This is an older story from earlier this year when the S3 ‘typo’ crash occurred – about using fuzzing to expose memory access. But given other exploits recently exposed I suspect a lot more people will take an interest in cloud services and general readiness, for crashes, security, or otherwise. One great place for articles is the Google Cloud Platform Blog itself – typically written by the actual engineers who make it happen.
Google recently launched GPUs on Google Cloud Platform (GCP), which will allow customers to leverage this hardware for highly parallel workloads. These GPUs are connected to our cloud machines via a variety of PCIe switches, and that required us to have a deep understanding of PCIe security.
Securing PCIe devices requires overcoming some inherent challenges. For instance, GPUs have become far more complex in the past few decades, opening up new avenues for attack. Since GPUs are designed to directly access system memory, and since hardware has historically been considered trusted, it’s difficult to ensure all the settings to keep it contained are set accurately, and difficult to ensure whether such settings even work. And since GPU manufacturers don’t make the source code or binaries available for the GPU’s main processes, we can’t examine those to gain more confidence. You can read more about the challenges presented by the PCI and PCIe specs here.
With the risk of malicious behavior from compromised PCIe devices, Google needed to have a plan for combating these types of attacks, especially in a world of cloud services and publicly available virtual machines. Our approach has been to focus on mitigation: ensuring that compromised PCIe devices can’t jeopardize the security of the rest of the computer.
Have an amazing project to share? Join the SHOW-AND-TELL every Wednesday night at 7:30pm ET on Google+ Hangouts.
Join us every Wednesday night at 8pm ET for Ask an Engineer!
Learn resistor values with Mho’s Resistance or get the best electronics calculator for engineers “Circuit Playground” – Adafruit’s Apps!
Maker Business — Limor Fried featured in NYC’s HER BIG IDEA!
Wearables — Get concrete solutions
Electronics — Probe Compensation
Biohacking — Dr. Rita Levi-Montalcini was a Centenarian Gonzo Biohacker
No comments yet.
Sorry, the comment form is closed at this time.