MikroRZ: Secure Data Centers with Microkernel-Based Architectures

MikroRZ aims to fundamentally improve the security of system-software in data centers. We rely on data centers every day when we use digital services like messaging apps, video streaming, or AI chatbots. All these applications run on shared data center hardware, and it is critical that data from different users remains isolated. The operating system is responsible for this isolation.

A promising approach to stronger isolation is using systems based on microkernels. Unlike conventional systems like Linux, microkernels drastically reduce the attack surface. However, microkernel-based systems currently lack the ability to scale to the large hardware resources in datacenters. Especially scalable and securely isolated data storage is an unsolved problem on these systems.

This is where the Barkhausen Institut comes in: In MikroRZ, we are addressing the challenge of securely shared data storage at large scale. We want to enhance existing systems based on the L4Re microkernel by adding a storage layer that scales to the needs of data centers. At the same time, it must preserve the strong security and isolation properties that microkernels offer.

With MikroRZ, we contribute to a secure and trustworthy European-built system software layer for datacenters, improving the digital sovereignty of this widely used infrastructure.

Project duration: 1.6.2025 – 31.12.2027

Contact: Michael Roitzsch, Till Miemietz

Partners: Kernkonzept GmbH