TOWARDS TRUSTWORTHY ON-DEVICE COMPUTATION

Heejin Park (12224933)

20 April 2022

<div>Driven by breakthroughs in mobile and IoT devices, on-device computation becomes promising. Meanwhile, there is a growing concern over its security: it faces many threats</div><div>in the wild, while not supervised by security experts; the computation is highly likely to touch users’ privacy-sensitive information. Towards trustworthy on-device computation, we present novel system designs focusing on two key applications: stream analytics, and machine learning training and inference.</div><div><br></div><div>First, we introduce Streambox-TZ (SBT), a secure stream analytics engine for ARM-based edge platforms. SBT contributes a data plane that isolates only analytics’ data and</div><div>computation in a trusted execution environment (TEE). By design, SBT achieves a minimal trusted computing base (TCB) inside TEE, incurring modest security overhead.</div><div><br></div><div>Second, we design a minimal GPU software stack (50KB), called GPURip. GPURip allows developers to record GPU computation ahead of time, which will be replayed later</div><div>on client devices. In doing so, GPURip excludes the original GPU stack from run time eliminating its wide attack surface and exploitable vulnerabilities.</div><div><br></div><div>Finally, we propose CoDry, a novel approach for TEE to record GPU computation remotely. CoDry provides an online GPU recording in a safe and practical way; it hosts GPU stacks in the cloud that collaboratively perform a dryrun with client GPU models. To overcome frequent interactions over a wireless connection, CoDry implements a suite of key optimizations.</div>

Computer Engineering

Computer System Security

Edge Computing

TrustZone

System Security

Trusted Execution Environment (TEE)

On-device Computation

Stream Analytics

Mobile GPU