Herramientas para el soporte de análisis de rendimiento

More, Andres

07 October 2013

Este documento describe una investigación realizada como trabajo final para la Especialización en Computo de Altas Prestaciones dictada en la Facultad de Informática de la Universidad Nacional de La Plata. El tema de investigación consiste en métodos y herramientas para el análisis del comportamiento de aplicaciones de alto rendimiento. Este trabajo contribuye con un resumen de la teoría de análisis de rendimiento más una descripción de las herramientas de soporte disponibles en el momento. Se propone también un proceso para analizar el rendimiento, ejemplificando su aplicación a un conjunto de núcleos de cómputo no triviales. Luego de la introducción de terminología y bases teóricas del análisis cuantitativo de rendimiento, se detalla la experiencia de utilizar herramientas para conocer donde se deberían localizar los esfuerzos de optimización. Este trabajo resume la experiencia que debe atravesar cualquier investigador en busca de las diferentes alternativas para el análisis de rendimiento; incluyendo la selección de herramientas de soporte y la definición de un procedimiento sistemático de optimización.

aplicaciones de alto rendimiento

análisis de rendimiento

Linpack

STREAM

Intel MPI Benchmarks

HPC Challenge

Software

Performance

Optimization

Ciencias Informáticas

Informática

Physical Layer Approach for Securing RFID Systems

Kaleem, Muhammad Khizer

January 2013

Radio Frequency IDentification (RFID) is a contactless, automatic identification wireless technology primarily used for identifying and tracking of objects, goods and humans. RFID is not only limited to identification and tracking applications. This proliferating wireless technology has been deployed in numerous securities sensitive applications e.g. access control, e-passports, contactless payments, driver license, transport ticking and health cards. RFID inherits all the security and privacy problems that are related to wireless technology and in addition to those that are specific to RFID systems. The security and privacy protection schemes proposed in literature for wireless devices are mostly secured through symmetric/asymmetric keys encryption/decryption and hash functions. The security of all these cryptographic algorithms depends on computationally complex problems that are hard to compute using available resources. However, these algorithms require cryptographic operations on RFID tags which contradict the low cost demand of RFID tags. Due to limited number of logic gates in tags, i.e., 5K-10K, these methods are not practical. Much research effort has done in attempt to solve consumer's privacy and security problem. Solutions that prevent clandestine inventory are mostly application layer techniques. To solve this problem, a new RFID physical layer scheme has been proposed namely Direct Sequence Backscatter Encryption (DSB Enc). The proposed scheme uses level generator to produce different levels before transmitting the signal to the tag. The tag response to the signal sent by the reader using backscatter communications on the same signal which looks random to the eavesdropper. Therefore eavesdropper cannot extract the information from reader to tag and tag to reader communication using passive eavesdropping. As reader knows the different generated levels added to the carrier signal, it can remove the levels and retrieve the tag's messages. We proposed a lightweight, low-cost and practically secure physical layer security to the RFID system, for a supply chain processing application, without increasing the computational power and tag's cost. The proposed scheme was validated by simulations on GNU Radio and experimentation using SDR and a WISP tag. Our implementation and experimental results validate that DSB Enc is secure against passive eavesdropping, replay and relay attacks. It provides better results in the presence of AWGN channel.

DSB Enc

RFID

USRP

SDR

GNU Radio

Level generator

Physical layer encryption

Software Defined Radio

Intel WISP tag

GRC

Security

Desafios no desenvolvimento de aplicações seguras usando Intel SGX.

SILVA, Rodolfo de Andrade Marinho.

