| Time | Event |
|---|---|
| 14:00 - 14:02 | Welcome: Presenter: Andres Marquez (PNNL) [slides] |
| 14:02 - 15:00 | Distinguished Speaker: Chair: Andres Marquez (PNNL) The 'S' in HPC Stands for Security Ryan Adamson (Oak Ridge National Laboratory) |
| 15:00 - 15:30 | Break |
| 15:30 - 15:55 | Invited Talk - Memory. Chair: Andres Marquez (PNNL) Thoughts on Security for CXL-3.x-GFAM Clusters with Embedded Computing Craig Warner (Micron) [slides] |
| 15:55 - 16:20 | Invited Talk - Architecture/System Software. Chair: Andres Marquez (PNNL) Information Security Controls Prioritisation: SABSA for HPC Nicolas Erdody (Open Parallel Ltd. Multicore World), Duncan Hall (IEEE Computer Society) [slides] |
| 16:20 - 16:40 | Research Paper - Performance Impact. Chair: Purushotham Bangalore Analyzing the Performance Impact of HPC Workloads with Gramine+SGX on 3rd Generation Xeon Scalable Processors Shinobu Miwa (University of Electro-Communications, Japan), Shin'ichiro Matsuo (Georgetown University) [slides] |
| 16:40 - 17:28 | Panel - Cybersecurity at large. Moderator: Rickey Gregg (DoD HPCMP) [slides] Risk Management Framework for High Performance Computers and Research, Development, Test, and Evaluation Panelists: Phillip F. Tartaglia (U.S. Army Research Lab DoD Supercomputing Resource Center (ARL-DSRC) SDREN ISSM); Ian Lee (Lawrence Livermore National Laboratory); James O. Waterman (DoD HPCMP Cybersecuirty/SCA-R); Albert Reuther (Lincoln Laboratory Supercomputing Center); Gary Key (DoD HPCMP Cybersecurity/SCA-R) |
| 17:28 - 17:30 | Closing Remaks Purushotham Bangalore |
HPC systems are designed to meet peak performance and scalability goals but today's security guidance and tools are designed for enterprise infosec. This means that it is quite difficult to secure HPC resources without impacting performance goals. In this talk, we will examine the key security differences between enterprise systems and the common features of HPC environments. We will also discuss a new HPC Security NIST publication (currently draft) and touch on how secure 'open science' research really needs to be. From there, we will explore emerging trends to keep track of such as scientific workflows that span multiple security domains and whether trusted computing and zero trust models can be adapted to HPC. Finally, we will demonstrate one example of a zero-day vulnerability found on a previous #1 top 500 system (disclosed and patched in 2018) to help motivate broader action to put an 'S' in HPC.
Ryan leads the HPC Security and Information Engineering Group at the Oak Ridge Leadership Computing Facility (OLCF). His group is responsible for delivering highly-scalable and reliable security services and telemetry platforms to the high-performance computing resources and staff at the OLCF. He holds a MS in Computer Science from the University of Tennessee. He has taught several computer architecture, hardware, and systems administration courses at Tennessee Tech and Pellissippi State Community College and has held the GIAC Exploit Researcher and Advanced Penetration Tester certification (GXPN). Ryan is currently pursuing a PhD in Engineering from Tennessee Tech University and is focusing on the challenges overlapping both HPC and Security disciplines.
Multi-host clusters built with CXL memory modules (enabled by the CXL 3.0 standard) provide a for an opportunity for power efficient computing. Enabling near data computing is not without it security challenges. This presentation identifies several security issues worthy of architectural considerations and approaches for mitigating these issues.
Craig Warner is currently the prototype architect in Micron's Scalable Memory Systems path finding group. He has over 30 years expertise in design and post-silicon validation of ASIC and FPGA designs. Many of his designs are core electronic components for Hewlett Packard Enterprise servers. His technical areas of expertise include IO architectures, cache coherency protocols, RISC-V processor architectures, and on-die interconnection networks. Craig received his MS in Computer Engineering from Purdue University and his BS in Computer Engineering from Iowa State University.
The SABSA (Sherwood Applied Business Security Architecture) model is a useful generic means of exploring users' preferences for reducing residual risks to acceptable levels given budgetary (financial, resource, time frames etc.) constraints while traceably supporting business objectives.
This talk presents why and how SABSA can be used in the HPC context to optimise selection of controls to address mandatory (e.g. pursuant to USA's National Strategic Computing Initiative establishment by Presidential Executive Order 13702) and discretionary security requirements.
Nicolás Erdödy founded Open Parallel in 2010 as a strategy and technology consultancy, specialized in next-gen high-tech ecosystems. A globally distributed company, Open Parallel was officially selected by the New Zealand Government in 2012 to contribute to the computing platform of the Square Kilometre Array radio telescope project (SKA) - the largest civil scientific and engineering instrument in the world. He was a prime author of the two SKA Memos that address security for HPC systems: "Considerations for the Science Data Processor (SDP) Operating System" and "Security for the SDP Architecture Considerations". Core knowledge developed for the SKA is behind Open Parallel's decadal project Whakarongo ki te Whenua (Listen to the Land) - a massive platform concept for NZ's Agritech and primary sector. At SC23, Nicolás will lead the 1st BoF session "Agriculture Empowered by Supercomputing". Nicolás is the Conference Director of the Multicore World conference series since 2011. He holds a Master of Entrepreneurship from the School of Business of University of Otago, New Zealand and studied Hydraulics (and Fortran) at the School of Engineering of Universidad de la República, Montevideo, Uruguay.
Designed with Mobirise web theme