General purpose, large-scale high-performance computing (HPC) systems are finding wider adoption with the increasing demands for computing power among business, utility, financial, education, scientific, national, and other infrastructure systems. With more general usage, the need for increased availability in such HPC systems has brought forth increased cyber security concerns. The sharing of HPC resources among increasingly unrelated users, as well as the critical nature of certain infrastructure-related applications, are often the cause of these security concerns. Other complicating factors, often prevalent with the use of HPC systems, are the larger variety of principals that could pose a threat and the larger attack surface inherent in distributed and shared computations.
For example, insiders, outsiders, co-tenancy entities, HPC infrastructure vendors and staff, software vendors/lessors, and/or data vendors/lessors are examples of principals that could pose threats. As a result, users and system maintainers of HPC systems need to account not only for external security concerns, but also security concerns that may originate from local threats. The attack surface in distributed and shared computations may include data in motion between distributed components, as well as partial or intermediate results that often end up in quasi-persistent storage. The attack surface may also include any orchestration components or any services provided by an HPC supplier, including management interfaces.
Furthermore, many applications must consider security even if they do not necessarily pertain to “national” critical infrastructure, or even infrastructure that is critical to an enterprise. In addition, stakeholders could be using HPC systems for a variety of purposes (e.g., planning, operations, development/testing/maintenance of HPC codes), which modulates the above-described concerns.