS Experiment

Workbench

1 http://amusecode.org/

To support the actual execution we have introduced the model where applications are described as a

set of scripts snippets that are associated with the so-called interpreters. The interpreter is a software

package accessible from a script language which is available on the infrastructure no matter where it's

installed. An example of interpreter can be Multiscale Coupling Library and Environment (MUSCLE) [1]

environment, where an multiscale application is composed from so-called kernels . The connections

are specified in a script file called CxA file. The other example of such an interpreter can be Large-

scale Atomic/Molecular Massively Parallel Simulator (LAMMPS) [2], where a user use Domain Specific

Language to describe the problem to solve .

On the other hand, we needed abstraction level above a range of ways the computational facilities are

accessible. We introduced an executor entity i.e. a common entity for hosts, clusters, grid brokers etc.

capable of running software which is already installed on it (represented as Interpreters). The

execution model assures that execution format of application (i.e. GridSpace experiment) can be

considered as portable in terms of infrastructure to be used. The Interpreter Registry was introduced

to store bindings between interpreters and executors.

The tools have been initially tested using skeleton application that simulates very simple behaviour of

an ant and an elephant and consists of three scalefull single scale modules and two mapper modules

used for connections between scale ones.

Acknowledgements. The authors thanks Alfons Hoekstra, Joris Borgdorff and Eric Lorenz from UvA for

discussions on ISR2D, CxA and MUSCLE. The research presented in this paper was partially supported

by the MAPPER project - grant agreement no 261507.

References

[1] J.Bernsdorf, G. Berti, B. Chopard, J. Hegewald, M. Krafczyk, E. Lorenz, A. Hoekstra and D. Wang:

Towards Distributed Multiscale Simulation of Biological Processes, accepted by Workshop on

Distributed Multiscale Computing 2011 in conjunction with the 7th IEEE e–Science conference.

[2] D. Groen, J. Suter and P. Coveney: Modelling Distributed Multiscale Simulation Performance: an

Application to Nanocomposites, accepted by Workshop on Distributed Multiscale Computing 2011 in

conjunction with the 7th IEEE e–Science conference.

[3] J.L. Falcone, B. Chopard and A.G. Hoekstra. MML: towards a Multiscale Modeling Language.

Procedia Computer Science (2010) vol. 1 (1) pp. 819-826

[4] E. Ciepiela, D. Harezlak, J. Kocot, T. Bartynski, M. Kasztelnik, P. Nowakowski, T. Gubała, M.

Malawski, M. Bubak: Exploratory Programming in the Virtual Laboratory, in Proceedings of the

International Multiconference on Computer Science and Information Technology pp. 621–628, 2010

[5] K. Rycerz and M. Bubak: Building and Running Collaborative Distributed Multiscale Applications, in:

W. Dubitzky, K. Kurowsky, B. Schott (Eds), Chapter 6, Large Scale Computing, J. Wiley and Sons, 2012

[6] K. Rycerz and M. Bubak: Component Approach to Distributed Multiscale Simulations, SIMULTECH

2011, 1st International Conference on Simulation, Modeling Technologies and Applications,

Noordwijkerhout, pp. 122-127, The Netherlands, 29-31 July, 2011

Science Gateway for High Resolution Rendering on Cluster and Desktop based Grid Resources

Tamas Kiss, Daphne Economou, Natasha Angelopoulou, Daniel Farkas, Gabor Testyanszky and Stephen Winter, University of Westminster, School of Electronics and Computer Science, UK

Grid computing enables computational and data resources to be effectively shared and managed, facilitating the execution of resource intensive applications. In fields such as industrial design and mass-media communication and distribution, where the rendering of images and computer animation at high resolution can be computationally expensive, such technology can play an important role by effectively parallelising and running the task on cluster or grid computing resources. The presented work describes a distributed rendering solution available via a customized science gateway based on the P-GRADE grid portal [1] technology and its workflow engine. The solution is capable to utilise a wide range of distributed computing resources, including local clusters, g-Lite [2] or Globus [3] based service grid systems, and BOINC [4] based desktop grid systems. In the service grid based implementation the target platform is a computer cluster that could be standalone or part of a larger grid installation. The application is currently deployed on the University of Westminster Carmen cluster that is part of the UK National Grid Service. In case of the desktop grid based implementation, a BOINC client application has been implemented using the Distributed Computing API (DC-API) [5]. The application is deployed at and supported by the University of Westminster Local Desktop Grid that consists of approximately 1600 laboratory PCs used primarily for education purposes. Typical rendering end-users are not distributed or grid computing specialists. Therefore, these end-users require an intuitive and user-friendly interface to create, submit, monitor and retrieve the results of rendering applications. In order to facilitate this requirement, the P-GRADE grid portal has been utilized in its generic and in a highly customized format. The customised science gateway, the Rendering Portal is a stripped down and adapted version of the generic P-GRADE portal environment. The Rendering Portal hides the complexity of P-GRADE from the end-users and expresses only those basic functionalities that are essential to create, submit and monitor rendering tasks. The solution is capable to utilise multiple rendering engines. The current implementation supports the Blender open source rendering software, and also Mental Ray, one of the most widely used commercial rendering packages. Although there are other grid based rendering solutions already available (e.g. commercial solutions [6, 7], or research projects [8, 9]), the work presented and proposed in this paper has several unique features. These unique features include the seamless and transparent utilisation of multiple heterogeneous distributed computing infrastructures, and the highly customised user interface that enables even animation “enthusiast” and “bedroom artists” who are typically not interested in building workflows and accessing and learning highly sophisticated environments to run complex rendering tasks. The solution has been tested and evaluated using several real life case studies applied in teaching multimedia and computer games students.

Acknowledgements. This research work is partially supported by the EDGI (European Desktop Grid Initiative) project funded by the European Commission within the FP7 framework (project number RI 261556). References 1. P. Kacsuk, P-GRADE portal family for grid infrastructures, Concurrency and Computation:

Practice & Experience, vol. 23, issue 3, March 2011 2. Laure, E. et al. 2006, Programming the Grid with gLite. Computational Methods in Science and

Technology 12, no. 1, 33-45, 2006. 3. Foster, I. 2006, Globus Toolkit Version 4: Software for Service-Oriented Systems. Journal of

Computer Science and Technology 21, no. 4, 513–520, 2006. 4. Anderson, D. P. 2004, BOINC: A System for Public-Resource Computing and Storage. 5th

IEEE/ACM International Workshop on Grid Computing, November 8, 2004, Pittsburgh, USA 5. Marosi et al.: Enabling Java applications for BOINC with DC-API, In Distributed and Parallel

Systems, Springer US, August 2008, pp 3-12 6. RENDER-IT. http://www.render-it.co.uk 7. RESPOWER. http://www.respower.com

8. Chong, A. Sourin, K. Levinski, Grid-based computer animation rendering, Proceedings of the 4th international conference on Computer graphics and interactive techniques in Australasia and Southeast Asia, pp 39-48, ACM New York, NY, USA, 2006.

9. Z. Patoli, et al, How to Build an Open Source Render Farm Based on Desktop Grid Computing, in Wireless Networks, Information Processing and Systems Communications in Computer and Information Science, 2009, Volume 20, 268-278, DOI: 10.1007/978-3-540-89853-5_29

Scripting language extensions offered by the GridSpace Experiment Platform

Daniel Harężlak (1), Marek Kasztelnik (1), Eryk Ciepiela (1), Marian Bubak (1,2,3) (1) AGH University of Science and Technology, ACC Cyfronet AGH, Krakow, Poland (2) AGH University of Science and Technology, Department of Computer Science, Krakow, Poland (3) Informatics Institute, University of Amsterdam, The Netherlands GridSpace [1] is a web-based script integration platform which allows researchers to combine their codes into a complete experiment or a set of experiments. These, in turn, can be shared within research communities for collaborative study. The script nature of the experiments gives authors great flexibility to use the run, observe, modify and re-run cycle. For such exploratory programming model to be even more productive GridSpace integrates a few mechanisms that decrease the amount of boilerplate code and lets focus on research relevant issues. The first extension, called Gem Manager, takes care of managing various libraries available for different script languages (e.g. Ruby gems [2] or Python eggs [3]). Apart from adding required libraries to user's execution environment the Gem Manager attaches dependency information to experiments to prepare similar conditions for future runs, also for different users. Scientific research often requires high-performance computing resources provided by clusters, access to which is possible through one of PBS [4] implementations. GridSpace provides an extension that offers access to this API from within a scripting language of choice. For a common requirement of intermediate experiment results presentation and user data retrieval GridSpace offers a WebGUI extension which allows authors to easily integrate RIA (Rich Internet Applications) applications into their experiments. For convenience one RIA implementation is available through GridSpace itself and can be used for simple cases.

At present web computing rich graphical user interfaces are a standard. There are many tools offering out-of-the-box widgets for building fancy-looking application views. Among many GWT [7], Adobe Flex [8], JavaFX [9] or Echo3 [10] may be mentioned here. To make the GridSpace platform independent of these technologies a WebGUI protocol was introduced making the ability to operate on REST-like services the only integration requirement. Such approach lets experiment developers use any web framework to implement their presentation layer.

The basic idea behind the Gem Manager is to overlay the functionality of extending a given scripting language with third-party libraries by a universal web interface which allows to easily manage the process from GridSpace experiment editor. This way an experiment author just in a matter of few mouse clicks is able to include a required library in their experiment and continue the research.

To enable PBS functionality in the scripting languages supported by GridSpace the SWIG [5] tool was used to produce corresponding bindings. The basic PBS implementation was written in C and linked directly with the PBS API offered by TORQUE [6]. Currently Python and Ruby ports are tested and available. The WebGUI mechanism can be used in more complex experiment implementations where intermediary results can determine the future experiment execution or human input is required. Any web application available through an URL and conforming with a simple protocol offered by the extension can be used to enrich an experiment.

Future work mainly involves improving the functionality of the presented extensions.

Gem Manager will be extended to support other script languages depending on the availability of a mechanism similar to Ruby gems. The experiment dependency feature is in an experimental phase and still requires testing. The PBS API support needs attention in the area of supporting less relevant job submission options, which will be added according to user requests. Also, porting to other script languages is foreseen. As for the WebGUI extension the reference RIA implementation will be extended with file upload and graphics presentation support. Acknowledgements. The research presented in this paper has been partially supported by the European Union within the European Regional Development Fund program no. POIG.02.03.00-00-007/08-00 as part of the PL-Grid project (www.plgrid.pl). References [1] E. Ciepiela, D. Harezlak, J. Kocot, T. Bartynski, M. Kasztelnik, P. Nowakowski, T. Gubała, M. Malawski, and M. Bubak, "Exploratory programming in the virtual laboratory," in Proceedings of the International Multiconference on Computer Science and Information Technology, Wisla, Poland, 2010, pp. 621-628, see also http://dice.cyfronet.pl/ [2] http://rubygems.org – Community RubyGem Host Web Page [3] http://www.python-eggs.org – Python Eggs Web Page [4] http://teal.gmu.edu/lucite/manuals/PBSPro5.0/pbs_ers.pdf – Portable Batch System: Reference Spec [5] http://www.swig.org – Simplified Wrapper and Interface Generator Web Page [6] http://www.clusterresources.com/products/torque-resource-manager.php – TORQUE Resource Mananger [7] http://code.google.com/webtoolkit – Google Web Toolkit Web Page [8] http://www.adobe.com/pl/products/flex – Adobe Flex Web Page [9] http://javafx.com – JavaFX Web Page [10] http://echo.nextapp.com/site/echo3 – Echo3 Framework Web Page

Seamless Access to the PL-Grid e-Infrastructure Using UNICORE Middleware

Krzysztof Benedyczak(1), Rafał Kluszczyński(1),, Marcelina Borcz(1),, Grzegorz Marczak(1), Piotr Bała(1), Marcin Stolare(2), Radosław Radecki)2), Maciej Filocha(2) (1) ICM University of Warsaw & N. Copernicus University, Poland (2) ICM University of Warsaw

UNICORE 6 builds upon a number of concepts, such as Service Oriented Architecture (SOA) and messaging. As defined by the OASIS SOA Reference Model (Reference Model for Service Oriented Architecture 2006), SOA is a “paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains”. In effect, the capabilities of a distributed system are organized into well-defined chunks of functionality, the “services”. Other parts of the system may then interact with the services to exploit their capabilities. To this end, both service and service consumer must agree on the service interface, the service semantics, and the real world effects, of a service invocation. To promote loose coupling and reusability of services, consumers rarely bind to services directly, but usually engage in a process of dynamic discovery to „discover‟ required services. The web services technology enables the building of document oriented distributed systems. In addition, web services cater to interoperability, an element that is of crucial importance for realizing SOA. Because web services use XML as their basic message exchange format, services and service consumers need not share the same implementation platform. The Web Services Resource Framework (WSRF) is an application of web service technology to realize access to and management of stateful resources. In grid computing, with its strong focus on heterogeneous resources that have to interoperate, web services have emerged as key technology on which current Grid middleware is built. UNICORE, in its latest version 6, is compliant with the Open Grid Services Architecture (Foster, Kesselman, Nick, Tuecke 2002) and uses standards such as WSRF 1.2 (WSRF 2008) and job submission definition language JSDL 1.0 (JSDL 2008).. The system is layered into three tiers: the client tier, the Gateway and the WSRF service container tier. Communication between these three tiers is carried out through the use of web services. UNICORE 6 framework has been successfully implemented within the PL-Grid project giving access to the distributed computational infrastructure. The UNICORE PL-Grid infrastructure consists of a number of individual sites each described by the list the provided associated hardware, services and installed applications. In the PL-Grid most of the UNICORE services are installed at the main site located at ICM. The execution services are installed at the ICM and other sites providing resources to PL-Grid. The UVOS service is populated with the user data received from the PL-Grid LDAP repository which contains information about users, their preveledges and certificates. This data is synchronized with the UVOS and is used to authorize and authenticate users. The UNICORE infrastructure has been successfully installed and integrated with the PL-Grid infrastructure. In the paper we will describe in details deployment of the UNICORE middleware on the existing infrastructure. The services planning and configuration will be described. The monitoring and accounting of the job submitted through UNICORE is described. Monitoring and accounting information are integrated with the rest of the PL-Grid infrastructure. The procedure to attach new resources to the UNICORE grid is described. In result we have obtained stable infrastructure which offers PL-Grid users flexible access to the resources such as CPU and storage. From the users point of view UNICORE is one of the access modes and do not require any special activities such as special keys, procedures etc.

Security Best Practices: Applying Defense-in-depth Strategy to Protect the NGI PL

Bartłomiej Balcerek(1), Gerard Frankowski(2), Agnieszka Kwiecień (1), Adam Smutnicki (1), Marcin Teodorczyk(1) WCSS[1] PCSS[2] bartlomiej.balcerek@pwr.wroc.pl,gerard.frankowski@man.poznan.pl,agnieszka.kwiecien@pwr.wroc.pl adam.smutnicki@pwr.wroc.pl, marcin.teodorczyk@pwr.wroc.pl Keywords: IT security, attack, defence-in-depth, procedures, penetration tests, static analysis, PKI 1 Introduction The role of IT security is continuously growing. Large infrastructures have to be protected against sophisticated attacks on different: organizational, technical and logical levels. Achieving the sufficient security level becomes even more difficult for distributed and often heterogeneous environments, involving valuable assets and data - like grids. Pl-Grid involves live Polish supercomputing centers that offer their facilities and assets to hundreds of users. Therefore at least two significant threats appear: stealing resources of Pl-Grid and stealing the data of another users. Especially the later would have not only impact on the victims, but also a cause a PR disaster, which could decrease the trust towards grid infrastructures at all. The main goal of the described work is to provide the maximum level of protection of the PL-Grid infrastructure against network attackers. Moreover, it must have been not only appropriately designed, but also realized. 2 State-of-the-art There are different approaches towards assuring IT security in R&D projects (either on national or international level). Usually a separate task or activity is devoted to this topic, which is a sign that IT security is not underestimated, but the appropriate formal structure is only the first step. The contents of the security task must be sufficient as well. In one of the largest European R&D projects, GN3 [3], there is no general security activity (JRA or SA), although there are two tasks devoted to the protection of multidomain network services, which are one of the main subjects of the project. On the other hand, two exemplary Polish national grid projects, Clusterix [4] and SGIGrid [5], had separate, general security sub tasks. In the case of Clusterix several different technical solutions were mentioned, concerning both appropriate (secure) configuration of systems and applications and additional security solutions. A similar approach was applied in the SGIGrid project. However, especially in case of older projects (SGI-Grid and Clusterix t well into that category), even if technical security solutions complemented each other well, they were not supported on organizational (or procedural) level, which raised problems in secure management of the whole project. Nowadays, a different approach is often applied: establishing suitable security bodies and procedures is provisioned in a project proposal and the details are customized during the project life. An example may be GN3 project, where Security Expertise Delivery [6] service has been established and it is introducing the risk assessment stage into the software development lifecycle. Organizational support for technical security solutions may be even better established and earlier de ned. This approach - basing on best practices from known projects - has been applied in Pl-Grid R&D projects. 3 Description of the solution The result of Pl-Grid project is establishing nationwide computational infrastructure that enables hundreds of researchers from different areas to run simulations that intensively uses offered resources. The amount and the price of those resources (not only purely processor time or RAM, but also research data) attract also malicious users who are going to abuse the Pl-Grid infrastructure. This danger had been appropriately identified before the beginning of the project - during preparing the project proposal. In order to protect the resources, a complex, upside-down approach has been agreed and accepted, beginning with high-level, organizational and procedural issues. To provide appropriate control over IT security within the project, a separate work package has been differentiated (WP6 | Infrastructure Security). Security Center for the project was established with the Security Coordinator

as the head, responsible for all security-oriented activities (either within the WP or cross-activity ones), as well as for communication between the Center members. Security Center takes part in every stage of development of the target infrastructure. The first goal of the Center was to review current security standards, prepare and deploy suitable security policies and procedures for further work. For instance, deploying any software developed within the confines of the project is not allowed before its security assessment is finished, risk analysis is performed and recommendations (possibly not all) are implemented. Conformance to the procedures are guarded by a ticketing system, where the risk assessment is one of the stages in the deploy ment queue. In order to assure appropriate, fast and reliable reaction on network security incidents within the project, the Security Center takes part in work of PIONIER CERT [7], the group responsible for maintaining appropriate security level of Polish NREN. Besides that, the Center is a member and a Polish branch of EGI CSIRT [8], who manage handling network incidents on the European level. Additionally, the Center developed an internal, user friendly PKI instance for the internal purposes of the project (so called \Simple CA" [12]). The above activities, although required from the organizational point of view, must be supported with purely technical work. Better protect than cure | so the most significant is to eliminate security threats before they may be encountered by a malicious attacker. Thus the specialists from Security Center conduct different activities oriented towards increasing the security level within the infrastructure. Developed applications are assessed by source code analysis, as well as by penetration testing of their instances. Penetration tests are also conducted, concerning the whole infrastructure and with respect to particular attack scenarios. Additionally, there have been developed scripts that are periodically run on over 100 Pl-Grid nodes in order to promptly identify the most common security problems (like les with too wide access rights). Current working status of all computer centres will be monitored using intelligent Intrusion Detection Systems, like Acarm IDS [9] and MetaIDS [10]. Finally, a separate system for inventory and static security control, SARA, has also been prepared. Both “technical" and “organizational" groups of security solutions are totally different. While the technical solutions assure decreasing the number of security bugs, the organizational ones allow to appropriately react on vulnerabilities of an external origin (and assure that the technical solutions are suitably entrenched within the project activity flow - e.g. that the proposed security recommendations will not be discarded due to the close planned release date. Obviously, the picture outlined above is artificial, ideal. In real life there occur numerous events that impact either security systems or procedures (or both). The ability to resolve unexpected technical and organizational problems in the Security Center cannot be overestimated as well. However, in Pl-Grid we have some successful stories on this field as well. 4 Results Access to Pl-Grid infrastructure has already been made offered to users. Although the results of secu- rity activities conducted in Pl-Grid contain also finding several significant security vulnerabilities in the third party software utilized by the project, the project infrastructure has not su ered a known successful security breach. Security incidents on the European grid level are also appropriately addressed. 5 Conclusions and future work We nd the approach to security issues applied by Pl-Grid as optimal (or close to that). Two crucial is- sues were successfully addressed. First, appropriate role of IT security had been expressed from the very beginning of the Pl-Grid project (i.e. preparing the project proposal). Second, security has been addressed on different technical and organizational layers. Taking only one of this group into consideration would result in inability to resolve occurring incidents or producing and offering insecure solutions. It is probable that the elaborated solutions may be considered at least as a base pattern for further considerations for other R&D projects that group scientists and engineers from different centers | in order to assure proper security level of their work. On the other hand, still some minor improvements to handling IT security still could be introduced, for instance more emphasis on security trainings for developers and administrators. References [1] http://www.wcss.wroc.pl. [2] http://www.man.poznan.pl. [3] http://www.geant.net.

[4] http://www.kdm.wcss.wroc.pl/wiki/Clusterix. [5] http://www.wcss.wroc.pl/pb/sgigrid/. [6] http://www.terena.org/activities/tf-csirt/meeting27/routly-gn3-sa2t4.pdf. [7] http://cert.pionier.gov.pl/. [8] https://wiki.egi.eu/wiki/EGI_CSIRT: Main_Page. [9] http://www.acarm.wcss.wroc.pl. [10] http://ppbw.pcss.pl/dids.html. [11] Defense in depth strategy - a use case scenario of securing a virtual laboratory, Remote Instru- mentation for eScience and Related Aspects (in preparation). [12] http://plgrid-sca.wcss.wroc.pl, 2010.

Status of CC1 project. Cloud Computing for Science and Economy

J. Chwastowski, K. Danielowski, R. Grzymkowski, M. Kruk, M. Nabożny, Z. Natkaniec, A. Olszewski,

H. Pałka, T. Sośnicki, P. Syktus , M. Witek, P. Wójcik, T. Wojtoń, M. Zdybał, B. Żabiński

The CC1 team at Institute of Nuclear Physics PAN

Providing computer infrastructure to end-users in an efficient and user-friendly way was always a big challenge in the IT market. “Cloud computing” is an approach that addresses these issues and recently it has been gaining more and more popularity. A well designed Cloud Computing system gives elasticity in resources allocation and allows for efficient usage of computing infrastructure. The underlying virtualization technology and the self-service type of access are the two key features that make the software independent of the specific hardware and enable a significant decrease in system administration effort. The growing popularity of cloud computing led to the appearance of many open source systems offering cloud computing environments, such as Eucalyptus, OpenNebula, Nimbus or OpenStack. These solutions make it possible to construct a computing cloud in a relatively short time and do not require a deep understanding of virtualization techniques and network administration. The main drawback of using this type of toolkits is a difficulty in customization to special needs. A significant effort is needed to implement some non standard features. In particular the need for reimplementation into each new version of external toolkits makes the development very hard and inefficient. The CC1 Project started in 2009. The first step was the review of available cloud toolkits to select the one with optimal functionalities to accomplish the project goals. OpenNebula was chosen as the most promising package. The early steps, a working prototype and plans for future were presented during CGW’10. After the successful implementation of basic virtual machine (VM) management, we faced problems during the implementation of more sophisticated features. It imposed a severe constraint on the project schedule. At this point we made a decision to prepare our own cloud computing system. The proposed solution for CC1 is based on Libvirt, a lower level virtualization toolkit. It provides a full set of VM management actions on a single node. The PYTHON programming language was chosen as it ensures fast development environment (interpreter) and offers a number of useful modules. At present most of the required features are being implemented:

custom web-based user interface,

automatic creation of virtual clusters (“farms”) with preconfigured batch system,

groups of users with the ability to share resources,

permanent virtual storage volumes that can be mounted to a VM,

“elastic” public IP addresses,

distributed structure – federation of clusters running as a uniform cloud,

quota for user resources,

sophisticated monitoring of usage of resources. The CC1 system consists of two main layers. The top element of the system is called Cloud Manager (CLM). It receives calls from user interfaces (web browser based interface or EC2 interface) and passes commands to Cluster Managers (CMs). Cluster Manager, running on each individual cluster, handles all low-level operations required to control virtual machines. The project is close to reach its first milestone. The production quality system (Private Cloud) will be made available to researchers of IFJ PAN at the beginning of 2012. The next step is to build federated systems with universities that expressed their interest in the project. The project is financed from the structural resources within the grant POIG 02.03.03-00-033/09-04 funded by the European Commission and the Polish Ministry of Science and Higher Education (Innovative Economy, National Cohesion Strategy)

Storage QoS Provisioning in Grid Environment Renata Słota (1,2), Darin Nikolow (1,2), Dariusz Król (1), Kornel Skałkowski (1), Bartosz Kryza (1), Michał Orzechowski (1), Michał Wrzeszcz (1), and Jacek Kitowski (1,2) (1) AGH University of Science and Technology, ACC CYFRONET AGH, Krakow, Poland (2) AGH University of Science and Technology, Faculty of Electrical Engineering, Automatics, Computer Science and Electronics, Department of Computer Science, Kraków, Poland

Nowadays many grid users stumble on issues concerning efficient access to storage resources. Modern scientific applications for simulations of protein-folding or weather/climate prediction, to name only some, become more and more complex in order to provide more precise results and forecasts. Increasing complexity of an application usually entails increase of both: computation load and produced data volume. Since many projects and resulting grid middleware environments or tools are aimed on efficient provisioning of computing resources [1,2], I/O operations become a bottleneck of many grid applications. Issues associated with efficient access to storage resources emerge especially in applications which perform computations concurrently with file operations. For such applications efficient access to storage services constitutes an essential factor affecting their execution time. The QStorMan toolkit is a grid extension developed as a part of the Framework for Intelligent Virtual Organization (FiVO) [3]. The toolkit goal is storage QoS provisioning in the grid environment. To achieve this goal it continuously monitors load of storage services available in the grid system and assigns storage requests to nodes with the most suitable services. The assigning process is based on QoS/SLA requirements defined by a user which comprise storage resources QoS parameters like current read transfer rate, current write transfer rate and required capacity. Especially the toolkit can be used for reduction of the execution time for data-intensive grid applications. QStorMan can be used by the user in three different ways:

1. By explicit definition of user application requirements for a concrete application. In this case the requirements are defined using a web interface or by linking a special QStorMan access library to the user application.

2. By specification of user requirements in the context of a grid virtual organization [4]. In this case the requirements are specified only once and then applied to all user applications.

3. By marking a user application as a data-intensive application in the grid middleware interface. In this case the user does not specify requirements explicitly – the system automatically assigns the application to the most suitable node.

The toolkit architecture comprises the following subsystems:

1. Storage Services Monitoring (SMED) Subsystem – the subsystem is responsible for continuous monitoring of storage services available in a grid in order to measure their actual performance parameters. Real-time monitoring of grid storage resources is essential to accomplish the system functionality, since the grid storage resources load is dynamic and unpredictable. The subsystem architecture fully supports the SOA paradigm and comprises two types of services: monitoring agents responsible for gathering storage resources parameters and access services which share the data received from the monitoring agents.

2. Grid Organization Memory (GOM) Subsystem [5] – the subsystem constitutes a knowledge base which holds semantic descriptions of grid storage resources used by other parts of the toolkit in order to perform their tasks. The semantic descriptions comprise information about storage resource types, localizations, access nodes and others. For example, the descriptions are used by the SMED subsystem in order to infer a way of measured metrics calculation for heterogeneous storage services.

3. Storage Element Selection (SES) Subsystem – the subsystem is responsible for finding the most suitable storage element according to the given non-functional requirements. The SES subsystem combines static knowledge about available storage elements in the Grid with dynamic knowledge about storage performance parameters. The static information is retrieved from the GOM knowledge base while the dynamic information is gathered from the SMED monitoring subsystem. This selection process allows on efficient provisioning of storage resources for the QStorMan users.

4. Web Interface – the QStorMan toolkit provides an intuitive, easy-in-use web interface for its users. The web interface allows for explicit specification of user requirements and automatic generation of the Job Description Language (JDL) file which is linked to applications sent to the grid middleware. Additionally, the web interface accepts specification of user requirements in the context of virtual organization (cf. the second way of the tool usage).

QStorMan works in the following way: a user specifies requirements for his/her application in a chosen way (by the web interface, grid middleware or a virtual organization context). Next, during the application runtime, the SES subsystem gets the requirements either from the GOM knowledge base or from the application itself. The SES subsystem retrieves the information about storage resources available in the application execution environment, i.e. Grid site, from the GOM knowledge base. Based on this information, SES sends requests to the SMED subsystem in order to investigate current performance parameters of the grid storage resources. Finally, using the obtained data and descriptions the SES subsystem prepares storage services mash-up for the user application. Performed tests show that usage of QStorMan results in execution time reduction for the data-intensive grid applications. Depending on the kind of application the observed reduction was in the range of 10% to 40% in comparison to calculations for which the storage services were chosen randomly. It means that the QStorMan tool application can significantly reduce the execution time of data-intensive grid applications.

References

1. D. Nikolow, R. Slota, J. Kitowski, Storage QoS Aspects in Distributed Virtualized Environment, in:

Proc. of CLOUD COMPUTING 2010 The First International Conference on Cloud Computing, GRIDs, and Virtualization November 21-26, 2010 - Lisbon, Portugal, IARIA, 2010, pp. 110-115

2. D. Krol, B. Kryza, K. Skalkowski, D. Nikolow, R. Slota, J. Kitowski, QoS Provisioning for Data-Oriented Applications in PL-GRID, in: M. Bubak, M. Turala, K. Wiatr (Eds.), Proceedings of Cracow Grid Workshop - CGW'10, October 11-13 2010, ACC-Cyfronet AGH, 2011, Krakow, pp. 142-150

3. FiVO project web site: http://fivo.cyfronet.pl/trac/fivo/wiki/FIVO 4. B. Kryza, L. Dutka, R. Słota, and J. Kitowski, Dynamic VO Establishment in Distributed

Heterogeneous Business Environment, LNCS 5545, Springer 2009, pp. 709-718 5. GOM project web site: http://fivo.cyfronet.pl/trac/fivo/wiki/GOM

The Extension of Torque Scheduler Allowing the Use of Planing and Optimization Algorithms in Grids

Václav Chlumský, Dalibor Klusáček, Miroslav Ruda CESNET z.s.p.o., Czech Republic

In this work we present an extension of the open source Torque Resource Management System [5] used in the Czech NGI MetaCentrum [5]. In the past decade, many works have shown that the use of planning brings many advantages [3,4,2,1] over classical queueuing approach which is widely applied in the current production resource management systems such as in PBS Pro, LSF, Torque [5], etc. Unlike the queueing approach where scheduling decisions are taken in an ad hoc fashion often disregarding previous and future scheduling decisions, planning-based approach allows to make plans concerning job execution. Such plan represents several advantages [6]. It allows to make prediction of job execution, provide the user a guarantee concerning start time of their jobs, etc. [2]. Moreover, the prepared plan can be optimized with respect to selected optimization criteria, using some advanced scheduling technique such as Local Search. However, except for few experimental systems, there is no working implementation of such a plan-based scheduler in some mainstream production resource management system. Therefore, we have decided to develop such functionality for the Torque RMS. The extension replaces the original queue-based scheduling mechanism in Torque’s Scheduler

entity (pbs_sched). Remaining entities such as Server (pbs_server) or Node client (pbs_mom) are

unchanged. The solution builds a plan—so called schedule [6]—according to the dynamically arriving

events from the pbs_server. One schedule is created for each virtual or physical site (e.g., computer

cluster). When new job arrives—by default—the first free suitable time slot is chosen for such jobs in the available schedules. This technique is similar to the well known backfilling approach as it allows to utilize ―gaps‖ in the existing schedules with suitable jobs. A time slot is considered suitable when all job’s requirements such as number of CPUs, available memory, software licenses, etc., are satisfied during this time slot. Job’s processing time is either directly estimated by the user or the user is requested to use one of the three predefined values (1h, 24h, 1 month). This initial schedule is continu-

ously updated according to the events delivered by the pbs_server. For example, completed jobs are

removed from the schedule or a partial rescheduling is performed once a machine failure appears. Most importantly, an optimization routine is also available, which allows to improve the quality of the initial schedule [4]. It is an iterative procedure which randomly changes positions of jobs in the schedule. Each such change is evaluated using one or more optimization criteria (e.g., slowdown, response time, fairness) and it is accepted if the schedule’s quality has been improved. The optimization routine is also useful when imprecision related to the job processing time estimates create gaps in the schedule [6]. In this situation, optimization is used to efficiently fill such gaps with suitable jobs. Preliminary results indicate that the use of schedule and the application of optimization techniques allow to achieve better performance wrt. the standard queue-based solutions (EASY and Conservative Backfilling, priority-based backfilling, FCFS, etc.). Typically, mean slowdown, response time and fairness have been improved once the schedule-based solution has been applied, because the use of schedule (i.e., planning of future job execution) allowed us to evaluate constructed solution and improve it using local search-based optimization. In the near future, the developed scheduler will be tested using real computer test-bed and the software package will be made publicly available. Acknowledgements. The access to the MetaCentrum computing facilities provided under the programme "Projects of Large Infrastructure for Research, Development, and Innovations" LM2010005 funded by the Ministry of Education, Youth, and Sports of the Czech Republic is highly appreciated. References 1. A. W. Mu'alem and D. G. Feitelson. Utilization, predictability, workloads, and user runtime estimates

in scheduling the IBM SP2 with backfilling. IEEE Trans. on Paral. and Distrib. Systems, 12(6), 2001. 2. B. Li, D. Zhao, Performance impact of advance reservations from the Grid on backfill algorithms. In

Sixth International Conference on Grid and Cooperative Computing (GCC 2007), 2007. 3. F. Xhafa and A. Abraham. Metaheuristics for Scheduling in Distributed Computing Environments,

volume 146 of Studies in Computational Intelligence. Springer, 2008. 4. D. Klusáček, H. Rudová, The importance of complete data sets for job scheduling simulations. In

Job Scheduling Strategies for Parallel Processing (JSSPP 2010), LNCS 6253, Springer, 2010. 5. L. Matyska, M. Ruda, and S. Toth. Work towards peer-to-peer scheduling architecture for the

Czech National Grid, Cracow Grid Workshop, 2010. 6. D. Klusáček, H. Rudová, Efficient data representation of large job schedules. In MEMICS 2011 –

selected papers, LNCS 7119, Springer, 2011 (to appear).

The use of Spring, UWE and HQI in HELIO Dr. Gabriele Pierantoni, Dr. Brian Coghlan, Dr. Eamonn Kenny And The HELIO Consortium Trinity College Dublin

HELIO is a project funded under the FP7 program that aims to offer a set of tools for the discovery and analysis of data for heliophysics by offering a flexible and configurable search tool that performs automatically a set of cumbersome and time-consuming tasks. HELIO is now in its final year and some preliminary results and conclusions can be drawn on the architecture and its implementation. To simplify implementation and deployment and to increase interoperability with other systems, HELIO uses different frameworks for security, query and for some of its processing service. The security service in HELIO is called Community Interaction Service (CIS) and caters for different security profiles across the various access methods offered by HELIO. After a first, proprietary implementation of the CIS, it was suggested moving it to a standard security framework to simplify the enforcement of security on the different sites. As the HELIO front end is built with Spring (http://www.springsource.org/) and the TAVERNA server (HELIO’s workflow engine) has a security framework compatible with Spring, it has been decided to move the CIS in Spring security (http://static.springsource.org/spring-security/site/) HELIO has two different processing services: one is a generic processing service called HELIO Processing Services (HPS), the other is called Context Service (CTX) and it runs specific IDL procedures. The CTX implements the UWS (http://www.ivoa.net/Documents/UWS/) interface from the IVOA (http://www.ivoa.net/) a standard interface for job submission used in the helio and astro-physics community. HELIO is now considering whether to extend this interface to the generic processing service or not. Finally, some of the HELIO services (DPAS, ICS, ILS, HEC and HFC) perform queries, to simplify the implementation and usage of this services, a single query interface (the HELIO Query Interface) has been designed for all these services. The use of these solutions for security, execution and query allows for easier implementation of the

original HELIO architecture and for a simpler deployment of the services.

Three-Stage Neurocomputational Modelling Using Emergent and GENESIS Software

W. Duch1, W. Nowak

1, J. Meller

1, G. Osiński

1, K. Dobosz

1, D. Mikołajewski

1 and G. M. Wójcik

2

1 Department of Informatics, Nicolaus Compernicus University, ul. Grudziądzka 5, 87-100, Toruń,

Poland 2 Institute of Computer Science, Maria Curie-Skłodowska University, Pl. Marii Curie-Skłodowskiej 1,

20-031, Lublin, Poland

In our research on Autism Spectrum of Disorders (ASD) simulations are characterised by the order of complexity that requires relatively high computational power. But simulation gives a look at some selected aspects of biological neurons and the networks properties reflecting the structure of their biological counterparts, and mechanisms at molecular, cellular or systems level. Moreover simulations using neural network model with attractor analysis (Fuzzy Symbolic Dynamics - FSD) help to assess system dynamics. In the paper we explore simulations procedures using EMERGENT and GENESIS software to provide consistent way for comparison of results of cognitive processes that models provide in both computational environments. This article aims at familiarize with selected applications and possible directions of further researches according to our current knowledge. The project is partly implemented on cluster and grid-based architectures.

References

Trąbka J. J. Neuroscience of my own subjective perspective. Materiały Konferencji “Modelowanie

Cybernetyczne Systemów Biologicznych MCSB 2010”. Bio-Algorithms and Med-Systems, 2010,

6(12), Supl. 1: 11-12.

Mikołajewska E., Mikołajewski D. Selected applications of computer models in medicine. Ann.

Acad. Med. Siles. 1-2 (2011) 78-87 (article in Polish).

Hodgkin A. L., Huxley A. F.: A Quantitative Description of Membrane Current and its Application to

Conduction and Excitation in nerve. J. Physiol., 117, (1952) 500-544.

O'Reilly, R.C., Munakata, Y.: Computational explorations in cognitive neuroscience. MIT Press

2000.

Bower J. M., Beeman D.: The Book of GENESIS - Exploring Realistic Neural Models with the

GEneral NEural SImulation System. Telos, New York (1995).

Maass W., Natschlaeger T., Markram H. Real-time computing without stable states: A new

framework for neural computation based on perturbations. Neural Computation, 14(11):2531-2560,

2002.

Duch W., Nowak W., Meller J., Osiński G., Dobosz K., Mikolajewski D., Wójcik G. M.

Consciousness and attention in autism spectrum disorders. Proceedings of Cracow Grid Workshop

2010, pp. 202-211, 2011.

Dobosz K., Duch W.: Understanding neurodynamical systems via Fuzzy Symbolic Dynamics.

Neural Networks 23, 487–496, 2010.

Duch W., Dobosz K.: Visualization for understanding of neurodynamical systems. Cognitive Neurodynamics, 5(2), 145–160, 2011.

Towards Ontology-based Performance Monitoring

of Multi-scale applications

Włodzimierz Funika (1,2), Michał Janczykowski (1), Konrad Jopek (1), and Maciej Grzegorczyk (1)

(1) AGH University of Science and Technology, Department of Computer Science,

al. Mickiewicza 30, 30-059 Krakow, Poland

(2) ACC CYFRONET AGH, ul. Nawojki 11, 30-950 Krakow, Poland

Designing and simulation of multi-scale systems have fundamental importance in many scientific

areas. Due to the number and cost of performed operations these applications require high efficiency

and many computational resources. Partioning the computations as well as arranging co-operation as

far as communication and synchronization are concerned demand not only thorough consideration

and a high level of precision but also the ability to change the granularity of computations easily. The

user, who is both the observer and the participant of experiments executed by these applications,

should not have problems either with interactivity during execution of these applications or

interpretation of current status of the experiment during the application's execution.

One of the most important requirements of multi-scale systems is continuous monitoring of their

work. Observation of the results and application's data flow enables to understand and control the

executed experiments better. In systems of such type where data processing is highly distributed, the

key issue is to provide the insight to the whole execution workflow. Data visualization is very important

because usually the user is left alone with a great number of data from monitoring all by oneself. To

facilitate the communication between the user and the system and especially to support interactive

work with the system is not an easy task nevertheless seems inevitable [1,2].

There are plenty of advantages when describing monitored environment in the form of ontology.

Interference with monitoring system code is not necessary, only description of monitored application is

changed. Furthermore, ontologies enable to study dependencies between the elements of described

system. Owing to this it is possible to change as needed abstract levels from bottom-up to top-down or

any other way according to current need in adapting the monitoring system. Another useful feature

resulting form ontological approach allows to infer with regard to malfunction or inefficiency of the

application. Monitoring with the use of ontology seems more dynamic. Measurement and/or

visualizations could be activated when exceeding some thresholds of other measurement. It spares

the user a lot of work and diminishes the responsibility thus making the monitoring system more

adaptable, with some autonomy in decision-making and therefore more universal.

The proposed system's architecture consists of three components: a monitoring system based on

the SemMon environment [3] which enables to collect and visualise performance data, a monitored

system and a low-level system, Nagios [4] which monitors the hardware resources. Communication

occurs between all the components, especially between SemMon-Nagios and SemMon-monitored

system. The SemMon system allows to monitor applications based on the semantic description of the

monitored application's elements [5].

So far the MUSCLE environment [6] has been used as a platform with which applications are built.

Due to the used ontological approach our idea of monitoring is not limited merely to this environment.

It can be adapted to any system employing paradigm of statement transfer. We have also done a

review of system working scenario in terms of is performance – transferring messages of various data

volumes and have compared the monitored system working with and without monitoring.

Among other tasks connected with the system's evolution we expect to introduce a data base

which enables retrospective analysis as well as automatic analysis and inference based on the

collected monitoring data.

Acknowledgment: This research was partially supported by the European Union within the European

Regional Development Fund program no. POIG.02.03.00-00-007/08-00 as part of the PL-Grid Project

(http://plgrid.pl).

References

[1] - M. Bubak, et al. “Virtual Laboratory for Development and Execution of Biomedical Collaborative

Applications”. S. Puuronen, M. Pechenizkiy, A. Tsymbal, D-J. Lee (eds.), Proc. 21st IEEE International

Symposium on Computer-Based Medical Systems, June 17-19, 2008, Jyvaskyla, Finland, pp. 373 –

378, DOI 10.1109/CBMS.2008.47

[2] - K. Rycerz, M. Bubak, M. Nowak, P. Pierzchala, E. Ciepiela, D. Harezlak, “Comparison of Cloud

and Local HPC approach for MUSCLE-based Multiscale Simulations”, paper accepted for presentation

at DMC 2011, Dec. 2011, Stockholm, Sweden

[3] - W. Funika, P. Godowski and P. Pegiel, “A Semantic-Oriented Platform for Performance

Monitoring of Distributed Java Applications”, M. Bubak et al. (Eds.), Proc. ICCS 2008, vol. III, LNCS

5103, Springer, 2008, pp. 233-242.

[4] - Nagios web page: http://nagios.com .

[5] - W. Funika, M. Kupisz, P. Koperek, “Towards autonomic semantic- based management of

distributed applications”, Computer Science Annual of AGH-UST, vol. 11, 2010, s. 51-63, AGH Press,

Krakow, 2010; ISSN 1508-2806.

[6] - MUSCLE’s homepage, http://muscle.berlios.de .

Training in the PL-Grid as Key Component to Attract Users to Grid e-Infrastructures

Marcelina Borcz(1), Krzysztof Benedyczak(1), Rafał Kluszczyński(1), Grzegorz Marczak (1), Piotr Bała(1), Adam Padee(2), Maciej Filocha(2), Mirosław Zdybek(3), Maciej Pawlik (3) (1) ICM University of Warsaw & N. Copernicus University, Poland (2) ICM University of Warsaw

(3) CYFRONET, AGH

One of the most important problems in utilization of the grid computing is access barrier. The potential users are usually very interested in accessing grid resources, however they have problems to get through the access procedures. Recent developments of the grid middlewere significantly lowered technological barriers but still some effort is necessary to enter and use the grid. In the PL-Grid project this problem has been addressed in number of ways. The user management has been implemented in the PL-Grid portal which allows for easy user registration and management. Another important activity implemented to attract users is training. In the Pl-Grid project the traditional hands-out training has been accomplished with the on-line training. For these purposes the dedicated learning management system has and training infrastructure have been installed and used. The promotion of the grid and training can be performed in the numerous ways. The simplest one is evangelization of the actual and potential users with the presentations, posters and flyers. This activity is often profiled according to the users’ background and the presentations are performed at the thematic conferences and events to meet potential users rather than developers. Another way is attracting users through publications in the journals and newspapers including general ones. It is well known that these activities require a lot of effort, both in terms of manpower and money and final effect is rather limited. The main reason of the low impact is difficulty in utilization of new knowledge by the users and lack of organizational and commercial support of new solutions. The main barrier in entering grid is difficulty to start caused by the long procedures to obtain certificates, handle and install them. The verification procedure takes some time and cannot be simplified since user is granted with the access to large and complicated infrastructure. Usually before procedure ends potential users lose their attraction and finally do not enter the grid. The only solution is either simplification of the procedure or use of the dedicated training infrastructure which can be accessed by the users almost immediately. During training period the validation of the user can be finished which allows for smooth transfer from testing to production environment. Training infrastructure allows beginner to play and experience how to use the grid without being officially enrolled in a grid production environment. In case of gLite, the EGEE and related projects deployed a dedicated training infrastructure named GILDA [1]. Similar approach has been taken by the UNICORE community which provided testbed infrastructure run by the ICM within Chemomentum project. The training infrastructure has been built of Plug and Play Certification Authority and a testbed which provided users with limited resources. The users could obtain temporary certificates which allow for testbed access. The application for certificates and testbed resources has been implemented on the web [2]. In the PL-Grid project we have put significant effort to attract users and to provide training to them. Based on the previous experience we have implemented variety of methods including well known exploitation in the scientific community through talks, presentation and personal communication. This approach has been accomplished with the on-line training in the form of webcast presentation. Training activities have been organized through PL-Grid portal which provided extended training management functionality. The prospective user can register in the portal and apply for the training. The Pl-Grid portal has been integrated with the Simple Certification Authority which provides certificates to access training infrastructure. The user applies for certificate through web interface and with the same interface receives automatically generated files with the certificates in the formats suitable for gLite and UNICORE. The public part of the certificates is automatically installed on the testbed which allows for almost immediate access to the training resources. This procedure has been also performed by the users during registration for the Pl-Grid hands-on classes.

Additionally, the organizers of the training sessions can use PL-Grid portal to generate certificates for the last minute incomers to distribute them on site. The special effort has been put to establish asynchronous on-line training facilities to allow users access the training infrastructure at any time. For these purposes the Pl-Grid portal has been integrated with the Blackboard lecture management systems []. The registered users of the PL-Grid portal obtain semi-automatically account in the Blacboard and are enrolled to the on-line grid courses available there. This solution allows to use top level lecture management systems and still handle user registration in the Pl-Grid portal. The PL-Grid training infrastructure has been successfully implemented and put into operations. It has been used to organize raining events and to allow users to access on-line training materials. The procedures available in the portal have been created based on the numerous training events performed within project. The feedback received from the users and trainers allowed us to optimize training infrastructure and operational procedures to minimize disadvantages. References [1] GILDA (Grid INFN Laboratory for Dissemination Activities) see https://gilda.ct.infn.it/ [2] Chemomentum Project: www.chemomentum.org

UIMA-HPC: High Performance Chemical Patent Mining Sandra Bergmann (1), Alexander Klenner (2), Marc Zimmermann (2), Mathilde Romberg (1) (1) Jülich Supercomputing Centre, Research Centre Jülich, Germany (2) Fraunhofer-Institute for Algorithms and Scientific Computing (SCAI), Sankt Augustin, Germany The development of new chemicals or pharmaceuticals requires an in-depth analysis of the published material in this field to be able to judge the potential success of the investment. Questions such as the following: For a given core structure, are there any structure variants already mentioned in literature, and if so, are there any indications of their effects? Are structure variants protected by third-party rights or are they free to use? What is the process of synthesizing a certain structure? These questions cannot be answered by sheer keyword searches. The information has to be made available to researchers in a compact and structured way in a timely manner.

The research project UIMA-HPC [1] will speed-up the process of knowledge mining through setting up workflows which in parallel analyze chemical images and the text according to several criteria. The results are thoroughly annotated documents. The single steps of the workflow are analysis engines (e.g. identification of drug classification terms, [2]) developed according to the UIMA (Unstructured Information Management Architecture) standard [3]. The analysis engines are high throughput applications with the capability of multi-threading, which allows for absorbing all available cycles on multi-core compute nodes. UNICORE [4] (UNiform Interface to COmputing Resources) workflows with its control structures allows for dynamically starting as many analysis engines as compute nodes are available or as appropriate for the amount of work to achieve short time to solution. The workflows can easily be set up using the UNICORE Rich Client [5] and executed on resources in a UNICORE infrastructure. Fig. 1 shows the schematic workflow of a patent mining use case: analysis engines are red framed boxes, options for parallelization are indicated by duplicated elements, the orange triangles denote workflow control structures with data distribution / collection function, and the arrows describe data flow.

Challenges in the project are the quality of the annotations made by the different data mining software tools used in the analysis engines as well as the optimized distribution and scheduling of the tasks on HPC systems.

Fig. 1: example of a workflow for a chemical patent mining use case

Acknowledgements: This work is supported by the German Ministry of Education and Research (BMBF) under grant-id 01IH1101, April 2011 – March 2014. References 1. UIMA-HPC project Web site: http://www.uima-hpc.org 2. C. Kolarik, M. Hofmann-Apitius, M. Zimmermann and J. Fluck , Identification of New Drug

Classification Terms in Textual Resources, ISMB/ECCB, (2007), Vienna 3. The Apache Software Foundation, UIMA Specification: http://uima.apache.org/uima-

specification.html 4. A. Streit, S. Bergmann, R. Breu, J.M. Daivandy, B. Demuth, A. Giesler, B. Hagemeier, S. Holl, V.

Huber, D. Mallmann, A.S. Memon, M.S. Memon, R. Menday, M. Rambadt, M. Riedel, M. Romberg, B. Schuller, T. Lippert, UNICORE 6 - A European Grid Technology, in: Advances in Parallel Computing, High Speed and Large Scale Scientific Computing, edited by W. Gentzsch, L. Grandinetti, G.R. Joubert, Vol. 18, pp. 157-173, September 2009

5. B. Demuth, B. Schuller, S. Holl, J.M. Daivandy, A. Giesler, V. Huber, S. Sild, The UNICORE Rich Client: Facilitating the Automated Execution of Scientific Workflows, Proceedings of the 6th IEEE International Conference on e-Science (e-Science 2010), pp. 238 - 245, IEEE Computer Society Press, ISBN 978-1-4244-8957-2, December 2010.

User-Oriented Provisioning of Secure Virtualized Infrastructure Marcin Jarząb, Jacek Kosiński, Krzysztof Zieliński, Sławomir Zieliński Department of Computer Science, AGH University of Science and Technology al. Mickiewicza 30, 30-059, Kraków, Poland email: {mj,jgk,kz,slawek}@agh.edu.pl phone: (+48 12) 617 51 02, fax: (+48 12) 633 94 06

1. Introduction. On-demand provisioning of computational services has been a goal for research efforts for many years. According to the American National Institute of Standards and Technology definition, on-demand provisioning is one of five essential characteristics of the cloud computing paradigm. Cloud services are typically specified as belonging to one of three classes: IaaS (which stands for Infrastructure as a Service), PaaS (Platform as a Service) and SaaS (Software as a Service). The chapter will present the results of research experiments conducted in the PL-Grid Project, which were focused on provisioning virtualized infrastructure to the end users. The experiments were focused of providing IaaS/PaaS class of service upon PL-Grid infrastructure. In order to make the on-demand provisioning feasible, an interface for communications between infrastructure users and providers needs to be established. The information that needs to be exchanged between the users (regarding their needs) and providers (regarding their offers) depends on the service of interest. In the presented case, the users are offered a possibility to declare their needs as sets of interconnected virtual appliances, which are virtual machines with pre-installed applications. The user-specified networks are referred to as “VM sets”. 2. Description of the solution. There are two distinct views upon the virtualized infrastructure:

provider’s (infrastructural) and users’ (logical). The user-oriented abstraction of the provider’s infrastructure comes as a result of an infrastructure provisioning process. As the result of the provisioning process, the user-specified VM set is deployed upon the provider’s infrastructure (see Fig. 1) and made accessible to the requestor for a specified period of time.

Fig. 1: The result of the deployment of a user-specified VM set upon provider’s infrastructure.

As an input to the process, the provider needs the user to specify the requested capabilities of the appliances, including their number, operating systems, computational capabilities, memory requirements, storage volume etc. The request is then processed by the provider, who schedules the VM creation upon computational infrastructure and configures the virtual network to interconnect the VMs. Then, the virtual machines’ operating systems are configured (profiled) in accordance with the user’s requests. In the final step of configuration stage, the provider creates a virtual private network (VPN) endpoint for the user. As an output of the process, the provider creates a document containing a description of the user’s endpoint of the VPN. To support the users in creating the request descriptions and the providers in processing them, a few repositories were created, namely:

hardware configuration repository, which keeps track of the provider’s infrastructure state,

virtual appliance repository, which keeps the images of VM appliance templates as well as of actual VM appliances,

virtual infrastructure configuration repository, which goal is to support users’ network deployment. The repositories are fed with content both by humans and by monitoring and management tools, such as the JIMS system. It exposes runtime infrastructure services (IaaS, PaaS) responsible for translation of particular-vendor specific interfaces into a common API providing a set of interfaces used for provisioning. JIMS gathers information related to the virtualized physical resources infrastructure layer with metrics illustrating data about available computational resources; number and type of physical CPUs, amount of memory, hard disks and network interface cards. It exposes an interface for provisioning of new VM instances and re-configuration like migration to another physical node, network configuration, and increasing or decreasing CPU and memory resources. It also supports deployment of custom extensions for monitoring and management of running workloads within VM instances. 3. Results. The described solution addresses a few key aspects of computation security, in particular:

security of network traffic,

authentication, authorization and accounting (AAA) mechanisms for user groups,

support for backups of VM appliances, based on the ZFS file system features. The network traffic security is assured by applying two key mechanisms. One of them is the aforementioned secure network connection to the infrastructure deployed for the users. The VPN allows for logical separation of network traffic between the user and provider premises. Inside the provider’s infrastructure, the traffic is not encrypted, but separated with appropriate virtual LAN (VLAN) configuration. 4. Conclusions. The presented approach takes into account the possibility of sharing a logical

infrastructure between groups of users. In such case, the infrastructure is requested by a group leader, who is then responsible for maintaining it and has complete control upon the virtual machines’ operating systems. The leader assigns privileges to the other members of the group. The privileges may refer in particular to:

limiting access to the specified subsets of the VM set,

limiting user privileges on particular virtual machines. From the provider’s side, team leader’s operations are supported by providing a VM-set specific LDAP-based configuration repository (a part of the aforementioned virtual infrastructure configuration repository), the VM operating systems can be integrated with, as well as a firewall of user based filtering of incoming network traffic (performed by the access gateway).

Using Advanced Data Mining and Integration in Environmental Prediction Scenarios

Ondrej Habala (1), Ladislav Hluchý (1), Viet Tran (1), Peter Krammer (1), Martin Šeleng (1) (1) Institute of Informatics of the Slovak Academy of Sciences, Bratislava, Slovakia

Modern society with ever-evolving methods of fast transportation, expanding urban centers and increasing population density in previously unpopulated rural areas requires always accurate meteorological predictions not only of the general weather conditions, but also of various significant meteorological phenomena [1]. For some of these, there are no accurate physical models, or if they are available, their customization to a particular target area is unfeasible because of its complexity and often missing prerequisites, like past observations or a detailed topological map. To overcome these difficulties, we have performed several experiments with applying data mining techniques to a set of carefully chosen meteorological and hydrological scenarios. While data mining has been used in meteorology for a long time, the scenarios we have chosen have not been previously covered, especially not in the target area we have chosen. They have been designed and evaluated by domain experts, and their design was driven by current needs of these experts and their employers. In their design we have also used our previous experience in applying information technologies to environmental predictions [3]. These experiments are part of the FP7 project ADMIRE, and additionally to serve as an experimental platform for meteorologists and hydrologists, we have used them as a testing platform for a suite of advanced data integration and data mining (DMI) tools, developed within this project. The idea of the project ADMIRE is to develop an advanced DMI platform accessible even to users who are not familiar with data mining techniques. To this end, we have designed a novel DMI architecture, supported by a set of software tools, managed by DMI process descriptions written in a specialized high-level DMI language called DISPEL, and controlled via several different user interfaces, each performing different set of tasks and targeting different user group. In this paper we present the results of the project ADMIRE from the point of view of our environmental pilot application. We describe the methods ADMIRE uses to integrate geographically distributed data sets, stream them through a series of filters and processing elements using the OGSA-DAI platform [2], and deliver the results to the end users who have requested them. The project has successfully finished with a final review in July 2011, and the final platform allows easy development of complex DMI scenarios using existing library of processing elements. References 1. Bartok, J., Habala, O., Bednár, P., Gažák, M., Hluchý, L.: Data mining and integration for

predicting significant meteorological phenomena. In ICCS 2010 : proceedings of the 10th International Conference on Computational Science. Eds P.M.A. Sloot, G.D. van Albada, J. Dongarra. - Amsterdam : Elsevier, 2010, vol. 1, iss. 1, p. 37-46. ISSN 1877-0509.

2. Jackson, M., Antonioletti, M., Dobrzelecki, B., Chue Hong, N.: Distributed data management with OGSA-DAI. In: Grid and Cloud Database Management (eds. Fiore, S. and Aloisio, G.), Springer-Verlag, 2011.

