Minisymposium Presentation

Tim Dykes and Martin Matthiesen will discuss the topic of confidential high performance computing from both the platform vendor and operational perspectives in the context of Europe's HPC Flagship LUMI. The talk will initially outline the requirement for secure workloads in HPC, highlighting the challenges presented by system architecture, system software, applications, typical usage patterns, threat models, and common misconceptions surrounding confidentiality and data processing. We will briefly cover examples of existing approaches to support confidential workloads on HPC systems, and then present an overview of a joint effort to develop an end-to-end container-based technology prototype for remote workload execution on Cray EX supercomputers. We consider protection from in-storage, in-flight, and in-execution access by third parties through container encryption, secure sub-networks, and a fully attested hardware and software stack, without requiring any application modification. We will discuss our experiences building this technology from both the platform vendor and data-center operator perspectives, and contrast with other approaches also in use. We will summarise highlighting future work and outstanding challenges to be solved.