SRA has two papers on fault injection of transient hardware faults at SAFECOMP'22: Christian Dietrich presents SailFAIL, where we explain how to derive fault-injection platforms form formal CPU models. Tim-Marek Thomas presents ACTOR, an method how to use dynamic timeout detectors to speed up large fault-injection campaigns.
Tobias Landsberg presents our paper TASTING: Reuse Test-case Execution by Global AST Hashing at the 17th International Conference on Sofware Technologies (ICSOFT '22) in Lisbon. In the paper we describe TASTING, an approach for efficiently selecting and reusing regression-test executions across program changes, branches, and variants in continuous integration settings. TASTING can dramatically speed-up test suite executions by recursively composing hashes of all relevant syntatic elements into a semantic fingerprint of the test and its execution environment, so identical test executions can easily be detected and skipped. This is an important building block for variant-aware testing in the CADOS project.
Tobias got the Best Student Paper award for this work!
Gerion Entrup presents our paper RTOS-Independent Interaction Analysis in ARA at the 16th Workshop on Operating System Platforms for Embedded Real-Time Applications (OSPERT '22) in Modena. In the paper we describe our approach towards RTOS-independent interaction analyses in the ARA framework that makes ARA analyses compatible with many RTOS standards, among them AUTOSAR OS, FreeRTOS and POSIX. The ARA OS model is an important building block towards our goal of fully automatic application analysis in the AHA project.
- ParPerOS: Parallel Persistency OS (DFG: LO 1719/8-1 and DI 2840/2-1)
- In ParPerOS, we examine new abstractions for unified but efficient and optionally crash-consistent low-level memory management for data objects in heterogeneous memory systems that consist of volatile, persistent, distributed and other types of main memory.
Our former SRA member and current project partner in the ATLAS and ParPerOS projects, Christian Dietrich helds his inaugural lecture on New Directions for Managing Memory:
Abstract: Traditionally, memory is the scarce resource that operating systems virtualize for their users. However, current hardware trends, like ultra-fast NVMe SSDs and non-volatile RAM, force us to rethink operating system-mediated management. We no longer have to manage scarcity, but we have to swim in the new abundance without drowning. In his inaugural lecture, Christian Dietrich will present three ongoing research projects that center around the topic of memory management.
The event starts at 14:00 and can be followed by Zoom.
SRA is participating in the Spring Meeting of the German SIG on Operating Systems (Frühjahrstreffen der GI Fachgruppe Betriebssysteme) with three talks in the context of the ParPerOS and ATLAS projects: Lars Wrenger presents his thesis Lo(ck|g)-free Page Allocator for Non-Volatile Memory in the Linux Kernel in the context of the ParPerOS project, Dominik Töllner presents Multivariant ELF Executables, and our Guest Gabriele Serra his work on Control-Flow Integrity with Pointer Authentication.
- ATLAS: Adaptable Thread-Level Address Spaces (DFG: LO 1719/7-1 and DI 2840/1-1)
- In the ATLAS project, we investigate dynamic specialization and containment by means of thread-level address-space variations.
Abstract: Computer-based automation in industrial appliances led to a growing number of logically dependent, but physically separated embedded control units per appliance. Many of those components are safety-critical systems, and require adherence to safety standards, which is inconsonant with the relentless demand for features in those appliances. Features lead to a growing amount of control units per appliance, and to a increasing complexity of the overall software stack, being unfavourable for safety certifications. Modern CPUs provide means to revise traditional separa- tion of concerns design primitives: the consolidation of systems, which yields new engineering challenges that concern the entire software and system stack.
Multi-core CPUs favour economic consolidation of formerly separated systems with one efficient single hardware unit. Nonetheless, the system architecture must provide means to guarantee the freedom from interference between domains of different criticality. System consolidation demands for architectural and engineering strategies to fulfil requirements (e.g., real-time or certifiability criteria) in safety-critical environments.
In parallel, there is an ongoing trend to substitute ordinary proprietary base platform software components by mature OSS variants for economic and engineering reasons. There are funda- mental differences of processual properties in development processes of OSS and proprietary software. OSS in safety-critical systems requires development process assessment techniques to build an evidence-based fundament for certification efforts that is based upon empirical software engineering methods.
In this thesis, I will approach from both sides: the software and system engineering perspective. In the first part of this thesis, I focus on the assessment of OSS components: I develop software engineering techniques that allow to quantify characteristics of distributed OSS development processes. I show that ex-post analyses of software development processes can be used to serve as a foundation for certification efforts, as it is required for safety-critical systems.
