Michael Menth

Michael Menth
University of Tuebingen | EKU Tübingen · Department of Computer Science

Dr. rer. nat. habil.

About

258
Publications
48,415
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,426
Citations

Publications

Publications (258)
Preprint
div>In modern psychotherapy, digital health technology offers advanced and personalized therapy options, increasing availability as well as ecological validity. These aspects have proven to be highly relevant for children and adolescents with obsessive-compulsive disorder (OCD). Exposure and Response Prevention therapy, which is the state-of-the-ar...
Preprint
In modern psychotherapy, digital health technology offers advanced and personalized therapy options, increasing availability as well as ecological validity. These aspects have proven to be highly relevant for children and adolescents with obsessive-compulsive disorder (OCD). Exposure and Response Prevention therapy, which is the state-of-the-art tr...
Conference Paper
Full-text available
Modern applications in industrial automation rely on a deterministic network service, i.e., low latency, high reliability , and network convergence. Therefore, the IEEE 802.1 TSN Task Group introduces Time-Sensitive Networking (TSN). Besides mechanisms for traffic shaping, time synchronization, and reliability, TSN introduces three different config...
Article
In software-defined networks, forwarding entries on switches are configured by a controller. In case of an unreachable next-hop, traffic is dropped until forwarding entries are updated, which takes significant time. Therefore, fast reroute (FRR) mechanisms are needed to forward affected traffic over alternate paths in the meantime. Loop-free altern...
Conference Paper
Full-text available
The Industrial Internet of Things, Industry 4.0 and cloud computing are fundamentally transforming today’s industrial networks towards high connectivity. At the same time, the number of cyber-attacks against industrial infrastructure increased drastically over the last years, requiring to tightly limit the connectivity between the networked devices...
Article
Full-text available
Traditional IP multicast (IPMC) maintains state per IPMC group in core devices to distribute one-to-many traffic along tree-like structures through the network. This limits its scalability because whenever subscribers of IPMC groups change, forwarding state in the core network needs to be updated. Bit Index Explicit Replication (BIER) has been prop...
Preprint
With traditional networking, users can configure control plane protocols to match the specific network configuration, but without the ability to fundamentally change the underlying algorithms. With SDN, the users may provide their own control plane, that can control network devices through their data plane APIs. Programmable data planes allow users...
Article
Based on a study of probe vehicle data measured on different highways during different days we have revealed some common empirical microscopic characteristic features of sequences of phase transitions from free flow to synchronized flow and back from synchronized flow to free flow occurring before traffic breakdown at a highway bottleneck predicted...
Chapter
Full-text available
In this paper we describe P4-SFC to support service function chaining (SFC) based on a single P4-capable switch and off-the-shelf components. It utilizes MPLS-based segment routing for traffic forwarding in the network and SR-IOV for efficient packet handling on hosts. We describe the P4-SFC architecture and demonstrate its feasibility by a prototy...
Article
Bit Indexed Explicit Replication (BIER) is a novel IP multicast (IPMC) forwarding paradigm proposed by the IETF. It offers a transport layer for other IPMC traffic, keeps core routers unaware of IPMC groups, and utilizes a routing underlay, e.g., an IP network, for its forwarding decisions. With BIER, core networks do not require dynamic signaling...
Conference Paper
The electrical/electronic (E/E) architecture of cars has evolved from a single CAN bus to a domain-based model with domain-specific buses and centralized gateways. With increasing bandwidth demand resulting from the integration of camera and multimedia applications, Ethernet becomes a relevant network technology for in-vehicle networks. Automotive...
Article
Full-text available
We propose P4-MACsec to protect network links between P4-based SDN switches through automated deployment of MACsec, a widespread IEEE standard for securing Layer 2 infrastructures. MACsec is supported by switches and routers from many manufacturers. On these devices, it has only little performance limitations compared to VPN technologies such as IP...
Preprint
1+1 protection is a method to secure traffic between two nodes against failures in between. The sending node duplicates the traffic and forwards it over two disjoint paths. The receiving node assures that only a single copy of the traffic is further forwarded to its destination. In contrast to other protection schemes, this method prevents almost a...
Article
In this work, we present P4-IPsec, a concept for IPsec in software-defined networks (SDN) using P4 programmable data planes. The prototype implementation features ESP in tunnel mode and supports different cipher suites. P4-capable switches are programmed to serve as IPsec tunnel endpoints. We also provide a client agent to configure tunnel endpoint...
Article
Full-text available
Activity-Based Congestion management (ABC) is a novel domain-based QoS mechanism providing more fairness among customers on bottleneck links. It avoids per-flow or per-customer states in the core network and is suitable for application in future 5G networks. However, ABC cannot be configured on standard devices. P4 is a novel programmable data plan...
