{"id":49110,"date":"2022-10-31T21:34:00","date_gmt":"2022-10-31T21:34:00","guid":{"rendered":"https:\/\/www.networkworld.com\/article\/3677869\/ocp-spec-for-silicon-security-could-help-reduce-vendor-lock-in.html#tk.rss_security"},"modified":"2022-10-31T21:34:00","modified_gmt":"2022-10-31T21:34:00","slug":"ocp-spec-for-silicon-security-could-help-reduce-vendor-lock-in","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/ocp-spec-for-silicon-security-could-help-reduce-vendor-lock-in\/","title":{"rendered":"OCP spec for silicon security could help reduce vendor lock-in"},"content":{"rendered":"
<\/div>\n

A new specification from the Open Compute Project could mean more choices for IT pros when it comes time to replace server cards.<\/p>\n

The spec defines a block of code that, when used in processors, establishes root of trust (RoT) boot security. Because the spec is open, any chip maker can use it, and it will provide interoperability with chips made by other chip makers that also use it. This can help eliminate being locked into a single vendor because of proprietary RoT code.<\/p>\n

By standardizing on OCP hardware, for example, it\u2019s possible to replace a bad smartNIC from one vendor with one from another vendor, says Bill Chen, general manager of server product management at Supermicro, an OCP member.<\/p>\n

\u201cThis will make it easier to change or upgrade to a new card, and because of that [OCP] standard you can purchase from all different vendors like Mellanox or Broadcom. You will have multiple options,\u201d he said.<\/p>\n

Vendors and service providers that have worked on the project, include AMD, Microsoft, Google, and Nvidia. Notably absent is Intel.<\/p>\n

The purpose of the spec,called Caliptra, is to provide consistent, verifiable cryptographic assurances of an ASIC\u2019s or SoC\u2019s security configuration across all participating vendors, and make it as a drop-in piece of IP.<\/p>\n