Confidential Computing on Heterogeneous CPU-GPU Systems: Survey and Future Directions

TL;DR

This paper surveys the security challenges and future directions of confidential computing in heterogeneous CPU-GPU systems, focusing on Trusted Execution Environments (TEEs) and potential attack surfaces.

Contribution

It provides a comprehensive review of GPU TEE designs, analyzes security risks, and offers insights for designing secure and efficient heterogeneous systems.

Findings

Identifies potential attack surfaces in GPU TEEs.

Summarizes existing GPU TEE designs and their security implications.

Reviews attacks on GPUs and TEEs, and mitigation strategies.

Abstract

In recent years, the widespread informatization and rapid data explosion have increased the demand for high-performance heterogeneous systems that integrate multiple computing cores such as CPUs, Graphics Processing Units (GPUs), Application Specific Integrated Circuits (ASICs), and Field Programmable Gate Arrays (FPGAs). The combination of CPU and GPU is particularly popular due to its versatility. However, these heterogeneous systems face significant security and privacy risks. Advances in privacy-preserving techniques, especially hardware-based Trusted Execution Environments (TEEs), offer effective protection for GPU applications. Nonetheless, the potential security risks involved in extending TEEs to GPUs in heterogeneous systems remain uncertain and need further investigation. To investigate these risks in depth, we study the existing popular GPU TEE designs and summarize and compare their key implications. Additionally, we review existing powerful attacks on GPUs and traditional TEEs deployed on CPUs, along with the efforts to mitigate these threats. We identify potential attack surfaces introduced by GPU TEEs and provide insights into key considerations for designing secure GPU TEEs. This survey is timely as new TEEs for heterogeneous systems, particularly GPUs, are being developed, highlighting the need to understand potential security threats and build both efficient and secure systems.