In the second part of this thesis, I present a system architecture based on OSS components that allows for consolidation of mixed-criticality systems on a single platform. Therefore, I exploit virtualisation extensions of modern CPUs to strictly isolate domains of different criticality. The proposed architecture shall eradicate any remaining hypervisor activity in order to preserve real- time capabilities of the hardware by design, while guaranteeing strict isolation across domains.
- CADOS: Configurability-Aware Development of Operating Systems (DFG: LO 1719/3-2)
- In the CADOS project, we investigate scalable methods and tools to deal with the implementation of variability across all implementation layers of modern system software.
Oskar Pusz presents Data-Flow–Sensitive Fault-Space Pruning for the Injection of Transient Hardware Faults at the Conference on Languages, Compilers and Tools for Embedded Systems (LCTES '21).
In the paper, we describe Data-Flow–Sensitive Fault-Space Pruning (DFP), a new precise and fault-space–complete data-flow sensitive fault-space pruning method that extends on def/use-pruning by also considering the instructions’ semantics when deriving fault-equivalence sets. In our experimental evaluation, this already reduces the number of necessary injections by up to 18 percent compared to def/use pruning.
The DFP is the core element in the ISA level of our research project CLASSY-FI.
The source code and evaluation artifacts are available here: Source Code and Evaluation Data for the Paper: Data-Flow–Sensitive Fault-Space Pruning for the Injection of Transient Hardware Faults.
Björn Fiedler presents our paper ARA: Static Initialization of Dynamically-Created System Objects at the 27th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS '21).
In the paper, we present ARA, a framework for static specialization of operating systems for embedded systems. ARA is capable to statically detect operating-system objects dynamically created during run-time and replace them by statically prepared equivalents. ARA is a major building block of our reserch project AHA towards the goal to fully automatically analyze and specialize applications and their system software.
The presentation videos, source code and evaluation artifacts are available at the paper's details page: ARA: Static Initialization of Dynamically-Created System Objects
After many fruitful years with dozen of papers, great lectures and a lot of fun together, Christian Dietrich leaves our group to start his Juniorprofessorship (W1-TT-W3) with a new operating system group at TUHH. We will continue our work together, nevertheless miss him a lot, and wholeheartedly congratulate Prof. Dr.-Ing. Christian Dietrich for this great step in his career!
Christian Dietrich receives an award for the best doctoral thesis in the field of operating systems. The award is granted annually by the SIG on Operating Systems of the German Computer Assiciation (GI Fachgruppe Betriebssysteme) solely on the base of scientific excellence. It includes a price money of 500 €. Congrats, Christian!
In his dissertation Interaction-Aware Analysis and Optimization of Real-Time Application and Operating System, Christian designs and implements a control-flow--sensitive whole-system view and analysis on the interactions within real-time systems. With this approach, he can overcome many inefficiencies that arise from analyses that have an isolating focus on individual system components. Furthermore, the interaction-aware methods keep close to the actual implementation, and therefore are able to consider the behavioral patterns of the finally deployed real-time computing system.
Ralf Ramsauer presents The Sound of Silence: Mining Security Vulnerabilities from Secret Integration Channels in Open-Source Projects at CCSW '20 – due to Corona by video. In the paper, which has already been featured The Register and golem.de (German), we describe an approach to automatically detect patches that fix critical security issues before they are rolled out in the wild. We detect these patches (using the technology we described in our ICSE '19 paper) by the mere fact that they are not discussed on the mailing list. We analyzed the seven months before the release of Linux 5.4 and found commits that address 12 vulnerabilities. For these vulnerabilities, our approach resulted in a temporal advantage of 2 to 179 days to design exploits before public disclosure takes place.
Florian Rommel presents our paper From Global to Local Quiescence: Wait-Free Code Patching of Multi-Threaded Processes at OSDI '20 – due to Corona by video.
In the paper, we present WfPatch, a wait-free approach to inject code changes into running multi-threaded programs. Instead of having to stop the world before applying a patch, WfPatch can gradually apply it to each thread individually at a local point of quiescence, while all other threads can make uninterrupted progress.
WfPatch is the first outcome of our novel concept on adaptable thread-level address spaces, which we are investigating in the ATLAS project.
