This is a preliminary version of the source code for DF-TEE based on our AsianHost paper. To find more details, please read our paper:
Ke Xia and Sheng Wei, "DF-TEE: Trusted Execution Environment for Disaggregated Multi-FPGA Cloud Systems", Asian Hardware Oriented Security and Trust Symposium (AsianHOST), 2023
The system is divided into five components:
- Client supports SGX and wishes to offload computation to FPGA.
- Trusted edge server slices the client source code into untrusted and trusted functions, and compiles the code into FPGA bitstreams.
- FPGA manager communicates with the FPGAs to execute the computation.
- FPGAs are the hardwares to run the compiled workload.
We leverage the SGX remote attestation example to attest with the secure monitor. Please see: SGX-ra-sample.
The folder benchmark includes the benchmark code. To run the code, please put the selected .c file into the trusted edge server.
We employ the function slicing in TZslicer to slice the code.
- Install TaintGrind(v.3.12.0)
- Download the code for TZSlicer and add it to the folder
code/trusted_edge_server - Execute:
gcc -I ./valgrind/valgrind-3.12.0/taintgrind/ -I ./valgrind/valgrind-3.12.0/include/ -g $c_source_file -o $compiled_c_object -lm
./valgrind/valgrind-3.12.0/build/bin/valgrind --tool=taintgrind $compiled_c_object 2>$log_file
python Main.py $compiled_c_object 0 0 0 0
python slicer.py
The compiled code is tested with Xilinx Vitis 2022.1.
The provided code is based for the benchmark gamma_filter. To run the compiled workload, execute the files separately:
FPGA_manager/FPGA_manager.ipynb
FPGA/FPGA_1.ipynb
FPGA/FPGA_2.ipynb