Requirements and implementation strategies for Cybersecurity modules in General Purpose Processors for High Performance Computing applications

This work illustrates the research activities related to the implementation of a suite of hardware cryptographic accelerators to fulfil the cybersecurity requirements in General Purpose Processors (GPPs) for High Performance Computing (HPC) applications, supporting the first phase of the European Processor Initiative (EPI) project. Based on the hardware Root-of-Trust paradigm, the EPI GPP was provided with both a secure zone, to serve the request of security services, and a non-secure zone, to serve the main request of computing applications. The physical separation between these two zones permitted to optimize both of them and improve performance. The secure zone was equipped with a suite of cryptographic hardware accelerators (named Crypto-Tile), mainly composed by four different cryptographic coprocessors for symmetric-key cryptography, public-key cryptography, digests computation and random numbers generation, offering the highest levels of security. The research activities mainly involved the implementation of the Crypto-Tile module by using SystemVerilog HDL, followed by the verification and the synthesis on a 7 nm standard-cell technology followed. In addition, also a demoboard was implemented by using a VCU128 board by Xilinx integrating a RISC-V softcore processor and the Crypto-Tile module, which was employed to develop drivers for hardware abstraction layer, bare-metal applications and drivers for Linux kernel in C language.