Open Compute Project Releases Hardware Root of Trust Spec for Data Centers
Launched to help hyperscalers, the spec is expected to help smaller data center operators achieve hyperscaler-level security, too.
November 17, 2020
The Open Compute Project is adding chip security to the range of data center technologies covered by its open source specifications, developed largely for and by hyperscale cloud platforms. Kameleon and Xilinx, which is in the process of being acquired by AMD, are among the first chip makers on board.
Last week, OCP released version 1.0 of the OCP Root of Trust specification. It’s an attempt to protect devices against firmware attacks, Amr Ahmed, managing director at EY Consulting Services at Ernst & Young, said.
"Since the release of flash memory, all vendor development to the firmware is done in flash," he told DCK. "That made it more vulnerable… If firmware is sitting on flash, I can manipulate it."
The new specification requires that the firmware be authenticated when devices boot up, when they're updated, and when they recover, he said. "That is really an excellent concept."
That doesn't mean all chips will immediately become more secure. "For vendors, for the big companies, it will take time,” Ahmed said. “But the concept itself is definitely good and makes a lot of sense."
Other companies that have announced plans to support the new specification are Nuvia, a startup that designs Arm processors for data centers, chip interface company Rambus, and Aspeed Technology, a fabless chip manufacturer based in Taiwan.
It's part of a broader move to zero-trust computing, something data centers are increasingly looking to as a way to address security needs in today’s perimeter-less world.
The new specification is based on a NIST standard, specifically, NIST's Platform Firmware Resiliency Guidelines released in the spring of 2018.
"NIST has a lot of clout," said Ahmed. "When NIST pushes this guidance, organizations will take it seriously."
Not for Hyperscalers Alone
Today, hyperscalers have to build their own custom solutions to protect firmware.
"This problem has been known in the industry as a significant pain point and has been used by sophisticated and nation state attackers to gain control over their target systems," said Yigal Edery, VP of products at Kameleon Security, an Israeli semiconductor startup focusing on hardware-based cybersecurity.
Edery is also the editor of an OCP security threats document released on Monday, which includes contributions from Oracle, IBM, Broadcom, NCC and Intel.
But it's not just hyperscale data centers that are at risk and can benefit from the new Root of Trust specification. "We believe this is pivotal for enterprise data center security as well as for hyperscalers," he told DCK.
With the new standard, he said, the technology should become available for all data centers, including enterprise private clouds.
"Eventually, it will be available for any server out there, and even for PCs," he added.
That will allow smaller data center operators and enterprise data centers to have the same level of security that currently only hyperscalers can achieve, Edery said.
The Root of Trust specification protects against logical attacks and some physical attacks, he said.
"For example, with an OCP-compliant RoT in place, it is practically impossible to replace the firmware with a bootkit via a logical attack," he explained.
And at the physical level, it will protect against cases where attackers physically replace flash components.
"We see a lot of traction in the industry," Edery said. "Based on our conversations with various vendors, it is safe to bet that the next generation of data center equipment will need to have strong hardware security built in."
OCP is collaborating with other standardization bodies, he pointed out, including DMTF (formerly known as the Distributed Management Task Force) and the Trusted Computing Group.
One of the first compliant products is expected to become available next year, an OCP-compliant cyber protection chip for servers, data centers, and cloud computing. It's called the ProSPU and is the result of a collaboration between Kameleon and Xilinx.
Kameleon CEO Jorge Myszne said their chip goes beyond the basic specification by extending trust all the way up the stack.
Their approach "provides stronger isolation for the security agents, preventing the security mechanism itself from being attacked," he told DCK. It also makes hardware acceleration, encryption, and enhanced security available to app developers.
About the Author
You May Also Like