Betriebssysteme · Institut für Systemarchitektur · Fakultät Informatik · TU Dresden

09. 05. 2014

Split TCP/IP Stack

Martin Unzner

TU Dresden

Verteidigung der Diplomarbeit

The TCP/IP protocol suite is the foundation of the worldwide internet, which is the world's most widespread computer network. Today, in most systems, TCP/IP protocols are still handled in the kernel. Faulty packets and attacks like SYN flooding can affect the whole operating system, even if they are just targeted towards one single network process. A userspace TCP/IP stack, on the other hand, exposes only networking applications to those threats.

Most userspace TCP/IP stacks are designed as independent application libraries that send and receive fully-fledged Ethernet frames. To communicate among each other, they each require separate addresses and need to be connected in a separate virtual network on the host computer, which is complicated to set up and unnecessarily increases the use of spare addresses.

I developed Swarm, a userspace switch that re-unites arbitrary independent userspace TCP/IP stacks into one logical host by administrating the system's port address space. In contrast to existing solutions, Swarm runs at user level and is thus fully isolated from non-network applications as well as critical kernel code.

I am going to introduce and evaluate my implementation that consists of a custom-tailored routing component and an adapted Rump TCP/IP stack.

09. 05. 2014

Error Detection Using Pipeline Fingerprinting

Christian Menard

TU Dresden

Verteidigung der Belegarbeit

Commonly software developers assume that hardware always functions correctly. However, this assumption does not hold as transistors are exposed to various environmental influences. A transient fault may occur at any time and may lead to system failure. Therefore we have to develop fault tolerant systems to protect critical applications.

Fault tolerance implemented in hardware is generally complex and cost-intensive but allows for high error coverage. Software solutions like Romain provide more flexibility and run on inexpensive COTS hardware. However, as error detection is performed on an abstract level, Romain cannot reach high error coverage without adding high overhead.

By combining hardware and software approaches it is possible to build flexible and competitive fault tolerant systems. I introduce a system that uses Romain for replication and a small hardware extension to assist error detection. This extension compresses all updates to the processor's architectural state into a fingerprint. Fingerprint comparison allows for high error coverage and reduces the bandwidth needed for a full state comparison to a minimum.
16. Jan 2018
· Copyright © 2001-2010 Operating Systems Group, TU Dresden | Impressum ·