- David Balenson, Terry Benzel, Eric Eide, David Emmerich, David Johnson, Jelena Mirkovic & Laura Tinnel (2022). Toward Findable, Accessible, Interoperable, and Reusable Cybersecurity Artifacts. In Proceedings of the 15th Workshop on Cyber Security Experimentation and Test (CSET). 65–70.
- Richard Li, Min Du, Zheng Wang, Hyunseok Chang, Sarit Mukherjee & Eric Eide (2022). LongTale: Toward Automatic Performance Anomaly Explanation in Microservices. In Proceedings of the 13th ACM/SPEC International Conference on Performance Engineering (ICPE). 5–16.
- Joe Breen, Andrew Buffmire, Jonathon Duerig, Kevin Dutt, Eric Eide, Anneswa Ghosh, Mike Hibler, David Johnson, Sneha Kumar Kasera, Earl Lewis, Dustin Maas, Caleb Martin, Alex Orange, Neal Patwari, Daniel Reading, Robert Ricci, David Schurig, Leigh B. Stoller, Allison Todd, Jacobus Van der Merwe, Naren Viswanathan, Kirk Webb & Gary Wong (2021). POWDER: Platform for Open Wireless Data-driven Experimental Research. Computer Networks. Vol. 197.
- Joe Breen, Jonathon Duerig, Eric Eide, Mike Hibler, David Johnson, Sneha Kasera, Dustin Maas, Alex Orange, Neal Patwari, Robert Ricci, David Schurig, Leigh Stoller, Jacobus Van der Merwe, Kirk Webb & Gary Wong (2021). Demo: Mobile and Wireless Research on the POWDER Platform. In Proceedings of the 19th International Conference on Mobile Systems, Applications, and Services (MobiSys). 509–510.
- Pierce Darragh, William Gallard Hatch & Eric Eide (2021). Clotho: A Racket library for parametric randomness. In Proceedings of the 2020 Scheme and Functional Programming Workshop. 3–13.
- Richard Li, Min Du, Hyunseok Chang, Sarit Mukherjee & Eric Eide (2020). Deepstitch: Deep learning for cross-layer stitching in microservices. In Proceedings of the 6th International Workshop on Container Technologies and Container Clouds (WoC). 25–30.
- Joe Breen, Andrew Buffmire, Jonathon Duerig, Kevin Dutt, Eric Eide, Mike Hibler, David Johnson, Sneha Kumar Kasera, Earl Lewis, Dustin Maas, Alex Orange, Neal Patwari, Daniel Reading, Robert Ricci, David Schurig, Leigh B. Stoller, Jacobus Van der Merwe, Kirk Webb & Gary Wong (2020). POWDER: Platform for Open Wireless Data-driven Experimental Research. In Proceedings of the 14th International Workshop on Wireless Network Testbeds, Experimental Evaluation and Characterization (WiNTECH). 17–24.
- Richard Li, Min Du, David Johnson, Robert Ricci, Jacobus Van der Merwe & Eric Eide (2019). Fluorescence: Detecting kernel-resident malware in clouds. In Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 367–382.
- Dmitry Duplyakin, Robert Ricci, Aleksander Maricq, Gary Wong, Jonathon Duerig, Eric Eide, Leigh Stoller, Mike Hibler, David Johnson, Kirk Webb, Aditya Akella, Kuangching Wang, Glenn Ricart, Larry Landweber, Chip Elliott, Michael Zink, Emmanuel Cecchet, Snigdhaswin Kar & Prabudh Mishra (2019). The design and operation of CloudLab. In Proceedings of the 2019 USENIX Annual Technical Conference (ATC). 1–14.
- Hyunwook Baek, Eric Eide, Robert Ricci & Jacobus Van der Merwe (2018). I heard it through the firewall: Exploiting cloud management services as an information leakage channel. In Proceedings of the 2018 ACM Symposium on Cloud Computing (SoCC). 361–373.
- David Johnson, Elijah Grubb & Eric Eide (2018). Supporting Docker in Emulab-based network testbeds. In Proceedings of the 11th USENIX Workshop on Cyber Security Experimentation and Test (CSET).
- Hyunwook Baek, Eric Eide, Robert Ricci & Jacobus Van der Merwe (2018). Monitoring the update time of virtual firewalls in the cloud. Technical Report UUCS–18–005, University of Utah.
- Anton Burtsev, David Johnson, Josh Kunz, Eric Eide & Jacobus Van der Merwe (2017). CapNet: Security and least authority in a capability-enabled cloud. In Proceedings of the 8th ACM Symposium on Cloud Computing (SoCC). 128–141.
