Heading Off Correlated Failures through Independence-as-a-Service

Today's systems pervasively rely on redundancy to ensure reliability and availability. In complex multi-layered hardware/software stacks, however - especially in clouds where many independent businesses deploy interacting services on common infrastructure - seemingly independent systems may share hidden dependencies, undermining redundancy efforts and creating unanticipated correlated failure risks. Complementing existing post-failure forensics, we propose Independence-as-a-Service (or INDaaS), an architecture to proactively analyze complex systems for common components and correlated failure risks. INDaaS first collects structural dependency information from a variety of sources via pluggable collection modules, currently including network, hardware, and software dependencies. INDaaS then uses this data to quantify the independence of systems of interest, using analysis modules exhibiting varying performance, precision, and data secrecy tradeoffs. While the most general and efficient modules assume a trusted party (e.g., an auditor) holds all the data, INDaaS can employ private set intersection to detect hidden dependencies even across businesses unwilling to share complete dependency information with anyone.We evaluate INDaaS's practicality and performance via three case studies using realistic network, hardware, and software dependency datasets.