Red Hat Research Quarterly

2024 Collaboratory awards promote innovation in the cloud

Red Hat Research Quarterly

2024 Collaboratory awards promote innovation in the cloud

Machine learning, energy efficiency, and secure data sharing are major research themes in Collaboratory-supported projects.

With the announcement of the 2024 Research Incubation Awards for the Red Hat Collaboratory at Boston University, the Red Hat-BU partnership has deepened its long-running commitment to advancing the state of the art in cloud computing, AI and machine learning, and operating systems. The Collaboratory seeks projects that will benefit from the unique combination of industry experience, academic rigor, and open source principles it was created to foster. 

The 12 new and renewed research projects were chosen for their high potential to address real-world challenges in innovative ways. Security- and privacy-focused projects target risks associated with edge and cloud computing environments and seek to improve the performance of security operations centers. Energy efficiency continues to be a critical issue for systems research, as is making AI and machine learning (ML) sufficiently scalable to solve previously intractable problems. 

Check out the list of this year’s winners and watch RHRQ and the Red Hat Research website for ongoing updates. 

CoFHE: compiler for fully homomorphic encryption
Principal investigator: Ajay Joshi
BU co-investigator: Rashmi Agrawal
Red Hat investigators: Aakanksha Duggal, Lily Sturmann

In the past decade, homomorphic encryption (HE) has emerged as a viable cryptographic solution that allows a cloud service provider to keep data in encrypted form while being processed. The project proposes CoFHE, a comprehensive FHE compiler framework to automate the process of generating the FHE implementations of the overlying applications using the CKKS FHE scheme. Investigators are targeting ML-based applications because ML is pervasive in today’s applications, and these applications are commonly run in the cloud, which is susceptible to data breaches.

Co-Ops: collaborative open source and privacy-preserving training for edge and automotive AI
Principal investigator: Eshed Ohn-Bar 
BU co-investigators: Adam Smith, Venkatesh Saligrama
Red Hat investigators: Sanjay Arora, Michael Clifford, Erik Erlandson, Lance Galletti, Ilya Kolchinsky

While collaborative development and training of large AI models can drastically accelerate scalable edge applications, from open source mapping to safe autonomous driving, they are currently hindered by limitations in performance, efficiency, and privacy. This project develops generalized open source tools to address these limitations through novel mechanisms for enabling distributed data collection, protection, aggregation, and processing across potentially millions of heterogeneous platforms continuously streaming diverse data. One longer-term goal is addressing the lack of scalability in the development of edge applications and autonomous vehicles, with data collection and model training in areas often neglected by mapping and transportation companies (e.g., rural areas, bad roads, and lower socioeconomic settings).

Discovering opportunities for optimizing OpenShift energy consumption
Principal investigator: Jonathan Appavoo
BU co-investigator: Han Dong
Red Hat investigators: Sanjay Arora, Huamin Chen, Heidi Dempsey, Parul Singh

This project aims to systematically discover opportunities for optimizing energy efficiency within the OpenShift orchestration platform. The investigators plan to harness the collective experience and expertise of distinct teams, uniting the capabilities of the Red Hat Kepler and PEAKS projects with ongoing endeavors in energy efficiency systems research.

DISL: a dynamic infrastructure services layer for reconfigurable hardware
Principal investigator: Martin Herbordt
BU co-investigator: Mayank Varia
Red Hat investigators: Ulrich Drepper, Ahmed Sanaullah

DISL is an abstraction layer for FPGA hardware operating system generation that enables software developers to build custom and portable system stacks without having hardware development expertise. A critical enablement aspect for DISL is its component library of DISL-compatible hardware IP blocks, which are designed to support the required flexibility and portability. This project targets two fundamental subsystems of the stack: the interfaces to host and network. The goals are to implement and demonstrate that flexibility can be achieved in a portable fashion for these components and show the benefits of emergent customizability.

HySe: hypervisor security through component-wise fuzzing
Principal investigator: Manuel Egele
Red Hat investigator: Bandan Das

The security of the entire cloud ecosystem crucially depends on the isolation guarantees that hypervisors provide between guest VMs and the host system. The fact that the interfaces between the hypervisor and the host are manifold complicates these isolation guarantees. While there are well-known interfaces, such as those that virtual devices expose to the kernels running inside a guest VM, these interfaces also comprise functionality not necessarily triggered during “normal” operation of a VM. Investigators propose HySe, an approach to tackling the challenges imposed by a broader set of interfaces that hypervisors expose to guest VMs and users of cloud deployments. 

