REFIT: Resource-Efficient Fault and Intrusion Tolerance

Internet-based services play a central role in today's society. With such services progressively taking over from traditional infrastructures, their complexity steadily increases. On the downside, this leads to more and more faults occurring. As improving software-engineering techniques alone will not do the job, systems have to be prepared to tolerate faults and intrusions.

REFIT investigates how systems can provide fault and intrusion tolerance in a resource-efficient manner. The key technology to achieve this goal is virtualization, as it enables multiple service instances to run in isolation on the same physical host. Server consolidation through virtualization not only saves resources in comparison to traditional replication, but also opens up new possibilities to apply optimizations (e.g., deterministic multi-threading).

Resource efficiency and performance of the REFIT prototype are evaluated using a web-based multi-tier architecture, and the results are compared to non-replicated and traditionally-replicated scenarios. Furthermore, REFIT develops an infrastructure that supports the practical integration and operation of fault and intrusion-tolerant services; for example, in the context of cloud computing.

Project Partners

• TU Braunschweig, Institute of Operating Systems and Computer Networks
• Friedrich-Alexander University Erlangen-Nuremberg, Department for Distributed Systems and Operating Systems

Project Members at IBR

Theses

If you are interested in writing a thesis regarding this project, please feel free to contact us.

Publications

• Signe Rüsch, Kai Bleeke and Rüdiger Kapitza: Bloxy: Providing Transparent and Generic BFT-Based Ordering Services for Blockchains, in 38th International Symposium on Reliable Distributed Systems (SRDS 2019), Lyon, France, October 2019 (ruesch2019bloxy, BibTeX, Slides, Poster, Best Poster Award)
• Signe Rüsch, Ines Messadi and Rüdiger Kapitza: Towards Low-Latency Byzantine Agreement Protocols Using RDMA, in Proceedings of the 1st Workshop on Byzantine Consensus and Resilient Blockchains, BCRB'18, Luxemburg, June 2018 (ruesch2018rubin, BibTeX, Slides)
• Stefan Brenner and Rüdiger Kapitza: Programmieren mit Intels Trusted Execution SGX, in IX, pages 100-104, January 2018 (brenner18ix, BibTeX)
• Bijun Li, Nico Weichbrodt, Johannes Behl, Pierre-Louis Aublin, Tobias Distler and Rüdiger Kapitza: Troxy: Transparent Access to Byzantine Fault-Tolerant Systems, in Proceedings of the 48th International Conference on Dependable Systems and Networks, DSN'18, 2018 (bli2018troxy, BibTeX)
• Bijun Li, Wenbo Xu and Rüdiger Kapitza: Dynamic State Partitioning in Parallelized Byzantine Fault Tolerance, in Proceedings of the 1st Workshop on Byzantine Consensus and Resilient Blockchains, BCRB'18, 2018 (blidypart, BibTeX)
• Johannes Behl, Tobias Distler and Rüdiger Kapitza: Hybrids on Steroids: SGX-based High Performance BFT, in Proceedings of the 12th European Conference on Computer Systems (EuroSys '17), 2017 (behl17hybster, BibTeX)
• Bijun Li, Wenbo, Muhammad Zeeshan Abid, Tobias Distler and Rüdiger Kapitza: SAREK: Optimistic Parallel Ordering in Byzantine Fault Tolerance, in Proceedings of the 12th European Dependable Computing Conference (EDCC 2016), 2016 (bli16edcc, BibTeX)
• Johannes Behl, Tobias Distler and Rüdiger Kapitza: Consensus-Oriented Parallelization: How to Earn Your First Million, in Proceedings of the 16th Annual Middleware Conference (Middleware '15), pages 173-184, ACM, 2015 (behl15cop, DOI, BibTeX)
• Tobias Distler, Christian Cachin and Rüdiger Kapitza: Resource-efficient Byzantine Fault Tolerance, in IEEE Transactions on Computers, 2015 (distler15resource, BibTeX, to appear)
• Johannes Behl, Tobias Distler and Rüdiger Kapitza: Scalable BFT for Multi-Cores: Actor-Based Decomposition and Consensus-Oriented Parallelization, in Proceedings of the 12th Workshop on Hot Topics in System Dependability (HotDep '14), USENIX Association, 2014 (hotdep14sbft, BibTeX)
• Rüdiger Kapitza, Johannes Behl, Christian Cachin, Tobias Distler, Simon Kuhnle, Seyed Vahid Mohammadi, Wolfgang Schröder-Preikschat and Klaus Stengel: CheapBFT: Resource-efficient Byzantine Fault Tolerance, in Proceedings of the EuroSys 2012 Conference (EuroSys '12), European Chapter of ACM SIGOPS, Bern, Switzerland, pages 295-308, 2012 (kapitza12eurosys, DOI, BibTeX)
• Tobias Distler and Rüdiger Kapitza: Increasing Performance in Byzantine Fault-Tolerant Systems with On-Demand Replica Consistency, in Proceedings of the EuroSys 2011 Conference (EuroSys '11), European Chapter of ACM SIGOPS, Salzburg, 2011 (dislter11odrc0, DOI, BibTeX)
• Tobias Distler, Rüdiger Kapitza, Ivan Popov, Hans P. Reiser and Wolfgang Schröder-Preikschat: SPARE: Replicas on Hold, in Proceedings of the 18th Network and Distributed System Security Symposium (NDSS '11), Internet Society (ISOC), San Diego, pages 407-420, 2011 (distler11spare0, BibTeX)
• Tobias Distler, Rüdiger Kapitza and Hans P. Reiser: State Transfer for Hypervisor-Based Proactive Recovery of Heterogeneous Replicated Services, in Securing Electronic Business Processes - Highlights of the Information Security Solutions Europe 2010 Conference (SICHERHEIT '10), Ammar Alkassar and Ulrich Flegel and Felix C. Freiling, Berlin, 2010 (distler10state0, BibTeX)
• Rüdiger Kapitza, Matthias Schunter, Christian Cachin, Klaus Stengel and Tobias Distler: Storyboard: Optimistic Deterministic Multithreading, in 6th Workshop on Hot Topics in System Dependability (HotDep '10), Paulo Verissimo and Hakim Weatherspoon, Vancouver, Canada, pages 1-6, USENIX, 2010 (kapitza10storyboard0, BibTeX)