Proposed thesis

  • All universities

  • All specializations

  • Reset filters

Vehicle Routing Solver based on OptaPlanner


Research VRP problems and do benchmarking on public data-sets for quick comparison between chosen open source engines.

November 2, 2018

JBoss

Recommender System for Web Articles


Red Hat Developer website brings resources to help developers build modern and innovative apps and services. It includes everything from downloads to developer how-tos and getting-started guides to tutorials, videos, books, and latest new. Goal of this thesis is the implementation of a recommender system, which brings new, personalized experience into the website. Using machine learning techniques, it should combine user’s website browsing history together with website articles characteristics, and recommend most interesting content to the user. It should provide good balance of the content exploitation vs exploration to the user, which is crucial in the ever changing landscape of the […]

October 30, 2018

machine learning

Transformation of native upstream repositories into Fedora dist-git format


Fedora GNU/Linux distribution is using a custom repository structure for package sources called dist-git. This repository contains a recipe how to construct a binary package and a reference to archive with pristine upstream sources. Working with this repository is cumbersome and we are trying to modernize the workflow for Fedora maintainers. We are going to move the development efforts of packages to a repository which resembles upstream format. In order to automate manual tasks, we will need a tool which will translate source code between these two repository formats. The goal of this thesis is to develop such a tool […]

Developer ExperienceFedora

Performance Testing of Linux Kernel


The goal of the thesis is to develop a tool for graphic interpretation of results of kernel performance measurement. The tool should also be able to automatically detect and report performance regression. The student has to study existing benchmarks for measuring the performance of Linux kernel scheduler and means of storing of the benchmark results.

October 4, 2018

Jenkins queue overrunning


Jenkins has a queuing mechanism to checkout jobs and a mechanism for cancelling builds in queue. Sometimes there is a need to move a job in a queue up or down. Jenkins already has many mechanisms for prioritizing jobs, but not individual builds. Also, all currently existing solutions, however very flexible and sophisticated, are more heavy-weight than necessary. The student should research and hack how Jenkins queue is working, and enable two simple arrows UP+DOWN (for moving in queue) to currently existing X (remove from queue). The result should be a working Jenkins plugin, ensuring that short jobs can overtake frozen queue during […]

October 3, 2018

OpenJDK

Comparison between FIPS module implementations


Most cryptographic libraries support running in Federal Information Processing Standard (FIPS) 140-2 mode. For cryptographic operations to be FIPS 140 compliant, only certain algorithms and key sizes can be used. For example, use of RSA keys 1536 bit long is not allowed. Some libraries require the application using it to know about those limitations and not initiate them in FIPS mode while others will refuse to perform operations with FIPS 140-non-compliant cryptographic primitives. The goal of the work is to learn the NIST FIPS140-2 requirements for applications, and check and compare the behavior of different libraries when operating under FIPS […]

Security

TLS 1.3 features in GnuTLS


The new Transport Layer Security (TLS) version, 1.3, changed the way old features should be handled and added new features to the ones that can be implemented by libraries. The goal of the work is to study cryptographic features used in the real world and to implement some selected features in the GnuTLS library.


Integrate GnuTLS DTLS into oss-fuzz


Google is providing infrastructure for continuously running fuzzing tests against open source libraries called OSS-Fuzz. The goal is to design and implement a test harness for testing the Datagram Transport Layer Security (DTLS) server and client from GnuTLS so that it can be tested using OSS-Fuzz.

Security

Reusable test coverage for TLS implementations


Current libraries that implement Transport Layer Security (TLS) need to implement multiple versions of the protocol, many separate features (sometimes dozens) and support multiple configurations. This complexity means that it is very hard to manually create tests that provide high degree of test coverage (especially if the interactions between features are unexpected). The tlsfuzzer project addresses this problem, by testing several features, corner cases and lesser used features of TLS implementations. There are however, some features missing.

Security

Transaction analyser tool for Narayana


The goal is to design and implement an application that would gather information about the transaction processing occurring within Narayana transaction manager. Narayana normally runs as part of the WildFly application server but has more integration. Having a good solution for monitoring can help users to understand and solve issues connected with the transaction processing. Having the universal tool is more important in the present time where Narayana is integrated with many different systems as WildFly, Spring Boot, Camel or Apache Tomcat.

JBoss

Event sourcing for Narayana LRA


The goal is to investigate on event sourcing. Find what it is and how it is used in the microservice architecture. Then design and change the current Narayana LRA implementation to be capable to store its state changes as events by saving them in the event source log storage. Narayana LRA is an implementation of “saga transactions” as effort to add transaction capabilities to the MicroProfile (set of specifications transferring Java EE development approaches to the microservice environment while boosting them to the next level). Saga is concept of transaction processing where transaction manager does not ensure full ACID guarantees. […]

CloudJBoss

Interoperability testing of open source TLS implementations


There are various application libraries implementing the Transport Layer Security (TLS) protocol. Implementations like GnuTLS, NSS, OpenSSL, Go and Java perform only limited amount of interoperability testing, usually with just one or two other libraries. The goal of the thesis is to create the necessary test harnesses for the Go and Java implementations, designing a test suite between them and the other three implementations, and making it possible to run those tests automatically (in Continuous Integration environment).

