We always look forward to collaborating with motivated students at any level. Our theses typically focus on theoretical and practical aspects of security assurance, certification, risk management, and artificial intelligence. All our theses consist of a theoretical and practical part, this split varies depending on the student (BsC, MsC) and the topic. In addition, the distinction between bachelor and master theses is not sharp, that is, a thesis can be adapted. Prerequisites do not need to be acquired before starting the thesis. If you are interested in one of the following theses, as well as any other theses fitting the aforementioned topics, just contact us by email.
Reproducibility and Scalability of an Apache Cluster in Kubernetes
Big-data environments are complex compositions of services require consistent configuration and precise coordination across several systems in the same network. The reduction of management costs and complexity is pushing institutions and firms to move to cloud-based hosting solutions, providing resources and storage scalability. Research projects are largely dependant on the reproducibility of experiments. This is especially important when handling large amounts of data. The infrastructure currently used by SESAR Lab is based on the Apache ecosystem, and it is integrated with multiple research projects. The current deployment is based on Docker, but partially lacks reproducibility and scalability features. We are interested in the realization of a Kubernetes-based deployment to improve reproducibility of configurations and scalability, in preparation of moving part of the infrastructure on the cloud. The goal of the thesis is to setup a Kubernetes-based cluster of services, and experimentally measure its overhead. This cluster should involve automatic scaling, continuous deployment, and be integrated with monitoring tools.
Implementation of an IoT Environment to Simulate Assurance Activities
The goal of the thesis is to design and implement in a simulated/emulated/virtualized environment a small to medium-scale IoT system. The simulator should be easy configurable and allow the creation of IoT systems resembling as much as possible a real-world IoT system, for instance in terms of type of devices. The resulting systems will be used in the experimental evaluation of novel assurance methodologies.
Lightweight Techniques for Poisoning Detection
One of the threats affecting machine learning (ML) is poisoning, where an attacker alters (poisons) the dataset such that the predictions of the resulting model change. There are several approaches to mitigate this threat, including the detection of poisoned data points, where the dataset is inspected according to some techniques and suspicious data points are flagged. The goal of the thesis is to design and implement novel techniques for poisoning detection. These techniques should balance the quality of the results and performance overhead.
Certification of Functional Software Distributions and Service Compositions
Software packaging, configuration and composition becomes increasingly complex the more dependencies are required by a service. QA techniques are more than ever required in order to achieve competitive SLO and ensure stability and performance of the systems. Functional packaging and configuration systems try to improve these aspects of software development and operation by streamlining the dependency management process and providing configuration check capabilities to prevent misconfiguration. Common QA techniques still leave some details out, i.e., they depend on the state of external services such as binary distribution servers, their default implementation may change with an untracked update. Contrary, functional packaging systems use stateless configurations to generate derivations that accurately describe how an application should be built or a service composition should be configured and deployed. We are interested in extending the Nix ecosystem, the currently most popular functional packaging system, to realize a POC of the following:
- code analysis during package builds (code assurance)
- configuration generation and checks (extending those that are already defined)
- service compositions configuration generation with checks
The goal of the thesis is the implementation of the extensions as a library that can be imported as an overlay, analyze a subset of the packages in the official repository looking for errors, analyze common services compositions found on online repositories looking for misconfigurations, and measure the overhead of the checks.
Discovery and Inference of Non-Functional Properties from a Running System
Existing certification schemes assume the existence of a detailed certification model specifying the certification process in details, namely the non-functional (e.g., confidentiality) property to certify, the target of certification, and the tests to execute to collect evidence that the target of certification supports the non-functional property. As we are moving towards lightweight techniques, this assumption no longer holds. For instance, in highly-dynamic scenarios where system components are composed at run time, not all components are individually certified and drive the composition according to their certificates. The goal of the thesis is to design a methodology where non-functional properties to certify or system components are inferred at run and certification time.
Fine-Grained Cost Model for Certification-Ready Systems
The goal of the thesis is to extend the work in our paper Bridging the Gap Between Certification and Software Development, where we defined a methodology to develop a software that, once realized, exhibits strong quality of non-functional properties, and, in turn, can be certified with low cost. In particular, the thesis should investigate i) the integration of cost models such as COCOMO within our methodology, ii) the refinement of the existing optimization methodology to balance between strength and cost.
One of the threats affecting machine learning (ML) is poisoning, where an attacker alters (poisons) the dataset such that the predictions of the resulting model change. There are several approaches to mitigate this threat, including the detection of poisoned data points, where the dataset is inspected according to some techniques and suspicious data points are flagged. The goal of the thesis is the design of techniques producing a hig-quality supposedly poisoning-free sub-dataset from a poisoning dataset. The sub-dataset could include only a fraction of the original data points.