Security in High-Performance Computing (HPC) has traditionally been an "operational" challenge (i.e., restrict access and usage to certified users). However, as HPC gradually permeates more areas of public interest, a hands-off approach to security aspects in favor of performance and power is becoming imprudent at best. Paired with HPC's traditional role of early technology adoption, a new set of early target-worthwhile vulnerabilities are emerging that are not necessarily found in other computing scenarios that operate with more established technologies.

In addition to early adoption vulnerabilities, the exploits specific to the HPC community arise from acute hardware heterogeneity (including distributed computing ecosystems); novel network technologies/topologies; massive resource management orchestration including power, compute, networking, and storage; heavy reliance on open software by volunteer overworked programmers; brittle experimental software not hardened by numerous deployments; and dusty deck software with no regular maintenance schedule. Further complicating this landscape is the integration of numerical HPC with data-driven methodologies, including Machine Learning, expanding potential attack surfaces to include data capture, storage, and transmission. In combination with commercial, single-node exploits, these vulnerabilities open fertile and complex new attack surfaces.

This workshop focuses on threats and solutions across the HPC hardware/software stack. These threats include weaknesses in current and future architectural designs, escalation of privileges through data extraction or computation manipulation, and intentional misuse of resources across scientific instruments feeding HPC machines.

We solicit papers on all topics related to security of high-performance computing, from hardware to run-time software to applications. We welcome both papers exploring new attacks and threat models as well as defenses. The topics of interest include, but are not limited to, the following:

• Data privacy related to emerging Artificial Intelligence and Machine Learning models.
• Data provenance in large-scale and distributed computing workflows.
• Attack surfaces of HPC and distributed computing ecosystems.
• Attack surfaces of HPC data feeding instruments and sensors.
• Attack detection methods and tools and their effectiveness in HPC systems.
• Tradeoffs between HPC performance, power, and security.
• Security enhanced co-design of HPC systems.
• Security enhanced operation of HPC systems.
• Security enhanced prescriptive programming of HPC systems.

This year, we are excited to present a lineup of speakers who will address topics that are at the forefront of secuirty and privacy in HPC. Our keynote speaker, Robinson Pino from the DOE Office of Advanced Scientific Computing Research, will discuss the pressing need for security in the age of novel hardware architectures. We also have the privilege of hosting invited talks from Karen Karavenic, representing the National Science Foundation; Albert Reuther from MIT Lincoln Labs; and Ferdinando Fioretto from the University of Virginia. Their insights on security and privacy in the context of HPC systems and research are sure to be of great relevance to our work. For more information, please visit the S-HPC Program tab.