Education

2014 - 2018 University of Massachusetts at Amherst, Amherst, MA PhD in Electrical and Computer Engineering. Advisor: Prof. David Irwin. Thesis: System Support for Managing Risk in Cloud Computing Platforms.

2006 - 2009 Columbia University, New York, NY MS in Computer Science and Electrical Engineering. Advisor: Prof. Henning Schulzrinne. Research: VoIP system for training ATCs at the US Federal Aviation Administration.

1998 - 2002 PES Institute of Technology (now PES University), Bangalore, India BE in Computer Science. Advisor: Prof. Shylaja Sharath. Senior project: Image reconstruction software for ASTROSAT (India’s first space observatory).

Professional Experience

Research

9/2018 – cur. University of Texas at Austin, Austin, TX Postdoctoral Fellow, hosted by Prof. Vijay Chidambaram. Research: Investigating the impact of GDPR compliance on data processing systems.

Industry (~7 years) 5/2010 – 1/2014 Cisco Systems, San Jose CA Software Engineer in the Datacenter Switching Group; I led, designed and developed multiple network control software systems for Cisco’s packet forwarding ASICs in Nexus 7000 routers. Focus areas: Access Control Lists, TCAM management and HA/fail-safe infrastructure. 3/2005 – 7/2006 ARM, Bangalore India & Cambridge UK Software Engineer in the Embedded Software Division; I contributed to ARM’s publicly released reference implementation of the OpenMAX libraries including still image, JPEG and MPEG. 6/2003 – 1/2005 Ittiam Systems, Bangalore India Multimedia Software Engineer; Implemented H.264 in C and assembly for TI DM64x DSP. 9/2002 – 5/2003 Infosys Technologies, Bangalore India Software Engineer; Maintained a C++ based legacy software system for McKinsey.

Internships

Summer 2009 Philips Research, Briarcliff Manor NY Advisor: Dr. Amjad Soomro. Designed a SIP-based seamless handoff technique for wireless patient monitoring system. Summer 2008 NEC Labs, Princeton NJ Advisor: Drs. Ravi Kokku, Geoff Jiang. Developed a prototype for location-based real-time collaborative mobile service. Summer 2002 Raman Research Institute, Bangalore India Advisor: Dr. Dipankar Bhattacharya. Parallelized image reconstruction algorithms using MPI to run on the multi-processor Linux cluster onboard ASTROSAT observatory.

Supreeth Shastri ! +1 (917)327-8208 ✉ shastri@utexas.edu # cs.utexas.edu/~shastri/

/1 3

Publications

Peer-reviewed Conferences VLDB 2020 Supreeth Shastri, Vinay Banakar, Melissa Wasserman, Arun Kumar, and Vijay Chidambaram. Understanding and Benchmarking the Impact of GDPR on Database Systems. In Proceedings of Very Large Data Bases 13(7), 2020. SoCC 2018 Supreeth Shastri and David Irwin. Cloud Index Tracking: Enabling Predictable Costs in Cloud Spot Markets. In ACM Symposium on Cloud Computing, 2018. SoCC 2017 Supreeth Shastri and David Irwin. HotSpot: Automated Server Hopping in Cloud Spot Markets. In ACM Symposium on Cloud Computing, 2017. SC 2016 Supreeth Shastri, Amr Rizk, and David Irwin. Transient Guarantees: Maximizing the Value of Idle Cloud Capacity. In ACM/IEEE International Conference for High Performance Computing, Networking, Storage and Analysis, 2016. ICPE 2016 Supreeth Subramanya, Zain Mustafa, David Irwin, and Prashant Shenoy. Beyond Energy-Efficiency: Evaluating Green Datacenter Applications for Energy Agility. In ACM/SPEC on International Conference on Performance Engineering, 2016. SoCC 2015 Supreeth Subramanya, Tian Guo, Prateek Sharma, David Irwin, and Prashant Shenoy. SpotOn: A Batch Computing Service for the Spot Market. In ACM Symposium on Cloud Computing, 2015.

Peer-reviewed Workshops HotCloud 2019 Supreeth Shastri, Melissa Wasserman, and Vijay Chidambaram. The Seven Sins of Personal-Data Processing Systems under GDPR. In USENIX Workshop on Hot Topics in Cloud Computing, 2019. HotStorage 2019 Aashaka Shah, Vinay Banakar, Supreeth Shastri, Melissa Wasserman, and Vijay Chidambaram. Analyzing the Impact of GDPR Compliance on Storage Systems. In USENIX Workshop on Hot Topics in Storage and File Systems, 2019. HotCloud 2017 Supreeth Shastri and David Irwin. Towards Index-based Global Trading in Cloud Spot Markets. In USENIX Workshop on Hot Topics in Cloud Computing, 2017. HotCloud 2016 Supreeth Subramanya, Amr Rizk, and David Irwin. Cloud Spot Markets are Not Sustainable: The Case for Transient Guarantees. In USENIX Workshop on Hot Topics in Cloud Computing, 2016. LIMITS 2015 Supreeth Subramanya, Zain Mustafa, David Irwin, and Prashant Shenoy. Energy-Agility: A New Grid-centric Metric for Evaluating System Performance. In ACM Workshop on Computing within Limits, 2015.

