Research/Thesis Work

At our chair, we are constantly looking for motivated students for bachelor’s and master’s theses, guided research, and interdisciplinary projects. Please see the active research projects below. If you find a topic interesting, please contact the respective researchers to enquire about a thesis topic. We seek impact through top-notch publications, open-source artifacts, and people.

Important instructions for your research work.
— See the past research work archive for all successfully completed research projects.

Thesis work @ industry: We also admit BSc/MSc thesis topics in conjunction with an industry partner. Please contact Prof. Bhatotia for approval.

Active research projects

HW/OS Co-design for Trusted Computing

With the explosion in the number and kinds of devices that provide niche functionality to ensure high performance and energy efficiency, it is becoming increasingly difficult to use them in a secure and trusted manner. Our research, through a hardware-software co-design approach, aims to provide strong security guarantees to applications using these devices.

Keywords: operating systems, microkernels, hardware security, trusted computing, HW/OS co-design, secure accelerators, accelerator-oriented computing, heterogeneous systems, RISC-V, OpenTitan

Researchers: Harshavardhan Unnibhavi, Matthias Hille, Anjo Vahldiek-Oberwagner

Persistent Memory Systems

The emerging technology of Persistent Memory (PM) is expected to bridge the gap between the volatile main memory and SSDs in the system stack. We conduct multidimensional research on various topics ranging from PM safety & security to PM programming models for hybrid memory & computational systems.

Keywords: persistent memory, memory safety, programming model, hybrid memory systems, KV store, secure storage systems

Researchers: Dimitrios Stavrakakis

Binary Translation for Weak Memory Architectures

We design binary translators to enable the execution of binaries built for one architecture on a different one, with performance and correctness in mind. We focus on translating from architectures with a strong memory model such as x86 to architectures with a weak memory model such as ARM or RISC-V. This work is at the crossroads of emulation, compilation and formal verification.

Keywords: emulation, compilation, formal verification, virtualization

Researchers: Redha Gouicem, Rodrigo Rocha, Sebastian Reimers

Unikernels: Extensible, Lightweight, High-performance I/O

Unikernels are specialized operating systems for a specific application. Unikernels have several advantages, such as short boot time and high performance due to the less context switch, but they still lack some usability for real-world adaptation. Our research aims to design extensible and lightweight unikernels for generic computing and high-performance I/O.

Keywords: virtulization, unikernels, operating system, BPF, WASM

Researchers: Masanori Misono, Charalampos Mainas, Peter Okelmann, Anjo Vahldiek-Oberwagner

Virtualization

Virutal Machines (VMs) can provide homogeneous cloud substrates and offer freedom to users to employ custom kernels while maintaining excellent security isolation between tenants. However, compared to containers, VMs are impose higher overheads, are harder to monitor, inspect and extend. In our research, we improve their debuggability/ inspectability and focus on improving IO performance of VMs.

Keywords: virtual machines, hypervisors, flexible and high-performance IO, KVM/Linux

Researchers: Peter Okelmann, Masanori Misono, Redha Gouicem

Software Systems for Quantum Computing

Quantum computing is a new computing paradigm that enables exponential speedups in certain algorithms. To date, however, the benefits of quantum computing have been hampered by noisy and small-scale quantum hardware. To overcome these problems, our research focuses on software systems that enable hardware-efficient compilation and execution of quantum circuits. Of particular interest are novel quantum virtualization approaches that allow certain parts of quantum circuits to be computed classically, both to enable distributed quantum computation and to mitigate overall noise.

Keywords: quantum computing, quantum circuit optimization, quantum virtualization

Researchers: Emmanouil (Manos) Giortamis, Francisco Romão, Nathaniel Tornow

Operating System Support for FPGAs

Field Programmable Gate Arrays (FPGAs) promise to fulfill the high-performance demands of cloud workloads under the severe energy constraint in data centers. However, due to limited system software support for FPGAs, existing FPGA-based heterogeneous systems pose low resource usage, heavy programming efforts, and high running costs. This project aims to build a novel system software stack (OS, compiler, library, etc.) that leverage FPGAs in the cloud.

