Security (Incubation)


Project Leads: Bryan Kelly (Microsoft), Nate Klein (Google)

Acting IC Representative: Bill Carter (OCP)

The Security Project creates designs and specifications to enable software security for all IT gear through collaboration with the wider Open Compute community. 

This project provides a foundation for securing all IT gear that is designed in other Open Compute projects. Successful projects delivered by this project will:

  • Remove redundant effort required by other projects to create their own security solutions

  • Provide standard hardware and software security implementations

  • Provide flexible solutions that will work across different types of IT equipment

  • Standardize components required for hardware based software security

  • Improve security across the entire cloud computing industry through open standards

  • Use existing and emerging standards where appropriate

Project Scope:

The Security Project will focus on the following:

  1. Standard hardware interface and protocols for ensuring boot code integrity

  2. Open-source firmware for dedicated security hardware

  3. Security firmware APIs and protocols

  4. Change of ownership of the IT gear (e.g., resale)

  5. Firmware Security provisioning methodologies

  6. Secure boot of  firmware and operating system

  7. Recovery from a compromised or untrusted state

  8. Securing and verifying all mutable storage (flash for BIOS, BMC, microcontroller(s), CPLD, etc)

  9. Secure updates to mutable storage with versatile rollback-protection options