Enabling Performant and Secure EDA as a Service in Public Clouds Using Confidential Containers

TL;DR

The paper addresses secure offloading of EDA workloads to public clouds by adopting confidential computing with Confidential Containers (CoCo). It demonstrates an end-to-end cloud-native framework where Siemens Calibre OPC runs inside confidential VMs, with sidecars providing secure storage and encrypted networking, achieving end-to-end confidentiality with approximately 7% performance overhead at medium scale. Key contributions include integrating CoCo with storage and network sidecars without modifying workloads, deploying on a Kubernetes cluster with AMD SEV-SNP, and providing a detailed performance breakdown that informs future optimization. This work advances practical EDA-as-a-Service by showing that security can be maintained in cloud environments with manageable overhead, enabling broader access to cloud resources for fabless design teams.

Abstract

Increasingly, business opportunities available to fabless design teams in the semiconductor industry far exceed those addressable with on-prem compute resources. An attractive option to capture these electronic design automation (EDA) design opportunities is through public cloud bursting. However, security concerns with public cloud bursting arise from having to protect process design kits, third party intellectual property, and new design data for semiconductor devices and chips. One way to address security concerns for public cloud bursting is to leverage confidential containers for EDA workloads. Confidential containers add zero trust computing elements to significantly reduce the probability of intellectual property escapes. A key concern that often follows security discussions is whether EDA workload performance will suffer with confidential computing. In this work we demonstrate a full set of EDA confidential containers and their deployment and characterize performance impacts of confidential elements of the flow including storage and networking. A complete end-to-end confidential container-based EDA workload exhibits 7.13% and 2.05% performance overheads over bare-metal container and VM based solutions, respectively.

Figures (6)

• Figure 1: Optical Proximity Correction - shown is a representation of OPC. Design shapes are read in and broken into vertices and edges. Next, simulations are performed to predict how the current shape will print on wafer for a particular lithography process. Edges are then moved and new vertices or edges are introduced based upon the differences between a target shape and the simulated contour. Finally, shapes are written to a file when either a cost function criteria is met or a maximum number of optimization iterations is reached.
• Figure 2: Overview of Siemens Calibre® OPC as a distributed high performance computing workload.
• Figure 3: The components outside of the confidential VM are not trusted (black dashed boxes). The components in the confidential VM are encrypted (green solid-line boxes).
• Figure 4: The system overview of CoCo with secure storage and encrypted networks.
• Figure 5: Performance overhead of k8s Bare Metal, Kata - Classic VM, and various configurations of CoCo.