Marcus Völp - Academia.edu (original) (raw)
Papers by Marcus Völp
Lecture Notes in Computer Science, 2014
Frontiers in computer science, Apr 11, 2023
arXiv (Cornell University), May 9, 2020
2008 Third International Conference on Availability, Reliability and Security
2021 40th International Symposium on Reliable Distributed Systems (SRDS)
Contact tracing is an important instrument for national health services to fight epidemics. As pa... more Contact tracing is an important instrument for national health services to fight epidemics. As part of the COVID-19 situation, many proposals have been made for scaling up contract tracing capacities with the help of smartphone applications, an important but highly critical endeavor due to the privacy risks involved in such solutions. Extending our previously expressed concern, we clearly articulate in this article, the functional and non-functional requirements that any solution has to meet, when striving to serve, not mere collections of individuals, but the whole of a nation, as required in face of such potentially dangerous epidemics. We present a critical information infrastructure, PriLock, a fully-open preliminary architecture proposal and design draft for privacy preserving contact tracing, which we believe can be constructed in a way to fulfill the former requirements. Our architecture leverages the existing regulated mobile communication infrastructure and builds upon the ...
Abstract—Already announced in 2007 for Sun’s Rock proces-sor but later canceled, hardware transac... more Abstract—Already announced in 2007 for Sun’s Rock proces-sor but later canceled, hardware transactional memory (HTM) finally found its way into general-purpose desktop and server systems and is soon to be expected for embedded and real-time systems. However, although current hardware implementations have their pitfalls, hindering an immediate adoption of HTM as a synchronization primitive for real-time operating-systems, we illustrate on the example of a transactional implementation of the L4/Fiasco.OC inter-process communication (IPC) how extended versions of HTMmay revolutionize kernel design and, in particular, how they may reduce the verification costs of a multi-core kernel to little more than verifying a selectively preemptible uni-processor kernel. Removing L4/Fiasco.OC’s half thousand lines-of-code cross-processor IPC path and making the local path transactional, we benefit from a principal performance boost for sending cross-core messages. However for the average case, we e...
Project no. 104600). In this final report we summarise the work performed and the progress achiev... more Project no. 104600). In this final report we summarise the work performed and the progress achieved. Our mission is to research and develop an operating-system (OS) infrastructure capable of protecting against the threats our information and communication infrastructure is currently facing. Among the threats about which we are conserned are attacks by hackers and terrorists with the ultimate goal to obtain valuable information (such as industrial secrets) and to shut down critical information and communication infrastructure. Such an attack may exploit viruses and Trojan horses and it may be performed in preparation of an accompanying physical attack. Following the premise that the mere size and complexity of today’s commonly-used legacy OSs such as Linux (Unix) and Windows makes it absolutely impossible to sufficiently harden these systems, we have developed an operating-system infrastructure that supports critical applications without having to rely on such complex operating syste...
2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC), 2017
Proceedings of the 1st Workshop on System Software for Trusted Execution, 2016
2018 IEEE 24th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), 2018
Time-triggered real-time systems achieve deterministic behaviour, making them suitable for safety... more Time-triggered real-time systems achieve deterministic behaviour, making them suitable for safety-critical environments. However, this determinism also allows attackers to finetune attacks after studying the system behaviour through side channels, targeting safety-critical victim tasks. Assuming fault independence, replication tolerates both random and malicious faults of up to f replicas. Yet, directed attacks violate the fault independence assumption. This violation possibly gives attackers the edge to compromise more than f replicas simultaneously, in particular if they can mount the attack from already compromised components. In this paper, we sketch mitigation strategies for time-triggered systems with task replication to withstand directed timing attacks and show preliminary results on their effectiveness and practicality.
Advances in Intelligent Systems and Computing, Nov 12, 2017
IEEE Transactions on Multi-Scale Computing Systems, 2018
Automated Deduction - CADE-25, 2015
Lecture Notes in Computer Science, 2014
Frontiers in computer science, Apr 11, 2023
arXiv (Cornell University), May 9, 2020
2008 Third International Conference on Availability, Reliability and Security
2021 40th International Symposium on Reliable Distributed Systems (SRDS)
Contact tracing is an important instrument for national health services to fight epidemics. As pa... more Contact tracing is an important instrument for national health services to fight epidemics. As part of the COVID-19 situation, many proposals have been made for scaling up contract tracing capacities with the help of smartphone applications, an important but highly critical endeavor due to the privacy risks involved in such solutions. Extending our previously expressed concern, we clearly articulate in this article, the functional and non-functional requirements that any solution has to meet, when striving to serve, not mere collections of individuals, but the whole of a nation, as required in face of such potentially dangerous epidemics. We present a critical information infrastructure, PriLock, a fully-open preliminary architecture proposal and design draft for privacy preserving contact tracing, which we believe can be constructed in a way to fulfill the former requirements. Our architecture leverages the existing regulated mobile communication infrastructure and builds upon the ...
Abstract—Already announced in 2007 for Sun’s Rock proces-sor but later canceled, hardware transac... more Abstract—Already announced in 2007 for Sun’s Rock proces-sor but later canceled, hardware transactional memory (HTM) finally found its way into general-purpose desktop and server systems and is soon to be expected for embedded and real-time systems. However, although current hardware implementations have their pitfalls, hindering an immediate adoption of HTM as a synchronization primitive for real-time operating-systems, we illustrate on the example of a transactional implementation of the L4/Fiasco.OC inter-process communication (IPC) how extended versions of HTMmay revolutionize kernel design and, in particular, how they may reduce the verification costs of a multi-core kernel to little more than verifying a selectively preemptible uni-processor kernel. Removing L4/Fiasco.OC’s half thousand lines-of-code cross-processor IPC path and making the local path transactional, we benefit from a principal performance boost for sending cross-core messages. However for the average case, we e...
Project no. 104600). In this final report we summarise the work performed and the progress achiev... more Project no. 104600). In this final report we summarise the work performed and the progress achieved. Our mission is to research and develop an operating-system (OS) infrastructure capable of protecting against the threats our information and communication infrastructure is currently facing. Among the threats about which we are conserned are attacks by hackers and terrorists with the ultimate goal to obtain valuable information (such as industrial secrets) and to shut down critical information and communication infrastructure. Such an attack may exploit viruses and Trojan horses and it may be performed in preparation of an accompanying physical attack. Following the premise that the mere size and complexity of today’s commonly-used legacy OSs such as Linux (Unix) and Windows makes it absolutely impossible to sufficiently harden these systems, we have developed an operating-system infrastructure that supports critical applications without having to rely on such complex operating syste...
2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC), 2017
Proceedings of the 1st Workshop on System Software for Trusted Execution, 2016
2018 IEEE 24th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), 2018
Time-triggered real-time systems achieve deterministic behaviour, making them suitable for safety... more Time-triggered real-time systems achieve deterministic behaviour, making them suitable for safety-critical environments. However, this determinism also allows attackers to finetune attacks after studying the system behaviour through side channels, targeting safety-critical victim tasks. Assuming fault independence, replication tolerates both random and malicious faults of up to f replicas. Yet, directed attacks violate the fault independence assumption. This violation possibly gives attackers the edge to compromise more than f replicas simultaneously, in particular if they can mount the attack from already compromised components. In this paper, we sketch mitigation strategies for time-triggered systems with task replication to withstand directed timing attacks and show preliminary results on their effectiveness and practicality.
Advances in Intelligent Systems and Computing, Nov 12, 2017
IEEE Transactions on Multi-Scale Computing Systems, 2018
Automated Deduction - CADE-25, 2015