Thomas Schuster

Anne Wald, Thomas Schuster

In this work we discuss a method to adapt sequential subspace optimization (SESOP), which has so far been developed for linear inverse problems in Hilbert and Banach spaces, to the case of nonlinear inverse problems. We start by revising the well-known technique for Hilbert spaces. In a next step, we introduce a method using multiple search directions that are especially designed to fit the nonlinearity of the forward operator. To this end, we iteratively project the initial value onto stripes whose shape is determined by the search direction, the nonlinearity of the operator and the noise level. We additionally propose a fast algorithm that uses two search directions. Finally we will show convergence and regularization properties for the presented method.

Jens Tepe, Thomas Schuster, Benjamin Littau

Terahertz (THz) tomography is a rather novel technique for nondestructive testing that is particularly suited for the testing of plastics and ceramics. Previous publications showed a large variety of conventional algorithms adapted from computed tomography or ultrasound tomography which were directly applied to THz tomography. Conventional algorithms neglect the specific nature of THz radiation, i.e. refraction at interfaces, reflection losses and the beam profile (Gaussian beam), which results in poor reconstructions. The aim is the efficient reconstruction of the complex refractive index, since it indicates inhomogeneities in the material. A hybrid algorithm has been developed based on the algebraic reconstruction technique (ART). ART is adapted by including refraction (Snell's law) and reflection losses (Fresnel equations). Our method uses a priori information about the interface and layer geometry of the sample. This results in the 'Modified ART for THz tomography', which reconstructs simultaneously the complex refractive index from transmission coefficient and travel time measurements.

Julia Seydel, Thomas Schuster

We consider the nonlinear, inverse problem of identifying the stored energy function of a hyperelastic material from full knowledge of the displacement field as well as from surface sensor measurements. The displacement field is represented as a solution of Cauchy's equation of motion, which is a nonlinear, elastic wave equation. Hyperelasticity means that the first Piola-Kirchhoff stress tensor is given as the gradient of the stored energy function. We assume that a dictionary of suitable functions is available and the aim is to recover the stored energy with respect to this dictionary. The considered inverse problem is of vital interest for the development of structural health monitoring systems which are constructed to detect defects in elastic materials from boundary measurements of the displacement field, since the stored energy encodes the mechanical peroperties of the underlying structure. In this article we develope a numerical solver for both settings using the attenuated Landweber method. We show that the parameter-to-solution map satisfies the local tangential cone condition. This result can be used to prove local convergence of the attenuated Landweber method in case that the full displacement field is measured. In our numerical experiments we demonstrate how to construct an appropriate dictionary and show that our algorithm is well suited to localize damages in various situations.

Frederik Heber, Frank Schöpfer, Thomas Schuster

Conjugate Gradient (CG) methods are one of the most effective iterative methods to solve linear equations in Hilbert spaces. So far, they have been inherently bound to these spaces since they make use of the inner product structure. In more general Banach spaces one of the most prominent iterative solvers are Landweber-type methods that essentially resemble the Steepest Descent method applied to the normal equation. More advanced are subspace methods that take up the idea of a Krylov-type search space, wherein an optimal solution is sought. However, they do not share the conjugacy property with CG methods. In this article we propose that the Sequential Subspace Optimization (SESOP) method can be considered as an extension of CG methods to Banach spaces. We employ metric projections to orthogonalize the current search direction with respect to the search space from the last iteration. For the l2-space our method then exactly coincides with the Polak-Ribière type of the CG method when applied to the normal equation. We show that such an orthogonalized search space still leads to weak convergence of the subspace method. Moreover, numerical experiments on a random matrix toy problem and 2D computerized tomography on lp-spaces show superior convergence properties over all p compared to non-orthogonalized search spaces. This especially holds for lp-spaces with small p. We see that the closer we are to an l2-space, the more we recover of the conjugacy property that holds in these spaces, i. e., as expected, the more the convergence behaves independently of the size of the truncated search space.

