Topics for Student Theses
Table of contents
All topics in this list are available for Bachelor, Undergraduate, Diploma, and Master theses. We will discuss with you to scale the topic appropriately. Your own topic proposals are also very welcome.
High-performance Architectures
Systems in high-performance computing (HPC) need to cater to the demanding nature of applications in this field. Traditional requirements include low latency networking, cache-optimal memory placement, and timely coordination between compute nodes in the system. More recently, energy considerations have also become a concern. We study the implications these requirements and the specialised HPC hardware have for system-level software.
Scheduling
The scheduling of processes or threads in different environments (e.g. realtime, distributed, or high-performance systems) is governed by a diverse set of optimisation goals: throughput, timeliness, energy conservation, quality-of-service guarantees, to name but a few. Our work in this area tries to incorporate new approaches like machine learning or explores new areas like disaggregated systems.
System Architecture
Trusted Computing
Trusted Execution Environments (TEEs) enable secure execution of programs, including protections from an operating system or hypervisor that got compromised. TEEs typically integrate with remote attestation in order to securely report identity and integrity of the program in the TEE (and the TEE itself) to a remote party. The combination of TEEs, remote attestation, and microkernel-based system architectures such as L4 and M3 present opportunities to build more trustworthy systems. Get in touch to discuss possible topics.
Supervisor: Carsten Weinhold
The Transport Layer Security (TLS) protocol solves the problem of securing communication channels between two computer systems. Remote attestation is a technology from the field of Trusted Computing that allows to identify what software is running on a remote computer system. Additionally, remote attestation provides secure identification of the remote system. By combining the two protocols, one can ensure that the communication channel really terminates in a specifc remote system and that the right software is running there.
In earlier work, remote attestation has already been integrated into the TLS protocol. The corresponding implementation is based on OpenSSL, which is quite complex and written in C. However, smaller TLS libraries exist, including ones written in safe programming languages. In this work, possible candidates shall be investigated and the concept of remote attestation shall then be intregated into such a suitable TLS library.
Supervisor: Carsten Weinhold
Remote attestation is a technology from the field of Trusted Computing that allows to identify what software is running on a remote computer system. Additionally, remote attestation provides secure identification of the remote system. Some low-power Internet-of-Things (IoT) devices based on RIOT can support attestation, but potentially not using the same protocols as more capable systems, including M3. The goal of this work is to enable cross-platform attestation between M3 and RIOT systems. A possible way to do this is by integrating attestation with the communication protocol DTLS, which is less resource hungry than TCP/IP-based TLS and therefore more suitable for RIOT-based devices.
Supervisor: Carsten Weinhold
Virtualization
Fault Tolerance and Fault Injection
Computers are usually assumed to always work correctly and predictably, as defined in the program code. While this is generally correct, there may be internal and external influences that effect this assumption. Internal influences can be undetected production errors, which become more likely as the structure size of the chips becomes increasingly smaller. While external influences can be radiation particles, which pass through the chips and lead for example to ionization in the transistors. Especially if these errors occur only very rarely and the system architecture is based on the assumption that exactly what is defined in the code will happen, severe consequences can be the result.
To counter this, we study the possibilities of software-implemented hardware fault tolerance (SIHFT), in which faults are detected with the help of software. This variant can also be integrated after the hardware is developed and produced and is therefore also applicable for commercial off-the-shelf hardware. Since redundant hardware is expensive to develop, SIHFT has many possible areas to be applied, for example in cubesats or cars.
In particular, we evaluate SIHFT methods with the fault-injection framework FAIL*, which can imitate hardware faults caused by radiation effects and systematically examine a program regarding its fault tolerance.
Miscellaneous
This category comprises topics that don't fit any of the other categories.
The Rust Miri tool is an interpreter for Rust's Mid-level Intermediate Representation (MIR), used primarily for detecting undefined behavior.
It helps identify issues such as use-after-free, buffer overflows, and invalid memory accesses, ensuring memory safety and correctness in Rust programs.
M³ is a microkernel-based operating system, which is primarily written in Rust.
Due to the use of platform-specific code and performance considerations, M³ contains portions of unsafe code.
Consequently, testing (a subset of) M³ using Miri would further assure the safety and security of the M³ system.
Get in touch to discuss a possible thesis topic.
Supervisor: Viktor Reusch