DOCSLIB.ORG

Lttng: the Linux Trace Toolkit Next Generation a Comprehensive User's Guide (Version 2.3 Edition)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

DRDC Document Number: DRDC-RDDC-2016-N036 LTTng: The Linux Trace Toolkit Next Generation A Comprehensive User's Guide (version 2.3 edition) Daniel U. Thibault, DRDC Valcartier Research Centre The contents are published as open-access documentation distributed under the terms of the Creative Commons Attribution 4.0 International Public License (CC-BY 4.0, http://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. Defence Research and Development Canada External Literature DRDC-RDDC-2016-N036 June 2016 © Her Majesty the Queen in Right of Canada, as represented by the Minister of National Defence, 2016 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 2016 IMPORTANT INFORMATIVE STATEMENTS Work conducted for project 15bl, HeLP-CCS: Host-Level Protection of Critical Computerized Systems Template in use: SR Advanced (2010) Template_EN (2015-11-05).dotm © Her Majesty the Queen in Right of Canada, as represented by the Minister of National Defence, 2016. LTTng: The Linux Trace Toolkit Next Generation: A Comprehensivve User's Guide (version 2.3 edition) is made available under the Creative Commons Attribution 4.0 Innternational Public License (CC-BY 4.0, http://creativecommons.org/licenses/by/4.0). © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 2016. LTTng: The Linux Trace Toolkit Next Generation: A Comprehensive User's Guide (version 2.3 edition) est rendu disponible sous la licence publique Creative Commons Attribution 4.0 International (CC-BY 4.0, http://creativecommons.org/licenses/by/4.0/deed.fr). Abstract The Linux Trace Toolkit Next Generation (LTTng) software tracer was thoroughly documented from a user’s perspective. The behaviour of each command was tested for a wide range of input parameter values, installation scripts were written and tested, and a variety of demonstration use cases created and tested. A number of bugs were documented as a result (ranging from “simply broken” to “what exactly are we trying to do here?”) which are being addressed as time passes and the project keeps advancing in capability, reliability, and ease-of-use. Whereas the companion LTTng Quick Start Guide assumed the simplest installation and use scenario, the LTTng Comprehensive User’s Guide delves into the nitty-gritty of using LTTng in all sorts of ways, leaving no option undocumented and giving detailed, step-by-step instructions on how to instrument anything (applications, libraries, kernel modules, even the kernel itself) for use with LTTng. Significance to defence and security The Linux Trace Toolkit Next Generation (LTTng) offers reliable, low-impact, high-resolution, system-wide, dynamically adaptable, near-real-time tracing of Linux systems. Being able to observe what goes on within the operating system and any applications running on it is an essential prerequisite for the cyber security of governmental and military computer systems of all scales. As the LTTng project has now reached a reasonable level of maturity and can be used in production contexts, it was felt necessary to create a document detailing in practical terms how to deploy, use, and extend it. Large parts of this document have already been used to create the LTTng on-line documentation (http://lttng.org/docs/#); this publication can only make LTTng more accessible to all interested parties. DRDC-RDDC-2016-R9999 i Résumé Le traceur logiciel Linux Trace Toolkit Next Generation (LTTng) a été documenté exhaustivement du point de vue de l’utilisateur. Le comportement de chaque commande a été testé pour une grande variété de valeurs de paramètres, des scripts d’installation ont été écrits et testés, et bon nombre de démonstrations utilitaires créées et testées. Une quantité de bogues ont été documentées par conséquent (allant de « c’est cassé » à « qu’est-ce qu’on essaie d’accomplir ici ? »), lesquelles succombent progressivement au passage du temps tandis que le projet continue de s’améliorer en capacité, fiabilité, et facilité d’utilisation. Alors que le document complémentaire LTTng Quick Start Guide supposait le cas le plus simple d’installation et d’utilisation, le LTTng Comprehensive User’s Guide plonge dans le détail de l’utilisation de LTTng de toutes sortes de façons, ne laissant aucune option sans documentation et donnant des instructions étape-par-étape et détaillées expliquant comment instrumenter n’importe quoi (applications, bibliothèques, modules du noyau, et le noyau lui-même) aux fins de LTTng. Importance pour la défense et la sécurité Le traceur Linux Trace Toolkit Next Generation (LTTng) est en mesure de tracer les systèmes Linux en temps presque réel de façon flexible (dynamiquement adaptable), universelle, détaillée, fiable et économe en coût de performance. Être capable d’observer ce qui se passe à l’intérieur du système d’exploitation et de ses applications est une condition sine qua non de la cyber sécurité des systèmes informatiques gouvernementaux et militaires de toute échelle. Comme le projet LTTng a atteint un niveau raisonnable de maturité et peut être utilisé dans des contextes de production, il nous a semblé nécessaire de créer un document détaillant en termes pratiques comment le déployer, l’utiliser et l’augmenter. Une large part de ce document a déjà été utilisée pour créer la documentation en ligne de LTTng (http://lttng.org/docs/#); cette publication ne peut que rendre LTTng encore plus accessible aux parties intéressées. ii DRDC-RDDC-2016-R9999 Table of contents Abstract ............................................................................................................................................ i Significance to defence and security ................................................................................................ i Résumé ............................................................................................................................................ ii Importance pour la défense et la sécurité ........................................................................................ ii Table of contents ............................................................................................................................ iii List of figures ................................................................................................................................. ix List of tables ................................................................................................................................... xi Acknowledgements ....................................................................................................................... xii 1 Introduction ............................................................................................................................... 1 1.1 The LTTng software tracer — Basic concepts ................................................................ 2 1.2 Scope of this document.................................................................................................... 3 1.3 Quick references .............................................................................................................. 4 1.4 The content of the DVD-ROM ........................................................................................ 5 1.4.1 VirtualBox virtual machine .............................................................................. 5 1.4.2 Software repository ........................................................................................... 6 1.5 How to read this document .............................................................................................. 6 1.6 Caveats ............................................................................................................................ 7 2 LTTng architecture, basic configuration and controls .............................................................. 9 2.1 LTTng components ......................................................................................................... 9 2.1.1 The LTTng session daemon(s) (lttng-sessiond) .................................. 10 2.1.2 The LTTng consumer daemon(s) (lttng-consumerd) ............................ 12 2.1.3 The LTTng command-line and custom control interfaces .............................. 12 2.1.4 The liburcu library ..................................................................................... 13 2.1.5 The liblttng-ust library ......................................................................... 13 2.1.6 The liblttng-ust-ctl library ............................................................... 13 2.1.7 The LTTng kernel modules ............................................................................ 13 2.1.8 The LTTng relay daemon (lttng-relayd) ............................................... 13 2.1.9 babeltrace and its library ......................................................................... 14 2.1.10 LTTV .............................................................................................................. 14 2.2 Tracing sessions and traces ............................................................................................ 14 2.2.1 Domains and the tracing group ....................................................................... 16 2.3 Flow of control and data ...............................................................................................
Recommended publications
  • Lttng and the Love of Development Without Printf() Dgoulet@Efficios.Com

