News

Microsoft's 'Project Olympus' Hyperscale Spec Now Production-Ready

• By Kurt Mackie
• November 10, 2017

Hardware vendors are now implementing Microsoft's "Project Olympus" datacenter specification, the company announced this week.

Project Olympus, as Microsoft describes it, is a "next-generation hyperscale cloud hardware design" for datacenters. The design was shepherded as an "open source" hardware project under the auspices of the Open Compute Project (OCP), an industry coalition dedicated to fostering open datacenter technologies. Microsoft had joined the OCP in early 2014, but its spearheading of Project Olympus was initially kicked off in late 2016. It wasn't complete, though, until this month.

Since Project Olympus is part of the OCP effort and is complete, it's now possible for the OCP community to "utilize these specifications to create derivative designs for meeting varied datacenter needs," Microsoft indicated. They can also innovate on top of the baseline design.

Current Products
Wiwynn and ZT Systems are already offering commercially available Project Olympus-based hardware products, both of which use Intel Xeon Scalable processors, which support 28 cores max with 6TB of system memory. Wiwynn suggested its Project Olympus-based SV5100G3 server can be used as a Web server. ZT Systems described its XPO200 Server as being "designed to enable customer experimentation with Microsoft's Project Olympus platform and validation against specific workloads prior to scale-out deployment."

Microsoft also is using Project Olympus hardware, namely for "volume production with the Fv2 virtual machine (VM) family." The Fv2 VMs are Microsoft's fastest VMs, which run from its Azure cloud infrastructure. Microsoft's Project Olympus hardware also uses Intel Xeon Scalable processors.

Project Cerberus
Microsoft this week also introduced Project Cerberus, which is an NIST 800-193 draft guideline aiming to add security protection at the firmware level for motherboards as well as "peripheral I/O devices." It's designed to protect firmware by detecting unauthorized changes, with the ability to recover from attacks. The developing specification is "architecture agnostic" to the particular CPU or I/O device.

Project Cerberus is conceived as protecting against "malicious insiders with administrative privilege or access to hardware," as well as outside attackers and malware. It's also conceived as protecting against "supply-chain attacks" in manufacturing plants.

Microsoft described Project Cerberus as adding a "root of trust" to firmware. It protects the preboot, boot and runtime stages via a microcontroller.

"Project Cerberus consists of a cryptographic microcontroller running secure code which intercepts accesses from the host to flash over the SPI bus (where firmware is stored), so it can continuously measure and attest these accesses to ensure firmware integrity and hence protect against unauthorized access and malicious updates," Microsoft's announcement explained.

Microsoft and Intel are currently collaborating on using Project Cerberus specs for firmware security. They eventually plan to contribute the specs as an open source OCP effort.