Alexander Katsevich, Dimitri Rothermel, Thomas Schuster

In this article we present an improved exact inversion formula for the 3D cone beam transform of vector fields. It is well known that only the solenoidal part of a vector field can be determined by the longitudinal ray transform of a vector field in cone beam geometry. The exact inversion formula, as it was developed in A. Katsevich and T. Schuster, 'An exact inversion formula for cone beam vector tomography', Inverse Problems 29 (2013), consists of two parts. the first part is of filtered backprojection type, whereas the second part is a costly 4D integration and very inefficient. In this article we tackle this second term and achieve an improvement which is easily to implement and saves one order of integration. The theory says that the first part contains all information about the curl of the field, whereas the second part presumably has information about the boundary values. This suggestion is supported by the fact that the second part vanishes if the exact field is divergence free and tangential at the boundary. A number of numerical tests, that are also subject of this article, confirm the theoretical results and the exactness of the formula.

Thomas Schuster, Julius Trögele, Nico Döring et al.

Automatic Speech Recognition (ASR) offers significant potential to reduce the workload of medical personnel, for example, through the automation of documentation tasks. While numerous benchmarks exist for the English language, specific evaluations for the German-speaking medical context are still lacking, particularly regarding the inclusion of dialects. In this article, we present a curated dataset of simulated doctor-patient conversations and evaluate a total of 29 different ASR models. The test field encompasses both open-weights models from the Whisper, Voxtral, and Wav2Vec2 families as well as commercial state-of-the-art APIs (AssemblyAI, Deepgram). For evaluation, we utilize three different metrics (WER, CER, BLEU) and provide an outlook on qualitative semantic analysis. The results demonstrate significant performance differences between the models: while the best systems already achieve very good Word Error Rates (WER) of partly below 3%, the error rates of other models, especially concerning medical terminology or dialect-influenced variations, are considerably higher.

Benedikt Klein, Mario Ohlberger, Thomas Schuster

Monitoring the integrity of elastic structures using ultrasonic waves requires the efficient identification of material parameters from measured surface displacements. The displacement field is governed by Cauchy's equation of motion, i.e., an elastic wave equation. Consequently, defect localization leads to a high-dimensional spatial parameter identification problem for a hyperbolic system with given initial and boundary conditions. Stable parameter reconstructions typically rely on regularization techniques such as the iteratively regularized Gauss--Newton method (IRGNM). However, its practical application is computationally demanding due to the high-dimensional nature of the problem. To address this bottleneck, we propose a reduced-order modeling approach that simultaneously reduces the state and parameter spaces using adaptively constructed reduced-basis spaces. This yields online-efficient surrogate models for both the forward and adjoint evaluations required in derivative-based optimization. To ensure reliability, the IRGNM iteration is embedded into an adaptive, trust-region framework that provides accuracy of the reduced-order approximations. The approach extends our recent contributions, which focus on elliptic and parabolic problems, to the hyperbolic setting. We demonstrate the reliability and effectiveness of the method for defect detection through numerical experiments.

Thomas Schuster, Dominik Kufel, Norman Y. Yao et al.

We prove that recognizing the phase of matter of an unknown quantum state is quantum computationally hard. More specifically, we show that the quantum computational time of any phase recognition algorithm must grow exponentially in the range of correlations $ξ$ of the unknown state. This exponential growth renders the problem practically infeasible for even moderate correlation ranges, and leads to super-polynomial quantum computational time in the system size $n$ whenever $ξ= ω(\log n)$. Our results apply to a substantial portion of all known phases of matter, including symmetry-breaking phases and symmetry-protected topological phases for any discrete on-site symmetry group in any spatial dimension. To establish this hardness, we extend the study of pseudorandom unitaries (PRUs) to quantum systems with symmetries. We prove that symmetric PRUs exist under standard cryptographic conjectures, and can be constructed in extremely low circuit depths. We also establish hardness for systems with translation invariance and purely classical phases of matter. A key technical limitation is that the locality of the parent Hamiltonians of the states we consider is linear in $ξ$; the complexity of phase recognition for Hamiltonians with constant locality remains an important open question.

Martin Schwarzl, Pietro Borrello, Andreas Kogler et al.