06 September 2018

Submitted by Emanuel Varela Cardoso (emanuel.varela@ufcg.edu.br) on 2018-09-06T19:24:24Z No. of bitstreams: 1 RODOLFO DE ANDRADE MARINHO SILVA – DISSERTAÇÃO (PPGCC) 2018.pdf: 798016 bytes, checksum: 4dfd41c1185e692e1c3b8a11f541a6a6 (MD5) / Made available in DSpace on 2018-09-06T19:24:24Z (GMT). No. of bitstreams: 1 RODOLFO DE ANDRADE MARINHO SILVA – DISSERTAÇÃO (PPGCC) 2018.pdf: 798016 bytes, checksum: 4dfd41c1185e692e1c3b8a11f541a6a6 (MD5) Previous issue date: 2018-03-01 / No decorrer das últimas décadas, uma quantidade de dados de usuários cada vez maior vem sendo enviada para ambientes não controlados pelos mesmos. Em alguns casos esses dados são enviados com o objetivo de tornar esses dados públicos, mas na grande maioria das vezes há a necessidade de manter esses dados seguros e privados, ou autorizar o seu acesso apenas em usos bem específicos. Considerando o caso onde os dados devem ser mantidos privados, entidades devem tomar cuidados especiais para manter a segurança e privacidade de tais dados tanto durante a transmissão quanto durante o armazenamento e processamento dos mesmos. Com esse objetivo, vários esforços vêm sendo feitos, inclusive o desenvolvimento de componentes de hardware que provêem ambientes de execução confiável,TEEs, como o Intel Software Guard Extensions(SGX). O uso dessa tecnologia, porém, pode ser feito de forma incorreta ou ineficiente, devido a cuidados não observados durante o desenvolvimento de aplicações. O trabalho apresentado nessa dissertação aborda os principais desafios enfrentados no desenvolvimento de aplicações que façam uso deSGX, e propõe boas práticas e um conjunto de ferramentas (DynSGX) que ajudam a fazer melhor uso das capacidades da tecnologia. Tais desafios incluem, mas não são limitados a, particionamento de aplicações de acordo com o modelo de programação do SGX, colocação de aplicações em ambientes de computação na nuvem, e, sobretudo, gerência de memória. Os estudos apresentados neste trabalho apontam que o mal uso da tecnologia pode acarretar em uma perda de performance considerável se comparado com implementações que levam em conta as boas práticas propostas. O conjunto de ferramentas proposto neste trabalho também mostrou possibilitar a proteção de código de aplicações em ambientes de computação na nuvem, com uma sobrecarga desprezível em comparação com o modelo de programação padrão de SGX. / During the last few decades, an increasing amount of user data have been sent to environments not controlled by data owners. In some cases these data are sent with the objective to turn them public, but in the vast majority of times, these data need to be kept safe and private, or to be allowed access only in very specific use cases. Considering the case where data need to be kept private, entities must take specific measures to maintain the data security and privacy while transmitting, storing and processing them. With this objective many efforts have been made, including the specification of hardware components that provide a trusted execution environment (TEEs), like the Intel Software Guard Extensions (SGX). The use of this technology , though, can be made in incorrect or ineffective ways, due to not taking some considerations into account during the development of applications. In this work, we approach the main challenges faced in the development of applications that use SGX, and propose good practices and a toolset (DynSGX) that help making better use of the capabilities of this technology. Such challenges include, but are not limited to, application partitioning, application colocation in cloud computing environments, and memory management. The studies presented in this work show that the bad use of this technology can result in a considerable performance loss when compared to implementations that take into account the good practices proposed. The toolset proposed in this work also showed to enable protecting application code in cloud computing environments, having a negligible performance overhead when compared to the regular SGX programming model.

Ciência da Computação

Sistemas de Computação

Intel SGX

DynSGX

Componentes de hardware

Modelo de memória

Arquivo EDL

Hardware components

Memory model

EDL file

Estratégias para o suporte a ambientes de execução confiável em sistemas de computação na nuvem.

SAMPAIO, Lília Rodrigues.