September 20, 2018

Security

RSA-PSS test coverage


Transport Layer Security (TLS) version 1.3 brought support for Rivest–Shamir–Adleman Signature Scheme with Appendix – Probabilistic Signature Scheme (RSASSA-PSS) algorithm. Support for this algorithm requires support for new key type and new signature type (in X.509 certificates). Specification of the signatures and limitations of the keys themselves is much more complex than any other algorithm (like the RSA signatures specified in the Public-Key Cryptography Standard (PKCS) #1 version 1.5 or the Elliptic Curve Digital Signatures (ECDSA)), with every signature including 4 variables and the public key that made the signature can have additional 4 variables specifying the key limitations.

Security

Tool for detecting enabled features and bugs in SSL and TLS servers


Many of the features and ciphersuites in Secure Sockets Layer (SSL) and Transport Layer Security (TLS) servers are not considered secure and safe to enable. To verify that they are not supported by a server, it is necessary to be able to advertise them in the first message send by the client in the TLS handshake – the Client Hello. The cipherscan tool, does just that in order to discover the supported ciphersuites in a server. As a back-end it uses the openssl application. Unfortunately, as OpenSSL project is deprecating insecure old features it is also adding new features, causing […]

NetworkingSecurity

Dynamic Extensible DSL Documentation Tool in the Ruby Programming Language Context.


The topic of this thesis is exploring the ways of documenting domain specific languages (DSLs) in the Ruby programming language, and enhance the existing tooling or implement a new one, to better support particular use-cases.

September 18, 2018

Satellite

Web-based customers cases aggregation and reporting tool


Currently, there is no efficient way how to get notified about customer cases in Quality Engineering department. Quality Engineers would be interested in how the product is used in real life, to be able to adjust testing scenarios accordingly and provide better services for end customers. Employees have to go manually through the list of reported cases and find what they need. In order to make their work easier, it would be useful to implement a web-based application that would send reports with information about cases to subscribed users according to certain criteria. This way, they would get fresh information […]

September 6, 2018


LSP clients generator


The goal of this thesis is to design and implement a tool for creating LSP clients for different IDEs (Eclipse, Eclipse Che, VS Code, …). On the input will be an LSP server. The output will be LSP clients for this server with instructions on how to install them into particular IDEs. The tool should be able to generate clients for the Apache Camel LSP server first. Although, it should be able to produce clients for an arbitrary LSP server. The implemented tool should be easy to use and build on top of modern technologies and approaches.

September 5, 2018

Developer Experience

A static analysis tool detecting bugs in signal handlers


POSIX signals are commonly used in C/C++ programs for IPC (Inter-Process Communication). One of the key advantages of using signals is that they can be handled asynchronously to the main control flow of the program. However, this advantage does not come for free. Developers of C/C++ programs must follow strict rules while implementing signal handlers. If these rules are violated, such programs do not work properly and may suffer from occasional crashes, freezes, or even data loss. Moreover, these issues are usually difficult to test and difficult to debug because they are timing-dependent.

August 21, 2018

Compilers and Interpreters

Jenkins shutdown queue plugin


Jenkins has a queuing mechanism to checkout jobs before execution and shutdown mode when queue is frozen and system just waits for all jobs to be finished. When the queue is full of short jobs and the last running job is very long job, this becomes very inefficient. The student should research and hack how Jenkins is estimating time of individual jobs, how the queue is organized, how the shutdown mode works. The result should be a working Jenkins plugin, ensuring that short jobs can overtake frozen queue during the shutdown time of long running tasks, and deployed on https://plugins.jenkins.io/ If done  together with https://research.redhat.com/diplomas/jenkins-queue-overrunning/ […]

OpenJDK

Impact of virtualization on benchmark accuracy


The side-effects of virtualization to benchmarks are long time known. However virtualization technologies are advancing, and their footprint is smaller and smaller. In this thesis, student should investigate how individual virtualization technologies: full (kvm, vbox, oVirt) or shared kernel (Docker, chroot, mock) or nested and mixed, are affecting performance and stability of various Java benchmark types –  CPU, time, network, bytecode, IO. Support for virtualization is seen also in JDK itself, so more then one Java can come to play. We will provide Student with banchmarks,  pros and cons of thirs setup, VMs and images and other virtualization know-how, hardware,  and […]

OpenJDKVirtualization

ManageIQ Expression Editor


ManageIQ is an open-source management platform that delivers insight, control, and automation functionality allowing enterprises to manage hybrid IT environments. The ManageIQ application collects information about various entities such as Virtual Machines, Hosts, Containers, etc., with numerous attributes and relationships.

