Research Partners

Kernkonzept collaborates in various research projects. With our research partners we develop and evolve our L4Re Operating System Framework.

Exploring new uses

Research projects with L4Re

We are striving to keep our software state-of-the-art and are constantly exploring new application ranges. But with our participation in various national and international research projects we not only aim to improve and extend functionalities and uses for our L4Re Operating System and Hypervisor Framework.

Scientific research and the transfer of knowledge in the IT community are core values of our company and of our employees, many of whom are actively engaged in the open-source software community. With our research activities we also contribute to European digital sovereignty, a very important goal for the next years.

A selection of our latest and ongoing involvements into research projects you can read below. We also regularly publish whitepapers to present the state of development and discuss new areas of use for the L4Re Operating System Framework.

Overview

EvIT/Formula-V

The project

EvIT was initiated by the German Cyberagentur, a federal Ltd. for fostering cyber innovation and enhancing IT security in defense.

The overall goal of EvIT is to bring trustworthy IT into widespread use by further developing formal methods. The complete absence of security vulnerabilities can only be proven mathematically, which should be the only trustworthy basis for reliably secured, highly complex systems and critical infrastructures.

Formula-V is one of five projects in the “Ecosystem Trustworthy IT (EvIT)” program that targets trustworthy IT hardware and software infrastructure.

This research group aims to advance tooling and mechanisms in formal methods and programming techniques. Several working groups will create an ecosystem of security mechanisms and methods to software development that make a major step in software development.

Kernkonzept topics

Based on the L4Re Secure Separation Kernel, which is accredited by BSI for use up to German GEHEIM/NATO SECRET and Common Criteria certified as EAL4+, the Formula-V research group aims to develop a trustworthy, formally verifiable IT hardware and software infrastructure, thus enabling true Security by Design.

Central to this effort is establishing a mathematical proof of the correctness of hardware and software against a formal model. We want to improve both the development tools and the techniques used for formal proofs.

The goal of the Formula-V project group is to build a fully verified IoT hardware and software stack, based on the RISC-V hardware architecture and the Rust programming language. All components shall be formally proven with the Rocq theorem prover.

Project information

EvIT/Formula-V

Project state:

Ongoing

Overview

UP2DATE4SDV

The project

UP2DATE4SDV is an international project that aims to enable safe and secure modular updates, upgrades and dynamic task reallocation and execution for the Software Defined Vehicle (SDV).

UP2DATE4SDV has connected automotive hardware manufacturers, the automotive software industry and SMEs with the best-known researchers in the field to jointly create a comprehensive ecosystem for updatable, upgradable, and reconfigurable software-defined connected and automated vehicles.

To this end, a middleware solution is to be created and integrated into the current automotive open source standards, which allows complete abstraction not only of the software running in the vehicle, but also of the installed hardware. As a result, the software can be continuously updated over-the-air over the lifetime of the vehicle and thus kept safe, secure, and up to date. Meanwhile, the hardware components can also be easily replaced or supplemented to meet future requirements.

To achieve this, the project group will additionally develop a new hardware component that is based on established automotive systems. This will be expanded in such a way that the unavoidable overhead resulting from the update capability of the systems is minimised, thanks to explicit hardware support. The overall solution is suitable for the upcoming zonal E/E architectures that have a permanent connection to the cloud.

The project therefore aims to develop and integrate methods that ensure the safety of the systems during an update, by strictly separating all individual automotive applications in containers. In addition, a security layer will be introduced to prevent attacks via the cloud link or among the application modules.

Finally, we want to make it easier for automotive software developers to use our middleware by establishing a reference layer based on a hypervisor that prevents the real-time requirements of different application modules from influencing each other. Communication to the vehicle components and to the cloud is abstracted and standardised.

In addition, we will provide methods to automate the V&V process for each further update, upgrade, or reconfiguration, thus ensuring security at every step.

Kernkonzept topics

Project information

UP2DATE4SDV

Project state:

Started

Overview

MikroRZ

The project

As the foundation of cloud-based IT solutions, data centers are a central component of industrial digitalization. However, in order to be equipped for security-critical applications in the fields of medicine or critical infrastructure, the trustworthiness and security of the server infrastructure in the data center must be strengthened and upgraded in terms of European and national sovereignty.

