RISC-V Summit brings the community together to show the power open collaboration can have on the processor industry. The audience spans across industries, organizations, workloads, and geographies to learn about the technology advancements in the RISC-V ecosystem and visibility of RISC-V successes.
The Confidential Computing Consortium will be on site staffing a booth. Come say hello!
To learn more, please visit: https://events.linuxfoundation.org/riscv-summit/
Today, the Confidential Computing Consortium released findings from Everest Group’s market study revealing that the Confidential Computing market is projected to grow at a CAGR of 90%-95% to reach US$54 billion in 2026.
Read the press release: https://www.prnewswire.com/news-releases/confidential-computing-market-could-reach-us54-billion-in-2026-301407273.html
Read the report: https://confidentialcomputing.io/white-papers-reports/
CCC media contact: pr@confidentialcomputing.io
Announcing Gramine production ready release!
Having recently joined the Confidential Computing Consortium in the Linux Foundation, The Gramine Project (formerly known as Graphene) is proud to announce the first production-ready version to enable protecting sensitive workloads with Intel® Software Guard Extensions (Intel® SGX).
The project started as a research prototype at Stony Brook University in 2011, and the first open-source version was published in 2014, followed by the Intel® SGX port in 2017 in collaboration with Intel Labs. In December 2018, Golem and ITL joined the project, forming the core of the open source community around the project, including a first release. The Gramine community has subsequently grown into a diverse group of contributors, from universities, small and large companies, as well as individuals.
Gramine not only runs Linux applications on Intel® SGX out of the box, but also provides several tools and infrastructure components for a push-button lift-and-shift paradigm for running unmodified applications on confidential computing platforms based on Intel® SGX. Gramine supports both local and remote Intel® SGX attestation, and with both EPID and DCAP schemes. With the protected files feature, security-critical files are automatically encrypted and decrypted inside the enclave. Gramine supports several performance optimizations for Intel® SGX applications including asynchronous system calls. Gramine is one of the few frameworks that supports multi-process applications by providing a complete and secure fork implementation. Gramine supports Docker integration via a tool called Gramine Shielded Containers (GSC) that automatically converts Docker images to Gramine images. Containers built with GSC can be deployed via Kubernetes for confidential containers and microservices. Gramine also supports cloud deployment with Azure Confidential VMs and integrates with Azure Kubernetes Services in Azure cloud.
Since our last release, there have been major changes in the code with 1272 files changed, 100637 insertions, 112144 deletions, 1648 commits from 49 authors. This includes a major rewrite of the code that handles features including memory management, thread handling, process handling, filesystem and signal handling. You can find the detailed changelog at our github. In future, we plan to continue Gramine development with additional features, code cleanup, tooling, and documentation. We also plan to add generic support for I/O device communication as well as add additional Platform Adaptation Layers (PAL) for other TEEs like Intel® TDX.
Gramine has a growing set of well-tested applications including machine learning frameworks, databases, web servers, and programming language runtimes and there are several projects that are already experimenting with Gramine for developing their solutions to protect data in use. We expect that Gramine 1.0 will bring many of those solutions to production. We look forward to your feedback as you deploy this latest version of Gramine for your confidential computing solutions with lift-and-shift capability.
For more information on the release please check out: https://github.com/gramineproject/gramine/releases/tag/v1.0
We invite you to join the Gramine community and contribute to adoption of confidential computing through open source collaboration.
We are just finishing the second year of the Confidential Computing Consortium, and it is time once again to look back on what the members have accomplished together.
Membership & Project Growth
All of our meetings start with the reminder that all members are welcome and all projects are welcome. It have been this way since we launched.
Remember that companies create non-profits like the Consortium in the broad open source space because our businesses benefit from that membership, and from working together towards common goals. We launched the Consortium with 15 premier and general members, growing to 27 corporate members and 2 non-profits by the end of the first year. While we lost a few members this year as company priorities shift, we have continued to grow to 36 corporate members and 4 non-profits over this past year.
This year we welcomed the following companies to the Consortium:
Ampere, Applied Blockchain, Baidu USA, Canary Bit, Cisco, Crust, Edgeless, En|viel, Ethernity Cloud, HUB Security, Madana, Opague Systems Inc, Phalla Network, Technology Innovation Institute, Western Digital, Xilinx.
Our newest general member last week is Profian. The addition of general members through the year brought us over the twenty mark and we added a new general member representative to the governing board (Eric Voit, Cisco).
A primary part of our shared mission is to support open source and standards projects relating to confidential computing to accelerate the acceptance and adoption of confidential computing in the market. This year the Consortium welcomed four new projects:
The Technical Advisory Council (TAC)
The Technical Advisory Council continues to meet every other week. It is an opinionated public debate and everyone is welcome to attend. Members in the TAC saw the need to begin to add some structure and this year created the idea of Special Interest Groups (SIG) as they put in place the Attestation SIG. It was recognized by members that attestation will become the next challenge in confidential computing and have begun the discussion of how best to enable TEE attestation across the industry.
The TAC membership also published a more detailed Technical Analysis of Confidential Computing white paper.
The Outreach Committee
Outreach Committee members were also busy this year in their collaboration. The Consortium Webinar Series has been building with monthly entries covering our projects and topics that span our domain. This is a good quick way to get an introduction to projects as each project has contributed to the collection.
A global pandemic makes it tough to gather together, but this year the members organized and ran the first Confidential Computing Developer Summit, C2DS in June. It was run as a virtual unconference with a full day of content. There was good attendance with 400 registered developers participating through the day. All the feedback was good and the team looks forward to building an event again this coming year.
The Outreach Committee commissioned an analyst group to produce a market study this year. Working with members, the analysts have built a view of the confidential computing industry in its growth. The study will be published this month.
Lastly, Outreach Committee members have been working towards launching an End User Advisory Council to attract broader input into how users of confidential computing technology see the challenges ahead. We had hoped to launch the advisory council at the Linux Foundation Open Source Summit in September, but pulled back as people continue to be cautious with pandemic travel. Look for a launch in the near future.
Outreach is working with the Linux Foundation creative staff to improve the Consortium website and we will be rolling changes out soon.
General Administrivia
I have long joked that governing boards should be boring places voting on meeting minutes, money, and membership.
We continue to get great support from the Linux Foundation services teams. Stephano Cetola has recently moved to become a technical director at the RISC-V organization. While we are sad to see him go, Brian Warner is stepping into the role of Linux Foundation program manager. This year Ashley Weltz joined the program management team to help put the developer summit and end user advisory council in place.
I look forward to continue working with all of our members in the coming year. A number of new projects have approached the Consortium. New members continue to express interest. It should be an exciting year ahead.
Updated January 2022 to reflect new members joining in Q4 of 2021.
