Enhancing Interface Security with PCIe's TDISP

Dana Neustadter, Richard Solomon

Feb 08, 2023 / 5 min read

In the beginning of electronic data management, data was relatively secure. After all, you owned all the hardware. The data servers were on premise. The person sitting in front of the computer was your trusted employee. And of course, you hired only good people. You vetted them directly, and you paid them well. They had no reason to act in bad faith.

Today, the world of data has changed. Security breaches that were once unthinkable are happening all the time, and it is important to secure not only the software but the hardware, too. Our data landscape has evolved to be vast, connected, and interdependent. People you don’t know—well beyond your corporate walls—have an impact on your security.

With cloud computing, your job is just one of a great number of jobs running on massive servers in hyperscale data centers, likely located far away from your core operations. These data centers have an abundance of virtual machines running jobs from an untold number of different clients, all using different devices. Within the data center, you are allocated a specific amount of memory and number of processor cores so you can accomplish your jobs and tasks.

Because you don’t directly control these operations, you don’t know if someone inside the data center is rolling up to a server with an oscilloscope and logic analyzer to probe “your” server’s internal signals. You don’t know that a data center employee doesn’t also work for a foreign government. You don’t know if they’ve been tasked to snoop around your hardware and the virtual machines.

This is why you need hardware encryption inside virtual servers—the ability to communicate between virtual machine and hardware using a secure encryption key exchange where a third party, even one who owns, manages, and runs the data center day-to-day, doesn’t have access to the encryption itself.

TEE Device Interface Security Protocol (TDISP) is a new framework and architecture to secure I/O virtualization, which was introduced by way of an ECN that makes it part of the most recent PCI Express® (PCIe®) 6.0 specification. Even though the PCIe 6.0 specification introduced the new 64GT/s signaling speed, TDISP can be utilized at any speed. The standardized interface framework defines how to secure the interconnect between the virtual machine host and the device, regardless of where your data center resides or who has access to the servers inside of it.

Cyberattacks Are Not Just a Software Issue Anymore

While software has been the long-standing target for cyberattacks, hardware is now also vulnerable to security breaches. One of the most publicized hardware attacks was reported by Bloomberg: In 2015, Chinese military units designed a microchip and inserted it into SuperMicro motherboards during the manufacturing process. The motherboards had been in the servers of as many as 30 companies, including giants such as Apple and Amazon. The microchips were “…as small as the tip of a pencil. Some of the chips were built to look like signal conditioning couplers, and they incorporated memory, networking capability, and sufficient processing power for an attack.” While SuperMicro disputes this reporting and some within the industry have attempted to deemphasize the importance of this attack, Bloomberg stands by its original reporting. Regardless, it’s an accepted fact within the industry: “Such attacks do happen….” The fallout of these hardware attacks can be game changing—jeopardizing not only corporate secrets and personal privacy but also national security.

Standardized Software Framework to Achieve Secure Interfaces

Here’s the important point: Each of your devices needs to perform functions and to have encryption to exchange keys with your virtual machines in the data center. But this process can be complex and problematic. For instance, Company A might be a CPU vendor and the virtual machine hardware in the data center already knows the CPU. In this case, there’s no need for an interface framework for security because the virtual machine already knows the hardware encryption for that CPU. But when the virtual server is shared, as is prevalent in today’s cloud computing environment, the devices plug in not only Company A, but also a variety of devices from Companies B and C, and perhaps others. In these cases, you would need to teach the software about each device to ensure the proper encryption.

If you wanted to ensure encryption in the past, it had to be done in a proprietary manner. Most often, organizations did not do this well. Because of these inefficiencies, it begs the question: instead of having unique interfaces for each of your devices, how can you standardize the ability to protect interfaces from attack?

TDISP Enables Secure Key Exchange

Key management is the primary role of TDISP. It has the ability to turn on and off the encryption, performing like a control panel, so you can refresh keys for the next hour, or the next 10 minutes, or any other timeframe. The TDISP framework standardizes the process and manages the entire key exchange, eliminating the need to build unique interfaces for each different device.

On the hardware side, once the connection is negotiated and the link secured, if there is register manipulation outside of TDISP, you can identify the connection as no longer secure. With TDISP you can detect the attempt to intercept your communications, enabling you to flag the software, letting it know that something is wrong so that it resecures the link before the breach ever occurs.

TDISP is a state-of-the-art framework, a part of your overarching security strategy that will standardize your approach to IO interconnect security, mitigating attacks before they happen. You may think this kind of security is for the NSA-level targets and not applicable for everyday use cases. Perhaps you aren’t operating in the national security space and your product isn’t particularly security sensitive. However, the fact is, any breach getting between you and your end user is a threat with potential full-circ

The Industry’s First Controllers and IDE Supporting TDISP

At Synopsys, we are a step ahead in the security cat-and-mouse game with the first controllers and Integrity and Data Encryption (IDE) security IP module that supports TDISP, as applicable for PCIe and CXL.io. It’s inclusive of all the hardware hooks and building blocks to implement TDISP on your devices and is part of our complete PCIe security solution.

Features for PCIe TDISP (also applicable for CXL.io), include:

  • PCIe Controller and IDE capability and other registers
  • T-bit packet per packet support (TX and RX)
  • Updated rule checks for inbound requests and completions
  • Additional checks for TEE limited stream support
  • Interface to allow Device Security Manager (DSM) to track TEE-Device-Interface-owned (TDI-owned) configuration changes
  • TDISP-specific error conditions updates
  • Lock signals to avoid configuration registers update
TDISP enables trusted assignment of Virtual Functions to TVMs | Synopsys

TDISP enables trusted assignment of Virtual Functions to Trusted Virtual Machines (TVMs).

If you’re in the cloud computing space, your products will go into cloud computing applications or operate in servers in hyperscale data centers, and you will need to pay attention to the complexities of our modern cloud security landscape. One part of the greater security puzzle that can help you is new TDISP framework. Synopsys has everything you need to implement this framework to foil attacks and reduce your risk. If you’d like to learn more about how the TDISP framework can help you secure your data, contact us or learn more about it at Synopsys IDE Security IP Module for PCI Express 6.0 and Synopsys Controller IP for PCIe Express 6.0.

Continue Reading