S2TAR: Shared Secure Trusted Accelerators with Reconfiguration for Machine Learning in the Cloud

Wei Ren, Sandhya Koteshwara, Mengmei Ye, Hubertus Franke, Deming Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The demand for hardware accelerators such as Tensor Processing Units (TPUs) and Graphics Processing Units (GPUs) is rapidly increasing due to growing Machine Learning (ML) workloads. As with any shared computing resources, there is a growing need to dynamically adjust and scale accelerator services while ensuring data privacy and confidentiality, especially in cloud environments. We propose a secure and reconfigurable TPU design with confidential computing support, achieved through a Trusted Execution Environment (TEE) framework tailored for reconfigurable TPU in a multi-tenant cloud. Our contributions include a novel TPU design based on switchbox-enabled systolic arrays to support rapid dynamic partitioning. We evaluate our TPU design with TEEs in shared environments, achieving up to 42.1 % higher performance for realistic ML inference workloads. Our remote attestation protocol extends to sub-device partitions, providing trustworthiness on a fine-grained level and decouples host and accelerator TEEs into separate attestation reports without degrading security guarantees. Our work presents a new TEE framework for secure and reconfigurable ML accelerators in a multi-tenant cloud environment.

Original languageEnglish (US)
Title of host publicationProceedings - 2024 IEEE 17th International Conference on Cloud Computing, CLOUD 2024
EditorsRong N. Chang, Carl K. Chang, Jingwei Yang, Nimanthi Atukorala, Zhi Jin, Michael Sheng, Jing Fan, Kenneth Fletcher, Qiang He, Tevfik Kosar, Santonu Sarkar, Sreekrishnan Venkateswaran, Shangguang Wang, Xuanzhe Liu, Seetharami Seelam, Chandra Narayanaswami, Ziliang Zong
PublisherIEEE Computer Society
Pages267-278
Number of pages12
ISBN (Electronic)9798350368536
DOIs
StatePublished - 2024
Event17th IEEE International Conference on Cloud Computing, CLOUD 2024 - Shenzhen, China
Duration: Jul 7 2024Jul 13 2024

Publication series

NameIEEE International Conference on Cloud Computing, CLOUD
ISSN (Print)2159-6182
ISSN (Electronic)2159-6190

Conference

Conference17th IEEE International Conference on Cloud Computing, CLOUD 2024
Country/TerritoryChina
CityShenzhen
Period7/7/247/13/24

Keywords

  • Cloud Computing
  • Confidential Computing
  • Dynamic Partitioning
  • Hardware Accelerators
  • Tensor Processing Units
  • Trusted Execution En-vironment

ASJC Scopus subject areas

  • Artificial Intelligence
  • Information Systems
  • Software

Fingerprint

Dive into the research topics of 'S2TAR: Shared Secure Trusted Accelerators with Reconfiguration for Machine Learning in the Cloud'. Together they form a unique fingerprint.

Cite this