SELECT: Secure and Lightweight Computing Environment for HPC Systems

Period of Performance: 04/11/2016 - 04/10/2018

$1MM

Phase 2 SBIR

Recipient Firm

Intelligent Automation, Inc.
15400 Calhoun Dr, Suite 190
Rockville, MD 20855
Firm POC
Principal Investigator

Abstract

The increased accessibility via remote login, along with steadily growing numbers of HPC users and projects, poses a challenging question for HPC system management: How to secure HPC systems and protect the data inside these systems? There are several challenging issues that prevent the direct deployment of existing personal computer or cloud security tools in HPC systems: 1) The overhead introduced by existing security solutions must not degrade the high computing performance, and security solutions for HPC systems must be lightweight and have small footprint; 2) security design for HPC can be tailored particularly to such platform environments (e.g., the leadership class HPC in DOE) in order to optimize the efficiency and minimize the overhead as the HPC systems generally have static software and/or hardware configurations; 3) as HPC systems are mission-critical computing infrastructures that accommodate a large number of remote login users from distinct locations, strong defense must be deployed to empower HPC systems with the capability of preventing potential zero-day attacks via remote login access that exploit previously unknown vulnerabilities; 4) data leakage prevention in HPC systems is even more critical than protecting data in personal computers or commercial clouds as data stored in HPC systems is export-controlled and even related to national security. As a result, providing strong cyber security tools to protect the data and prevent tampering in HPC systems is of critical importance to DOE’s HPC systems as well as other national HPC facilities. Nonetheless, despite such emerging demands, there are still no comprehensive software design and implementation to systemically address cyber security issues in HPC systems. Statement of How this Problem or Situation is Being Addressed: To address this critical need, Intelligent Automation Inc. (IAI) proposes to develop a Secure and Lightweight Computing Environment (SELECT) software tool for DOE’s leadership class HPC systems. The key innovation is to integrate both coarse-grained security and fine-grained security with low overhead to provide real-time tampering and data leakage detection regardless its source, which can be outsider attacks, insider attacks, or even user mis-configurations. Commercial Applications and Other Benefits: We envision that the proposed techniques, tools and software have a significant impact on the cyber security enhancement for HPC systems. In addition to the security enhancement, the result of this STTR effort can be extended and tailored for HPC systems in other government agencies and industry and to optimize the efficiency and minimize the overhead. IAI is well positioned to promote the introduction of the proposed techniques and software tools into a wide variety of commercial and military applications.