Person:
Pande, Santosh

Permanent Link
https://hdl.handle.net/1853/71573
Associated Organization(s)
Organizational Unit
ORCID
ArchiveSpace Name Record

Filters

2002 - 2010 9
9
9
9
9
Reset filters

Settings

Publication Search Results

Now showing 1 - 9 of 9
  • Thumbnail Image
    Item
    CT-ISG: Intrusion tolerant software: Achieving confidentiality, availability, and integrity simultaneously
    (Georgia Institute of Technology, 2010-07-26) Pande, Santosh ; Zhang, Kun
  • Thumbnail Image
    Item
    Dominant Variance Characterization
    (Georgia Institute of Technology, 2010) Kumar, Tushar ; Pande, Santosh
    There are a whole range of program analysis techniques that characterize different aspects of an application’s performance: hot-spots, distinct phases of behavior, code segments that could potentially run in parallel, etc. For a growing class of applications, there is a need to add another analysis technique to the repertoire that can characterize the locations and underlying causes of execution time variance in repetitive parts of the application. In this paper we introduce the notion of dominant variance analysis of an application. We illustrate the unique performance optimization benefits of performing such an analysis. We motivate that traditional program analysis and profiling techniques are not sufficient to analyze the variant execution time behavior of the application. We introduce a new program representation called Variance Characterization Graph that is used both as the intermediate representation to enable the dominant variance analysis and as the final representation that provides concise and actionable information to programmers. We identify the unique challenges associated with characterizing the dominant behavior of an application and develop a methodology based on statistical pattern matching to efficiently recognize dominant patterns of behavior.
  • Thumbnail Image
    Item
    Collaborative research: ITR: global multi-scale kinetic simulations of the earth's magnetosphere using parallel discrete event simulation
    (Georgia Institute of Technology, 2009-11-30) Fujimoto, Richard M. ; Pande, Santosh ; Perumalla, Kalyan S. ; Omelchenko, Yuri ; Driscoll, Jonathan
  • Thumbnail Image
    Item
    ITR: collaborative research: morphable software services: self-modifying programs for distributed embedded systems
    (Georgia Institute of Technology, 2008-12-14) Schwan, Karsten ; Pu, Calton ; Pande, Santosh ; Eisenhauer, Greg S. ; Balch, Tucker
  • Thumbnail Image
    Item
    Compiler Assisted Dynamic Management of Registers for Network Processors
    (Georgia Institute of Technology, 2005) Collins, Ryan ; Alegre, Fernando ; Zhuang, Xiaotong ; Pande, Santosh
    Modern network processors such as the Intel IXP family hide the latency of slow instructions by supporting multiple threads of execution. Context switches in the IXP architecture are designed to be very fast. However, the low overhead is partly achieved by leaving register management to programs, with little support from the hardware. The complexity of the multi-engine, multi-threaded environment makes manual register management a daunting task, which is better left to the compiler. However, a purely static analysis may not be able to achieve full utilization of the register file due to conservative estimates of liveness. A register that is live across a context switch point must be considered live for the duration of all other threads, and so it must be assumed to be unavailable to other threads. In addition, aliasing further reduces the effectiveness of static analysis. The net effect is a large number of idle cycles that are still present after static optimization. We propose a dynamic solution that requires minimal software and hardware support. On the software side, we take a pre-allocated binary file and annotate the potential context switch instructions with information about the dead registers. On the hardware side, we try to rename all transfer registers and addresses to dead general purpose registers and update the vector of used registers. We then replace the long-latency memory instructions with fast move instructions in the architecture using the dynamic context. The results show up to 51% reduction in idle cycles and up to 14% increase in the throughput for hand coded applications.
  • Thumbnail Image
    Item
    Hardware Supported Anomaly Detection: down to the Control Flow Level
    (Georgia Institute of Technology, 2004-03-10) Zhang, Tao ; Zhuang, Xiaotong ; Pande, Santosh ; Lee, Wenke
    Modern computer systems are plagued with security flaws, making them vulnerable to various malicious attacks. Intrusion detection systems have been proposed to protect computer systems from unauthorized penetration. Detecting an attack early on pays off since further damage is avoided and resilient recovery could be adopted. An intrusion detection system monitors dynamic program behavior against normal program behavior and raises an alert when anomaly is detected. The normal behaviour is learnt by the system through training and profiling. However, all current intrusion detection systems are purely software based and thus suffer from huge performance degradation due to constant monitoring operations inserted in the application code. Due to the potential performance overhead, software based solutions cannot monitor the program behavior at a very fine level of granularity, thus leaving potential security holes as shown in [5]. In this paper, we propose a hardware-based approach to verify the control flow of target applications dynamically and to detect anomalous executions. With hardware support, our approach offers multiple advantages over software based solutions including near zero performance degradation, much stronger detection capability (a larger variety of attacks get detected) and zero-latency reaction upon anomaly and thus much better security.
  • Thumbnail Image
    Item
    HIDE: Hardware-support for Leakage-Immune Dynamic Execution
    (Georgia Institute of Technology, 2003) Zhuang, Xiaotong ; Zhang, Tao ; Pande, Santosh ; Lee, Hsien-Hsin Sean
    Secure processors have been recently introduced, which enable new applications involving software anti-piracy, program execution certification, and secure mobile agents. Secure processors have built-in hardware support for cryptographic mechanisms and can prevent both software attacks and physical attacks. Several recent papers have shown how to construct a secure processor to protect the confidentiality [1][2][3]and integrity[4][3] of a program. The proposed designs are immune from spoofing, splicing and replay attacks. However, none of the previous work is able to address the attacks due to information leakage on the address bus. Dangers due to information leakage on the address bus have been acknowledged to be an important as well as a difficult problem[1]. In fact, in [4]this problem is actually the trigger of the replay attack described. In this paper, we show that several attacks are possible by monitoring the instruction access sequence on the address bus. Such attacks could emanate from identifying the core algorithms by pattern matching the control flow graph or from finding out or narrowing down critical variables that decide outcomes of conditional branches. We analyze the causes behind such information leakage and then determine the primary requirement that must be met to prevent it. Based on this requirement, we propose HIDE, a hardware-based approach to hide the instruction access sequence. The main goal of HIDE is to construct a fixed instruction access sequence issued to the memory to achieve zero leakage of control flow information, giving a security guarantee. Our base approach involves constructing a fixed instruction access sequence covering the whole program (called base access ring) to hide the actual instruction fetch. This might however lead to severe performance degradation due to tremendous stalls making the framework infeasible. Therefore, we propose two approaches to overcome this problem. In our scheme, the architecture dynamically tracks a hot function set. Based on the hot function set, the first approach involves prefetching blocks accordingly into an on-chip prefetch buffer. The second approach establishes a secondary access ring, which is smaller and faster than the base access ring. The instruction blocks are prefetched from the base ring into the secondary ring instead. We observe considerable elimination of degradation due to our architectural improvements. For 512K L2 cache, the degradation is reduced from 73% to 38%; for 1M L2, it is cut from 65% to 34% with a reasonable amount of hardware resource.
  • Thumbnail Image
    Item
    Method Partitioning - Runtime Customization of Pervasive Programs without Design-time Application Knowledge
    (Georgia Institute of Technology, 2002) Zhou, Dong ; Pande, Santosh ; Schwan, Karsten
    Heterogeneity, decoupling, and dynamics in distributed, component-based applications indicate the need for dynamic program customization and adaptation. Method Partitioning is a dynamic unit placement based technique for customizing performance-critical message-based interactions between program components, at runtime and without the need for design-time application knowledge. The technique partitions message handling functions, and offers high customizability and low-cost adaptation of such partitioning. It consists of (a) static analysis of message handling methods to produce candidate partitioning plans for the methods, (b) cost models for evaluating the cost/benefits of different partitioning plans, (c) a Remote Continuation mechanism that "connects" the distributed parts of a partitioned method at runtime, and (d) Runtime Profiling and Reconfiguration Units that monitor actual costs of candidate partitioning plans and that dynamically select "best" plans from candidates. A prototypical implementation of Method Partitioning the JECho distributed event system is applied to two distributed applications: (1) a communication-bound application running on a wireless-connected mobile platform, and (2) a compute-intensive code mapped to power- and therefore, computationally limited embedded processors. Experiments with method Partitioning demonstrate significant performance improvements for both types of applications, derived from the fine-grain, low overhead adaptation actions applied whenever necessitated by changes in program behavior or environment characteristics.
  • Thumbnail Image
    Item
    Optimizing Dynamic Producer/Consumer Style Applications in Embedded Environments
    (Georgia Institute of Technology, 2002) Zhou, Dong ; Pande, Santosh ; Schwan, Karsten
    Many applications in pervasive computing environments are subject to resource constraints in terms of limited bandwidth and processing power. As such applications grow in scale and complexity, these constraints become increasingly difficult to predict at design and deployment times. Runtime adaptation is hence required for the dynamics in such constraints. However, to maintain the lightweightness of such adaptation it is important to statically gather relevant program information to reduce the runtime overhead of dynamic adaptation. This paper presents methods that use both static program analysis and runtime profiling to support the adaptation of producer/consumer-style pervasive applications. It demonstrates these methods with a network traffic-centric cost model and a program execution time-centric cost model. A communication bandwidth critical application and a computation intensive application are used to demonstrate the significant performance improvement opportunities offered by these methods under the presence of respective resource constraints.