104750065 © Sashkinw | Dreamstime.com
Data Center Dreamstime 104750065 63f8cdf213d4a

FPGAs Help Designs Meet DC-SCM Specifications

March 15, 2023
Standardizing computer components in data-center platforms continues to evolve with the OCP guiding the way. FPGAs are being used for their flexible system control, management, and security functions to change the pinouts of such platforms.

What you’ll learn:

  • The goal of the Open Compute Project’s data-center-ready secure control module (DC-SCM) design specification.
  • The importance of offloading server management, security, and control functions from the CPU.
  • How FPGAs are used to meet DC-SCM design specifications and help system designers keep up with the pace of innovation.

Facebook, Google, IBM, and Microsoft are adopting the data-center-ready secure control module (DC-SCM) specification. Developed by the Open Compute Project, it handles handle common server management, security, and control features on a module smaller than a typical processor motherboard. The specification has evolved into DC-SCM 2.0 and continues to gain popularity for data-center platform designs. 

Why is DC-SCM Needed?

The goal of DC-SCM is to enable a common security and management infrastructure across platforms within a data center. This is important as the makeup of data-center platforms becomes more diverse with a mix and match of components from various vendors, leading to designs and deployments that are more complex than ever before.

By interfacing security and control functions with the Host Processor Module (HPM) board, developers and engineers can use a single interface for common boot, monitoring, control, and remote debug functions, thereby reducing complexities and saving time for platform deployments. 

Since security and control functions are constantly evolving independent of CPU generation, DC-SCM also enables engineers to keep pace with the speed of innovation and maintain secure platforms.

How DC-SCM and FPGAs Go Hand in Hand

Because of FPGAs’ inherent small size, interface bridging capabilities, and hardware root of trust (HRoT) functionality, they’re a natural fit to be the common small-form-factor module to offload server management, security, and control functions.

Part of DC-SCM 2.0 involves low-voltage differential signaling tunneling protocol & interface (LTPI), which allows for tunneling multiple management interfaces (such as I2C, SMBus, or UART) between the motherboard and the SCM. This key function is supported by FPGAs, giving architects what they need when looking for solutions compatible with DC-SCM 2.0.

In addition, DC-SCM 2.0 calls for a HRoT module that’s responsible for attesting the BMC, BIOS, and/or other privileged firmware images on the system. This is needed to achieve the National Institute for Standards and Technology specification of platform firmware resiliency (PFR). It requires a uniform protection mechanism that proactively protects systems, detects incoming threats, and recovers control of system firmware in the event of a breach.

FPGAs can serve as an HRoT security processor to prevent bad actors from installing malicious code in a privileged firmware’s flash memory—vital for a data center’s PFR.

Another security advantage of DC-SCM involves the decommissioning of servers. This is made easier by an FPGA’s modular design, which allows for the destruction of the security module so that a decommissioned server can be sold or recycled without exposing security data/keys.

Three Key Functions Powered on One Device

DC-SCM 2.0 specifications for server management, security, and control functions have been implemented on a single chip across Lattice Semiconductor’s control and security-grade FPGAs. By consolidating all three key functions onto a single device, the company’s DC-SCM solutions can improve performance and reduce power consumption, all while occupying the smallest footprint on the board as possible. 

As system designs become more complex and security threats continue to evolve, consolidating functions and maximizing space on the board reduces complexities for system designers, saving them time and giving them more room to innovate core functions independent of the CPU.

New data centers are constantly being built and are only growing in complexity. Maintaining DC-SCM compatibility places pressure on devices to stay up-to-date, which has historically meant redeploying entirely new servers. However, with the ability to continuously update control functions remotely, FPGAs help extend the lifetime of equipment in the field.

The Open Compute Project is committed to the ongoing evolution of the DC-SCM specification and will carry on in improving its compatibility, as well as expand its usability to disciplines beyond single server platforms. Companies like Lattice will continue to participate in the open-source community and develop industry-standard solutions and tools that empower system designers around the world.

About the Author

Munir Ahmad | Computer Architect, Lattice Semiconductor

Munir Ahmad leads the server segment product architecture at Lattice Semiconductor. Munir has over 20 years of server system design and architecture experience, leading the design and architecture of various storage and general-purpose servers before joining Lattice. Upon joining Lattice in 2022, Munir has led various strategic initiatives to establish Lattice as a security solutions provider for server customers. Munir holds a Master of Science degree in Electrical Engineering and in Industrial Management.

Sponsored Recommendations

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!