Security: Difference between revisions

From OpenCompute
Jump to navigation Jump to search
 
(231 intermediate revisions by 7 users not shown)
Line 1: Line 1:
[[File:OCP-security-v1-17a3x.png|right]]
==Welcome==
==Welcome==


Line 5: Line 6:
:This Project is open to the public and we want to welcome all those who would like to be involved.
:This Project is open to the public and we want to welcome all those who would like to be involved.


Disclaimer: Please do not submit any confidential information to the Project Community. All presentation materials, proposals, meeting minutes and/or supporting documents are published by OCP and are open to the public in accordance to OCP's Bylaws and IP Policy. This can be found on the [[http://www.opencompute.org/participate/legal-documents/ Legal Docs]] page.  If you have any questions please contact OCP.
Disclaimer: Please do not submit any confidential information to the Project Community. All presentation materials, proposals, meeting minutes and/or supporting documents are published by OCP and are open to the public in accordance to OCP's Bylaws and IP Policy. This can be found on the OCP [http://www.opencompute.org/about/ocp-policies/ OCP Policies] page.  If you have any questions please contact OCP.


:- [http://files.opencompute.org/oc/public.php?service=files&t=f8dd17084086d3fc7b3cc82c13160c31&downoad Charter]]
==Documents==


==Project Leads==
:- [https://146a55aca6f00848c565-a7635525d40ac1c70300198708936b4e.ssl.cf1.rackcdn.com/files/e1db398bce18523d1cbecd13cc60688c942a5d5c.pdf Charter]


:- [mailto:nate.klein@ocproject.net Nate Klein]  
:- [https://docs.google.com/spreadsheets/d/1o5Vx8QFfHX_AO9pNw5wEjVNeCQ516P55ef71dhz4f6M/edit#gid=0 Meeting Agenda]


:- [mailto:bryan.kelly@ocproject.net Bryan Kelly]
Works in Progress
 
::- [https://docs.google.com/document/d/1NaWTRfXgNTiRzp8EnsYKjudo3z2lrdDK0dPyqer0DgU/edit# Glossary]
 
::- [https://docs.google.com/document/d/13I-meE6BxiLB_c-Mjr3cLLK9S0SjuPuRjPfS9yTG6P8/edit Common Security Threats]
 
::- [https://docs.google.com/document/d/1Tea1Nfg9T5R7O-pVtorGhQ0UHQzCdMBMckT2hJfBKB8/edit Secure Update and Recovery DEPRECATED]
 
::- [https://docs.google.com/document/d/1I1eNJvB9oFjnD8oiEBRK5SGFGhKW8AqxrLOqBSzSYoQ/edit Attestation Scope]
 
:::- [https://docs.google.com/document/d/1fzBnA6N9vGYj--Mxit9Whp0TPPyGqgOyBlHdgCN9F_Q/edit Attestation of Systems and System Components]
 
:::- [https://docs.google.com/document/d/1DQGXpOEliExRPil4ozr8A50nibJpGAvAH1PW0uZRZrA/edit Attestation: Use Cases]
 
::- [https://docs.google.com/document/d/1Se1Dd-raIZhl_xV3MnECeuu_I0nF-keg4kqXyK4k4Wc/edit Secure Boot]
 
::- [https://docs.google.com/document/d/1Ge_w9i5A6YKG-7nlTp--JhZf6By7I9oB3oW_2_i7JbE/edit Recovery]
 
::- [https://docs.google.com/spreadsheets/d/1Tu42ZawQoaWqgqC5lY-PNdw48QsILyjI/edit#gid=1174137179 Security Checklist and Badges]
 
::- [https://docs.google.com/document/d/18dyizlg0betQTlad3nFY4jpXaG09QasQPVwCM572StY/edit?usp=sharing Management Interface Requirements]
 
::- [https://docs.google.com/document/d/1-bfAF86cEKcn1guF-Qj2C2HhMM2oJ2njNGdHxZeetR0/edit# Secure Platform Overview]
 
::- [https://docs.google.com/document/d/1oANhjvv_R7E5n8w1RroN8l8-0jdYlfdQDp_3RqGV66k/edit# Ownership Transfer]
 
::- [https://docs.google.com/document/d/17QAXfpEDlIvSbw0pFJ9wKeIBeBwIFkP4Z8SjhxyECAw/edit# Work Backlog & Prioritization]
 
 
Third Party Security Reviews
 
::- [https://drive.google.com/file/d/177hRzP05xE5OlvW7nuBH35SxaBSo1TRI/view?usp=share_link Firmware Security Review Framework (Draft)]
 
::- [https://drive.google.com/file/d/13XcR9QG0ZibR7dMs9TQTY7WnWyPs9oIB/view?usp=share_link NVMe Cloud SSD Specification Firmware Security Review Scope (Draft)]
 
::- [https://drive.google.com/file/d/18m0q3ZFZarYJzZ5lOuPShyBKIx6QfGVA/view?usp=share_link Firmware Security Audits (Slide Deck)]
 
 
OCP blogs and announcements
 
::- [https://www.opencompute.org/blog/ocp-security-announces-version-10-specs-for-root-of-trust Fall 2020 OCP Tech Week Blog Post]
 
::- [https://www.prnewswire.com/news-releases/ocp-announces-v1-0-of-security-requirements-documents-improving-security-and-trust-for-future-ocp-servers-with-hardware-root-of-trust-301169974.html Fall 2020 PR Newswire Announcement]
 
 
Reference
 
:- [https://drive.google.com/open?id=13LwglwJ3n9KA8Q5IzBNGjDwYN-TVAeYs Certificate Templates for DICE Attestation] (Intel) Presented 2019-04-30
 
:- [http://files.opencompute.org/oc/public.php?service=files&t=a436c2418eabd27679f770fbd8621d40&download SPIRAL Protocol Family] (Intel) Presented 2019-01-29
 
:- [http://files.opencompute.org/oc/public.php?service=files&t=ca33b44f612f8c09db827b610c4d1c54 SPIRAL Protocol Family] (Intel) Presented 2019-03-05
 
:- [https://drive.google.com/file/d/1q8sSnFtbRuSmYxyKHOLMNBJqLNekBsDL/view?usp=sharing Trusted Platform Module 2.0 Policy Authorization] (IBM) Presented 2020-08-18 by Ken Goldman
 
:- [https://github.com/opencomputeproject/Security/blob/master/SecureFirmwareDevelopmentBestPractices.md CSIS Firmware Development Best Practices]
 
:- [https://drive.google.com/file/d/1fC5c8dMvS95OzWMClDrIXe7FjYMHeqZF/view?usp=sharing Google Position on Attested Boot Logs] Presented 2021-02-23 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1098TOVfY8dnFyZHlWH_PUcueBs3f8jbI/view?usp=sharing Delivering Platform Integrity Without Universal Secure Boot] Presented 2021-03-23 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1t4DZztlFjQwQ2qBc6x6XTox3lvAIFlQN/view?usp=sharing Recovery Spec Overview] Presented 2021-03-30 by Bryan Kelly
 
:- [https://drive.google.com/file/d/1FIIGfvdCC3uIrn_2FsWQu4EHdxzL9K-Q/view?usp=sharing Ownership Transfer and State Management] Presented 2022-03-08 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1UETpYWAtUORr-IT-qblvCWfjWDeuaaoJ/view?usp=sharing OCP Crypto Discussion] Presented 2022-08-08 by Huijun Xie
 
:- [https://drive.google.com/file/d/1hVj0qxCsZGg3ZXR70asCPRKz8eBRDC13/view?usp=sharing System Ownership and Firmware with Multiple Signing Domains] Presented 2022-08-23 by Daniil Egranov
 
:- [https://drive.google.com/file/d/1iPwIzVb1lqpebZokxwSEI6YfXAg9hdFL/view?usp=sharing OCP Recovery Overview] Presented by Eric Spada
 
:- [https://drive.google.com/file/d/1URO4X6ZEIcbbisHZThuw8AFfWsXmGN0d/view?usp=sharing TCG DICE and DMTF SPDM Binding] Presented 2022-08-30 by Chandra Nelogal and Brett Henning
 
:- [https://drive.google.com/file/d/1lSeeYijn4K5Cnd4AaIIw-yP8C7tmgell/view?usp=sharing Intro to Hash-based Signatures] Presented 2022-09-13 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1yxlqAiNWvnX22aY-LX1L2kJBOnLRTC90/view?usp=sharing Attestation + TPM flows] Presented 2022-09-27 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1zxtgMlBrxhXieO9phLgriuAUJl-Duchj/view?usp=sharing Port Remediation] Presented 2022-10-11 by Thomas Koh
 
:- [https://drive.google.com/file/d/1GZTy8rEcpJhXZlkL8TZrUis2x3-wIWhs/view?usp=share_link Media Sanitization] Presented 2022-12-06 by Jonmichael Hands and Arie van der Hoeven
 
:- [https://drive.google.com/file/d/1t5WSUZKzYUBYWses22I-yc-vDDIvAUQb/view?usp=sharing Port Remediation Update] Presented 2022-12-13 by Thomas Koh and Colin Mitchell
 
:- [https://docs.google.com/presentation/d/1Z0A3y-VskBf0Kp71zQOK6B2BipoQUNx8AoR6NGpDeIQ/edit?usp=sharing OCP "Streaming" Boot] Presented 2023-01-10 by Varun Sampath and Bharat Pillilli
 
:- [https://drive.google.com/file/d/1mcn86zaEyk5kir-bb1R0MUm6XNG1oBaR/view?usp=share_link Attested Reset] Presented 2023-01-17 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1KIo0mwYQ9KmH13oqef4Oc2-emDH6WsJS/view?usp=share_link SBOMs] Presented 2023-02-14 by Bryan Kelly
 
:- [https://drive.google.com/file/d/1WCquWiaBlAsoInLwDX8NkMxnptVMBNuJ/view?usp=share_link Secure Manufacturing] Presented 2023-03-28 by Jeff Plank
 
:- [https://drive.google.com/file/d/1JE56f_DOJEhMVb_o6MW10DqshoAVWNov/view?usp=sharing 3P Firmware Audits] Presented 2023-04-12 by Eric Eilertson, Þórður Björnsson
 
:- [https://drive.google.com/file/d/1F6Dkx9dvnGz4UPHm1_Nqzm0pulvi-xib/view?usp=share_link 3P Audits] Presented 2023-05-16 by Alex Matrosov
 
:- [https://drive.google.com/file/d/1I04Fxi8P1XsvnMrTzkkUoMruFfqNBTM1/view?usp=sharing Requests to NIST regarding asymmetric key derivation] Presented 2023-06-06 by Jeff Andersen and Thomas Bowen
 
:- [https://drive.google.com/file/d/1Z8dQSqCr_iGOO8yT0PKW5PAnGHV3q_M6/view?usp=sharing Specification and Formal Verification of Attestation Mechanisms in Confidential Computing] Presented 2023-06-13 by Muhammad Usama Sardar
 
:- [https://drive.google.com/file/d/1_T6k_fCjz1njYeDJJfyh6PtRbhVB3w7H/view?usp=drive_link Request to NIST regarding HBS key export] Presented 2023-08-22 by Jeff Andersen
 
:- [https://drive.google.com/file/d/1og-YYG9zOutfcNVbMAwNP0z9nbZH-QmF/view?usp=sharing Device attestation 1] Presented 2024-01-09 by Roksana Mojarad
 