And now for something completely different: Our paper A Bibliometric Approach for Detecting the Gender Gap in Computer Science has appeared on the May 2020 issue of CACM, together with a short video about this work produced by ACM. In the paper we describe a method to identify the ratio of active female CS scientists by bibliometric analyses. In contrast to previous studies in the STEM fields that refer to limited data records (such as enrollment and degree numbers) our method identifes active researchers from all career levels and instutitions and can easily be tailored to specific sub-fields of the STEM field. The percentage of women contributing to 19 representative conferences in systems-level CS within the last six years is, on average, below ten percent.
Im Rahmen der Winteruniversität konnten sich heute einige studieninteressierte Schüler über das Informatikstudium informieren. Die dazu passenden Folien finden Sie hier: [Folien]
Oskar Pusz presents our paper Program-Structure–Guided Approximation of Large Fault Spaces at the 24th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC '19) in Kyoto, Japan. In the paper we describe an approach to reduce the number of required fault injections using program-structure informations while aiming full fault-space coverage. Results show that injections can be reduced by up to 76 percent with an deviation of less than 2.7 percent and we keep the locality of the results regarding silent data corruptions to a low deviation.
Tobias Landsberg receives the award for best master thesis in the field of operating systems. The award is granted annually by the SIG on Operating Systems of the German Computer Assiciation (GI Fachgruppe Betriebssysteme) solely on the base of scientific excellence. It includes a price money of 500 €. Congrats, Tobias!
In his thesis Analyzing and Optimizing TLB-Induced Thread Migration Costs on Linux/ARM Tobias evaluates if it is feasable and benefitial to pre-warm the TLB (Translation Look-Aside Buffer) when a thread is migrated to another core. He analyzes existing ARM cores, presents and evaluates possible hardware extensions in gem5 and and provides a complete Linux integration for the system.
Linux Weekly News (LWN) features our recent work on analyzing kernel e-mail and the PaStA tool presented in our ICSE '19 and OpenSym '16 papers and recent talks by Ralf Ramsauer, Sebastian Duda, and Wolfgang Mauerer at ELCE '19 and LPC '19.
PaStA quantitatively analyses the evolution of patch stacks by mining git repositories, which is an important building block for analyzing patch-level optional features in the CADOS project.
Abstract: Mechanical and electronic automation was a key component of the technological advances in the last two hundred years. With the use of special-purpose machines, manual labor was replaced by mechanical motion, leaving workers with the operation of these machines, before also this task was conquered by embedded control systems. With the advances of general-purpose computing, the development of these control systems shifted more and more from a problem-specific one to a one-size-fits-all mentality as the trade-off between per-instance overheads and development costs was in favor of flexible and reusable implementations. However, with a scaling factor of thousands, if not millions, of deployed devices, overheads and inefficiencies accumulate; calling for a higher degree of specialization.
For the area of real-time operating systems, which form the base layer for many of these computerized control systems, we deploy way more flexibility than what is actually required for the applications that run on top of it. Since only the solution, but not the problem, became less specific to the control problem at hand, we have the chance to cut away inefficiencies, improve on system-analyses results, and optimize the resource consumption. However, such a tailoring will only be favorable if it can be performed without much developer interaction and in an automated fashion. Here, real-time systems are a good starting point, since we already have to have a large degree of static knowledge in order to guarantee their timeliness. Until now, this static nature is not exploited to its full extent and optimization potentials are left unused.
The requirements of a system, with regard to the RTOS, manifest in the interactions between the application and the kernel. Threads request resources from the RTOS, which in return determines and enforces a scheduling order that will ensure the timely completion of all necessary computations. Since the RTOS runs only in the exception, its reaction to requests from the application (or from the environment) is its defining feature.
In this thesis, I will grasp these interactions, and thereby the required RTOS semantic, in a control-flow--sensitive fashion. Extracted automatically, this knowledge about the reciprocal influence allows me to fit the implementation of a system closer to its actual requirements. The result is a system that is not only in its usage a special-purpose system, but also in its implementation and in its provided guarantees.
In the development of my approach, it became clear that the focus on these interactions is not only highly fruitful for the optimization of a system, but also for its end-to-end analysis. Therefore, this thesis does not only provide methods to reduce the kernel-execution overhead and a system's memory consumption, but it also includes methods to calculate tighter response-time bounds and to give guarantees about the correct behavior of the kernel. All these contributions are enabled by my proposed interaction-aware methodology that takes the whole system, RTOS and application, into account.