May 2, 2018


Mobile applications for EvMan


The aim of the thesis is to create a mobile application for platforms Google Android and Apple iOS, using which the user will be able to perform some processes on the EvMan event management system. The first milestone is to analyze the EvMan information system and build a list of requirements for the mobile application. The second milestone is to design and build API that will be used for communication between the mobile application and the EvMan information system. The third milestone analyze available tools for building cross-platform mobile applications and choose the one that will be used. The fourth […]

April 20, 2018


Research of Fedora Status for Machine Learning


Machine learning and artificial intelligence gain a lot of popularity lately. Fedora distribution wants to become a distribution of choice for developers who develop applications in this field, and the focus is on Python language. This project is mostly a research and the goal is to identify pain points in Fedora distribution in this new, progressively developed field, and prepare content on the Fedora Developer Portal to help new-comers to begin in this field. Except the research, there are some coding part: one is to prepare an example application from the machine learning field, and others are bringing the missing […]

April 10, 2018

Developer Experience

High-availability for PostgreSQL in OpenShift


PostgreSQL database system by default offers replication with one master server and several read-only replicas. That design also allows to implement high-availability (HA), but only with several other tools and further configuration done by administrator. In OpenShift PaaS, implementing such HA is even more challenging, but it’s very important in fully automatic cloud environment. The goal of the project is to investigate how existing solutions work and implement one or more container images based on Fedora packages, which would deliver HA with automatic fail-over in OpenShift environment.

CloudDeveloper Experience

Using DNS for verifying integrity of software packages


Currently it is common that software packages are cryptographically signed using methods of public-key cryptography. Software vendor signs package using his private key and signed software package is then distributed along with vendor’s public key. This vendor’s public key can later be used in automatic software update verification process.

March 19, 2018

NetworkingSecuritySoftware management

Approval System for Keycloak


Keycloak is a highly configurable open-source single sign-on server. In complex deployment environ- ments, Keycloak can be managed by a team of administrators with hierarchical organizational structure and different access levels. Each of them then can be responsible for different parts of the server’s configuration. E.g. one can be responsible for creating new users (like employees), other for managing user roles and groups and assigning access rights to them and the third could be a master supervising admin which can do all of it. Some of the changes to the server’s configuration could be even done by the end-users., e.g. […]

February 27, 2018

JBossKeycloakSecurity

Deep Neural Networks Used for Customer Support Cases Analysis


There is a big number of resolved Support Cases by Red Hat, therefore an idea was proposed to use these data for data mining and information retrieval in order to ease a resolution process of the Support Case. This work will tries to create Deep Neural Network models for prediction of features which could help during the resolution process.

January 25, 2018

Configurable GUI for the GNU Debugger


(draft to be updated after meeting with student) Design a configurable GUI application for the GNU Debugger The aim is not to replace IDE functionality, but to allow users use the GUI for specific things, like tracing, use watchpoint connected to configurable graphs etc.


Extracting a configuration parser from the application source code.


Get acquainted with means of compilation of C programs using LLVM compiler infrastructure – clang, LLVM Internal Representation, AST, LLVM optimisations.  Propose a solution to statically transplant a subset of a C program that is dedicated to parse configuration files of an application. This subset should be extracted from the original program and synthesised as an independent binary.  Design and implement the proposed solution in a tool having an appropriate form (standalone application or LLVM plugin).  Test the implemented tool on standard linux server daemons used in Red Hat Enterprise Linux distributions.

December 11, 2017

Compilers and Interpretersstatic analysis

Nginx authentication with dynamically loaded modules


The Nginx project has added support for dynamic modules. It can be useful to add new functionality without recompiling the whole server. There have been numerous authentication modules for Nginx written, including Kerberos, GSSAPI, or PAM authentication. The goal of this thesis is to investigate the state of the dynamic modules support and the configuration options, and port at least on of the modules to the dynamically-loaded style, as an example for others.

November 13, 2017

NetworkingSecurity

Componentization of complex form


ManageIQ is an open-source Management Platform that delivers the insight, control, and automation that enterprises need to address the challenges of managing hybrid IT environments. The Report Editor is a complex form written in Ruby on Rails. It contains multiple elements that are shown or hidden based on the user’s choices. The main goal is get to know the Report Editor, suggest UX improvements, break it into components and start conversion of these components to Angular.js.  

NN trainings using the Torch framework


This is a very broad topic – if you are interested in neural networks and/or the Torch framework, please contact me and we can create a better description according to your interest (computer vision, machine learning, text recognition …).

License analysis for public packages on GitHub


The goal of this project is to check licenses in (selected) public packages that are available on GitHub. Many packages already contain LICENSE, COPYRIGHT etc. files, but these are often inaccurate or does not corresponds to (c) headers in source files. Please contact author if you are interested in this topics (it will be updated to match bachelor or diploma thesis requirement).

