Lightweight, Secure and Stateful Serverless Computing with PSL

TL;DR

PSL is a lightweight, secure, and stateful serverless framework leveraging TEEs and WASM, achieving high performance and scalability for distributed applications like neural network training.

Contribution

Introduces PSL, a novel TEE-based FaaS framework supporting WASM with JIT, secure storage, and high-speed execution, advancing serverless computing security and efficiency.

Findings

Achieves up to 3.7x faster execution than existing SGX WASM runtimes.

Reaches 95k ops/sec with read workload, 89k ops/sec with mixed workload.

Demonstrates scalability through distributed neural network training case study.

Abstract

We present PSL, a lightweight, secure and stateful Function-as-a-Serivce (FaaS) framework for Trusted Execution Environments (TEEs). The framework provides rich programming language support on heterogeneous TEE hardware for statically compiled binaries and/or WebAssembly (WASM) bytecodes, with a familiar Key-Value Store (KVS) interface to secure, performant, network-embedded storage. It achieves near-native execution speeds by utilizing the dynamic memory mapping capabilities of Intel SGX2 to create an in-enclave WASM runtime with Just-In-Time (JIT) compilation. PSL is designed to efficiently operate within an asynchronous environment with a distributed tamper-proof confidential storage system, assuming minority failures. The system exchanges eventually-consistent state updates across nodes while utilizing release-consistent locking mechanisms to enhance transactional capabilities. The execution of PSL is up to 3.7x faster than the state-of-the-art SGX WASM runtime. PSL reaches 95k ops/s with YCSB 100% read workload and 89k ops/s with 50% read/write workload. We demonstrate the scalability and adaptivity of PSL through a case study of secure and distributed training of deep neural networks.