Kameleon Security Demonstrates Complete Lifecycle Cybersecurity Solution for Firmware & Supply Chain Attacks at OCP Global Summit using its Root of Trust Solution
November 2021 by Marc Jacob
Kameleon Security announces the reveal of its commercial cyber protection chip, the industry’s first Proactive Security Processing Unit (ProSPU©). Kameleon will showcase how the ProSPU safeguards servers and computing systems through a series of firmware and supply chain attack demonstrations at the Open Compute Project (OCP) Global Summit taking place November 9-10, 2021, in San Jose, CA.
Kameleon’s ProSPU is a dedicated security processor built directly into a system’s hardware to establish Root of Trust (RoT) from the very first boot process and create a trust anchor and system identity that can’t be accessed from the CPU. This isolates security defenses and the RoT from potential attackers and creates an architectural advantage against them.
Unlike other Platform Firmware Resiliency (PFR) solutions, Kameleon’s ProSPU protection doesn’t stop at boot. The ProSPU protects the operating system and applications on the server during run-time, ensuring that the platform not only starts secure but stays secure throughout its lifecycle. Kameleon’s ProSPU is the first commercial solution to meet OCP security standards for RoT.
“Kameleon is building the first proactive SPU to enforce system security throughout its lifecycle. Our partnership with Xilinx and our adherence to OCP standards position our unified hardware security infrastructure a step ahead of other PFR solutions as we change the way cybersecurity is done. Building security into the hardware, in an isolated implementation, means that Kameleon provides a true foundation of trust that can be extended all the way up the stack. We’re excited to showcase the unique platform benefits that can be achieved with our ProSPU at the OCP Global Summit next week,” said Jorge Myszne, co-founder and CEO of Kameleon.
Kameleon and Xilinx previously announced a partnership that will provide seamless peripheral attestation for Xilinx devices. The ProSPU’s hardware trust anchor verifies compliance that the peripheral device has passed security protocols, attests the validity of the device, and takes measurements to validate the proper signing of the device firmware. These processes will also be demonstrated at the OCP Global Summit, where attendees are invited to Kameleon’s booth (C26) to get a first-look demonstration highlighting the full system RoT in a server architecture, utilizing Xilinx FPGAs.
At OCP Global Summit, Kameleon will demonstrate how the ProSPU detects and blocks attacks at all levels of the supply chain from initial provisioning on the factory floor to board assembly, where malicious hackers often attempt to replace the devices, all the way to the cloud service provider or data center server, and throughout all the transit and transportation between them, where bad actors attempt to replace the firmware, update malicious code to the firmware, or brick the server. Kameleon tracks the devices through the entire supply chain and maintains the RoT throughout the entire lifecycle.
Integrating Kameleon’s ProSPU gives platform designers the benefit to implement PFR while complying with NIST 800-193 and OCP requirements with minimal effort, supporting both standard features such as System Identity, Platform Secure Boot, Peripheral Attestation, Secure A/B Firmware Updates, Platform Recovery and other features that are unique to Kameleon including support for cross-platform architectures (such as Intel, AMD and Arm), highly configurable and customizable security policies, and TPM functionality.