The MikroRZ project aims to achieve secure and scalable data storage in microkernel-based data centers. It aims to develop a secure hypervisor for data centers as the basis for a sovereign IT infrastructure.

Kernkonzept topics

The MikroRZ project sees considerable potential for improvement in the operating systems used and is relying on the microkernel-based L4Re Operating System Framework. Compared to established operating systems such as Linux, L4Re offers an infinitely smaller attack surface for cyberattacks due to its architecture, and therefore a significantly higher level of security.

Existing systems based on the L4Re Microkernel are enhanced by an added storage layer that scales to the needs of data centers, while preserving the strong security and isolation properties of microkernels.

L4Re technology is already running numerous applications in safety-critical embedded systems and can provide practical proof of the increased safety through certifications like CC EAL4+ and German GEHEIM/NATO SECRET.

Project information

MikroRZ

Project state:

Ongoing

Overview

SEMECO

The project

SEMECO is an acronym for Secure Medical Microsystems and Communications. It represents a research initiative in the field of medicine, funded by the German Federal Ministry for Education and Research. The SEMECO future cluster is Europe’s first medical electronics cluster focused on medical needs.

The SEMECO medical research project aims to use the potential of microelectronics, sensors, and micro actuators to transform the healthcare sector. The existing regulatory landscape often falls short in accommodating the complexities of modern healthcare technologies, leading to care impediments, false alarms, and treatment malfunctions.

SEMECO’s primary objective is to create an academic-industrial ecosystem to build secure, highly integrated cybermedicine microsystems. By streamlining accreditation processes and facilitating the development of intelligent medical instruments and implants, innovation in the medical technology sector shall be eased and fastened, benefiting both healthcare professionals and patients.

The SEMECO project partners come from diverse domains, including microelectronics, communication technology, nanotechnology, AI-based knowledge systems, and secure runtime environments. This consciously broad mix of knowledge aims to overcome barriers an accelerate innovation.

Kernkonzept topics

In implementation phase 1, Kernkonzept is involved in the sub-project “Secure and trustworthy system architectures (Q1)” and is working here with companies such as Infineon, Cyberus and Secunet as well as research institutes such as the TU Dresden/Faculty of Computer Science.

Our open-source L4Re Operating System Framework serves as a foundational element for the industrial ecosystem the SEMECO project aims to establish. L4Re provides the basis for a robust, secure system architecture upon which trusted medical devices can be built.

Project information

SEMECO

Project state:

Ongoing

Project Partners:
TU Dresden/Fakultät Informatik
Barkhausen Institut gGmbH
Carl Zeiss Digital Innovation GmbH
Cyberus Technology GmbH
Infineon Technologies AG
secunet AG
T-Systems Multimedia Solutions GmbH

Overview

MANNHEIM CeCas

The project

The MANNHEIM-CeCaS project researches software development methods for the digitalization of automobility. With its title “Supercomputing for Automotive” the project sets a different focus than EMDRIVE, in which Kernkonzept is also involved.

The CeCaS project aims to develop a high-performance supercomputing platform for automobiles whose central computing unit is based on novel, automotive-qualified high-performance processors in non-planar transistor technology (FinFET) and supplemented by an adaptive software platform. This will soon be the only way to handle the large volumes of data required for demanding calculations in highly automated vehicles.

For practical applicability of the technology in the field of autonomous driving, full ASIL-D qualification is to be achieved at system level.

Kernkonzept topics

Kernkonzept supports the MANNHEIM-CeCaS project with our expertise in virtualization-enabled, real-time operating systems. Our open-source L4Re Hypervisor will make these novel automotive software platforms more efficient and user-friendly. Furthermore, the improvement of scheduling mechanisms will enable integrating diverse applications, while meeting safety and timing requirements.

Our goal is to create a high-end computing platform that is suitable for everyday use, energy-efficient and cost-effective – making the European automotive industry fit for the future.

