Uncategorized
-
Operating Systems & Virtualization
We design and analyze operating systems and hypervisors so that modern devices – from embedded ARM boards to cloud servers – can run multiple OSes and applications with real‑time guarantees. Our work on Xen‑ARM introduces real‑time–aware scheduling, timer hypercalls, and interrupt‑latency optimizations that let mobile and embedded systems meet strict deadlines even when they are fully virtualized. We also study I/O paths in virtualized environments to understand where latency comes from, and how to reshape the scheduler and interrupt handling to make response times predictable.
-
Trusted Execution & Security
We study trusted execution and system security from hardware up to the OS and runtime layer. Our work uses Intel SGX and ARM TrustZone to build trusted execution environments (TEEs) that still work in realistic cloud and mobile settings — for example, migrating enclaves and SGX‑enabled VMs between hosts while preserving integrity and attestation, comparing SGX/TrustZone designs, and hardening secure boot flows so that kernels and bootloaders can be measured and verified end‑to‑end.
-
Cloud Infrastructure & Observability
We build and operate Kubernetes‑based teaching and research clusters where many users share CPU, GPU, and storage resources. Our work focuses on making these clusters fair and practical in real departments: analyzing CPU throttling and scheduling policies, tuning Ceph‑backed storage and LevelDB/RocksDB I/O on containers, and designing multi‑user authentication and access control so students can safely run their own workloads.
-
Storage Systems & new Storage Devices
We explore how modern storage systems like RocksDB and LevelDB behave under emerging storage devices such as ZNS SSDs, NVM, and tiered architectures. Our work reveals how hardware-aware design choices—such as zone-level reclaiming, blob separation, and key-value size tuning—can significantly reduce write amplification, improve predictability, and optimize throughput.
-