Company Description
Do you want beneficial technologies being shaped by your ideas? Whether in the areas of mobility solutions, consumer goods, industrial technology or energy and building technology – with us, you will have the chance to improve quality of life all across the globe.
Bosch has approximately 400 000 employees globally and Lund is Bosch’s newest site in Sweden. We are a development center with more than 220 engineers developing eBike components, smartphone applications, intelligent sensors, cockpit clusters for vehicles, FOTA- and Security-solutions and more. Welcome to Bosch!
Job Description
Problem statement:
In a vehicle there are multiple ECUs (computers) and switches running different or no operating system. Each one of these needs to be protected either by running their own firewall or by having a switch firewalling packets or a combination of both. To manage all these different firewall configurations, we have a common way of describing the network and what communication that flows in it. We can then derive specific firewall configurations needed for different ECUs. In this master thesis we want to explore how we can automatically, from an automotive firewall configuration, generate efficient eBPF programs to firewall a Linux based ECU.
Proposed solution:
Several SDKs exists to implement eBPF programs in, for example, C that then can be compiled into eBPF instructions with, for example, LLVM. These should be evaluated to see if any or many fit our requirements and how they can be used with automatically generated eBFP programs. How a user-space application that loads and manages the generated eBPF programs on the ECU should look like will also have to be considered.
General background:
eBPF is a technology with origins in the Linux kernel that can run sandboxed programs in an operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules.
By allowing to run sandboxed programs within the operating system, application developers can run eBPF programs to add additional capabilities to the operating system at runtime. The operating system then guarantees safety and execution efficiency as if natively compiled with the aid of a Just-In-Time (JIT) compiler and verification engine.
Scope of master thesis project:
1. Investigate how eBPF programs can be used to firewall in an automotive environment,
2. Propose how to automatically generate efficient eBPF programs from a defined network communication configuration,
3. Implement a proof-of-concept prototype showing the capabilities of the solution,
4. Document everything in a report.
Qualifications
- Experience of using the Linux kernel.
- C programming.
- Networking experience (ethernet, IP, TCP/UDP).
This is a two person master thesis. The location is at Bosch office in Lund and it is preferred that the students are doing the master thesis at Bosch office so the Bosch team can support.
Additional Information
Diversity is our strength! At Bosch we look at diversity in gender, generation, nationalities and culture as our advantage. We believe mixed teams to be more successful because they utilize the potential offered by different perspectives and solution strategies. We therefore promote mixed teams at all levels and draw on the entire talent pool.
