CRONUS: Fault-isolated, Secure and High-performance Heterogeneous Computing for Trusted Execution Environment

Jiang, Jianyu; Qi, Ji; Shen, Tianxiang; Chen, Xusheng; Zhao, Shixiong; Wang, Sen; Chen, Li; Zhang, Gong; Luo, Xiapu; Cui, Heming

doi:10.1109/micro56248.2022.00019

Cited by 7 publications

(11 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, they are yet to consider the confidential computation on endpoint GPU. Cronus [41] leverages the secure Stage-2 translation to guarantee the server-side GPU computation but it is not adapted on endpoint GPUs. In contrast, STRONGBOX achieves dynamic and complex memory protection on endpoint GPU computation, and prevents the malicious access from the secure OS and secure applications by leveraging this translation.…”

Section: Related Workmentioning

confidence: 99%

“…To handle potential attacks from this new threat model, we leverage a novel Arm feature, called secure virtualization, to restrict illegal access from the compromised secure OS and secure applications. To verify the feasibility of our defense mechanism, we prototype it on Arm Fixed Virtual Platforms (FVP) [39], which provides the official software-simulated Arm features and is widely used in other TEE works [40], [41], [42], [43]. We also measure the performance overhead of our prototype on Arm Juno R2 development board.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Building a Lightweight Trusted Execution Environment for Arm GPUs

Wang,

Deng,

Ning

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

A wide range of Arm endpoints leverage integrated and discrete GPUs to accelerate computation. However, Arm GPU security has not been explored by the community. Existing work has used Trusted Execution Environments (TEEs) to address GPU security concerns on Intel-based platforms, but there are numerous architectural differences that lead to novel technical challenges in deploying TEEs for Arm GPUs. There is a need for generalizable and efficient Arm-based GPU security mechanisms.To address these problems, we present STRONGBOX, the first GPU TEE for secured general computation on Arm endpoints. STRONGBOX provides an isolated execution environment by ensuring exclusive access to GPU. Our approach is based in part on a dynamic, fine-grained memory protection policy as Arm-based GPUs typically share a unified memory with the CPU. Furthermore, STRONGBOX reduces runtime overhead from the redundant security introspection operations. We also design an effective defense mechanism within secure world to protect the confidential GPU computation. Our design leverages the widely-deployed Arm TrustZone and generic Arm features, without hardware modification or architectural changes. We prototype STRONGBOX using an off-the-shelf Arm Mali GPU and perform an extensive evaluation. Results show that STRONGBOX successfully ensures GPU computation security with a low (4.70% -15.26%) overhead.

show abstract

Section: Related Workmentioning

confidence: 99%

mentioning

confidence: 99%

Building a Lightweight Trusted Execution Environment for Arm GPUs

Wang,

Deng,

Ning

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…For Intel architecture, HIX [71] extends the protection scope of the original Intel SGX technology to GPU computation by modifying the bus between the CPU and GPU, and the GPU driver to ensure an isolated GPU execution environment; SGX‐FPGA [72] designs a scheme to create a TEE between SGX and FPGA by embedding a CPU controller and FPGA security monitor in the CPU‐FPGA architecture to authenticate and encrypt communication data between the CPU and FPGA components. For ARM architecture, StrongBox [73] utilizes traditional Arm TrustZone technology to ensure GPU data security on edge devices; Cronus [74] utilizes ARM secure virtualization technology to build an isolated TEE for heterogeneous chips such as GPU and FPGA, ensuring the heterogeneous computation security of Arm cloud servers; CAGE [75] utilizes the RME hardware extension introduced by Arm CCA to achieve access control of GPU memory, providing confidential GPU computing support for the next generation of ARM cloud and edge devices. In addition, HETEE [76] designs a rack‐scale heterogeneous confidential computing environment that physically isolates protected devices as a whole, allowing the use of trusted peripherals in the TEE.…”

Section: Confidential Computing Architecture and Technologymentioning

confidence: 99%

Survey of research on confidential computing

Feng,

Qin,

Feng

et al. 2024

IET Communications

View full text Add to dashboard Cite

As the global data strategy deepens and data elements accelerate integrating and flowing more rapidly, the demand for data security and privacy protection has become increasingly prominent. Confidential computing emerges as a crucial security technology to solve security and privacy problem, and it is also a hot subject of in contemporary security technologies. Leveraging collaborative security in both hardware and software, it builds a trusted execution environment to ensure confidentiality and integrity protection for data in use. This paper provides a comprehensive overview of the development process of confidential computing, summarizing its current research status and issues, which focuses on the security requirements for data security and privacy protection. Furthermore, it deeply analyses the common technical features of confidential computing, and proposes a trusted confidential computing architecture based on collaborative hardware and software trust. Then, it elaborates on the research status and issues of confidential computing from four aspects: hardware security, architecture and key technologies, applications, and standards and evaluation. Finally, this paper provides a synthesis and outlook for the future development of confidential computing. In summary, confidential computing is currently in a rapidly developing stage and will play an important role in cyber security in the future.

show abstract

“…Another line of research has shown the feasibility of doing enclaved execution on unmodified devices by extending the CPU-TEE protection. They leverage MMU protection to protect memory-mapped devices and perform bus-level isolation since devices are physically connected to a TEE host [35][36][37].…”

Section: Related Workmentioning

confidence: 99%

“…One potential solution to address this problem is to make all nodes TEE-enabled, but this is not a practical. For protecting non-TEE nodes, prior works have shown the feasibility of doing so via bus-level isolation if they are directly physically connected to a TEE host [35][36][37]. Such host-centric solutions do not apply to a data-center setting where nodes are connected in clusters and racks as shown in Fig.…”

Section: Introductionmentioning

confidence: 99%

Empowering Data Centers for Next Generation Trusted Computing

Dhar¹,

Sridhara²,

Shinde³

et al. 2022

Preprint

View full text Add to dashboard Cite

Modern data centers have grown beyond CPU nodes to provide domain-specific accelerators such as GPUs and FP-GAs to their customers. From a security standpoint, cloud customers want to protect their data. They are willing to pay additional costs for trusted execution environments such as enclaves provided by Intel SGX and AMD SEV. Unfortunately, the customers have to make a critical choice-either use domain-specific accelerators for speed or use CPU-based confidential computing solutions.To bridge this gap, we aim to enable data-center scale confidential computing that expands across CPUs and accelerators. We argue that having wide-scale TEE-support for accelerators presents a technically easier solution, but is far away from being a reality. Instead, our hybrid design provides enclaved execution guarantees for computation distributed over multiple CPU nodes and devices with/without TEE support. Our solution scales gracefully in two dimensions-it can handle a large number of heterogeneous nodes and it can accommodate TEE-enabled devices as and when they are available in the future. We observe marginal overheads of 0.42-8% on real-world AI data center workloads that are independent of the number of nodes in the data center. We add custom TEE support to two accelerators (AI and storage) and integrate it into our solution, thus demonstrating that it can cater to future TEE devices.

show abstract

CRONUS: Fault-isolated, Secure and High-performance Heterogeneous Computing for Trusted Execution Environment

Cited by 7 publications

References 60 publications

Building a Lightweight Trusted Execution Environment for Arm GPUs

Building a Lightweight Trusted Execution Environment for Arm GPUs

Survey of research on confidential computing

Empowering Data Centers for Next Generation Trusted Computing

Contact Info

Product

Resources

About