Skip Navigation

Barkhausen Institut

Composable Operating System

What we do

We build a secure operating system based on a microkernel architecture to reduce complexity and maximize component isolation. Serving the key principle of Composability Hardware and Software, our system consists of small building blocks that cooperate securely in a distributed use case. We co-design our operating system with the Scalable Computing Hardware and Wireless Connectivity groups to solve platform and network security problems. The Composable Operating Systems group will provide the essential building blocks from which customized systems for IoT use cases can be built.

From simulator to hardware

We work closely with the MPSoC team to bring our operating system from a software-based simulator to actual hardware. To this end, we instantiate all hardware building blocks of the MPSoC on an FPGA circuit emulator, which allows us to evaluate hardware designs and test interaction with software components of our operating system. In the end, our operating system and applications shall run on a real system on chip.

Enabling trade-offs between security and costs

Security is not for free. For example, physical isolation of components by placing them onto different cores requires additional resources. We investigate how exclusive and shared usage of resources can be provided with the same mechanisms, allowing system designers to choose between maximal isolation and minimal resource usage on a case-by-case basis.

Updatability and attestation of components

For the whole system to be trustworthy, it is critical that only those components that are responsible for a specific scenario can communicate with each other and that they behave as intended. We research minimal hardware and software support for secure attestation of each component's identity and integrity. This support is also needed to realize secure software updates.

Who we are

Michael Roitzsch
Dr.-Ing.Michael RoitzschResearch Group Leader
Nils Asmussen
Dr.-Ing.Nils AsmussenResearch Associate
Sebastian Ertel
Dr.-Ing.Sebastian ErtelResearch Associate
Till Miemietz
Dipl.-Inf.Till MiemietzResearch Associate
Carsten Weinhold
Dr.-Ing.Carsten WeinholdRESEARCH ASSOCIATE

Publications

Lluís Vilanova, Lina Maudlej, Matthias Hille, Nils Asmussen, Michael Roitzsch, Mark Silberstein, Caladan: A Distributed Meta-OS for Data Center Disaggregation, 10th Workshop on Systems for Post-Moore Architectures (SPMA), 2020, Download PDF

@inproceedings{
Vilanova:Caladan2020,
title = "Caladan: A Distributed Meta-OS for Data Center Disaggregation",
author = "Lluís Vilanova, Lina Maudlej, Matthias Hille, Nils Asmussen, Michael Roitzsch, Mark Silberstein",
year = "2020",
booktitle = "10th Workshop on Systems for Post-Moore Architectures (SPMA)",
month = "April"
}
Download BibTex

Nils Asmussen, Michael Roitzsch, Carsten Weinhold, Pluggable Components All The Way Down, 1st International Workshop on Next-Generation Operating Systems for Cyber-Physical Systems (NGOSCPS), 2019, Download PDF

@inproceedings{
Asmussen:Pluggable2019,
title = "Pluggable Components All The Way Down",
author = "Nils Asmussen, Michael Roitzsch, Carsten Weinhold",
year = "2019",
booktitle = "1st International Workshop on Next-Generation Operating Systems for Cyber-Physical Systems (NGOSCPS)",
address = "Montreal, Canada",
month = "April"
}
Download BibTex

Nils Asmussen, Michael Roitzsch, Hermann Härtig, M3x: Autonomous Accelerators via Context-Enabled Fast-Path Communication, USENIX Annual Technical Conference (ATC), 2019, Download PDF

@inproceedings{
Asmussen:M3x,
title = "M3x: Autonomous Accelerators via Context-Enabled Fast-Path Communication",
author = "Nils Asmussen, Michael Roitzsch, Hermann Härtig",
year = "2019",
booktitle = "USENIX Annual Technical Conference (ATC)",
address = "Renton, WA, USA",
month = "July",
publisher = "USENIX"
}
Download BibTex

Matthias Hille, Nils Asmussen, Pramod Bhatotia, Hermann Härtig, SemperOS: A Distributed Capability System, USENIX Annual Technical Conference (ATC), 2019, Download PDF

@inproceedings{
Hille:SemperOS,
title = "SemperOS: A Distributed Capability System",
author = "Matthias Hille, Nils Asmussen, Pramod Bhatotia, Hermann Härtig",
year = "2019",
booktitle = "USENIX Annual Technical Conference (ATC)",
address = "Renton, WA, USA",
month = "July",
publisher = "USENIX"
}
Download BibTex

Till Miemietz, Hannes Weisbach, Michael Roitzsch, Hermann Härtig, K2: Work-Constraining Scheduling of NVMe-Attached Storage, 40th IEEE Real-Time Systems Symposium (RTSS), 2019, Download PDF

@inproceedings{
Miemietz:K2,
title = "K2: Work-Constraining Scheduling of NVMe-Attached Storage",
author = "Till Miemietz, Hannes Weisbach, Michael Roitzsch, Hermann Härtig",
year = "2019",
booktitle = "40th IEEE Real-Time Systems Symposium (RTSS)",
month = "December",
publisher = "IEEE"
}
Download BibTex