Management module to review virtual datacenter status in oVirt


Create an application that connects to your oVirt virtualization datacenters and preview information regarding your virtual machines, hosts and other components of your environments. This should speed up and simplify the work of system administrators to have all the relevant information in single spot instead of being stored in only for specific components. The module should be able to display the component specifications in a sensible matter to get the most value for small effort.

CloudVirtualization

Toolkit for compatibility testing of virtualization infrastructure.


Manual verification toolkit providing compatibility testing for the oVirt project, with the inclusion of tools and environment setup scripts to support full Quality Assurance process on different versions and components of infrastructure.

CloudQuality AssuranceVirtualization

Automatic seccomp syscall policy generator


Develop a syscall policy generator based on inputs from an application syscall logger and with an output to seccomp based policy code.

September 29, 2017

Security

Continuous Integration and Automated Code Review in Open Source Projects


Ensuring code quality and enforcing coding standards and styling are essential aspects of the developer experience in any open source project. Having automated feedback for any proposed code change helps both the developer and the maintainers produce quality code. The goal of this thesis is to analyze this workflow in the ManageIQ project, compare it with workflows used in other popular open source projects, and, based on the results, enhance the developer experience in the said project.

September 20, 2017

Developer Experience

OCSP must staple in practice


The student will implement support for status_request (RFC 6066) extension in TLS client and server, OCSP request generation and response validation (RFC 6960) and support for the TLS Feature extensions to X.509 – also known as Must Staple – (RFC 7633). Finally, test cases will be created for other libraries (e.g. Mozilla NSS) to verify their behaviour. Those enhancements will be provided as patches to the tlslite-ng and tlsfuzzer projects.

August 14, 2017

Developer ExperienceNetworkingQuality AssuranceSecurity

Client side DNSSEC deployment


DNSSEC is already a well-established technology, which extends the DNS protocol to provide integrity and authenticity.

August 4, 2017

NetworkingSecurity

Remote API Web Reference for Java Enterprise Applications


The goal of the thesis is to develop a generic remote API web reference for Java Enterprise applications. Often these JavaEE applications provide REST and WS web services which we want to document in order to make them easily available to the developers.

June 30, 2017

JBoss

Automatic topology for FreeIPA deployments


FreeIPA supports multi-master replication. When setting up environment with dozens of replicas, replication agreements (edges in the topology graph) need to be created to ensure smooth operation of the setup, while not exceeding an informal limit of agreements that each server should have without negatively affecting performance. We are looking for algorithm and its implementation for creating the replication agreements automatically, without admin’s manual intervention.

June 13, 2017

FreeIPANetworkingSecurity

Implement detection of duplicate test coverage for Java applications


With increasing number of tests, their execution time increases as well. Currently, various tools provide metrics of test code coverage. These metrics however do not help identify duplicate test coverage, that leads only to unnecessary increase of test execution time without any benefit to effective code coverage. Information about duplicate coverage and execution time of duplicate tests would be a valuable help for subsequent refactoring of test code base.

April 12, 2017

JBossQuality Assurance

Special Data View for a High Productivity Information System


The types of views of data people tend to use are very useful but also limited in number. We believe that all of them could be implemented in a single system to provide users the most flexibility while keeping all their data in a single location.

March 30, 2017

JBoss

Business Processes for a High Productivity Information System


Investigate existing workflow solutions and figure out which one is easiest to integrate with or most comprehensible to users. Design simplified workflow editor on top of the selected framework. The important supported tasks in the workflow should be: a human task (what someone needs to accomplish), execute data query, write to a collection, send an email or any other notification. Demonstrate the proposed design by implementing a sample application leveraging open-source platform Lumeer.

JBoss

Data Mining for High Productivity Information System


When dealing with large amounts of data it might be useful to either predict some trends or to figure out patterns in existing data. Investigate existing data mining algorithms – we would like to use stat-of-the-art version of really basic algorithms for classifiers, decision trees and clustering. Other options are also possible when suitable. Analyze the possibilities usage of data mining algorithms in an information system. Design a way how to bring the power of data mining algorithms available to basic users without any deep technical knowledge. The users should be able to use the algorithms to for example predict […]

CloudJBoss

Data Explorer for a High Productivity Information System


One of the typical tasks users perform in spreadsheets (Microsoft Excel, Google Sheets, LibreOffice Calc, etc.) is that they enter some sample data and see what happens when they do some changes to them. The changes can be adding or multiplication of values in a column, counting various averages and sums based on conditions, further filtering the data, adding input parameters and tweaking the parameters and in the end creating a chart displaying the influence of the parameters on the data entered. However, it might be hard to see what logical steps lead to the result. Design and implement an […]

