On the Virtualization of CUDA Based GPU Remoting on ARM and X86 Machines in the GVirtuS Framework

The astonishing development of diverse and different hardware platforms is twofold: on one side, the challenge for the exascale performance for big data processing and management; on the other side, the mobile and embedded devices for data collection and human machine interaction. This drove to a highly hierarchical evolution of programming models. GVirtuS is the general virtualization system developed in 2009 and firstly introduced in 2010 enabling a completely transparent layer among GPUs and VMs. This paper shows the latest achievements and developments of GVirtuS, now supporting CUDA 6.5, memory management and scheduling. Thanks to the new and improved remoting capabilities, GVirtus now enables GPU sharing among physical and virtual machines based on x86 and ARM CPUs on local workstations, computing clusters and distributed cloud appliances

On the Impact of the Cellular Modem on the Security of Mobile Phones

Mobile Kommunikation, Mobiltelefone und Smartphones sind ein wesentlicher Bestandteil unseres täglichen Lebens geworden. Daher ist es essentiell, dass diese sicher und zuverlässig funktionieren. Mobiltelefone und Mobilfunknetze sind hoch komplexe Systeme. Solche Systeme abzusichern ist eine anspruchsvolle Aufgabe. Vorangegangene Arbeiten haben sich meist auf die mobilen Endgeräte, im Speziellen auf die Betriebssysteme sowie Endanwendungen, konzentriert. Die vorliegende Doktorarbeit untersucht einen neuen Weg im Bereich Mobilfunksicherheit. Im Fokus steht das Modem als Schnittstelle zum Mobilfunknetz. Das Mobilfunkmodem ist die Komponente, welche die Funkverbindungzum Mobilfunknetz herstellt und ist nach unserer Auffassung eine der Schlüsselkomponenten bei der Untersuchung und Verbesserung der Mobilfunksicherheit. Mobilfunkmodems sind proprietär und können nur mit extrem hohem Aufwand untersucht werden. Für den Einbau zusätzlicher Sicherungsmaßnahmengilt dasselbe. Aus diesen Gründen analysiert diese Arbeit nicht das Innenleben eines Modems, sondern dessen Schnittstelle zum mobilen Betriebssystem. In dieser Arbeit untersuchen wir daher die folgende von uns aufgestellte These: Die Sicherheit mobiler Endgeräte sowie der Mobilfunknetze hängt direkt mit der Sicherheit der Modemschnittstelle zusammen. Diesen Zusammenhang legen wir anhand von drei Schritten dar. Im ersten Schritt führen wir eine Untersuchung der Modemschnittstelle durch. Basierend auf den Ergebnissen der Untersuchung führen wir mehrere Sicherheitsanalysen von Short-Message-Service- (SMS) Implementierungen von verschiedenen Telefontypen durch. Im zweiten Schritt untersuchen wir die Möglichkeiten, die sich Schadcode auf mobilen Endgeräten zu Nutze machen kann. Für diese Untersuchung entwickeln wir ein Proof-of-Concept-Botnetz, welches mittels des Modems verdeckt kommuniziert. Im dritten Schritt implementieren wir, basierend auf den Ergebnissen der vorangegangenen Schritte, einen Schutzmechanismus zur Absicherung des Modems gegen bösartige Zugriffe. Durch unsere Untersuchungen sind wir zu mehreren Ergebnissen gekommen. Die Software für den Empfang von SMS-Nachrichten beinhaltet oftmals (zum Teil kritische) Sicherheitsprobleme. Diese Sicherheitsprobleme haben auch Auswirkungen auf andere Komponenten der Endgeräte. Mit unserem mobilen Botnetz zeigen wir, welche Möglichkeiten Schadcode auf Mobiltelefonen grundsätzlich zur Verfügung stehen. Durch den von uns entwickelten Schutzmechanismus der Modemschnittstelle bestätigen wir unsere anfangs formulierte These. Die Absicherung der Modemschnittstelle verhindert die zuvor präsentierten Angriffe und zeigt hierdurch, dass die Modemschnittstelle einen entscheidenden Faktor der Mobilfunksicherheit darstellt.Cellular communication and especially mobile handsets are an essential part of our daily lives. Therefore, they need to be secure and work reliably. But mobile handsets and cellular networks are highly complex systems and securing them is a challenging task. Previously, most efforts concentrated on the handsets. These efforts only focused on the mobile phone operating system and applications in order to improve cellular system security. This thesis takes a new path and targets the cellular modem as the route to improve the security of mobile handsets and cellular networks. We target the modem since it is one of the essential parts of a mobile handset. It is the component that provides the radio link to the cellular network. This makes the modem a key element in the task to secure mobile phones. But cellular modems are proprietary and closed systems that cannot be easily analyzed in the full or even modified to improve security. Therefore, this thesis investigates the security of the cellular modem at its border to the mobile phone operating system. We suspect that the security of mobile handsets and cellular network strongly depends on the security of the modem interface. This is our hypothesis, which we seek to prove in this work. We solve this in three steps. In the first step, we analyze the interaction between the cellular modem and the other parts of a modern mobile phone. Based on the analysis we develop two novel vulnerability analysis methods. Using this methods we conduct vulnerability analysis of the Short Message Service implementations on various mobile phones. In the second step, we investigate the possible capabilities that malware has through unhindered access to the cellular modem. For this, we develop a cellular botnet where the bots utilize the modem for stealthy communication. In the third step, we use the results from the previous analysis steps to improve the security at the cellular modem interface. In our analysis step, we abused the cellular modem for vulnerability analysis.We discovered several security and reliability issues in the telephony softwares tack of common mobile phones. Using our cellular botnet implementation, we show how malware can abuse access to the cellular modem interface for various kinds of unwanted activities. In the final step, we show that through improving the security at the cellular modem interface the security of mobile handsets as well as the security of cellular networks can be increased. Throughout this thesis we show that the cellular modem has a significant impact on mobile phone security

