No Travel? No Problem.

Remote Participation
Low Overhead Security Isolation Using Lightweight Kernels and TEEs
Event Type
Workshop
Tags
Online Only
Cloud and Distributed Computing
System Software and Runtime Systems
Registration Categories
W
TimeMonday, 15 November 202110:55am - 11:20am CST
LocationOnline
DescriptionNext generation supercomputers are expected to greatly expand the scope of HPC environments with diverse workloads and user bases and the integration of edge infrastructures. This will require new mechanisms and approaches at the Operating System level to support these broader classes of workloads. We claim that a necessary mechanism will be the ability to securely compartmentalize a node's system software. In this paper, we present initial efforts in integrating secure and trusted computing capabilities into an HPC system software stack. As part of this work we have ported the Kitten Lightweight Kernel to the ARM64 architecture and integrated it with the Hafnium hypervisor, a secure partition manager that provides security isolation for virtual machines. By integrating Kitten with Hafnium, we are able to replace the commodity oriented Linux based resource management infrastructure and reduce the overheads introduced by using a full weight kernel (FWK) as the node-level resource scheduler.
Back To Top Button