High-performance computing (HPC) is increasingly becoming more data-centric, involvinglarge data sets, rather than its historical focus on modeling and simulation. Sometimes, this
data can be sensitive, provided by third parties to HPC centers or individual researchers,
and raises security concerns regarding the confidentiality or integrity of the data. Our work
aims to provide secure systems focused on HPC centers, without any significant performance
reductions. Hardware-based trusted execution environments (TEEs) use hardware-backed
techniques to provide some level of assurance for data and code confidentiality, and integrity.
We first study the applicability of commercial hardware-based trusted execution environments
(TEEs) to enable secure scientific computing. We rigorously analyze the performance impact
of general purpose TEEs, AMD SEV, and Intel SGX, for diverse HPC benchmarks including
traditional scientific computing, machine learning, graph analytics, and emerging scientific
computing workloads. We also analyze the impact of the programming model required by
these TEEs. The results show that commercial TEEs do not fit the HPC use case, either
because their performance implications are intolerable, they require significant application
changes (e.g., partitioning, linking applications against specific libraries), or their threat
model does not include all system components that HPC applications might use. We provide
a design point for enclaves that does not require an entire OS inside the enclave but can
rely on a primarily untrusted OS for resource management. We implement a prototype data
enclave, called DESC, with multithreading support on the RISC-V ISA that separates the
management of the system from the protection of the sensitive data. We show how DESC
allows an untrusted OS to maintain page tables, service system calls, and manage processes
without compromising the enclave applications data confidentiality or integrity.
Cycle-level architectural simulation of trusted execution environments (TEEs) can enable
extensive design space exploration of these secure architectures. Existing architectural simulators that support TEEs are either based on hardware-level implementations or abstranalytic models. To this end, we enable a simulation environment using full-system architecture simulator, gem5, and a RISC-V based open source TEE, Keystone, and show how
this simulation support opens new avenues for designing and studying these trusted architectures. Future HPC systems are expected to improve resource utilization by decoupling
compute and memory extensively, leading to disaggregated architectures composed of different types of processing elements and remote memory pools. We also explore the expansion
of our baseline TEE design (DESC) to provide scalable mechanisms that would allow a user
to form a secure enclave spanning multiple processing elements.