06 September 2018

Submitted by Emanuel Varela Cardoso (emanuel.varela@ufcg.edu.br) on 2018-09-06T19:50:33Z No. of bitstreams: 1 LÍLIA RODRIGUES SAMPAIO – DISSERTAÇÃO (PPGCC) 2018.pdf: 2337190 bytes, checksum: bfef42889bed89a3860b61f38016b02d (MD5) / Made available in DSpace on 2018-09-06T19:50:33Z (GMT). No. of bitstreams: 1 LÍLIA RODRIGUES SAMPAIO – DISSERTAÇÃO (PPGCC) 2018.pdf: 2337190 bytes, checksum: bfef42889bed89a3860b61f38016b02d (MD5) Previous issue date: 2018-02-15 / Capes / O alto poder computacional oferecido por provedores de nuvem, aliado às suas características de flexibilidade, eficiência e custo reduzido, têm levado cada vez mais usuários a utilizar recursos em nuvem para implantação de aplicações. Como consequência, uma grande quantidade de dados de diversas aplicações críticas, e de alta demanda de processamento, passam a trafegar livremente pela nuvem. Considerando isso, especialmente para aplicações que lidam com dados sensíveis, como sistemas bancários, medidores inteligentes de energia, entre outros, é de grande importância assegurar a integridade e confidencialidade de tais dados. Assim, é cada vez mais frequente que usuários de recursos de uma nuvem exijam garantias de que suas aplicações estão executando em um ambiente de execução confiável. Abordagens tradicionais, como criptografia de dados em repouso e em comunicação, combinadas com políticas rígidas de controle de acesso têm sido usadas com algum êxito, mas ainda têm permitido sérios ataques. No entanto, mais recentemente,Trusted Execution Environments(TEE) têm prometido garantias de integridade e confidencialidade de dados e códigos ao carregá-los e executálos em áreas seguras e isoladas do processador da máquina. Assim, para dar suporte a implementações de TEE, tecnologias de segurança em hardware podem ser utilizadas, como ARM Trustzone e Intel SGX. No contexto deste trabalho, usamos Intel SGX, que se propõe a garantir confidencialidade e integridade de dados e aplicações executadas dentro de áreas protegidas de memória, denominadas enclaves. Assim, o código é protegido até de software com acesso privilegiado, como o próprio sistema operacional, hipervisores, entre outros. Diversos recursos da nuvem podem fazer uso de tais tecnologias de segurança, entre eles máquinas virtuais e contêineres. Neste estudo, propomos estratégias para o suporte de TEE em ambientes de nuvem, integrando Intel SGX e OpenStack, uma plataforma de nuvem de código berto amplamente conhecida e utilizada por grandes empresas. Apresentamos uma nova bordagem no processo de provisionamento e escalonamento de máquinas virtuais e contêineres numa nuvem OpenStack segura, que considera aspectos essenciais para o SGX, como a quantidade de memória segura sendo utilizada, oEnclave Page Cache(EPC). Porfim, validamos esta nuvem com uma aplicação que exige processamento de dados sensíveis. / The high level of computing power offered by cloud providers, together with theflexibility, efficiency and reduced cost they also offer, have increased the number of users wanting to deploy their applications on the cloud. As a consequence, a big amount of data from many critical and high performance applications start to traffic on the cloud. Considering this, specially for applications that deal with sensitive data, such as bank transactions, smart metering, and others, is very important to assure data integrity and confidentiality. Thus, it is increasingly common that users of cloud resources demand guarantees that their applications are running on trusted execution environments. Traditional approaches, such as data cryptography, combined with strict access control policies have been used with a level of success, but still allowing serious attacks. However, more recently, Trusted Execution Environments (TEE) are promising guarantees of data and code integrity and confidentiality by loading and executing them in isolated secure areas of the machine’s processor. This way, to support TEE implementations, hardware technologies such as ARM TrustZone and Intel SGX can be used. In the context of this research, we use Intel SGX, which proposes integrity and confidentiality guarantees for data and applications executed inside protected memory areas called enclaves. Thus, the code is protected even from high privileged software, such as the operational system, hypervisors and others. Many cloud resources can use such security technologies, like virtual machines and containers. In this research, we propose strategies to support TEE in cloud environments, integrating Intel SGX and OpenStack, an open-source cloud platform widely known and used by many big companies. We present a new approach in the provisioning and scheduling of instances in a secure OpenStack cloud, considering essential aspects to SGX such as the amount of secure memory being used, the Enclave Page Cache (EPC). Finally, we validated this cloud by deploying an application that requires processing of sensitive data.

Ciência da Computação

Computação na nuvem

OpenStack

Orquestradores de contêineres

Intel SGX

KVM-SGX

Contêineres seguros

Cloud computing

Container Orchestrators

Containers insurance

Univerzitní informační panel / University information dashboard

Marčan, Radek

January 2016

This thesis is focused on issues with development of mobile applications. At first it shows comparison of market shares by mobile platforms. Next there are presented individually technologies together with their possible development environment. Then there are trends in mobile applications with their progressions and possible ways to get data for application. Practical part is focused on choice of way of development of mobile Application. After there is draft, implementation and creating application including build and import to device.