- Prashanth Nayak, Mike Hibler, David Johnson & Eric Eide (2017). A Wingman for virtual appliances. In Shuvendu Lahiri and Giles Reger, editors, Runtime Verification: 17th International Conference, RV 2017, volume 10548 of Lecture Notes in Computer Science. 390–399.
- Demo: Repeatable mobile networking research with PhantomNet. In Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking (MobiCom), pages 489–490, Received the MobiCom '16 Best Demo Award.
- Abstractions for practical virtual machine replay. In Proceedings of the 12th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE), pages 93–106.
- Potassium: Penetration testing as a service. In Proceedings of the 6th ACM Symposium on Cloud Computing (SoCC), pages 30–42.
- Using deduplicating storage for efficient disk image deployment. In Proceedings of the 10th International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities (TRIDENTCOM).
- PhantomNet: Research infrastructure for mobile networking, cloud computing and software-defined networking. ACM GetMobile, 19(2):28–33.
- Guest editor, Operating Systems Review, 49(1), January 2015. Special issue on repeatability and sharing of experimental artifacts.
- Introducing CloudLab: Scientific infrastructure for advancing cloud architectures and applications. ;login:, 39(6):36–38, December 2014.
- Composable multi-level debugging with Stackdb. In Proceedings of the 10th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE), pages 213–225.
- Help, help, I’m being suppressed! The significance of suppressors in software testing. In Proceedings of the 24th IEEE International Symposium on Software Reliability Engineering (ISSRE), pages 390–399.
- Weir: A streaming language for performance analysis. In Proceedings of the Seventh Workshop on Programming Languages and Operating Systems (PLOS).
- Isolation of malicious external inputs in a security focused adaptive execution environment. In Proceedings of the 8th International Conference on Availability, Reliability and Security (ARES), pages 82–91.
- Taming compiler fuzzers. In Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 197–208.
- Software Variability Mechanisms for Improving Run-Time Performance. PhD dissertation, University of Utah.
- A3: An environment for self-adaptive diagnosis and immunization of novel attacks. In Proceedings of the Sixth IEEE International Conference on Self-Adaptive and Self-Organizing Systems Workshops (SASOW), pages 15–22.
- Swarm testing. In Proceedings of the 2012 International Symposium on Software Testing and Analysis (ISSTA), pages 78–88.
- Test-case reduction for C compiler bugs. In Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 335–346.
- Summary of PLOS 2011: The sixth workshop on programming languages and operating systems. Operating Systems Review, 45(3):1–4.
- Finding and understanding bugs in C compilers. In Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 283–294.
- Trusted disk loading in the Emulab network testbed. In Proceedings of the 3rd Workshop on Cyber Security Experimentation and Test (CSET).
- Toward replayable research in networking and systems. Position paper for Archive ’10, the NSF Workshop on Archiving Experiments to Raise Scientific Standards.
- PLOS 2009: Fifth workshop on programming languages and operating systems: Workshop overview. Operating Systems Review, 43(4):31–34.
- Volatiles are miscompiled, and what to do about it. In Proceedings of the 8th ACM International Conference on Embedded Software (EMSOFT 2008), pages 255–264.
- Edicts: Implementing features with flexible binding times. In Proceedings of the 7th International Conference on Aspect-Oriented Software Development (AOSD 2008), pages 108–119.
- Efficient memory safety for TinyOS. In Proceedings of the Fifth ACM Conference on Embedded Networked Sensor Systems (SenSys 2007), pages 205–218.
- Resource management aspects for sensor network software. In Proceedings of the Fourth Workshop on Programming Languages and Operating Systems (PLOS 2007).
- An experimentation workbench for replayable networking research. In Proceedings of the Fourth USENIX Symposium on Networked Systems Design and Implementation (NSDI ’07), pages 215–228.
- Efficient type and memory safety for tiny embedded systems. In Proceedings of the Third Workshop on Programming Languages and Operating Systems (PLOS 2006).
- Memory safety and untrusted extensions for TinyOS. Technical Report UUCS–06–007, University of Utah.
- Integrated scientific workflow management for the Emulab network testbed. In Proceedings of the 2006 USENIX Annual Technical Conference (USENIX ’06), pages 363–368.
- Feature typing: An early aspects technique. In the Workshop on Early Aspects at OOPSLA 2005. Published, 10/2005.
