Open Theses

  • Master Thesis

    Distributed Complex Event Processing (DCEP) systems analyze and process event streams from a variety of heterogeneous sources to extract relevant event patterns (e.g., detecting traffic jams from sensors in the street). Such systems are composed of event processing operators spread across different computing nodes, forming distributed operator networks. Fault tolerance and resilience is a major concern for modern distributed systems and DCEP are no exception.

    In the context of disaster management and emergency reaction, such systems must provide a high level of resilience and service guarantees. In terms of fault tolerance, for instance, temporary node failures should not lead to permanent loss of operator or system state. Additionally, the processed events and the resulting deductions by the system should be traceable and verifiable, and operators should be able to process and analyze both real-time and historical event stream data. These properties are particularly important in a disaster recovery scenario (e.g., an earthquake) where several nodes may be lost, and still processing real-time data from the disaster area might be crucial for the rescue operations. The goal of this thesis is to design a programming language for data-intensive computations that automatically ensures that the system is fault-tolerant and remains operational even when a major disruption occurs. The technical realization is based on the combination of the multitier language ScalaLoci [1] with the persistent event storage ChronicleDB [2] to enable the development of resilient DCEP operator networks. ScalaLoci is a domain specific language that allows developers to build distributed applications within a single code base. The ScalaLoci compiler splits the application accordingly into the distributed components, i.e. into the distributed operators of a DCEP network. ChronicleDB is a persistent event storage under development at the University of Marburg. It provides efficient event storage and querying capabilities for both real-time and historical event stream data.

    The candidate will integrate ChronicleDB into ScalaLoci in an efficient and performant way, e.g. by directly deploying a ChronicleDB instance with each operator, combined with in-language query support. The operators of a DCEP network built with ScalaLoci can then use ChronicleDB for efficient event stream processing, historical event logs for accountability, and fault tolerance through techniques such as e.g. Event Sourcing [3]. The work comprises the analysis of a suitable approach, the implementation of the solution, and potentially an evaluation to showcase the solution's applicability given the aforementioned requirements.

    If you are interested in the topic or have any further questions, please contact: Nafise Eskandani ()





    Supervisor: Prof. Dr.-Ing. Mira Mezini

  • Bachelor Thesis, Master Thesis

    Sofware based systems already play a major role in industrial production and this role will only grow in the context of Industrie 4.0. In order to solve new challenges that arise in this context, existing software has to be adapted in different directions, e.g. to enable the addition of new sensors or enable the creation of a digital twin. For this purpose, we want to uncover Software Product Line features and models, which are already present implicitly, and make them explicit. Therefore the development of corresponding analyses and automatic refactorings is necessary.

    Candidates would work on different topics that enable software reuse of industrial controllers written in C.

    These topics include (but are not limited to):

    • automatic identification and localization of features

    • automatic code slicing of identified features

    • adaption of analyses to the presence of C preprocessor macros

    • automatic module extraction

    If you are interested in any of the above mentioned topics or have any further questions, please contact: (Patrick Müller)

    Supervisor: Patrick Müller, M.Sc.

  • Bachelor Thesis, Master Thesis

    Today, many applications use cryptographic components to provide a secure implementation. For a secure implementation, it is essential that a developer is aware of the correct and secure usage of cryptographic components. Recent studies have shown that developers struggle with this. Therefore, applications which are intended to be trustworthy, become insecure.

    Within our research project “Secure Integration of Cryptographic Software” of the SFB CROSSING, we want to support developers when they integrate cryptographic components in an application. To achieve this aim, we have developed an Eclipse plugin which can generate secure cryptographic code and a static analysis which identifies insecure usages. Currently, we have created all rules checked by the analyis by hand. One of our next steps is to determine how we can automatically generate rules for correct and secure usages.

    If you are interested in this research or the research of our project in general, you can contact Anna-Katharina Wickert.

    You can find more details like an introduction video and our publications on our project page.

    Supervisor: Anna-Katharina Wickert, M.Sc.

