Technology
Engineer to develop secure data center hardware for the public cloud with NSF CAREER award
Yuanchao Xu will lead this research with the support of one of the most prestigious grants in support of early-career faculty
Image courtesy of luza studios/ Getty Images
Press Contact
AI and other modern, data-intensive computing tasks are run on the public cloud, which are powered by an already massive and growing data center infrastructure. But how can we ensure that these systems are secure?
A new project will develop protocols to improve the security and efficiency of the software and hardware that run these complex data centers. University of California, Santa Cruz Assistant Professor of Computer Science and Engineering Yuanchao Xu will lead this research with the support of a National Science Foundation (NSF) CAREER award, one of the organization’s most prestigious grants in support of early-career faculty.
“Security of the public cloud is more important than ever before, as much of our digital life now depends on it. AI agents, chatbots, and AI-assisted collaboration platforms—all of those applications run on the public cloud,” Xu said. “As we offload more of our tasks to the public cloud, security is more important than before to guarantee performance.”
Securing the AI era
New data centers are being built across the U.S. to support growing demand in the AI era. Xu, an expert in computer architecture and security at the Baskin School of Engineering, develops methods for the next generation of data center management. Security mechanisms help ensure the public cloud confidentiality, in that others can’t view a user’s data or code; and integrity, in that a user’s code or data can’t be modified and is returned with accurate results.
With this NSF grant, Xu is developing new security mechanisms for Compute Express Link (CXL)-based public cloud servers, a technology that enables high-speed data sharing and memory expansion in modern data centers.
Current CXL systems are built primarily for single host systems, a traditional data center model in which all software, memory, and computing are confined to one single machine. However, this model is increasingly insufficient to meet the demand of future AI and other memory- and computation-intensive workloads. Xu’s project explores how to securely run CXL on a multi-host system, in which multiple servers are interconnected and can safely share memory and computation without sacrificing performance.
To secure next-generation CXL-based systems, Xu will extend existing Trusted Execution Environments (TEEs), hardware-based security technologies already widely deployed in today’s cloud platforms. This will support secure execution across multiple machines connected via shared and disaggregated memory, an emerging server architecture for modern data centers.
“Our goal is to bring these protections to more scalable, shared cloud environments without sacrificing performance,” Xu said.
Xu will focus his contributions on security and performance co-design, reducing the overhead that typically accompanies security improvement for more efficient next-generation data center architecture.
He will also develop tools to ease the transition to a secure, multi-host environment, as such transitions usually require programmers to rework their existing code so that it can be executed on new infrastructure, creating a barrier to adoption. Xu has existing research partnerships with Google and Microsoft, major players in cloud computing and CXL research, and will leverage these connections to ensure a smooth industry transition for these new designs. Xu will also create an open-source simulation environment that allows researchers in academia and industry to prototype new ideas and foster a broader research and industry ecosystem around secure CXL systems.
Additionally, a major component of the NSF’s CAREER awards is to create educational materials for students. Xu is in the process of developing a new graduate level computer science and engineering course on hardware security that will keep students at the cutting edge of research in this area.
The funding will also support graduate student researchers in Xu’s lab, and help develop small projects for undergraduate researchers or high schools through the campus’s Science Internship Program.