Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

Data Center Building O Show image information

Data Center Building O

Heinrich Riebler

 Heinrich Riebler

High-Performance IT Systems

Member - Research Student

Paderborn Center for Parallel Computing (PC2)

Member - Research Assistant - Research Associate

+49 5251 60-5382
+49 5251 60-1714
O2.158 (Map)
Pohlweg 51
33098 Paderborn
Postal Address:
Warburger Str. 100
33098 Paderborn

Open list in Research Information System


Automated Code Acceleration Targeting Heterogeneous OpenCL Devices

H. Riebler, G.F. Vaz, T. Kenter, C. Plessl, in: Proceedings of the 23rd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming - PPoPP '18, ACM Press, 2018



Efficient Branch and Bound on FPGAs Using Work Stealing and Instance-Specific Designs

H. Riebler, M. Lass, R. Mittendorf, T. Löcke, C. Plessl, ACM Transactions on Reconfigurable Technology and Systems (TRETS) (2017), pp. 24:1-24:23


Branch and bound (B&B) algorithms structure the search space as a tree and eliminate infeasible solutions early by pruning subtrees that cannot lead to a valid or optimal solution. Custom hardware designs significantly accelerate the execution of these algorithms. In this article, we demonstrate a high-performance B&B implementation on FPGAs. First, we identify general elements of B&B algorithms and describe their implementation as a finite state machine. Then, we introduce workers that autonomously cooperate using work stealing to allow parallel execution and full utilization of the target FPGA. Finally, we explore advantages of instance-specific designs that target a specific problem instance to improve performance. We evaluate our concepts by applying them to a branch and bound problem, the reconstruction of corrupted AES keys obtained from cold-boot attacks. The evaluation shows that our work stealing approach is scalable with the available resources and provides speedups proportional to the number of workers. Instance-specific designs allow us to achieve an overall speedup of 47 × compared to the fastest implementation of AES key reconstruction so far. Finally, we demonstrate how instance-specific designs can be generated just-in-time such that the provided speedups outweigh the additional time required for design synthesis.


Opportunities for deferring application partitioning and accelerator synthesis to runtime (extended abstract)

T. Kenter, G.F. Vaz, H. Riebler, C. Plessl, in: Workshop on Reconfigurable Computing (WRC), 2016

Potential and Methods for Embedding Dynamic Offloading Decisions into Application Code

G.F. Vaz, H. Riebler, T. Kenter, C. Plessl, Computers and Electrical Engineering (2016), pp. 91-111


A broad spectrum of applications can be accelerated by offloading computation intensive parts to reconfigurable hardware. However, to achieve speedups, the number of loop it- erations (trip count) needs to be sufficiently large to amortize offloading overheads. Trip counts are frequently not known at compile time, but only at runtime just before entering a loop. Therefore, we propose to generate code for both the CPU and the coprocessor, and defer the offloading decision to the application runtime. We demonstrate how a toolflow, based on the LLVM compiler framework, can automatically embed dynamic offloading de- cisions into the application code. We perform in-depth static and dynamic analysis of pop- ular benchmarks, which confirm the general potential of such an approach. We also pro- pose to optimize the offloading process by decoupling the runtime decision from the loop execution (decision slack). The feasibility of our approach is demonstrated by a toolflow that automatically identifies suitable data-parallel loops and generates code for the FPGA coprocessor of a Convey HC-1. We evaluate the integrated toolflow with representative loops executed for different input data sizes.

Using Just-in-Time Code Generation for Transparent Resource Management in Heterogeneous Systems

H. Riebler, G.F. Vaz, C. Plessl, E.M.G. Trainiti, G.C. Durelli, C. Bolchini, in: Proc. HiPEAC Workshop on Reonfigurable Computing (WRC), 2016

Using Just-in-Time Code Generation for Transparent Resource Management in Heterogeneous Systems

H. Riebler, G.F. Vaz, C. Plessl, E.M.G.. Trainiti, G.C. Durelli, E. Del Sozzo, M.D.. Santambrogio, C. Bolchini, in: Proceedings of International Forum on Research and Technologies for Society and Industry (RTSI), IEEE, 2016, pp. 1-5


Hardware accelerators are becoming popular in academia and industry. To move one step further from the state-of-the-art multicore plus accelerator approaches, we present in this paper our innovative SAVEHSA architecture. It comprises of a heterogeneous hardware platform with three different high-end accelerators attached over PCIe (GPGPU, FPGA and Intel MIC). Such systems can process parallel workloads very efficiently whilst being more energy efficient than regular CPU systems. To leverage the heterogeneity, the workload has to be distributed among the computing units in a way that each unit is well-suited for the assigned task and executable code must be available. To tackle this problem we present two software components; the first can perform resource allocation at runtime while respecting system and application goals (in terms of throughput, energy, latency, etc.) and the second is able to analyze an application and generate executable code for an accelerator at runtime. We demonstrate the first proof-of-concept implementation of our framework on the heterogeneous platform, discuss different runtime policies and measure the introduced overheads.