Preprint
We propose xRAC to permit users to run special applications on managed hosts and to grant them access to protected network resources. We use restricted application containers (RACs) for that purpose. A RAC is a virtualization container with only a selected set of applications. Authentication verifies the RAC user's identity and the integrity of the...
Preprint
In this paper we propose P4-IPsec which follows the software-defined networking (SDN) paradigm. It comprises a P4-based implementation of an IPsec gateway, a client agent, and a controller-based, IKE-less signalling between them. P4-IPsec features the Encapsulation Security Payload (ESP) protocol, tunnel mode, and various cipher suites for host-to-...
Conference Paper
The integration of weather-dependent renewable energy sources leads to an increased volatility of electrical energy supply. As a result, considerable intra-day price spreads can be observed at the spot markets for electrical energy. To benefit from variable energy prices, enterprises can use price forecasts for cost-optimized load scheduling. There...
Preprint
We propose P4-MACsec to protect network links between P4 switches through automated deployment of MACsec, a widespread IEEE standard for securing Layer 2 infrastructures. It is supported by switches and routers from major manufacturers and has only little performance limitations compared to VPN technologies such as IPsec. P4-MACsec introduces a dat...
Article
We propose activity-based congestion management (ABC) to enforce fair bandwidth sharing among users in packetbased communication networks without requiring per-user information in forwarding nodes. Activity relates to the sent data rate of a user and its contracted reference rate. Activity meters monitor user traffic at edge nodes and add activity...
Article
Full-text available
Software-defined networking (SDN) decouples data and control plane, i.e., forwarding elements are remotely configured by centralized controllers instead through distributed control protocols. Wireless sensor networks (WSNs) have mostly been controlled in a distributed way, but its configuration challenges are complex and can be theoretically better...
Conference Paper
The Demonstration Project Virtual Power Plant Neckar-Alb is constructing a Virtual Power Plant (VPP) demonstration site at the Reutlingen University campus. The VPP demonstrator integrates a heterogeneous set of distributed energy resources (DERs) which are connected to control infrastructure and an energy management system. This paper describes th...
Conference Paper
Full-text available
Moving averages (MAs) are often used in adaptive systems to monitor the state during operation. Their output is used as input for control purposes. There are multiple methods with different ability, complexity, and parameters. We propose a framework for the definition of MAs and develop performance criteria, e.g., the concept of memory, that allow...
Conference Paper
TSOMpy is a Python library for online measurement of time series, i.e., it provides functions to calculate moving averages, moving histograms, and time-dependent rates. The demo illustrates various methods for these concepts and points out their differences. The tool can be used to apply online measurement to time series randomly generated accordin...
Article
BelWue is the Internet service provider for higher education and research institutions in Baden-Wuerttemberg, Germany. Recently, high-performance zones (HPZs) have been established on major university campuses and interconnected with a high-speed network for innovation and research (NeIF). This work presents the SDN-NeIF architecture, a resilient i...
Article
SEcure data-centric application eXtension (SeDAX) is a publish/subscribe information-centric networking architecture, where publishers send messages to the appropriate message broker over a Delaunay-triangulated overlay network. Resilient data forwarding and data redundancy enable a high level of reliability. Overlay nodes and topics are addressed...
Conference Paper
Kurzfassung Dezentrale Stromerzeugungsanlagen, Energiespeicher und Steuerungseinrichtungen für Erzeuger und Verbraucher sind die Grundbausteine eines virtuellen Kraftwerks, welches im Stromnetz der Zukunft, dem Smart Grid, eine wichtige Rolle spielt. Im Rahmen des Demonstrationsprojekts Virtuelles Kraftwerk Neckar-Alb soll an der Hochschule Reutlin...
Article
Full-text available
Loop-Free Alternates (LFAs) are a local fast-reroute mechanism defined for IP networks. They are simple but suffer from two drawbacks. Firstly, some flows cannot be protected due to missing LFAs, i.e., this concept does not provide full protection coverage, which depends on network topology. Secondly, some LFAs cause loops in case of node or multip...
Article
Loop-free alternates (LFAs) have been developed for fast reroute (FRR) in intradomain IP networks. They are simple, standardized, and already offered by several vendors. However, LFAs have two major drawbacks. They often cannot provide failure protection against all single link or node failures in spite of physical connectedness, and some LFAs caus...
Article
Full-text available
The evolution toward emerging active distribution networks (ADNs) can be realized via a real-time state estimation (RTSE) application facilitated by the use of phasor measurement units (PMUs). A critical challenge in deploying PMU-based RTSE applications at large scale is the lack of a scalable and flexible communication infrastructure for the time...
Article
