Security

From OpenCompute
Jump to navigation Jump to search
OCP-security-v1-17a3x.png

Welcome

OCP Security Project
This Project is open to the public and we want to welcome all those who would like to be involved.

Disclaimer: Please do not submit any confidential information to the Project Community. All presentation materials, proposals, meeting minutes and/or supporting documents are published by OCP and are open to the public in accordance to OCP's Bylaws and IP Policy. This can be found on the OCP OCP Policies page. If you have any questions please contact OCP.

Documents

- Charter
- Meeting Agenda

Works in Progress

- Glossary
- Common Security Threats
- Secure Update and Recovery DEPRECATED
- Attestation Scope
- Attestation of Systems and System Components
- Attestation: Use Cases
- Secure Boot
- Recovery
- Security Checklist and Badges
- Management Interface Requirements
- Secure Platform Overview
- Ownership Transfer
- Work Backlog & Prioritization


Third Party Security Reviews

- Firmware Security Review Framework (Draft)
- NVMe Cloud SSD Specification Firmware Security Review Scope (Draft)
- Firmware Security Audits (Slide Deck)


OCP blogs and announcements

- Fall 2020 OCP Tech Week Blog Post
- Fall 2020 PR Newswire Announcement


Reference

- Certificate Templates for DICE Attestation (Intel) Presented 2019-04-30
- SPIRAL Protocol Family (Intel) Presented 2019-01-29
- SPIRAL Protocol Family (Intel) Presented 2019-03-05
- Trusted Platform Module 2.0 Policy Authorization (IBM) Presented 2020-08-18 by Ken Goldman
- CSIS Firmware Development Best Practices
- Google Position on Attested Boot Logs Presented 2021-02-23 by Jeff Andersen
- Delivering Platform Integrity Without Universal Secure Boot Presented 2021-03-23 by Jeff Andersen
- Recovery Spec Overview Presented 2021-03-30 by Bryan Kelly
- Ownership Transfer and State Management Presented 2022-03-08 by Jeff Andersen
- OCP Crypto Discussion Presented 2022-08-08 by Huijun Xie
- System Ownership and Firmware with Multiple Signing Domains Presented 2022-08-23 by Daniil Egranov
- OCP Recovery Overview Presented by Eric Spada
- TCG DICE and DMTF SPDM Binding Presented 2022-08-30 by Chandra Nelogal and Brett Henning
- Intro to Hash-based Signatures Presented 2022-09-13 by Jeff Andersen
- Attestation + TPM flows Presented 2022-09-27 by Jeff Andersen
- Port Remediation Presented 2022-10-11 by Thomas Koh
- Media Sanitization Presented 2022-12-06 by Jonmichael Hands and Arie van der Hoeven
- Port Remediation Update Presented 2022-12-13 by Thomas Koh and Colin Mitchell
- OCP "Streaming" Boot Presented 2023-01-10 by Varun Sampath and Bharat Pillilli
- Attested Reset Presented 2023-01-17 by Jeff Andersen
- SBOMs Presented 2023-02-14 by Bryan Kelly
- Secure Manufacturing Presented 2023-03-28 by Jeff Plank
- 3P Firmware Audits Presented 2023-04-12 by Eric Eilertson, Þórður Björnsson
- 3P Audits Presented 2023-05-16 by Alex Matrosov
- Requests to NIST regarding asymmetric key derivation Presented 2023-06-06 by Jeff Andersen and Thomas Bowen
- Specification and Formal Verification of Attestation Mechanisms in Confidential Computing Presented 2023-06-13 by Muhammad Usama Sardar
- Request to NIST regarding HBS key export Presented 2023-08-22 by Jeff Andersen
- Device attestation 1 Presented 2024-01-09 by Roksana Mojarad
- Device attestation 2 Presented 2024-01-23 by Roksana Mojarad
- Firmware attestation demo Presented 2024-01-23 by Roksana Mojarad
- Homomorphic encryption Presented 2024-06-05 by Dave Archer
- SPDM between Host and PRoT Presented 2024-08-27 by Jayant Mangalampalli
- Call for Participation: IEEE P2883.2 Virtualized and Cloud Storage Sanitization Presented 2024-08-27 by Paul Suhler
- Drive Sanitization Reporting Presented 2024-08-27 by Brett Henning
- OCP SAFE is a Game Changer Presented 2024-09-17 by Roy Albert, Ilja van Sprundel
- Endorsement Distribution API and PoC Presented 2024-10-08 by Paul Howard
- TCG DICE Concise Evidence Binding for SPDM Presented 2024-10-22 by Fabrizio Damato
- SPDM Support for EAT Presented 2024-10-22 by Steven Bellock

Approved Publications

- Common Security Threats v1.0 White Paper
- Secure Boot v1.0 White Paper
- Attestation v1.0 White Paper
- INFO, White Paper, Ownership and Control of Firmware in Open Compute Project Devices, IBM
- INFO, White Paper, Best Practices for Firmware Code Signing, IBM

Project Leadership

IC Representative

- Andres Lagar-Cavilla (Google)

Project Leads

- Jeff Andersen (Google)
- Bryan Kelly (Microsoft)

Get Involved

- Mailing List

Past Events

F2F Meeting at Facebook, October 8-9th, 2019

- Meeting Notes
- Recording coming soon

Regular Project Calls

This project meets weekly on Tuesdays at 9am PT (please check the call calendar).

- Call Calendar
- Call Link
- Meeting Notes

Recordings from Past Calls

OCP Security Project Call

- Sep 24, 2024
- Sep 17, 2024
- Sep 10, 2024
- Sep 03, 2024
- Aug 27, 2024
- Aug 20, 2024
- Aug 13, 2024
- Jul 09, 2024
- Jul 02, 2024
- Jun 11, 2024
- Jun 04, 2024
- May 28, 2024
- May 07, 2024
- Apr 16, 2024
- Mar 26, 2024
- Mar 19, 2024
- Mar 12, 2024
- Mar 05, 2024
- Feb 27, 2024
- Feb 20, 2024
- Feb 6, 2024
- Jan 30, 2024
- Jan 23, 2024
- Jan 9, 2024
- Dec 5, 2023
- Nov 28, 2023
- Nov 14 2023
- Oct 31, 2023
- September 12, 2023
- August 29, 2023
- August 22, 2023
- August 15, 2023
- August 1, 2023
- July 25, 2023
- July 18, 2023
- July 11, 2023
- June 20, 2023
- June 13, 2023
- June 6, 2023
- May 16, 2023
- May 9, 2023
- May 2, 2023
- April 11, 2023
- March 28th, 2023
- March 21, 2023
- February 28, 2023
- February 14, 2023
- January 31, 2023
- January 17, 2023
- January 10, 2023
- December 13th, 2022
- December 6th, 2022
- November 29th, 2022
- November 15th, 2022 - No Recording
- November 1st, 2022 - No Recording
- October 11th, 2022
- October 4th, 2022
- September 27th, 2022
- September 13th, 2022
- September 6th, 2022
- August 30th, 2022
- August 23rd, 2022
- August 9th, 2022
- August 2nd, 2022
- July 26th, 2022
- July 12th, 2022
- June 28th, 2022
- June 21st, 2022
- June 14th, 2022
- June 7th, 2022
- Call Cancelled
- May 17th, 2022
- May 10th, 2022
- May 3rd, 2022 Security Project Tech Talk
- April 26th, 2022 Call Not Recorded
- April 19th, 2022
- April 12th, 2022
- April 5th, 2022
- March 29th, 2022
- March 22nd, 2022 Call Not Recorded
- March 15th, 2022
- March 8th, 2022
- February 22nd, 2022
- February 15th, 2022
- February 8th, 2022
- February 1st, 2022
- January 25th, 2022
- January 11th, 2022
- December 14th, 2021
- December 7th, 2021
- November 16th, 2021
- September 28th, 2021
- September 21st, 2021
- September 14th, 2021
- August 10th, 2021
- August 3rd, 2021
- July 27th, 2021
- July 20th, 2021
- July 13th, 2021
- June 29th, 2021
- June 22nd, 2021
- June 15th, 2021
- June 8th, 2021
- June 1st, 2021
- May 25th, 2021
- May 18th, 2021
- May 11th, 2021
- April 27th, 2021
- April 20th, 2021
- April 13th, 2021
- April 6th, 2021
- March 30th, 2021
- March 23rd, 2021
- March 16th, 2021
- March 2nd, 2021
- February 23rd, 2021
- February 16th, 2021
- February 9th, 2021
- February 2nd, 2021
- January 26th, 2021
- January 19th, 2021
- January 12th, 2021
- December 8th, 2020
- November 3rd, 2020
- October 27th, 2020
- October 20th, 2020
- October 13th, 2020
- October 6th, 2020
- September 22nd, 2020
- September 15th, 2020
- September 8th, 2020
- September 1st, 2020
- August 25th, 2020
- August 18th, 2020
- August 11th, 2020
- July 28th, 2020
- July 21st, 2020
- July 14th, 2020
- July 7th, 2020
- June 23rd, 2020
- June 16th, 2020
- June 2nd, 2020
- May 26th, 2020
- May 19th, 2020
- May 5th, 2020
- April 28th, 2020
- April 21st, 2020
- April 14th, 2020
- March 24th, 2020
- March 10th, 2020
- February 11th, 2020
- February 4th, 2020
- January 7th, 2019
- December 17th, 2019
- November 12th, 2019
- October 15th, 2019
- September 3rd, 2019
- August 27th, 2019
- August 20th, 2019
- August 13th, 2019
- July 30th, 2019
- July 23rd, 2019
- July 16th, 2019
- July 9th, 2019
- June 18th, 2019
- May 28th, 2019
- May 14th, 2019
- May 7th, 2019
- April 30th, 2019
- April 23rd, 2019
- April 16th, 2019
- Apr 9th, 2019
- Apr 2nd, 2019
- Mar 26th, 2019
- Mar 19th, 2019
- Mar 5th, 2019
- Feb 26th, 2019
- Feb 19th, 2019
- Feb 12th, 2019
- Feb 5th, 2019
- Jan 29th, 2019
- Jan 22nd, 2019
- Jan 15th, 2019
- Jan 8th, 2019
- Dec 18th, 2018
- Dec 11th, 2018
- Dec 4th, 2018
- Nov 27th, 2018
- Nov 13th, 2018
- Nov 6th, 2018
- Oct 16th, 2018
- Oct 9th, 2018
- Sep 25th, 2018
- Sep 11th, 2018
- Sep 4th, 2018
- Aug 21st, 2018
- Aug 7th, 2018
- Jul 24th, 2018
- Jul 17th, 2018
- Jun 19th, 2018
- Jun 5th, 2018
- May 29, 2018
- May 1st, 2018
- Apr 24th, 2018
- Apr 3rd, 2018
- Mar 27th, 2018
- Mar 13th, 2018
- Mar 6th, 2018
- Feb 27th, 2018
- Feb 20th, 2018
- Feb 13th, 2018
- Feb 6th, 2018
- Jan 30th, 2018