Hot Chips 31 Live Blogs: Intel/Tsinghua Xeon Jintide Security CPU

07:47PM EDT - Doing custom x86 CPUs is nothing new: presenting one at Hot Chips is new. Here we have Tsinghua University giving a presentation on Jintide, its custom solution built upon Intel Xeon technology.

07:49PM EDT - Memory replaced with buffer tracing chip, and two added chips in the package

07:49PM EDT - ITR and RCP chip

07:50PM EDT - After Spectre and Meltdown, security is important

07:50PM EDT - Cheap chips have accurate layouts. Complex chips like CPUsdo not

07:50PM EDT - We do not know what is in a CPU

07:51PM EDT - IC industry is quite complex

07:51PM EDT - Lots of different potential attack vectors

07:51PM EDT - A modern CPU has so many transistors that a small change can add in potential vulnderabilityies

07:52PM EDT - Impossible to prove if a chip is secure/trustworthy

07:52PM EDT - Hardware Trust Concern: Runtime Surveillance

07:52PM EDT - Need to make sure malicious behavior is not triggered

07:52PM EDT - Need to enable a way to let the user confirm the security of the chip

07:53PM EDT - Trace CPU/system behavior at runtime, check if the behavior matches expectation

07:53PM EDT - This is how the Jintide platform was designed

07:53PM EDT - Jintide adds in tracing capabilities for CPU validation

07:54PM EDT - Add in two TSMC 28nm chips to Intel Xeon, add it in package

07:54PM EDT - Need to be able to perform the check, need to trace, need to avoid perforamnce impact

07:55PM EDT - Identify legal behavior, ignore non-harmful behavior, report suspicious behavior

07:55PM EDT - Works on intervals with no additional overhead

07:56PM EDT - Architecture with deterministic replay

07:56PM EDT - Runs through hypervisor

07:56PM EDT - Processor check engine

07:57PM EDT - Sample window is 100 microseconds, sample frequency is bigger than 1 Hz

07:57PM EDT - Require 10.4 MB buffer on Skylake

08:00PM EDT - RCP (re-configurable processor) and ITR chips

08:01PM EDT - Pinout is almost normal Skylake, but higher TDP

08:01PM EDT - Supports Secure Boot

08:01PM EDT - BIOS access through PCH

08:01PM EDT - Device Verification

08:01PM EDT - Certificate Based

08:01PM EDT - Up to 24 cores

08:02PM EDT - Up to 4S (so Xeon Gold?)

08:02PM EDT - PCIe 3.0 x48

08:02PM EDT - C620 PCH

08:02PM EDT - 145W-205W

08:02PM EDT - Performance loss is under 10%

08:02PM EDT - Physical memory/IO trace

08:02PM EDT - Everything traced at the physical layer

08:03PM EDT - There's a balance between detection probability and performance hit

08:03PM EDT - depends on frequency of polling

08:05PM EDT - If the microcode is attacked, can detect

08:06PM EDT - Use the platform to detect CPU vulnerabilities

08:07PM EDT - Cannot detect by microarchitecture failures, so need to extend replay to microarchitecture level

08:07PM EDT - Spectre attack demo on Github

08:09PM EDT - Attack rules are based on the characteristic of the attack

08:09PM EDT - Cannot use one general rule to detect all attacks

08:10PM EDT - Trade all the physical behavior of the CPU with ISA model

08:10PM EDT - Lots of Intel involvement

08:10PM EDT - Q&A time

08:11PM EDT - Q: How are the Jintide chips attached to Xeon? A: PCIe

08:12PM EDT - Q: How can we be sure the Jintide chips don't have vulnerabilities? A: Redundancy, reconfigurable

08:12PM EDT - Q: Your chips can create attacks on the server? A: Lots of encryption features on chip, all the data on the chip is secure.

08:14PM EDT - Q: Are your chips limited to Xeon or can it do AMD, Power, or Arm? A: Xeon only.

08:15PM EDT - That's a wrap. I'm taking an hour break until the Microsoft event. There is NVIDIA/AMD GPU talks, but it's nothing we haven't seen before.