Cloud Security: Integrating Trust into Every Chip

CaliptraThe hardware root of trust (RoT) provides a set of security properties that anchor the security of a system-on-a-chip (SOC), including CPUs, GPUs and SSDs, into the hardware. The RoT provides verifiable cryptographic assurances of the security configuration and workload protection mechanisms of an SOC, ensuring only trusted firmware can execute on the SOC. The industry has traditionally had inconsistency in the security properties supported by root of trust solutions, which in turn have been abstracted and augmented by RoT solutions on the motherboard separate from the SoC itself. However, emerging business models on the edge and higher levels of confidentiality in the cloud create new demands for higher levels of consistency for interoperability and transparency for security assurance.

Confidential computing is raising the bar on security, requiring each individual chip at an SOC or package level to prove it’s trustworthy. Industry leaders have come together as part of the Open Compute Project (OCP) Community to define and introduce Caliptra, a re-usable silicon level IP block for integration into future SOCs, such as CPUs, GPUs, and SSDs. The OCP Foundation is pleased to provide a collaborative framework where AMD, Google, Microsoft, and NVIDIA came together to define a scalable and standards-based solution for the benefit of the entire industry.

"Today marks a major step forward in industry-wide collaboration on security with the release of Caliptra 0.5 specifications by OCP, and availability of Caliptra 0.5 RTL through the CHIPS Alliance. AMD will continue to be an active participant in Caliptra and the Open Compute Project in support of our customers and partners across the ecosystem." Mark Papermaster, CTO and Executive Vice President, Technology and Engineering, AMD

"Open ecosystems and projects are foundational to Google’s business and have been since day one," said Partha Ranganathan, Vice President and Engineering Fellow at Google Cloud and OCP Board Member. "With Caliptra, we are bringing the velocity of open source development to infrastructure security enabling the Community to collectively harden a robust IP block that all of us can trust across a diverse set of silicon offerings." 

"There is a need for greater transparency and consistency of low-level hardware security. We are open-sourcing Caliptra with our partners to address these needs." Mark Russinovich, Chief Technology Officer and Technical Fellow, Microsoft Azure.

"Working with Caliptra, NVIDIA is tackling fundamental challenges in delivering secure, scalable and standardized security protocols across confidential devices," said Paul Chou, director of platform architecture and security at NVIDIA. "Addressing these challenges requires collaboration across the ecosystem for consistent and open solutions." 

The Caliptra 0.5 specification is available here for community feedback so that together we ensure the final standard will meet diverse needs based on use case. The team is also making available initial code for the industry to harden together into a trusted IP block that Community members can confidently integrate into silicon. Please join the Caliptra session on Thursday, October 20, at 10:20 am, in room SJCC - Concourse Level - 210DH at the OCP Global Summit at the San Jose Convention center, to learn more.

About the Open Compute Project Foundation

At the core of the Open Compute Project (OCP) Community are hyperscale data center operators and industry players, joined by telecom, colocation providers and enterprise IT users, working with vendors to develop and commercialize open innovations that, when embedded in product are deployed from the cloud to the edge. The OCP Foundation is responsible for fostering, serving and seeding the OCP Community to develop new open solutions that can meet the market and shape the future. In shaping the future, OCP will continue to invest in strategic initiatives that prepare the IT ecosystem for major changes, such as AI & ML, optics, sustainable data center solutions, advanced power management and cooling techniques, composable silicon and sustainability.  Learn more at