Improved planning and resource management in next generation green mobile communication networks

In upcoming years, mobile communication networks will experience a disruptive reinventing process through the deployment of post 5th Generation (5G) mobile networks. Profound impacts are expected on network planning processes, maintenance and operations, on mobile services, subscribers with major changes in their data consumption and generation behaviours, as well as on devices itself, with a myriad of different equipment communicating over such networks. Post 5G will be characterized by a profound transformation of several aspects: processes, technology, economic, social, but also environmental aspects, with energy efficiency and carbon neutrality playing an important role. It will represent a network of networks: where different types of access networks will coexist, an increasing diversity of devices of different nature, massive cloud computing utilization and subscribers with unprecedented data-consuming behaviours. All at greater throughput and quality of service, as unseen in previous generations. The present research work uses 5G new radio (NR) latest release as baseline for developing the research activities, with future networks post 5G NR in focus. Two approaches were followed: i) method re-engineering, to propose new mechanisms and overcome existing or predictably existing limitations and ii) concept design and innovation, to propose and present innovative methods or mechanisms to enhance and improve the design, planning, operation, maintenance and optimization of 5G networks. Four main research areas were addressed, focusing on optimization and enhancement of 5G NR future networks, the usage of edge virtualized functions, subscriber’s behavior towards the generation of data and a carbon sequestering model aiming to achieve carbon neutrality. Several contributions have been made and demonstrated, either through models of methodologies that will, on each of the research areas, provide significant improvements and enhancements from the planning phase to the operational phase, always focusing on optimizing resource management. All the contributions are retro compatible with 5G NR and can also be applied to what starts being foreseen as future mobile networks. From the subscriber’s perspective and the ultimate goal of providing the best quality of experience possible, still considering the mobile network operator’s (MNO) perspective, the different proposed or developed approaches resulted in optimization methods for the numerous problems identified throughout the work. Overall, all of such contributed individually but aggregately as a whole to improve and enhance globally future mobile networks. Therefore, an answer to the main question was provided: how to further optimize a next-generation network - developed with optimization in mind - making it even more efficient while, simultaneously, becoming neutral concerning carbon emissions. The developed model for MNOs which aimed to achieve carbon neutrality through CO2 sequestration together with the subscriber’s behaviour model - topics still not deeply focused nowadays – are two of the main contributions of this thesis and of utmost importance for post-5G networks.Nos próximos anos espera-se que as redes de comunicações móveis se reinventem para lá da 5ª Geração (5G), com impactos profundos ao nível da forma como são planeadas, mantidas e operacionalizadas, ao nível do comportamento dos subscritores de serviços móveis, e através de uma miríade de dispositivos a comunicar através das mesmas. Estas redes serão profundamente transformadoras em termos tecnológicos, económicos, sociais, mas também ambientais, sendo a eficiência energética e a neutralidade carbónica aspetos que sofrem uma profunda melhoria. Paradoxalmente, numa rede em que coexistirão diferentes tipos de redes de acesso, mais dispositivos, utilização massiva de sistema de computação em nuvem, e subscritores com comportamentos de consumo de serviços inéditos nas gerações anteriores. O trabalho desenvolvido utiliza como base a release mais recente das redes 5G NR (New Radio), sendo o principal focus as redes pós-5G. Foi adotada uma abordagem de "reengenharia de métodos” (com o objetivo de propor mecanismos para resolver limitações existentes ou previsíveis) e de “inovação e design de conceitos”, em que são apresentadas técnicas e metodologias inovadoras, com o principal objetivo de contribuir para um desenho e operação otimizadas desta geração de redes celulares. Quatro grandes áreas de investigação foram endereçadas, contribuindo individualmente para um todo: melhorias e otimização generalizada de redes pós-5G, a utilização de virtualização de funções de rede, a análise comportamental dos subscritores no respeitante à geração e consumo de tráfego e finalmente, um modelo de sequestro de carbono com o objetivo de compensar as emissões produzidas por esse tipo de redes que se prevê ser massiva, almejando atingir a neutralidade carbónica. Como resultado deste trabalho, foram feitas e demonstradas várias contribuições, através de modelos ou metodologias, representando em cada área de investigação melhorias e otimizações, que, todas contribuindo para o mesmo objetivo, tiveram em consideração a retro compatibilidade e aplicabilidade ao que se prevê que sejam as futuras redes pós 5G. Focando sempre na perspetiva do subscritor da melhor experiência possível, mas também no lado do operador de serviço móvel – que pretende otimizar as suas redes, reduzir custos e maximizar o nível de qualidade de serviço prestado - as diferentes abordagens que foram desenvolvidas ou propostas, tiveram como resultado a resolução ou otimização dos diferentes problemas identificados, contribuindo de forma agregada para a melhoria do sistema no seu todo, respondendo à questão principal de como otimizar ainda mais uma rede desenvolvida para ser extremamente eficiente, tornando-a, simultaneamente, neutra em termos de emissões de carbono. Das principais contribuições deste trabalho relevam-se precisamente o modelo de compensação das emissões de CO2, com vista à neutralidade carbónica e um modelo de análise comportamental dos subscritores, dois temas ainda pouco explorados e extremamente importantes em contexto de redes futuras pós-5G

Dynamic management of multiple operating systems in an embedded multi-core environment

