Dong Du’s research while affiliated with Shanghai Jiao Tong University and other places

... We observe similar results with both A100 and H100 GPUs, highlighting the crucial impact memory bandwidth has on the performance of GPU checkpointing operations. Several techniques have been proposed to address this problem, such as data compression and on-demand parallelism [66]. Incorporating such techniques could further improve the efficiency of checkpoint/restore operations, especially for large-scale models. ...

Reference:

CRIUgpu: Transparent Checkpointing of GPU-Accelerated Workloads

... Outside CPUs, devices such as GPU [16][17][18], IPU [19], FPGA [20][21][22], provides TEEs. Several existing works [23][24][25][26][27] also extend CPU TEE's security primitives to connected devices. However, except for very few proposals [19], most existing proposals require a CPU TEE, which increases the Trusted Computing Base (TCB). ...

Reference:

Ascend-CC: Confidential Computing on Heterogeneous NPU for Emerging Generative AI Workloads

... The non-secure code operates in the nonsecure environment, also known as the normal world, while the secure code runs within TEE. This mechanism provides significant security advantages by isolating the secure code from the normal world, preventing attackers from accessing sensitive data or disrupting secure functions, such as key management [24,30], cryptography [41,42], and memory operations [11,48]. To achieve this isolation, TEE leverages hardware-based features like memory partitioning and access control enforced by the CPU [3,47]. ...

Reference:

DITING: A Static Analyzer for Identifying Bad Partitioning Issues in TEE Applications

... Researchers explored building enclaves with different abstraction levels, including userspace process [57,78], secure containers [46,109], and confidential VMs [79,91]. Works adopt hardware protections like TZASC [49], S2PT [72,77], GPT [113,124], or even hardware-software co-design [62,66] to support domain enforcement for general-purpose enclaves. Inspired by those works, HitchHiker employs hardware features to tailor the secure environment exclusively for its secure log management. ...

Reference:

The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches

... Serverless systems research has gained momentum, with many projects aimed at reducing cold starts. Recently, Liu et al. [25] identified five research problems for future work on serverless systems. In this section, we leverage our analysis from previous sections to identify several areas important for serverless system optimization. ...

Reference:

Serverless Cold Starts and Where to Find Them

... TenAnalyzer increments the VN after updating all tensor cachelines (all relevant bitmap bits flip). Hardware isolation mechanism secures the full bitmap in DRAM, and a small on-chip cache enhances bitmap access efficiency [21]. TenAnalyzer encompasses 3 scenarios in tensor writing as illustrated in Figure 12: Hit edge, Hit in and Miss. 1) Hit edge means the request hits the first address (start updating) or last address (finish updating) which matches the common tensor-based application and allows complex memory access like tiling. ...

Reference:

TensorTEE: Unifying Heterogeneous TEE Granularity for Efficient Secure Collaborative Tensor Computing

... • Providing insights and recommendations for choosing an appropriate multithreading library for a given application and hardware platform. In this paper, after introducing the research tool gem5, corresponding auxiliary tools, multithreading libraries and benchmarking strategies, design of experiments is presented [10]. Next, the results of experiments are analyzed and then discussed. ...

Reference:

A study on impacts of hardware changes on performance of different multithreading libraries based on Gem5

... Implications. The GPU fragmentation and allocation limitation pull down the elasticity and deployment density [11] of serverless DL functions, increasing both user and provider costs. We argue that a proper GPU resourcing-ondemand mechanism is imperative and essential for current serverless DL serving. ...

Reference:

Dilu: Enabling GPU Resourcing-on-Demand for Serverless DL Serving via Introspective Elasticity

... The impact of resource contention extends beyond individual functions to affect entire application workflows. As functions compete for shared resources, performance becomes less predictable, complicating capacity planning and potentially violating service level agreements [30]. The multi-tenant nature of serverless platforms exacerbates this challenge, as functions may experience "noisy neighbor" effects from unrelated workloads running on the same underlying infrastructure. ...

Reference:

Concurrency Management in Distributed Serverless Environments

... Previous work proposed to address the safety issues of monolithic OSes by reducing the TCB through separation [2,73], micro-kernels [28,34], and safe languages [7,19,36,58,66]. In SASOSes, internal isolation may be traded off for performance [41,43,47,70], provided with traditional page tables [12,33,52,68], or intra-AS hardware isolation mechanisms [54,69,74,76]. Other research efforts strive to speedup IPC in microkernels [29,64], or redesign monolithic OSes entirely [9,11,20,31,53,67,77]. ...

Reference:

FlexOS: towards flexible OS isolation