Huawei is a leading global information and communications technology (ICT) solutions provider. Through our constant dedication to customer-centric innovation and strong partnerships, we have established leading end-to-end capabilities and strengths across the carrier networks, enterprise, consumer, and cloud computing fields. Our products and solutions have been deployed in over 170 countries serving more than one third of the world’s population.
With 20+ sites across Europe and 1500 researchers, Huawei’s European Research Institute (ERI) oversees fundamental and applied technology research, academic research cooperation projects, and strategic technical planning across our network of European R&D facilities. Huawei’s ERI includes the Zurich Research Center (ZRC), located in Zurich, Switzerland. A major element of ZRC is a rapidly growing research laboratory focused on fundamental research in the area of computing systems (new hardware, new software, new algorithms).
The research work of the lab will be carried out not only by Huawei’s internal research staff but also by our academic research partners in universities across Europe. The lab will provide an open research environment where academics will be encouraged to visit and work on fundamental long-term research alongside Huawei staff in an environment that, like the best universities and research institutes, is open and conducive to such world-leading scientific work.
The modern data centers deviate from the CPU-centric monolithic platform (CPU, memory, devices on the same physical platform) to the disaggregated computing architecture. In the disaggregated computing model, the majority of the domain-specific workloads (such as graphics, AI/ML, networking, etc.) are computed on specialized devices, commonly called domain-specific accelerators (DSA). Such heterogeneity in modern cloud and data center services brings several security questions. Specifically, how trustworthy are these infrastructures (both software and hardware)? And how much trust do we need to place on the cloud/data center providers? This is a valid concern as many ML or AI workloads involve sensitive data such as medical records movement and map data, personal identity information, visual data, etc. Besides ML/AI accelerators, smart NICs handle all the traffic to and from the VMs, storage accelerators handle file system data of the VM tenants, and many more.
The data centers and cloud deploy a number of privileged software stacks such as drivers, OS, hypervisors, etc., to manage and provide services to the tenants. This software stack is composed of millions of lines of code and poses a significant threat to the integrity and confidentiality of the tenants' data. As the data centers and cloud are multi-tenant, i.e., multiple (mutually distrusting), users share hardware resources simultaneously, keeping the integrity and confidentiality of data in the heterogeneous devices poses a real challenge.
Existing trusted computing environments or TEEs facilitate enclaves that are isolated from the attacker-controlled software stack. Alongside several well-known CPU TEEs such as Intel SGX & TDX, ARM TrustZone & CCA, and AMD SEV SNP, there are a few TEEs on computing devices such as GPU, AI accelerators, SSDs, etc. However, they are dependent on the host and are not flexible. Hence, there is an emerging need to design distributed TEEs for modern disaggregated data centers and the cloud.
We are designing the trusted computing framework for the next generation of disaggregated clouds. The aim is to increase the cloud's trustworthiness and define the trusted computing base. We are conducting state-of-the-art research to design new hardware architecture, software, and programming model that provides fundamental security primitives to isolated workloads.
As an intern joining our team, your primary task will be assisting the design and development of the ongoing next-generation secure cloud TEE architecture based on distributed shared memory.
- The task includes exploring and simulating new hardware and software design and integrating with the current CPUs and software stack.
- Conduct experiments to evaluate performance overhead, analyze side channels, and verify security properties.
- During the internship, you will have the opportunity to develop a deep understanding of the TEE framework and low-level system architecture and work on state-of-the-art accelerates.
- You are currently enrolled in a Master’s degree or PhD in computer science, computer security, computer architecture, software engineering or any related fields at a reputable university; or you graduated within the last six months
- Very good understanding of OS kernels, MMU, low-level software architecture.
- Strong understanding of low-level system (C/C++) programming and familiarity with QEMU and virtual machines.
- Some knowledge/understanding of any of ARM, or x86, or RISC-V microarchitecture is a plus.
- General Linux power user skills are an asset.
- Ability to work independently on nontrivial analysis and development tasks
- Strong communication skills, ability to perform and present a detailed analysis of experimental results
- Strong motivation to join a cutting-edge industrial research environment
What we offer
At the Zurich Research Center, the successful candidate becomes part of a multicultural team of leading European researchers with expertise spanning from microarchitectures to mathematics. We believe such breadth is crucial to succeed in our mission to drive new fundamental research and achieve new innovate breakthroughs in future computing systems. If this speaks to you, please be sure to apply!