CSCI 699: Confidential Computing: Protecting Your Data on Cloud GPUs and CPUs
Spring 2025 | Thursday 4:00-7:20pm
Course Overview
Units: 4.0
Term—Day—Time: Spring 2025, Thursday 4:00-7:20pm
Location: Social Sciences Building
Instructor: Mengyuan Li
Office: GCS 502A
Office Hours: Wednesday 11am-12 pm, GCS, B2 floor-SB4
Contact Info: mli49061@usc.edu (Please include “CSCI 699” in your email subject.)
Teaching Assistant: TBD
Slides & Materials: Shared via the Google Drive folder
Course Description
This course offers an in-depth study of confidential computing and privacy-preserving computational techniques, focusing on protecting data in cloud environments using both CPUs and GPUs. Students will explore the design and implementation of Trusted Execution Environments (TEEs) and examine various cloud services that support confidential computing, including secure enclaves, Confidential Virtual Machines (CVMs), and confidential GPUs.
Learning Objectives
- A comprehensive understanding of confidential computing and TEE.
- Gain experience in reading, analyzing, and critically evaluating research papers.
- Understand and experiment with state-of-the-art systems related to TEEs and CVMs.
- A better understanding of other common privacy-preserving computation techniques such as FL, MPC, and FHE.
- Improve academic writing and presentation skills through assignments and the final project.
Grading Breakdown
| Assessment Tool | % of Grade |
|---|---|
| Assignment 1 | 15% |
| Assignment 2 | 15% |
| Course Presentation | 20% |
| Final Project | 40% |
| Participation and Discussion | 10% |
Course Schedule
| Week | Date | Topics/Daily Activities | Readings/Preparation | Deliverables |
|---|---|---|---|---|
| 1 | Jan 16 | Introduction to Confidential Computing | Course syllabus, Introductory articles on cloud security | - |
| 2 | Jan 23 | Trusted Execution Environments | Relevant research papers about SGX, AMD SEV, and Nvidia CC | - |
| 3 | Jan 30 | Confidential Virtual Machines | Articles on CVMs and cloud implementations | - |
| 4 | Feb 6 | Programming with Virtualization | Tutorial on VMs and QEMU (related website: QEMU and KVM) | Assignment 1.1 Assigned |
| 5 | Feb 13 | Confidential Computing and Practical TEE Systems; Assignment 1.2 Demo | 2-3 relevant research papers | Assignment 1.1 Check-in/ Assignment 1.2 Assigned |
| 6 | Feb 20 | Hardware Attacks and Defenses - Side-Channel Attacks; Project Introduction | 2-3 relevant research papers | - |
| 7 | Feb 27 | Hardware Attacks and Defenses - Meltdown and Spectre Vulnerabilities | 2-3 relevant research papers | Assignment 1 Due/Assignment 2.1 Assigned |
| 8 | Mar 6 | Confidential GPUs | 2-3 relevant research papers about GPU vulnerabilities | Assignment 2.1 Due/Assignment 2.2 Assigned |
| 9 | Mar 13 | Introduction to Privacy-Preserving Techniques/Symposium on the Future of Computing | - | - |
| 10 | Mar 20 | Spring Recess | - | - |
| 11 | Mar 27 | Secure Software Development Practices/ Project Midterm Presentation | 2-3 relevant research papers about TEE side-channel Attacks | Project Midterm Report Due/Assignment 2.2 Due |
| 12 | Apr 3 | Balancing Security and Performance in Confidential Computing – CPU scenario | 2-3 relevant research papers about TEE-based system optimization | - |
| 13 | Apr 10 | Balancing Security and Performance in Confidential Computing – GPU scenario | 2-3 relevant research papers about GPU-TEE-based Systems | - |
| 14 | Apr 17 | Final Project Presentations | - | In-class presentations |
| 15 | Apr 24 | Final Project Presentations | - | In-class presentations |
| Final | - | No Final Exam | - | Project Final Report Due |
Academic Integrity
This course follows the expectations for academic integrity as stated in the USC Student Handbook. Violations will result in disciplinary action.
Support Systems
For counseling, mental health, and other support services, visit USC Support Systems.