Data Enclaves for Scientific Computing

Principal Investigators:

Sean Peisert
Venkatesh Akella
Jason Lowe-Power

LBNL-Affiliated Graduate Students:

Ayaz Akram (UC Davis / LBNL)

Project Alumni:

Anna Giannakou (LBNL)

Scientific data today is at risk due to how it is collected, stored, and analyzed in highly disparate computing systems. We believe that in order to solve the problems described above that future HPC hardware and software solutions should be co-designed together with security and scientific computing integrity concepts designed and built into as much of the stack from the outset as possible.

This project is developing new architectures appropriate to the performance and usage needs of scientific computing to secure scientific data from the edge to the HPC center. This includes includes sensor and edge systems that collect and process of that data takes place outside protection boundaries of traditional HPC centers, including against attacks such as ransomware and physical attacks against the computing system. Our approach will address the gaps left by existing solutions for scientific workflows to address the specific power, performance, and usability, and needs from the edge to the HPC center.

This project is supported by the US Department of Energy’s Office of Science’s Advanced Scientific Computing Research (ASCR) program under the following grants:

Toward a Hardware/Software Co-Design Framework for Ensuring the Integrity of Exascale Scientific Data,” PI: Sean Peisert, 2015.

“Cybersecurity for Edge-to-Center Scientific Computing in Advanced Wireless Environments,” PI: Sean Peisert, Co-PIs: Venkatesh Akella and Jason Lowe-Power, 2021.

It is also funded by LBNL Contractor Supported Research.

Press regarding this project:

Berkeley Lab Cybersecurity Specialist Highlights Data Sharing Benefits, Challenges at NAS Meeting — Dec. 4, 2018

CRD’s Peisert to Discuss Data Sharing at National Academies' COSEMPUP Meeting — Nov. 5, 2018

Lab Experts Help Coordinate ISC18, World’s First, Largest Computing Conference - June 21, 2018

Publications resulting from this project:

Ayaz Akram, Venkatesh Akella, Sean Peisert, and Jason Lowe-Power, “Enabling Design Space Exploration for RISC-V Secure Compute Environments,” Proceedings of the Fifth Workshop on Computer Architecture Research with RISC-V (CARRV), (co-located with ISCA 2021) June 17, 2021

Sean Peisert, “Trustworthy Scientific Computing,” Communications of the ACM (CACM), 64(5), pp. 18–21, May 2021.

Ayaz Akram, Anna Giannakou, Venkatesh Akella, Jason Lowe-Power, and Sean Peisert, “Performance Analysis of Scientific Computing Workloads on General Purpose TEEs,” Proceedings of the 35th IEEE International Parallel & Distributed Processing Symposium (IPDPS), May 17–21, 2021.

Ayaz Akram, “Trusted Execution for High-Performance Computing,” Proceedings of the 15th EuroSys Doctoral Workshop (EuroDW), 2021. video

Ayaz Akram, “Architectures for Secure High-Performance Computing,” Proceedings of the Young Architect Workshop (YArch) held in conjunction with the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), April 2021. video

Ayaz Akram, Anna Giannakou, Venkatesh Akella, Jason Lowe-Power, and Sean Peisert, “Performance Analysis of Scientific Computing Workloads on Trusted Execution Environments,” arXiv preprint arXiv:2010.13216, 25 Oct 2020.

Presentations:

Ayaz Akram and Anna Giannakou, Venkatesh Akella, Jason Lowe-Power, Sean Peisert, “Using Trusted Execution Environments on High Performance Computing Platforms,” Open-Source Enclaves Workshop (OSEW 2019), Berkeley, CA, July 25, 2019.

Sean Peisert, “Usable Computer Security and Privacy to Enable and Encourage Data Sharing for Scientific Research,”  National Academies of Sciences, Engineering, and Medicine Committee on Science, Engineering, Medicine, and Public Policy (COSEMPUP) Meeting, Washington, D.C., November 8, 2018.

Sean Peisert, “Cybersecurity Challenges and Opportunities in High-Performance Computing Environments,” International Supercomputing Conference (ISC), Frankfurt, Germany, June 26, 2018.

Other Resources:

Ayaz Akram, Setting up Trusted HPC System in the Cloud, November 19, 2020.

More information is available on other Berkeley Lab R&D projects focusing on cybersecurity in general, as well as specifically on cybersecurity for scientific computing.

Related