Research Archive

Journal Article Open Access Internet of Things

Lightweight Cryptographic Protocols for Resource-Constrained IoT Devices: Performance Benchmarking of PRESENT, SIMON, SPECK, and ChaCha20 on ARM Cortex-M Microcontrollers

The deployment of cryptographic security protocols on resource-constrained IoT devices -- characterized by limited CPU clock speeds (typically 8-120 MHz), kilobytes of RAM, and stringent energy budgets -- demands careful selection of cryptographic primitives that balance security assurance with computational and energy overhead. This paper presents a rigorous benchmarking study of four lightweight cryptographic algorithms -- PRESENT (block cipher), SIMON and SPECK (NSA lightweight cipher family), and ChaCha20 (stream cipher) -- implemented on four representative ARM Cortex-M microcontroller platforms: STM32L0, STM32F4, nRF52832, and SAMD21. Each implementation is evaluated across six performance dimensions: encryption throughput (bytes per second), energy consumption per kilobyte encrypted (microjoules), code size (bytes), RAM footprint, side-channel attack resistance profile, and implementation complexity. ChaCha20 achieves the highest throughput on 32-bit Cortex-M4 platforms (4.2 MB/s at 3.3V), while PRESENT demonstrates the lowest energy consumption on 8-bit equivalent Cortex-M0 platforms. We introduce a Cryptographic Suitability Index (CSI) that aggregates performance dimensions weighted by IoT deployment profile (battery life vs throughput vs security assurance priority) and provide a deployment decision matrix covering 12 common IoT use case categories. This work provides IoT architects with empirically grounded primitives selection guidance calibrated to production hardware constraints.

Emeka Eze, Linnea Karlsson, Taro Yamashita, Nour El-Din Mansour· Dec 2017· 334 citations

Journal Article Open Access Computer Vision

Real-Time Object Detection for Embedded Vision Systems: Architectural Comparison of YOLO, SSD, and MobileNet-SSD on NVIDIA Jetson and Raspberry Pi Platforms

Real-time object detection on embedded vision platforms -- required for applications including autonomous mobile robots, industrial quality inspection, and smart camera systems -- demands neural network architectures that balance detection accuracy, inference latency, and power consumption within the constraints of embedded hardware. This paper presents a comprehensive empirical evaluation of three real-time detection architecture families -- YOLOv3, Single Shot Detector (SSD), and MobileNet-SSD -- on two representative embedded platforms: NVIDIA Jetson Nano and Raspberry Pi 4B with Coral USB Accelerator. Each architecture is evaluated under five optimization conditions: FP32 baseline, FP16 mixed precision, INT8 post-training quantization, INT8 quantization-aware training, and TensorRT engine optimization. On Jetson Nano, YOLOv3-Tiny with TensorRT INT8 optimization achieves 47.3 FPS at 58.4 mAP on COCO, versus 28.1 FPS at 71.2 mAP for full YOLOv3. MobileNet-SSD with Coral USB acceleration achieves 89 FPS on Raspberry Pi 4B at 53.7 mAP, making it the preferred choice for power-constrained mobile deployments. We introduce the Embedded Vision Deployment Score (EVDS) that weights accuracy, throughput, power draw, and memory footprint according to four deployment profile templates, and provide a model selection decision tree for common embedded vision scenarios. Quantitative energy profiling data for all configurations is released to support green computing analysis in edge vision system design.

Ifeanyi Okonkwo, Sofia Holm, Yutaka Tanaka, Nour Mansour· Sep 2017· 445 citations

Journal Article Subscription Cloud Computing

Container Orchestration at Scale: A Comparative Analysis of Kubernetes, Docker Swarm, and Apache Mesos in Production DevOps Workflows

Container orchestration platforms have become the operational backbone of cloud-native DevOps pipelines, yet rigorous comparative evaluations under realistic production conditions remain scarce in the literature. This paper presents a controlled experimental evaluation of three leading orchestration platforms — Kubernetes, Docker Swarm, and Apache Mesos — across five operational dimensions: resource utilization efficiency, fault recovery latency, horizontal scaling responsiveness, network throughput under load, and operational complexity. Experiments were conducted using a standardized microservices benchmark suite deployed on identical cloud infrastructure across AWS, GCP, and Azure. We additionally surveyed 215 DevOps practitioners to assess real-world operational complexity perceptions. Kubernetes demonstrated superior fault recovery and scaling capabilities, achieving 99.97% uptime across 72-hour stress tests, but incurred the highest operational complexity score. Docker Swarm offered the fastest onboarding profile for small teams. Mesos excelled in heterogeneous workload co-location. We provide a decision matrix to guide platform selection based on organizational size, workload profile, and engineering maturity, and discuss emerging patterns such as service mesh integration and GitOps-driven cluster management.