- Binding-time flexibility for managing variability. In the Second Workshop on Managing Variabilities Consistently in Design and Code (MVCDC 2) at OOPSLA 2005.
- Dynamic CPU management for real-time, middleware-based systems. In Proceedings of the Tenth IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS 2004), pages 286–295.
- A comparison of Jiazzi and AspectJ for feature-wise decomposition. Technical Report UUCS–04–001, University of Utah.
- Bees: A secure, resource-controlled, Java-based execution environment. In 2003 IEEE Conference on Open Architectures and Network Programming Proceedings (OPENARCH 2003), pages 97–106.
- Static and dynamic structure in design patterns. In Proceedings of the 24th International Conference on Software Engineering (ICSE 2002), pages 208–218.
- Aspect weaving as component knitting: Separating concerns with Knit. In the Workshop on Advanced Separation of Concerns in Software Engineering at ICSE 2001.
- Knit: Component composition for systems software. In Proceedings of the Fourth Symposium on Operating Systems Design and Implementation (OSDI 2000), pages 347–360.
- Session summaries from the 17th Symposium on Operating Systems Principles (SOSP ’99). Operating Systems Review, 34(2):4–41.
- Flexible IDL compilation for complex communication patterns. Scientific Programming, 7(3, 4):275–287.
- Flexible and optimized IDL compilation for distributed applications. In David O’Hallaron, editor, Languages, Compilers, and Run-Time Systems for Scalable Computers (LCR ’98), volume 1511 of Lecture Notes in Computer Science, pages 288–302. Springer.
- Flick: A flexible, optimizing IDL compiler. In Proceedings of the ACM SIGPLAN ’97 Conference on Programming Language Design and Implementation (PLDI), pages 44–56.
- Valet: An Intelligent UNIX Shell Interface. Master's thesis, University of Utah.
- An entry-level course in computational engineering and science. In The Papers of the 26th SIGCSE Technical Symposium on Computer Science Education (SIGCSE ’95), pages 209–213.
My aim is to advance practical approaches to attaining high-quality systems software, given constraints on its environment, implementation, and cost.
Compiler testing. An example of my practical focus on trustworthiness is my past and ongoing work toward improving compilers through random differential testing, which is a kind of "fuzz testing." The idea is to randomly generate programs and use them as test cases to a set of compilers. The test procedure discovers a compiler defect whenever any compiler under test (1) crashes or (2) produces incorrect code.
Prof. John Regehr and I started this work in 2008 and coauthored a series of papers that dealt with testing C compilers. The open-source tools that we developed for this work, called Csmith and C-Reduce, are heavily used by the compiler-testing community. In February 2018, I was honored to receive a Google Open Source Peer Bonus for "exceptional contributions to open source" related to C-Reduce. Prof. Regehr and I received two "Most Influential PLDI Paper" awards for our papers about Csmith and C-Reduce.
I am currently working to apply random testing to the implementations of other programming languages, through the creation of a new tool called Xsmith. Xsmith is a generator of fuzz testers for language implementations ("language fuzzers"). The state of the art is for language fuzzers to be written largely by hand and from scratch; this is a burden that limits the development of sophisticated language fuzzers. Xsmith aims to reduce this burden by generating language fuzzers from specifications. In addition, it injects sophisticated program-generation techniques into the language fuzzers it creates.
Languages and systems construction. Programming languages play a central role in the development of trustworthy systems. My approach is to apply and evolve programming-language technologies as appropriate to address challenges in the implementation of systems software. My research publications include work in applying safe languages, components, design patterns, and aspect-oriented programming to the implementation of C- and Java-based systems software.
My current research at the junction of programming languages and systems relates to the design, implementation, and management of "xApps" within 5G wireless networks. An xApp is a program that the operator of an O-RAN-enabled 5G network can deploy into a RIC, or RAN Intelligent Controller, to manage the resources of the RAN (Radio Access Network) in near-real time. xApps must be trustworthy and secure. To achieve these goals, the developers of xApps must be able to (1) statically reason about xApps and their compositions and (2) dynamically monitor the operation of xApps. These features are missing in current open-source xApp frameworks, where xApps are typically implemented as C++ programs and deployed within containers.
I am working to address the reliability shortcomings of xApps and their ecosystem through the creation of a new domain-specific language (DSL) and runtime for the specification and implementation of xApps. The goals of this DSL are threefold: first, to allow programmers to concisely and straightforwardly express the "business logic" of an xApp; second, to eliminate a variety of possible programming errors by design (e.g., memory-safety violations, type-safety violations, and data races); and third, to support static reasoning about the possible run-time behaviors of xApps, both individually and in combination.