:- [https://drive.google.com/file/d/1vpxy3xso_T30DN1j53uA55s6wtSWfir6/view?usp=sharing Device attestation 2] Presented 2024-01-23 by Roksana Mojarad
 
:- [https://drive.google.com/file/d/1u4nE-DCs7KBWfRFf9fcJ_Oxmdd6kdUtd/view?usp=sharing Firmware attestation demo] Presented 2024-01-23 by Roksana Mojarad
 
==Approved Publications==
 
::- [https://www.opencompute.org/documents/common-security-threats-notes-1-pdf Common Security Threats v1.0 White Paper]
::- [https://www.opencompute.org/documents/secure-boot-2-pdf Secure Boot v1.0 White Paper]
::- [https://www.opencompute.org/documents/attestation-v1-0-20201104-pdf Attestation v1.0 White Paper]
::- [http://files.opencompute.org/oc/public.php?service=files&t=f4171bae8c7a32f05b0401378ee08483&download INFO, White Paper, Ownership and Control of Firmware in Open Compute Project Devices, IBM]
::- [https://www.opencompute.org/documents/ibm-white-paper-best-practices-for-firmware-code-signing INFO, White Paper, Best Practices for Firmware Code Signing, IBM]
 
==Project Leadership==
 
===IC Representative===
:- [mailto:andres.lagar-cavilla@ocproject.net Andres Lagar-Cavilla] (Google)
 
===Project Leads===
:- [mailto:OCP.Security-Lead1@ocproject.net Jeff Andersen] (Google)
 
:- [mailto:bryan.kelly@ocproject.net Bryan Kelly] (Microsoft)


==Get Involved==
==Get Involved==


:- [http://lists.opencompute.org/mailman/listinfo/opencompute-security Mailing List]
:- [https://ocp-all.groups.io/g/OCP-Security Mailing List]
 
==Past Events==
 
F2F Meeting at Facebook, October 8-9th, 2019
:- [https://docs.google.com/document/d/1pdIm7drr75HvZry7dzM2Ts-b8z-UuwhkjPIdrrPZROQ/edit Meeting Notes]
:- Recording coming soon


==Regular Project Calls==
==Regular Project Calls==


Registration URL: [https://attendee.gotowebinar.com/register/6288548291744629762]
This project meets weekly on Tuesdays at 9am PT (please check the call calendar).
Webinar ID: 444-595-163
 
:- [https://www.opencompute.org/projects/security Call Calendar]
:- [https://opencompute-org.zoom.us/j/85292919316?pwd=RGk1WkgxTlRVUEU5RWxsN2RJUWFMUT09 Call Link]
:- [https://docs.google.com/document/d/1VVMUzYESZNuyT1_YJlQSdSKBy-5t1otJIyXTbXuOoX4/edit Meeting Notes]