Journals

CACM 2020 Supreeth Shastri, Melissa Wasserman, and Vijay Chidambaram. GDPR Anti-Patterns. Accepted for publication in the Communications of the ACM, 2020. IEEE Comm. Supreeth Subramanya, Xiaotao Wu, Henning Schulzrinne, and Susan Buriak. VoIP-Based Air Traffic Mag. 2009 Controller Training. In IEEE Communications Magazine, 47(11), 2009.

Invited Papers ICCCN 2019 David Irwin, Prashant Shenoy, Pradeep Ambati, Prateek Sharma, and Supreeth Shastri. The Price is (Not) Right: Reflections on Pricing for Transient Cloud Servers. In IEEE International Conference on Computer Communications and Networks, 2019. ICCCN 2017 David Irwin, Prateek Sharma, Supreeth Shastri and Prashant Shenoy. The Financialization of Cloud Computing: Opportunities and Challenges. In IEEE International Conference on Computer Communications and Networks, 2017.

/2 3

Recognition 2018 Invited to participate in the NSF Workshop on Cloud Economics at Stanford University 2009 Named inventor in a VoIP technology license (managed by Columbia University Tech Ventures) 2006-2010 Impact: VoIP software I co-designed was deployed at the US Federal Aviation Administration 2002 Impact: Senior-year project integrated into ASTROSAT, India’s first space observatory

Professional Service Organizing Committee 2020 ACM SoCC (Media and web chair) 2019 ACM SOSP (Artifact Evaluation co-chair), ACM SoCC (Social media chair) 2018 NSF workshop on Cloud Economics (by invitation), ACM SoCC (Social media chair)

Program Committee 2020 ACM SoCC, USENIX HotStorage 2019 IEEE CLOUD, IEEE ICDCS, ACM SoCC

Other Service 2010-19 Journal reviewer for IEEE Communications magazine, IEEE Transactions on Parallel and Distributed Systems (TPDS), Elsevier Future Generation Computer Systems (FGCS) 2017-19 Shadow program committee member for ACM EuroSys 2017, ACM IMC 2018, ACM EuroSys 2019 2020 Graduate admission committee member at UT Austin

Public/Research Talks

7/2019 The Seven Sins of Personal-Data Processing Systems under GDPR at HotCloud (Renton, WA) 7/2019 Analyzing the Impact of GDPR Compliance on Storage Systems at HotStorage (Renton, WA) 10/2018 Cloud Index Tracking: Enabling Predictable Costs in Spot Markets at SoCC (Carlsbad, CA) 1/2018 Financializing Cloud Computing, Invited talk at the University of Illinois (Chicago, IL) 9/2017 HotSpot: Automated Server Hopping in Cloud Spot Markets at SoCC (Santa Clara, CA) 7/2017 Towards Index-based Global Trading in Cloud Spot Markets at HotCloud (Santa Clara, CA) 11/2016 Transient Guarantees: Maximizing the Value of Idle Cloud Capacity at SC (Salt Lake City, UT) 6/2016 Cloud Spot Markets are Not Sustainable: The Case for Transient Guarantees at HotCloud (Denver, CO) 8/2015 SpotOn: A Batch Computing Service for the Spot Market at SoCC (Kohala Coast, HI) 6/2015 Energy-Agility: A New Grid-centric Metric for Evaluating System Performance at LIMITS (Irvine, CA)

Teaching and Mentoring

Mentoring UT Austin: Aashaka Shah (PhD); Vinay Banakar, Daniel Lehmann, and Aparna Krishnan (all UG) UMass Amherst: Zain Mustafa (MS) and Pradeep Ambati (PhD) Cisco Systems: led technical on-boarding of four new software engineers (2012 - 2013) Fall 2008 Columbia University, Teaching Assistant Assisted Prof. Henning Schulzrinne in teaching COMS 4995 VoIP Security (~30 graduate students). Handled all course logistics including lab supervision, project advising and course grading. Spring 2008 Columbia University, Organizer and Instructor for VoIP Workshop Conceived and conducted a 4-day workshop on VoIP technologies and administration for a delegate of system administrators from the US Federal Aviation Administration. I taught 5 (out of 8) technical sessions and 6 (out of 8) hands-on lab exercises.