Project information

MANNHEIM CeCas

Project state:

Ongoing

Project Partners:
Infineon Technologies AG (IFAG)
Infineon Dresden GmbH & Co. KG (IFD)
Robert Bosch GmbH
Continental Automotive Technologies GmbH
ZF Friedrichshafen AG
Karlsruhe Institute of Technology (KIT)
Fraunhofer ENAS, IPMS, IMWS, IZM
AVL Software and Functions GmbH
TU München & HS München
FZI Forschungszentrum Informatik (FZI)
Universität zu Lübeck (UzL)
TU Chemnitz
Steinbeis ZFW
Hella GmbH & Co KGaA
Cypress Semiconductor GmbH
Swissbit Germany AG
Ambrosys GmbH
STTech GmbH
Berliner Nanotest und Design GmbH
Missing Link Electronics GmbH
Glück Engineering GmbH
INCHRON AG
emmtrix Technologies GmbH

Overview

EuroHPC/EPI 2

The project

The present EuroHPC/EPI 2 (SGA2) builds on top of EPI 1 (SGA1), enabling European digital sovereignty with an increased focus on processor technologies, based on the ARM ISA and HPC accelerator technologies running on open source hardware (RISC-V ISA). EPI 2 is about validating the first-generation processor and then moving forward with the development of the 2nd generation of low-power processors and accelerators.

Kernkonzept topics

Supporting the 2nd generation processor, Kernkonzept will extend the L4Re Operating System Framework to the next processor, developed by the EPI (European Processor Initiative) consortium, and ensure efficient execution of work loads. The Common Criteria EAL security certification of the L4Re Framework will likewise be continued and concluded.

Project information

EuroHPC/EPI 2

Project state:

Ongoing

Overview

EMDRIVE

The project

Autonomous vehicles appear to be an established goal on the road to new mobility systems.
While field tests demonstrate the increasing perfection and technical feasibility, demands on energy use and real time computational power pose an obstacle for the application as a cost-efficient mass product.

One way out lies in the dynamic load distribution in the automotive compute system to provide scalable data processing with minimal energy use and at a justifiable cost.

Such a system needs to be functionally secure, hardened against manipulation and reliable throughout the whole life cycle, i.e. ASIL-D (Automotive Safety Integrity Level) qualified.

Kernkonzept topics

Dynamic load distribution constitutes a challenge for safety, whereas current production systems distribute tasks to fixed compute notes.

In addition to addressing the multi-dimensional challenges of dynamic load distribution, EMDRIVE has the unique feature of aiming for real time diagnosis, adaption and supervising.

Kernkonzept participates in the requirement analysis, the specification of the computer architecture (especially the application processor and acceleration units), and as a main activity implements dynamic operation strategies in the L4Re operating system.
Dynamic operation is made available to an orchestration component and supports project partners in the implementation of the real time monitoring infrastructure.

Project information

EMDRIVE

Project state:

Completed

Project partner:
Continental Teves AG & Co. OHG
Elektrobit Automotive GmbH
Siemens AG
Ambrosys GmbH
Karlsruher Institut für Technologie (KIT)
FZI Forschungszentrum Informatik
Technische Universität München
Fraunhofer-Institut für Elektronische Nanosysteme ENAS
ZF Friedrichshafen AG

Overview

secureAR

The project

The aim of the secureAR collaborative research project is to investigate and develop innovative services in the industrial production environment.
In the future factories will manufacture individual, one-off products and achieve higher levels of labour productivity. This will also intensify the demands made on workers.

Modern augmented reality (AR) assistance systems are to be integrated as effectively as possible into these production and service processes in order to support employees and allow the localised, situational provision and visualisation of data.

A cloud-based service platform with open interfaces for various industrial sectors is to be made available that will collect data along the whole value chain from planning to production processes and system maintenance.

This research and development project is funded by the Federal Ministry of Education and Research (Bundesministerium für Bildung und Forschung, BMBF) in context of the research programme “Internet-based Services for Complex Products, Production Processes and Production Systems (Smart Services)”.

Kernkonzept topics

One of the main components of secureAR are novel security glasses with an integrated low power OLED display. The display, as well as sensors and cameras, connect to a local mobile platform which is linked to the cloud via wireless network technology such as Wifi, 4G or 5G.

