Brno, Czech Republic | September 15

Red hat research day Europe 2022

Join us for an in-person Red Hat Research Day on September 15 in Brno, Czech Republic.

Learn about successful research cooperation between Red Hat and academic institutions worldwide, engage with industry and academic leaders, hear about their latest work, and get a glimpse of new research ideas that are just appearing on the horizon.

Explore the schedule

 About Research Day Europe 2022


Red Hat Research Day Europe 2022 is a one-day in-person conference taking place on September 15 in Brno, Czech Republic.
The goal of this event is to connect researchers with Red Hat engineers, customers, partners, industry representatives, and others interested in research that will impact open source software. 

This year’s program will cover research topics including:

  • cloud computing
  • security
  • networking
  • software testing and analysis
  • and more!
audience at Research Day Brno 2020

Research Day Europe 2022 Agenda

9am (CEST)

Registration opens

9:45am – 10:00am

Welcome to Research Day Europe 2022

10:00am – 10:30am

Using static analysis for microservices

Show the abstract

Static analysis traditionally provides early feedback to developers on code quality and potential issues in their program. However, in the context of Microservices, it must cope with decentralization and heterogeneity across codebases. Conventional low-level static analysis tools fail to address emerging needs for multi-codebase operability, which is common for microservices. To bridge such gaps, static analysis approaches could adapt and recognize the microservice development practice and use it to determine the system’s intermediate representation (IR). This talk illustrates our static analysis prototypes using a component-based graph as the system IR for technical reasoning about the overall system. Our system IR has been adopted for various tasks. For instance, it is possible to detect microservice bad smells to improve the evolution of these systems, check consistency across microservices, or improve the detection of semantic clones. It is also possible to perform conformance checking toward the originally intended architecture design using a visualization of the reconstructed system architecture. Various practical examples will be given throughout this talk.

10:35am – 11:05am

Analyzing the security certifications landscape: Does certification help security?

Supervisor: Vashek Matyáš

Show the abstract

Cryptographic hardware and software is often certified under security certification standards like the Common Criteria or FIPS 140 . The certification process involves a vendor submitting the product under evaluation to an independent evaluation facility, which evaluates the vendor’s claims on the security of the product and its development. This certification process produces several publicly available documents: the certification report, the security target, and sometimes a protection profile. These documents contain valuable information for the certification system stakeholders, researchers and for vulnerability assessment. With the high level of secrecy in the secure hardware development space, these documents are often the best source of information on some devices as demonstrated by their use for vulnerability impact assessment. However, the security certification ecosystem contains thousands of certificates and associated documents, which were not made to be machine readable and vary in their format and structure.

In this talk, we propose an automated way of mining these documents for information valuable to system stakeholders. We also use this information ourselves to analyze temporal trends in the security certifications landscape as well as the references between certificates and demonstrate their helpfulness for vulnerability impact assessment.

11:05am – 11:25am

Coffee break and networking

11:25am – 11:55am

LEGO for 6G: A modular open access end-to end-network architecture
to enable B5G/6G research

Show the abstract

The scope of this talk is twofold. Firstly, to provide an overview of globally identified 6G candidate technology areas and suggest a roadmap for leveraging public-private partnership research testbeds to influence the 6G vision and accelerate the full lifecycle of research and development, manufacturing, standardization, and market readiness for 6G. Secondly, to present an end-to-end programmable virtualized cloud native B5G architecture built on Red Hat Openshift leveraging 3GPP and O-RAN interfaces.

12:00pm – 12:30pm

Building a science lab with ContainerSSH

Tomáš Černý headshot

Nikos Tsipinakis, CERN

Show the abstract

Do you find providing SSH to a large number of users tiresome? So did we! Creating VMs, applications filling up disks, runaway processes, regular system upgrades, and user management are only a few of the problems a system administrator runs into when building a jump host or an access server. In contrast, ContainerSSH uses webhooks or now also Kerberos to provide SSH access independently from the underlying operating system, and drops users into individual containers. When the user disconnects, ContainerSSH deletes the container.

