About David Jones

Profile Picture David is a Software Developer from the UK with over 12 years experience. He holds a bachelors degree in Economics, and a masters degree in Software Development, from which many of the pages on this site have evolved. His interests include all things C#/.NET along with software frameworks, architectures and design patterns.

When not developing software David plays bass in a psychedelic rock band who are currently recording their first album.

Apoptosis, Apoptotic Computing and Apoptotic Behaviours

In cellular biology, Apoptosis is a mechanism of programmed cell death whereby perfectly healthy cells regularly commit suicide for the greater good of the living organism, and all cells come with this self-destruct mechanism built-in (Raff, 1998). This is the metaphor on which this dissertation was focussed – research into ways for digital objects to commit suicide for the greater good of the overall system, without causing any harm to their host environment.

Figure 1 portrayed Apoptotic Computing as a sub-branch of Autonomic Computing which in turn is portrayed as a sub-branch of Natural Computing. To put this into context, Horn (2001), in describing an Autonomic system, stated that it can be built up from components with some Autonomic capabilities at each level from microprocessors to servers to networks of servers and other devices. He then compared this to the hierarchy of the human body built up from cells to organs to systems of organs (e.g. the autonomic nervous system), with each level in the hierarchy maintaining some measure of independence whilst contributing to the higher needs and good of the body as a whole. Raff (1998) described how Apoptosis is a programmed self-destruct mechanism at the cellular level, therefore it can be argued that Apoptotic Computing is a sub-branch of Autonomic Computing residing at the component level, corresponding with the self-Destruct autonomic property put forward by Sterritt and Hinchey (2005). When describing the wider field of Natural Computing, Kari and Rozenberg (2008) do not address Autonomic Computing specifically, but discuss artificial immune systems, which would form the self-Healing property of an autonomic system (Miller, 2005). The Apoptosis metaphor has been put forward in the context of an artificial immune system applied to computer security, particularly with a view to combating increasingly malicious software (Saudi et al., 2008). In this case, the computer system would be compartmentalised into many small, disposable, components or cells, which can then initiate Apoptosis should they become infected in some way.

Proposals for Apoptosis in Computing

The following section provides a brief description of some proposals for the use of Apoptosis in the literature:

The background pages briefly introduced how Saudi et al. (2008) considered Apoptosis as a mechanism to improve the security of computer systems against attack by malware. They demonstrate this in their subsequent work on the STAKCERT Framework which they developed to control and isolate a computer attacked by a worm (Saudi et al., 2009, p.105). The STAKCERT Framework operates in two phases: phase one utilises a set of algorithms to detect and identify a worm, whilst phase two utilises Apoptosis to separate the computer from the network so as to prevent the worm from spreading – thus following the Apoptosis metaphor of self-destruct for the greater good of the system. Apoptosis in STAKCERT comprises of the infected computer disallowing services, locking unrelated ports and shutting down server-based applications.

Tschudin (1999) discusses Apoptosis in the context of a distributed service composed of numerous tiny mobile programs distributed across many physical network nodes at runtime. In contrast to a monolithic server application, the mobile programs are dynamically reconfigurable and can bind to different physical locations at runtime, for example to make optimum use of resources. Tschudin refers to these fine-granular mobile code based network services as Highly Distributed Mobile Services (HDMS). Terminating such distributed services poses a challenge because, unlike for example a large mail server application, the programs' physical locations on the network are difficult to ascertain and they can only be accessed via the same network on which they are functioning, i.e. one cannot have a separate control channels to communicate with the distributed service.

Instead, Tschudin proposes to build Apoptotic behaviour into the tiny mobile programs which make up the HDMS, then using a second HDMS to initiate the self destruct process when there is a need to end the first service, for example if it has reached a state where it cannot return to a safe configuration. In response to an external event, a termination signal will be propagated to the mobile programs along the same lines as the HDMS originally deployed itself. In effect, a controlled, orderly, mass suicide of the service components will result. The “Death Signal” will trigger code in the mobile objects which both initiates the Apoptosis routines and causes the object to further propagate the signal.