JBoss

Decompilation of restored in-memory class fragments in running JVM


Based on ability of JVM to restructure already loaded classes and by using existing decompilers decompile in memory transformed fragments of java classes close to human-readable form. Student must investigate existing mechanisms in JVM allowing restoration of bytecode class representation. By modifications in existing decompilers the machine code can be decompiled to one or more JVM languages (java, clojure…) also with theirs various intermediate forms. As bonus the view can contain full syntax highlight or be able to compile the class back to JVM. Recommended environment is implementation as thermostat plugin as it allows easy access to running JVM

February 10, 2017

OpenJDK

Property based testing in practice for NodeJS services


We have identified several areas in our projects that could leverage property-based testing. Aim of this thesis should be finding mature enough testing framework (or create your own if necessary) and design and implement a set of property based tests against a relevant FeedHenry project.

February 6, 2017

Performance optimization of testing automation framework based on Beakerlib


BeakerLib is a shell-level integration testing library, providing convenience functions which simplify writing, running and analysis of integration and black box tests. Tests written with Beakerlib can be run directly from Bash command line or as a part of wider work flow using one of available harnesses. These include Beah harness usable with Beaker machine provisioner and Restraint harness usable both with and without Beaker. Goal of this work is to carry out performance analysis of Beakerlib library alone and in conjunction with either Beah or Restraint (or both) harness and propose, implement and measure performance optimizations in these use […]

October 24, 2016

Quality Assurance

Existing Attacks on SSL/TLS Protocol


Study design and implementations of SSL/TLS protocol and existing attacks on its design and implementation [1], testing approaches and tlsfuzzer project [2]. Get familiar with existing attacks against SSL/TLS. Identify existing attacks that are suitable for reproduction in tlsfuzzer framework. Design a test suite for them. Implement the tests and necessary improvements to tlsfuzzer and tlslite-ng [3]. Run the tests against existing SSL/TLS implementations and evaluate the results. Points that should be done during the first semester: 1. and 2. [1] https://www.feistyduck.com/books/bulletproof-ssl-and-tls/ [2] https://github.com/tomato42/tlsfuzzer [3] https://github.com/tomato42/tlslite-ng

September 30, 2016

NetworkingSecurity

Continuous Integration System for TLS/SSL Libraries Interoperability


Study design and implementations of SSL/TLS protocol (focus on OpenSSL, NSS and GNUTLS) and current state of the art of its interoperability and integration testing. Get familiar with existing tools and solutions for implementing public projects with continuous integration features. Design a system for publicly sharing integration and interoperability SSL/TLS tests that is able to execute the test suite and expose testing results to public before incorporating particular commit and pull request in both the test suite and upstream implementation of SSL/TLS library. This system should support tests written in BeakerLib [1]. Design a test suite for testing interoperability and […]

September 29, 2016

NetworkingSecurity

Extend USBGuard to support external authorization policy sources


The USBGuard project provides user space components for implementing USB device authorization policies on Linux based systems. Currently, these authorization policies can be stored only in a local file. The aim of this thesis is to extended USBGuard to support multiple policy sources, including LDAP and SSSD. This will allow for centralized management of USB device authorization policies via LDAP and other backends. Motivation Centralized management of security and compliance policies is a basic requirement of good IT security practices. Extending USBGuard with centralized management capabilities would extend the applicability of the project from single machine deployments to company-wide computer infrastructures. Deliverables […]

September 27, 2016

Security

Application-specific passwords / Multiple passwords for one user in FreeIPA


FreeIPA is an authentication and authorization server. At the moment, FreeIPA does not currently allow users to have more than one password. Aim of the thesis is to allow to use multiple passwords for single user. Motivation There are many possible use cases for multiple passwords for single user account: Several fall under a category that could be broadly defined as ‘application specific passwords’ (as Google refers to it), or possibly ‘partially trusted credentials’, or something. For instance: I have my mail server configured to use FreeIPA authentication via PAM. I have three computers, two phones and a tablet configured […]

September 26, 2016

FreeIPASecurity

Using the Immutables processor in the Java programming language


September 23, 2016

Compilers and InterpretersOpenJDK

Java source code analysis using the Spoon library


Compilers and InterpretersOpenJDK

Remote Execution Output Processing


Foreman Remote Execution is a tool for running arbitrary commands on a set of hosts. Its designed to support multiple providers (SSH, MCollective, Ansible, Salt) as well as complex network topologies. The goal of the thesis is to extend this tool, design and implement a solution for further processing of the data that is produced at the execution. It should allow to define a logic to extract meaningful data from the output in order to make it useful in other parts of the system (searching for the data, determining the status of hosts etc.) It should also provide an ability […]

September 22, 2016

Satellite

Web Service for Generic Archive Comparison


During software development and maintenance, engineers need to include bug fixes and implement new features in programs, while not changing anything what was not planned. During new version verification, a developer needs to be able to effectively evaluate changes made to the program from consumer point of view. Goal of this project is to implement web service, which will display differences between objects of specified type (RPM packages, Docker containers, etc.) and that will allow to simplify and possibly automate verification, that is often being done manually now. Assignment – Study RPM packaging format for software distribution on operating system […]

September 20, 2016

Developer Experience

Provide automated unit testing and profiling in the file manager


Have you ever modified something in your project and then realised weeks later your project is broken in some cases and don’t know where or when you or your colleagues broke it? Have you ever made some change in the past and then someone commented how slow your application is, and you don’t know where and why? Stability and reliability in a file manager is on of the most important features, so we would like to have an automated unit testing for operations and interactions in the file manager, together with automated profiling and a nice graphical output to be […]

September 2, 2016

DesktopQuality Assurance

Web SDR receiver


Get acquainted with SDR (Software Defined Radio) concepts, Gnuradio framework, RTL-SDR. Design Web SDR receiver that will allow receiving (at least) AM, FM, SSB (USB/LSB), CW through Gnuradio / RTL-SDR. Deal with multiuser access (i.e. one user can control the underlying HW, other monitors). Optionally try to transfer the demodulation task to the clients (HTML5/Java) which would allow hosting the Web SDR on slow embedded HW (like RPI). Implement and demonstrate functionality of your design. It’s supposed that opensource project will be created and hosted on the internet (e.g. on GitHub).

August 16, 2016

DesktopNetworking

Libvirt unified job control


Libvirt is an API, daemon and tool for managing virtual machines. It also prepares host environment whenever virtual machine configuration requires so. Therefore, Libvirt has subsystems for managing storage, (virtual) network interfaces, host devices and so on. Moreover, Libvirt exposes APIs so that entities from these subsystems can be managed directly too. For instance, storage units for virtual machines can be allocated directly via an API call, host network interfaces can be managed with simple Libvirt function call, and PCI device assignment is made easy with Libvirt. Following this logic, virtual machines are then just yet another class of objects […]

August 15, 2016

Virtualization

Docker image(s) for PerfRepo


The main goal of the topic is to define and create Docker image(s) for instances of a performance repository called PerfRepo. Performance result repository (PerfRepo) is a web application tool that intends to make it easy to capture and archive performance test results and simplify comparison of performance run results and detect a performance regression from one build to the next in an automated fashion. The PerfRepo repository would be deployed on the WildFly 10 application server as a web application and would use the latest PostgreSQL database for it’s dataources (v9.5.3 at the time of writing this). At least two […]

August 10, 2016

CloudQuality Assurance

PerfCake support in IDE tools


The goal is to update the current PerfCake IDE plugins for Eclipse, Intellij IDEA and NetBeans to work with the current version of PerfCake, to unify workflow and user experience.

May 30, 2016

Quality Assurance

Enhancement of PerfCake


Are you in search for an interesting thesis? Feel free to look around at PerfCake issues at Github. Especially those marked with “University project” label are well suitable. But you might want to look at others as well. https://github.com/PerfCake/PerfCake/labels/university%20project Once you find an issue that is interesting to you, let me know at mvecera@redhat.com. We will then agree on a particular thesis.

January 12, 2016

JBoss

Possibilities for data-mining from n-dimensional matrix


Students goal is to research possibilities for data mining from n-dimensional matrix, find existing open-source tools for the subject and prepare practical proof of concept. For practical part of the work, we will provide data which can be interpreted as n-dimensional matrix (results of tests running on different versions of operating system, on different architectures, on different hardware configurations, on different networks). Work can be written in English or in Czech.

November 6, 2015

Case Management Task Assignment Using OptaPlanner


Case Management is unique coordination of work (case) in specific context (e.g. health care, law, etc.) where the flow can be unknown and participants act in various roles. Assignments of tasks within cases can be tough and with increasing options we quickly get to a point where no human being is able to solve planning the assignments. Using OptaPlanner as a tool for business resource planning, tasks will be assigned based on predefined rules and priorities. Therefore, the aim of this thesis is to implement a module for automated task assignment using resource planning tool, OptaPlanner. Study Resource Management and Case Management including CMMN and BPMN notations. Get familiar with jBPM engine implementing case […]

October 26, 2015

JBoss

Vizualizace práce CPU


October 12, 2015

Compilers and Interpreters

OpenMAX performance benchmarks


October 8, 2015

Compilers and InterpretersQuality Assurance

Scene editor for Box2D physics simulator engine


Cílem tohoto projektu je vytvoření 2D editoru scén pro engine Box 2D. Body zadání: Prostudujte a popište vlastnosti enginu Box 2D. Popište, jakým způsobem je zajištěna vazba tohoto engine na různé programovací jazyky. Zaměřte se na popis vazby na JavaScript. Navrhněte, jaké vlastnosti by měl mít 2D editor scén pro engine Box 2D. Navrhněte a popište strukturu 2D editoru scén. Na základě návrhu (předchozí bod) implementujte editor scén s využitím JavaScriptu a technologií dostupných ve webových prohlížečích (HTML Canvas atd.)

October 6, 2015

Desktop

Git reporting tool


Git reporting tool to enable project leaders to see statistics such as Git commits per person, by time period, per product, per component Size of git commit, e.g. differences in lines (added or removed) Additional characteristic (merges etc.)

Quality Assurance

Business Process Wizard


Business process wizard is an attempt to create an alternative way to traditional business process modeling in BPMN2 specification. The goal is to create a tool which would easily enable business (non-technical) users to create simple but comprehensive business processes without any technical details. Get familiar with Red Hat JBoss BPM Suite, the practices in business process modeling and BPMN2 specification. Analyze the existing alternative tools for business process modeling. Business Process Wizard should offer services to use in the designed process without any technical details → study APIMan and possible integration with it. Design user interface for practical use of the wizard mainly aimed on business (non-technical) users. Study GWT, the toolkit, in which the wizard should be […]

October 4, 2015

JBoss

PerfCake scenario editor for NetBeans


Investigate and study the NetBeans plugin development. Make yourself familiar with the PerfCake performance testing framework. Design and implement user-friendly PerfCake scenario editor as a plugin into NetBeans. Design adn implement user-friendly PerfCake scenario creation wizard. The wizard would be part of the plugin. Design and implement the ability to actually execute the PerfCake scenario directly from NetBeans.

October 2, 2015

Quality Assurance

Integration SELinux troubleshooting into ABRT Tool


Describe the current SELinux troubleshooting together with its advantages/disadvantages. Describe and design improvements for the current SELinux troubleshooting. Implement designed improvements to get better integration with the desktop. Outline possible future improvements of this implemented solution.

October 1, 2015

Security

Technical documentation validator


Popište specifika tvorby technické dokumentace. Popište formáty používané pro tvorbu strukturované technické dokumentace. Vysvětlete význam sémantického značkování. Popište význam průběžné integrace (CI) v kontextu tvorby technické dokumentace. Prostudujte možnosti nabízené systémem Emender, který je určený pro deklaraci a spouštění testů nad dokumenty. Navrhněte a implementujte test, který z dokumentů získá adresy odkazů, ověří dostupnost těchto odkazů a do výsledku testu zapíše seznam validních a seznam nevalidních odkazů. Podporovány by měl být formát DocBook. Test by měl taktéž sledovat, zda odkazy neodpovídají zadaným regulárním výrazům. Navrhněte a implementujte test, který získá seznam názvů balíčků a ověří, zda zadané balíčky pro zvolený […]

September 10, 2015

ELF binary file infection – possibilities and implementation


Executable and Linkable Format (ELF, formerly called Extensible Linking Format) is a common standard file format for executables, object code, shared libraries, and core dumps. Explore possibilities of binary ELF format infection. Goal is to consider possibilities of infection, document them and implement functional tool to which alllows insert payload to existing ELF binary file.

August 14, 2015

Security

Graphical ELF binary file viewer and simple editor


Executable and Linkable Format (ELF, formerly called Extensible Linking Format) is a common standard file format for executables, object code, shared libraries, and core dumps. Goal is to create simple and easy to use viewer/editor of ELF binary file. Requrements: * Knowledge of ELF binary format * Basic knowledge of assembler (x86_64 or arm) and C/C++ language * Knowledge of libraries for creating graphical applications * Application must be portable minimally between Mac OS X and Linux * Viewer should be able to cope with some kind of ELF obfuscation techniques. Explore obfuscation techniques and implement some heuristic.

DesktopKDE & QtSecurity

Polymer elements for Business Process Management System


Polymer is a lean core library that makes fast, beautiful, and interoperable web components. The goal is to design and develop web components (polymer elements) for business applications built on KIE Execution Server and describe the work from the initial thoughts, through designing, accessibility, stylization, implementing and unit testing to distribution of the KIE Web Components Library. As part of the work: Study Polymer, Web Components standard, Material Design, and alternatives Study jBPM Workbench 7.x and KIE Execution Server Design, implement and test KIE polymer elements in JavaScript KIE Web Components Library will include – process and task forms, details, lists, and charts, etc. Publish the library To show […]

July 21, 2015

JBoss

Libvirt Admin API


Libvirt is an management API for hypervisors and virtualization hosts. Among others, it allows users to define, start and manage virtual machines. It also has a set of API to gather various statistics over set of virtual machines. It offers several ways to manipulate environment of the virtualization hosts too. However, one piece of puzzle is still missing. It has no APIs to manage itself. Currently, there is no way to get any kind of information on connected users, limits set within the libvirtd and others. The aim of the thesis is to design and implement such set of APIs, […]

June 10, 2015

Virtualization

“Broken” DNS proxy – for simulating DNS issues


Some DNS software solutions like Unbound, ISC BIND, FreeIPA, rely on the DNSSEC support of remote DNS resolver, when using it as forwarder. Some tools are intended to detect and assess the level of DNSSEC support of such remote DNS resolver. There are many issues that can arise. Some of them are specified in the IETF draft (http://www.ietf.org/id/draft-ietf-dnsop-dnssec-roadblock-avoidance-00.txt), some are based on real life issues and errors in specific implementations of DNS resolvers (e.g. wildcard NSEC issue in old versions of BIND).

