Research & Development

Elastisys was founded in 2011 as a spin-off from Umeå university. True to our academic roots, we are always involved in research and development. We enhance the open source cloud-native field with secure solutions, so customers innovate faster.

University roots

Founders and seniors from Umeå university

Academic excellence

8 PhDs in cloud and computer science

Research focused

Grounded in today, developing for tomorrow

Openness in our DNA

Open source and
knowledge sharing

Research & Development

Elastisys was founded in 2011 as a spin-off from Umeå university. True to our academic roots, we are always involved in research and development. We enhance the open source cloud-native field with secure solutions, so customers innovate faster.

Trustworthy R&D efforts

Founded 2011 by Erik Elmroth and Johan Tordsson, both with the Autonomous Distributed Systems Lab at Umeå University.

Erik Elmroth is a member of Wallenberg AI, Autonomous Systems and Software Program (WASP) Program Management since 2015.

Members of the Swedish node for accelerating innovation and research in cybersecurity by the Research Institute of Sweden (RISE).

Elastisys contributes back to the cloud-native open source community with security-focused solutions to foster innovation.

Elastisys research & development

Scaling and Shifting CPU and GPU Use to Reduce Energy Consumption and Peaks for Data Centers
November 2022 – August 2023

Idle cloud resources waste energy, money, and other resources. The goal of this project, a collaboration between Elastisys and Elastx, is to reduce this waste. It is done in two ways that work together. First, we dynamically scale resource allocation to resource needs. Second, we shift usage from electricity load peak hour times. This makes better use of electricity during off-peak hours.

Our results are promising. As a demo, we set up Jupyter to use Kubernetes resources on the Elastx cloud infrastructure. Jupyter is a very common data science tool in machine learning and artificial intelligence. The computations are carried out on the cloud infrastructure, with an auto-scaled Kubernetes Cluster API integration. The complexity of all this is hidden from the user, who only uses Jupyter.

AI and Risk Based Vulnerability Management for Trustworthy Open Source Adoption (ARVOS)
May 2021 – November 2022

Vulnerability scanners will report all known vulnerabilities, but don’t understand which ones don’t apply to your configuration. This over-alerting causes alert fatigue in system administrators. In the ARVOS project, a collaboration between Elastisys and Debricked, the goal was to make vulnerability scanning smarter. During the test phase of continuous integration (CI), analysis would be made to see if known vulnerabilities were triggered by the code. If so, developers could change the code. If not, the code could be deployed for real.

Read our initial blog about it, Debricked’s press release, and visit the project’s source code.

Multi-Tenant Compliant Kubernetes for a Scalable Business in the Heart of the Cloud-Native Landscape
April 2020 – March 2021

Regulated industries require stable and secure software solutions, but not at the expense of innovation speed. In this project, Elastisys was fortunate enough to get funding to develop Compliant Kubernetes further, and to verify that it addressed a need in the market. As the recent years of our solid and rapid growth shows, this was certainly the case!

The project initially set out to test whether a multi-tenancy solution would be acceptable by the regulated industries market. The results, as we know now, showed that this was not desirable. Hence, Compliant Kubernetes is always deployed in a shared-nothing set of virtual infrastructure. Every customer gets their own entire software stack.

Read our initial blog about it and some praise (in Swedish) from our incubator, Uminova Innovation.

The FogGuru Project in Advanced Technology for Data Processing
September 2017 – November 2021

Centralized cloud computing offers cheap access to large amounts of processing and data storage capabilities. Yet for many applications, being far from the data center does not work. Some suffer from poor user experience if the network is too slow. Some from legal issues related to where data is stored. And some crucial services must still work even if access to the main data center is not available.

All these problems are addressed with fog computing: moving “cloud-like” computations closer to the end-user. But doing so creates a whole new set of problems!

The FogGuru project was an EU-funded research programme about exploring such problems. It ran for several years and Elastisys participated with.

Future Potential Research Projects

Future projects under consideration from Elastisys for 2024 and beyond.

AI for Infosec

Confidential Containers

Function as a Service running on Kubernetes

Elastisys research & development

Scaling and Shifting CPU and GPU Use to Reduce Energy Consumption and Peaks for Data Centers
November 2022 – August 2023

Idle cloud resources waste energy, money, and other resources. The goal of this project, a collaboration between Elastisys and Elastx, is to reduce this waste. It is done in two ways that work together. First, we dynamically scale resource allocation to resource needs. Second, we shift usage from electricity load peak hour times. This makes better use of electricity during off-peak hours.

Our results are promising. As a demo, we set up Jupyter to use Kubernetes resources on the Elastx cloud infrastructure. Jupyter is a very common data science tool in machine learning and artificial intelligence. The computations are carried out on the cloud infrastructure, with an auto-scaled Kubernetes Cluster API integration. The complexity of all this is hidden from the user, who only uses Jupyter.

