[25/05/2023] Security processor vendor Axiado has announced the availability of two new Trusted Compute Units (TCUs) to help detect ransomware and other cyberattacks on servers and infrastructure elements in cloud data centers, 5G networks, and network switches.
Dubbed the AX3000 and AX2000, these TCUs are AI-powered hardware security platform solutions that the company says integrate all security features within a single system-on-chip (SoC) module.
“Products like Axiado’s TCU are significant developments in the market, as they address a specific need for high-level, multi-function hardware security for data center technology,” said Michela Menting, Director senior research from ABI Research. “Single-chip implementations offer a better cost-benefit ratio than having to implement different hardware components for different use cases – storage vs crypto-acceleration vs identification of ransomware“.
The company is providing samples of the AX3000 and AX2000 TCUs to early access partners in servers, wireless base stations, wired security appliances, centralized and distributed infrastructure, and intelligent edge gateways.
TCUs are co-processors for server security
Axiado’s TCUs are single-chip security processors designed to serve as co-processors for the main processors of target servers. Its goal is to provide zero trust architecture, hardware root of trust, and attack mitigation strategies for servers, base stations, and network devices using a combination of Axiado’s proprietary technologies.
“Axiado’s hardware-anchored, AI-powered TCU is a single-chip intelligent management and control solution for these servers,” said Gopi Sirineni, CEO and President of Axiado. “We integrate Baseboard Management Controller (BMC), Root of Trust (RoT), Trusted Platform Module (TPM) and LAN on Backboard (LOM) functions into a single SoC to run all trusted services” .
The platform, housed in a BGA SoC (ball grid array) of 23×23, also incorporates a distributed hardware security manager, equipped with anti-tampering and anti-counterfeiting mechanisms. In addition, it includes a SmartNIC network interface controller for the control and management plane, which encompasses platform and tenant virtualization capabilities.
Secure hardware products for the data center are important, ABI’s Menting said, “especially as there is continued strong migration to cloud-based and remote platforms, even for mission-critical applications and highly sensitive data. […] The ability to ensure security, from a service provider perspective, is key, not least because there are more and more regulations around the world that ensure these protections are enshrined in law.”
Different TCU variants are geared towards different use cases. While the AX3000 comes with a larger number of interface pins, high-speed interfaces such as 10GbE and AI ports, the AX2000 is limited to 1GbE ports and has no AI function, Axiado’s Sirineni said.
Forensically Capable Cybersecurity Processors
Axiado said its latest TCU represents a new category of forensically-capable cybersecurity processors, designed to improve on existing zero-trust models. What this means is that they operate with AI functionality explicitly designed for security.
“We have added four tera operations per second (TOPS) to the embedded AI engines to protect systems against ransomware, supply chain, and side channel attacks,” Sirineni said.
During normal server operation, the TCU actively monitors itself and the main processor for peripheral-based, network, and side-channel attacks. It takes advantage of its secure AITM to identify any deviations from expected behaviors in these attack surfaces, keeping a record of such anomalies for further analysis. If an anomaly is detected, the TCU initiates mitigation strategies to prevent malware intrusion, spread, and system crash.
This kind of introspection into computer systems is becoming a necessity, according to Joe Byrne, director of processor analysis at TechInsights.
“Businesses that operate servers – especially if they have large fleets – need to manage them, including assessing their security,” Byrne said. “Axiado integration reduces cost and physical size. The addition of AI acceleration could be a useful tool for monitoring system health and security.”
Based on the article by Shweta Sharma (CSO) and edited by CIO Peru