Chenxu Wang (Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China, Department of Computer Science and Engineering, Southern University of Science and Technology, China and Department of Computing, The Hong Kong Polytechnic University, China), Junjie Huang (Department of Computer Science and Engineering, Southern University of Science and Technology, China), Yujun Liang (Department of Computer Science and Engineering, Southern University of Science and Technology, China), Xuanyao Peng (Department of Computer Science and Engineering, Southern University of Science and Technology, China and University of Chinese Academy of Sciences, China), Yuqun Zhang (Department of Computer Science and Engineering, Southern University of Science and Technology, China), Fengwei Zhang (Department of Computer Science and Engineering, Southern University of Science and Technology, China and Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China), Jiannong Cao (Department of Computing, The Hong Kong Polytechnic University, China), Hang Lu (University of Chinese Academy of Sciences, China), Rui Hou (State Key Laboratory of Cyberspace Security Defense, IIE, Chinese Academy of Sciences, China and University of Chinese Academy of Sciences, China), Shoumeng Yan (Ant Group), Tao Wei (Ant Group), Zhengyu He (Ant Group)

Accelerator trusted execution environment (TEE) is a popular technique that provides strong confidentiality, integrity, and isolation protection on sensitive data/code in accelerators. However, most studies are designed for a specific CPU or accelerator and thus lack generalizability. Recent TEE surveys partially summarize the threats and protections of accelerator computing, while they have yet to provide a guide to building an accelerator TEE and compare the pros and cons of their security solutions. In this paper, we provide a holistic analysis of accelerator TEEs over the years. We conclude a typical framework of building an accelerator TEE and summarize the widely-used attack vectors, ranging from software to physical attacks. Furthermore, we provide a systematization of accelerator TEE's three major security mechanisms: (1) access control, (2) memory encryption/decryption, and (3) attestation. For each aspect, we compare varied security solutions in existing studies and conclude their insights. Lastly, we analyze the factors that influence the TEE deployment on real-world platforms, especially on the trusted computing base (TCB) and compatibility issues.

View More Papers

Characterizing the Implementation of Censorship Policies in Chinese LLM...

Anna Ablove (University of Michigan), Shreyas Chandrashekaran (University of Michigan), Xiao Qiang (University of California at Berkeley), Roya Ensafi (University of Michigan)

Read More

VDORAM: Towards a Random Access Machine with Both Public...

Huayi Qi (School of Computer Science and Technology, Shandong University, Qingdao, Shandong, China and Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China), Minghui Xu (School of Computer Science and Technology, Shandong University, Qingdao, Shandong, China), Xiaohua Jia (Department of Computer Science, City University of Hong Kong, Kowloon, Hong Kong SAR, China), Xiuzhen Cheng…

Read More

TYPEFUZZ: Type Coverage Directed JavaScript Engine Fuzzing (Registered Report)

Tobias Wienand (Ruhr-Universitat Bochum), Lukas Bernhard (Ruhr-Universitat Bochum), Flavio Toffalini (Ruhr-Universitat Bochum)

Read More