CEP sessions at the OMG Real-Time July 08 workshop


 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Complex Event Processing RSS News CEP sessions at the OMG Real-Time July 08 workshop
# 1  
Old 07-21-2008
CEP sessions at the OMG Real-Time July 08 workshop

vincent
07-21-2008 11:00 AM
In among the sessions at the recent OMG Real-Time Distributed Object workshop were 2 interesting CEP papers. The first was by the Naval Surface Warfare Center on their evaluations of CEP technologies and tools for potential Navy use. Their goal is to replace certain “hard coded” event processing logic in expensive systems with some more flexible event processing system(s), especially in “soft” (non-combat) applications such as Quality Of Service (QOS) management, fault management, status monitoring and readiness assessment. Some of the interesting points that came across included:

  • The Navy had gone to industry, asking for commercial CEP tooling, in the late 90s to early 00s - and had got the reply that there was no business case for such a tool. Naturally, they were now delighted to have so many to look at and choose from (and to have had their original requirement proven correct).

  • A major issue was the “lack of standards” and/or “equivalent competitive products” to avoid vendor lock-in, even though the presenter (who had attended the OMG CEP standards event in March) recognized there was no compelling business case for the smaller vendors to develop such standards. But the message was clear - without standards, CEP faces an uphill battle for adoption in the DOD. [Funnily enough I had presented a more optimistic view on this topic in the previous session (such as the development of OMG PRR and W3C RIF for representing production rules for event pattern detection).]

  • A lot of work had gone into developing metrics for CEP systems. These included:

    • runtime performance
    • architecture scalability
    • fault tolerence
    • IT fit (including availability of adapters to other event providers)
    • ease of use
  • Other work had gone on into runtime performance measurements and benchmarks, such as throughput and latency versus:

    • numbers of rules
    • numbers of rules used
    • rule complexity
    • rate and complexity of incoming events
  • Example CEP applications that could be of interest included:

    • Semantic Event Processing, such as routing messages between systems and converting them to the appropriate measurement units and ontologies
    • Monitoring military checkpoints in realtime
    • Tactical situation monitoring.
My only caveat from this session was an impression (from some of the slides) that NSWC were still thinking in terms “event driven application servers” [*1] as the default / de facto solution for CEP. But of the major app server vendors mentioned, none use their mainstream app server products for CEP (and presumably for good reason)…

The second session was from a middleware vendor, who had teamed up with a CEP vendor to do some DOD-funded research on applying CEP to system monitoring and network intrusion. The idea here is that there may be 100s of tools on a network such as Scanners, Sniffers, System Fingerprinting, System Monitors, Vulnerability Databases, Monitoring (such as HP OpenView), and Intrusion Detectors (such as SNORT), that all contribute evidence or information that can be aggregated and correlated using CEP. This seemed an emminently “sensible” approach to applying CEP to network security -* re-using existing, proven techniques and adding value by combining them together.

Notes:

[1] Favorite quote from this Wikipedia article (at the time of writing): “Application servers are a throwback to mainframe computing”.

Image

Source...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Converting real time to epoch time

# date +%s -d "Mon Feb 11 02:26:04" 1360567564 # perl -e 'print scalar localtime(1360567564), "\n";' Mon Feb 11 02:26:04 2013 the epoch conversion is working fine. but one of my application needs 13 digit epoch time as input 1359453135154 rather than 10 digit epoch time 1360567564... (3 Replies)
Discussion started by: vivek d r
3 Replies

2. UNIX for Dummies Questions & Answers

Active sessions open or long time

What kind of problems can be faced if any session which connects to unix server is open for longer time? How to find out from how much time that session is idle? :) (2 Replies)
Discussion started by: anandgodse
2 Replies

3. Shell Programming and Scripting

Shell script to convert epoch time to real time

Dear experts, I have an epoch time input file such as : - 1302451209564 1302483698948 1302485231072 1302490805383 1302519244700 1302492787481 1302505299145 1302506557022 1302532112140 1302501033105 1302511536485 1302512669550 I need the epoch time above to be converted into real... (4 Replies)
Discussion started by: aismann
4 Replies

4. UNIX for Advanced & Expert Users

Max sessions a single user can've on Solaris server at the same time

There's a user that opens various login sessions with a particular SOLARIS server at the same time - this locks the server thats tried to get logged into.. Kindly help on how to know the max limit of sessions a particular user can open with a particular server at the same time. AND, how to... (2 Replies)
Discussion started by: its.simron
2 Replies
Login or Register to Ask a Question