    Lttng and the Love of Development Without Printf() [email protected]

    Fosdem 2014 + LTTng and the love of development without printf() [email protected] 1 whoami David Goulet, Software Developer, EfficiOS, Maintainer of LTTng-tools project ● https://git.lttng.org//lttng-tools.git 2 Content Quick overview of LTTng 2.x Everything else you need to know! Recent features & future work. 3 What is tracing? ● Recording runtime information without stopping the process – Enable/Disable event(s) at runtime ● Usually used during development to solve problems like performance, races, etc... ● Lots of possibilities on Linux: LTTng, Perf, ftrace, SystemTap, strace, ... 4 OverviewOverview ofof LTTngLTTng 2.x2.x 5 Overview of LTTng 2.x Unified user interface, kernel and user space tracers combined. (No need to recompile kernel) Trace output in a unified format (CTF) – https://git.efficios.com/ctf.git Low overhead, Shipped in distros: Ubuntu, Debian, Suse, Fedora, Linaro, Wind River, etc. 6 Tracers ● lttng-modules: kernel tracer module, compatible with kernels from 2.6.38* to 3.13.x, ● lttng-ust: user-space tracer, in-process library. * Kernel tracing is now possible on 2.6.32 to 2.6.37 by backport of 3 Linux Kernel patches. 7 Utilities ● lttng-tools: cli utilities and daemons for trace control, – lttng: cli utility for tracing control, – lttng-ctl: tracing control API, – lttng-sessiond: tracing registry daemon, – lttng-consumerd: extract trace data, – lttng-relayd: network streaming daemon. 8 Viewers ● babeltrace: cli text viewer, trace converter, plugin system, ● lttngtop: ncurse top-like viewer, ● Eclipse lttng plugin: front-end for lttng, collect, visualize and analyze traces, highly extensible. 9 LTTng-UST – How does it work? Users instrument their applications with static tracepoints, liblttng-ust, in-process library, dynamically linked with application, Session setup, etc., Run app, collect traces, Post analysis with viewers.
  • The Linux Kernel Module Programming Guide