Jerome Fontaine, Aisha Nakamura, Stefan Gruber, Kwabena Asante-Mensah· Sep 2017· 389 citations

Journal Article Subscription Software Engineering

Feature Flags and Progressive Delivery: Architecture, Risk Management, and Operational Patterns for Controlled Software Rollouts in DevOps

Feature flags — runtime configuration mechanisms that enable or disable application functionality without code deployment — have emerged as a cornerstone of progressive delivery strategies in mature DevOps organizations. This paper presents a comprehensive treatment of feature flag architectures, operational patterns, and risk management considerations, grounded in a practitioner survey (n=298) and seven in-depth organizational case studies. We propose a Feature Flag Classification Taxonomy distinguishing five flag types — Release Flags, Experiment Flags, Operational Flags, Permission Flags, and Kill Switches — and characterize appropriate lifecycle management for each. A central empirical contribution is our analysis of feature flag technical debt: 74% of organizations in our survey reported accumulating stale flags that degraded codebase clarity, with a mean flag retirement lag of 47 days beyond intended expiry. We quantify the cognitive overhead of unmanaged flag proliferation and introduce the Feature Flag Debt Index (FFDI) as a measurable proxy for this risk. Case studies examine progressive delivery patterns including canary releases, dark launches, A/B deployments, and ring-based rollouts, evaluating their risk profiles and organizational prerequisites. We provide an architectural reference for feature flag management systems and evaluate leading platforms — LaunchDarkly, Unleash, and Flagsmith — against a standardized capability matrix.

Ifeanyi Obasi, Petra Kowalczyk, Hiromi Tanaka, Gabriel Santos· May 2017· 318 citations

Journal Article Open Access Privacy Engineering

Differential Privacy in Practice: Implementation Patterns, Utility-Privacy Trade-off Characterization, and Deployment Lessons from Production Analytics Systems

Differential privacy (DP) provides mathematically rigorous guarantees against individual-level inference from aggregate statistical releases, yet the gap between its theoretical formulation and its practical deployment in production analytics systems involves a set of engineering decisions -- epsilon budget management, sensitivity calibration, composition accounting, and post-processing strategies -- that are poorly characterized in the academic literature. This paper reports implementation and deployment experience from three production DP deployments: a national population health analytics system, a financial behavioral segmentation pipeline, and a mobility pattern analysis platform. Each deployment is analyzed through the lens of five DP engineering concerns: epsilon budget policy governance, local versus central DP architecture selection, mechanism selection for different query types (Laplace for numeric, Randomized Response for categorical, Gaussian for ML gradient aggregation), composition theorem selection (basic, advanced, zero-concentrated), and utility measurement under operational query distributions. We find that production epsilon budgets cluster between 1.0 and 10.0 across all three deployments despite theoretical guidance suggesting epsilon below 1.0, driven by utility constraints that render lower epsilon settings unacceptable to data consumers. We introduce the DP Deployment Readiness Framework (DDRF) comprising 22 engineering decisions with empirically-grounded guidance for each, and quantify the utility cost of DP adoption as a function of dataset size, query complexity, and epsilon budget across representative analytical workload types.

Chidinma Okafor, Lars Bergqvist, Hiroshi Ito, Yasmin El-Masri· Feb 2017· 398 citations

Journal Article Open Access Software Engineering

Measuring DevOps Effectiveness: Toward a Unified Key Performance Indicator Framework for Software Delivery Organizations

Despite the widespread adoption of DevOps practices, organizations continue to struggle with quantifying the business value of their DevOps investments. Existing measurement frameworks tend to conflate process metrics with outcome metrics, leading to misleading assessments of organizational performance. This paper proposes a Unified DevOps KPI Framework (UDKF) that distinguishes between four measurement tiers: delivery throughput, system reliability, team effectiveness, and business impact. The framework is grounded in a Delphi study involving 52 industry experts and validated through application at seven mid-to-large software organizations over a period of nine months. We demonstrate that organizations leveraging UDKF achieve statistically significant improvements in stakeholder alignment, with a 38% reduction in disagreement between engineering leads and product owners regarding performance assessments. The paper also introduces a composite DevOps Performance Index (DPI) that aggregates tier-level signals into a single interpretable score, enabling longitudinal benchmarking. Our work directly addresses the measurement gap that undermines executive confidence in DevOps transformation programs.