Fuzzing Device Emulation in QEMU
A Boston University project
Virtual devices are the most common site for security bugs in hypervisors. In our evaluation, we found new bugs in devices such as serial and virtio-net, ranging from memory corruptions to denial-of-service vulnerabilities. By combining well known coverage guidance techniques with domain-specific feedback, we found promising fuzzer performance, even for complex targets such as hypervisors.
Our flagship partnership, Boston University is the center of two major Red Hat initiatives: The Red Hat Collaboratory at Boston University, and the Mass Open Cloud. Both initiatives are dedicated to the idea that marrying research to the open source development methodology, using a partnership between scientists and open source developers, is a uniquely fast and fruitful way of putting great ideas into practice. Boston University is also the center of our Boston intern program, which generates more and more new Red Hatters with each passing year.
Meet the new 2023 Red Hat Collaboratory Research Incubation Award Recipients
We are pleased to announce the recipients of the 2023 Red Hat Collaboratory Research Incubation Awards. The awards are part of a joint effort between Red Hat and Boston University (BU) aimed at recognizing, supporting and funding research in cloud computing, and to advance the state of the art in open source technologies such as distributed systems, security, operating systems, and networking.
OpenShift on elastic secure bare metal infrastructure
The Red Hat Research team supports several cloud environments, such as MOC Alliance and CloudLab. We realized there is a need to increase the productivity of bare metal machines in these environments and to promote leasing unused infrastructure to trusted partners....
DevConf.US 2022 recordings available
Recordings from DevConf.US 2022, August 17-20, 2022 in Boston, MA are now available on the DevConf.US 2022 YouTube playlist. This year’s conference featured talks on topics integral to Red Hat Research projects, including hybrid cloud and cloud computing, edge...
Red Hat Research brings open cloud, open hardware, open data to DevConf.US
Red Hat Research is excited to announce our participation in DevConf.US 2022, August 17-20, 2022 in Boston, MA. DevConf.US 2022 is a free, Red Hat-sponsored technology conference for community projects and professional contributors to Free and Open Source...
Red Hat Collaboratory Announces 2022 Student Research Projects
On April 14, the Red Hat Collaboratory announced five newly funded Student Research Projects. As part of Boston University’s expanded partnership with Red Hat, the Student Research Projects aim to provide BU students with research and experiential learning...
Boston University sees success with new educational tools built with Red Hat OpenShift Data Science
Red Hat OpenShift Data Science provided the CS and ECE departments at Boston University a scalable environment for students while ensuring a personalized Linux playground that only requires a web browser to get started and provides a platform for hosting open source textbook and interactive lectures.
Red Hat Collaboratory at Boston University Announces Recipients of Research Incubation Awards
the Red Hat Collaboratory at Boston University announced the inaugural recipients of the Red Hat Collaboratory Research Incubation Awards. The program, which aims to advance research in open source cloud computing systems, awarded $2.3M to 16 projects that will be driven by collaboration between Boston University faculty and students, Red Hat engineers, and industry collaborators
The Red Hat Collaboratory at Boston University seeks large, small, and speculative projects for funding and support
The Red Hat Collaboratory at Boston University has opened a Request for Proposals in support of the launch of the expanded Collaboratory. The Collaboratory seeks to define and demonstrate an open model for large-scale reproducible systems research toward achieving a future of secure, reliable, scalable, self-operating, distributed, heterogeneous compute platforms that stretch from edge devices to cloud datacenters.
Red Hat and Boston University Advance Open Hybrid Cloud Research and Operations at Scale
Boston University (BU) has long been a big part of the Red Hat Research program and Red Hat’s academic collaboration generally. On April 27, the two organizations took that collaboration up a level.
BU Software Engineering Foundations
Reviews are in for Langdon White and Bandan Das’ first-ever virtual software engineering course at Boston University : Online classes work. This semester-long course which was first taught in the spring of 2020 became a bellwether for the potential of virtual...