    The Linux Kernel Module Programming Guide

    The Linux Kernel Module Programming Guide Peter Jay Salzman Michael Burian Ori Pomerantz Copyright © 2001 Peter Jay Salzman 2007−05−18 ver 2.6.4 The Linux Kernel Module Programming Guide is a free book; you may reproduce and/or modify it under the terms of the Open Software License, version 1.1. You can obtain a copy of this license at http://opensource.org/licenses/osl.php. This book is distributed in the hope it will be useful, but without any warranty, without even the implied warranty of merchantability or fitness for a particular purpose. The author encourages wide distribution of this book for personal or commercial use, provided the above copyright notice remains intact and the method adheres to the provisions of the Open Software License. In summary, you may copy and distribute this book free of charge or for a profit. No explicit permission is required from the author for reproduction of this book in any medium, physical or electronic. Derivative works and translations of this document must be placed under the Open Software License, and the original copyright notice must remain intact. If you have contributed new material to this book, you must make the material and source code available for your revisions. Please make revisions and updates available directly to the document maintainer, Peter Jay Salzman <[email protected]>. This will allow for the merging of updates and provide consistent revisions to the Linux community. If you publish or distribute this book commercially, donations, royalties, and/or printed copies are greatly appreciated by the author and the Linux Documentation Project (LDP).
  • Flame Graphs Freebsd

    Flame Graphs Freebsd

    FreeBSD Developer and Vendor Summit, Nov, 2014 Flame Graphs on FreeBSD Brendan Gregg Senior Performance Architect Performance Engineering Team [email protected] @brendangregg Agenda 1. Genesis 2. Generaon 3. CPU 4. Memory 5. Disk I/O 6. Off-CPU 7. Chain 1. Genesis The Problem • The same MySQL load on one host runs at 30% higher CPU than another. Why? • CPU profiling should answer this easily # dtrace -x ustackframes=100 -n 'profile-997 /execname == "mysqld"/ {! @[ustack()] = count(); } tick-60s { exit(0); }'! dtrace: description 'profile-997 ' matched 2 probes! CPU ID FUNCTION:NAME! 1 75195 :tick-60s! [...]! libc.so.1`__priocntlset+0xa! libc.so.1`getparam+0x83! libc.so.1`pthread_getschedparam+0x3c! libc.so.1`pthread_setschedprio+0x1f! mysqld`_Z16dispatch_command19enum_server_commandP3THDPcj+0x9ab! mysqld`_Z10do_commandP3THD+0x198! mysqld`handle_one_connection+0x1a6! libc.so.1`_thrp_setup+0x8d! libc.so.1`_lwp_start! 4884! ! mysqld`_Z13add_to_statusP17system_status_varS0_+0x47! mysqld`_Z22calc_sum_of_all_statusP17system_status_var+0x67! mysqld`_Z16dispatch_command19enum_server_commandP3THDPcj+0x1222! mysqld`_Z10do_commandP3THD+0x198! mysqld`handle_one_connection+0x1a6! libc.so.1`_thrp_setup+0x8d! libc.so.1`_lwp_start! 5530! # dtrace -x ustackframes=100 -n 'profile-997 /execname == "mysqld"/ {! @[ustack()] = count(); } tick-60s { exit(0); }'! dtrace: description 'profile-997 ' matched 2 probes! CPU ID FUNCTION:NAME! 1 75195 :tick-60s! [...]! libc.so.1`__priocntlset+0xa! libc.so.1`getparam+0x83! this stack libc.so.1`pthread_getschedparam+0x3c!
  • Version 7.8-Systemd

    Version 7.8-Systemd

    Linux From Scratch Version 7.8-systemd Created by Gerard Beekmans Edited by Douglas R. Reno Linux From Scratch: Version 7.8-systemd by Created by Gerard Beekmans and Edited by Douglas R. Reno Copyright © 1999-2015 Gerard Beekmans Copyright © 1999-2015, Gerard Beekmans All rights reserved. This book is licensed under a Creative Commons License. Computer instructions may be extracted from the book under the MIT License. Linux® is a registered trademark of Linus Torvalds. Linux From Scratch - Version 7.8-systemd Table of Contents Preface .......................................................................................................................................................................... vii i. Foreword ............................................................................................................................................................. vii ii. Audience ............................................................................................................................................................ vii iii. LFS Target Architectures ................................................................................................................................ viii iv. LFS and Standards ............................................................................................................................................ ix v. Rationale for Packages in the Book .................................................................................................................... x vi. Prerequisites
  • Linux for Zseries: Device Drivers and Installation Commands (March 4, 2002) Summary of Changes