With this thesis, I show that a control-flow--sensitive whole-system view on the interactions is feasible and highly rewarding. With this approach, we can overcome many inefficiencies that arise from analyses that have an isolating focus on individual system components. Furthermore, the interaction-aware methods keep close to the actual implementation, and therefore are able to consider the behavioral patterns of the finally deployed real-time computing system.
Im Rahmen des Niedersachsen-Technikums hat uns eine Gruppe interessierter Abiturientinnen besucht. Während des 6-monatigem Programms lernen sie im Rahmen eines bezahlten Unternehmenspraktikums und eines Schnupper-Studiums das Arbeitsleben in einem MINT-Beruf kennen. Die jungen Frauen nahmen nach einem Vortrag an einem Kurzworkshop zum Programmieren teil, bei dem sie einen Unterschriftendrucker mithilfe des Kturtle-Programms in einer speziell dafür erstellten Programmiersprache programmieren konnten.
Florian Rommel presents our paper Wait-Free Code Patching of Multi-Threaded Processes at the 10th Workshop on Programming Languages and Operating Systems (PLOS '19) co-located with SOSP in Huntsville, Canada. The paper describes an approach to apply run-time code modification in multi-threaded processes without the need to stop all threads on a global barrier. This is achieved by first preparing a patched clone of the process’s address space and then migrating individual threads at predefined quiescence points while all other threads make uninterrupted progress.
Andreas Ziegler presents our paper Honey, I Shrunk the ELFs: Lightweight Binary Tailoring of Shared Libraries at the International Conference on Embedded Software (EMSOFT '19), in New York. In the paper we describe an approach to automatially reduce the footprint of existing shared libraries by removing unneeded functionality with lightweight binary tailoring. Our approach does not require access to the source code and effectively reduces the amount of code in all shared libraries on a Linux-based system by 63 percent and shrinks their files by 17 percent. The reduction in size is beneficial to cut down costs (e.g., lower storage and memory footprint) and eases code analyses that are necessary for code audits.
Lightweight application-specific tailoring of libraries is an important building block in our attempts towards a fully automatic whole-system tailoring of Linux-based infrastructure software in the CADOS project.
Abstract: In der heutigen Wissenschaft und Wirtschaft haben wir es oft mit Systemen zu tun, welche aus Problemen bestehen, die sehr komplex und nicht einfach zu lösen sind. Aufgrund der zunehmenden Komplexität und der teilweise fehlenden Informationen ist es bereits heutzutage nicht mehr möglich, solche Probleme – welche als Blackbox-Probleme klassifiziert werden – per Hand zu lösen. Um das Maximum oder Minimum zu finden, wird auf Optimierungsmethoden zurückgegriffen, die uns ermöglichen, eine optimale Lösung für das Problem zu suchen und ggf. zu finden. Stochastische Methoden haben die letzten Jahre gezeigt, dass sie sehr gut geeignet sind, solche Probleme zu lösen. Der Vorteil der Verwendung von stochastischen Methoden ist, dass sie nicht den Gradienten des zu optimierenden Problems verwenden, so dass sie sowohl bei großen als auch bei komplexen Optimierungsproblemen erfolgreich angewendet werden können. Diese Vielseitigkeit hat aber ihren Preis. Es gibt hauptsächlich drei wesentliche Aspekte, die die Effizienz der Lösung beeinträchtigen:
- Die realen Probleme werden immer größer und komplizierter oder sie müssen in sehr kurzer Zeit gelöst werden, was erhebliche Ressourcen in Zeit und Hardware erfordert.
- Optimierungsprobleme sind durch mehrere lokale Optima charakterisiert, die ein Verfahren zur Vermeidung einer zu frühen Konvergenz erfordern.
- Algorithmen erfordern einige problembedingte Anpassungen ihrer Verhaltensparameter, um bessere Ergebnisse zu erzielen.
Untersuchungen in dieser Arbeit haben gezeigt, dass die Anpassungen zu besse ren Ergebnissen führen. Durch die adaptive Natur des Frameworks, ist es in vielen Rechnerarchitekturen nutzbar und für viele Probleme anwendbar.
Gerion Entrup presents our paper ARA: Automatic Instance-Level Analysis in Real-Time Systems at the 15th Workshop on Operating System Platforms for Embedded Real-Time Applications (OSPERT '19), in Stuttgart. In the paper we describe ARA, an analysis framework and tool to detect and visualize, how a given application employs RTOS abstractions. As a tool, ARA helps to understand how the tasks of an application given as source code interact which each other. The framework itself is an important building block towards our goal of fully automatic application analysis in the AHA project.
