Diploma and Master Theses (authored and supervised):
"Evaluating the Unikernel Concept for the Deployment of Software on IoT Devices";
Supervisor: S. Dustdar;
Institute of Information Systems, Distributed Systems Group,
final examination: 2018-01-17.
The ever increasing number of IoT devices makes it clear that a lack of security in these systems has a big impact on the lives of people. The availability of hypervisors for lowpower CPUs used on IoT devices brings advantages regarding security and deployment strategies but bear the question how the use of fully fledged operations systems would impact the performance of these low-power CPUs.
In recent years the concept of a Unikernel has reemerged, challenging the idea of a general purpose operating system. A Unikernel combines an application with a minimal set of operating system functionalities needed to run the application on a hypervisor. This makes Unikernels an interesting option for deploying applications on a hypervisor-based
This work evaluates whether Unikernels are a good fit for deployments of software on IoT devices and can contribute to the security of IoT devices by facilitating the timely rollout of new versions of an application.
In the first part this work conducts a series of comprehensive performance tests for a range of characteristics relevant in the field of IoT devices and compares the results of Unikernels with virtual machines. Next this work evaluates the problems by IoT devices
regarding security, takes a look at current incidents involving IoT devices and the claims of Unikernels with respect to security. The chapter takes the inherent properties of Unikernels in consideration and evaluates whether these properties can contribute to the security of the overall system.
The security of the system depends upon the ability of rolling out new versions of an application in a timely manner whenever bugs are discovered. Therefore the third part lays out how Unikernels could be integrated into a modern software development process based on continuous integration and -delivery principles to enable the frictionless deployment, testing and distribution of new versions of an application.
Created from the Publication Database of the Vienna University of Technology.