About

Azer Bestavros is the inaugural Associate Provost for Computing & Data Sciences and the William Fairfield Warren Distinguished Professor of Computer Science at Boston University. Prior to his appointment in 2019 to lead the Faculty of Computing & Data Sciences, he was the Founding Director of the Center for Reliable Software.

Research topics

• Computer Science
• Social Science
• Sociology
• Distributed computing
• Engineering
• Political Science
• Operating system
• Real-time computing
• Embedded system
• Mathematical economics
• Law
• Public relations
• Engineering ethics
• Programming language
• Mathematics
• Business
• Electrical engineering

Selected publications

• Multi-Regulation Computing

  2022-11-01 · 8 citations

  articleSenior author

  This work examines privacy laws and regulations that limit disclosure of personal data, and explores whether and how these restrictions apply when participants use cryptographically secure multi-party computation (MPC). By protecting data during use, MPC offers the promise of conducting data science in a way that (in some use cases) meets or even exceeds most people's conceptions of data privacy. With MPC, it is possible to correlate individual records across multiple datasets without revealing the underlying records, to conduct aggregate analysis across datasets which parties are otherwise unwilling to share for competitive reasons, and to analyze aggregate statistics across datasets which no individual party may lawfully hold. However, most adoptions of MPC to date involve data that is not subject to privacy protection under the law. We posit that a major impediment to the adoption of MPC - on the data that society has deemed most worthy of protection - is the difficulty of mapping this new technology onto the design principles of data privacy laws. While a computer scientist might reasonably believe that transforming any data analysis into its privacy-protective variant using MPC is a clear win, we show in this work that the technological guarantees of MPC do not directly imply compliance with privacy laws. Specifically, a lawyer will likely want to ask several important questions about the pre-conditions that are necessary for MPC to succeed, the risk that data might inadvertently or maliciously be disclosed to someone other than the output party, and what recourse to take if this bad event occurs. We have two goals for this work: explaining why the privacy law questions are nuanced and that the lawyer is correct to proceed cautiously, and providing a framework that lawyers can use to reason systematically about whether and how MPC implicates data privacy laws in the context of a specific use case. Our framework revolves around three questions: a definitional question on whether the encodings still constitute 'personal data,' a process question about whether the act of executing MPC constitutes a data disclosure event, and a liability question about what happens if something goes wrong. We conclude by providing advice to regulators and suggestions to early adopters to spur uptake of MPC. It is our hope that this work provides the first step toward a methodology that organizations can use when contemplating the use of MPC.

  PublisherDOI

• Bridging the Computer Science -- Law Divide

  2022

  1st authorCorresponding
  • Computer Science
  • Political Science
  • Sociology

  Many pressing societal questions can be answered only by bringing experts from different disciplines together. Questions around misinformation and disinformation, platform power, surveillance capitalism, information privacy, and algorithmic bias, among many others, reside at the intersection of computer science and law. We need to develop institutions that bring together computer scientists and legal scholars to work together on issues like these, and to train new innovators, thought leaders, counselors, and policymakers with hybrid training in both disciplines. In Universities, the disciplines of Computer Science (CS) and Law are separated by many wide chasms. Differences in standards, language, methods, and culture impede professors and other academic researchers who want to collaborate with colleagues on the other side of this divide. Universities place CS and Law in different schools, on different campuses, on different calendars, etc. Researchers in the two disciplines face differing incentives and reward structures for publishing, teaching, funding, and service.

  PublisherDOI

• A new benchmark harness for systematic and robust evaluation of streaming state stores

  2022 · 14 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Science
  • Distributed computing

  Modern stream processing systems often rely on embedded key-value stores, like RocksDB, to manage the state of long-running computations. Evaluating the performance of these stores when used for streaming workloads is cumbersome as it requires the configuration and deployment of a stream processing system that integrates the respective store, and the execution of representative queries to collect measurements.

  PublisherDOI

• Akita: A CPU scheduler for virtualized Clouds

  arXiv (Cornell University) · 2020-09-18

  preprintOpen access

  Clouds inherit CPU scheduling policies of operating systems. These policies enforce fairness while leveraging best-effort mechanisms to enhance responsiveness of all schedulable entities, irrespective of their service level objectives (SLOs). This leads to unpredictable performance that forces cloud providers to enforce strict reservation and isolation policies to prevent high-criticality services (e.g., Memcached) from being impacted by low-criticality ones (e.g., logging), which results in low utilization. In this paper, we present Akita, a hypervisor CPU scheduler that delivers predictable performance at high utilization. Akita allows virtual machines (VMs) to be categorized into high- and low-criticality VMs. Akita provides strong guarantees on the ability of cloud providers to meet SLOs of high-criticality VMs, by temporarily slowing down low-criticality VMs if necessary. Akita, therefore, allows the co-existence of high and low-criticality VMs on the same physical machine, leading to higher utilization. The effectiveness of Akita is demonstrated by a prototype implementation in the Xen hypervisor. We present experimental results that show the many advantages of adopting Akita as the hypervisor CPU scheduler. In particular, we show that high-criticality Memcached VMs are able to deliver predictable performance despite being co-located with low-criticality CPU-bound VMs.

