COOTS '97 Technical Sessions

This year's Conference on Object Oriented Technologies and Systems (COOTS '97) was held in Portland, Oregon. When attendees were not talking objects at the local micro breweries, they were hearing about recent advances in tools, languages, frameworks, components, and patterns. Most of the technical sessions focused on the increasing demands of distributed computing. Steve Vinoski of IONA Technologies was this year's technical sessions program chair. The tutorial program chair was Douglas C. Schmidt of Washington University. Session topics focused on compilation techniques, distribution, frameworks, security, design patterns, and reliability in distributed systems.

Keynote Address

Bjarne emphasized, however, that programming languages do not solve all the problems. Some programming languages are too low-level for certain problems, which makes them too complicated to use effectively. Conversely, some languages are too high-level for other problems, and hence inflexible and inefficient. Since "one size does not fit all," Bjarne stressed the need for a variety of languages, as well as the tools to enable them to interoperate. He cited CORBA as an example of a system that allows inter-language interoperability.

Bjarne also reminded the audience that even using the right programming language for the task at hand does not automatically result in well designed and reusable code. He concluded that even though some people regard programmers as over-paid geeks, hard working, intelligent, and experienced programmers will always be an essential part of software engineering.

Session One: Compilation Techniques

This session was chaired by Dmitry Lenkov of Hewlett-Packard. Perhaps as a sign of the times, two of the papers covered techniques for compiling Java, whereas one paper covered C++ compiler techniques.

The first paper, "Harissa: A Flexible and Efficient Java Environment Mixing Bytecode and Compiled Code," was presented by Gilles Muller of the University of Rennes. Gilles's group has looked at the many techniques to improve the speed of execution of Java programs, including the Java chip, native compilers, bytecode compilers, and Just-In-Time (JIT) compilers. The Java chip can run Java bytecode directly in hardware. Native compilers produce native code from Java source code. Bytecode compilers take Java bytecode as input and generate native code or code in an intermediatory language such as C. JIT compilers are similar to native compilers, though they typically cannot perform aggressive optimization since compilation is performed on the fly and must therefore incur only a small overhead.

The solution proposed by Gilles is Harissa, a Java environment that includes an off-line bytecode compiler to translate Java bytecode to C and a Java Virtual Machine integrated into the run-time library. These two features allow compiled C code and interpreted Java bytecode to be used together, thereby making Harissa highly flexible. In the process of converting Java bytecode into C code, stack manipulations in Java are tracked and replaced with local variables in C, and Java virtual function calls are converted into non-virtual calls using class hierarchy analysis. The generated C code is run through existing aggressive C compilers to produced highly optimized code. Even though this approach requires multiple steps, the performance gains for computationally intensive applications are often worth the extra effort by the developers and tools.

The second paper in this session was "Montana Smart Pointers: They're Smart, and They're Pointers," by Jennifer Hamilton. When she wrote the paper, Jennifer worked for IBM in Toronto. She recently joined Microsoft (another sign of the times?).

Jennifer's goal was to debunk Daniel Edelson and prove that smart pointers can be smart and still be pointers. Smart pointers are a powerful feature of the C++ language that benefit a variety of applications, such as garbage collection, persistence, and distributed objects. Jennifer talked about the Montana C++ programming environment. Montana is a high voltage C++ environment that performs extremely fast incremental compilations. It exposes the details of the compilation process to observers, and allows them to incorporate extensions before or after compilation. A C++ parser and a code database is integrated into the Montana environment.

Using the example of smart pointers, Jennifer demonstrated how the "IQ" of a smart pointer can be added to built-in pointers. Assignment, initialization, and destruction expressions are all transformed by Montana into intelligent operations. Montana provides an API to the compiler that allows the compilation process to be extended through programmer-supplied tools. It should be noted that such extensions to the language and compilation process are not for average (i.e., Dilbert) class of users. These tools are more likely to utilized by a class library vendor who requires special features.