/3 3

Research Statement Supreeth Shastri

Systems Research in a CS + X World

Modern computer systems are increasingly influenced by disciplines such as law and economics. Consider the recently introduced digital privacy law, the General Data Protection Regulation (GDPR), which lays explicit ground rules for systems that process personal data. Likewise, in the last five years, cloud has evolved into a full-fledged marketplace with cloud server contracts resembling those in commodity and financial markets. These trends are disrupting decades-old system design principles and operational practices. For example, GDPR imposes new restrictions on storage systems (such as requiring an expiry date to be associated with all personal data), and cloud exposes applications to new types of failures (such as spot revocations that are intentionally triggered by the providers). The gravity of these changes is such that without adequate support from system software, user applications will experience performance inconsisten-cies, unexpected failures, and noncompliant behavior.

My research addresses the impact of law and economics on computer systems. In my doctoral work, I identify how cloud computing markets expose users to several risks, and then build a suite of system software to transparently manage those risks. My work is one of the first to demonstrate how techniques from economics such as asset pricing, active trading, and market index tracking can be adapted into designing system software. Next, my postdoctoral work builds system infrastructure for efficiently complying with digital privacy laws. I have identified GDPR Anti-Patterns i.e., patterns of system behavior that violate GDPR articles, designed a GDPR-specific benchmark called GDPRbench (https://gdprbench.org), and currently building a GDPR-compliant personal-data store. I am excited to see my research work integrated into courses at Brown and Penn State, adapted into best practices at companies like Yelp, received recognitions from NSF and Google, and deployed at the U.S. Federal Aviation Administration.

CS + Economics: Managing Risk in Cloud Computing Platforms

Cloud platforms sell computing to applications for a price. However, by precisely defining and controlling the ser-vice-level characteristics of cloud servers, they expose applications to a number of implicit risks throughout appli-cation’s lifecycle. For example, customer’s request for a server may be denied, leading to rejection risk; an allocated resource may be withdrawn, resulting in revocation risk; an acquired cloud server’s price may rise relative to oth-ers, causing price risk; a cloud server’s performance may vary due to external factors, triggering valuation risk. While some risk exists in all Infrastructure-as-a-Service offerings, they are most pronounced in an emerging cate-gory called transient cloud servers i.e., servers that do not come with any availability guarantees but cost signifi-cantly less (up to 90% discounted) compared to the on-demand servers. Transient cloud servers are fundamental to today’s cloud. Since datacenter are over-provisioned, signifi-cant fractions (up to 40%) of it to remain idle at most times. Cloud providers carve out this instantaneous idle ca-pacity and sell as transient spot servers. As a result, spot servers exhibit characteristics that are vastly different from classical compute servers: (i) they experience revocations that are intentional, frequent and come with ad-vanced warning, and (ii) their prices are low on average but vary across time and location. Due to their low price, spot servers are increasingly deployed in scientific computing (for e.g., discovery of Higgs-Boson [1]) and machine learning [2]. However, current generation system software are not designed to handle the risks posed by spot servers, resulting in inconsistent performances, unexpected failures, and missed cost savings. My doctoral research addresses this challenge by elevating risk management to a first-class system de-sign principle. Towards managing these risks, I adapt and extend concepts from economics to propose a novel system design approach called financializing cloud computing. By treating cloud resources as investments, and by quantifying the cost of their risks, financialization enables us to build system software that can autonomously manage the risk-reward tradeoffs. I demonstrate the effectiveness of this approach via three research projects:

/51

Research Statement Supreeth Shastri

Mitigating Revocation Risk via Adaptive Insurance [SoCC 2015]. Unlike hardware failures, spot server re-vocations are intentional, frequent and come with advanced warning. While classical fault-tolerance mechanisms can be employed against spot revocations, they incur heavy premium (i.e., mechanism overhead) compared to their payout (i.e., the ability to survive revocations). In SpotOn [3], I identify that the cost of insuring against spot revocations is a function of application footprint, spot market characteristics, and fault-tolerance overhead. To make this cost-efficient, I (i) extend the classical fault-tolerance mechanisms of migration, checkpointing, and replication to the new fault scenario and model their overheads; then (ii) design a greedy insurance policy that dynamically selects a combination of spot server and fault-tolerance mechanism that results in the lowest premi-um. I implement these in a service called SpotOn, which executes unmodified batch applications on spot servers. Evaluations on Amazon EC2 show that SpotOn is able to achieve near on-demand performance while realizing ~91% cost savings.

