The First International Workshop on
Dependability and Security of System Operation
(DSSO 2014)

Atlanta, Georgia USA
June 23, 2014

In conjunction with 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2014)

DSN 2014


A large amount of system downtime is caused by failures in processes on the system operation (or administration) level. An operations process is intended to prepare an environment for some activity involving a target system - installation, upgrade, reconfiguration, or the like. An operations process may be executed by scripts, operations tools, code (as in "infrastructure as code"), or humans, usually based on some specification.

With the rise of the Development-Operation (DevOps) and continuous delivery movements, the tempo of operations processes, the automation of these processes, and the possibility of concurrent and conflicting execution of several operations processes are all increasing. In the meantime, large-scale use of Infrastructure/Platforms as Services (IaaS/PaaS) and resource sharing in virtualisation introduces more uncertainties into the environment.

Dependability and security issues can come from anywhere in the process - the specification, the code/scripts/tools/human involved, the target system, or the environment. Failures need to be prevented, detected, diagnosed, recovered from, or tolerated in the context of system operation processes.

The goal of the workshop is to bring together researchers from academia and industry to discuss dependability and security issues of system operation and techniques to reduce the downtime caused by these issues. Topics include but not limited to the following:
  • Architectures or systems impact on operations
  • Best practices and patterns in system operation
  • Canary testing and production environment testing
  • Dependability/Security in configuration management
  • Dependability/Security in disaster recovery and business continuity
  • Dependability/Security in Infrastructure as Code, Software Defined Infrastructure, Software Defined Networks
  • Dependability/Security in operating HPC or Map-Reduce clusters
  • Dependability/Security in release engineering, continuous build and deployment
  • Development-Operation (DevOps) process interactions
  • Experience reports and data analysis of real-world system operation
  • Error diagnosis and root cause analysis during system operation
  • Failure/Fault detection/prevention/tolerance during system operation
  • Test driven system operations
  • Tolerance of variability


This is a morning-only workshop.
  • 8:30-9:30 Opening and Keynote
  • 9:30-10:30 Paper session 1 (2 papers, each 30 mins including Q&A)
  • 10:30-11:00 Coffee Break
  • 11:00-12:30 Paper session 2 (3 papers, each 30 mins including Q&A)
  • 12:30 Wrap-up
Keynote: Are we keeping the security and dependability balance in the DevOps world?

Speaker: Paulo Esteves Veríssimo, Univ. de Lisboa, Faculdade de Ciências, LaSIGE , Portugal

Abstract: Intensive use of cloud paradigms, from infrastructure, through platforms, to applications, has led to computing and communications becoming commodities which societies largely depend on. This in turn has naturally imposed a continuous delivery model for the deployment of IT applications and systems. However, such models, used for long in non-IT businesses, make certain assumptions about the environments they’re supposed to run on, such as stability of the fundamentals. One critical assumption to be maintained in IT development and operations (DevOps) is that the security and dependability balance is not disturbed as new services, applications, reconfigurations, etc., are deployed. The talk discusses whether the internet/cloud complex is mature enough that we can safely rely on that balance, as uncertainties are introduced everyday into the environment, and threats and vulnerabilities do not seem to decrease. Attempting to shed light into this question, we digress through the recent evolution of risks in two prominent facets of this problem: cloud computing in general, and software defined networking as enablers of network-as-a-service in particular.

Session 1 - Design Strategies for Dependability
  • Toward Design Decisions to Enable Deployability; Empirical Study of Three Projects Reaching for the Continuous-Delivery Holy Grail by Stephany Bellomo, Rick Kazman, Neil Ernst and Robert Nord
  • Towards a Taxonomy of Cloud Recovery Strategies by Min Fu, Len Bass and Anna Liu
Session 2 - Error Detection and Diagnosis
  • Predicting Incident Reports for IT Help Desk by Anneliese Andrews and Joseph Lucente
  • What Vulnerability Do We Need to Patch First? by Jin B. Hong, Dong Seong Kim and Abdelkrim Haqiq
  • What Logs should you Look when an Application Fails? Insights from an Industrial Case Study by Marcello Cinque, Domenico Cotroneo, Raffaele Della Corte and Antonio Pecchia


Workshop paper submissions: March 14, 2014 (closed)
Notification to authors: April 11, 2014(notified)
Camera-ready: April 28, 2014(closed)

The submission and review process will be done using EasyChair (

Submissions must be no longer than 6 pages (including everything) and adhere to the IEEE Computer Society 8.5"x11" two-column camera-ready format. The manuscript templates for MS Word and LaTeX can be found at the following link:

All papers will be peer-reviewed by at least 3 PC members and evaluated based on originality, technical quality and relevance to the workshop.

Workshop papers will be published and archived as a separate DSN-W volume on IEEE Xplore.

Organizing Committee

Ingo Weber
NICTA/University of New South Wales, Australia

Dong-Seong Kim
University of Canterbury, New Zealand

Wei Xu
Tsinghua University, China

Liming Zhu
NICTA/University of New South Wales, Australia

Program Committee

  • Bram Abrams, Polytechnique Montreal, Canada
  • Javier Alonso, Duke University, US
  • Len Bass, NICTA, Australia
  • Marc Chiarini, MarkLogic Corp, US
  • Marcello Cinque, University of Naples Federico II, Italy
  • Eben Haber, IBM Research, US
  • Rick Kazman, SEI & Uni of Hawaii, US
  • Fumio Machida, NEC,Japan
  • Paulo Maciel, Federal University of Pernambuco, Brazil
  • Iulian Neamtiu, Univ. of California, Riverside, US
  • Eli Tilevich, Virginia Tech, US
  • Rajesh Vasa, Swinburne Uni., Australia
  • Michael Wahler, ABB Corporate Research, Switzerland
  • Eoin Woods, UBS, Canada
  • Xin Ye, DUT, China
  • Ding Yuan, Uni. of Toronto, Canada