In the quest for efficiency and performance, edge-computing providers eliminate isolation boundaries between tenants, such as strict process isolation, and instead let them compute in a more lightweight multi-threaded single-process design. Edge-computing providers support a high number of tenants per machine to reduce the physical distance to customers without requiring a large number of machines. Isolation is provided by sandboxing mechanisms, e.g., tenants can only run sandboxed V8 JavaScript code. While this is as secure as a sandbox for software vulnerabilities, microarchitectural attacks can bypass these sandboxes. In this paper, we show that it is possible to mount a Spectre attack on such a restricted environment, leaking secrets from co-located tenants. Cloudflare Workers is one of the top three edge-computing solutions and handles millions of HTTP requests per second worldwide across tens of thousands of web sites every day. We demonstrate a remote Spectre attack using amplification techniques in combination with a remote timing server, which is capable of leaking 120 bit/h. This motivates our main contribution, Dynamic Process Isolation, a process isolation mechanism that only isolates suspicious worker scripts following a detection mechanism. In the worst case of only false positives, Dynamic Process Isolation simply degrades to process isolation. Our proof-of-concept implementation augments a real-world cloud infrastructure framework, Cloudflare Workers, which is used in production at large scale. With a false-positive rate of only 0.61%, we demonstrate that our solution vastly outperforms strict process isolation in terms of performance. In our security evaluation, we show that Dynamic Process Isolation statistically provides the same security guarantees as strict process isolation, fully mitigating Spectre attacks between multiple tenants.

Martin Schwarzl, Thomas Schuster, Michael Schwarz et al.

Since 2016, multiple microarchitectural attacks have exploited an effect that is attributed to prefetching. These works observe that certain user-space operations can fetch kernel addresses into the cache. Fetching user-inaccessible data into the cache enables KASLR breaks and assists various Meltdown-type attacks, especially Foreshadow. In this paper, we provide a systematic analysis of the root cause of this prefetching effect. While we confirm the empirical results of previous papers, we show that the attribution to a prefetching mechanism is fundamentally incorrect in all previous papers describing or exploiting this effect. In particular, neither the prefetch instruction nor other user-space instructions actually prefetch kernel addresses into the cache, leading to incorrect conclusions and ineffectiveness of proposed defenses. The effect exploited in all of these papers is, in fact, caused by speculative dereferencing of user-space registers in the kernel. Hence, mitigation techniques such as KAISER do not eliminate this leakage as previously believed. Beyond our thorough analysis of these previous works, we also demonstrate new attacks enabled by understanding the root cause, namely an address-translation attack in more restricted contexts, direct leakage of register values in certain scenarios, and the first end-to-end Foreshadow (L1TF) exploit targeting non-L1 data. The latter is effective even with the recommended Foreshadow mitigations enabled and thus revives the Foreshadow attack. We demonstrate that these dereferencing effects exist even on the most recent Intel CPUs with the latest hardware mitigations, and on CPUs previously believed to be unaffected, i.e., ARM, IBM, and AMD CPUs.

Michael Schwarz, Daniel Gruss, Moritz Lipp et al.

Double-fetch bugs are a special type of race condition, where an unprivileged execution thread is able to change a memory location between the time-of-check and time-of-use of a privileged execution thread. If an unprivileged attacker changes the value at the right time, the privileged operation becomes inconsistent, leading to a change in control flow, and thus an escalation of privileges for the attacker. More severely, such double-fetch bugs can be introduced by the compiler, entirely invisible on the source-code level. We propose novel techniques to efficiently detect, exploit, and eliminate double-fetch bugs. We demonstrate the first combination of state-of-the-art cache attacks with kernel-fuzzing techniques to allow fully automated identification of double fetches. We demonstrate the first fully automated reliable detection and exploitation of double-fetch bugs, making manual analysis as in previous work superfluous. We show that cache-based triggers outperform state-of-the-art exploitation techniques significantly, leading to an exploitation success rate of up to 97%. Our modified fuzzer automatically detects double fetches and automatically narrows down this candidate set for double-fetch bugs to the exploitable ones. We present the first generic technique based on hardware transactional memory, to eliminate double-fetch bugs in a fully automated and transparent manner. We extend defensive programming techniques by retrofitting arbitrary code with automated double-fetch prevention, both in trusted execution environments as well as in syscalls, with a performance overhead below 1%.