Assuring platform integrity is top-of-mind for platform owners. Hardware roots of trust can measure and attest to firmware integrity, but this is only one component of platform integrity in hyperscalar environments, which impose a number of practical design constraints. Constraints include scaling to a large fleet of machines, scaling to increasingly complex machines, and all while ensuring the high levels of availability and reliability required of our data center fleet.
This talk gives an overview of a platform attestation framework designed by Google, whose primary goals consist of providing scalable recovery from firmware vulnerabilities, while amortizing engineering effort across multiple hardware devices and configurations. Subjects of interest include:
Attestation policy content, generation, revocation, and enforcement.
Representing the physical model of complex platform topologies.
Contributions Google has made to standards like SPDM and Redfish, to enable platform operators to directly verify attestations from a wide range of roots of trust.