Xiphera’s Customisable nQrux™ Confidential Computing Engine Protects Cloud, Edge, and AI Environments

nQrux™ CCE solution is customised to include various types of computing resources, while the communication of data and code is protected with hardware-based implementation of TLS 1.3.
Xiphera’s nQrux™ family of Hardware Trust Engines offers ready-to-implement security modules for various security architectures.

Xiphera introduces Confidential Computing Engine (CCE) for the nQrux™ family of Hardware Trust Engines. The nQrux™ CCE offers customisable solutions for secure code execution environments protecting data, code, and Artificial Intelligence (AI) models in cloud, edge, and AI environments.

The nQrux™ CCE solution is customised to include various types of computing resources including CPU cores and specific accelerators, for example, for AI. Data and code are remotely uploaded over a protected communication channel to be processed securely in the CCE. Additionally, the CCE solution includes a feature where client nodes can be categorised into groups with different access rights to the resources of the CCE – for instance, one client can provide AI models for an embedded AI accelerator inside the CCE, the other clients (such as sensors) can upload data to be processed in the AI computation, while a third client may have the right to access the result of the AI computation.

Communication of data and code to the nQrux™ CCE is protected with hardware-based implementation of TLS 1.3. Access policies are enforced with hardware isolation of resources and with client-authentication of TLS 1.3, so that only clients with appropriate certificates are allowed to access (write and/or read) specific resources.

Example high-level block diagram of the nQrux™ Confidential Computing Engine.

“The new CCE core provides uniquely tailored solutions, to protect for example AI or other code in remote environments such as Edge, cloud, and satellites”, says Petri Jehkonen, Xiphera’s Director of Strategic Programs. “The computing elements, such as RISC-V or AI accelerators, are physically and cryptographically isolated from the rest of the system, mitigating CPU or cache vulnerabilities, while offering flexibility to use general purpose programming languages with security related processing tasks.”

For more information, visit the product page of Confidential Computing Engine (CCE) and the family page of nQrux™ Hardware Trust Engines. With any additional questions and inquires, contact us directly.

WEBINAR – Fortifying Digital Resilience: Security Foundations for IoT, AI, and Cloud Systems

Ensuring digital resilience requires certain security elements from the underlying foundations of hardware infrastructures, software platforms, and digital identities. The specific needs and requirements for these elements vary across different industries and customer environments, making the customisability of cryptographic solutions essential.

This webinar reviews the challenges and practical building blocks for strengthening digital resilience within modern IoT, Cloud, and AI environments.

Watch the recording.

Read more
Cryptographic modules offer an all-inclusive cryptography package for customised security needs. This blog deep-dives into the benefits, implementations, and possible use cases of a hardware-based cryptographic module.
The new nQrux™ portfolio offers highly optimised and customisable security solutions with cryptographic operations implemented purely in hardware.
The IPsec IP core complements Xiphera’s Security Protocols offering, bringing proven security for the critical layers 2-4 of the OSI model.