The final paper of the first session was "Toba: Java for Applications -A Way Ahead of Time (WAT) Compiler," presented by Gregg Townsend from the University of Arizona. Toba is similar to Harissa. The Toba system includes a Java bytecode to C compiler, a garbage collector, a threads package and Java API support. This process of optimization is not suitable for applications such as Java applets that must be run as soon as they are downloaded into the system.

Gregg talked about some of the challenges faced by his team at University of Arizona in developing Toba. The team had to implement its own virtual table to support Java virtual function calls, develop complicated constructs for mapping Java exceptions in C, and create conversions for dealing with UNICODE in C.

Session Two: Distribution I

The second session focused on a common theme at COOTS: distributed object computing. The session chair was Murthy Devarakonda from IBM T.J. Watson Research Center. Yet another sign of the times was that two of the papers in this session focused on CORBA. Perhaps there would have been more papers on CORBA, but mysteriously the "Distribution II" session that would seem to accompany this "Distribution I" session never materialized. Rumor has it that "Distribution II" was held at a local micro brewery by Joe Sventek and Steve Vinoski.

The first paper was "Making CORBA Objects Persistent: The Object Database Adapter,"Presented by Francisco C.R. Reverbel of the University of Sao Paulo, Brazil. Francisco began by explaining how CORBA and persistence have always had a stormy relationship. In fact, the OMG has produced two different specifications to address this problem: (1) the Externalization Service, which records object state in a stream of data and (2) the Persistence Service, which defines APIs for retaining and managing the persistence state of objects. However, neither of these approaches are integrated into the ORB and neither has received much support from ORB vendors or database vendors.

Francisco talked about the integration of object databases with ORBs. The main functionality is provided by an object database adapter (ODA) that integrates an ORB with an OODBMS, providing on-demand activation of dormant objects. The ODA uses delegation (rather than inheritance) to connect user-provided implementations with IDL-generated classes. This is necessary since the implementation objects need to outlive the skeleton objects. Only the CORBA object implementations (now called Servants, thanks to the neologistic wit of Steve Vinoski) are stored in the database and the skeletons objects are not. This lightweight implementation enables database queries and traversals to occur at OODBMS speeds. The IDL-to-C++ mapping is changed such that the skeletons use a database reference to persistence memory, rather than a normal pointer or reference to the servant. ODAs also have support for local transactions using smart filters at the edge of the ORB.

The second talk was "Obtuse: A Scripting Language for Migratory Applications," by Robert P. Cook of the University of Mississippi. After presenting a detailed overview of the Distributed Component Object Model (DCOM) and ActiveX (including automation and security), Robert outlined the scripting language called Obtuse and explained how it can be used to develop migratory applications. A migratory application transfers program state (including user interface) to different Internet locations under program control. The system uses the dynamic capabilities of COM that are similar to DII and DSI in CORBA. Obtuse supports objects like threads, contexts, stacks, files, mutual exclusion variables, and Visual Basic forms. To support these features, Obtuse requires support for migration of object state, self-describing type system, and dynamic binding to interfaces from the underlying system.

The final paper in this session was "Exploiting the IIOP Interface to Provide CORBA with Fault Tolerance," presented by Priya Narasimhan from the University of California, Santa Barbara. Priay explained how their CORBA 2.0-compliant system, External, supports replicated objects and fault tolerance. Eternal exploits the Internet Inter-ORB Protocol (IIOP) by intercepting the IIOP system calls and uses the replication manager to map these calls onto Totem, which is a reliable totally ordered multicast group communication system. No modification to the internal structure of the ORB is necessary, and fault tolerance is transparent to both application and the ORB. Not only was Priya an enthusiatic speaker, but she displayed great chutzpa and was not the least bit offended when Doug Schmidt praised the Eternal project as "The best hack of the year in an academic setting."

