Security in multi-user, large-scale computing endeavors, including High-Performance Computing (HPC) and Cloud, has traditionally been an "operational" challenge (i.e., restrict access and usage to certified users). However, as more areas of public interest rely on such computing capabilities and infrastructures, a hands-off approach to security in favor of performance and power is becoming imprudent at best. Paired with HPC's and Cloud computing's roles as early technology adopters and providers, new early target-worthy vulnerabilities are emerging that are not necessarily found in other computing scenarios that operate with more established technologies.
In addition to early adoption vulnerabilities, the exploits specific to emerging large-scale computing arise from acute hardware heterogeneity, novel network technologies/topologies, and massive resource management orchestration, including power consumption. On the software side, potential vulnerabilities stem from heavy reliance on open-source software developed by volunteer programmers, experimental software not hardened by numerous deployments and rigorous processes, and dusty deck software deployed with a lack of regular maintenance. The combination of commercial and single-node exploits creates a new attack surfaces.
This workshop focuses on threats and solutions across the HPC hardware/software stack. These threats include weaknesses in current and future architectural designs, escalation of privileges through data extraction or computation manipulation, and intentional misuse of resources across scientific instruments feeding HPC machines.
We solicit papers on all topics related to security of high-performance computing, from hardware to run-time software to applications. We welcome both papers exploring new attacks and threat models as well as defenses. The topics of interest include, but are not limited to, the following:
Designed with Mobirise web theme