11/19/2023 0 Comments Abacus technology back doorA big and complex ISA makes every unit in the processor overly complex and power-hungry and prone to attacks and less conducive to performance improvements.Īnother drawback is that licensing anything from ARM has become too expensive. The simpler and more straightforward the ISA, the simpler the instruction decoder and pipeline, and all subsequent units. Nothing great, nothing terrible, but certainly not built to make any of the parts that make up a processor as simple as possible. It was a novel RISC Instruction Set Architecture for low-performance devices (Apple tried it in the Newton MessagePad 700/710), and the ISA was somewhat acceptable. Back then, ARM was still Acorn RISC Machines. This time around I am even less enthusiastic about it than I was at its first IPO. ![]() ARM IPOĪRM is having an Initial Public Offering (again). Since the BMC is not in the net user data path, it can only protect itself and the OAM&P path of the boot CPU, nothing else. As such, the BMC must be secured as tightly as possible. The situation is different and even more crucial for the BMC, which is not in the net user data path, but access to it opens up literally everything in the server to an intruder. Anything in the net user data path is critical and should be protected against the threats that usually affect data contents. In case of detected tampering, the device must not start up. All of these have their own firmware and BIOS, so those must be protected against insertion of malicious code, and that only works if the code is encrypted to individual keys, not a manufacturer's key. Here is an incomplete list: CPU(s) DPU(s) SAS, SATA and RAID Controllers if present all accelerators including GPGPUs the authentication processor in the Root of Trust coprocessor if present the TPM or vTPM and of course the BMC. As a result, all of them must be secured individually to secure the server as a whole. Unlike a decade ago, a server today contains a whole bunch of smart devices that have their own processors and boot code and BIOSes. Let me recap how to secure a server these days. It takes vastly more than that, and most importantly, the server's host CPU and the BMC's BIOS must be fully secured, encrypted and authenticated. In short, neither a DPU nor a BMC alone can secure a server. ![]() I got a whole bunch of angry emails in response. I must have poked into a hornet's nest with my two recent blog posts on BMCs and on DPUs. ![]() This allows us to separate I/O from peripherals and all of the aforementioned from any kind of Inter Processor Communication (IPC), and optimize all communication channels accordingly. Our solution adds a scale-out port to the CPU and accelerator core, among other items, that allows direct connectivity between general-purpose CPU cores, accelerator cores and smart multi-homed memories, and secondary infrastructure such as peripherals. We have developed a post-Harvard CPU architecture that does away with the scale-out limitations imposed by current processors and accelerators, including GPGPUs. The only suggested solution was the Harvard architecture, separating out instruction and data I/O to and from memory. I will try my best to keep it current and relevant.įor decades now, people have complained about the von-Neumann bottleneck (input – processing – output with some instruction and temporary data I/O to and from memory). From time to time, I might bring up things that in general within the framework of IT annoy me, and of course I'll include news and my comments on IT security, privacy and authentication when appropriate. ![]() I'll include news and my opinions on the suppliers into HPC, industry outlooks, tech trends and economic projections if I feel comfortable with those. The very vast majority of the blog will be about HPC and what is not working as well as it could. This blog is a compilation of thoughts I have had over the course of the past few months, based on and triggered by newspaper articles as well as comments from customers and partners.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |