The Science Behind CFEngine

At CFEngine we are proud of our scientific approach to technology development. At every level from enquiry to implementation methodology to program code, we are guided by research, not by convention or fashion.

We make sure that every CFEngine edition satisfies principles of flexible:

      • Scalability
        • Efficiency
        • Dependability

We place these considerations first, because these are what the world's most demanding data centers rely on. It has become fashionable to feign scepticism of science and theory, but at CFEngine we revere the scientific method, because it is the only effective approach to innovation and the only impartial judge of success.

 

Convergence and Promises

The basic science of self-healing is based on two concepts, that emerged in the literature by CFEngine originator Mark Burgess: these are called convergent maintenance and promises.

  • Convergent maintenance refers to the continuous repair of a system state to a desired specification, rather than bringing in fire-fighters in an Event-Condition-Action model. There are limits to how close one is likely to be able to get to a desired state.
  • Promises refer to a formalization of goals in system policies (promises that systems should keep). Promises can only be made by an agent about itself. It makes no sense to propose obligations for others to follow, as these are not enforcable. There are limits to how well a promise can be kept (the same as in convergent maintenance).

In addition to these, we have developed concepts such as Computer Immunology, for efficient approaches to anomaly detection, and the Copernicus Knowledge Map, based on semantic networks called Topic Maps (ISO 13250, see references 5 & 6 below).

An extract of the scientific literature featuring CFEngine

  • M. Burgess, CFEngine: a system configuration engine, University of Oslo report 1993. PDF
  • M. Burgess, CFEngine: a site configuration engine, USENIX Computing systems, Vol8, No. 3 1995 PDF
  • M. Burgess and R. Ralston, Strategies for Distributed Resource Administration Using CFEngine, Software-Practice and Experience 27, 1083 (1997). PDF
  • M. Burgess and D. Skipitaris, Adaptive locks for frequently scheduled tasks with unpredictable runtimes, Proceedings of the 11th system administration conference (USENIX/LISA) October 1997. PDF
  • M. Burgess, Automated system administration with feedback regulation, Software-Practice and Experience 28, 1519 (1998). PDF
  • M. Burgess, CFEngine as a component of computer immune-systems, Proceedings of the Norwegian Informatics Conference 1998
  • M. Burgess, Computer Immunology, Proceedings of the 12th System Administration Conference (USENIX/LISA) 1998, PDF
  • A Somayaji, Towards a Homeostatic Operating System, (University of New Mexico Dissertation proposal) 1999 PDF
  • A.L. Couch and M. Gilfix, It's Elementary, Dear Watson: Applying Logic Programming to Convergent System Management Processes, Proceedings of the 13th System Administration Conference (LISA99), Seattle, WA, USENIX Association, 1999.PDF
  • D. Ressman and J. Valds, Use of CFEngine for Automated, Multi-Platform Software and Patch Distribution, Proceedings of the 14th System Administration Conference (USENIX/LISA) October 2000. PDF
  • M. Burgess, Evaluating cfengine's immunity model, Proceedings of the 2nd SANE system administration conference (USENIX/NLUUG) 2000. PDF
  • M. Burgess and G. Canright, Scalability of peer configuration management in partially reliable and ad hoc networks, (Abridged version), Proceedings of the IEEE/IFIP IM2003 conference on network management. PDF
  • M. Burgess, On the theory of system administration, Science of Computer Programming 49, 2003. p1-46 PDF
  • M. Burgess, Configurable immunity for evolving human-computer systems, Science of Computer Programming 51 2004, p197-213. PDF
  • D. Mayhew, File Distribution Efficiencies: cfengine vs rsync, Proceedings of the 15th System Administration Conference (USENIX/LISA) 2001. PDF
  • C. Beadnall and D. Mayhew, CfAdmin: A User Interface for CFEngine, Proceedings of the 15th System Administration Conference (USENIX/LISA) 2001. PDF
  • M. Burgess and F. Sandnes, Predictable configuration management in a randomized scheduling framework, (with F. Sandnes),IFIP/IEEE DSOM 2001, PDF
  • M. Burgess, Recent Developments in CFEngine, Unix.nl conference, Waardenburg (Netherlands) 2001, PDF
  • M. Burgess, Two dimensional time-series for anomaly detection and regulation in adaptive systems, Proceeding of the IFIP/IEEE DSOM 2002 conference, Springer Lecture Notes on Computer Science. PDF
  • M. Logan, M. Felleisen and D. Blank-Edelman, Environmental Aquisition in Network Management, Proceedings of the 16th System Administration Conference (USENIX/LISA) 2002. PDF
  • L. Kanies, "ISconf: Theory, Practice and Beyond", Proc. LISA 2003, USENIX Assoc., San Diego, CA, Oct 29, 2003, pp. 125-148. PDF
  • A. Couch, J. Hart, E. Idhaw, and D. Kallas, "Seeking Closure In An Open World: A Behavioral Agent Approach to Configuration Management", Proc. LISA 2003, USENIX Assoc., San Diego, CA, Oct 29, 2003, pp. 115. PDF
  • A. Couch and Yizhan Sun, "On the Algebraic Structure of Convergence", Proc. 14th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, Heidelberg, Germany, Springer-Verlag, Inc, pp. 28-40. 2003
  • R. Berbeco, Exploration of Computer Immune Systems, (2004).
  • K. Begnum and M. Burgess, Principle components and importance ranking of distributed anomalies, Machine Learning Journal 58, p217 (2004). PDF
  • A. Couch and Yizhan Sun, "On Observed Reproducibility in Network Configuration Management", Science of Computer Programming Special Issue on System Administration, 53, Elsevier, Inc, 2004, pp. 215-253.
  • M. Burgess, Probabilistic Anomaly Detection In Distributed Computer Networks, Science of Computer Programming, to appear 2005 . PDF
  • M. Burgess, A Tiny Overview of CFEngine: Convergent Maintenance Agent, Proceedings of the 1st International Workshop on Multi-Agent and Robotic Systems, MARS/ICINCO 2005. PDF
  • M. Burgess and A. Couch, Autonomic Computing Approximated by Fixed-Point Promises, Proceedings of First IEEE International Workshop on Modelling Autonomic Communication Environments (MACE2006). p197-222 PDF
  • Matus Harvan, Policy Conflict Detection for CFEngine. Technical Report, International University of Bremen, Germany.
  • Mark Burgess, Alva L. Couch: Modeling Next Generation Configuration Management Tools. LISA 2006: 131-147
  • Fault Detection in Autonomic Networks using the Concept of Promises. Lecture Notes in Computer Science 2007;4785:62-73 (with R. Badonnel)
  • Mark Burgess, Matthew Disney, Rolf Stadler: Network Patterns in CFEngine and Scalable Data Aggregation. LISA 2007: 275-289
  • Kyrre M. Begnum, Mark Burgess: Improving Anomaly Detection Event Analysis Using the EventRank Algorithm. AIMS 2007: 145-155
  • Kyrre M. Begnum, Mark Burgess, John A. Sechrest: Adaptive provisioning using virtual machines and autonomous role-based manag ement. ICAS 2006: 7
  • Alva L. Couch, Hengky Susanto, Marc Chiarini: Estimating Reliability of Conditional Promises. AIMS 2007: 85-96
  • Alva L. Couch, Hengky Susanto, Marc Chiarini: Modeling Change Without Breaking Promises. AIMS 2007: 97-108
  • M. Burgess: Knowledge Management and Promises. Lecture Notes in Computer Science 2009 ;Volum 5637. s. 95-107