OCP S.A.F.E.
Tetrel is proud to be a foundational Security Review Provider (SRP) for the Open Compute Project Security Appraisal Framework and Enablement (OCP S.A.F.E) program. Our team was involved from the program’s inception, and continue to be active participants in the evolution of the program. This framework is the standard for assessing the security of the firmware supply chain for modern data centres.
As an approved Security Review Provider (SRP), we help component vendors navigate the OCP S.A.F.E. assessment process, and conduct the necessary independent and rigorous security reviews, which enables them to:
- Reduce audit overhead and meet the security requirements of hyperscale cloud providers.
- Demonstrate trustworthy hardware and firmware that resists advanced threats, securing the foundation upon which the world’s most critical AI workloads run.
Framework #
The OCP S.A.F.E. framework defines three separate scopes:
- Scope 1: This is defined by the external attack surface of the firmware. Any interface that can be attacked from outside the SoC are in scope. This includes external flash memories, serial and debug interfaces, PCIe bus and other host interfaces and any other externally reachable interface as defined by the product feature set.
- Scope 2: This includes all of Scope 1, but additionally includes local attack surfaces within the device. Here we include attack surfaces between internal components and subsystems within the module or device.
- Scope 3: This scope focusses on the physical attack surface of the hardware itself. Fault injection attacks and cryptographic side channel leakage are examples of things to watch for in this scope.
Once the scope of the review is selected, the assessment can proceed using our thorough methodologies. This will result in a Long Form Report, a document that describes all of the findings of the assessment. This is for your internal use and need not be published. Its intent is to provide as much prescriptive guidance as possible to allow the efficient remediation of issues.
Once the issues are fixed to your satisfaction, we may be engaged to validate those fixes and provide a ShortForm Report (SFR). This machine-readable and cryptographically-signed document is an artefact that you may publish to the OCP repository if and when you chose.
TKTK say something about the publication process
Caliptra Trademark Audit #
Caliptra is an open-source project delivering a Silicon Root of Trust (RoT) specification and implementation (RTL and firmware) for data center-class devices of all kinds. Its core purpose is to provide unforgeable device identity and a verifiable cryptographic mechanism to ensure that only trusted firmware is allowed to run on a device.
Tetrel is an active SRP providing Caliptra Trademark Audit services to device vendors who want to integrate Caliptra into their products, and make use of the trademark. The Caliptra Trademark is reserved for implementations that meet the highest bar for security and functional integrity, providing a crucial trust anchor for Confidential Computing and the entire hardware supply chain.
OCP L.O.C.K. Assessments #
The OCP Layered Open-source Cryptographic Key management (L.O.C.K.) specification extends Caliptra to provide key management functionality for storage devices suitable for hyperscalar cloud providers. This brings additional integration requirements to the base Caliptra specification. Tetrel provides thorough reviews to ensure that this integration is error-free, and that all security guarantees of the Caliptra subsystem are upheld.