Title Summary Research Area Minimal Mobile Systems via Cloud-based Adaptive Task Processing The high cost of robots today has hindered their widespread use. Specifically, a limiting factor involves extensive hardware and software … AI-ML, Cloud-DS Co-Ops: Collaborative Open Source and Privacy-Preserving Training for Learning to Drive Note: This project is a continuation of OSMOSIS: Open-Source Multi-Organizational Collaborative Training for Societal-Scale AI Systems. AbstractCurrent development of autonomous … AI-ML, Cloud-DS CoDes : A co-design research lab to advance specialized hardware projects CoDes research lab provides the infrastructure and engineering foundation needed to support co-design based specialized hardware research. The lab is currently located at Boston University, as part of the Red Hat – Boston University collaboratory. AI-ML, Cloud-DS, Hardware and the OS Prototyping a Distributed, Asynchronous Workflow for Iterative Near-Term Ecological Forecasting AbstractThe ongoing data revolution has begun to fuel the growth of near-term iterative ecological forecasts: continually-updated predictions about the future … FHELib: Fully Homomorphic Encryption Hardware Library for Privacy-preserving Computing Note: Please visit the Privacy-Preserving Cloud Computing using Homomorphic Encryption project page for information on a related project. In today’s … Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography SECURE-ED: Open-Source Infrastructure for Student Learning Disability Identification and Treatment The project aims to develop an infrastructure that would enable users to input data about an individual student and receive … Relational Memory Controller Note: See the Near-Data Data Transformation project page for information about the work that led to this project. Abstract: Data movement … Learned Cost-Models for Robust Tuning Note: Please see the Robust Data Systems Tuning project page for earlier results associated with this research. Abstract: Data systems’ performance is … AI for Cloud Ops This project aims to address this gap in effective cloud management and operations with a concerted, systematic approach to building and integrating AI-driven software analytics into production systems. We aim to provide a rich selection of heavily-automated “ops” functionality as well as intuitive, easily-accessible analytics to users, developers, and administrators AI-ML, Cloud-DS, Hardware and the OS Creating a global open research platform to better understand social sustainability using data from a real-life smart village A BU team is working with SmartaByar and the Red Hat Social Innovation Program in order to create a global … AI-ML, Cloud-DS, Security, Privacy, Cryptography DISL: A Dynamic Infrastructure Services Layer for Reconfigurable Hardware As modern data center workloads become increasingly complex, constrained and critical, mainstream “CPU-centric” computing can no longer keep pace. Future … Cloud-DS, Hardware and the OS Practical Programming of FPGAs with Open Source Tools This project has evolved from the Practical programming of FPGAs in the data center and on the edge project. Please see … Cloud-DS, Hardware and the OS Near-Data Data Transformation BU faculty members Manos Athanassoulis and Renato Mancuso will work with Red Hat researchers Uli Drepper and Ahmed Sanaullah to create a hardware-software co-design paradigm for data systems that implements near-memory processing. Cloud-DS, Hardware and the OS Towards high performance and energy efficiency in open-source stream processing. BU faculty members Vasiliki Kalavari and Jonathan Appavoo will work with Red Hat researcher Sanjay Arora to create an open-source … Hardware and the OS OSMOSIS: Open-Source Multi-Organizational Collaborative Training for Societal-Scale AI Systems The goal of our project is to develop a novel framework and cloud-based implementation for facilitating collaboration among highly heterogeneous research, development, and educational settings. AI-ML, Cloud-DS Privacy-Preserving Cloud Computing using Homomorphic Encryption Note: Please visit the FHELib: Fully Homomorphic Encryption Hardware Library for Privacy-preserving Computing project page for information on a related … Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography Serverless Streaming Graph Analytics In this project, we will focus on graph streams that can be used to model distributed systems, where workers are represented as nodes connected with edges that denote communication or dependencies. Cloud-DS, Testing and Ops Enabling Intelligent In-Network Computing for Cloud Systems With the network infrastructure becoming highly programmable, it is time to rethink the role of networks in the cloud computing … Cloud-DS, Testing and Ops Linux Computational Caching In this speculative work we are attempting to explore a biologically motivated conjecture on how memory of past computing can be stored and recalled to automatically improve a system’s behavior. AI-ML, Cloud-DS, Hardware and the OS Foundations in Open Source Education In this project we are developing an exemplar set of materials for an introductory computers systems class that