Themen für Abschlussarbei­ten

Remote Direct Memory Access (RDMA) networks, such as InfiniBand (IB), achieve minimal latency by relying on busy-polling to detect incoming messages. While effective for highly optimised, solitary applications, polling becomes inefficient in oversubscribed systems, where resources are shared to improve energy efficiency and hardware utilisation. Blocking mechanisms mitigate these issues by suspending threads until a hardware interrupt (IRQ) signals the arrival of a message, but they also introduce significant latency overheads.

An alternative approach, "coordinated polling," addresses this trade-off by avoiding the IRQ overhead. Instead, it centralises the busy-polling: Threads waiting for messages block in the kernel and one dedicated thread per compute polls for new messages waking a thread once a message arrived for it. However, the current implementation requires modifications to the Linux kernel, making it difficult to deploy on HPC systems.

The goal of this thesis is to implement a similar coordinated polling scheme entirely in user space, relying on mechanisms such as shared memory for communication structures and futexes for efficient blocking and unblocking. The solution should be evaluated using standard MPI benchmarks to study its effectiveness in terms of latency and power consumption.

Supervisor: Jan Bierbaum

The Message Passing Interface (MPI) is a de-facto standard high-performance computing (HPC) applications, enabling efficient communication across distributed systems. OpenMPI, a widely used and modular implementation of MPI, traditionally operates by polling for communication events to minimise latency. While effective for highly optimised applications, this approach can lead to poor energy efficiency and suboptimal resource utilisation for general workloads.

To address these issues, we introduced a blocking mode with “adaptive waiting”, allowing processes to spin for a configurable number of iterations (x) before blocking. This provides a trade-off between energy savings and latency. However, the current implementation requires x to be set manually at startup, which depends upon prior knowledge of the application to run and limits the approaches adaptability to dynamic application behaviour.

The goal of this thesis is to tune x dynamically at runtime. This requires a monitoring mechanism to observe communication patterns, such as the time spent polling and the potential benefits of blocking. Based on these insights, x should be adjusted and optimised. Both local (per-process) and global (multi-process) evaluation strategies can be explored. The implementation will be evaluated using standard MPI benchmarks to assess effects on energy efficiency and performance.

Supervisor: Jan Bierbaum

A real-time system guarantees responses within specific, tight deadlines — crucial for applications like robotics, industrial control, and even some medical devices.

Many microkernels, like seL4 and L4Re, already incorporate real-time capabilities. This involves ensuring timely delivery of interrupts and employing a priority-based scheduler to guarantee that critical tasks get the resources they need, when they need them.

However, these features are still missing from the M³ microkernel — a cutting-edge OS designed for heterogeneous manycore systems. The M³ kernel runs on a dedicated kernel tile with applications and services running on separate user tiles — all communicating through a secure hardware component called the TCU.

Your task will be to implement a basic real-time functionality within the M³ kernel – focusing on making system calls interruptable and adding a simple priority-based scheduler.

In the end, you will be measuring the predictability of application performance – demonstrating that critical tasks now complete within expected timeframes even in the presents of noisy low-priority tasks.

Supervisor: Viktor Reusch

Modern computers have a complex interaction between processing units, devices, and pieces of firmware. This complexity is hard to understand and manage. Therefore, Fiedler et al. have developed the Sockeye3 language. Sockeye3 specifications allow to capture the possible interactions of the different contexts on a modern computer at the level of accessible memory.

The M³ system has a lot of such interacting hardware components. This microkernel-based system for heterogeneous manycores is a tiled architecture with each CPU core isolated using a special hardware component.

The idea of this student project should be to describe the architecture of M³ using the Sockeye3 language. This should help to understand the hardware-based isolation in the M³ system better. To this end, it should be attempted to use Sockeye3 to verify some isolation properties of the different contexts in M³.

Contact: Viktor Reusch

The Transport Layer Security (TLS) protocol solves the problem of securing communication channels between two computer systems. Remote attestation is a technology from the field of Trusted Computing that allows to identify what software is running on a remote computer system. Additionally, remote attestation provides secure identification of the remote system. By combining the two protocols, one can ensure that the communication channel really terminates in a specifc remote system and that the right software is running there.

In earlier work, remote attestation has already been integrated into the TLS protocol. The corresponding implementation is based on OpenSSL, which is quite complex and written in C. However, smaller TLS libraries exist, including ones written in safe programming languages. In this work, possible candidates shall be investigated and the concept of remote attestation shall then be intregated into such a suitable TLS library. 

Supervisor: Carsten Weinhold

Remote attestation is a technology from the field of Trusted Computing that allows to identify what software is running on a remote computer system. Additionally, remote attestation provides secure identification of the remote system. Some low-power Internet-of-Things (IoT) devices based on RIOT can support attestation, but potentially not using the same protocols as more capable systems, including M3. The goal of this work is to enable cross-platform attestation between M3 and RIOT systems. A possible way to do this is by integrating attestation with the communication protocol DTLS, which is less resource hungry than TCP/IP-based TLS and therefore more suitable for RIOT-based devices.

Supervisor: Carsten Weinhold

The trend of collocating systems in high-security domains has led to multi-level security systems where each application can have its own security classification. Preventing information leakage between applications is critical due to severe security implications. USB input devices, such as keyboards, mice, and braille displays for the blind, are critical in enabling interaction with computers. However, they form a broad hardware attack vector, as input devices can operate across any software-defined security level. Attackers with USB access can emulate arbitrary input devices. Through an emulated braille display, they may exploit untested code paths in OS accessibility stacks.

This work aims to implement a braille display emulator to aid testing security-sensitive systems. The emulator serves as a basis for automated testing of screen readers to find bugs and allow automated regression testing. It consists of:

• Research and describe existing solutions for device emulation. This includes for instance PiKVM which offers the emulation of HID devices.
• Read the USB HID standard for braille displays for this task and describe its applicability for this task.
• Implementation of a custom USB HID braille display using the Linux USB Gadget API.

• Evaluate the prototype by plugging it into different operating systems with screen reader support to validate the correctness of the implementation.

  For this task, no prior knowledge about USB internals, braille displays or accessibility is required.

Implementation

The prototype shall be implemented on a single-board computer (e.g. the Raspberry Pi) as a USB Gadget in a suitable language, e.g. Rust. As a case study, the USB Gadget should implement a HandyTech-compatible HID braille display, for which multiple free and open source host-side drivers exist. They also implement the USB HID braille specification. The implementation can then be evaluated by plugging it into a computer with an open source screen reader running.

Supervisor: Sebastian Humenda

Bounded resource reclamation is an approach that aims to put a limit on the time required to reclaim resources in an operating system after a process has terminated. By enforcing this bound, the operating system can ensure that all resources allocated to a particular process are fully released within a predetermined timeframe (e.g., one second). This approach is particularly useful in resource-constrained multi-user systems, where applications need to share resources like memory and must avoid long application boot times due to cleanup of terminated processes.

This task will focus on bringing the concept of bounded resource reclamation to Linux, with the goal of improving the efficiency and predictability of resource release. The first step will be to measure the latency taken by the Linux operating system to reclaim resources after process termination. This will provide a baseline understanding of the current reclamation process. Next, the task is to modify the Linux kernel to enforce a bound on the time required to reclaim resources after process termination. This will involve implementing a resource grouping mechanism to efficiently reclaim resources and introducing a quota system to ensure that reclamation time is bounded.

Supervisor: Viktor Reusch