Transparent offloading of computational hotspots from binary code to Xeon Phi

M. Damschen, H. Riebler, G.F. Vaz, C. Plessl, in: Proceedings of the 2015 Conference on Design, Automation and Test in Europe (DATE), EDA Consortium / IEEE, 2015, pp. 1078-1083


In this paper, we study how binary applications can be transparently accelerated with novel heterogeneous computing resources without requiring any manual porting or developer-provided hints. Our work is based on Binary Acceleration At Runtime (BAAR), our previously introduced binary acceleration mechanism that uses the LLVM Compiler Infrastructure. BAAR is designed as a client-server architecture. The client runs the program to be accelerated in an environment, which allows program analysis and profiling and identifies and extracts suitable program parts to be offloaded. The server compiles and optimizes these offloaded program parts for the accelerator and offers access to these functions to the client with a remote procedure call (RPC) interface. Our previous work proved the feasibility of our approach, but also showed that communication time and overheads limit the granularity of functions that can be meaningfully offloaded. In this work, we motivate the importance of a lightweight, high-performance communication between server and client and present a communication mechanism based on the Message Passing Interface (MPI). We evaluate our approach by using an Intel Xeon Phi 5110P as the acceleration target and show that the communication overhead can be reduced from 40% to 10%, thus enabling even small hotspots to benefit from offloading to an accelerator.


Deferring Accelerator Offloading Decisions to Application Runtime

G.F. Vaz, H. Riebler, T. Kenter, C. Plessl, in: Proceedings of the International Conference on ReConFigurable Computing and FPGAs (ReConFig), IEEE, 2014, pp. 1-8


Reconfigurable architectures provide an opportunityto accelerate a wide range of applications, frequentlyby exploiting data-parallelism, where the same operations arehomogeneously executed on a (large) set of data. However, whenthe sequential code is executed on a host CPU and only dataparallelloops are executed on an FPGA coprocessor, a sufficientlylarge number of loop iterations (trip counts) is required, such thatthe control- and data-transfer overheads to the coprocessor canbe amortized. However, the trip count of large data-parallel loopsis frequently not known at compile time, but only at runtime justbefore entering a loop. Therefore, we propose to generate codeboth for the CPU and the coprocessor, and to defer the decisionwhere to execute the appropriate code to the runtime of theapplication when the trip count of the loop can be determinedjust at runtime. We demonstrate how an LLVM compiler basedtoolflow can automatically insert appropriate decision blocks intothe application code. Analyzing popular benchmark suites, weshow that this kind of runtime decisions is often applicable. Thepractical feasibility of our approach is demonstrated by a toolflowthat automatically identifies loops suitable for vectorization andgenerates code for the FPGA coprocessor of a Convey HC-1. Thetoolflow adds decisions based on a comparison of the runtimecomputedtrip counts to thresholds for specific loops and alsoincludes support to move just the required data to the coprocessor.We evaluate the integrated toolflow with characteristic loopsexecuted on different input data sizes.

Reconstructing AES Key Schedules from Decayed Memory with FPGAs

H. Riebler, T. Kenter, C. Plessl, C. Sorge, in: Proceedings of Field-Programmable Custom Computing Machines (FCCM), IEEE, 2014, pp. 222-229


In this paper, we study how AES key schedules can be reconstructed from decayed memory. This operation is a crucial and time consuming operation when trying to break encryption systems with cold-boot attacks. In software, the reconstruction of the AES master key can be performed using a recursive, branch-and-bound tree-search algorithm that exploits redundancies in the key schedule for constraining the search space. In this work, we investigate how this branch-and-bound algorithm can be accelerated with FPGAs. We translated the recursive search procedure to a state machine with an explicit stack for each recursion level and create optimized datapaths to accelerate in particular the processing of the most frequently accessed tree levels. We support two different decay models, of which especially the more realistic non-idealized asymmetric decay model causes very high runtimes in software. Our implementation on a Maxeler dataflow computing system outperforms a software implementation for this model by up to 27x, which makes cold-boot attacks against AES practical even for high error rates.

Runtime Resource Management in Heterogeneous System Architectures: The SAVE Approach

G. C. Durelli, M. Pogliani, A. Miele, C. Plessl, H. Riebler, G.F. Vaz, M. D. Santambrogio, C. Bolchini, in: Proc. Int. Symp. on Parallel and Distributed Processing with Applications (ISPA), IEEE, 2014, pp. 142-149



FPGA-accelerated Key Search for Cold-Boot Attacks against AES

H. Riebler, T. Kenter, C. Sorge, C. Plessl, in: Proceedings of the International Conference on Field-Programmable Technology (FPT), IEEE, 2013, pp. 386-389


Cold-boot attacks exploit the fact that DRAM contents are not immediately lost when a PC is powered off. Instead the contents decay rather slowly, in particular if the DRAM chips are cooled to low temperatures. This effect opens an attack vector on cryptographic applications that keep decrypted keys in DRAM. An attacker with access to the target computer can reboot it or remove the RAM modules and quickly copy the RAM contents to non-volatile memory. By exploiting the known cryptographic structure of the cipher and layout of the key data in memory, in our application an AES key schedule with redundancy, the resulting memory image can be searched for sections that could correspond to decayed cryptographic keys; then, the attacker can attempt to reconstruct the original key. However, the runtime of these algorithms grows rapidly with increasing memory image size, error rate and complexity of the bit error model, which limits the practicability of the approach.In this work, we study how the algorithm for key search can be accelerated with custom computing machines. We present an FPGA-based architecture on a Maxeler dataflow computing system that outperforms a software implementation up to 205x, which significantly improves the practicability of cold-attacks against AES.

Identifikation und Wiederherstellung von kryptographischen Schlüsseln mit FPGAs

H. Riebler. Identifikation und Wiederherstellung von kryptographischen Schlüsseln mit FPGAs. 2013.

Open list in Research Information System

The University for the Information Society