Minimizing Valuation Risk via Asset Pricing [SC 2016]. Providers do not reveal precise transiency informa-tion of spot servers as it makes their administration cumbersome. This opacity makes it difficult for consumers to gauge their true value. In Transient Guarantees [4, 5], I distill spot server’s transiency characteristics into three orthogonal axes of availability, volatility, and predictability, and introduce the notion of equilibrium price, the price beyond which the utility of a spot server (modulo its fault-tolerance overhead) is no better than an equiva-lent on-demand server. While equilibrium price is only applicable in retrospect, it helps consumers determine how their spot server fared. Interestingly, my market analysis using equilibrium price revealed that Amazon and Google SLAs do not maximize the spot server value for either providers or consumers. To address these problems, I design a new asset-pricing abstraction called transient guarantee that offers probabilistic assurances on spot characteristics. Through design and evaluation, I show that transient guarantees not only help users in determin-ing the value of spot servers upfront but also enable providers to increase their revenue by up to 5x without sacri-ficing their ability to revoke spot servers.

Eliminating Uncertainty Risk via Index Tracking [SoCC 2018]. Applications that run on spot servers suffer from cost uncertainty since spot prices are market-based and could vary considerably (up to 10x) even over short times. Several attempts in the prior work to predict future spot prices have been rendered ineffective due to cloud providers unilaterally changing their pricing algorithms. In Cloud Index Tracking [6], relying on the fundamental properties of cloud infrastructure and workloads, I show that prices become more stable and predictable as they are aggregated together. Leveraging on this observation, I define an aggregate index price for spot VMs that serves as a reference for what users should expect to pay. My analysis shows that, even when the spot prices for individual VMs are volatile, the index price remains stable and predictable. Then, I introduce cloud index tracking: a migration policy that tracks the index price to ensure applications running on spot VMs incur a predictable cost by migrating to a new spot VM if the current VM’s price significantly deviates from the index price. I implement cloud index tracking on Amazon EC2, and show that it yields a predictable cost near that of the index price, but with much higher availability compared to prior work.

Impact. My thesis work has received considerable attention from the cloud computing community. My seven primary publications on this topic have been cited more than 140 times in the last four years. Our proposal to en-hance the value of transient cloud servers received the prestigious Google Faculty Research Award in 2016. Compa-nies including SpotInst and Yelp [7] have adapted our findings in their spot server best practices. Coincidentally, after I discovered the negative effects of price volatility in cloud spot markets in 2016, Amazon EC2 changed their spot pricing algorithm to be less volatile in late 2017 [8]. Also, two of my papers have been used as teaching mate-rials in graduate courses at Penn State (CSE 597) and Northeastern (EECE 7377). Finally, in 2018, I was invited to participate in the NSF workshop on cloud economics [9], whose goal was to define the research agenda and fund-ing opportunities for this emerging interdisciplinary area.

/52

Research Statement Supreeth Shastri

CS + Law: System Infrastructure for Complying with Digital Privacy Laws

In the last two years, governments have enacted digital privacy laws like the European General Data Protection Regulation (GDPR) and California’s Consumer Protection Act (CCPA). First, these regulations have a broad inter-pretation of personal data i.e., they define it to include all information that relates to a natural person, even if it does not directly identify that person. For example, search terms sent to Google are considered personal data un-der GDPR. Second, these laws declare the privacy and protection of personal data to be a fundamental right of the people, and assign explicit responsibilities to companies handling personal data. However, companies have found it challenging to comply with these regulations, resulting in several compromises to the security of personal data, and subsequently incurring hundreds of penalties including multi-million dollar fines for Google, British Airways, and Marriott [10].

Challenges. Digital privacy regulations create a new abstraction for personal data by associating them with be-havioral characteristics (e.g., purpose, objections), storage restrictions (e.g., time to live, encryption), and interfac-ing requirements (e.g., access rules, external sharing). Then, using these metadata attributes, the regulations estab-lish ground rules on how to work with personal data from collection through deletion. This is a big departure from status quo, where data is considered simply a fungible resource that could be used by programs and models to achieve their goals. This change significantly affects data processing systems: invalidating decades-old design principles and operating practices (for e.g., storing personal data without an explicit, user-consented purpose), incurring performance overheads while accessing personal data, and making compliance a burdensome task. My work seeks to develop a fundamental understanding of the new personal data abstraction, and then solve the chal-lenges of working with personal data responsibly and efficiently.

How does GDPR Impact Compute and Storage Systems? [CACM 2020, HotCloud 2019, HotStorage 2019]. By analyzing GDPR articles, I have recognized three implications on system design and performance.