At CERN, ContainerSSH being tested as a pilot for the LxPlus Service, which provides access to roughly 2000 concurrent users for code writing, job submission, and file operations on various network file systems. Using their Kerberos ticket, users have their own folders automatically mounted and can work in their container in isolation.

12:30pm – 1:30pm

Lunch and networking

1:30pm – 2:00pm

Unleashing affordable cloud resources with SpotOS

Show the abstract

Community wisdom tells us that while the cloud early vision promised economy of scale, in practice, renting cloud resources is an expensive business. There are many reasons for this unfortunate state of affairs, some of which can be attributed to non-utilized opportunities. SpotOS is an effort which is aimed to use state of the art tools to help cloud users make better rental choices. In particular, SpotOS enables wider, easier, and better use of spot instances, which are “empty” resources sold at a high discount with the pitfall that they may have to be evacuated in short notice. SpotOS can be viewed as a new kind of a distributed “operating system” which extends the OS traditional tasks by optimizing task allocation to resources, optimizing batch resource rental from the provider, and supporting failover mechanisms. To achieve these goals SpotOS uses advanced modern tools such as optimization algorithms, predictive machine learning, efficient external storage, and stateful task management in distributed environments. The talk will survey the challenges and opportunities in SpotOS.

2:05pm – 2:30pm

Lightweight always-on network latency monitoring with eBPF

Supervisor: Anna Brunström

Co-supervisor: Toke Høiland-Jørgensen

Show the abstract

Network latency plays a crucial role for many applications and has been shown to have a considerable impact on the users’ quality of experience. Continuously and efficiently monitoring network latency is important for understanding the performance of any applications that run on top of the network today, and will become even more important in the future with an increasing focus on interactive and real-time applications. Always-on passive monitoring of network latency can provide continuous latency metrics without injecting any traffic into the network. However, current software-based passive network monitoring tools often struggle to keep up with the traffic as packet rates increase. We investigate the feasibility of using the emerging eBPF technology to enable lightweight passive network latency monitoring by implementing evolved Passive Ping (ePPing). ePPing can run on Linux devices at speeds of over 10 Gigabits per second on a single core, without requiring special hardware support or modifications of the kernel network stack, improving on current state-of-the-art software-based solutions.and has been shown to have a considerable impact on the users’ quality of experience. Continuously and efficiently monitoring network latency is important for understanding the performance of any applications that run on top of the network today, and will become even more important in the future with an increasing focus on interactive and real-time applications. Always-on passive monitoring of network latency can provide continuous latency metrics without injecting any traffic into the network. However, current software-based passive network monitoring tools often struggle to keep up with the traffic as packet rates increase. We investigate the feasibility of using the emerging eBPF technology to enable lightweight passive network latency monitoring by implementing evolved Passive Ping (ePPing). ePPing can run on Linux devices at speeds of over 10 Gigabits per second on a single core, without requiring special hardware support or modifications of the kernel network stack, improving on current state-of-the-art software-based solutions.

2:35pm – 3:00pm

Coffee break and networking

3:00pm – 3:30pm

Programming languages to runtime execution: A continuum for service orchestration in dynamic edge/fog environments

Show the abstract

The Internet of Everything (IoT, IIoT, Vehicular Networks, Smart *), requires applications to deal with a large amount of data – streamed, processed and stored from small devices to analytical systems. Cloud computing offers a solution to this issue, providing on-demand resources to process these data. New applications such as Tactile Internet, VR/AR, need for low latency, geo-data storing and processing, privacy & security concerns, and require new hydrid public and private Edge/Fog/Cloud Architectures. In this talk, we present how to to rapidly program and prototype FaaS-based distributed dataflow applications,
allowing an easy redeployment according to dynamic change of the environment, preventing single-point of failure. We discuss finally on-going work about to formalize and check the correctness of such service orchestrations.

