AMD gives Google Cloud rare access to its technology to find chip flaws

- Advertisement -

Unusual partnership between Google and AMD may offer a blueprint for how the technology industry can better manage processor security risks before they spiral out of control. The only problem? Customization requires an equally rare level of trust that can be difficult for other companies to replicate.

- Advertisement -

At the Google I/O Developers Conference on Tuesday, Google Cloud will release detailed audit AMD Privacy Computing Technology, a collaboration between Google’s Project Zero bug team, two Google Cloud Security teams, and the AMD firmware team. The audit follows years in which Google Cloud has placed increasing emphasis on its privacy computing offerings, a set of capabilities that permanently store customer data in encrypted form, even during processing. The stakes are high as customers increasingly depend on the privacy and security protections provided by these services, as well as the underlying physical infrastructure built on dedicated AMD secure processors. An exploitable vulnerability in Confidential Computing could spell disaster.

- Advertisement -

Deficiencies in the design and implementation of processors create huge risks, turning widely used chips into single points of failure on computers, servers and other devices on which they are installed. Vulnerabilities in specialized security chips have particularly dire potential consequences because these processors are designed to be immutable and provide a “root of trust” that all other components of the system can rely on. If hackers are able to exploit a vulnerability in security chips, they can poison the system at that root and potentially gain undetected control. As such, AMD and Google Cloud have forged an unusually close partnership over more than five years to cooperate in the audit of Epyc processors used in sensitive Google Cloud infrastructure and tries to close as many holes as possible.

“When we find something and know that security gets better, that’s the best thing,” says Nellie Porter, Google Cloud Product Group Manager. “This is not a search for the guilty, this is a joint effort to correct the situation. Opponents have incredible capabilities, and their innovation is growing, so we need to not only catch up, but also get ahead of them.”

- Advertisement -

Porter points out that the AMD partnership is unusual because both companies have built enough trust that the chipmaker is willing to let Google teams analyze the heavily guarded source code. Brent Hollingsworth, AMD’s director of software ecosystem Epyc, notes that this relationship also creates space to push the boundaries on what types of attacks researchers can test. For example, in this audit, Google security researchers used special hardware to launch physical attacks on AMD technologies, which is an important and valuable exercise that other chip manufacturers There is also a growing focus on things that go beyond the traditional security guarantees offered by chip manufacturers.

Pentesting PCIe Hardware Using IO ScreamerPhoto: Google

“Anyone who writes software, anyone who builds hardware knows that it’s impossible to be perfect,” says Hollingsworth. “Over the years that we have been working with Google, we give them as much access as possible and think about the problem from two different angles. And somewhere in the middle of that push and pull, we end up finding things that benefit everyone.”

The audit focused on AMD Secure Processor (ASP) security and AMD technology firmware, known as “CMEA-SNP”, or Secure Encrypted Virtualization-Secure Nested Paging. SEV-SNP underpins Google Cloud Confidential VMsa premium offering within the overall Google Cloud product that segments and encrypts customer systems and manages encryption keys to block Google Cloud so that the company cannot access customer data.

Both companies did not specifically state how many vulnerabilities were found and fixed in a recent audit, but the report outlines numerous specific findings, attack scenarios, and general areas for improvement. AMD says it has released firmware fixes for all issues it found during the audit, and Google Cloud says it has applied all of those fixes and mitigations.

However, both Google Cloud’s Porter and AMD’s Hollingsworth emphasize that the true value of the partnership lies in ongoing collaboration and ongoing analysis. The goal is that the findings will secure Google Cloud as well as improve security across the industry, and that the partnership could possibly be a model for greater transparency between chipmakers and customers at large. As organizations increasingly rely on cloud providers to deliver most or all of their infrastructure, they are enjoying significant security benefits, but there are always concerns that something could go wrong.

“You must assume a violation; you have to assume that something can happen,” says Porter. “And that’s why I think it’s so important not only to fix all the mistakes, but to be very open about it all the time. It’s not something we do once and it’s over. It continues”.


Credit: /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox