Metricizing (Mis)Configuration
Presenter
Roy Maxion, Carnegie Mellon University
Time
Session I - 8:30am - 10:00am
Abstract
Various devices in a network-centric or computer-centric society can be configured in myriad ways. Some of those ways are right, and the rest are wrong. When they’re wrong, the consequences can be serious. What’s needed, of course, is a way of configuring the world’s hundreds of thousands of switches, servers, routers, file-access privileges, and so forth so that they’re all correct. How do we do this? So far, not very well, and perhaps for more than one reason; but one view of the problem’s root cause is that configuration-management tools are not usable. If this is true, then we need to make these tools sufficiently usable so that deployed configurations can be assured as being correct. Therefore we have (at least) two problems: making configurations assurable, and making configuration-management tools usable (and perhaps assurable). How should this be done, and what science should be brought to bear in finding solutions to these problems?
Science is nothing if it is not metrical. This suggests that if we have no metrics and no way to measure things like usability, assurance and correctness, then we will have a very hard time making steady forward progress in the quest for dependable configuration management. This talk explores some of the likely issues involved in establishing an experimental, measurement-based search for configuration tools that assuredly need to work correctly. Analogies and examples from other fields will be presented in anticipation that we can learn from them.
Presentation
Download (PDF, 0.2 MB)