  PublisherOA PDFDOI

• Peafowl

  2020 · 16 citations

  • Computer Science
  • Computer Science
  • Real-time computing

  The traffic load sent to key-value (KV) stores varies over long timescales of hours to short timescales of a few microseconds. Long-term variations present the opportunity to save power during low or medium periods of utilization. Several techniques exist to save power in servers, including feedback-based controllers that right-size the number of allocated CPU cores, dynamic voltage and frequency scaling (DVFS), and c-state (idle-state) mechanisms. In this paper, we demonstrate that existing power saving techniques are not effective for KV stores. This is because the high rate of traffic even under low load prevents the system from entering low power states for extended periods of time. To achieve power savings, we must unbalance the load among the CPU cores so that some of them can enter low power states during periods of low load. We accomplish this by introducing the notion of in-application CPU scheduling. Instead of relying on the kernel to schedule threads, we pin threads to bypass the kernel CPU scheduler and then perform the scheduling within the KV store application. Our design, Peafowl, is a KV store that features an in-application CPU scheduler that monitors the load to learn the workload characteristics and then scales the number of active CPU cores when the load drops, leading to notable power savings during low or medium periods of utilization. Our experiments demonstrate that Peafowl uses up to 40--54% lower power than state of the art approaches such as Rubik and μDPM.

  PublisherOA PDFDOI

• A Game-Theoretic Analysis of Shared/Buy-in Computing Systems

  IEEE Open Journal of the Communications Society · 2020 · 4 citations

  • Computer Science
  • Computer Science
  • Distributed computing

  High performance computing clusters are increasingly operating under a shared/buy-in paradigm. Under this paradigm, users choose between two tiers of services: shared services and buy-in services. Shared services provide users with access to shared resources for free, while buy-in services allow users to purchase additional buy-in resources in order to shorten job completion time. An important feature of shared/buy-in computing systems consists of making unused buy-in resources available to all other users of the system. Such a feature has been shown to enhance the utilization of resources. Alongside, it creates strategic interactions among users, hence giving rise to a non-cooperative game at the system level. Specifically, each user is faced with the questions of whether to purchase buy-in resources, and if so, how much to pay for them. Under quite general conditions, we establish that a shared/buy-in computing game yields a unique Nash equilibrium, which can be computed in polynomial time. We provide an algorithm for this purpose, which can be implemented in a distributed manner. Moreover, by establishing a connection to the theory of aggregative games, we prove that the game converges to the Nash equilibrium through best response dynamics from any initial state. We justify the underlying game-theoretic assumptions of our model using real data from a computing cluster, and conduct numerical simulations to further explore convergence properties and the influence of system parameters on the Nash equilibrium. In particular, we point out potential unfairness and abuse issues and discuss solution venues.

  PublisherOA PDFDOI

• MORPHOSYS: Efficient Colocation of QoS-Constrained Workloads in the Cloud

  arXiv (Cornell University) · 2019-12-02

  preprintOpen access

  In hosting environments such as IaaS clouds, desirable application performance is usually guaranteed through the use of Service Level Agreements (SLAs), which specify minimal fractions of resource capacities that must be allocated for use for proper operation. Arbitrary colocation of applications with different SLAs on a single host may result in inefficient utilization of the host's resources. In this paper, we propose that periodic resource allocation and consumption models be used for a more granular expression of SLAs. Our proposed SLA model has the salient feature that it exposes flexibilities that enable the IaaS provider to safelya transform SLAs from one form to another for the purpose of achieving more efficient colocation. Towards that goal, we present MorphoSys: a framework for a service that allows the manipulation of SLAs to enable efficient colocation of workloads. We present results from extensive trace-driven simulations of colocated Video-on-Demand servers in a cloud setting. The results show that potentially-significant reduction in wasted resources (by as much as 60%) are possible using MorphoSys.

  PublisherOA PDFDOI

• Neuroflight: Next Generation Flight Control Firmware

  arXiv (Cornell University) · 2019-01-19 · 25 citations

  preprintOpen accessSenior author

  Little innovation has been made to low-level attitude flight control used by uncrewed aerial vehicles (UAVs), which still predominantly uses the classical PID controller. In this work we introduce Neuroflight, the first open source neuro-flight controller firmware. We present our toolchain for training a neural network in simulation and compiling it to run on embedded hardware. Challenges faced jumping from simulation to reality are discussed along with our solutions. Our evaluation shows the neural network can execute at over 2.67kHz on an Arm Cortex-M7 processor and flight tests demonstrate a quadcopter running Neuroflight can achieve stable flight and execute aerobatic maneuvers.