==Recordings from Past Calls==
==Recordings from Past Calls==
 
OCP Security Project Call
:- [https://opencompute-org.zoom.us/rec/play/PIcn56_293e9-9vB6gvLeIl065muYO0Kt1ekcl5J-X9Vu5txEoK6MbaJC9JF645F-uPn7NcaCc_5nBAb.xIJRjeswOVF7xot9?canPlayFromShare=true&from=share_recording_detail&continueMode=true&pwd=gnKdHWYkaHYQwlVzE9o2Ea3ch0WyFEz1&componentName=rec-play&originRequestUrl=https%3A%2F%2Fopencompute-org.zoom.us%2Frec%2Fshare%2FPegUBcsVY73gLQswfqXxXvqIyzzkocLM4S0KtCrTG3L4iAAOhz8croxKecemREFL.UzjmMMLIcDHLRr9w%3Fpwd%3DgnKdHWYkaHYQwlVzE9o2Ea3ch0WyFEz1 March 12, 2024]
:- [https://opencompute-org.zoom.us/rec/play/ZEoXjz4yoKLHjlapfuUSLWiMhIEuvwhxNqXswK8N0RZ1kzIreI5S_1wbdRyY0osMali5l-Zgy1EKB4s.oIevIpI8Ey9i3a1y?canPlayFromShare=true&from=share_recording_detail&continueMode=true&pwd=ZAsPcNe5FQtB56FUVAWbzwMHwb9sGzfI&componentName=rec-play&originRequestUrl=https%3A%2F%2Fopencompute-org.zoom.us%2Frec%2Fshare%2FaW-nkLm7CEubCFXz_2iqf4fBmqj8MFsGcG2pcj8wX4dZwv5xcvZDGMdTsfVLdlGl._C4ebpn_7EwO03Rh%3Fpwd%3DZAsPcNe5FQtB56FUVAWbzwMHwb9sGzfI March 5, 2024]
:- [https://www.youtube.com/watch?v=QqWqmLiT8SQ Feb 6, 2024]
:- [https://www.youtube.com/watch?v=2O7SpFGLB9k Jan 30, 2024]
:- [https://www.youtube.com/watch?v=8nVGgKYbHMg Jan 23, 2024]
:- [https://www.youtube.com/watch?v=UfEYUby2zYo Jan 9, 2024]
:- [https://www.youtube.com/watch?v=wpuabUu8CVE Dec 5, 2023]
:- [https://www.youtube.com/watch?v=NfMTZ3sTsCw Nov 28, 2023]
:- [https://www.youtube.com/watch?v=kEg7g_YFpPs Nov 14 2023]
:- [https://www.youtube.com/watch?v=jBnc0grxKAQ Oct 31, 2023]
:- [https://www.youtube.com/watch?v=kJss3CnI9_8 September 12, 2023]
:- [https://www.youtube.com/watch?v=oUQNfP7NfRY August 29, 2023]
:- [https://www.youtube.com/watch?v=fv05QtP0UhM August 22, 2023]
:- [https://www.youtube.com/watch?v=ic1wDq416Mc August 15, 2023]
:- [https://www.youtube.com/watch?v=upGMu4vAF2M August 1, 2023]
:- [https://www.youtube.com/watch?v=KvQievXmZkA July 25, 2023]
:- [https://www.youtube.com/watch?v=vLqXiZSMyng July 18, 2023]
:- [https://www.youtube.com/watch?v=EvYXCvfH3vA July 11, 2023]
:- [https://www.youtube.com/watch?v=hcZ-O4odmxc June 20, 2023]
:- [https://www.youtube.com/watch?v=5WXPcGKxlYc June 13, 2023]
:- [https://www.youtube.com/watch?v=kiB3jDBUpRA June 6, 2023]
:- [https://www.youtube.com/watch?v=N0P-CLI3VD8 May 16, 2023]
:- [https://www.youtube.com/watch?v=oc4AXtx82AY May 9, 2023]
:- [https://www.youtube.com/watch?v=pKSFYjsIPQ0 May 2, 2023]
:- [https://www.youtube.com/watch?v=hLcop4xEcyw April 11, 2023]
:- [https://www.youtube.com/watch?v=JQfJo-50Rd8 March 28th, 2023]
:- [https://www.youtube.com/watch?v=dD7Yojz1qOI March 21, 2023]
:- [https://www.youtube.com/watch?v=wQpu2ZnJkAE February 28, 2023]
:- [https://www.youtube.com/watch?v=NFk09xwzRu8 February 14, 2023]
:- [https://www.youtube.com/watch?v=LuXkt4MEfLk January 31, 2023]
:- [https://www.youtube.com/watch?v=9AooIeS0m9U January 17, 2023]
:- [https://www.youtube.com/watch?v=nwD7bLssH8U January 10, 2023]
:- [https://www.youtube.com/watch?v=dOglaXDWYGs December 13th, 2022]
:- [https://www.youtube.com/watch?v=1wbEDfkgWqc December 6th, 2022]
:- [https://www.youtube.com/watch?v=cxUrEHheTXM November 29th, 2022]
:- November 15th, 2022 - No Recording
:- November 1st, 2022 - No Recording
:- [https://www.youtube.com/watch?v=woUQuPTzcxc October 11th, 2022]
:- [https://www.youtube.com/watch?v=v94hkpQ8104 October 4th, 2022]
:- [https://www.youtube.com/watch?v=g0aS4aWte28 September 27th, 2022]
:- [https://www.youtube.com/watch?v=lZ1PnJml1CY September 13th, 2022]
:- [https://www.youtube.com/watch?v=LzIHVkWcchM September 6th, 2022]
:- [https://www.youtube.com/watch?v=66pYmsaaCJo August 30th, 2022]
:- [https://www.youtube.com/watch?v=NOCDRkVErv4 August 23rd, 2022]
:- [https://www.youtube.com/watch?v=2lqz4cFUCFo August 9th, 2022]
:- [https://www.youtube.com/watch?v=XZ9yARreUt4 August 2nd, 2022]
:- [https://www.youtube.com/watch?v=KG-HU52I7gU July 26th, 2022]
:- [https://www.youtube.com/watch?v=5SejykeQauU July 12th, 2022]
:- [https://www.youtube.com/watch?v=S3YjOWY_Ljc June 28th, 2022]
:- [https://www.youtube.com/watch?v=peyF1slSreQ June 21st, 2022]
:- [https://www.youtube.com/watch?v=G_bChr7cj1o June 14th, 2022]
:- [https://www.youtube.com/watch?v=jlPlElUcx9g June 7th, 2022]
:- Call Cancelled
:- [https://www.youtube.com/watch?v=MR4r5Td7E54 May 17th, 2022]
:- [https://www.youtube.com/watch?v=ygmaTc6n078 May 10th, 2022]
:- [https://www.opencompute.org/events/past-events/ocp-tech-talk-series-security May 3rd, 2022 Security Project Tech Talk]
:- April 26th, 2022 Call Not Recorded
:- [https://www.youtube.com/watch?v=5sgW6qIw4xg April 19th, 2022]
:- [https://www.youtube.com/watch?v=XHvx_ksWNVQ April 12th, 2022]
:- [https://www.youtube.com/watch?v=vdMk1UvyA1g April 5th, 2022]
:- [https://www.youtube.com/watch?v=gKFWcX8jVf8 March 29th, 2022]
:- March 22nd, 2022 Call Not Recorded
:- [https://www.youtube.com/watch?v=s9uei_7gLOM March 15th, 2022]
:- [https://www.youtube.com/watch?v=nq5ZJTE_QPk March 8th, 2022]
:- [https://www.youtube.com/watch?v=D6PLcvsmvOA February 22nd, 2022]
