supermem enabling application transparent secure
play

SuperMem: Enabling Application- transparent Secure Persistent Memory - PowerPoint PPT Presentation

Apr 15, 2023 •148 likes •494 views

SuperMem: Enabling Application- transparent Secure Persistent Memory with Low Overheads Pengfei Zuo 1,2 , Yu Hua 1 , Yuan Xie 2 1 Huazhong University of Science and Technology, China 2 University of California at Santa Barbara, USA 52nd IEEE/ACM

  1. SuperMem: Enabling Application- transparent Secure Persistent Memory with Low Overheads Pengfei Zuo 1,2 , Yu Hua 1 , Yuan Xie 2 1 Huazhong University of Science and Technology, China 2 University of California at Santa Barbara, USA 52nd IEEE/ACM International Symposium on Microarchitecture ( MICRO ), 2019

  2. Images from Internet DRAM � Persistent Memory Low power Low power 2

  3. Two Key Challenges for Persistent Memory Persistence Security Core username, Cache password Volatile: Inconsistency Non-volatile: Persistent Memory Persistent Memory Gap between persistence and security: � Clflush, mfence & logging for crash consistency � Memory encryption for data security Encryption incurs new inconsistency problem 3

  4. Counter Mode Encryption Write Write Counter Data CPU Cache Counter Cache Back Back AES Engine XOR One-time pad Encrypted Data 4

  5. Counter Mode Encryption Write Write CPU Cache Counter Cache Back Back Updated Encrypted Counter Data 5

  6. Crash Inconsistency Caused by Encryption Write Write CPU Cache Counter Cache Back Back Updated Encrypted Counter Data � Data and counter cannot reach NVM at the same time 6

  7. Crash Inconsistency Caused by Encryption Write Write CPU Cache Counter Cache Back Back Updated Encrypted CASE 1: Counter Data � Data and counter cannot reach NVM at the same time 7

  8. Crash Inconsistency Caused by Encryption Write Write CPU Cache Counter Cache Back Back Updated Encrypted CASE 2: Counter Data � Data and counter cannot reach NVM at the same time 8

  9. Crash Inconsistency Caused by Encryption Clflush Write Write CPU Cache Counter Cache Back Back Updated Encrypted Counter Data � Data and counter cannot reach NVM at the same time � Clflush and mfence cannot operate the counter cache 9

  10. Existing Solutions (Write-back Counter Cache) Large Battery Backup Software-level Modification Error Correction [Awad et al., ASPLOS’16] [Liu et al., HPCA’18] [Ye et al., MICRO’18] [Zuo et al., MICRO’18] New programming primitives • counter_cache_writeback() Check CPU Counter • CounterAtomic Cache Cache App Battery Unencrypted Encrypted Expensive Portability limitation Long recovery time 10

  11. SuperMem: Secure and Persistent Memory � Exploit a write-through counter cache – No large battery backup – No software-level modifications – No need to correct counters – Double writes � A counter write coalescing scheme – Reduce the number of write requests � A cross-bank counter storage scheme Asynchronous DRAM refresh (ADR): – Speedup memory writes cache lines reaching the write queue can be considered durable. 11

  12. SuperMem: Secure and Persistent Memory Application-transparent Write-through counter cache ( Guarantee consistency ) Counter write coalescing ( Reduce writes ) Cross-bank counter storage Asynchronous DRAM refresh (ADR): ( Speedup writes ) cache lines reaching the write queue can be considered durable. 12

  13. SuperMem: Secure and Persistent Memory Write-through counter cache ( Guarantee consistency ) Counter write coalescing ( Reduce writes ) Cross-bank counter storage Asynchronous DRAM refresh (ADR): ( Speedup writes ) cache lines reaching the write queue can be considered durable. 13

  14. Write-through Counter Cache � Ensure that data and its counter reach the write queue in the same time – Write through counter cache Flu(A) Ret(A) CPU Ack(A) Memory Ctrl Read(Ac) Ac++ Enc(A) App(Ac) App(A) Write Queue 14

  15. Write-through Counter Cache � Ensure that data and its counter reach the write queue in the same time – Write through counter cache – Add a register Flu(A) Ret(A) CPU Read(Ac) Ac++ Enc(A) Memory Ctrl Ack(A) Write Queue App(Ac+A) Sto(Ac) Sto(A) Register 15

  16. SuperMem: Secure and Persistent Memory Write-through counter cache ( Guarantee consistency ) Counter write coalescing ( Reduce writes ) Cross-bank counter storage Asynchronous DRAM refresh (ADR): ( Speedup writes ) cache lines reaching the write queue can be considered durable. 16

  17. Cross-bank Counter Storage � SingleBank: Counters are stored in a continuous area in NVM [ASPLOS’15, ASPLOS’16, HPCA’18] Data 0 Data 1 Data 2 Ctr 0, Ctr 1, Ctr 2 Bank ID: 0 1 2 3 4 5 6 7 Data Area Bottleneck Ctr Area 17

  18. Cross-bank Counter Storage � SameBank: Stores the counters of data into their local banks 2X write latency Ctr 0, Data 0 Ctr 1, Data 1 Ctr 2, Data 2 Bank ID: 0 1 2 3 4 5 6 7 Data Area Ctr Area 0 1 2 3 4 5 6 7 18

  19. Cross-bank Counter Storage � XBank: Stores each data and its counter into different banks to leverage bank parallelism Data 0 Data 1 Data 2 Ctr 0 Ctr 1 Ctr 2 Bank ID: 0 1 2 3 4 5 6 7 Data Area Ctr Area 4 5 6 7 0 1 2 3 19

  20. SuperMem: Secure and Persistent Memory Write-through counter cache ( Guarantee consistency ) Counter write coalescing ( Reduce writes ) Cross-bank counter storage Asynchronous DRAM refresh (ADR): ( Speedup writes ) cache lines reaching the write queue can be considered durable. 20

  21. Locality-aware Counter Write Coalescing � Spatial locality of counter storage – All counters of a page are stored in a counter line … … … … A page: Line 1 Line 2 Line 3 Line 4 Line 64 (64 lines) … A counter line: M m 1 m 2 m 3 m 4 m 64 (64B) 21

  22. Locality-aware Counter Write Coalescing � Spatial locality of counter storage – All counters of a page are stored in a counter line … … … … A page: Line 1 Line 2 Line 3 Line 4 Line 64 (64 lines) A log entry or the transaction data � Spatial locality of log and data writes 22

  23. Locality-aware Counter Write Coalescing � An example of writing 4 lines within a page … … … … A page: Line 1 Line 2 Line 3 Line 4 Line 64 (64 lines) 23

  24. Locality-aware Counter Write Coalescing � An example of writing 4 lines within a page Cache A B C D Dc D Cc C Bc B Ac A Write Queue 24

  25. Locality-aware Counter Write Coalescing � An example of writing 4 lines within a page … Ac: ' M m 1 m 2 m 3 m 4 m 64 … ' m 2 Bc: ' M m 1 m 3 m 4 m 64 … ' m 2 ' m 3 Cc: ' M m 1 m 4 m 64 … ' m 2 ' m 3 ' m 4 Dc: ' M m 1 m 64 Dc D Cc C Bc B Ac A Write Queue 25

  26. Locality-aware Counter Write Coalescing � Coalescing counter writes in the write queue … Ac: ' M m 1 m 2 m 3 m 4 m 64 … ' m 2 Bc: ' M m 1 m 3 m 4 m 64 … ' m 2 ' m 3 Cc: ' M m 1 m 4 m 64 … ' m 2 ' m 3 ' m 4 Dc: ' M m 1 m 64 Dc D Cc C Bc B Ac A Write Queue 26

  27. Locality-aware Counter Write Coalescing (CWC) � Coalescing counter writes in the write queue With CWC Dc D C B A Without CWC Dc D Cc C Bc B Ac A Write Queue 27

  28. Performance Evaluation � Model NVM using gem5 and NVMain Comparisons Benchmarks Unsec: An un-encrypted NVM Array: Randomly swapping entries WB: An ideal write-back scheme Queue: Randomly enqueueing and dequeueing WT: A write-through scheme B-tree: Inserting random KVs WT+CWC: A write-through scheme with CWC Hash Table: Inserting random KVs WT+Xbank: A write-through RB-tree: Inserting random KVs scheme with XBank SuperMem 28

  29. Transaction Execution Latency – Single-core Normalized Execution Latency Unsec WB WT WT+CWC WT+XBank SuperMem Normalized Execution Latency Unsec WB WT WT+CWC WT+XBank SuperMem 2.0 2.0 WT+CWC 1.5 1.5 1.0 1.0 0.5 0.5 0.0 0.0 Array Queue B-tree Hash Table RB-tree Array Queue B-tree Hash Table RB-tree Transaction size: 256B Transaction size: 4KB � SuperMem achieves the performance comparable to a secure NVM with an ideal write-back cache (WB) 29

  30. Transaction Execution Latency – Multi-core Normalized Execution Latency Unsec WB WT WT+CWC WT+XBank SuperMem Normalized Execution Latency Unsec WB WT WT+CWC WT+XBank SuperMem 2.0 2.0 WT+XBank 1.5 1.5 1.0 1.0 0.5 0.5 0.0 0.0 Array Queue B-tree Hash Table RB-tree Array Queue B-tree Hash Table RB-tree 8 programs 2 programs � SuperMem achieves the performance comparable to a secure NVM with an ideal write-back cache (WB) 30

  31. The Number of Write Requests Unsec WB WT SuperMem Unsec WB WT SuperMem Unsec WB WT SuperMem Normalized # of Writes Normalized # of Writes Normalized # of Writes 2.0 2.0 2.0 1.5 1.5 1.5 1.0 1.0 1.0 0.5 0.5 0.5 0.0 0.0 0.0 y e e e e Array Queue B-tree Hash Table RB-tree Array Queue B-tree Hash Table RB-tree a l u e e b r e r r a r t t A u - - T B B Q R h s a H Transaction size: 256B Transaction size: 1KB Transaction size: 4KB � SuperMem reduces up to 50% of write requests by using the CWC scheme 31

  32. Conclusion Problem � Memory encryption incurs crash inconsistency issue Existing Work � Using a write-back counter cache � Large battery backup, software-level modification, or error correction Our Solution � SuperMem: exploit a write-through counter cache � Large battery backup, software-level modification, error correction � Counter write coalescing for reducing writes � Cross-bank counter storage for speeding up writes 32

  33. Thanks! Q&A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Enabling Transparent Asynchronous I/O using Background Threads HPC I/O Synchronous

Enabling Transparent Asynchronous I/O using Background Threads HPC I/O Synchronous

Enabling Transparent Asynchronous I/O using Background Threads HPC I/O Synchronous Code executes in sequence. Computation is blocked by I/O, waste system resources. Asynchronous Code may execute out of order.

351 views • 22 slides
Application-Transparent Checkpoint/Restart for MPI Programs over InfiniBand Qi Gao, Weikuan Yu,

Application-Transparent Checkpoint/Restart for MPI Programs over InfiniBand Qi Gao, Weikuan Yu,

Application-Transparent Checkpoint/Restart for MPI Programs over InfiniBand Qi Gao, Weikuan Yu, Wei Huang, Dhabaleswar K. Panda Network-Based Computing Laboratory Department of Computer Science & Engineering The Ohio State University

635 views • 26 slides
Enabling Secure Web Payments with GNU Taler J. Burdges, F. Dold, C. Grothoff , M. Stanisci

Enabling Secure Web Payments with GNU Taler J. Burdges, F. Dold, C. Grothoff , M. Stanisci

Enabling Secure Web Payments with GNU Taler J. Burdges, F. Dold, C. Grothoff , M. Stanisci Institut National de Recherche en Informatique et en Automatique (Inria) The GNU Project Ashoka Fellow 17.12.2016 I think one of the big things that

715 views • 57 slides
Derivation Systems and Verisimilitude (An Application of Transparent Intensional Logic) Logika:

Derivation Systems and Verisimilitude (An Application of Transparent Intensional Logic) Logika:

Derivation Systems and Verisimilitude (An Application of Transparent Intensional Logic) Logika: systmov rmec rozvoje oboru v R a koncepce logickch propedeutik pro mezioborov studia (reg. . CZ.1.07/2.2.00/28.0216, OPVK) doc. PhDr.