Simulação e realização de um computador com base num processador monolítico

Cesar, Christian Lenz

10 1900

Submitted by Algacilda Conceição (algacilda@sibi.ufrj.br) on 2018-03-27T17:11:40Z No. of bitstreams: 1 133673.pdf: 3470290 bytes, checksum: 6623610e1129ecaebd9023baa80a18cc (MD5) / Made available in DSpace on 2018-03-27T17:11:40Z (GMT). No. of bitstreams: 1 133673.pdf: 3470290 bytes, checksum: 6623610e1129ecaebd9023baa80a18cc (MD5) Previous issue date: 1973-10 / Descreve a arquitetura de um pequeno computador realizado com base num processador monolítico e sua simulação. Primeiramente estabelece-se os circuitos externos ao processador necessários ao seu funcionamento. Em seguida mostra-se um simulador que executa instruções dadas em sua forma binária. O usuário pode definir dentro do simulador a organização da memória, dos periféricos e do sistema de interrupção. Finalmente descreve-se a implementação do computador. / Describes an architecture for a small computer using a microprocessor as its central processing unit. In the first part of the work it is established the necessary external logic circuits for the microprocessor. The second part presents a simulator that executes instructions given in binary form. The user may define the memory, peripherals and interrupt system organization inside the simulator. Finally it is described the implementation of the computer.

Intel 8008 (Microprocessador)

Microprocessadores

Detection of side-channel attacks targeting Intel SGX / Detektion av attacker mot Intel SGX

Lantz, David

January 2021

In recent years, trusted execution environments like Intel SGX have allowed developers to protect sensitive code inside so called enclaves. These enclaves protect its code and data even in the cases of a compromised OS. However, SGX enclaves have been shown to be vulnerable to numerous side-channel attacks. Therefore, there is a need to investigate ways that such attacks against enclaves can be detected. This thesis investigates the viability of using performance counters to detect an SGX-targeting side-channel attack, specifically the recent Load Value Injection (LVI) class of attacks. A case study is thus presented where performance counters and a threshold-based detection method is used to detect variants of the LVI attack. The results show that certain attack variants could be reliably detected using this approach without false positives for a range of benign applications. The results also demonstrate reasonable levels of speed and overhead for the detection tool. Some of the practical limitations of using performance counters, particularly in an SGX-context, are also brought up and discussed.

Security

Trusted execution environment

Intel SGX

side channel attacks

Load value injection

detection

performance counters

Computer Sciences

Datavetenskap (datalogi)

Paralelizace ultrazvukových simulací pomocí akcelerátoru Intel Xeon Phi / Parallelisation of Ultrasound Simulations on Intel Xeon Phi Accelerator

Vrbenský, Andrej

January 2015

Nowadays, the simulation of ultrasound acoustic waves has a wide range of practical usage. As one of them we can name the simulation in realistic tissue media, which is successfully used in medicine. There are several software applications dedicated to perform such simulations. k-Wave is one of them. The computational difficulty of the simulation itself is very high, and this leaves a space to explore new speed-up methods. In this master's thesis, we proposed a way to speed-up the simulation based on parallelization using Intel Xeon Phi accelerator. The accelerator contains large amount of cores and an extra-wide vector unit, and therefore, is ideal for purpose of parallelization and vectorization. The implementation is using OpenMP version 4.0, which brings some new options such as explicit vectorization. Results were measured during extensive experiments.

3D Camera Selection for Obstacle Detection in a Warehouse Environment / Val av 3D-kamera för Obstacle Detection i en lagermiljö

Jarnemyr, Pontus, Markus, Gustafsson

January 2020

The increasing demand for online commerce has led to an increasing demand of autonomous vehicles in the logistics sector. The work in this thesis aims to improve the obstacle detection of autonomous forklifts by using 3D sensor technology. Three different products were compared based on a number of criteria. These criteria were provided by Toyota Material Handling, a manufacturer of autonomous forklifts. One of the products was chosen for developing a prototype. The prototype was used to determine if 3D camera technology could provide sufficient obstacle detection in a warehouse environment. The determination was based on the prototype's performance in a series of tests. The tests ranged from human to pallet detection, and were aimed to fulfill all criteria. The advantages and disadvantages of the chosen camera is presented. The conclusion is that the chosen 3D camera cannot provide sufficient obstacle detection due to certain environmental factors.

obstacle

detection

3d

camera

warehouse

prototype

sick

intel

toposens

Fast-NetMF: Graph Embedding Generation on Single GPU and Multi-core CPUs with NetMF

Shanmugam Sakthivadivel, Saravanakumar

24 October 2019

No description available.

Computer Science

Computer Engineering

network representation learning

graph embedding

network embedding

NetMF

high performance computing

CUDA

Intel MKL

Fast-NetMF