Science

Microsoft introduces new secure firmware spec via the Open Compute Project

The Project Olympus specification is now complete and being used in product designs by hardware vendors, Microsoft announced today.

The design was shepherded as an "open source" hardware project under the auspices of the Open Compute Project (OCP), an industry coalition dedicated to fostering open datacenter technologies. Previous open source data center hardware efforts consisted of companies like Facebook and Microsoft open sourcing complete custom hardware specs, not actually having hardware designed the way a lot of open source software gets created.

According to Microsoft in 2016, "the hardware (of Project Olympus) focuses on modularity, cost and power efficiency, and global data centre interoperability". Cavium processors and solutions are supported by an extensive ecosystem of operating systems, tools, application stacks, hardware reference designs and other products.

Kushagra Vaid, general manager of Azure hardware infrastructure at Microsoft, said Project Cerberus "provides a critical component for security protection that to date has been missing from server hardware-protection, detection and recovery from attacks on platform firmware", in a November 8 announcement. Microsoft is already using it for Azure deployments.

Project Olympus hardware is now deployed in volume production with the Fv2 virtual machine (VM) family.

The Project Cerberus specifications are still being drafted, so it's not clear when it will be available, although Vaid notes that Microsoft plans to open source the specs once they are complete. Additionally, Redmond announced that commercial offerings based on the Olympus designs are now offered through Wiwynn and ZT Systems, with more providers on the way.

Microsoft unveiled its latest open hardware project called Project Cerberus, which is aimed at helping organizations harden their cloud environments against cyber-attacks, at the Zettastructure conference in London.

Microsoft meanwhile has also turned its attention to platform security with "Project Cerberus".

We're also entering the next phase of Project Olympus with the introduction of Project Cerberus - a new open sourced industry standard for platform security which will be collaboratively developed with the OCP community in a manner similar to the hardware design. If an attacker, whether it's someone from inside the business or someone hacking in from the outside, can access and then take control of the firmware of a server, they can then burrow deep into the data center itself, gaining access to nearly any data within the cloud infrastructure.

Cerberus therefore "provides a hardware root of trust for firmware on the motherboard (UEFI BIOS, BMC, Options ROMs) as well as on peripheral I/O devices by enforcing strict access control and integrity verification from pre-boot and continuing to runtime".

The software giant said the new chip and associated hardware will be able to protect firmware from some of the most risky threats around, including "malicious insiders", who are often employees that have administrative privileges or access to hardware, and hackers and malware that exploit bugs in operating systems, applications and hypervisors.

"Just as with the Project Olympus open source model, we anticipate that contributing Project Cerberus specifications will enable robust participation from the OCP ecosystem for community development amongst industry participants, and this open collaboration will lead to a more secure model for platform security which will benefit the industry", concluded Vaid.



Like this

Latest


09 November 2017
1 dead in shooting on I-95 ramp in Providence
Media reports that multiple shots were heard fired in the vicinity of the Providence Place Mall near the city's downtown. When asked for more details, spokeswoman Laura Kirk said in an email "that's all the info we're giving out at this time".

09 November 2017
Golf R Performance Pack in the UK!
The Performance Pack upgrade for the Golf R costs £2,300 and is available only on cars fitted with the DSG gearbox. Specified as such, the R's price climbs from £33,995 as standard to just over £39,000.

09 November 2017
The Flagstar Bancorp Inc. (FBC) Given Average Recommendation of "Hold" by Brokerages
With 119,600 avg volume, 12 days are for Flagstar Bancorp New (NYSE:FBC)'s short sellers to cover FBC's short positions. For the most active stocks in the market, it is highly important to check the outstanding shares of the company.

09 November 2017
Varied Analyst Comments On Cypress Semiconductor Corporation (CY), Freeport-McMoRan Inc. (FCX)
ON is now overvalued by 5.66% relative to the average 1-year price target of $20.68 taken from a group of Wall Street Analysts. Renaissance Technology Limited Liability Company reported 511,442 shares. 793,254 are owned by Alliancebernstein Lp.

09 November 2017
Atlas Air reports 3Q loss
State of Alaska Department of Revenue grew its holdings in shares of Atlas Air Worldwide Holdings by 80.0% during the 2nd quarter. Also, EVP Adam Richard Kokas sold 5,000 shares of the company's stock in a transaction that occurred on Wednesday, August 30th.

09 November 2017
Baby orangutan at Busch Gardens
Busch Gardens Tampa Bay is welcoming its newest, three-pound addition to the park with an upcoming Facebook contest. It's expected to make its public debut soon in the Jungala area of the park.

09 November 2017
2 dead, 10 injured in Brooklyn apartment fire
Fire crews are battling flames at a three-story building located at 6709 11th Avenue near 67th Street in Dyker Heights. The Fire Marshal and NYPD Arson and Explosion Square are working to determine the cause of the fire.

09 November 2017
Acid victim spelt 'attacker's' name by pointing at letters with tongue
Dr White said as they passed the door, she looked in and saw "a lady sitting on the sofa on her mobile phone appearing to talk. Wallace claimed he attacked her and threw the liquid at him, but she has since stated she thought it was water, not acid.

09 November 2017
Trending Stock Analysis: Flotek Industries Inc. (FTK)
During current year the company's forecasts over growth are -41.2% while for the next year analysts' growth estimation is 580%. Year to date (YTD) refers to the period beginning the first day of the current calendar or fiscal year up to the current date.

09 November 2017
HPCL Q2 net profit up by 147 pc to Rs 1735 cr
The refineries at Mumbai and Visakh processed 4.64 MT of crude during July to September this year, compared to 4.05 MT last year. Profit before tax of the company came in at Rs 2,588.20 crore in Q2FY18 over Rs 1,075.45 crore in Q2FY17.



Recommended