• First, I identify GDPR Anti-Patterns [11, 12], patterns of system designs and behavior that are effective in their own context but violate the rules of GDPR. I chronicle six such anti-patterns: (i) storing data without a clear timeline for deletion, (ii) reusing data indiscriminately, (iii) creating black markets, (iv) risk-agnostic data processing, (v) hiding data breaches, and (vi) making unexplainable decisions.

• Second, GDPR introduces behavioral characteristics and storage restrictions to be associated with personal data, called GDPR metadata. My work highlights seven metadata attributes that must be stored along with every piece (or group) of personal data. These are purpose, time-to-live, objections, audit trail, origin and sharing, use in automated decision making, and the associated person. This requirement not only increases the overall storage space but also slows down the latency and throughput since all accesses to personal data need to be validated and recorded. I refer to the resulting phenomenon as Metadata Explosion [10].

• Finally, my analysis quantifies the performance impact [13] of introducing five security features that must be supported by a compliant system. These are time-based deletion, monitoring and logging, indexing via metadata, encryption, and fine-grained access control. Using Redis, a popular key-value store, I demonstrate that when deployed in tandem, these features slow down its throughput by up to 5x.

Benchmarking GDPR Compliance [VLDB 2020]. Following my GDPR analysis, I observe that none of the existing benchmarks recognize the abstraction of personal data: its characteristics, storage restrictions, or interfac-ing requirements. To bridge this gap, I design and implement GDPRbench (https://gdprbench.org) [10], an open-source benchmark that represents the functionalities of a datastore deployed by a company that collects and pro-cesses personal data. The design of GDPRbench is informed by painstaking analysis of the legal cases arising from GDPR from its first year of roll-out. GDPRbench is composed of four core workloads: Controller, Customer, Pro-cessor, and Regulator, and three metrics for each workload: correctness, completion time, and space overhead. Then, I use Redis and PostgreSQL to gauge how ready the modern database systems are for GDPR. Fol-lowing recommendations from their developers, I make them GDPR-compliant. While the effort needed to intro-

/53

Research Statement Supreeth Shastri

duce GDPR compliance with minimal, evaluations using GDPRbench showed that both systems were operating at a throughput that is 2-4 orders of magnitude lower than that of traditional workloads like YCSB. Findings from GDPRbench have several real-world implications: (i) achieving GDPR-compliance by retrofitting existing mecha-nisms results in slowdown of 2-4 orders of magnitude in PostgreSQL and Redis, indicating that they may not be ready for production environments, (ii) achieving compliance is simpler (less code changes) and effective (better performance) in RDBMSs like PostgreSQL than in NoSQL stores like Redis, and (iii) GDPR-compliant systems do not scale well.

Impact. This work addresses an important socio-technical problem. Digital privacy laws have caused significant disruption across all industries, both in terms of legal issues (for example, 144,376 complaints filed against compa-nies in just in the first 12 months of GDPR [14]) and compliance costs (for example, CCPA officials anticipate companies to spend up to $55B in initial compliance costs [15]). My work is one of the first to investigate GDPR from a systems perspective, and build system infrastructure that could help companies to work with personal data responsibly yet efficiently. I am happy to report interest from VMware to pilot my prototype. Also, my HotStorage paper has been integrated into course material at Brown University (CSCI 2390, Fall 2019). Lastly, ACM has under-scored the importance of this emerging area by instituting a new Symposium on Computer Science and Law (https://computersciencelaw.org/) in 2019.

Future Research Agenda

CS + Economics. The diversity and asymmetry in the creation and consumption of compute resources is not only on the rise but also getting more explicit. For example, emerging domains like edge computing, machine learning, and approximate computing value compute resources differently based on time, location and other application characteristics. At the same time, cloud providers are evolving their offerings to minimize waste and maximize utility, in turn leading to the emergence of disaggregated datacenters and serverless computing. My goal is to explic-itly quantify the risks of cloud resources, understand the requirements of a diverse category of applications, and then design system software that can transparently manage the risk-reward tradeoffs on behalf of applications.

CS + Law. My ongoing work of building a GDPR-compliant personal-data store is a major undertaking involving several graduate and undergraduate students, as well as collaboration with Prof. Melissa Wasserman, a law faculty at the University of Texas at Austin. My work on GDPR naturally leads to investigating other digital privacy regu-lations like the California’s Consumer Protection Act (CCPA). Though CCPA shares the high level goals of GDPR, it introduces several new requirements such as financial incentives for personal data. This, in turn, requires compa-nies to determine the value of each customer’s personal data, and paves way for offering differentiated services. I would also continue evolving GDPRbench as more GDPR use-cases and legal rulings emerge, and eventually ex-pand that into PrivacyBench, which can benchmark all major digital privacy regulations. It would also be my pri-ority to participate in, and contribute to the upcoming federal privacy regulation.

CS + X. Beyond law and economics, computing systems of the future would be heavily impacted by disciplines such as ethics. As we transition to a world where machine intelligence is increasingly in charge of decision-mak-ing, ethicists like Brent Mittelstadt [16] are raising questions on how to integrate explainability, equality, and ac-countability into these systems. It would be a momentous opportunity for systems researchers to collaborate with statisticians, ethicists, and AI/ML researchers to translate high-level ethical principles into mechanisms and poli-cies that could be implemented in underlying computing systems. In conclusion, with my research laying a foundation for impactful interdisciplinary work, my goal in the next 4-6 years would be to scale up both the quality and quantity of my investigations. I would seek challenging socio-technical problems from the real-world, aggressively forge alliances with experts from across disciplines, and mentor a team of motivated young researchers in advancing computing systems research. I am delighted to observe that my research agenda shares significant commonalities with funding agencies and professional organi-zations including NSF, DoD, CRA, and ACM.

/54

Research Statement Supreeth Shastri

References [1] Jeff Barr. 2016. Experiment that Discovered the Higgs Boson Uses AWS to Probe Nature. https://aws.amazon.com/blogs/aws/experi-

ment-that-discovered-the-higgs-boson-uses-aws-to-probe-nature/. In Amazon official blog. Accessed 11/1/2019.[2] Jeff Barr. 2017. Natural Language Processing at Clemson University. https://aws.amazon.com/blogs/aws/natural-language-processing-

at-clemson-university-1-1-million-vcpus-ec2-spot-instances/. In Amazon official blog. Accessed 11/1/2019.[3] Supreeth Subramanya, Tian Guo, Prateek Sharma, David Irwin, and Prashant Shenoy. 2015. SpotOn: A Batch Computing Service for

the Spot Market. In ACM Symposium on Cloud Computing (SoCC).[4] Supreeth Subramanya, Amr Rizk, and David Irwin. 2016. Cloud Spot Markets are Not Sustainable: The Case for Transient Guaran-

tees. In USENIX Workshop on Hot Topics in Cloud Computing (HotCloud).[5] Supreeth Shastri, Amr Rizk, and David Irwin. 2016. Transient Guarantees: Maximizing the Value of Idle Cloud Capacity. In ACM/IEEE

International Conference for High Performance Computing, Networking, Storage and Analysis (SC).[6] Supreeth Shastri and David Irwin. 2018. Cloud Index Tracking: Enabling Predictable Costs in Cloud Spot Markets. In ACM Sympo-

sium on Cloud Computing (SoCC).[7] Kyle Anderson. 2017. How yelp.com Runs on Apache Mesos in AWS Spot Fleet. In Linux Foundation MesosCon 2017.

[8] Jeff Barr. 2017. Amazon EC2 Update – Streamlined Access to Spot Capacity, Smooth Price Changes, Instance Hibernation. https://aws.amazon.com/blogs/aws/amazon-ec2-update-streamlined-access-to-spot-capacity-smooth-price-changes-instance-hibernation/. In AWS News Blog. Accessed 11/1/2019.

[9] David Irwin and Bhuvan Urgaonkar. 2018. Research Challenges at the Intersection of Cloud Computing and Economics. https://dl.acm.org/citation.cfm?id=3372496. In National Science Foundation Technical Report.

[10] Supreeth Shastri, Vinay Banakar, Melissa Wasserman, Arun Kumar, and Vijay Chidambaram. 2020. Understanding and Benchmarking the Impact of GDPR on Database Systems. In Proceedings of Very Large Data Bases 13(7), 2020.

[11] Supreeth Shastri, Melissa Wasserman, and Vijay Chidambaram. 2020. GDPR Anti-Patterns: How Design and Operation of Modern Cloud-scale Systems Conflict with GDPR. Accepted for publication in Communications of the ACM (CACM) 2020.

[12] Supreeth Shastri, Melissa Wasserman, and Vijay Chidambaram. 2019. The Seven Sins of Personal-Data Processing Systems under GDPR. In USENIX Workshop on Hot Topics in Cloud Computing (HotCloud).

[13] Aashaka Shah, Vinay Banakar, Supreeth Shastri, Melissa Wasserman, and Vijay Chidambaram. 2019. Analyzing the Impact of GDPR Compliance on Storage Systems. In USENIX Workshop on Hot Topics in Storage and File Systems (HotStorage).

[14] The European Data Protection Board. 2019. GDPR in Numbers. https://ec.europa.eu/commission/sites/ beta-political/files/infographic-gdpr_in_numbers_1.pdf. Accessed 11/1/2019.

