The ccFOSSIL project builds upon two observations of current technology trends: First, Compute Express Link (CXL) has been positioned as a successor technology to NVM, or more general, to connect any kind of accelerator or memory with value-add properties to a server. Second, computing hardware has reached a complexity level, where we can no longer assume that all hardware can be ultimately trusted. Processor mistakes like Spectre and Meltdown heralded a new era of hardware-level vulnerability discoveries. Upcoming system architectures in data centers use CXL to connect compute devices to large pools of shared external memories. These pools improve overall resource utilization by allowing the data center operator to dynamically assign memory chunks to individual servers. This allows to fulfill higher memory demands of one server if another underuses its share, whereas traditional hardwired DRAM would be stranded within the underusing machine. However, CXL-based memory systems exhibit a large Trusted Computing Base (TCB), because essentially all devices in the entire CXL network have to be trusted. Ideally, a specific application should only trust the CPUs, memories, and accelerators that it actually uses, leading to a small TCB and strong isolation between data center customers. Such isolation prevents that attacks performed by one customer can spread through the entire CXL network. We propose selective cache coherence as a solution. It requires changes to the underlying hardware architecture, so that cache coherence traffic is filtered by an extra hardware component that is external to memory pool and processor implementations. This component is configured to allow coherence traffic only between specific partners and in specific address windows. Within the ccFOSSIL project, we will design and implement such a component in the M³ microkernel-based system-on- chip architecture. We will prototype and evaluate the result with relevant data center and CXL workloads.

DFG Programme Priority Programmes

Subproject of SPP 2377:  Disruptive Main-Memory Technologies