Google FeedBurner is phasing out its RSS-to-email subscription service. While we are currently working on the implementation of a new system, you may experience an interruption in your email subscription service.
Please stay tuned for further communications.
Get email delivery of the Cadence blog featured here
The new cloud, AI, Analytics, and Edge usage models with exponential data growth and connection drive the evolution of high-bandwidth PCIe (Peripheral Component Interconnect Express) version 5.0 and 6.0, CXL (Computer Express Link) version 2.0 and 3.0. Every component can be envisioned as an attack vector in modern computational systems, especially PCIe and CXL components, which are part of the system HW root-of-trust chain. Protecting key assets such as the data integrity and confidentiality of consumers, businesses, and governments is the cornerstones of PCIe/CXL technology and architecture.
Imagining attacks using a logic analyzer or interposer type device, including, e.g., “rogue” Retimers, where the attack devices attempt to inject, delete, snoop, reorder, reply or modify the packet headers and observe payload data. Example attacks include delaying a flag write to bypass a data write, causing stale data to be accepted, or postpone a read to bypass a write to the exact location, causing a stale value to be read.
IDE (Integrity and Data Encryption) provides security robustness against physical attacks and improves security link-to-link packets transmitted and received between two ports. It flexibly supports a variety of use models while providing broad interoperability. The cryptographic mechanisms are aligned to industry best practices and can be extended as security requirements evolve.
PCIe and CXL IDE Authentication
New ECNs CMA (Component Measurement and Authentication) and DOE (Data Object Exchange) are introduced, and the SPDM (Security Protocol and Data Model) leverages DMTF (Distributed Management Task Force) ecosystem. SPDM defines a “toolkit” of message format and sequences for authentication, measurement, and other security capabilities. CMA defines how SPDM is applied to PCIe devices/systems. DOE supports Data Object transport between host CPUs & PCIe components over PCIe. Using DOE mailbox registers on the component. Here are three steps of PCIe authentication while CXL follows PCIe IDE ECN.
PCIe and CXL IDE Data Encryption
IDE provides confidentiality, integrity, and replay protection for TLPs for PCIe and FLIT (Flow Control Units) for CXL. IDE relies on AES-GCM for encryption of TLP Data Payload and authenticated integrity protection of entire TLP. Both PCIe and CXL support MAC aggregations to optimize the bandwidth utilized. Additionally,
IDE is a key feature that would help make PCIe Links secure. IDE adds additional latency and complexity to the existing PCIe IP stack and will be enhanced for the upcoming PCIe 6.0 and CXL 3.0 with the FLIT revisions. The IDE further increased the complexity of intricated PCIe and CXL protocols, and Cadence offers comprehensive Verification IP solutions to both authentication and encryption help you to speed up the verification project while relying on the highest quality and maturity verification tools in the market.