To thwart attacks, the mobile platform uses a secure operating system based on the microkernel-based L4Re Operating System Framework. It is comprised of several compartments, where main applications are run in a virtual machine (VM) using Android while communication and machine learning and neural network algorithms are run in other Linux-based VMs, allowing for complete encapsulation and safeguarding of the system, the data is processes and its communication over the Internet.

Beyond that, exceptionally critical processes or security certificates can be moved into L4Re micro applications.

Project information

secureAR

Project state:

Completed

Project Partner:
Airbus
Bundesamt für Arbeitsschutz und Arbeitsmedizin (BAuA)
Fraunhofer FEP
Gestalt Robotics
Siemens

Overview

VerSeCloud

The project

Virtualization of servers – Cloud Computing – is prevalent in today’s IT landscape. Adopters hope to gain scalability and cut costs through consolidation and central management of the organization’s servers.

Until now, German government bodies handling classified information such as VS-NfD have been locked out from taking advantage of cloud computing, because the complexity of the underlying operating systems makes the notoriously hard to certify.

The aim of the VerSeCloud project is to develop a performant, flexible and trustworthy virtualization solution based on a microkernel operating system. Using formal methods, an abstract system can be proven to provide the required security properties of the microkernel and device drivers.

Finally, snapshots of the system provide backups and make enable forensic investigations.

Kernkonzept topics

Kernkonzept’s mission in the VerSeCloud research project is to extend the L4Re Hypervisor for cloud use-cases and to formally verify the security properties of the underlying L4Re Operating System.

The L4Re Hypervisor is extended with improved SMP support and device pass-through, will gain an interface that enables virtual machine guests to provide services such as file system access to the host. Support for new guest operating systems such as OpenBSD and Microsoft Windows, and dynamic instantiation of VMs is explored.

For formal verification of security properties, an abstract model of L4Re is refined to a composition of L4Re components and memory pages with detailed access rights are added to the model. Additionally, we will research approaches to model based testing of parallel computation and verify a selection of parallel algorithms in L4Re.

Project information

VerSeCloud

Project state:

Completed

Overview

European Processor Initiative (EPI)

The project

The project aims to deliver a high-performance, low-power processor, implementing vector instructions and specific accelerators with high bandwidth memory access. The EPI processor will also meet high security and safety requirements. This will be achieved through intensive use of simulation, development of a complete software stack and tape-out in the most advanced semiconductor process node. The project will provide a competitive chip that can effectively address the requirements of the HPC, AI, automotive and trusted IT infrastructure markets.
Part of the project is to develop demonstration platforms to validate this chip in the HPC context and in the automotive context.

Kernkonzept topics

Kernkonzept provides the hypervisor layer of the Automotive eHPC platform software stack. While porting the L4Re Framework to the Automotive eHPC platform, and thus improving it towards those use-cases, Kernkonzept also supports employing virtualization on those platforms. Besides employing the L4Re operating system, Common Criteria EAL certification for the L4Re Framework is pursued.

Project information

EPI - Phase 1

Project state:

Completed

Overview

Jupiter

The project

Energy grids of the future will be more efficient, dynamic and decentralized. Smart grids will provide the “Internet of Energy” by coordinating a huge variety of electricity producers and consumers. As the central interface between the smart grid and households or factories the Smart Meter Gateway (SMGw) is an important component.
Security requirements necessitate certification by the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI), which due to the complexity of traditional platforms has so far proven overly intricate.
This poses problems for field tests, the collection of experiences before mass rollout and the development of new business models.
The project addresses these shortcomings by developing a certifiable secure platform.

Kernkonzept topics

Kernkonzept’s role in the Jupiter project is to advance the development of a certifiable modular operating systems platform.
The strict separation of software components by means of a microkernel-based OS software is the core of the security architecture.
Due to the extent of the task, only intermediate steps towards that goal can be achieved in the scope of the project.
The system shall be designed in a way that will allow to meet the strict requirements of the BSI while enabling the running of third party apps and services without impairing the certification of the platform as a whole.

Project information

Jupiter

Project state:

Completed

Overview

Fast VPN: Network Infrastructure for Industry 4.0

The project

The main goal of this project was the creation of suitable and intuitive network solutions that meet both high-performance realtime requirements and increased security needs of industry 4.0 and SCADA systems.
These solutions provide an easy way to regulate access to devices, data and functionalities and to secure data streams independently of used applications protocols.
To this end state-of-the-art cryptography was combined with separation based on virtualization and microkernel operating systems.
We ensured real time capabilities of the system by software design decisions and choice of algorithms and hardware.
To increase usability, modern methods of human-machine interaction and interactive information visualization were investigated, evaluated, and implemented.

Kernkonzept topics

Kernkonzept provided the separation layer for the gateway component that ensures the isolation of software components so that malfunction in single components cannot compromise independent components.
This was achieved by utilizing the microkernel architecture of the L4Re Operating System Framework, which provides isolation properties with a minimal Trusted Computing Base (TCB) while allowing realtime properties.

Project information

Fast VPN

Project state:

Completed

Overview

MicroHPC

The project

Due to the end of Moore’s Law, parallelism is inherent in modern computers.
This trend will only be intensified by the growing need of computing power in emerging use cases such as autonomous systems and Industry 4.0.
The goal of this project was to research heterogeneous systems and to implement a prototype of a system that can serve as the base for a future product.

Kernkonzept topics

Enabling L4Re to provide security, real time computing and conserve energy on upcoming computers that resemble today’s supercomputers will open new scenarios for the L4Re operating system.
The research focus was on heterogeneous and parallel systems to accommodate specialized hardware for use cases such as image recognition, which will find widespread use in everyday systems.
In current systems, such specialized hardware is usually reserved exclusively for one application only.
It is desirable for them to be used transparently by multiple applications in the future without tradeoffs in realtime and security properties that L4Re has provided so far. Additionally the energy efficiency needs to be optimized to allow efficient use of multi-core systems.

Project information

MicroHPC

Project state:

Completed

Overview

EXPLOIDS

The project

The goal of EXPLOIDS („Explicit Privacy-Preserving Host Intrusion Detection System“) was methodic research on detection and reconnaissance of IT security incidents that is unsusceptible to manipulation.

This was achieved through the introduction of a reliable Host Intrusion Detection Systems (HIDS) which combines the advantages of network-based and host-based detection systems.

Secure data recording is at the root of detecting attacks on IT infrastructure and its subsequent analysis.

Kernkonzept topics

Traditional computer architectures provide only unreliable sensors for the surveillance of a computer system, because so far no discrete memory protection has been developed for host-based systems.

Therefore, the surveilled computer system is moved into a virtual machine provided by a trustworthy microkernel operating system with a minimal Trusted Computing Base (TCB) and is inspected from the host system where the inspection is protected through the virtualization layer.

The instrumented virtual machine monitor (VMM) serves as an interface between the HIDS and the virtual machine. It is therefore crucial to minimize its attach surface.
The L4Re Operating System Framework and its virtual machine monitor provide the most suitable platform because the capability-based design and their small size makes it feasible to evaluate the implementation of extensive access protection for all system resources.

Project information

EXPLOIDS

Project state:

Completed

L4Re Operating System Framework

Research papers on L4Re-related topics

Get in Contact

Let’s collaborate

Please contact our team for collaboration requests and information about running research projects.

Research Partners

Research projects with L4Re

EvIT/Formula-V

UP2DATE4SDV

MikroRZ

SEMECO

MANNHEIM CeCas

EuroHPC/EPI 2

EMDRIVE

secureAR

VerSeCloud

European Processor Initiative (EPI)

Jupiter

Fast VPN: Network Infrastructure for Industry 4.0

MicroHPC

EXPLOIDS

L4Re Operating System Framework

Research papers on L4Re-related topics

MettEagle: Costs and Benefits of Implementing Containers on Microkernels PDF

A Perfect Fit? – Towards Containers on Microkernels PDF

Safety Certification with the Open Source Microkernel-Based Operating System L4Re PDF

FFMK: An HPC OS based on the L4Re Microkernel HTML

Lateral Thinking for Trustworthy Apps PDF

Predictable Low-Latency Interrupt Response with General-Purpose Systems PDF

Let’s collaborate

KERNKONZEPT

We engineerSecurity.