Session Three: Frameworks I

The session chair was Joe Sventek from Hewlett-Packard Laboratories. Apparently the stealth Distributed II session purportedly held at a local micro brewery, had a powerful effect on Joe's better judgment, since he agreed to be the program chair for COOTS '98.

The first paper in this session was "Gold Rush: a Mobile Transaction Middleware with Java-Object Replication," presented by Henry Chang from the IBM T.J. Watson Research Center. Gold Rush (previously known as Data Express) provides middleware support for Java applications that reside on mobile clients and connect intermittently to central database servers. When hooked up to the central database, clients cache important information to the local persistent store. The client is then free to manipulate the locally cached data. All changes to the local data are recorded in transaction logs. When the client connects backs with the central server, local data changes are synchronized with the central database by replaying the logged transactions. If conflicts arise, clients are notified and user intervention is required to resolve the conficts. Communication between clients and servers are optimized to economize the use of a slow or expensive connection such as a radio link.

The second talk was "Metis: A Thin-Client Application Framework," by Deborra Zukowski of the IBM T.J. Watson Research Center. Metis is the Greek God of knowledge. His omnipresence motivated IBM to develop this framework to provide networks services (knowledge) to clients. The framework is a three-tiered model based on an impressive array of "J" technologies including Java, Java Beans, and Java RMI. The workspace tier in this framework is made up of lightweight, GUI objects that possess only minimal essential application logic. The client objects in the workspace do not rely on local OS funtionality. Most of the application logic and system functionality is provided by the middle services layer in the framework. These services include location, fault-tolerance, load-balancing, activation, authentication, directory, printing, and data storage. The third and final layer is usually a data store and is accessed through another "J" technology: JDBC.

The final presentation was "Frigate: An Object-Oriented File System for Ordinary Users." The speaker, Ted H. Kim of UCLA, was no ordinary presenter. He began his presentation by graciously acknowledging ARPA for providing grant money for the Frigate project, helping him stay in school and off the streets. Being the last speaker of the day, he did not want to extend his time limit since he was the only obstacle between the attendees and gourmet cuisine at the COOTS reception.

To avoid being trampled by the hungry COOTS horde, Ted quickly outlined the layered Frigate object-oriented file system and pointed out the types of extensions Frigate allows to regular file systems. These extensions include compression, encryption, migration, access control, hot links, compound document architecture, dynamic data, intentional or virtual files, and application types. Frigate represents a marriage of the UNIX file system model based on VFS (Virtual File System) and the CORBA object model. Components in Frigate include documents (typed files), repository (storage for interfaces and implementations of extensions), dispatcher (interceptor of vnode operations), user-level file system servers, and CORBA style Inter-Language Unification (ILU) system from Xerox PARC.

Session Four: Frameworks II

The first session of day two of COOTS, chaired by Daniel Edelson from IA Corporation, picked up where day one left off. (Although he has attended all the C++ conferences and all the COOTS conferences, Daniel still refuses to explain what "IA" stands for.)

The first paper in this session was "Embedded Programming with C++," by Stephen Williams from Picture Elements, Inc. Ironically, Steve had hired Daniel into IA many years ago, though he also refused to expand the abbreviation. Instead, Stephen explain that embedded programming is difficult because of memory constraints, slow CPUs, limited hardware, and the general lack of an operating system. Moreover, since the embedded application in a microwave is not required or expected to run in a VCR, Stephen claimed that portability is usually not a concern of embedded application developers. (Rumor has it that immediately following the conference Jim Waldo rushed Steve off to the "Java Reprogramming clinic" for remedial virtual machine portability training.)

Stephen presented uCR, a micro C/C++ run-time package for embedded program development. uCR essentially provides a mapping from C++ to a CPU; no other services such as a console or OS are assumed. uCR supports thread programming including synchronization variables, interrupt handlers, memory heaps, device drivers, containers, and debugging support. In uCR, devices are modelled in a class hierarchy, and LEDs are modelled using templates. Stephen then addressed performance issues including how unoptimized image (application binary) size can cause cache overflow and slowdown embedded applications. He concluded that C++ is good for embedded programming, since it integrates well with assembly and has simple run-time requirements.

