Security in High-Performance Computing (HPC) has traditionally been an "operational" challenge (i.e., restrict access and usage to certified users). However, as HPC gradually permeates more areas of public interest, a hands-off approach to security aspects in favor of performance and power is becoming imprudent at best. Paired with HPC's traditional role of early technology adoption, a new set of early target-worthwhile vulnerabilities are emerging that are not necessarily found in other computing scenarios that operate with more established technologies.

In addition to early adoption vulnerabilities, the exploits specific to the HPC community arise from acute hardware heterogeneity (including distributed computing ecosystems); novel network technologies/topologies; massive resource management orchestration including power, compute, networking, and storage; heavy reliance on open software by volunteer overworked programmers; brittle experimental software not hardened by numerous deployments; and dusty deck software with no regular maintenance schedule. Further complicating this landscape is the integration of numerical HPC with data-driven methodologies, including Machine Learning, expanding potential attack surfaces to include data capture, storage, and transmission. In combination with commercial, single-node exploits, these vulnerabilities open fertile and complex new attack surfaces.

This workshop focuses on threats and solutions across the HPC hardware/software stack. These threats include weaknesses in current and future architectural designs, escalation of privileges through data extraction or computation manipulation, and intentional misuse of resources across scientific instruments feeding HPC machines.

We solicit papers on all topics related to security of high-performance computing, from hardware to run-time software to applications. We welcome both papers exploring new attacks and threat models as well as defenses. The topics of interest include, but are not limited to, the following:

• Data privacy related to emerging Artificial Intelligence and Machine Learning models.
• Data provenance in large-scale and distributed computing workflows.
• Attack surfaces of HPC and distributed computing ecosystems.
• Attack surfaces of HPC data feeding instruments and sensors.
• Attack detection methods and tools and their effectiveness in HPC systems.
• Tradeoffs between HPC performance, power, and security.
• Security enhanced co-design of HPC systems.
• Security enhanced operation of HPC systems.
• Security enhanced prescriptive programming of HPC systems.
• Security challenges of extreme heterogeneity and proposed solutions
• Security challenges of large-scale resource management
• The scalability of current and proposed security solutions
• Evaluation of the current and proposed security solutions in extreme heterogeneous environments

Invited Speaker: Dr. Yanan Guo, University of Rochester

 

Title: Threads of Trouble: Unveiling GPU Software and Hardware Security Flaws

 

Abstract

Modern computing systems face significant security challenges. While vulnerabilities in CPUs have been extensively studied, GPUs--an increasingly important component of today's computing platforms--have received much less attention. In this talk, I will present our recent studies that aim to bridge this gap. In the first part, I will discuss our findings on GPU memory management systems and demonstrate how weaknesses in their design can be exploited to compromise GPU applications and, in some cases, even CPU applications. In the second part, I will introduce hardware side channels on modern GPUs and show that, despite the adoption of hardware isolation mechanisms, powerful side-channel attacks can still be launched, which pose serious privacy risks to applications such as video games. Finally, I will conclude the talk with a brief discussion of potential countermeasures and directions for future research in GPU security.

Bio:

Yanan Guo is an Assistant Professor in the CS Department at the University of Rochester. Her research interests lie in computer architecture and cybersecurity, with a goal of building secure, high-performance computing systems. Her work focuses on microarchitectural side channels, memory exploitation, and machine learning security, and she has uncovered multiple vulnerabilities in CPU and GPU system and hardware designs. Her studies have been published in top security and systems venues such as CCS, S and P, USENIX Security, and ASPLOS. Her study on prefetch-based side channels was nominated for Top Picks in Hardware and Embedded Security in 2023, and she received the Best Ph.D. Dissertation Award from IEEE HOST in 2025.