3. Habala, O., Mališka, M., Hluchý, L.: Service-based flood forecasting simulation cascade in K-Wf Grid. In Cracow ´06 Grid Workshop : K-Wf Grid. Editor Marian Bubak, Steffen Unger. - Cracow, Poland : Academic Computer Centre CYFRONET AGH, 2007, p. 138-145. ISBN 978-83-915141-8-4.

Using BOINC Desktop Grid to Solve Large Scale SAT Problems Mikhail Posypkin (1), Alexander Semenov (2), Oleg Zaikin (2) (1) Institute for Systems Analysis of RAS, Moscow, Russia (2) Institute for System Dynamics and Control Theory of SB RAS, Irkutsk, Russia Many practically important problems can be considered as problems of inversion of discrete functions. For example, verification problems in microelectronics, analysis of discrete automaton models, cryptography etc. In [1] a technique for solving such problems by reducing them to SAT (Boolean Satisfiability Problem) was proposed. This technique is based on the following approach: discrete functions inversion problems are considered as problems of solving equations of the type “CNF=1” (CNF – Conjunctive Normal Form). The resulting SAT problems are hard and require lots of computational resource. That is why using parallel and distributed computing to resolve SAT problems became quite popular nowdays. Among recent works on SAT resolution on desktop grids (DGs) the paper [3] should be mentioned. In this paper a distributed SAT solver for peer-to-peer desktop grids was proposed. In our work we describe another promising approach based on volunteer DG with client-server architecture. This approach was implemented using SZTAKI Desktop Grid package [4] for BOINC volunteer computing platform. To make the original SAT problem suitable for the executing on DGs we split the SAT problem into several subproblems using a simple decomposition techniques. We select a set of variables and decompose the original problem by assigning values to these variables. Since all variables are binary we obtain 2

n subproblems for n selected variables. The key issue affecting efficiency is the proper

selection of variables for assignment. We developed a special techniques for finding such variables. This techniques is explained in [1] in detail. We created a special BOINC project called PD-SAT [5] for solving SAT problems. It was implemented using DC-API [6]. Client part of the application is based on publically available SAT solvers minisat 1.14.1 and minisat 2.0 [7] modified to take into account peculiarities of CNFs encoding for original discrete functions. We tested our approach on a DG consisting of the BOINC server and 15 client PCs (11 with dualcore CPUs and 4 with quadcore). Base CPU frequency of client PCs varied from 1.66 to 3.16 GHz (CPU frequency is the main factor affecting the speed of SAT problem resolution). For testing we used the inversion of the keystream threshold generator with initialization sequence of length 80. Ten test problems were successfully solved. The resolution time varied from 3 h. 36 min to 7 h. 17 min which means about 6-8 time speedup w.r.t. a single dual core machine. Obtained results showed that large-scale SAT problems can be successfully resolved on BOINC-based DGs. In the near future we plan to expand our Deskop Grid infrastructure and to use our BOINC project for solving some practically important hard problems that can be reduced to SAT.

Acknowledgements. This work was supported by Russian Foundation for Basic Research (Grants No.11-07-00377-a and No.10-07-00301-a) and by Lavrentiev grant of SB RAS.

References 1. Oleg Zaikin, Alexander Semenov. Large-block parallelism technology in SAT problems. Control

sciences. No. 1. pp. 43–50, 2008. 2. Alexander Semenov, Oleg Zaikin, Dmitry Bespalov and Mikhail Posypkin. Parallel logical

cryptanalysis of the generator A5/1 in BNB-Grid system. LNCS 6873, pp. 473-483, Springer, 2011. 3. Sven Schulz and Wolfgang Blochinger. Parallel SAT Solving on Peer-to-Peer Desktop Grids.

Journal Of Grid Computing, Vol. 8 No. 3 pp. 443-471, 2010. 4. P.Kacsuk, J.Kovács, Z. Farkas, A. Cs. Marosi, G. Gombás and Z. Balaton. SZTAKI Desktop Grid

(SZDG): A Flexible and Scalable Desktop Grid System. Journal Of Grid Computing, Vol 7, No. 4, pp. 439-461, 2009.

5. BOINC project PD-SAT http://sat.isa.ru/pdsat/ 6. Z. Balaton, G. Gombas, P. Kacsuk, A. Kornafeld, J. Kovacs, A. C. Marosi, G. Vida, N. Podhorszki,

and T. Kiss. Sztaki desktop grid: a modular and scalable way of building large computing grids. In Proc. of the 21th Int. Parallel and Distributed Processing Symposium, Long Beach, California, USA, pp. 1-8, 2007.

7. The MiniSat page http://minisat.se/MiniSat.html

WS-VLAM - a Workflow Management System

for e-Science Applications

Reginald Cushing(1), Spiros Koulouzis(1), Adam S. Z. Belloum(1), and Marian Bubak (1,2)

(1) Informatics Institute, University of Amsterdam, The Netherlands

(2) AGH University of Science and Technology, Department of Computer Science, Krakow, Poland

WS-VLAM is a follow-up of a Grid based workflow system (VLAM) which aimed at covering the entire lifecycle of scientific workflows [1][2]. WS-VLAM end-users are able to share workflows, reuse each other workflow components, and execute workflow on resources across multiple organizations [3].

The WS-VLAM system combines the ability to take advantage of the underlying Grid infrastructure and a flexible high-level rapid prototyping environment. This approach results in virtualization of the complex and distributed computing and storage infrastructure. The architecture has been designed to reduce the dependency among the multiple instances of running workflows. A new web service responsible for farming activities has been added to the WS-VLAM core services, when farming requirements are included in the workflow description, the service generates a list of workflow descriptions. Each workflow instance is executed independently by a separate workflow engine instance, thus reducing the possibility of global failure of the farmed workflows. WS-VLAM supports also farming at task level, allowing farming a specific workflow component to optimize the overall workflow execution.

A new method for auto-scaling data-centric workflow tasks has been added, the scaling is achieved through a prediction mechanism where the input data load on each task within a workflow is used to compute the estimated task execution time [4]. E-Science applications are increasingly relying on orchestrating workflows of static web services. The static nature of these web services means that workflow management systems have no control over the underlying mechanics of such services. This lack of control manifests itself as a problem as optimization techniques such as data-locality aware deployment and clustering cooperating services are very difficult. To address these problems, WS-VLAM implements a non-intrusive approach for dynamic deployment of scientific web services onto common distributed resources and as such enable back-to-back communication between cooperating web services, fuzzy controlled autonomous scaling and an autonomous web service workflow orchestration [5].

For legacy scientific Web Service which need to process large datasets in complex data-intensive applications, a generic and simple solution is provided, and which consist of a ProxyWS that uses a multitude of protocols to transport large data. The ProxyWS undertakes data transfers, on behalf of legacy Web Services [6] Acknowledgements. This work was supported by EU project VPH-share, and COMMIT ( a national research program funded by the Dutch government). References

1. V. Korkhov et al. VLAM-G: Interactive data driven workflow engine for Grid-enabled resources, Scientific Programming 15 (2007) 173–188 173 IOS Press

2. SigWin-Detector workflow has been developed in the VL-e project to detect ridges in for instance a Gene Expression sequence or Human transcriptome map, BMC Research Notes 2008, 1:63 doi:10.1186/1756-0500-1-63.

3. A.S.Z. Belloum, Vladimir Korkhov, Spiros Koulouzis, Marcia A Inda, and Marian Bubak: Collaborative e-Science experiments: from scientific workflow to knowledge sharing, IEEE

Internet Computing (INTERNET) 15(4):39-47, 2011 4. Reginald Cushing, Spiros Koulouzis, Adam S. Z. Belloum, Marian Bubak, Prediction-based

Auto-scaling of Scientific Workflows 9th International Workshop on Middleware for Grids, Clouds and e-Science (MGC'2011), Lisbon Portugal December 2011

5. Reginald Cushing, Spiros Koulouzis, Adam S. Z. Belloum, Marian Bubak Dynamic Handling for Cooperating ScientificWeb Services, 7th IEEE International Conference on e-Science, December 2011, Stockholm, Sweden

6. Spiros Koulouzis, Reginald Cushing, Konstantinos Karasavvas, Adam Belloum, Marian Bubak: Enabling web services to consume and produce large distributed datasets, IEEE Internet Computing, 2012, http://www.computer.org/portal/web/csdl/doi/10.1109/MIC.2011.138