[15] Lauren Feiner. 2019. California’s new privacy law could cost companies a total of $55 billion to get in compliance. In CNBC. https://www.cnbc.com/2019/10/05/california-consumer-privacy-act-ccpa-could-cost-companies-55-billion.html. Accessed 11/1/2019.

[16] Brent Mittelstadt. 2019. Principles alone cannot guarantee ethical AI. Nature Machine Intelligence. 1, 501–507 (2019)

/55

Teaching Statement Supreeth Shastri

Towards Making CS Education Universal Two decades ago, Steve Jobs had opined [1] that computer science is a liberal art and that everyone should know how to use and harness it in their life. Given the oversized influence of computing on every aspect of the modern society, I believe it is no longer a matter of opinion but a necessity to engage the broader society in CS education. This makes it an exciting time to be a teacher of and a thought leader for computer science.

Teaching and Mentoring Experiences I have been lucky to have experiences in diverse environments spanning academia and research labs, startup and big-tech industry, a U.S. government agency and a grade-level school. I highlight the significant ones:

• Teaching Assistantship. In Fall 2008, I assisted Prof. Henning Schulzrinne in teaching CS4995 VoIP Secu-rity course, also at Columbia University. The course consisted of ~25 senior undergraduates and junior graduate students. I advised students on term projects, graded exams and assignments, held office hours and supervised labs.

• Workshop Organization. In Spring 2008, I organized a 4-day workshop on Voice over IP (VoIP) at Co-lumbia University for personnel from the U.S. Federal Aviation Administration. The goal was to train them on VoIP technologies and on administering the VoIP-based air traffic controller system that we had built for them. I was the lead instructor for 5 (out of 8) technical sessions and 6 (out of 8) hands-on lab sessions.

• Mentoring. In 2012–13, I served as the mentor to four new software engineers who joined my team at Cis-co. I also advised two graduate students at University of Massachusetts Amherst: Zain Mustafa (MS 2014) and Pradeep Ambati (PhD). These interactions have consisted of orientation into new topics, brainstorming on research, talk preparations, pair programming and troubleshooting sessions. Since Fall 2018, I have been mentoring four students at UT Austin: Aashaka Shah (PhD), Soujanya Ponnapalli (PhD), Daniel Lehmann (UG), and Vinay Banakar (UG, remote fellowship) as part of the GDPR project.

• Leadership. As a co-chair of the SOSP 2019 artifact evaluation committee (https://sysartifacts.github.io/), I provided guidance and training to artifact evaluators, who were early career researchers and senior gradu-ate students. I worked with my co-chairs, Profs. Vijay Chidambaram and Baris Kasikci, in tailoring ACM’s artifact evaluation process for systems conferences. We also have been tasked to pursue this for OSDI 2020.

Teaching Philosophy and Plans My philosophy, both as a teacher and a mentor, is to start at the level where an individual or a group is, empower them with craft and curiosity, and then encourage them to make their own journey. While simplistic, I have found this approach to be effective with a diverse set of people—from system administrators of the FAA to undergradu-ates at Columbia University and newly recruited software engineers at Cisco.

Approach. Two keys areas that I would focus on, both in advising and teaching, are engagement and impact. For the former, I am inspired by big ideas such as blended learning and flipped classrooms [2] as well as behavioral tweaks like laptop opt-in policy [3] and active classroom layouts [4], all of which greatly enhance the engagement levels. For the latter, given the ease of building artifacts in computing as opposed to other science and engineering fields, I will incentivize all students to build real and usable software systems. This not only inculcates one’s ability to seamlessly translate ideas into software but also has the potential to impact the real-world, for example by con-tributing to open source projects [5]. While these approaches may cause additional burden in the short term, I strongly believe that their benefits would outweigh those inconveniences in the long run.

Courses. My professional experiences encompass broad areas of computer systems and networking. At the grad-uate level, I can offer courses on operating systems, virtualization, cloud computing, distributed systems, and computer networking. I would be keen to design new interdisciplinary courses in the CS + X mold that prepare

/21

Teaching Statement Supreeth Shastri

students to tackle the emerging socio-technical challenges in the real-world. At the undergraduate level, I am ex-cited to offer courses on data structures and algorithms, system software, and hands-on courses covering intro-duction to programming languages and operating systems.

Vision. My vision as an educator, is not only to focus on the quality but also on the quantity: I would strive to make CS education accessible to broad set of people, both within and outside of the university. To that end, I would serve in recruitment and outreach activities, contribute to scalable learning via MOOC, and engage via technology journalism and social media. I draw inspiration from Vijay Chidambaram, who has setup the largest ever professional group of systems researchers on Slack [6]; runs a Medium journal to chronicle stories behind computing system research [7], and routinely engages with K-12 outreach activities. Another impactful contribu-tor is Adrian Colyer, who edits The Morning Paper [8] that summarizes a research paper every day.

