YoVDO

Enabling Rack-Scale Confidential Computing Using Heterogeneous Trusted Execution Environment

Offered By: IEEE via YouTube

Tags

Confidential Computing Courses Hardware Security Courses Threat Modeling Courses

Course Description

Overview

Explore a groundbreaking conference talk on enabling large-scale confidential computing through a novel Heterogeneous Trusted Execution Environment (TEE) design called HETEE. Discover how this innovative approach addresses the limitations of current TEEs by supporting high-throughput accelerators like GPUs, FPGAs, and TPUs without requiring chip-level changes. Learn about HETEE's unique architecture, which utilizes PCIe ExpressFabric for dynamic resource allocation and strong isolation, and its implementation of a thin TCB stack for security management. Gain insights into the system's performance evaluation using popular neural network inference and training tasks, showcasing minimal throughput overhead. Delve into the technical details of HETEE's components, including its security controller, hardware encryption, and remote attestation mechanisms, as well as its defense strategies against physical attacks.

Syllabus

Intro
Existing TEEs not Support Many Heterogeneous Units
Heterogeneous TEE Inside a Single Chip
Related Works
Our New Design: HETEE
Threat Model
HETEE Overview
PCIe Express Fabric
Elastic Resources Allocation and Isolation
Efficient Secure Cleanup
Hardware Support for Secure Reboot
Pooling Enclave Resources
SC Functions and HETEE Enclaves
SC Structure
Hardware (De)Encryption & Scheduling
Hardware Isolation
Remote Attestation and Symmetric Key Negotiation
Certificate Chain
Prototype System
HETEE performance overhead on single GPU with different batch sizes.
HETEE latency overhead on single GPU with different batch stres
HETEE inference throughput scalability evaluation
Cost Analysis
Outline
TCB definition
Defense against physical attack
Conclusion


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Confidential Computing in Cloud and Edge
RSA Conference via YouTube
The Rise of Confidential Computing
RSA Conference via YouTube
Architectural Extensions for Hardware Virtual Machine Isolation to Advance Confidential Computing in Public Clouds
Linux Foundation via YouTube
The Open Enclave SDK - Confidential Computing with Trusted Apps
Linux Foundation via YouTube
Securing Linux VM Boot with AMD SEV Measurement
Linux Foundation via YouTube