Lilien and Bhargava (2006) present a proposal for the introduction of Apoptotic behaviour into objects in the form of atomic bundles which couple sensitive data and associated metadata, to be passed between systems with different levels of trust, based on the owner of that data’s security requirements regarding the privacy of their data, which they define as the owner's ability (via the object) to control the availability and exposure of their information. Private data is only exposed by the bundle with the owner's explicit consent. Lilien and Bhargava cite existing privacy solutions but argue that privacy would be better implemented if privacy protection mechanisms were a part of the actual data they are supposed to protect, i.e. bundles, for the data's lifetime.

The private data within the bundle is at greater risk the further it is disseminated through a chain of systems. Under Lilien and Bhargava’s scheme, if a data bundle detects it is within a system it does not trust to access the data it is carrying, the endangered digital object can initiate Apoptosis to self-destruct and destroy the data it holds in a controlled manner in order to protect the data owner’s privacy. They propose a controlled “adaptive evaporation” of the data through Apoptosis whereby the private data is destroyed first, followed by the metadata in order to prevent any of the private information in the bundle being inferred from the metadata.

Lilien and Bhargava propose implementing the Apoptosis mechanism through a set of detectors in the object which trigger the Apoptosis code when a credible threat is detected. However, in their scheme this is not an “all or nothing” scenario – the object might have different trust levels for different host systems and can adapt the Apoptosis accordingly, e.g. destroy or obfuscate some of the sensitive data whilst making other data available in accordance with the amount of trust the data owner’s preferences give to the host system. This is their “adaptive evaporation” through Apoptosis – in some systems the owner might only want their information made anonymous, whereas in others, it should be rapidly and totally destroyed to preserve privacy.

Arguably Lilien and Bhargava’s work on self-destructing Apoptotic data bundles can be incorporated into, and compliment, the proposal by Arora et al. (2006) to build autonomic self-optimisation and self-configuration properties into healthcare information supply chains, which they argue should be able to respond to surges in demand, for example due to an epidemic. Doctors, patients, healthcare organisations, laboratories, public health bodies and insurance companies (in the USA) are intrinsically linked and collaborate, to ensure the availability of the right data to the right agency at the right time. An epidemic can result in a scarcity of the resources required to treat patients effectively, and the complexity required to re-allocate and redistribute resources would rapidly overwhelm human administrators. Arora et al. argue that the application of autonomic self-configuration and self-optimisation properties would allow the system to relieve human administrators of this burden and redistribute resources optimally. In this context, the Apoptotic properties of the data bundles proposed by Lilien and Bhargava would protect the sensitive patient data as it is forwarded between the autonomic systems of the various collaborating agencies. This example illustrates the role Apoptosis can play in autonomic computing, along with the role autonomic computing can play in solving the problem of increasing complexity.

Tschudin's approach to Apoptosis in digital objects differs from that of Lilien and Bhargava in several important ways. Firstly, Tschudin's object is told to initiate Apoptosis by a trusted message received from the external environment whereas Lilien and Bhargava's object initiates Apoptosis itself based on its mistrust of the external environment it finds itself in. Secondly, Tschudin's approach involves many small objects all self-destructing as a single composite unit which makes up the distributed service, whereas Lilien and Bhargava propose to encapsulated all data into a single atomic bundle.

Sterritt and Hinchey (2005b) describe the Apoptosis metaphor with regard to NASA’s ANTS (Autonomous Nano-Technology Swarm) mission which, between 2020 and 2030, will launch a swarm of around 1,000 tiny spacecraft from a factory ship to explore an asteroid belt. They claim around 60-70% of these ships will be destroyed on entering the belt, with the remaining “workers” acting as a swarm to explore the belt, the analogy being a swarm of ants as described by Kari and Rozenberg (2008) – see Swarm Intelligence in Figure 1. Sterritt and Hinchey go on to describe how, if and when any of the remaining worker craft malfunction or are no longer able to recharge their solar powered batteries, they will either initiate Apoptosis of their own accord, or be instructed to do so by either the factory ship or other worker craft, and thus self-destruct.

Apoptotic Behaviours

The previous section described some of the applications for Apoptosis in computing. This sections identifies the specific Apoptotic behaviours prototyped in this dissertation, and the literature which motivated their inclusion.

