Barkhausen Institut: ccFOSSIL – Secure Cache Coherence for Disaggregated Data Center Memory

ccFOSSIL – Secure Cache Coherence for Shared Data Center Memory

A large, glowing cloud with a pixelated pattern floats at the center. Numerous blue light beams extend from the cloud toward several server racks in a data center. The background features an abstract digital environment with geometric lines and rectangles. — © pingingz/Adobe Stock

The project “ccFossil: Secure Cache Coherence for Disaggregated Memory” aims to make shared, datacenter-wide memory both efficient and secure. It develops mechanisms that let servers access a common memory pool while actively enforcing strict boundaries that only allow authorized and safe access between machines.

Modern datacenters strive to use their hardware as efficiently as possible, and memory has become a major bottleneck. Many servers do not fully utilize their installed memory while others run short, motivating research into disaggregated memory – a model where machines share a large, pooled memory resource. However, enabling servers to access each other’s memory raises serious scientific challenges: ensuring low-latency access at scale, preserving strong security boundaries, and preventing accidental or malicious data exposure. This project addresses these needs by exploring mechanisms that allow datacenters to gain the efficiency benefits of shared memory without compromising security or trustworthiness.

In this project the Barkhausen Institut investigates how to securely enable shared memory in large-scale datacenters by combining hardware and operating-system research. Using the M³ platform, we will prototype new hardware mechanisms that tightly control cache-coherent memory access, ensuring that machines can only interact with permitted regions of shared memory. We will develop the necessary operating-system support to enforce these boundaries and manage shared memory safely. Insights gained from the M³ platform will guide how these mechanisms can be scaled to full datacenter environments, enabling efficient disaggregated memory without weakening security.

The project is expected to deliver a hardware mechanism that enables configurable, security-aware cache-coherence for shared memory potentially across machines. It will also provide a clear understanding of the operating-system support required to expose this capability to applications in an efficient and safe way. In addition, the project will offer an estimated performance profile of the resulting system, demonstrating its feasibility and potential impact at datacenter scale.

The project is funded by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – 502457159.

Project duration: 01.01.2026 – 31.12.2028

Contact Person: Michael Roitzsch

Partners: All members of the SPP 2377.

Project state

Ongoing project

Project runtime

01/2026 - 12/2028

Contact

Dr.-Ing. Michael Roitzsch Research Group Leader

michael.roitzsch@barkhauseninstitut.org