I do not see MIG mentioned in either paper. I do not think the papers are examining isolation security between instances, which the GP was asking about.

Yeah, I only posted two links from my notes, from when I was looking at this a few months ago. Here's one on MIG.

https://arxiv.org/abs/2207.11428

As per sibling comment, this is about utilization efficiency and not breaking isolation (between MIG instances). The conclusion:

> In this paper, we presented MISO, a technique to leverage the MIG functionality on NVIDIA A100 GPUs to dynamically partition GPU resources among co-located jobs. MISO deploys a learning-based method to quickly find the optimal MIG partition for a given job mix running in MPS. MISO is evaluated using a variety of deep learning workloads and achieves an average job completion time that is lower than the unpartitioned GPU scheme by 49% and is within 10% of the Oracle technique.

That paper doesn’t seem to be about security vulnerabilities in MiG but rather using it to improve workload efficiency