Ownership and Control of Firmware in Open Compute Project Devices Elaine Palmer (
[email protected]), Tamas Visegrady (
[email protected]), and Michael Osborne (
[email protected]), IBM Research Division 9 November 2018 1 Introduction The information herein is based on the authors’ A country music song made famous by Garth decades of work in designing and implementing Brooks in 1990 declares, “I’ve got friends in low ownership in a broad range of security devices, places,” noting that one can always rely on from smart card chips to servers. ordinary people to help a friend in need. Firmware is the friend in the “low places” of data 3 The parties involved centers. It runs in servers, memory subsystems, Consider a simple example of a data center that storage systems, cooling units, communications procures and deploys a thousand identical new controllers, power management systems, and devices. The devices arrive with firmware that is other devices. These systems and subsystems functional, but outdated. After first installing the rely on firmware to verify the soundness of the devices, the data center staff must update the hardware, to transfer control to subsequent firmware, and continue to update it, as new software, and, in many cases, to operate the versions of the firmware are released, throughout hardware directly. Firmware typically has full the life of the device. When the device is access to the resources of a system, such as ultimately taken out of service, it is sent to a volatile and non-volatile memory, processors, reclamation center, where it is stripped of useful coprocessors, voltage regulators and fans.