Lockheed Martin has collaborated with Intel® over the last four years to create secure, virtual machines that provide significant advances in high-performance, cloud and edge computing for commercial, defense and government customers. As the deployment of 5G networks continues to accelerate, this technology is more critical–and relevant–than ever.
With its promise of higher bandwidth and lower latency for processing data, 5G allows companies to digitally transform operations, taking advantage of Internet of Things (IoT) analytics, machine learning, artificial intelligence (AI) and more.
As with most new technologies that deliver key benefits or improvements, 5G and edge-computing are not without challenges. Customers can be exposed to a host of security risks, especially in the process of transferring data between edge and cloud databases. Security risks have evolved to the point that software-only options simply aren’t adequate. Advanced, persistent threats are using malicious rootkits and other clandestine means to compromise low-level components such as operating systems, BIOS, hypervisors and hardware.
With threats increasing in complexity and digital transformation on the rise, a zero-trust architecture that uses the concept of least privilege, isolation and attribute-based controls is necessary to protect critical assets. This approach reduces security vulnerability by assuming that all networks are untrusted, restricting access to minimum permissions required for a particular task and inspecting and monitoring everything.
The collaboration between Lockheed Martin and Intel was started to respond to these challenges. Combining decades of Intel’s hardware experience and processor capabilities with Lockheed Martin’s legacy of global security expertise has led to revolutionary solutions that deliver a greater level of protection against physical, cyber and supply-chain threats using enhanced security and performance features. With the recent launch of Intel’s new 3rd Gen Intel® Xeon® Scalable processors, new security features are now available for customers to utilize.
Hardened Security for Intel processors
Lockheed Martin’s Hardened Security is a virtualized platform that offers a full security run-time solution which isolates and protects customer domains. Originally developed for edge-computing with Lockheed Martin-only products, the platform is now a part of the Intel Select Solutions portfolio - a classification Intel awards to solutions that have been benchmark-tested, verified and optimized for real-world performance.
Lockheed Martin Hardened Security offers a full range of attribute-based security controls that provide improved ease-of-use through more deterministic quality of service (QoS) and confidential computing through robust hardware system memory encryption with a secure chain of trust.
“We worked to develop our product to enhance security against side channel vulnerabilities in multi-core processors. We specifically addressed this with Intel for high performance, cloud and edge computing,” said Scott Hinnershitz, Chief Technical Lead of Hardened Security for Intel Processors at Lockheed Martin. “Most security solutions focus on adding security after boot. We focus on Secure Boot and establish isolation virtualization to create a trusted secure runtime environment for individual separated workloads. Our Hardened Security platform establishes security that protects data through encryption at rest but also while in use, which is where is can be most vulnerable. This is implemented via CPU hardware capabilities, so applications don’t have to sacrifice performance and low-latency for security.”
Lockheed Martin Hardened Security achieves this by enabling users to easily isolate memory encryption and runtime resources for virtual machines all the way down to the processor’s last level cache. This gives users fine-grained control of dedicated resource allocation so that performance goals can be reliably achieved in busy deployments without the need to over-allocate hardware resources, enhancing QoS and determinism.
“In order to upgrade to 5G networks, companies will need to create seamless and secure cloud to edge connections,” said Adam Miller, Advanced Programs Director at Lockheed Martin. “With its inline memory encryption, QoS and determinism capabilities, our Hardened Security allows companies to transfer data between edge and cloud more securely and efficiently, ultimately enabling companies to offer their end customers secure 5G channels.”
3rd Gen Intel Xeon Scalable processors
Lockheed Martin Hardened Security was developed specifically for use with Intel processors. Aligned with its focus on cloud, edge, 5G and digital transformation strategies, Intel recently launched its most advanced, high-performing data center platform that’s optimized to power the industry’s broadest range of workloads – from the cloud, to the network, to the intelligent edge. New 3rd Gen Intel Xeon Scalable processors deliver a significant performance increase compared with the prior generation and add new and enhanced platform capabilities.
“We are in a new era of edge to cloud computing which requires disruptive technology to power high performance computing workloads while securing against sophisticated attacks. These new capabilities, combined with Intel’s broad portfolio of Intel Select Solutions, including Lockheed Martin’s Hardened Security, enable customers to accelerate deployments across cloud, AI, enterprise, HPC, networking, security and edge applications,” said Jeremy Rader, General Manager of Enterprise Strategy & Solutions, Data Platforms Group at Intel.
Lockheed Martin Hardened Security enhancements
Lockheed Martin Hardened Security is available for use on the 3rd Gen Intel Xeon Scalable processors and now offers customers the following security enhancements:
- It supports individual hardware keys for up to 63 secure virtual domains per socket.
- When comparing to prior generations using software-based encryption, 3rd Gen Intel Xeon Scalable processors have almost seven times the memory encryption bandwidth to system memory.
Enabling 5G networks with Hardened Security
Lockheed Martin Hardened Security for Intel Processors is available through our partners Supermicro and HPE . Please visit our webpage for more information about Hardened Security.