In this paper we propose a novel resilience scheme for OpenFlow-based Software-Defined Networking (SDN). To forward packets in line speed, OpenFlow switches store their flow tables in expensive, limited TCAM due to which the stored tables cannot be large. Most resilience mechanisms require additional entries thus the implementation in OpenFlow may...
Article
In this paper we propose and investigate load-dependent load balancing for resilient OpenFlow networks. The objective is to spare extra capacity for the primary path of a traffic aggregate (flow) by accommodating excess traffic on its backup path. The contribution of the paper is manyfold. We explain existing OpenFlow features for traffic monitorin...
Article
Full-text available
The electrical grid is changing from a centralized system with predictable and controllable power generation to a system integrating large numbers of distributed energy resources including weather-dependent renewables. As a consequence, the future retail energy market for electrical energy will have many more participants and see more volatile pric...
Conference Paper
Data stored in a non-trusted environment can be easily modified by attackers. In the context of a cloud, the attacker may be the cloud provider. Therefore, data should be protected against undetected modification. Conventional methods for protection of data integrity do not help if the data in the cloud is exchanged with a previous version of the d...
Conference Paper
Full-text available
Limited scalability, reliability, and security of todays utility communication infrastructures are main obstacles to the deployment of smart grid applications. The C-DAX project aims at providing and investigating a communication middleware for smart grids to address these problems, applying the information-centric networking and publish/subscribe...
Conference Paper
Smart meter gateways are the core component of the advanced metering infrastructure in Germany, and provide a unified interface for metering data retrieval to third parties. Different standards and communication protocols exist for smart metering, ranging from transmission protocols to architectural recommendations. This work briefly presents the c...
Article
Full-text available
IEEE C37.118 is the current standard for synchrophasor measurements in power systems. It defines the measurement method and communication protocols for the entities in a synchrophasor network. The standard offers two different modes for client-server communication, but cannot be used unchanged over publish/subscribe communication architectures, who...
Article
In this paper we consider carrier networks using only OpenFlow switches instead of IP routers. Accommodating the full forwarding information base (FIB) of IP routers in the switches is difficult because the BGP routing tables in the default-free zone currently contain about 500,000 entries and switches have only little capacity in their fast and ex...
Article
This paper gives a simple introduction to Network Calculus (NC), a theory to calculate end-to-end delay bounds for packet-switched communication networks. It illustrates how various networking parameters affect delay bounds when flows are multiplexed. Various algorithms for the calculation of end-to-end delay bounds are revisited and their performa...
Article
Full-text available
Many computer science curricula include practical courses to undergraduate and graduate students to offer them hands-on networking experience by connecting PCs, switches, and routers in a testbed. Such testbeds are expensive, bulky, energy-intensive, and cause heat problems. Virtualization of PCs and routers on commodity hardware is a solution to t...
Article
Full-text available
In Vehicular Ad-hoc Networks (VANETs), vehicles gather Cooperative Awareness Messages (CAMs) sent from other vehicles via wireless broadcast. Each received message has to be processed by an in-vehicle system. In series implementations, such an in-vehicle system needs to cope with limited resources whose capacity is not yet defined. Therefore, infor...
Article
Full-text available
We explain the notion of software-defined networking (SDN), whose southbound interface may be implemented by the OpenFlow protocol. We describe the operation of OpenFlow and summarize the features of specification versions 1.0–1.4. We give an overview of existing SDN-based applications grouped by topic areas. Finally, we point out architectural des...
Conference Paper
SeDAX is a publish/subscribe information-centric networking architecture where publishers send messages to the appropriate message broker over a Delaunay-triangulated overlay network. Resilient data forwarding and data redundancy enable a high level of reliability. Overlay nodes and topics are addressed via geo-coordinates. A topic is stored on pri...
Article
Pre-congestion notification (PCN) conveys information about load conditions in differentiated services IP networks to boundary nodes. This information is currently used for admission control and flow termination. Flow termination complements admission control, e.g., in case of failures when admitted traffic is rerouted and causes overload on backup...
Chapter
In this paper, we present the DelayLyzer which is a tool for the calculation of delay bounds using network calculus. It respects the specifics of Industrial Ethernet by implementing not only STP and RSTP but also MRP as forwarding mechanism. The tool allows to specify failure scenarios and alternate forwarding protocols for which delay bounds can a...
Conference Paper
To support applications for environment perception in Vehicular Ad-Hoc Networks (VANETs), vehicles send Cooperative Awareness Messages (CAMs) via wireless broadcast to inform other vehicles about their status. Each message received by a vehicle is processed by several application modules that run on hardware with limited resources whose capacity is...