3:30pm – 4:05pm

The role of contributor security behaviour in open source

Supervisor: Vashek Matyáš

Show the abstract

Preventing unintentional security incidents is especially crucial for IT professionals, who significantly impact system security from their positions as developers or project maintainers. When the identity of the developer of an open-source project is stolen, it could lead to malicious events and loss of trust. To prevent the possibility of stealing the developer account credentials, secure authentication is crucial. It is essential to understand how these people perceive security risks and how they behave to provide them with better authentication solutions that lead them to more secure behaviour. Leading IT professionals to more secure behaviour is especially crucial in software supply chain security of open-source software, where, e.g. no IT security policy is deployed. To point out the importance of the human factor in IT security, we conducted a survey in Red Hat on user GitHub authentication usage.

4:10pm – 4:40pm

4:10pm – 4:40pm

Social Event
featuring local folk music, gourmet banquet, traditional Czech goodies and beverages, and wine and coffee tasting

Meet our Speakers

Tomáš Černý

Tomáš Černý

Professor of Computer Science, Baylor University

Tomáš Černý leads the cloudhubs research team, which looks to various software engineering projects involving static and dynamic analysis of cloud-native systems and quality assurance.

>>Visit full profile

Ján Jančár

Ján Jančár

PhD student, Masaryk University

Supervisor: Vashek Matyáš

Ján Jančár works on several topics in applied cryptography, with the goal of securing cryptographic implementations against powerful attackers.

>>Visit full profile

Abhimanyu Gosain

Abhimanyu Gosain

Senior Director, Institute of Wireless Internet of Things, Northeastern University

Abhimanyu (Manu) Gosain is an Executive Director for Open6G,co-Chair for the FCC 6G Technology Advisory Council and Senior Advisor for NTIA and DoD OUSD R&E

>>Visit full profile

Nikos Tsipinakis

Nikos Tsipinakis

Open Source Developer at CERN

Nikos Tsipinakis is an open source developer, hacker and technology enthusiast. He is currently working with the Compute & Config team at CERN to containerize the interactive login service.

>>Visit full profile

Janos Bonic

Janos Bonic

Principal Software Engineer, Red Hat

Janos Bonic is a Principal Software Engineer at Red Hat and founder of ContainerSSH. Together with his wife, he’s writing papers and researching several topics around infrastructure and visual deep learning.

>>Visit full profile

Sanja Bonic

Sanja Bonic

Senior Software Engineer, Red Hat

Sanja Bonic works at Red Hat and is a PhD candidate at TU Berlin where she focuses on computer graphics and visualizations.

>>Visit full profile

Assaf Schuster

Assaf Schuster

Professor, Technion, Israel Institute of Technology

Prof. Assaf Schuster of the Computer Science Department at the Technion published over 250 papers in the areas of ML, AI, Streaming Data, Big Data Systems, Parallel and Distributed Computing, Scalability.

>>Visit full profile

Simon Sundberg

Simon Sundberg

PhD student, Karlstad University

Supervisor: Anna Brunström, Toke Høiland-Jørgensen

Simon Sundberg’s esearch area is monitoring of edge services, and he is currently focusing on network latency. By using the emerging eBPF and XDP technologies.

>>Visit full profile

Frédéric Le Mouël

Frédéric Le Mouël

Full Professor, head of the CITI Lab, University of Lyon

Frédéric Le Mouël is heading the Center for Innovation inTelecommunication and Integration of Services, where he is leading the Dynamic Software and Distributed Systems for the Internet of Things research group (DynaMid Team).

>>Visit full profile

Agáta Kružíková

Agáta Kružíková

PhD candidate, Masaryk University

Supervisor: Vashek Matyáš

Agáta Kružíková researches the authentication of both end-users and IT professionals in the field of usable security.

>>Visit full profile

Aleš Smrčka

Aleš Smrčka

Assistant Professor, Brno University of Technology

Aleš Smrčka received his PhD in the field of formal verification of hardware designs, in which he continued on research of formal verification of pipelined processors.

>>Visit full profile

Would you like to attend?

Research Day Europe is an in-person event designed for the research community. If you have not received an invitation and if you are interested in attending the event please contact us!