Keywords: cloud computing, operating system, heterogeneous systems, LLVM, HW/OS co-design, programming model, hardware acceleration, FPGAs

Researchers: Atsushi Koshiba, Jiyang Chen, Charalampos Mainas

Secure Storage Systems and Distributed Systems

Offloading data processing in the cloud has drastically increased the security violations of the stored data and executed operations. With the advent of modern trusted h/w, Trusted Execution Envrironments (TEEs) to be streamlined by all major CPU manufacturers (Intel SGX, ArmTrustZone, etc.), we can research the design and the implementation of secure storage and distributed systems; the fundamental building blocks for the vast majority of online services.

Keywords: TEEs, secure storage system, secure databases and transactions, fault-tolerant KV stores, etc.

Researchers: Dimitra Giantsidi, Maurice Bailleu, Dimitrios Stavrakakis

Network Stack for Accelerators

Specialized hardware like GPUs, TPUs or cryptographic modules is becoming increasingly important for data processing. However, today’s system architectures are still CPU-centric, i.e., accelerators are treated as 2nd class citizens or devices, and operating systems do not span across (heterogeneous) compute nodes. To overcome both hurdles, we design and develop a network stack that integrates accelerators efficiently in distributed setups.

Keywords: hardware accelerators, distributed computing, heterogeneous system architectures

Researchers: Simon Ellmann, Masanori Misono

Security and System Correctness

We design and develop a compiler-assisted run-time checking system ensuring integrity/security of systems written in C/C++. The goal is to achieve both performance and near-complete memory protection as one solution: fine-grained comprehensive protection for practical deployment. This system is designed to provide a generic framework that can host any safety/security policies on the top of it: its application ranges over spatial/temporal memory safety, garbage collection, control flow integrity, thread safety, and coherence/consistency in heterogeneous systems with incoherent hardware accelerators. We are also planning to adopt formal methods to detect errors as many as possible without program execution.

Keywords: software security, capability model, compiler, high-performance systems, memory safety, formal verification, computer architecture

Researchers: Myoung Jin Nam, Anjo Vahldiek-Oberwagner

Secure Operating Systems

In today’s connected world, the security and reliability of modern operating systems is crucial to ensure integrity of applications and our data. Our research aims to improve the security and reliability of real-world operating systems through static and dynamic program analysis techniques, automated testing, but also exploring the compilers’ and CPU architectures’ roles in providing a reliable computing base. For one, the Linux kernel has established itself as the trusted kernel of numerous mainstream operating systems, and is the focus of our work. Along with it its dependencies, in particular toolchains (such as Clang/LLVM and GCC) and languages (C, and more recently Rust), are of special interest.

Keywords: operating systems, security, reliability, compilers, semantics, verification, testing, concurrency, Linux

Researchers: Marco Elver, Charalampos Mainas, Anjo Vahldiek-Oberwagner

End-to-End HW-SW System Evaluation with Modular Simulation

Modern systems rely on co-designed combinations of software and hardware for performance and efficiency. System performance depends not just on individual components, but also on their interaction. Thus a convincing evaluation requires running the complete system. Yet evaluation in physical testbeds is often infeasible, because a system uses emerging hardware not yet available, proposes changes to proprietary hardware, or proposes entirely new hardware ASIC architectures. We enable end-to-end evaluation for these systems in simulation, by modularly and scalably combining and connecting multiple existing simulators for different components into virtual testbeds running complete HW-SW systems.

Project page: https://simbricks.github.io/

Keywords: network systems, simulation, computer architecture, operating systems, FPGAs, SmartNICs

Researchers: Antoine Kaufmann

Future of Datacenter Compute

Motivated by developer productivity, microservices and Function-as-a-Service (FaaS) have become de facto development practices offered by Cloud Service Providers (CSPs). The logical decomposition, however, costs CSPs a large infrastructure tax of more than 25% creating an usability, performance and security tradeoff. In this design space, CSPs and hardware manufacturers are building,three main solutions focussing on performance: 1) Minimal hypervisors with trusted boot (aka Amazon Firecracker); 2) Infrastructure Processing Units to offload less critical/demanding work; 3) Building on memory-safe languages and novel software abstractions (aka Cloudflare/Fastly). Analyzing, building, and improving the usability, security and performance tradeoff requires extensive research in several directions in hardware, system software (OS, hypervisor, runtimes), and programming languages/paradigms.

Keywords: cloud service, hypervisor, security, memory safety, programming service, HW-SW codesign

Researchers: Anjo Vahldiek-Oberwagner