:- [https://www.youtube.com/watch?v=JHGHDR1iS0E February 15th, 2022]
:- [https://www.youtube.com/watch?v=Tlf4lEU36LU February 8th, 2022]
:- [https://www.youtube.com/watch?v=E1Mzy8lSxa8 February 1st, 2022]
:- [https://www.youtube.com/watch?v=675cQUF1trI January 25th, 2022]
:- [https://www.youtube.com/watch?v=v3Ih8EOyxeU January 11th, 2022]
:- [https://www.youtube.com/watch?v=P_dQwTZC0Mo December 14th, 2021]
:- [https://www.youtube.com/watch?v=1HpZ5r9KJmE December 7th, 2021]
:- [https://www.youtube.com/watch?v=ha7I1Ch51qo November 16th, 2021]
:- [https://www.youtube.com/watch?v=gih6sfX-PWE September 28th, 2021]
:- [https://www.youtube.com/watch?v=GTVmvLGoJXI September 21st, 2021]
:- [https://www.youtube.com/watch?v=G8Y5lO-BKwA September 14th, 2021]
:- [https://www.youtube.com/watch?v=effKwMAh_r4 August 10th, 2021]
:- [https://www.youtube.com/watch?v=X1qfSoKnTWs August 3rd, 2021]
:- [https://www.youtube.com/watch?v=xwBoXJWa1i8 July 27th, 2021]
:- [https://www.youtube.com/watch?v=JW2k43i0eWc July 20th, 2021]
:- [https://www.youtube.com/watch?v=Zg0EcFmphrE July 13th, 2021]
:- [https://www.youtube.com/watch?v=WGNjMawjr8M June 29th, 2021]
:- [https://www.youtube.com/watch?v=4H-y4CAXPdU June 22nd, 2021]
:- [https://www.youtube.com/watch?v=4OOVMbm6uAI June 15th, 2021]
:- [https://www.youtube.com/watch?v=8MAhAykZ5cs June 8th, 2021]
:- [https://www.youtube.com/watch?v=Z_QX9Y2s9P4 June 1st, 2021]
:- [https://www.youtube.com/watch?v=LWg4NIOkqOI May 25th, 2021]
:- [https://www.youtube.com/watch?v=wQo6IiK1M1I May 18th, 2021]
:- [https://www.youtube.com/watch?v=Q77IvLzDj2E May 11th, 2021]
:- [https://www.youtube.com/watch?v=M6cid7COeeg April 27th, 2021]
:- [https://www.youtube.com/watch?v=f2uBU4Dj2Mw April 20th, 2021]
:- [https://www.youtube.com/watch?v=yjwsy6OjKT0 April 13th, 2021]
:- [https://www.youtube.com/watch?v=6zu0_ioDMyE April 6th, 2021]
:- [https://www.youtube.com/watch?v=vF0c0j-PT0k March 30th, 2021]
:- [https://www.youtube.com/watch?v=O1V3B2jU5TI March 23rd, 2021]
:- [https://www.youtube.com/watch?v=LU4LI9TLJNQ March 16th, 2021]
:- [https://www.youtube.com/watch?v=dl06fR5yIZY March 2nd, 2021]
:- [https://www.youtube.com/watch?v=6cU12vdrM2Q February 23rd, 2021]
:- [https://www.youtube.com/watch?v=qZTPObaagao February 16th, 2021]
:- [https://www.youtube.com/watch?v=6eJqBQiJUkc February 9th, 2021]
:- [https://www.youtube.com/watch?v=7TzAGcV6X8k February 2nd, 2021]
:- [https://www.youtube.com/watch?v=BLyOdJxhRGU January 26th, 2021]
:- [https://www.youtube.com/watch?v=c1hG52usLF4 January 19th, 2021]
:- [https://www.youtube.com/watch?v=cSo_4BP7gFo January 12th, 2021]
:- [https://www.youtube.com/watch?v=Xx176MGBr2A December 8th, 2020]
:- [https://www.youtube.com/watch?v=UiKjJ3ksJ3E November 3rd, 2020]
:- [https://www.youtube.com/watch?v=qzBK50yngEo October 27th, 2020]
:- [https://www.youtube.com/watch?v=ePE3e1eGoj4 October 20th, 2020]
:- [https://www.youtube.com/watch?v=tgCf9aPCuzQ October 13th, 2020]
:- [https://www.youtube.com/watch?v=kAsDr49AEc0 October 6th, 2020]
:- [https://www.youtube.com/watch?v=VDZf2J6T9LQ September 22nd, 2020]
:- [https://www.youtube.com/watch?v=Yejvc0LWUl0 September 15th, 2020]
:- [https://www.youtube.com/watch?v=WH9kBfDp6Yo September 8th, 2020]
:- [https://www.youtube.com/watch?v=lwNSrUE7xWI September 1st, 2020]
:- [https://www.youtube.com/watch?v=Tyu6SRWqvdo August 25th, 2020]
:- [https://www.youtube.com/watch?v=Eq1Vo_vycuQ August 18th, 2020]
:- [https://www.youtube.com/watch?v=RoK6yL4mag0 August 11th, 2020]
:- [https://www.youtube.com/watch?v=jR9yKYTDgVE July 28th, 2020]
:- [https://www.youtube.com/watch?v=szPKyB0qqJM July 21st, 2020]
:- [https://www.youtube.com/watch?v=Jfx4EYslwc8 July 14th, 2020]
:- [https://www.youtube.com/watch?v=TbEPgi3rxc0 July 7th, 2020]
:- [https://www.youtube.com/watch?v=cz2XPx0yqco June 23rd, 2020]
:- [https://www.youtube.com/watch?v=Rdf4xQuPgh8 June 16th, 2020]
:- [https://www.youtube.com/watch?v=T2RKKvyVaP4&feature=youtu.be June 2nd, 2020]
:- [https://www.youtube.com/watch?v=2BvBu_HREE8&feature=youtu.be May 26th, 2020]
:- [https://www.youtube.com/watch?v=3MWnIn4yt_4&feature=youtu.be May 19th, 2020]
:- [https://www.youtube.com/watch?v=Vkayga62o5c&feature=youtu.be May 5th, 2020]
:- [https://www.youtube.com/watch?v=rNd4HtoCmz4&feature=youtu.be April 28th, 2020]
:- [https://www.youtube.com/watch?v=RgiePwvNdNg&feature=youtu.be April 21st, 2020]
:- [https://www.youtube.com/watch?v=Tj-_Ky_Y8M0&feature=youtu.be April 14th, 2020]
:- [https://www.youtube.com/watch?v=1sJmH5lgZPo&feature=youtu.be March 24th, 2020]
:- [https://www.youtube.com/watch?v=im6Ty3Tac4o&feature=youtu.be March 10th, 2020]
:- [https://www.youtube.com/watch?v=z24f-3zbqnI&feature=youtu.be February 11th, 2020]
:- [https://www.youtube.com/watch?v=LM_jN3s7rKM&feature=youtu.be February 4th, 2020]
:- [https://www.youtube.com/watch?v=gqG0wVv41gY&feature=youtu.be January 7th, 2019]
:- [https://www.youtube.com/watch?v=8Ok9OAID3ik&feature=youtu.be December 17th, 2019]
:- [https://www.youtube.com/watch?v=2VuoffCklfo&feature=youtu.be November 12th, 2019]