    Linux for Zseries: Device Drivers and Installation Commands (March 4, 2002) Summary of Changes

    Linux for zSeries Device Drivers and Installation Commands (March 4, 2002) Linux Kernel 2.4 LNUX-1103-07 Linux for zSeries Device Drivers and Installation Commands (March 4, 2002) Linux Kernel 2.4 LNUX-1103-07 Note Before using this document, be sure to read the information in “Notices” on page 207. Eighth Edition – (March 2002) This edition applies to the Linux for zSeries kernel 2.4 patch (made in September 2001) and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Summary of changes .........v Chapter 5. Linux for zSeries Console || Edition 8 changes.............v device drivers............27 Edition 7 changes.............v Console features .............28 Edition 6 changes ............vi Console kernel parameter syntax .......28 Edition 5 changes ............vi Console kernel examples ..........28 Edition 4 changes ............vi Usingtheconsole............28 Edition 3 changes ............vii Console – Use of VInput ..........30 Edition 2 changes ............vii Console limitations ............31 About this book ...........ix Chapter 6. Channel attached tape How this book is organized .........ix device driver ............33 Who should read this book .........ix Tapedriverfeatures...........33 Assumptions..............ix Tape character device front-end........34 Tape block
  • Implementing Powerpc Linux on System I Platform

    Implementing Powerpc Linux on System I Platform

    Front cover Implementing POWER Linux on IBM System i Platform Planning and configuring Linux servers on IBM System i platform Linux distribution on IBM System i Platform installation guide Tips to run Linux servers on IBM System i platform Yessong Johng Erwin Earley Rico Franke Vlatko Kosturjak ibm.com/redbooks International Technical Support Organization Implementing POWER Linux on IBM System i Platform February 2007 SG24-6388-01 Note: Before using this information and the product it supports, read the information in “Notices” on page vii. Second Edition (February 2007) This edition applies to i5/OS V5R4, SLES10 and RHEL4. © Copyright International Business Machines Corporation 2005, 2007. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . vii Trademarks . viii Preface . ix The team that wrote this redbook. ix Become a published author . xi Comments welcome. xi Chapter 1. Introduction to Linux on System i platform . 1 1.1 Concepts and terminology . 2 1.1.1 System i platform . 2 1.1.2 Hardware management console . 4 1.1.3 Virtual Partition Manager (VPM) . 10 1.2 Brief introduction to Linux and Linux on System i platform . 12 1.2.1 Linux on System i platform . 12 1.3 Differences between existing Power5-based System i and previous System i models 13 1.3.1 Linux enhancements on Power5 / Power5+ . 14 1.4 Where to go for more information . 15 Chapter 2. Configuration planning . 17 2.1 Concepts and terminology . 18 2.1.1 Processor concepts .
  • Linux Kernel and Driver Development Training Slides

    Linux Kernel and Driver Development Training Slides

    Linux Kernel and Driver Development Training Linux Kernel and Driver Development Training © Copyright 2004-2021, Bootlin. Creative Commons BY-SA 3.0 license. Latest update: October 9, 2021. Document updates and sources: https://bootlin.com/doc/training/linux-kernel Corrections, suggestions, contributions and translations are welcome! embedded Linux and kernel engineering Send them to [email protected] - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 1/470 Rights to copy © Copyright 2004-2021, Bootlin License: Creative Commons Attribution - Share Alike 3.0 https://creativecommons.org/licenses/by-sa/3.0/legalcode You are free: I to copy, distribute, display, and perform the work I to make derivative works I to make commercial use of the work Under the following conditions: I Attribution. You must give the original author credit. I Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one. I For any reuse or distribution, you must make clear to others the license terms of this work. I Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. Document sources: https://github.com/bootlin/training-materials/ - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 2/470 Hyperlinks in the document There are many hyperlinks in the document I Regular hyperlinks: https://kernel.org/ I Kernel documentation links: dev-tools/kasan I Links to kernel source files and directories: drivers/input/ include/linux/fb.h I Links to the declarations, definitions and instances of kernel symbols (functions, types, data, structures): platform_get_irq() GFP_KERNEL struct file_operations - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 3/470 Company at a glance I Engineering company created in 2004, named ”Free Electrons” until Feb.
  • Linuxcon North America 2012