Testbeds and repeatable systems research. The Flux Research Group, which I co-direct, is perhaps best known for inventing and operating several testbeds for networking and systems research including Emulab, CloudLab, and POWDER. These scientific instruments are in heavy and continuous use by researchers and students worldwide.
My primary research interest in the Flux Group's testbeds is in utilizing them as bases for repeatable research. Starting in 2005, I led the development of an "experimentation workbench" for Emulab that demonstrated the potential for integrating scientific workflow management with a testbed, and many of the features of our current experiment "profile" system were pioneered by the workbench. Our support for repeatability continues to evolve as the needs of testbed users change. For example, because researchers today often conduct experiments on a variety of platforms, I led our effort to support the direct use of Docker images in our testbeds. In the future, the Flux Group plans to better integrate our testbeds with various community resources including more tools for repeatable research, e.g., Jupyter Notebook.
The ability to repeat experiments is important for establishing the trustworthiness of published computer-science research and for building on that work. Testbeds like Emulab, CloudLab, and POWDER provide the vehicles and controls for establishing trust in research that involves complex, distributed systems.
Beyond testbeds, the research community requires places where knowledge about experiments and good research practice can be collected, curated, and made available for reuse. To address this need for the cybersecurity community, my colleagues and I started project called SEARCCH. SEARCCH aims to create an online, community-driven "hub" that lowers the barrier to sharing by aiding researchers in packaging, importing, locating, understanding, and reusing experiment artifacts. The artifacts organized by the platform, including tools, methodologies, documentation, and data, can be deployed to community testbeds for performing new experiments. The goal is to transform the way research is conducted in the cybersecurity community, improving the overall scientific quality of cybersecurity research through validation, repeatable sharing and reuse, and a collective approach to building on research results.
System and network security. Much of my past research focused on security concerns. This work was primarily supported by two research awards, called A3 and TCloud.
A3 aimed to use hypervisors and virtual machines as bases for defending a user-chosen application. My focus was on performing analyses and repairs based on hypervisor mechanisms, including virtual machine introspection (VMI) and deterministic, whole-VM replay. My research team and I disseminated the results of our research through multiple conference publications that were accompanied by open-source software: Stackdb, XenTT, Weir, and Wingman.
TCloud sought to improve the security of clouds and the security offered by clouds to their users. I directed or co-directed four efforts within the project. The first investigated "penetration testing as a service," a way for clouds to help tenants secure their systems. In the second, Richard Li (my PhD student) and I explored a novel approach to detecting anomalies, such as malware infections, within a "herd" of similar VMs. My third effort focused on "capability-enabled networks," in which all communication is strictly controlled. The fourth explored covert channels based on clouds' software infrastructure. My interests toward advancing cloud security are ongoing.
- trustworthy systems software
- test environments
- systems software
- software testing
- software engineering
- repeatable research
- random testing
- programming languages
- malware analysis
- fuzz testing
- digital forensics
- computer security
- computer operating systems
- cloud computing
- CloudLab <https://cloudlab.us/>. CloudLab is flexible, scientific infrastructure for research on the future of cloud computing. Researchers come to CloudLab to build their own clouds, experimenting with new architectures that will form the basis for the next generation of the world's computing platforms. CloudLab provides researchers with control and visibility all the way down to the bare metal. CloudLab is a public facility, available without charge to most researchers and educators worldwide. Contact: Robert Ricci , 801-581-8354 , 3490B MEB.
- Emulab <https://emulab.net/>. Emulab is a network testbed that gives researchers a wide range of environments in which to develop, debug, and evaluate their systems. Emulab is widely used by computer science researchers in the fields of networking and distributed systems. It is also designed to support education, and it has been used to teach classes in those fields. Emulab is a public facility, available without charge to most researchers and educators worldwide. Contact: Robert Ricci , 801-581-8354 , 3490B MEB.
- POWDER <https://powderwireless.net/>. POWDER is an under-construction "city scale" platform for research on advanced mobile wireless networks. It provides radios that are programmable down to the waveform, attached to a network that can be configured by the user, and connected to a wide variety of compute, storage, and cloud resources. When complete, it will cover a 10 km^2 area of Salt Lake City that encompasses the downtown area, the University of Utah campus, and a residential neighborhood. Within this area there will be dozens of fixed stations and a hundred couriers, such as buses and utility vehicles, carrying mobile devices around the city. A subset of these resources is available today. Contact: Jacobus Van der Merwe , 801-581-3012 , 3490D MEB.