In conclusion, my experiences have prepared me to teach and mentor both large and small groups of people. I am humbled by the opportunity to be a teacher of computer science, and look forward to this exciting journey. For teaching and mentoring references, I request the committee to contact Profs. Vijay Chidambaram and Henning Schulzrinne.

References [1] Terry Gross. 2011. Steve Jobs: Computer Science is a Liberal Art. (https://www.npr.org/2011/10/06/141115121/steve-jobs-computer-

science-is-a-liberal-art). In NPR.

[2] Margo Seltzer. 2017. Flipping Out in Computer Science. In USENIX Login. 42, 3 (2017).[3] David Liabson. 2017. Harvard University Psychology and Economics 1030: Laptop Opt-in Policy (https://www.youtube.com/watch?

v=L9eaPx_NYGo), In Conference on Making Behavior Change Stick.

[4] Melissa Rands, and Ann Gansemer-Topf. 2017. The room itself is active: How classroom design impacts student engagement. In Journal of Learning Spaces 6, 1 (2017).

[5] Vijay Chidambaram, CS378 Virtualization: extra credit policy (http://www.cs.utexas.edu/~vijay/cs378-f17/index.htm), In The University of Texas at Austin Course Catalog.

[6] Vijay Chidambaram. 2018. A Slack channel for systems researchers (https://systems-research.slack.com). Accessed 11/1/2019.[7] Vijay Chidambaram. 2017. CSR Tales: The Stories Behind Research in Computer Science (https://medium.com/csr-tales). Accessed

11/1/2019.[8] Adrian Colyer. 2014. The Morning Paper. (https://blog.acolyer.org/). Accessed 11/1/2019.

/22

Diversity Statement Supreeth Shastri

Towards Cultivating Diversity in CS

As I witness computer science evolve into a mature scientific field, I am reminded of Gandhi’s saying “the ability to reach unity in diversity will be the beauty and the test of our civilization.” Given the significant role that comput-ing plays in shaping our modern society, I believe that diversity in CS is not only beneficial but also essential, both for computing and the society. I describe how my experiences have prepared to me to recognize the roadblocks, and work towards cultivating a diverse CS community. Having lived most of my life in the cosmopolitan cities of Bangalore, New York City, San Jose, and Austin, the population diversity has always been a reality of life. Yet, my CS classrooms, research labs, and software engineer-ing offices constantly accentuate its absence. However, this neither surprises nor baffles me—as I grew up in the social structures of India, which at the time was recovering from centuries of caste-based discrimination. I high-light two real-life chapters to demonstrate my experiences with inclusiveness and why some roadblocks are hard-er to recognize and resolve.

From 2006-2009, when I worked on the design, development, and deployment a VoIP system for the U.S. Federal Aviation Administration (FAA), I had to constantly engage and work with a variety of stakeholders. While every-one valued the ultimate goal of integrating VoIP into the FAA training environment, the path was paved with many invisible and conflicting priorities: funding managers expected efficiency, air traffic specialists valued tech-nical minutiae, classroom instructors sought failure-free experience, system administrators demanded ease of maintenance, and we hoped for a unique system that results in a good paper. Though challenging, the project gave me many opportunities to: (i) help diverse set of people overcome technical barriers, (ii) establish workable com-munications, and (iii) create an environment of trust amongst people with different backgrounds and priorities. One of my key takeaway was that while conflict is inevitable combat is optional in diverse settings.

In 2012, when I took to lead one of Cisco’s software releases, I initially experienced many quandary over efficiency versus inclusiveness. The effort involved a set of engineers who were diverse in terms of gender, age-group, time-commitment, expertise, and geographical location. However, the next few months helped me realize that efficien-cy and inclusiveness are not always in contention with each other, and even when they are, there are good trade-offs to balance short-term goals with long-term health of the team. Experiencing these firsthand made me a better leader: I learnt to make choices with confidence and deliberation—whether it is leading debug sessions, setting individual targets, seeking counsel or allocating work. I believe that having gone through my own journey from an inexperienced engineer to an expert, from an outsider to a core member of the team, and from a carefree youth to the lead parent, has made it natural for me to accept individuals and their contributions without prejudice.

It is encouraging to see that, as a community, we have taken the vital first steps in recognizing our shortcomings and committing to making CS an inclusive field. I am inspired by how our institutions—from major league sports to democracy—have embraced and benefited from diversity. I believe that a big-tent CS is not only the right direc-tion but also makes everything more fun and meaningful. I am humbled by the opportunity to be a teacher of and a representative for computing as we embark on a journey of inclusive excellence.

/11