    Linuxcon North America 2012

    LinuxCon North America 2012 LTTng 2.0 : Tracing, Analysis and Views for Performance and Debugging. E-mail: [email protected] Mathieu Desnoyers August 29th, 2012 1 > Presenter ● Mathieu Desnoyers ● EfficiOS Inc. ● http://www.efficios.com ● Author/Maintainer of ● LTTng, LTTng-UST, Babeltrace, Userspace RCU Mathieu Desnoyers August 29th, 2012 2 > Content ● Tracing benefits, ● LTTng 2.0 Linux kernel and user-space tracers, ● LTTng 2.0 usage scenarios & viewers, ● New features ready for LTTng 2.1, ● Conclusion Mathieu Desnoyers August 29th, 2012 3 > Benefits of low-impact tracing in a multi-core world ● Understanding interaction between ● Kernel ● Libraries ● Applications ● Virtual Machines ● Debugging ● Performance tuning ● Monitoring Mathieu Desnoyers August 29th, 2012 4 > Tracing use-cases ● Telecom ● Operator, engineer tracing systems concurrently with different instrumentation sets. ● In development and production phases. ● High-availability, high-throughput servers ● Development and production: ensure high performance, low-latency in production. ● Embedded ● System development and production stages. Mathieu Desnoyers August 29th, 2012 5 > LTTng 2.0 ● Rich ecosystem of projects, ● Key characteristics of LTTng 2.0: – Small impact on the traced system, fast, user- oriented features. ● Interfacing with: Common Trace Format (CTF) Interoperability Between Tracing Tools Tracing Well With Others: Integration with the Common Trace Format (CTF), of GDB Tracepoints Into Trace Tools, Mathieu Desnoyers, EfficiOS, Stan Shebs, Mentor Graphics,
  • El Núcleo Linux

    El Núcleo Linux

    El núcleo Linux Josep Jorba Esteve PID_00174426 GNUFDL • PID_00174426 El núcleo Linux Índice Introducción ................................................... ....... 5 Objetivos ................................................... ............ 6 1. El núcleo del sistema GNU/Linux .............................. 7 2. Personalización o actualización del núcleo................... 15 3. Proceso de configuración y compilación ...................... 18 3.1. Compilación antigua de la rama 2.4.x del núcleo . 20 3.2. Migración de 2.4 a la rama 2.6.x del núcleo. 25 3.3. Compilación de la rama 2.6.x del núcleo . 27 3.4. Compilación del núcleo en Debian (Debian Way)............. 30 4. Aplicación de parches al núcleo ................................ 35 5. Módulos del núcleo ............................................... 38 5.1. DKMS: módulos recompilados dinámicamente . 41 6. Virtualización en el núcleo ..................................... 44 6.1. KVM ............................................ .............. 46 7. Futuro del núcleo y alternativas ............................... 53 8. Taller de configuración del núcleo a las necesidades del usuario................................................... ...... 58 8.1. Configuración del núcleo en Debian . 58 8.2. Configuración del núcleo en Fedora/Red Hat . 61 8.3. Configuración de un núcleo genérico . 63 Resumen ................................................... ............ 66 Actividades ................................................... ......... 67 Bibliografía ..................................................
  • Linux Performance Tools