- C-Reduce. C-Reduce inputs a large C or C++ program that has a property of interest (such as triggering a compiler bug) and automatically produces a much smaller C/C++ program that has the same property. It is intended for use by people who discover and report bugs in compilers and other tools that process C/C++ code. The current version of C-Reduce is always available from GitHub. We improved and maintained C-Reduce throughout 2021 and 2022; the most recent numbered release is version 2.10.0, released May 2019. Release Date: 06/2022. Inventors: Yang Chen, Eric Eide, John Regehr. Distribution List: https://embed.cs.utah.edu/creduce/.
- Emulab. Emulab is testbed-management software that supports networking and systems research. It runs the Utah Emulab testbed site, CloudLab, POWDER, and several other testbeds around the world. The Flux Research Group continually enhances and maintains the Emulab software, and the current version is always available from the Flux Research Group's GitLab site. Release Date: 06/2022. Inventors: The Flux Research Group. Distribution List: https://www.emulab.net/software.php3.
- Csmith. Csmith randomly generates C programs that statically and dynamically conform to the C99 standard. It is useful for testing compilers, static analyzers, and other tools that process C code. Csmith has found bugs in every tool that it has tested, and we have used it to find and report more than 475 previously unknown compiler bugs. The current version of Csmith is always available from GitHub. We improved and maintained Csmith throughout 2020 and 2021; the most recent numbered release is version 2.3.0, released June 2017. Release Date: 02/2021. Inventors: Yang Chen, Eric Eide, John Regehr, Xuejun Yang. Distribution List: https://embed.cs.utah.edu/csmith/.
- Clotho. Clotho provides controllable randomness functions for Racket programs, allowing sequences of random values to be recorded, replayed, and manipulated at a fine grain. The current version of Clotho is always available from the Flux Research Group's GitLab site. We improved and maintained Clotho throughout 2020; the most recent release is version 1.0.2, released December 2020. Release Date: 12/2020. Inventors: Pierce Darragh, Eric Eide, William Gallard Hatch. Distribution List: http://www.flux.utah.edu/project/xsmith.
- Stackdb. Stackdb is a debugging library with VMI support that allows one to monitor and control a whole system through multiple, coordinated targets. A target corresponds to a particular level of the system's software stack; multiple targets allow a user to observe a VM guest at several levels of abstraction simultaneously. For example, with Stackdb, one can observe a PHP script running in a Linux process in a Xen VM via three coordinated targets at the language, process, and kernel levels. The current version of Stackdb is always available from the Flux Research Group's GitLab site. We improved and maintained Stackdb throughout 2017; the last change in 2017 was published in July. Release Date: 07/2017. Inventors: Eric Eide, Mike Hibler, David Johnson. Distribution List: http://www.flux.utah.edu/project/a3.
- Wingman. Wingman (previously ASM) is a kernel-focused framework for detecting and repairing anomalies within virtual appliances. It uses virtual-machine introspection (VMI) to periodically obtain a "snapshot" of the state of a virtual appliance (VA). The snapshot consists of information that is extracted from the operating system kernel that runs within the VA. The snapshot is given to an expert system that seeks to detect anomalies and, if any are found, determine an appropriate recovery strategy. The recovery strategy is carried out by recovery tools so that the VA can be restored to an acceptable state. Wingman has been shown to be effective in guarding a VA against the actions of a kernel-exploit kit, a kernel rootkit, a user-space rootkit, and an application malware. For each of these attacks, Wingman's recovery component was able to restore the VA to an acceptable state. Although Wingman's recovery actions did not remove the malicious software, they substantially mitigated the software's harmful effects. Release Date: 09/2014. Inventors: Prashanth Nayak, Mike Hibler, David Johnson, Eric Eide. Distribution List: http://www.flux.utah.edu/project/a3.
- Weir. Weir is a streaming language for systems analysis. Weir is based on the insight that analysis algorithms can be naturally expressed as stream-processing pipelines. In Weir, an analysis algorithm is implemented as a graph composed of stages, where each stage operates on a stream of events that represent collected performance measurements. Weir is an imperative streaming language with a syntax designed for the convenient construction of stream pipelines that utilize composable and reusable analysis stages. We released Weir version 1.0.0 in April 2014. Release Date: 04/2014. Inventors: Anton Burtsev, Eric Eide, David Johnson, Nikhil Mishrikoti, Robert Ricci. Distribution List: http://www.flux.utah.edu/project/a3.