The second paper was "Implementing Optimized Distributed Data Sharing Using Scoped Behavior and a Class Library," by Paul Lu of the University of Toronto. Paul wants to alter and optimize the behavior of objects based on context. This is accomplished by using scoped behavior allowing the programmer incrementally to tune applications on a per-object and per-context basis. Aurora is a C++ class library and run-time system that implements a logical shared data abstraction. Aurora's implementation of distributed shared data is presented as an example of using the scoped behavior technique, where compile-time and run-time interactions are coordinated to provide data sharing. Different phases of computation in research work take advantage of different policies. Scoped behaviour provides a convenient way of providing this flexibility within C++.

The final paper in this session was "Extending the Standard Template Library for Parallelism in Coir<Futures>," presented by Neelakantan Sundaresan from IBM Software Solutions Division. Neelakantan began his presentation with an overview of generic programming and parallelism. He described the Standard Template Library (STL) of C++ as an example of generic programming and described containers, iterators, algorithm objects, functors, and adapter objects in STL. Generic programming is very powerful (if used correctly) and allows N*M*K implementation to be reduced to N+M+K implementations. He then explained the difference between control parallism and data parallism.

Finally, Neelakantan talked about Coir<Futures>, a shared memory system based on generic programming and asynchronous parallelism. Coir supports control parallelism through futures that are built on top of thread constructs. Data parallelism is supported by abstractions of threads groups called ropes that provide a scoping mechanism for non-blocking, multi-threaded, and interleaved data parallism.

Session Five: Security

The second session of the second day was Security, a topic with too many problems and few good solutions. The session chair was Rajendra Raj from Morgan Stanley.

The first talk was "A Tool for Constructing Safe Extensible C++ System," by Christopher Small of Harvard University. Christopher explained how a common feature of modern systems is the extensibility of basic functionality by downloading code into the system. A example of such a system is a Web browser that extends its capabilities by downloading applets. However, such systems must be wary of misbehaving and unstable extensions. This protection may come from special hardware, a trusted interpreter, or a safe language.

Christopher presented MiSFIT (Minimal i386 Software Fault Isolation Tool), a tool for developing safe extensible systems in C++. MiSFIT transforms C++ code into safe binary code to ensure that read, write and jump instructions will not reach outside memory regions assigned to the code. MiSFIT includes run-time support necessary to create a sandbox in which the downloaded code will run. MiSFIT is platform specific and language neutral.

The second presentation was "Krakatoa: Decomplication in Java (Does Bytecode Reveal Source?)," by Scott A. Watterson of the University of Arizona. Scott had a lot of people in the room worried: by revealing Java source code from Java bytecode, Krakatoa threatens to expose company software jewels written in Java to competitors.

The decompilation support provided by Krakatoa uses a complicated reverse-engineering process that reads bytecode, recovers expressions and type information, and produces a control flow graph. Next, the goto statements are eliminated and a Java Abstract Tree (AST) is produced. The AST is transformed and rewritten to produce readable Java source code.

The final paper in this session was "Resource Access Control for an Internet User Agent," presented by Nataraj Nagaratnam of Syracuse University. Nataraj pointed out that systems that download code (such as Web browsers) must provide a framework where users can fine tune access to local system resources for the downloaded code based on their trust relationship with content authors. Current systems either completely disallow access to any local resource or completely allow access.

Nataraj talked about an approach where the user can selectively grant access to resources based on a trust relationship with the principal, who has certified the authenticity of the contents. His proposed infrastructure makes use of digital signatures, trusted source host, and access control lists. The Security Manager mediates the access (sandbox approach) to local resources including client disk, network connections, and local objects. Support for the secure socket layer is also provided.