Im Rahmen der SommerUni (ehem. Herbstuniversität) ist ein Angebot speziell für Mädchen der 10. bis 13. Klassen, die sich für ein Studium im Bereich Mathematik, Informatik, Naturwissenschaften oder Technik (MINT) interessieren. Am SRA erhielten die Teilnehmerinnen Einblicke in das Informatikstudium und das grundlegende Konzept von CPU Scheduling. Die dazu passenden Folien finden Sie hier: [Folien]
Der Student Malte Bargholz wurde im Rahmen des Tags der Fakultät für seine herausragenden Leistungen in seiner Bachelorprüfung geehrt. Seine herausragenden Leistungen stellte er, unter anderem, in seiner Bachelorarbeit InterSloth: Globales Hardware-gesteuertes Scheduling in einem Multikern-Echtzeitbetriebssystem auf RISC-V beim SRA unter Beweis und konnte seine Ergebnisse beim Herbsttreffen der Fachgruppe Betriebssysteme vorstellen.
Prof. Dr.-Ing. habil. Daniel Lohmann gave his inaugural lecture at the Faculty of Electrical Engineering and Computer Science. In his presentation "Klein und sicher – Automatisch anpassbare Systemsoftware für eingebettete Spezialzweckanwendungen", Prof. Lohmann provided an entertaining introduction into our research activities and the case for highly tailorable system software.
Studenten und Mitarbeiter des SRA nehmen am Herbstreffen der Fachgruppe Betriebssysteme in Coburg teil. Das SRA ist mit zwei Vorträgen vertreten. Malte Bargholz spricht über „InterSloth: Hardwaregestützte, globale und prioritätsgesteuerte Echtzeiteinplanung“ und Christian Dietrich präsentiert seine Arbeit über „Semi-Extended Tasks: Geteilter Stack für selbstblockierende Fäden“.
Björn Fiedler presents our paper Levels of Specialization in Real-Time Operating Systems was at the 14th Workshop on Operating System Platforms for Embedded Real-Time Applications (OSPERT '18), in Barcelona. In the paper we describe a taxonomy for the specialization of system software towards a specific application and provide showcases of the achievable benefits. We got an Best Paper Award for this work.
Mit Unterstützung der Kollegen vom IKT findet das erste Gesamttreffen des neu gegründeten Fachbereich SYS der Gesellschaft für Informatik (GI) am 1. und 2. März 2018 hier in Hannover statt. Mit mehr als zwölf Beiträgen aus dem Bereich der Betriebssysteme, Kommunikationssysteme und Verteilten Systeme erwartet die 70 angmeldeten Teilnehmer ein spannendes Programm.
Die als Meltdown und Spectre bekannt gewordenen Angriffe verunsichern zur Zeit Anwender und Experten. Prof. Daniel Lohmann hat heute im Rahmen einer Informationsveranstaltung des LUIS für Systemadministratoren der Universität die technischen Grundlagen aus Rechnerarchitektur und Betriebssystemen am Beispiel von Meltdown präsentiert. Die Folien des Vortrags finden Sie hier: [Folien]
- AHA: Automated Hardware Abstraction in Operating-System Engineering (DFG: LO 1719/4-1)
- Goal of AHA is to improve nonfunctional properties of system software by a very deep, but fully automated specialization of the application-hardware bridge represented by the operating system. We investigate, how alternative implementations that are mapped more directly to hardware features, can be generated from a concrete application and their actual interactions with the operating system.
Die Kriterien für die Auszeichnung sind eine herausragende Lehrleistung über die Dauer von wenigstens zwei Studienjahren an einer Universität in Bayern, eine Beteiligung der Studierenden an der Auswahl sowie der Vorschlag der jeweiligen Universität. Über alle Maßnahmen zur Sicherung der Qualität der Lehre, die von den Hochschulen praktiziert werden, spielen das persönliche Engagement und die pädagogisch-didaktischen Kompetenzen des Lehrenden eine große Rolle.
CADOS research students gave two talks at LPC '14: Valentin Rothberg talked about his new tool undertaker-checkpatch, which analyzes patch files. The vampyr tool to configurability-aware compile test (or determine the variability of) source files was presented by Stefan Hengelein.
Linux Weekly News features both CADOS talks and tools in its summary of the LPC highlights!