:- [https://www.youtube.com/watch?v=Ol8bzwD-lUE&feature=youtu.be October 15th, 2019]
:- [https://www.youtube.com/watch?v=M68vyQrgM3w&feature=youtu.be September 3rd, 2019]
:- [https://www.youtube.com/watch?v=w4si5tYTT1A&feature=youtu.be August 27th, 2019]
:- [https://www.youtube.com/watch?v=HlJLR0xn4UE&feature=youtu.be August 20th, 2019]
:- [https://www.youtube.com/watch?v=LhGeaCL943I&feature=youtu.be August 13th, 2019]
:- [https://www.youtube.com/watch?v=4GUiorf-YCo&feature=youtu.be July 30th, 2019]
:- [https://www.youtube.com/watch?v=hSSmlx1Nm5I&feature=youtu.be July 23rd, 2019]
:- [https://www.youtube.com/watch?v=EEgkoMGcPiU&feature=youtu.be July 16th, 2019]
:- [https://www.youtube.com/watch?v=3UN798XFrUY&feature=youtu.be July 9th, 2019]
:- [https://www.youtube.com/watch?v=jGNcWCH-0rE&feature=youtu.be June 18th, 2019]
:- [https://www.youtube.com/watch?v=DLfkA4pRw2Q&feature=youtu.be May 28th, 2019]
:- [https://www.youtube.com/watch?v=0zZeF4uSk-M&feature=youtu.be May 14th, 2019]
:- [https://www.youtube.com/watch?v=_vh0Fk8DBUA&feature=youtu.be May 7th, 2019]
:- [https://www.youtube.com/watch?v=Ck0Qv33hYdE&feature=youtu.be April 30th, 2019]
:- [https://www.youtube.com/watch?v=y3A8-1ET_Ms&feature=youtu.be April 23rd, 2019]
:- [https://www.youtube.com/watch?v=z3ITiHlYyJU&feature=youtu.be April 16th, 2019]
:- [https://www.youtube.com/watch?v=aNCD-YNVTR4&feature=youtu.be Apr 9th, 2019]
:- [https://www.youtube.com/watch?v=at2Kq2x5luM&feature=youtu.be Apr 2nd, 2019]
:- [https://www.youtube.com/watch?v=Kvdr_SzN2Nc&feature=youtu.be Mar 26th, 2019]
:- [https://www.youtube.com/watch?v=1fhxXMMs9Zk&feature=youtu.be Mar 19th, 2019]
:- [https://www.youtube.com/watch?v=uQ52ObekdXY&feature=youtu.be Mar 5th, 2019]
:- [https://www.youtube.com/watch?v=1BqV1NBzhZc&feature=youtu.be Feb 26th, 2019]
:- [https://www.youtube.com/watch?v=w2-60OLnX-k&feature=youtu.be Feb 19th, 2019]
:- [https://www.youtube.com/watch?v=pWVeaMaWVl0&feature=youtu.be Feb 12th, 2019]
:- [https://www.youtube.com/watch?v=4vQ8rICw5mI&feature=youtu.be Feb 5th, 2019]
:- [https://www.youtube.com/watch?v=dKbtjJlXYKY&feature=youtu.be Jan 29th, 2019]
:- [https://www.youtube.com/watch?v=7WfkKN5yV34&feature=youtu.be Jan 22nd, 2019]
:- [https://www.youtube.com/watch?v=TI4aHvWLc4w&feature=youtu.be Jan 15th, 2019]
:- [https://www.youtube.com/watch?v=XyJKEDu8cjo&feature=youtu.be Jan 8th, 2019]
:- [https://www.youtube.com/watch?v=See1djFaW3I&feature=youtu.be Dec 18th, 2018]
:- [https://www.youtube.com/watch?v=DSo_SM2MUT8&feature=youtu.be Dec 11th, 2018]
:- [https://www.youtube.com/watch?v=52YlwXUdp5k&feature=youtu.be Dec 4th, 2018]
:- [https://www.youtube.com/watch?v=UrDAbJBHzq0&feature=youtu.be Nov 27th, 2018]
:- [https://www.youtube.com/watch?v=8jxBB1NemNE&feature=youtu.be Nov 13th, 2018]
:- [https://www.youtube.com/watch?v=k32q6Qv96q4&feature=youtu.be Nov 6th, 2018]
:- [https://www.youtube.com/watch?v=KoRenm2G_rM&feature=youtu.be Oct 16th, 2018]
:- [https://www.youtube.com/watch?v=ylZJ_AHOjV8&feature=youtu.be Oct 9th, 2018]
:- [https://www.youtube.com/watch?v=thl-5pY11Bg&feature=youtu.be Sep 25th, 2018]
:- [https://www.youtube.com/watch?v=PsB0cuqXzkY&feature=youtu.be Sep 11th, 2018]
:- [https://www.youtube.com/watch?v=3I2ldWKCLr0&feature=youtu.be Sep 4th, 2018]
:- [https://www.youtube.com/watch?v=jRZcZiv3mJk&feature=youtu.be Aug 21st, 2018]
:- [https://www.youtube.com/watch?v=JIckrFRAfzU&feature=youtu.be Aug 7th, 2018]
:- [https://www.youtube.com/watch?v=BJjO99PVgZ0&feature=youtu.be Jul 24th, 2018]
:- [https://www.youtube.com/watch?v=wDrboKyKiFw&feature=youtu.be Jul 17th, 2018]
:- [https://www.youtube.com/watch?v=UVAWGNQ965g&feature=youtu.be Jun 19th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=b549870fbb0a46be1269e8b5f27b8049 Jun 5th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=2f445f60e42f4aee28b490b84f9898df May 29, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=710ea264101131f35033df1fe77c3b3c May 1st, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=16101539e889f2880f04d9234357c2a5 Apr 24th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=28f1715334fb1b176849ef7bd359ca15 Apr 3rd, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=58be128cde0d7b60870d18872e2c810e Mar 27th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=9fb458813a87c0dd0464550258b54297 Mar 13th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=487721146cb9bb856a5592f9b22adfc4 Mar 6th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=a8f3c7470d6f928f998793d3ed904a77 Feb 27th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=3057a4436d55cc2a1c9ba51989e8d903 Feb 20th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=ae43c3c6a9795f045ba4cee152d30d59 Feb 13th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=c38b4b5ad3f776b5bad5e6e932dd444f Feb 6th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=c38b4b5ad3f776b5bad5e6e932dd444f Feb 6th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=f850f89c21e8f5c531b36b8f311b444d Jan 30th, 2018]
:- [http://files.opencompute.org/oc/public.php?service=files&t=f850f89c21e8f5c531b36b8f311b444d Jan 30th, 2018]