To recap, a Mobile Agent is a digital object which has the ability to move from one networked host to another, carrying its state and data with it, and once it reaches its destination host is able to interact with the destination host agent system (OMG, 2000). Sterritt and Hinchey (2005a) describe agents as one of the key enablers for engineering autonomic properties into systems, and discuss the use of the Apoptosis metaphor as a mechanism to allow mobile agents to send each other dynamic health indicator signals. They propose several Apoptotic concepts for use as signals between agents in autonomic systems:

  • Heart-Beat Monitor – A signal sent from a mobile agent to indicate it is “still alive”.
  • Pulse Beat Monitor – A signal sent from a mobile agent with the pulse rate indicating the urgency of the signal.
  • Apoptosis – a “stay alive” signal sent to a mobile agent indicating that it should not self-destruct. This is directly comparable to biological equivalent discussed by Raff (1998).

After initially questioning whether Apoptosis is a metaphor too far, Sterritt and Hinchey conclude that Apoptosis and the self-Destruct autonomic property will be valuable in future autonomic systems.

Tschudin (1999) proposed the use of Apoptosis to send self-destruct signals to the distributed components of a highly distributed system, whereby each component processes the self-destruct message, passes it on, then self-destructs. This differs from the “Stay Alive” signals discussed by Sterritt and Hinchey (2005a) in that the object is directly instructed to self destruct as opposed to self-destructing by default in the absence of a signal instructing it not to.

Like Sterritt and Hinchey, Olsen et al., (2008) also propose a system which utilises “Stay Alive” signals to prevent agents from self-destructing by default. They propose a self-regenerating system whose agents have a notion of “citizenship” in the system and are able to monitor their environment. If an agent detects a fault in itself it first attempts to repair itself, and if this fails it will initiate Apoptosis. If an agent in the system detects another malfunctioning agent it will send it a signal to initiate self-destruct. Surrounding agents will then attempt to generate a new agent to take the place of the terminated malfunctioning agent. This self-destruction and regeneration is carried out at a low level within the system and does not require many system resources, thus the functioning of the system is uninterrupted.

References

Arora, H., Raghu, T., Vinze, A. & Brittenham, P., 2006. Collaborative Self-Configuration and Learning in Autonomic Computing Systems: Applications to Supply Chain. In Autonomic Computing, 2006. ICAC '06. IEEE International Conference on., 2006.

Horn, P., 2001. AUTONOMIC COMPUTING: IBM's Perspective on the State of Information Technology. IBM Corporation.

Kari, L. & Rozenberg, G., 2008. The many facets of natural computing. Commun. ACM, 51, pp.72-83.

Lilien, L. & Bhargava, B., 2006. A Scheme for Privacy-preserving Data Dissemination. CERIAS.

Miller, B., 2005. The autonomic computing edge: Can you CHOP up autonomic computing? [Online] IBM Available at: http://www.ibm.com/developerworks/autonomic/library/ac-edge4/ [Accessed 16 March 2009].

Olsen, M.M., Siegelmann-Danieli, N. & Siegelmann, H.T., 2008. Robust artificial life via artificial programmed death. Artif. Intell., 172, pp.884-98.

OMG, 2000. Mobile Agent Facility Specification. 140 Kendrick Street, Building A, Suite 300, Needham, MA 02494 USA, USA: Object Management Group, Inc. Object Management Group.

Raff, M., 1998. Cell suicide for beginners. NATURE, 396, pp.119-22.

Saudi, M.M., Woodward, M., Cullen, A.J. & Noor, H.M., 2008. An overview of apoptosis for computer security. In Proc. International Symposium on Information Technology ITSim 2008., 2008.

Saudi, M. et al., 2009. An overview of STAKCERT framework in confronting worms attack. In Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on., 2009.

Sterritt, R. & Hinchey, M., 2005. Autonomic computing - panacea or poppycock? In Engineering of Computer-Based Systems, 2005. ECBS '05. 12th IEEE International Conference and Workshops on the., 2005.

Sterritt, R. & Hinchey, M., 2005a. Apoptosis and Self-Destruct: A Contribution to Autonomic Agents? Springer Berlin / Heidelberg.

Sterritt, R. & Hinchey, M., 2005b. Engineering ultimate self-protection in autonomic agents for space exploration missions. In Proc. 12th IEEE International Conference and Workshops on the Engineering of Computer-Based Systems ECBS '05., 2005.

Tschudlin, C., 1999. Apoptosis - the Programmed Death of Distributed Services. Secure Internet Programming, Spring 1999.