AI and Risk Based Vulnerability Management for Trustworthy Open Source Adoption (ARVOS)
May 2021 – November 2022

Vulnerability scanners will report all known vulnerabilities, but don’t understand which ones don’t apply to your configuration. This over-alerting causes alert fatigue in system administrators. In the ARVOS project, a collaboration between Elastisys and Debricked, the goal was to make vulnerability scanning smarter. During the test phase of continuous integration (CI), analysis would be made to see if known vulnerabilities were triggered by the code. If so, developers could change the code. If not, the code could be deployed for real.

Read our initial blog about it, Debricked’s press release, and visit the project’s source code.

Multi-Tenant Compliant Kubernetes for a Scalable Business in the Heart of the Cloud-Native Landscape
April 2020 – March 2021

Regulated industries require stable and secure software solutions, but not at the expense of innovation speed. In this project, Elastisys was fortunate enough to get funding to develop Compliant Kubernetes further, and to verify that it addressed a need in the market. As the recent years of our solid and rapid growth shows, this was certainly the case!

The project initially set out to test whether a multi-tenancy solution would be acceptable by the regulated industries market. The results, as we know now, showed that this was not desirable. Hence, Compliant Kubernetes is always deployed in a shared-nothing set of virtual infrastructure. Every customer gets their own entire software stack.

Read our initial blog about it and some praise (in Swedish) from our incubator, Uminova Innovation.

The FogGuru Project in Advanced Technology for Data Processing
September 2017 – November 2021

Centralized cloud computing offers cheap access to large amounts of processing and data storage capabilities. Yet for many applications, being far from the data center does not work. Some suffer from poor user experience if the network is too slow. Some from legal issues related to where data is stored. And some crucial services must still work even if access to the main data center is not available.

All these problems are addressed with fog computing: moving “cloud-like” computations closer to the end-user. But doing so creates a whole new set of problems!

The FogGuru project was an EU-funded research programme about exploring such problems. It ran for several years and Elastisys participated with.

Future Potential Research Projects

Future projects under consideration from Elastisys for 2024 and beyond.

AI for Infosec

Confidential Containers

Function as a Service running on Kubernetes

Research done by our engineers

Erik Elmroth, PhD

Chief Scientist, Co-founder

Johan Tordsson, PhD

CEO, Co-founder

Lars Larsson​, PhD

Senior Cloud Architect/DevOps Expert

Cristian Klein, PhD

Compliant Kubernetes Architect

Petter Svärd, PhD

Head of Managed Services

Jakub Krzywda, PhD

Senior Cloud Native Engineer, Kubernetes Trainer

Ewnetu Bayuh Lakew, PhD

Senior Cloud Native Engineer

Mohammad Reza Saleh Sedghpour, PhD

Cloud Native Engineer

Peter Gardfjäll, PhLic

Senior Software Engineer

Ayoub Ed-dafali

Cloud Native Engineer

We love to share our knowledge & research

Mohammad Reza Saleh Sedghpour, PhD defense

Mohammad’s thesis title was “Towards Self-Driving Microservices”. Service meshes, with configurable proxies integrated into microservices, address communication challenges and short-term failures. Mohammad’s thesis pursues three goals: investigating service traffic’s impact on reliability, auto-tuning traffic management for throughput, and enhancing research reproducibility in distributed systems. It explores current challenges, proposes adaptive controllers for circuit breakers and retries, and advocates a microservice benchmark generator.

Lars Larsson, PhD defense

Lars’ thesis title was “Managing Cloud Resource Scarcity”. The cloud’s resources are very large, but not unlimited. Neither are cloud spend budgets. During his studies, Lars focused on how to work around when such limits are reached. Some of the topics he explored included intelligently sharing the load between infrastructure providers if their capacity is low. And from the customer perspective, he explored reducing the computation needed, if budgets or capacity availability are low.

Cristian Klein, university lecture

In this lecture, Cristan Klein gives a brief overview of most important regulations in FinTech, HealthTech and personal data processing. We will navigate the ISO 27001 information security standard which has shaped much of non-functional software requirements for society-critical IT systems. The lecture highlights the difference between security and privacy. Finally, it explores how deviation management can keep a project both fast and compliant.

Let us innovate together!

Our vision is to accelerate innovation using cloud native tech. Open source is a given. So is security and compliance. If you also like to dream big, let us make it happen. We are open to it all: speaking opportunities, master thesis projects, PhD studies, industrial collaboration with research grants. Say hi, tell us what is on your mind, and let us see what we can do!

Johan Tordsson, PhD

CEO, Co-founder

Commercial offerings

Managed Services

A fully managed and security-hardened Kubernetes platform service for critical entities. We become your Kubernetes Platform Security Operations Center.

Self-Managed

License with support for enterprises that operate Compliant Kubernetes in their cloud of choice or on premise. Incident response and support directly from the core maintainers.

Consulting

We translate security and compliance requirements to technology in order to enable organizations to develop and operate secure applications on Kubernetes.

Training

We are a Linux Foundation authorized training provider. We teach engineers to operate and develop applications for secure Kubernetes platforms.