Latest revision as of 17:41, 12 March 2024

OCP-security-v1-17a3x.png

Welcome[edit]

OCP Security Project
This Project is open to the public and we want to welcome all those who would like to be involved.

Disclaimer: Please do not submit any confidential information to the Project Community. All presentation materials, proposals, meeting minutes and/or supporting documents are published by OCP and are open to the public in accordance to OCP's Bylaws and IP Policy. This can be found on the OCP OCP Policies page. If you have any questions please contact OCP.

Documents[edit]

- Charter
- Meeting Agenda

Works in Progress

- Glossary
- Common Security Threats
- Secure Update and Recovery DEPRECATED
- Attestation Scope
- Attestation of Systems and System Components
- Attestation: Use Cases
- Secure Boot
- Recovery
- Security Checklist and Badges
- Management Interface Requirements
- Secure Platform Overview
- Ownership Transfer
- Work Backlog & Prioritization


Third Party Security Reviews

- Firmware Security Review Framework (Draft)
- NVMe Cloud SSD Specification Firmware Security Review Scope (Draft)
- Firmware Security Audits (Slide Deck)


OCP blogs and announcements

- Fall 2020 OCP Tech Week Blog Post
- Fall 2020 PR Newswire Announcement


Reference

- Certificate Templates for DICE Attestation (Intel) Presented 2019-04-30
- SPIRAL Protocol Family (Intel) Presented 2019-01-29
- SPIRAL Protocol Family (Intel) Presented 2019-03-05
- Trusted Platform Module 2.0 Policy Authorization (IBM) Presented 2020-08-18 by Ken Goldman
- CSIS Firmware Development Best Practices
- Google Position on Attested Boot Logs Presented 2021-02-23 by Jeff Andersen
- Delivering Platform Integrity Without Universal Secure Boot Presented 2021-03-23 by Jeff Andersen
- Recovery Spec Overview Presented 2021-03-30 by Bryan Kelly
- Ownership Transfer and State Management Presented 2022-03-08 by Jeff Andersen
- OCP Crypto Discussion Presented 2022-08-08 by Huijun Xie
- System Ownership and Firmware with Multiple Signing Domains Presented 2022-08-23 by Daniil Egranov
- OCP Recovery Overview Presented by Eric Spada
- TCG DICE and DMTF SPDM Binding Presented 2022-08-30 by Chandra Nelogal and Brett Henning
- Intro to Hash-based Signatures Presented 2022-09-13 by Jeff Andersen
- Attestation + TPM flows Presented 2022-09-27 by Jeff Andersen
- Port Remediation Presented 2022-10-11 by Thomas Koh
- Media Sanitization Presented 2022-12-06 by Jonmichael Hands and Arie van der Hoeven
- Port Remediation Update Presented 2022-12-13 by Thomas Koh and Colin Mitchell
- OCP "Streaming" Boot Presented 2023-01-10 by Varun Sampath and Bharat Pillilli
- Attested Reset Presented 2023-01-17 by Jeff Andersen
- SBOMs Presented 2023-02-14 by Bryan Kelly
- Secure Manufacturing Presented 2023-03-28 by Jeff Plank
- 3P Firmware Audits Presented 2023-04-12 by Eric Eilertson, Þórður Björnsson
- 3P Audits Presented 2023-05-16 by Alex Matrosov
- Requests to NIST regarding asymmetric key derivation Presented 2023-06-06 by Jeff Andersen and Thomas Bowen
- Specification and Formal Verification of Attestation Mechanisms in Confidential Computing Presented 2023-06-13 by Muhammad Usama Sardar
- Request to NIST regarding HBS key export Presented 2023-08-22 by Jeff Andersen
- Device attestation 1 Presented 2024-01-09 by Roksana Mojarad
- Device attestation 2 Presented 2024-01-23 by Roksana Mojarad
- Firmware attestation demo Presented 2024-01-23 by Roksana Mojarad

Approved Publications[edit]

- Common Security Threats v1.0 White Paper
- Secure Boot v1.0 White Paper
- Attestation v1.0 White Paper
- INFO, White Paper, Ownership and Control of Firmware in Open Compute Project Devices, IBM
- INFO, White Paper, Best Practices for Firmware Code Signing, IBM

Project Leadership[edit]

IC Representative[edit]

- Andres Lagar-Cavilla (Google)

Project Leads[edit]

- Jeff Andersen (Google)
- Bryan Kelly (Microsoft)

Get Involved[edit]

- Mailing List

Past Events[edit]

F2F Meeting at Facebook, October 8-9th, 2019

- Meeting Notes
- Recording coming soon

Regular Project Calls[edit]

This project meets weekly on Tuesdays at 9am PT (please check the call calendar).

