Heterogeneous computing has definitely arrived, and graphics processing units (GPUs) in the millions are employed worldwide. History has shown newly programmable domains to be rapidly subjected (and often found vulnerable) to attacks of the past. We enumerate a system-centric threat model using Microsoft's STRIDE process . We then describe an active general purpose programming system, NVIDIA's Compute Unified Device Architecture (CUDA) 1, and explore the threat space. We derive and describe previously-undisclosed memory protection and translation processes in CUDA, successfully mount several attacks on the CUDA system, and identify numerous directions for future work. Our CUBAR suite of tools, especially cudash (the CUDA Shell), form a solid platform for research to come.