April 22, 2015

NetworkingQuality Assurance

Analyze & improve the filters in GNOME Photos


GNOME Photos is an application to access, organize and share your photos on GNOME 3. It has some common image processing features built into it so that users can quickly tweak and enhance their photographs after importing them from the camera. One such feature is the ability to apply some preset effects to an image. Unfortunately, most of the algorithms behind these filters were not scientifically developed or tested. They are merely implementations of approaches described by various people on the Internet. One exception is the Caap filter which is based on an algorithm developed by Corey Hoard. Scientifically analyzing some well-known […]

April 8, 2015

Desktop

Test shield for ARM-based boards


Get fimiliar with ARM-based boards (“ABB”) RaspberryPi, Cubieboard and BeagleBoneBlack. Design (schema and PCB) and build a universal test board (“TB”) that will: support GPIO (digital input, digital output, analog input, analog output), UART, I2C, SPI, have a single set of pins/connectors independent on the ABB, be connected to each ABB by an adapter (or a cable) with connector fitting ABB’s GPIO pin set on one side and with the connector fitting the TB’s pin set on the other side, be powered directly from the ABB, have short circuit / reverse polarity protection to avoid damaging the ABB. The test […]

March 31, 2015

Quality Assurance

Identity information for Web applications on Windows platform


In the Web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication, the authentication and retrieval of additional user attributes including group membership is done via Apache modules that provide the information about the authenticated user to the application via environment variables or similar mechanism. Specifically, mod_lookup_identity which currently uses D-Bus interface to sssd is able to populate fields like REMOTE_USER_EMAIL or REMOTE_USER_GROUPS. We are looking for similar solution on the Windows platform.

March 5, 2015

FreeIPASecurity

Graphical Debugger of GPIO Pins


Motivation When developing software solutions, it is beneficial to have an unified debugging tool, especially on ARM-based/embedded devices. To provide users with comprehensive development experience, Silverspoon.io needs to include user-friendly way of debugging IoT applications. Goals The main goal is to develop a library which can analyse activity on GPIO pins, and reuse it in a desktop application that might be used as a graphical debugger of GPIO Pins. Debugger needs to be able to set pin values to exact value (0,1). Requirements Develop a desktop application (e.g. Java Swing) that will graphically display activity on device gpio pins and […]

March 3, 2015

JBoss

Dependent identity lifecycle management


When external authentication and identity providers are used, applications store the provisioned user identity upon the first successful authentication of the user. Applications can update the user identity attributes upon every logon of the user. However, when users do not log in often, attributes of said user identity or indeed its whole validity and existence can grow stale over the time. The goal of the work is to devise approach of keeping the cached identities in sync with the master and implement it for typical scenarios.

November 7, 2014

FreeIPASecurity

Multi-factor authentication in web applications using PAM


Study Pluggable Authentication Modules, focus on multi-factor authentication setups, configure multi-factor authentication for some common service (sshd). Study HTTP, focus on its state-less nature. Investigate the possibility of using full PAM stack in web applications, including multi-step conversations. Develop a solution which would allow the use of the PAM conversation over the web. Create prototype web application/setup to demonstrate the use of the solution using FreeOTP.

June 12, 2014

Developer ExperienceFreeIPANetworkingSecurity

Add support for external authentication to web project


Study the central identity management and its role in enterprise IT deployments. Study open-source identity and authentication provider FreeIPA and its client-side counterpart SSSD. Study web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication which uses Apache httpd modules mod_auth_kerb, mod_authnz_pam, mod_intercept_form_submit, and mod_lookup_identity. Study the existing authentication options of web project X [to be replaced by the project agreed with the advisor]. Implement support for consuming Apache module authentication results by project X. Prepare patch and documentation. Work with upstream of project X to get the code changes to the upstream project. Document the changes and the result.

April 25, 2014

CloudFreeIPANetworkingSecurity

Implement external authentication modules for nginx


Study the central identity management and its role in enterprise IT deployments. Study open-source identity and authentication provider FreeIPA. Study web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication which uses Apache httpd modules mod_intercept_form_submit and mod_lookup_identity. Study HTTP server nginx and its internals and module system. Implement modules to achieve the same authentication setup on nginx like the one described above. Work with nginx upstream to get the code changes to the upstream project. Document the changes and the result.

March 25, 2014

CloudDeveloper ExperienceFreeIPANetworking