    Linux Performance Tools

    Linux Performance Tools Brendan Gregg Senior Performance Architect Performance Engineering Team [email protected] @brendangregg This Tutorial • A tour of many Linux performance tools – To show you what can be done – With guidance for how to do it • This includes objectives, discussion, live demos – See the video of this tutorial Observability Benchmarking Tuning Stac Tuning • Massive AWS EC2 Linux cloud – 10s of thousands of cloud instances • FreeBSD for content delivery – ~33% of US Internet traffic at night • Over 50M subscribers – Recently launched in ANZ • Use Linux server tools as needed – After cloud monitoring (Atlas, etc.) and instance monitoring (Vector) tools Agenda • Methodologies • Tools • Tool Types: – Observability – Benchmarking – Tuning – Static • Profiling • Tracing Methodologies Methodologies • Objectives: – Recognize the Streetlight Anti-Method – Perform the Workload Characterization Method – Perform the USE Method – Learn how to start with the questions, before using tools – Be aware of other methodologies My system is slow… DEMO & DISCUSSION Methodologies • There are dozens of performance tools for Linux – Packages: sysstat, procps, coreutils, … – Commercial products • Methodologies can provide guidance for choosing and using tools effectively • A starting point, a process, and an ending point An#-Methodologies • The lack of a deliberate methodology… Street Light An<-Method 1. Pick observability tools that are: – Familiar – Found on the Internet – Found at random 2. Run tools 3. Look for obvious issues Drunk Man An<-Method • Tune things at random until the problem goes away Blame Someone Else An<-Method 1. Find a system or environment component you are not responsible for 2. Hypothesize that the issue is with that component 3. Redirect the issue to the responsible team 4.
  • Dr. Ralf S. Engelschall Architecture Fundamentals AF Goal Focus 00.0

    Dr. Ralf S. Engelschall Architecture Fundamentals AF Goal Focus 00.0

    Dr. Ralf S. Engelschall Architecture Fundamentals AF Goal Focus 00.0 Step 1: Your Insight (Believe) Concepts Methods Technologies ReproductionUnauthorized Prohibited. Ralf All Rights S. Engelschall <http://engelschall.com>, Reserved. © 2018-2019 Dr. 1.0.2 (2019-06-28), Copyright Version Graphical Illustration: Ralf S. Engelschall Dr. 2010-2019 by 1.0.2 (2019-06-28), Authored Version Intellectual Content: Concepts have a larger life-time than particular technologies and products. know scope of Step 2: Our Preparation this training Concepts have to be assembled in a concise subsequent understand München (TUM) Universität Science lecture contexts in Computer only. reproduction for Technische Licensed to form to be handy in practice. task of trainee in practice apply AN ARCHITECT Step 3: Your Application 1. THINKING LIKE 1. 2. BEING GOOD AT Concepts can be applied in practice both CONCEPTUALIZATION proactive/constructive and reactive/analytical. Scope Type Focus Content Computer Literature Industry Theory knows about knows about Science more things more things Diagrams Statements (written) Abstraction Generalization Software (Conceptual) Trainer Architecture Rationales Model Theory Practice (verbal) Engineering Fundamentals Software & Examples Trainer Systems (verbal) Practice Architecture the most Instantiation relevant concepts Specialization Software Engineering Disciplines AF ANALYTICAL CONSTRUCTIVE STEERING 01.1 REQ Requirements ENV Environment RES Resources Intellectual Content: Version 1.0.7 (2010-07-21), Authored 2006-2010 by Dr. Ralf S. Engelschall, inspired by Rational Unied Process (RUP) Rational by Ralf inspired Unied Process S. Engelschall, Dr. 2006-2010 by 1.0.7 (2010-07-21), Authored Version Intellectual Content: Graphical Illustration: Version 1.0.9 (2019-06-28), Copyright © 2007-2019 Dr.
  • Advanced Linux Tracing Technologies for Online Surveillance of Software Systems

    Advanced Linux Tracing Technologies for Online Surveillance of Software Systems

    Advanced Linux tracing technologies for Online Surveillance of Software Systems M. Couture DRDC – Valcartier Research Centre Defence Research and Development Canada Scientific Report DRDC-RDDC-2015-R211 October 2015 © Her Majesty the Queen in Right of Canada, as represented by the Minister of National Defence, 2015 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 2015 Abstract This scientific report provides a description of the concepts and technologies that were developed in the Poly-Tracing Project. The main product that was made available at the end of this four-year project is a new software tracer called Linux Trace Toolkit next generation (LTTng). LTTng actually represents the centre of gravity around which much more applied research and development took place in the project. As shown in this document, the technologies that were produced allow the exploitation of the LTTng tracer and its output for two main purposes: a- solving today’s increasingly complex software bugs and b- improving the detection of anomalies within live information systems. This new technology will enable the development of a set of new tools to help detect the presence of malware and malicious activity within information systems during operations. Significance to defence and security All the technologies described in this document result from collaborative R&D efforts (the Poly-Tracing project), which involved the participation of NSERC, Ericsson Canada, DRDC – Valcartier Research Centre, and the following Canadian universities: Montreal Polytechnique, Laval University, Concordia University, and the University of Ottawa. This scientific report should be considered as one of the Platform-to-Assembly Secured Systems (PASS) deliverables.