  PublisherOA PDFDOI

• Reinforcement Learning for UAV Attitude Control

  ACM Transactions on Cyber-Physical Systems · 2019-02-13 · 19 citations

  preprintOpen accessSenior author

  Autopilot systems are typically composed of an “inner loop” providing stability and control, whereas an “outer loop” is responsible for mission-level objectives, such as way-point navigation. Autopilot systems for unmanned aerial vehicles are predominately implemented using Proportional-Integral-Derivative (PID) control systems, which have demonstrated exceptional performance in stable environments. However, more sophisticated control is required to operate in unpredictable and harsh environments. Intelligent flight control systems is an active area of research addressing limitations of PID control most recently through the use of reinforcement learning (RL), which has had success in other applications, such as robotics. Yet previous work has focused primarily on using RL at the mission-level controller. In this work, we investigate the performance and accuracy of the inner control loop providing attitude control when using intelligent flight control systems trained with state-of-the-art RL algorithms—Deep Deterministic Policy Gradient, Trust Region Policy Optimization, and Proximal Policy Optimization. To investigate these unknowns, we first developed an open source high-fidelity simulation environment to train a flight controller attitude control of a quadrotor through RL. We then used our environment to compare their performance to that of a PID controller to identify if using RL is appropriate in high-precision, time-critical flight control.

  PublisherOA PDFDOI

• Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications

  2019-09-01 · 4 citations

  article

  Software applications that employ secure multi-party computation (MPC) can empower individuals and organizations to benefit from privacy-preserving data analyses when data sharing is encumbered by confidentiality concerns, legal constraints, or corporate policies. MPC is already being incorporated into software solutions in some domains; however, individual use cases do not fully convey the variety, extent, and complexity of the opportunities of MPC. This position paper articulates a role-based perspective that can provide some insight into how future research directions, infrastructure development and evaluation approaches, and deployment practices for MPC may evolve. Drawing on our own lessons from existing real-world deployments and the fundamental characteristics of MPC that make it a compelling technology, we propose a role-based conceptual framework for describing MPC deployment scenarios. Our framework acknowledges and leverages a novel assortment of roles that emerge from the fundamental ways in which MPC protocols support federation of functionalities and responsibilities. Defining these roles using the new opportunities for federation that MPC enables in turn can help identify and organize the capabilities, concerns, incentives, and trade-offs that affect the entities (software engineers, government regulators, corporate executives, end-users, and others) that participate in an MPC deployment scenario. This framework can not only guide the development of an ecosystem of modular and composable MPC tools, but can make explicit some of the opportunities that researchers and software engineers (and any organizations they form) have to differentiate and specialize the artifacts and services they choose to design, develop, and deploy. We demonstrate how this framework can be used to describe existing MPC deployment scenarios, how new opportunities in a scenario can be observed by disentangling roles inhabited by the involved parties, and how this can motivate the development of MPC libraries and software tools that specialize not by application domain but by role.

  PublisherDOI

Recent grants

• SaTC: TTP: Small: Modular Platform for Web-based Secure Multi-Party Analytics

  NSF · $516k · 2017–2022

• ITR: Internet Flows as First-Class Values: Support for Dynamic, Flexible Internet Services

  NSF · $1.7M · 2002–2008

• CISE Research Infrastructure: SENSORIUM: Research Infrastructure for Managing Spatio-Temporal Objects in Video Sensor Networks

  NSF · $1.4M · 2002–2009

• EAGER: Towards a Marketplace for Colocation of Cloud Services

  NSF · $200k · 2009–2011

• CT-ISG: Towards Trusted Adaptation Dynamics in Computing Systems and Networks

  NSF · $300k · 2005–2009

Frequent coauthors

• Ibrahim Matta

  57 shared

• Frank Mueller

  North Carolina State University

  38 shared

• Jan Van Leeuwen

  Utrecht University

  36 shared

• Gerhard Goos

  36 shared

• A. J. Kfoury

  36 shared

• Andrei Lapets

  31 shared

• Vatche Ishakian

  26 shared

• Shudong Jin

  Stony Brook University

  22 shared

Education

• Ph.D., Computer Science

  Boston University

  1993

• M.S., Computer Science

  Boston University

  1989

• B.S., Computer Science

  Boston University

  1987

Awards & honors

• William Fairfield Warren Distinguished Professor of Computer…