Novel proposals for FAIR, automated, recommendable, and robust workflows

Funding: This work is partly funded by NSF award OAC-1839900. This material is based upon work supported by the U.S. Department of Energy, Office of Science, under contract number DE-AC02-06CH11357. libEnsemble was developed as part of the Exascale Computing Project (17-SC-20-SC), a collaborative effort of the U.S. Department of Energy Office of Science and the National Nuclear Security Administration. This research used resources of the OLCF at ORNL, which is supported by the Office of Science of the U.S. DOE under Contract No. DE-AC05-00OR22725.Lightning talks of the Workflows in Support of Large-Scale Science (WORKS) workshop are a venue where the workflow community (researchers, developers, and users) can discuss work in progress, emerging technologies and frameworks, and training and education materials. This paper summarizes the WORKS 2022 lightning talks, which cover five broad topics: data integrity of scientific workflows; a machine learning-based recommendation system; a Python toolkit for running dynamic ensembles of simulations; a cross-platform, high-performance computing utility for processing shell commands; and a meta(data) framework for reproducing hybrid workflows.Postprin

Catch Me If You Can: Using Power Analysis to Identify HPC Activity

Monitoring users on large computing platforms such as high performance computing (HPC) and cloud computing systems is non-trivial. Utilities such as process viewers provide limited insight into what users are running, due to granularity limitation, and other sources of data, such as system call tracing, can impose significant operational overhead. However, despite technical and procedural measures, instances of users abusing valuable HPC resources for personal gains have been documented in the past \cite{hpcbitmine}, and systems that are open to large numbers of loosely-verified users from around the world are at risk of abuse. In this paper, we show how electrical power consumption data from an HPC platform can be used to identify what programs are executed. The intuition is that during execution, programs exhibit various patterns of CPU and memory activity. These patterns are reflected in the power consumption of the system and can be used to identify programs running. We test our approach on an HPC rack at Lawrence Berkeley National Laboratory using a variety of scientific benchmarks. Among other interesting observations, our results show that by monitoring the power consumption of an HPC rack, it is possible to identify if particular programs are running with precision up to and recall of 95\% even in noisy scenarios

A Framework for Cyber Vulnerability Assessments of InfiniBand Networks

InfiniBand is a popular Input/Output interconnect technology used in High Performance Computing clusters. It is employed in over a quarter of the world’s 500 fastest computer systems. Although it was created to provide extremely low network latency with a high Quality of Service, the cybersecurity aspects of InfiniBand have yet to be thoroughly investigated. The InfiniBand Architecture was designed as a data center technology, logically separated from the Internet, so defensive mechanisms such as packet encryption were not implemented. Cyber communities do not appear to have taken an interest in InfiniBand, but that is likely to change as attackers branch out from traditional computing devices. This thesis considers the security implications of InfiniBand features and constructs a framework for conducting Cyber Vulnerability Assessments. Several attack primitives are tested and analyzed. Finally, new cyber tools and security devices for InfiniBand are proposed, and changes to existing products are recommended

BEAR PGR Conference 2023 - Conference proceedings

BEAR Conference proceedings are the collection of papers and posters that were presented at the BEAR PGR conference. Conferences provide opportunities for people to present their research, and get input from other researchers and colleagues in their field

Security in an evolving European HPC Ecosystem

The goal of this technical report is to analyse challenges and requirements related to security in the context of an evolving European HPC ecosystem, to provide selected strategies on how to address them, and to come up with a set of forward-looking recommendations. A key assumption made in this technical report is that we are in a transition period from a setup, where HPC resources are operated in a rather independent manner, to centres providing a variety of e-infrastructure services, which are not exclusively based on HPC resources and are increasingly part of federated infrastructures

Bearicade: A Novel High-Performance Computing User and Security Management System Augmented with Machine Learning Technology

Despite the rising development and popularity of HPC systems, there have been insufficient advancements towards the security of HPC systems. The substantial computational power, high bandwidth networks, and massive storage capacity provided in the HPC environment are desirable targets for the attackers. The majority of educational institution HPC centres provide their users with simple access methods lacking the modern security needs. Thus, accelerating the systems’ proneness to modern cyber-attacks. The current implementations of HPC access points, such as web portals, offer users direct access to the HPC systems. Consequently, such web portal implementations affect the HPC system with the same security challenges faced by cloud providers and web applications. Although attempts have been made toward securing HPC systems, most of these implementations are outdated, insufficient with the current security standards, or do not integrate well with modern HPC access solutions. To address these security issues, Bearicade, a novel High-Performance Computing (HPC) user and security management system, was designed, developed, implemented and evaluated. Bearicade is a data-driven secure unified framework for managing HPC users and systems security. This framework is an add-on layer to an existing HPC systems software, collecting over 50 different types of information from multiple sources within the HPC systems. It offers Artificial Intelligent security solutions with an added usability and accessibility without adversely affecting the performance and functionality of HPC systems. Throughout this study, the security and usability of Bearicade were validated implementing multiple Machine Learning models. It has been deployed over three years as a production system for students and researchers at the University of Huddersfield QueensGate Grid (QGG) with considerable success, protecting the QGG systems from the summer 2020 attacks that has affected many other HPC systems in research and educational establishments

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Security in high-performance computing environments

High-performance computing ((HPC) systems have some similarities and some differences with traditional IT computing systems, which present both challenges and opportunities. One challenge is that HPC systems are 'high-performance' by definition, and so many traditional security techniques are not effective because they cannot keep up with the system or reduce performance. HPC systems tend to be used for very distinctive purposes, have much more regular and predictable activity, and contain highly custom hardware/software stacks. Each of these elements can provide a toehold for leveraging some aspect of the HPC platform to improve security