RFD 010 idea
Trusted Kernel-Logging IP Block
The Idea
Design an on-chip IP block that records all GPU kernels sent to each streaming multiprocessor. The block must be auditable for backdoors, produce tamper-evident logs, and provide proof that no other kernels were secretly executed.
This is a hardware-level intervention that would require GPU vendor cooperation or a new chip design. The research question is whether such a block can be designed to be trustworthy under adversarial audit.
Why It Matters
Software-level logging can always be bypassed by compromised firmware. A hardware logging block that’s physically separate from the compute path could provide stronger guarantees—if it can be verified not to have backdoors.
Open Questions
- How to design for auditability? (Minimal logic, open-source HDL?)
- How to prove completeness (no secret execution paths)?
- What’s the performance overhead?