Presentation
HPC Security: Why the Time is Now?
DescriptionSupercomputing has been a discipline for at least four decades, but why has HPC security become such a hot topic the past several years? Just seven years ago the first HPC security papers were accepted and presented at SC17, yet efforts at NIST and elsewhere gained little traction. In this talk we explore some of the reasons why security of HPC systems has received so much more attention recently. We will discuss the expansion of scientific computing into new disciplines, changes in enterprise cybersecurity policy driving scientific computing away from general purpose devices to dedicated research computing assets, and the expansion of big data beyond what can be supported by single researcher workstations. We will also discuss how this expansion has increased the variety of codebases, languages, computational frameworks, and parallel computing models bringing new security challenges with them to the HPC space. We will explore why HPC is increasingly becoming a target due to its attractiveness to cybercriminals for cryptocurrency mining, the fact HPC centers host an increasing volume of non-public data, and how insider threat concerns are changing with the expanded userbase. Finally we will look at why HPC security is different than enterprise security, discussing why existing security research and common practices are not automatically usable for HPC operators, and how the feedback and incentive loop for vendors is broken.