Modernit sulautetut laitteet, kuten älypuhelimet, ovat kasvaneet monimutkaisiksi tietokonejärjestelmiksi, jotka tarjoavat samaan aikaan niin rikasta käyttäjäkokemusta kuin reaaliaikaista suorituskykyä alemman tason laitteille, kuten kameralle tai radiolle. Kilpailu sulautettujen järjestelmien markkinoilla on kovaa, etenkin loppukäyttäjille myytävissä mobiililaitteissa, mikä johtaa tarpeeseen vähentää laitteiden valmistuskustannuksia vaikuttamatta laitteen suorituskykyyn. Pöytäkoneiden markkinoilla jo pitkään tapahtunut siirtyminen moniydinsuorittimen käyttöön on viime aikoina alkanut tapahtua myös sulautetuissa järjestelmissä, joiden haasteena on jatkuvasti kasvava vaatimustaso suorituskyvylle ja toisaalta taas tiukat rajoitukset energiankäytölle. Moniydinsuorittimista ei kuitenkaan saada toivottua suorituskyvyn lisäystä, jos ohjelmistokehitystä jatketaan vanhoilla, yksiydinsuorittimille tarkoitettuilla toimintatavoilla. Tässä työssä esitellään systeemitason ratkaisu moniydinprosessorien rinnakkaisen laskentavoiman tehokkaaseen käyttöön. Työssä kehitettiin ratkaisu nimeltä DynOS SPUMONE, jonka perustana on käyttää kevyttä virtualisointikerrosta ajamaan samanaikaisesti eri käyttöjärjestelmiä moniydinprosessorin eri ytimillä tarpeen mukaan. Ideana on ajaa tarvittaessa reaaliaikaista suorituskykyä vaativat ohjelmat omalla ytimellään käyttäen reaaliaikakäyttöjärjestelmää. Ratkaisua voitaisiin käyttää säästämään sulautettujen laitteiden valmistuskuluissa poistamalla nykyisen tarpeen käyttää erillisiä piirejä ajamaan reaaliaikasovelluksia. Työssä kehitettiin myös DynOS SPUMONE:en perustuva prototyyppi, joka verifikoitiin ja arvioitiin. Työn tulokset osoittavat DynOS SPUMONE:en pohjautuvien ratkaisujen olevan toteutettavissa erittäin kohtuullisin suunnittelukustannuksin ilman mainittavaa vaikutusta systeemin reaaliaikaiseen suorituskykyyn.Modern embedded devices, such as smartphones, have grown into complex computer systems that provide a rich set of functionality for their users while still maintaining real-time responsiveness for their low level functions such as radio communication or camera control. The embedded market is very competitive, especially in end-user mobile devices, making it desirable to reduce manufacturing costs without compromising device performance wherever possible. The ever-growing user demand for more computing-intensive applications coupled with tight energy budgets has led the embedded manufacturers to seek performance gains from multi-core architectures, much like their desktop counterparts. However, multi-core architectures have little to provide in performance gains when used with applications developed with traditional software design methods that are aimed at single-core archictures. This thesis presents a system-level solution for e_ectively using the parallel computing power of multi-core processors. DynOS SPUMONE, a concept of using a light weight virtualization layer to dynamically dispatch di_erent OSes on di_erent cores, was developed. The concept is to run real-time tasks, such as device control for peripherals, on real-time capable operating systems running on dedicated cores only when they are actually needed. This could be used to eliminate separate physical chips on the device, which would reduce manufacturing costs. A prototype implementation of DynOS SPUMONE was built, veri_ed and evaluated. The results show that the DynOS SPUMONE concept is realizable with reasonable engineering costs and without significant drops in real-time performance

Software as a Service: Analysing Security Issues

Software-as-a-service (SaaS) is a type of software service delivery model which encompasses a broad range of business opportunities and challenges. Users and service providers are reluctant to integrate their business into SaaS due to its security concerns while at the same time they are attracted by its benefits. This article highlights SaaS utility and applicability in different environments like cloud computing, mobile cloud computing, software defined networking and Internet of things. It then embarks on the analysis of SaaS security challenges spanning across data security, application security and SaaS deployment security. A detailed review of the existing mainstream solutions to tackle the respective security issues mapping into different SaaS security challenges is presented. Finally, possible solutions or techniques which can be applied in tandem are presented for a secure SaaS platform

ACUTA Journal of Telecommunications in Higher Education

In This Issue lT Market Clock for Enterprise Networking lnfrastructure, 2010 Emerging Technology Trends-Finding the Next Big Thing Money and Mobile Access Challenge Community Colleges A Business Perspective on Hosted Communications FMC: Ready to Fly or Flop? Challenges Facing Broadband Wireless Providers Deploying IEEE 802.11n Data and Security Networks Campuswide While Optimizing Energy Efficiency Interview President\u27s Message. From the Executive Director O&A from the CI