December 15, 2022
On-demand availability of computing resources or “cloud computing” offers more scalable, reliable, and cost-effective information technology (IT) infrastructure. One of the main drivers of these benefits is multi-tenancy where multiple customers of a cloud service provider (CSP) share the same computing resources (CPUs, GPUs, and most recently FPGAs), either temporally, spatially, or both. However, it’s been shown time and again that failure to effectively isolate tenants in cloud computing system implementations can compromise availability (e.g., DoS), integrity (e.g., through RowHammer, fault injection, etc.) and confidentiality (e.g., through side- or covert-channels).
For CPUs, Meltdown and Spectre demonstrated that user/kernel isolations could be bypassed in every widely deployed ISA for decades. Even elaborate attempts to provide isolation, such as address space separation and trust execution environments (TEEs), still fail since other tenants may observe an isolated execution’s effect on shared resources through timing channels. Further, communication between isolated components of the same tenant must occur over untrusted communication mediums. Even with encryption, it is possible to ascertain secrets from the size and/or timing of messages, thus necessitating secure communication to also be made oblivious of any secret data.
Meanwhile, FPGA-acceleration in the cloud is still in its infancy. Although current FPGA deployments only support multi-tenancy though temporal multiplexing, closing the resource utilization gap will eventually require efficient spatial allocation of FPGA resources across multiple tenants. Here, the situation is even more challenging. Prior FPGA deployments only required trust in the FPGA vendor. However, in FPGA-as-a-service, additional security risks arise from untrusted tenants, third-party developers of accelerators, and CSPs. FPGA platforms are not yet equipped with a trusted computing base nor mechanisms that only allow only trusted designs on the hardware. FPGAs are also vulnerable to a growing number of remotely exploitable physical attacks such as power leakage and power drop attacks, crosstalk attacks, and thermal leakage attacks.
This HaSS special issue focuses on the security of multi-tenant computing systems. The aim is to provide a spectrum of challenges, approaches, and solutions, and provide an authoritative reference of the state-of-the-art. Its scope includes CPUs, GPUs, and FPGAs. Submissions from academia, industry, and government are encouraged.