Data Centre


Microsoft, Intel cook kit to secure firmware in servers and beyond

Because everything has firmware and it survives reboots. PLUS: Redmond details HPE-killing cloud servers

By Simon Sharwood


Microsoft's revealed it is working with Intel on a “cryptographic microcontroller” to secure its cloud servers and the many firmware-using components within.

Redmond's named this effort “Project Cerberus” and says it is “a NIST 800-193 compliant hardware root of trust specifically designed to provide robust security for all platform firmware.”

An Architecture Overview (PDF) explains the problem Microsoft wants to address, namely that servers have “evolved from Central Processing Unit (CPU) being the core instruction execution endpoint, to a fabric of sophisticated devices optimized to accelerate workloads.” Many of those devices have firmware and “If these peripherals do not enforce firmware digital signature authentication, any unprotected firmware update interface could become an attack vector.”

Microsoft therefore feels that “if and when a baremetal system is provisioned or a cloud hardware system is repaved, one must ensure that the system is not compromised”, by making sure the firmware in its components is kosher.

Cerberus therefore “provides a hardware root of trust for firmware on the motherboard (UEFI BIOS, BMC, Options ROMs) as well as on peripheral I/O devices by enforcing strict access control and integrity verification from pre-boot and continuing to runtime.”

Microsoft says the project “consists of a cryptographic microcontroller running secure code which intercepts accesses from the host to flash over the SPI bus (where firmware is stored), so it can continuously measure and attest these accesses to ensure firmware integrity and hence protect against unauthorized access and malicious updates.” Apparently this allows “robust pre-boot, boot-time and runtime integrity for all the firmware components in the system.”

Interestingly, “The specification is CPU and I/O architecture agnostic and is intended to easily integrate into various vendor designs over time, thus enabling more secure firmware implementations on all platform types across the industry, ranging from datacenter to IoT devices.”

“The specification also supports hierarchical root of trust so that platform security can be extended to all I/O peripherals using the same architectural principles.”

Intel's helping Microsoft “to explore optimal implementation models for platform firmware security” and the pair have released a draft spec on the Open Compute Project's GitHub repository.

This draft covers “motherboard firmware (UEFI BIOS, BMC, Options ROMs) and the vision is to work with the OCP community to extend the specifications over time to cover all peripheral I/O components such as HDD, SSD, NIC, FPGA, GPU, etc.”

Microsoft's not alone in identifying this problem: in January 2017 Google revealed custom silicon in its cloud servers that “securely identify and authenticate legitimate Google devices at the hardware level.” Redmond's reveal of Cerberus appeared alongside news that it has new hyperscale servers of its own design working inside Azure. Dubbed “Project Olympus” and revealed in November 2016, the servers are powering Azure's Fv2 virtual machine family, Redmond's fastest cloudy VMs. Microsoft claims they “offer the fastest Intel Xeon Scalable processors in the public cloud” and are the first Redmond-designed servers deployed in Azure.

Which may well explain why HPE had to quit the cloud server market. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Microsoft adds nested virtualization to Azure

Inception fans can have fun with VMs-inside-VMs inside a cloud, all on Windows Server 2016

Nested virtualization comes to Google's cloud

Not just for Inception fans: This is how you cloudify tricky-to-migrate workloads

VMware preps NSX network virtualization for smaller customers

Q1 2019 beats expectations, full-year guidance raised

Analysts gawp at network function virtualization through rose-tinted specs

$4,500 report tells us its gonna be huge by, er, 2022. No, really

Cisco sells data virtualization unit to Tibco

Bought in 2013, disposed of in 2017 due to misalignment with 'long-term focus'

Still holding out on Windows 10? Microsoft tempts upgrade with virtual desktop to Azure

Ignite Still great pals with Citrix, but users will find the Windows 7 offer enticing

US Department of Defense to sling an estimated $3.17bn at Microsoft resellers

Cash to be splashed over 10 years on software sporting a Microsoft badge

Microsoft snaps up FSLogix to paint go-faster stripes on virtualized Office

Cash splashed for clever Cache

Developer plots server virtualization comeback for XenServer

Plans open source revival of XCP, to go places Citrix won’t

KVM plans big boosts to storage and nested virtualization

Project maintainer Paolo Bonzini details open source hypervisor's future directions