402 views • 37 slides
A Light Introduction to Transparent Intensional Logic and its Application in Semantics Logika:

A Light Introduction to Transparent Intensional Logic and its Application in Semantics Logika:

A Light Introduction to Transparent Intensional Logic and its Application in Semantics Logika: systmov rmec rozvoje oboru v R a koncepce logickch propedeutik pro mezioborov studia (reg. . CZ.1.07/2.2.00/28.0216, OPVK) doc. PhDr.

1.05k views • 45 slides
Enabling the Aviation CO 2 Allowance Trading Through Secure Market Mechanisms Massimiliano Zanin

Enabling the Aviation CO 2 Allowance Trading Through Secure Market Mechanisms Massimiliano Zanin

Enabling the Aviation CO 2 Allowance Trading Through Secure Market Mechanisms Massimiliano Zanin mz@innaxis.org Secure CO 2 allowance trading :: Introduction Secure CO 2 allowance trading :: Introduction Problem: Computing without trust

598 views • 25 slides
Prompt Application-Transparent Transaction Revalidation in Software Transactional Memory Simone

Prompt Application-Transparent Transaction Revalidation in Software Transactional Memory Simone

Prompt Application-Transparent Transaction Revalidation in Software Transactional Memory Simone Emiliano Pierangelo Alessandro Economo Silvestri Di Sanzo Pellegrini DIAG Sapienza University of Rome Francesco Quaglia DICII

609 views • 23 slides
Enabling Secure Ad-hoc Group Collaboration over Bluetooth Scatternets Somil Asthana (

Enabling Secure Ad-hoc Group Collaboration over Bluetooth Scatternets Somil Asthana (

Enabling Secure Ad-hoc Group Collaboration over Bluetooth Scatternets Somil Asthana ( asthana@cse.buffalo.edu ) Dimitris Kalfonos ( dimitris.kalofonos@nokia.com ) Outline Introduction Related Work Motivating User Scenario

302 views • 18 slides
ENABLING SSH PROTOCOL VISIBILITY IN FLOW MONITORING Wednesday 10 th April, 2019 Pavel ELEDA

ENABLING SSH PROTOCOL VISIBILITY IN FLOW MONITORING Wednesday 10 th April, 2019 Pavel ELEDA

ENABLING SSH PROTOCOL VISIBILITY IN FLOW MONITORING Wednesday 10 th April, 2019 Pavel ELEDA Petr VELAN, Benjamin KRL Ondej KOZK Introduction SSH Secure Shell provides secure connection over an unsecured network remote command-line

543 views • 18 slides
AA enabling a closed source legacy application Jan Du Caju ICT security officer K.U.Leuven

AA enabling a closed source legacy application Jan Du Caju ICT security officer K.U.Leuven

EuroCAMP 15nov2007 AA enabling a closed source legacy application Jan Du Caju ICT security officer K.U.Leuven Belgium Jan.DuCaju@icts.KULeuven.be EuroCAMP 15nov2007 AA enabling a closed source legacy application Introduction: context

426 views • 26 slides
NRCs Advanced Reactors Program Enabling the Safe and Secure Use of Nuclear Materials

NRCs Advanced Reactors Program Enabling the Safe and Secure Use of Nuclear Materials

NRCs Advanced Reactors Program Enabling the Safe and Secure Use of Nuclear Materials Commission Meeting April 24, 2018 Agenda NRCs Advanced Reactors Program Fred Brown Licensing Readiness and Potential Policy Issues

480 views • 25 slides
Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud

Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud

Enabling Cloud-Native Applications with Application Credentials in Keystone Colleen Murphy Cloud Developer at SUSE cmurphy @_colleenm Overview Why we needed application credentials What are application credentials? (with demo!)

637 views • 25 slides
TOWARDS TRANSPARENT ZERO- KNOWLEDGE COMPUTATION - BASED ON 10 YEARS OF COMMERCIAL USE Kurt

TOWARDS TRANSPARENT ZERO- KNOWLEDGE COMPUTATION - BASED ON 10 YEARS OF COMMERCIAL USE Kurt

TOWARDS TRANSPARENT ZERO- KNOWLEDGE COMPUTATION - BASED ON 10 YEARS OF COMMERCIAL USE Kurt Nielsen (Co-founder and CEO Partisia) Transparency and scalability PROTOCOLS PLATFORMS Landmark paper Secure Multiparty Computation Goes Live

773 views • 21 slides
Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu.

Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu.

Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu. Canonical and Ubuntu | Best of both worlds CANONICAL Ubuntu Commercial backing #1 Linux Desktop for the #1 general purpose Linux OS: #1 Cloud OS

1.41k views • 26 slides
OperationCheckpoint: SDN Application Control Workshop on Secure Network Protocols (NPSec14) 19

OperationCheckpoint: SDN Application Control Workshop on Secure Network Protocols (NPSec14) 19

OperationCheckpoint: SDN Application Control Workshop on Secure Network Protocols (NPSec14) 19 October 2014 Sandra Scott-Hayward, Christopher Kane and Sakir Sezer s.scott-hayward@qub.ac.uk Centre for Secure Information Technologies (CSIT)

359 views • 20 slides
GEF 5

GEF 5

GEF 5 Funds System for Transparent Allocation of Resources (STAR) Enabling Activities GEF 5 Star Focal Area Allocations Biodiversity (1.2bb)

386 views • 11 slides
Best practices and theoretical foundations for delivering agricultural health and safety research

Best practices and theoretical foundations for delivering agricultural health and safety research

Best practices and theoretical foundations for delivering agricultural health and safety research to stakeholders Lisa K. Lundy, Ph.D., APR Associate Professor, Department of Agricultural Education and Communication, University of Florida

492 views • 17 slides
Reachability problem for polynomial iteration is PSPACE-complete Reino Niskanen Department of

Reachability problem for polynomial iteration is PSPACE-complete Reino Niskanen Department of

Introduction Definitions Polynomial iteration Higher dimensions Conclusion Reachability problem for polynomial iteration is PSPACE-complete Reino Niskanen Department of Computer Science University of Liverpool, UK 11th International

835 views • 56 slides
Motivation Resource Description Framework (RDF) Describe all resources Make them

Motivation Resource Description Framework (RDF) Describe all resources Make them

Motivation Resource Description Framework (RDF) Describe all resources Make them machine-readable Provide common framework among different applications How to do this? What is RDF? Create a framework using an application-

532 views • 11 slides
Semantic Web Rules - Tools and Languages - Tutorial at Rule ML 2006, Athens, GA Holger Knublauch

Semantic Web Rules - Tools and Languages - Tutorial at Rule ML 2006, Athens, GA Holger Knublauch

Semantic Web Rules - Tools and Languages - Tutorial at Rule ML 2006, Athens, GA Holger Knublauch Semantic Web Languages RDF Schema OWL SWRL Jena Rules Language SPARQL RDF Triples are the common foundation RDF

319 views • 29 slides
Them/Femtor *Themtor and Femtor: Inclusive terms used to describe non-binary, feminine people

Them/Femtor *Themtor and Femtor: Inclusive terms used to describe non-binary, feminine people

Them/Femtor *Themtor and Femtor: Inclusive terms used to describe non-binary, feminine people across all genders What is the difgerence? Advisors Academic & Major Counselors Them/FemMentors At community college Anyone Therapists-SJSU

576 views • 11 slides
CS344M Autonomous Multiagent Systems Patrick MacAlpine Department of Computer Science The

CS344M Autonomous Multiagent Systems Patrick MacAlpine Department of Computer Science The

CS344M Autonomous Multiagent Systems Patrick MacAlpine Department of Computer Science The University of Texas at Austin Good Afternoon, Colleagues Are there any questions? Patrick MacAlpine Good Afternoon, Colleagues Are there any

593 views • 47 slides
CS344M Autonomous Multiagent Systems Todd Hester Department of Computer Science The University

CS344M Autonomous Multiagent Systems Todd Hester Department of Computer Science The University

CS344M Autonomous Multiagent Systems Todd Hester Department of Computer Science The University of Texas at Austin Good Afternoon, Colleagues Are there any questions? Todd Hester Good Afternoon, Colleagues Are there any questions? Todd

797 views • 48 slides
By a hierarchic system, or hierarchy, I mean a sys- tem that is composed of interrelated

By a hierarchic system, or hierarchy, I mean a sys- tem that is composed of interrelated

By a hierarchic system, or hierarchy, I mean a sys- tem that is composed of interrelated subsystems, each of the latter being in turn hierarchic in structure until we reach some lowest level of elementary subsystem. In most systems of nature it

312 views • 30 slides

More recommend