Session Six: Patterns

Patterns is one of the few topics to rival Java and CORBA for the "Hype of the year award." Fortunately, the session chair was Doug Lea, of SUNY Oswego, who provides a much needed dose of realism in the strongly hyped world of objects.

The first paper of the session was "Service Configurator: A Pattern for Dynamic Configuration of Services," presenter by the "ubiquitous" Douglas C. Schmidt of Washington University. Doug illustrated how the Service Configurator pattern decouples the implementation of services from the time they are configured into the system. The use of this pattern increases flexibility and extensibility of applications by enabling their constituent services to be configured at any point in time.

A well-known example of the Service Configurator pattern is the downloading of Java applets into Web browsers to provide new functionality. Doug presented the example of TAO, a real-time ORB, as another use-case for the Service Configurator pattern. Since one size does not fit all, various configurations of TAO require the strategization of pressure points of variation in the ORB. This pattern allows the configuration of the system to be delayed until very late in the design cycle, when there is a deeper understanding of the system and available choices. Sometimes this decision is not made until run-time.

The next paper was "Using the Strategy Design Pattern to Compose Reliable Distributed Protocols," presented by BenoÓt Garbinato of the Swiss Federal Institute of Technology (EPFL). BenoÓt explained why the name BAST (an Egyptian cat goddess) was chosen for this project: his project is about reliable protocols, and cats, with their nine lives, are inherently fault tolerent.

Despite the widespread perception of Switzerland as having a temperate climate, BenoÓt described it as a "protocol jungle" consisting of two species: (1) application programmers, who are interested in developing reliable distributed applications (and don't care much about protocol details) and (2) protocol programmers, who develop distributed protocols using new alogorithms and reusing existing mechanisms. A library of isolated protocols classes is not adequate to survive in this protocol jungle. Instead, BenoÓt claims a sophisticated framework is necessary to incrementally build reliable protocols with complex interdependencies on other protocols.

The BAST framework is designed to structure reliable, distributed systems by allowing complex distributed protocols to be composed in a flexible manner. BAST has multiple protocol classes ranging from unreliable protocols to reliable atomic broadcast protocol. Algorithms are represented as objects and the strategy pattern is used in a recursive manner in BAST to compose these algorithms and resolve the complex protocol dependencies.

After BenoÓt remarked that Java is Smalltalk dressed as C++, COOTS chairman Steve Vinoski presented him with the Best Student Paper Award. When asked later to clarify the relationship between these two events, Steve curtly replied "Post hoc, ergo propter hoc" and "I need a beer."

Panel on Reliable Distributed Object Systems

This panel was the final event of COOTS '97. The original moderator, Jim Waldo, had to fly to the Bay Area to lobby for the integration of IIOP and RMI. Therefore, Doug Schmidt took his place as moderator. The other panelists included Jorge Simão from New University of Lisbon, Priya Narasimhan from the University of California, Santa Babara, BenoÓt Garbinato from EPFL, and Brent E. Modzelewski from Worcester Polytechnic Institute.

The members of the panel presented their views on the topic of reliable distributed object systems via short presentations, then fielded questions from the audience about their projects as well as about reliable distributed computing in general. Most of the panelists had implemented reliability through fault tolerence by having reliable group communications between replicated objects. Different implementations provided different level of transparency - some were transparent to both clients and servers and some were transparent only to clients. Some implementations were based on reliable multicast, whereas others were based on binary tree propogation of unicast messages in the system.

Most of the questions from the audience were about implementation tradeoffs such as transparency, underlying protocols and networks, and extensibility. A noted CORBA enthusiast attempted to ask a security and interoperability question with 27 parts. Fortunately, he passed out after asking only four of the questions.

Steve Vinoski concluded the proceedings by thanking the attendees, the program committee, and the USENIX staff. He then introduced Joe Sventek, who is the program chair for COOTS '98. Overall, COOTS '97 was perceived as the best conference in the series thus far. We look forward to seeing you there again next April in Sante Fe.