- Call Calendar
- Call Link
- Meeting Notes

Recordings from Past Calls[edit]

OCP Security Project Call

- March 12, 2024
- March 5, 2024
- Feb 6, 2024
- Jan 30, 2024
- Jan 23, 2024
- Jan 9, 2024
- Dec 5, 2023
- Nov 28, 2023
- Nov 14 2023
- Oct 31, 2023
- September 12, 2023
- August 29, 2023
- August 22, 2023
- August 15, 2023
- August 1, 2023
- July 25, 2023
- July 18, 2023
- July 11, 2023
- June 20, 2023
- June 13, 2023
- June 6, 2023
- May 16, 2023
- May 9, 2023
- May 2, 2023
- April 11, 2023
- March 28th, 2023
- March 21, 2023
- February 28, 2023
- February 14, 2023
- January 31, 2023
- January 17, 2023
- January 10, 2023
- December 13th, 2022
- December 6th, 2022
- November 29th, 2022
- November 15th, 2022 - No Recording
- November 1st, 2022 - No Recording
- October 11th, 2022
- October 4th, 2022
- September 27th, 2022
- September 13th, 2022
- September 6th, 2022
- August 30th, 2022
- August 23rd, 2022
- August 9th, 2022
- August 2nd, 2022
- July 26th, 2022
- July 12th, 2022
- June 28th, 2022
- June 21st, 2022
- June 14th, 2022
- June 7th, 2022
- Call Cancelled
- May 17th, 2022
- May 10th, 2022
- May 3rd, 2022 Security Project Tech Talk
- April 26th, 2022 Call Not Recorded
- April 19th, 2022
- April 12th, 2022
- April 5th, 2022
- March 29th, 2022
- March 22nd, 2022 Call Not Recorded
- March 15th, 2022
- March 8th, 2022
- February 22nd, 2022
- February 15th, 2022
- February 8th, 2022
- February 1st, 2022
- January 25th, 2022
- January 11th, 2022
- December 14th, 2021
- December 7th, 2021
- November 16th, 2021
- September 28th, 2021
- September 21st, 2021
- September 14th, 2021
- August 10th, 2021
- August 3rd, 2021
- July 27th, 2021
- July 20th, 2021
- July 13th, 2021
- June 29th, 2021
- June 22nd, 2021
- June 15th, 2021
- June 8th, 2021
- June 1st, 2021
- May 25th, 2021
- May 18th, 2021
- May 11th, 2021
- April 27th, 2021
- April 20th, 2021
- April 13th, 2021
- April 6th, 2021
- March 30th, 2021
- March 23rd, 2021
- March 16th, 2021
- March 2nd, 2021
- February 23rd, 2021
- February 16th, 2021
- February 9th, 2021
- February 2nd, 2021
- January 26th, 2021
- January 19th, 2021
- January 12th, 2021
- December 8th, 2020
- November 3rd, 2020
- October 27th, 2020
- October 20th, 2020
- October 13th, 2020
- October 6th, 2020
- September 22nd, 2020
- September 15th, 2020
- September 8th, 2020
- September 1st, 2020
- August 25th, 2020
- August 18th, 2020
- August 11th, 2020
- July 28th, 2020
- July 21st, 2020
- July 14th, 2020
- July 7th, 2020
- June 23rd, 2020
- June 16th, 2020
- June 2nd, 2020
- May 26th, 2020
- May 19th, 2020
- May 5th, 2020
- April 28th, 2020
- April 21st, 2020
- April 14th, 2020
- March 24th, 2020
- March 10th, 2020
- February 11th, 2020
- February 4th, 2020
- January 7th, 2019
- December 17th, 2019
- November 12th, 2019
- October 15th, 2019
- September 3rd, 2019
- August 27th, 2019
- August 20th, 2019
- August 13th, 2019
- July 30th, 2019
- July 23rd, 2019
- July 16th, 2019
- July 9th, 2019
- June 18th, 2019
- May 28th, 2019
- May 14th, 2019
- May 7th, 2019
- April 30th, 2019
- April 23rd, 2019
- April 16th, 2019
- Apr 9th, 2019
- Apr 2nd, 2019
- Mar 26th, 2019
- Mar 19th, 2019
- Mar 5th, 2019
- Feb 26th, 2019
- Feb 19th, 2019
- Feb 12th, 2019
- Feb 5th, 2019
- Jan 29th, 2019
- Jan 22nd, 2019
- Jan 15th, 2019
- Jan 8th, 2019
- Dec 18th, 2018
- Dec 11th, 2018
- Dec 4th, 2018
- Nov 27th, 2018
- Nov 13th, 2018
- Nov 6th, 2018
- Oct 16th, 2018
- Oct 9th, 2018
- Sep 25th, 2018
- Sep 11th, 2018
- Sep 4th, 2018
- Aug 21st, 2018
- Aug 7th, 2018
- Jul 24th, 2018
- Jul 17th, 2018
- Jun 19th, 2018
- Jun 5th, 2018
- May 29, 2018
- May 1st, 2018
- Apr 24th, 2018
- Apr 3rd, 2018
- Mar 27th, 2018
- Mar 13th, 2018
- Mar 6th, 2018
- Feb 27th, 2018
- Feb 20th, 2018
- Feb 13th, 2018
- Feb 6th, 2018
- Jan 30th, 2018