  • Bachelor Thesis, Master Thesis

    Software-Defined Networks (SDNs) provide a new way to configure computer networks. Special-purpose network devices with tightly coupled data and control planes are replaced by programmable switches managed by a logically centralized controller. The communication between the controller and these programmable switches is carried out using well-defined APIs (e.g., OpenFlow). Instead of configuring devices individually, network policies are implemented on top of the controller and then used by the controller to instruct individual network switches.However, SDN APIs like OpenFlow closely resemble the features provided by the hardware. OpenFlow uses a set of prioritized match-action rules as abstraction, which makes it difficult to write sophisticated network applications. For example, an application supporting multiple tasks at the same time must merge the switch-level rules required by each of the tasks into a single set of rules that can be installed on the switches. To overcome these limitations, different programming languages for SDNs have been proposed, that provide higher language abstractions on top of OpenFlow, including abstractions for querying the network state, basic service composition or language support for network verification.Developing new SDN language features requires a comparison with already existing languages, usually, in order to show that they increase the expressivity of the language while providing at least the same performance at runtime. However, currently it is quite cumbersome to compare different SDN languages, since they are implemented on top of different host languages, like Python, OCaml, Java and they usually provide only a small set of simple example application that are not directly comparable with each other.The goal of this thesis is to develop an extensible testbed for SDN applications that allows to compare SDN programming languages with respect to expressivity as well as performance and to provide a set of small- to medium-sized example applications that can be used for benchmarking and comparing the available language abstractions. Based on the results of the experiments, the next step will be to propose new language features that address the limitations of current solutions.

    Supervisor: Matthias Eichholz, M.Sc.

  • Bachelor Thesis, Master Thesis

    Reactive languages provide dedicated language-level abstractions for the development of reactive applications, such as event streams and signals. Thanks to this programming technique, reactive applications can be developed in a declarative way, specifying the relation that exists among reactive entities. In contrast to traditional programming paradigms, which require manual updates, with reactive programming, changes are propagated automatically: dependent components (e.g., the GUI) are updated by the runtime when the entities they depend on change (e.g., the data in the model).

    Because of the declarative flavor of reactive programming, traditional debugging tools based on step-by step execution and memory inspection, are hardly effective in this context. For example, in a declarative setting, it is not clear how to “step-over” statements or what “setting a breakpoint” would even mean.

    Supervisor: Prof. Dr.-Ing. Mira Mezini

  • Bachelor Thesis, Master Thesis

    Complex Event Processing (CEP) is about performing queries over time-changing streams of data. This technology is used to correlate low-level events and generate higher-level events when a certain pattern occurs. Applications include trading software, elaboration from environmental sensors, and intrusion detection through network packets analysis. For example, a CEP system can receive a stream of data from the trading market and perform the following query: “For the five most recent trading days starting today, select all stocks that closed higher than the company X on a given day. Keep the query standing for 20 trading days”. CEP engines, however are usually not integrated in the programming language and simply accept SQL-like queries in the form of strings. In the last few years, parallel line of research investigated event-based languages, that provide ah-hoc support for events. For example C# allows one to define events beside fields and methods in class interfaces. However, this class of languages often simply provides syntactic support for the Observer pattern and does not reach the expressivity of CEP. The goal of the thesis is to achieve high expressivity and integration with the existing abstractions in the same language.

    Supervisor: Prof. Dr.-Ing. Mira Mezini

  • Bachelor Thesis, Master Thesis

    Reactive programming (RP) supports the development of reactive software through dedicated language-level abstractions, like signals and events. Previous research on RP mostly had a programming-languages focus. Researcher extended the available abstractions, made them more interoperable, improved safety using dedicated type systems, and proposed performance optimizations. Over the years, it has been shown that RP overcomes the well-known drawbacks of the Observer design pattern and leads to better software design.

    Unfortunately, when it comes to human factors, the state of the things is less clear. There is preliminary evidence that RP do improve program comprehension in controlled experiments that compare developers using RP against a control group using traditional techniques. However, little is known about why this is the case and which reasoning processes developers adopt when facing a program in the RP style.

    This kind of research challenges have been tackled before thorough experiments that apply the “think loudly” approach, where developers are required to describe the activities they are doing while coding. Collected data allow one to get interesting insights about how developers work and which mental processes guide their choices.

    Supervisor: Prof. Dr.-Ing. Mira Mezini

  • Bachelor Thesis, Master Thesis

    OPAL is a comprehensive library for static analyses that is developed in Scala to facilitate the writing of a wide range of different kinds of analyses. OPAL supports the development of analyses ranging from bug/bug pattern detection up to full-scale data-flow analyses.

    In the context of this project we are always searching for students who are interested in static analysis and want to implement them using Scala. Topics of interest are, e.g., to develop needed base static analyses such as Call Graph Algorithm, analyses to find security issues or to visualize software.

    If you are interested in OPAL, do not hesitate to contact Dominik Helm. For further information, you can also go to The OPAL Project

    Supervisors: Dominik Helm, M.Sc., Tobias Roth, M.Sc.