CISPA
Browse

Poster: Isolating PIM from OS Level Adversaries

Download (118.06 kB)
poster
posted on 2025-03-20, 12:21 authored by Fabian van Rissenbeck, Amit Pravin ChoudhariAmit Pravin Choudhari, Christian RossowChristian Rossow
Modern cloud infrastructures run data-intensive workloads in multi-tenant environments, where shared hardware resources–especially CPU caches–are vulnerable to side-channel attacks that reveal access patterns [2]. While cache isolation can mitigate these risks, it is impractical at scale [3]. Processing-in-Memory (PIM) architectures, like UPMEM’s, restructure traditional von Neumann architectures by embedding small RISC-style processors directly into DRAM chips [5, 4]. A PIM architecture can be beneficial for combating some classes of sidechannel attacks, because moving computation closer to data inherently reduces the amount of cache-based leakage. Current PIM systems lack critical security primitives such as secure key storage and random number generation, however some simulated PIM architectures have included such hardware extensions [1]. Additionally, we currently see no mechanism to leverage Trusted Execution Environments (TEEs) like Intel SGX and Arm TrustZone to extend their protection to PIM modules, leaving PIM fully exposed in scenarios with strong adversaries. We propose a software-based solution leveraging a trusted hypervisor and TPM to enable PIM computation within a trusted environment.

History

Primary Research Area

  • Secure Connected and Mobile Systems

Open Access Type

  • Not Open Access

BibTeX

@misc{van Rissenbeck:Choudhari:Rossow:2025, title = "Poster: Isolating PIM from OS Level Adversaries", author = "van Rissenbeck, Fabian" AND "Choudhari, Amit Pravin" AND "Rossow, Christian", year = 2025, month = 3, doi = "10.46586/uasc.2025.202" }

CISPA Affiliation

  • Yes

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC