WP_Term Object
    [term_id] => 111
    [name] => Zentera
    [slug] => zentera
    [term_group] => 0
    [term_taxonomy_id] => 111
    [taxonomy] => category
    [description] => 
    [parent] => 14433
    [count] => 6
    [filter] => raw
    [cat_ID] => 111
    [category_count] => 6
    [category_description] => 
    [cat_name] => Zentera
    [category_nicename] => zentera
    [category_parent] => 14433

Secure Border Computing for Fabless Ecosystem

Secure Border Computing for Fabless Ecosystem
by Paul McLellan on 01-31-2014 at 5:30 pm

 As the red queen says in Alice Through the Looking Glass, “Here it takes all the running you can do to stay in the same place”. Development in an advanced process node seems like that. The process isn’t ready when you have to start design, so the PDKs change all the time. The EDA tools are not ready when you have to start since there are no real test cases to exercise them effectively. The IP isn’t ready since there isn’t a stable PDK and there may not be enough shuttles to build test chips yet. And the foundry isn’t ready since they have only run test chips of a few million gates, not the billion gate behemoths the advanced communication chips are likely to be. Everyone needs to work together cooperatively but everyone is very sensitive about their own data and are not about to put it up on Dropbox.

The current approach to this is for some of the players to build their own chambers: secure areas with dedicated servers accessed through a VPN with strong encryption and all. There are three really big problems with this. The first is that each one is a custom implementation which doesn’t adhere to any standards. This is very inefficient on an industry scale and leads to “arm wrestling” as to who is going to force the other guys to implement their own technology and use their chambers, and the losers in the arm-wrestling have to build multiple implementations for each company they need to interface with.

The second big problem is that everyone thinks that their security is perfect, or at least really good. But the world is full of teams whose definition of security is that they themselves couldn’t think of any way of breaking in. I bet Target late last year felt their security was good, for example. It wasn’t. Security requires testing it against external attack by the best good-guy bad-guys, companies who specialize in trying to break into secure systems.

The third big problem is that the chamber needs to be flexible as to how much compute power is in it. If it is a fixed number of machines then it will always be too many or too few. But the chamber design doesn’t allow for cores to float in and out of the chamber. It isn’t a cloud chamber (physics joke!). It doesn’t have the flexibility of the cloud to deploy resources as and when they are needed.

What is required is a sort of no-man’s-land with the following properties:

  • elastic computing infrastructure using the approaches of dynamic clouds
  • enterprise grade security: access control, data transport, audit trails etc
  • integration with design practices: scheduler such as LSF or NC, test bench automation, integrated gdb etc

The diagram above shows how it all ties together (the names are not meant to imply endorsement, but it makes it more concrete than saying IP Company A, Foundry T, EDA company C).

This infrastructure allows such things as:

  • running EDA regression tests on fabless data
  • debugging EDA or IP issues on the actual SoC
  • exercising EDA tools on full chip SoC data
  • qualifying IP at a foundry
  • cooperation of 3 or more companies to do something such as build a test chip (EDA, IP, foundry)

Zentera is the only company actually focused on solving this problem. Of course being the only company isn’t good enough, the technology has to be solid too. They call this approach “border computing” since it is on the border of the fabless SoC company which typically has the most security concerns. This technology pulls together applications from EDA companies, foundries and IP companies…pulls them into cloud chambers…which run on virtual hosts…with resource management and access management…and underneath that are the physical hosts which ideally should be pulled from a common pool used both in the border computing and internally at the SoC company, so that when demand is low in the border there is more compute power available for running internal jobs, and vice versa.

They have the three key technologies: cloud-based computing infrastructure for flexible deployment of virtual and physical hardware, externally tested enterprise-grade security, and a focus on EDA that the general cloud/security companies such as VMware, Cisco, RSA do not have. They are working with people in the ecosystem to drive standards in this space, which will reduce costs for everyone, increase security and make cooperation easier.

But as Jaushin Lee, founder and CEO of Zentera Systems, said:“Implementation of this border infrastructure will stress the technology on all fronts including security, computing, virtualization and network.”

More articles by Paul McLellan…

Share this post via:


0 Replies to “Secure Border Computing for Fabless Ecosystem”

You must register or log in to view/post comments.