AMD, Google, Microsoft, and NVIDIA have collaborated with the Linux Foundation and the Open Compute Project (OCP) Foundation to introduce Caliptra, a re-usable silicon level IP block, which can be a, “scalable and standards-based solution for the benefit of the entire industry”.
Caliptra is the group’s new open specification for a silicon Root-of-Trust (ROT) to be used with future CPUs / SoCs, GPUs, NICs, SSDs, and other hardware components.
A ROT is the foundational security component of a connected device, which is inherently trusted and is built to be secure by design, which ensures only trusted firmware can boot on a device.
What does this mean for potential users?
The OCP said Caliptra is specifically built to cater to “emerging business models on edge and higher levels of confidentiality in the cloud” which it says create “new demands for higher levels of consistency for interoperability and transparency for security assurance”.
Though the new piece Caliptra obviously has some serious industry might behind it, it’s potentially notable that Intel is absent from the list of backers.
“Independent hardware and software initiatives by different communities and consortiums often require significant integration efforts by the industry,” said Ashish Nadkarni, Group Vice President and General Manager, Worldwide Infrastructure at IDC. “Vendors need to convert and integrate the initiative into solutions with the market need in mind.”
“The net effect is that many innovations never see the light of the day or serve the needs of the broader market.”
He added: “The expanded collaboration between the Open Compute Project and Linux Foundation has the strong potential to accelerate the absorption of open innovations into meaningful products and services.”
The Caliptra 0.5 specification is already available here, and the OCP Foundation is looking for community feedback.
In addition, the project is also offering the underlying initial code to industry members so they can “confidently integrate” into the new silicon.
Interested in beefing up your organization’s security? Check out our guide to the best endpoint protection