OCP-SAFE, a systematic hardware security appraisal framework

This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .

Introducing OCP-SAFE, a collaborative initiative to enable higher levels of security assurance.


When it comes to building the Microsoft Cloud, one of our top priorities is standardizing designs for various components of our datacenter infrastructure, such as systems, boards, and racks.  This standardization plays a crucial role in advancing progress and innovation within the computing industry. Microsoft has actively collaborated and made significant contributions to the Open Compute Project (OCP) community; a leading group focused on open-source hardware innovation. This year, we're thrilled to present some of our latest projects at the OCP Global Summit. We're also eager to share the lessons we've learned in our journey toward creating a more dependable, trustworthy, and sustainable cloud.


One of the areas where we've consistently concentrated our efforts is in establishing industry-wide standards for platform security. To delve deeper into our contributions in this domain, Mark Russinovich, CTO and Technical Fellow at Azure, and Bryan Kelly, Partner Architect for Azure Hardware Systems and Infrastructure, will provide further insights into Microsoft's recent security and reliability contributions to OCP. These contributions aim to set sustainable enhancements on building trust, integrity, and reliability in computing.


Today's data center infrastructure is composed of diverse processing devices like CPUs, GPUs, and FPGAs, along with various peripheral components including accelerators and storage devices. These devices often operate using software, firmware, or microcode, that can be located either internally within the device or externally on storage media.


Ensuring the security and reliability of the firmware releases and patches that these devices rely on is of utmost importance. This involves carefully managing the origin, code quality, and software supply chain of the firmware to provide a high level of security assurance.


Device manufacturers face a challenging task: meeting the distinct and sometimes overlapping security assurance demands of both Cloud Service Providers and their other device customers. To address these challenges, many data center providers have opted to enlist third-party experts to perform security audits on the firmware provided by device manufacturers.


Current Security Assessment Model



The primary goal of these security audits is to offer data center providers and end users independent assurances regarding the security practices of component providers. However, a drawback to this approach is that security assurances are typically limited to individual data center providers, essentially creating an exclusive group that receives these security assurances.


Microsoft and Google have teamed-up with the Open Compute Foundation to introduce the OCP Security Appraisal Framework Enablement, or OCP - SAFE for short. This framework has a clear mission: to standardize security requirements and facilitate compliance by integrating the role of Security Review Provider (SRP) into the process.  The SRP performs the appraisal and provides a signed statement of attestation to the quality of the component.


In essence, the security appraisal framework empowers hardware device manufacturers to continuously meet security assurance standards that are applicable across various market segments.  The framework enables manufacturers to decrease their time to market and expand their addressable market, whilst improving product quality and reliability. For end-users, OCP - SAFE breaks down the barriers to obtaining security assurance on hardware components. It achieves this by making concise short-form assessment results accessible to the entire community.


OCP - SAFE makes continuous assessments available to the community.




The concise short-form assessments from the SRP focus on: 1) provenance of the firmware code, 2) determining if it has been developed using secure development practices, and 3) using trusted methods for verifying the firmware is free from vulnerabilities.

Data center operators and device consumers can leverage these abbreviated and unredacted assessments to determine whether the devices and their firmware are suitable for deployment within their infrastructure environments. This reduces the need for additional in-house or third-party security code reviews and vulnerability assessments.


For Cloud Service Providers leading the charge in enhancing confidential computing, OCP - SAFE assessments offer an additional layer of security assurance for customers seeking elevated levels of security and trust in the hardware mechanisms protecting their workloads.  Combined with device attestation, OCP - SAFE removes trust in a single entity, as the SRP operates independently from device manufacturers and cloud operators.


Last year at Open Compute, Microsoft, alongside other leaders in confidential computing, introduced Project Caliptra , which provides a transparent silicon root of trust designed to attest to the integrity of Confidential Compute infrastructure.  Caliptra provides end-users with transparency and consistency of measurements within their Trusted Computing Base.  The assessments of the third-party Security Review Provider (SRP) complement this by providing security assurance to the measurements attested by Caliptra. 


OCP SAFE and Infrastructure Attestation.




Today's announcement brings news of several companies embracing OCP-SAFE SAFE.  AMD, a leader in Confidential Computing, and co-founder on Project Caliptra, have been pushing the boundaries on security and transparency.  AMD is one of the first companies to prototype publishing a short-form audit of their AMD Instinct™ MI300X GPU(s) product line.


In a similar vein, SK-Hynix, a key adopter of Project Caliptra and a prominent leader in storage solutions, has also made strides in the realm of transparency by publishing a short-form security audit for their PE9010 SSD product.


Even Caliptra itself, a fully open-source initiative encompassing both silicon and firmware, has undergone rigorous security assessments and adheres to the principles of OCP-SAFE.


During OCP Global Summit October 2023, Intel will perform a live demonstration of OCP-SAFE with end-to-end attestation of platform firmware, where security assurance on measured artifacts is provided by OCP-SAFE short-form audits.


Visit Open Compute Project for more information on OCP-SAFE.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.