Improving cybersecurity operations using knowledge graphs
Principal investigator: David Starobinski 
Red Hat investigator: David Sastre Medina

This project aims to improve cybersecurity operations, including automating several tasks, by synthesizing the vast amount of structured and unstructured real-world data available on threats, attacks, and mitigations. Investigators will apply Knowledge Graphs for cybersecurity purposes such as uncovering hidden relationships, identifying patterns and trends, and querying the data. A specific goal of the project is to assist software developers in identifying and patching vulnerabilities along various stages of the software development life cycle. Investigators also plan to evaluate and demonstrate the capabilities of the NERC and Red Hat OpenShift AI to support building LLM-augmented Threat Knowledge Graphs

Lock ’n Load: deadlock detection in binary-only kernel modules
Principal investigator: Manuel Egele

Two shortcomings in the Linux kernel/module security analysis landscape motivate this research. First, existing security analyses focus mainly on detecting memory corruption bugs and largely eschew availability bugs, such as those induced by deadlocks. Second, the single most popular detection approach for deadlocks, Lockdep, requires the source code for the kernel and any kernel objects (KOs) and hence cannot be applied to binary-only KOs. This research project aims to develop novel capabilities that bring Lockdep’s detection mechanisms to bear on closed-source binary-only Linux kernel modules. Lock ‘n Load will provide tools that allow detection of deadlock-related bugs in binary-only KOs and enable device vendors to address threats that compromise the availability of their products.

Minimal mobile systems via cloud-based adaptive task processing
Principal investigator: Eshed Ohn-Bar
BU co-investigator: Renato Mancuso
Red Hat investigators: Sanjay Arora, Jason Schlessman

Efficient cloud compute can facilitate AI model training at scale. However, due to suboptimal performance and ad-hoc integration by current cloud-edge frameworks, an edge device requiring real-time performance does not generally employ the cloud during inference. Investigators seek to develop a new paradigm and a generalized OpenShift-based tool for enabling optimal and highly dynamic integration between cloud and edge inference across diverse tasks and settings, for example, in complex environments where even a slight delay can be problematic, such as navigation in crowded regions with multiple optimization and scheduling tasks. By enabling seamless offloading and routing between edge and cloud decisions, this adaptive framework can efficiently enable diverse real-time applications.

Optimizing kernel paths for performance and energy
Principal investigator: Jonathan Appavoo
BU co-investigator: Han Dong
Red Hat investigator: Larry Woodman

The growing size of modern OSes such as Linux is well documented and likely exacerbated as more features are packed into hardware. To address these challenges, a large body of work in application-specific OSes and optimizations has been developed for accelerating network applications. This project aims to conduct data-driven optimizations of the Linux kernel to advance the community’s understanding of the plausibility of these techniques and their impact on performance and energy efficiency.

Practical programming of FPGAs with open source tools
Principal investigator: Martin Herbordt
Red Hat investigators: Sanjay Arora, Ulrich Drepper, Ahmed Sanaullah

The problem of creating computer programs that are portable, performant, and require minimal effort to program, port, optimize, and so forth is one of the most long-standing in computer engineering. But the logjam has broken as several trends have combined to enable rapid progress: new ML algorithms, increasing compute capability, and availability of training data. A primary focus is addressing high-level synthesis (HLS), especially for FPGAs. These devices are being widely deployed in datacenters, the edge, and IoT, but remain nearly impossible for ordinary coders to program, leaving the potential benefit of these deployments untapped. This project focuses on ML methods of optimizing compilers to perform high-quality HLS.

Symbiotes: a new step in Linux’s evolution
Principal investigator: Jonathan Appavoo

Linux’s ability to evolve has proved invaluable in enabling everything from datacenter-scale cloud computing to wearable smart devices. However, UNIX enforces a strict boundary between what constitutes the core, or kernel, of the running operating systems and the applications programs. While this boundary ensures that programs cannot corrupt other programs, it also makes it very difficult to write applications that can directly use any part of the hardware or integrate OS kernel functionality. This work explores how a new kind of software entity, a symbiote, might bridge this gap. With the ability to shed this boundary, application software is free to integrate, modify, and evolve into a hybrid that is both application and OS.

Towards high performance and energy efficiency in open source stream processing
Principal investigator: Vasia Kalavri
BU co-investigators: Jonathan Appavoo, Han Dong
Red Hat investigators: Sanjay Arora

Continuous data streams generated by phones, cars, houses, smart cities, and electronic purchases feed information into cloud-hosted business analytics and prediction models. Cloud computing research has focused on optimizing the performance of such applications, but little effort has been devoted to understanding and improving their energy efficiency. This project aims to demonstrate that energy efficiency and the myriad layers of software that go into an open source streaming platform need not be incompatible. Researchers will leverage the open nature of the Apache Flink software to build a platform that optimizes trade-offs between energy efficiency and performance while maintaining transparency and the easy sharing of knowledge.

All software developed by these projects will be available under an open source license, and all results will be publicly available. Red Hat Research regularly provides on Collaboratory progress and announces engagement opportunities through Red Hat Research Quarterly, its searchable project database, blog, newsfeed, and live in-person and virtual events. Contact Jen Stacy, Senior Project Manager with Red Hat Research, for more information. 


More like this