Microsoft has commenced the development of a hardware security chip that could protect its cloud servers and networking equipment against tampering.
Project Cerberus aims to create a module that would verify the integrity of essential software - like firmware and BIOS - at boot time, using cryptographic signatures. It sounds similar to Google’s Titan; but whereas Titan is wholly proprietary, Cerberus will rely on an open source development model - its draft specifications have been shared with the industry earlier today through the Open Compute Project.
The announcement was made by Kushagra Vaid, general manager of Azure Hardware Infrastructure at Microsoft, at the DCD Zettastructure conference in London.
The hound of Hades
With Project Cerberus, Microsoft wants to design a microcontroller that would reside either on the motherboard or on an expansion card and provide a ‘hardware root of trust’ - a cryptographic element that cannot be compromised.
This chip would verify software integrity before boot, at boot-time and continuously during operation. The specification is CPU-agnostic, and is intended for a wide variety of IT equipment, ranging from servers and switches to IoT devices.
According to a Microsoft blog post, Project Cerberus should be able to defend the hardware against:
- Malicious insiders with administrative privilege or access to hardware;
- Hackers and malware that exploit bugs in the operating system, application, or hypervisor;
- Supply chain attacks (manufacturing, assembly, in-transit);
- Compromised firmware binaries.
The development process builds upon the methodology established with Project Olympus - Microsoft’s effort to design a hyperscale server platform through the Open Compute Project. This means the company has release its blueprints before they are complete, hoping that the community will fill in the blanks and improve the design.
“We invite the entire industry to come and collaborate, and work on this secure specification that the industry can leverage through OCP,” Vaid said.