Building Secure Chips with Verified CXL IDEs

VIP Expert

Sep 21, 2021 / 3 min read

Welcome to the wonderful and cryptic world of secured traffic with CXL being the latest specification to adopt it. As attacks on high-performance data centers become more sophisticated, the security standards must continuously adapt to better protect sensitive data and communications and ultimately protect our connected world. To this end, the CXL standards organization added the security requirement of Integrity and Data Encryption (IDE) to the CXL 2.0 specification.

The CXL 2.0 specification introduces IDE schematics for both CXL.io & CXL.cache/CXL.mem protocols. CXL.io pathway uses PCIe specification defined IDE, while CXL.cache/CXL.mem related updates are introduced in CXL 2.0 specification. In this blog we’ll provide a overview of what a secure setup looks like and the strategies adopted by CXL for Security.

CXL IDE can be used to secure traffic using a TEE (Trusted Execution Environment). A TEE is an isolated & secure environment where sensitive data is stored and processed. The TEE performs authentication and key management for the IDE.

The IDE provides confidentiality, integrity and replay protection for Transaction Layer Packets (TLPs) for CXL.io and Datalink layer protocol Flits  for CXL.cache/CXL.mem protocols, ensuring that data on the wire is secure from observation, tampering, deletion, insertion and replay of packets. Both CXL.io and CXL.cache/mem IDE are based on the AES-GCM cryptographic algorithm and receive keys from the Authentication & Key Management security component, which includes the TEE.

Building secure chips with verified CXL IDEs illustration

When working with a TEE, CXL IDE protects the transactions (both data & metadata) exchanged between the two devices on the physical link by using symmetric crypto keys (CXL chooses 256-bit key length for AES GCM).

Each secure component in a TEE implements a TCB (Trusted Computing Base) which has protection mechanisms for hardware, firmware, software, and any combination of these for enforcing a security policy. For CXL, TCB includes:

  • Hardware blocks that implement encryption algorithms
  • Modules that configure crypto engines (AES-GCM for CXL, more on this in upcoming blog)
  • Any other block that directly or indirectly communicates with the above two blocks

Synopsys recently announced the industry’s first security modules for protecting data in high-performance computing SoCs that use the CXL 2.0 protocol. The DesignWare® IDE Security Module IP for CXL 2.0 is already being deployed with hyperscaler cloud providers. The robust IDE Security Modules make it faster and easier for designers to protect against data tampering and physical attacks on links while complying with the latest versions of the interconnect protocols. The IDE Security Modules are designed and validated with DesignWare Controller IP for CXL to accelerate SoC time-to-market while providing the configurability needed to adjust to the design’s specific use case.

Verifying Interoperability of IDE Features

For verification of interoperability of IDE features, Synopsys VIP supports CXL.cache-mem IDE out-of-box as laid out in Chapter 11 of CXL 2.0 specification and IDE Link establishment. VIP has various controls to allow user to tweak VIP behavior for features like:

  • TX & RX key programming (including run time key refresh)
  • TX & RX Truncation Delay
  • Containment and Skid Aggregation Mode with/without PCRC
  • Key Refresh time
  • Secure <-> Insecure flow
  • Error insertion capabilities for Rx Error status register verification
  • CXL Cache/Mem IDE Compliance tests for Interoperability testing of CXL Device DUT.
  • IDE specific Debug and logging

AES-GCM crypto engine requires 3 inputs (AAD, P, PText) and here is a snippet of VIPs TX & RX path outputs of the crypto engine. Below are the snippets for sample traffic flows and IDE specific Flit format (H6) for MAC.

AES GCM data flow:

AES encryption for secure CXL IDEs

H6 Flits:

 

Data link layer for secure CXL IDEs

In the next blog we’ll discuss in detail the intricacies of AES-GCM data flows. Stay tuned.

Synopsys continues to provide Industry’s first and most comprehensive Verification IP solutions, please visit us https://www.synopsys.com/verification/verification-ip/subsystems/compute-express-link.html to learn about CXL and other leading Verification IP Solutions.

Continue Reading