exploits, Jupyter, Jupyter Books, OpenShift and the the Mass Open Cloud to develop and deliver a unique educational experience for learning about how computer systems work. Cloud-DS Symbiotes: A New step in Linux’s Evolution This work explores how a new kind of software entity, a symbiotie, might bridge this gap. By adding the ability for application software to shed the boundary that separates it from the OS kernel it is free to integrate, modify and evolve in to a hybrid that is both application and OS. Hardware and the OS, Security, Privacy, Cryptography Intelligent Data Synchronization for Hybrid Clouds The goal of this project is to design configurable synchronization solutions on a common platform for a wide range of edge computing scenarios relevant to Red Hat. These solutions will be thoroughly validated on a state-of-the-art testbed capable of emulating realistic environments (e.g., smart cities). AI-ML, Cloud-DS, Testing and Ops Secure cross-site analytics on OpenShift logs The project aims to explore whether cryptographically secure Multi-Party Computation, or MPC for short, can be used to perform secure cross-site analytics on OpenShift logs with minimum client participation. Cloud-DS, Security, Privacy, Cryptography, Testing and Ops Robust Data Systems Tuning Note: Please see the Learned Cost-Models for Robust Tuning project page for research that has grown from this project. See … AI-ML, Hardware and the OS Robust LSM-Trees Under Workload Uncertainty We introduce a new robust tuning paradigm to aid in the design of data systems with uncertain assumptions by modeling the behavior of the system and then utilizing these models in conjunction with techniques in robust optimization. Our approach is demonstrated through tuning a popular log-structured merge-tree based storage engine, RocksDB Hardware and the OS Does efficient, private, agnostic learning imply efficient, agnostic online learning? Users of online services today must trust platforms with their personal data. Platforms can choose to enable privacy by default … Are Adversarial Attacks a Viable Solution to Individual Privacy? Users of online services today must trust platforms with their personal data. Platforms can choose to enable privacy by default … Security, Privacy, Cryptography Workflow-Centric Tracing for Cloud Applications Workflow-centric tracing allows traces (i.e., graphs) of requests’ workflows to be constructed by stitching together trace points with the same request context. Three collaboratory projects focus on improving the observability and diagnosability of Red Hat products using this technique. Cloud-DS Hybrid Cloud Caching A fundamental goal of the Hybrid Cloud Cache project is to allow simplified integration into existing data lakes, to enable caching to be transparently introduced into hybrid cloud computation, to support efficient caching of objects widely shared across clusters deployed by different organizations, and to avoid the complexity of managing a separate caching service on top of the data lake Volume Storage Over Object Storage This project creates a hybrid storage system composed of a high-speed local device (e.g. Optane) to store short term data, along with a write-once object store (e.g, Ceph RGW) to store data blocks permanently. Cloud-DS Kariz Cache Prefetching and Management Kariz is a caching system that works closely with analytic frameworks scheduler to find the best caching policy for the current running application. Cloud-DS OpenInfra Labs OpenInfra Labs is an OpenStack Foundation project connecting open source projects to production to advance open source infrastructure. The project … AI-ML, Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography, Testing and Ops Elastic Secure Infrastructure This project encompasses work in several areas to design, build and evaluate secure bare-metal elastic infrastructure for data centers. Cloud-DS, Security, Privacy, Cryptography, Testing and Ops Open Cloud Testbed The Open Cloud Testbed project will build and support a testbed for research and experimentation into new cloud platforms – the underlying software which provides cloud services to applications. Testbeds such as OCT are critical for enabling research into new cloud technologies – research that requires experiments which potentially change the operation of the cloud itself. AI-ML, Cloud-DS, Hardware and the OS, Security, Privacy, Cryptography, Testing and Ops Implementing Secure Multi-Party Computing Secure Multiparty Computation (MPC) is a cryptographic primitive that allows several parties to jointly and privately compute desired functions over secret data. Building and deploying practical MPC applications faces several obstacles, including performance overhead, complicated deployment and setup procedures, and adoption of MPC protocols into modern software stacks. MPC applications expose trade-offs between efficiency and privacy that may be hard to reason about, formally characterize, and encode in a protocol design or implementation. Cloud-DS, Security, Privacy, Cryptography Outfitting QEMU/KVM with Partitioning Hypervisor Functionality This project extends the virtualization capabilities of QEMU and KVM by adding partitioning hypervisor functionality. With this implementation, hardware resources can be exclusively assigned to specific tasks and VMs. Current work supports KVM Isolation IOCTLs to query CPUs to find isolated CPUs. Hardware and the OS An Optimizing Operating System: Accelerating Execution With Speculation To optimize performance, Automatically Scalable Computation (ASC), a Harvard/BU collaboration attempts to auto-parallelize single threaded workloads, reducing any new effort required from programmers to achieve wall clock speedup. SEUSS takes a different approach by splicing a custom operating system into the backend of a high throughput distributed serverless platform, Apache OpenWhisk. SEUSS uses an alternative isolation mechanism to containers, called Library Operating Systems (LibOSs). Cloud-DS, Hardware and the OS Kernel Techniques to Optimize Memory Bandwidth with Predictable Latency Recent processors have started introducing the first mechanism to monitor and control memory bandwidth. Can we use these mechanisms to enable machines to be fully used while ensuring that primary workloads have deterministic performance? This project presents early results from using Intel’s Resource Director Technology and some insight into this new hardware support. The project also examines an algorithm using these tools to provide deterministic performance on different workloads. Hardware and the OS Unikernel Linux This project aims to turn the Linux kernel into a unikernel with the following characteristics: 1) are easily compiled for any application, 2) use battle-tested, production Linux and glibc code, 3) allow the entire upstream Linux developer community to maintain and develop the code, and 4) provide applications normally running vanilla Linux to benefit from unikernel performance and security advantages. Hardware and the OS Code2Vec: Learning code representations This project analyzed semantic similarities of learned code embeddings parsed from open source python libraries such as numpy, pandas and sklearn. Still in progress is another analysis that learns code embeddings in a supervised manner with the C++ codebase for performance measurement of program execution in CPU with performance counters (e.g. LLC misses to L1 requests, Cycles Per Instruction). AI-ML Fuzzing Device Emulation in QEMU Hypervisors—the software that allows a computer to simulate multiple virtual computers—form the backbone of cloud computing. Because they are both ubiquitous and essential, they are security-critical applications that make attractive targets for potential attackers. Hardware and the OS, Security, Privacy, Cryptography, Testing and Ops D3N: A Multi-Layer Cache for Data Centers This project designs and develops D3N, a novel multi-layer cooperative caching architecture that mitigates network imbalances by caching data on the access side of each layer of hierarchical network topology. A prototype implementation, which incorporates a two-layer cache, is highly-performant (can read cached data at 5GB/s, the maximum speed of our SSDs) and significantly improves the performance of big-data jobs. Cloud-DS Practical programming of FPGAs in the data center and on the edge FPGAs are now essential components in the data center and on the edge with millions deployed. FPGAs are found in a wide variety of system elements and provide such critical functions as SDN, encryption/decryption, and compression. Yet for nearly all system providers, much less system users, programming these FPGAs is impossible. Our overall goal is to enable FPGA application development by High Level Language (HLL) programmers, especially for the data center and the edge, and exclusively using existing open-source tools. AI-ML, Cloud-DS, Hardware and the OS Automatic Configuration of Complex Hardware In this project, we pursue three goals towards this understanding: 1) identify, via a set of microbenchmarks, application characteristics that will illuminate mappings between hardware register values and their corresponding microbenchmark performance impact, 2) use these mappings to frame NIC configuration as a set of learning problems such that an automated system can recommend hardware settings corresponding to each network application, and 3) introduce either new dynamic or application instrumented policy into the device driver in order to better attune dynamic hardware configuration to application runtime behavior. Hardware and the OS Quest-V, a Partitioning Hypervisor for Latency-Sensitive Workloads Quest-V is a separation kernel that partitions services of different criticality levels across separate virtual machines, or sandboxes. Each sandbox encapsulates a subset of machine physical resources that it manages without requiring intervention from a hypervisor. In Quest-V, a hypervisor is only needed to bootstrap the system, recover from certain faults, and establish communication channels between sandboxes. Hardware and the OS Performance Management for Serverless Computing Serverless computing provides developers the freedom to build and deploy applications without worrying about infrastructure. Resources (memory, cpu, location) specified … Cloud-DS