Cloud native EDA tools & pre-optimized hardware platforms
Unlimited access to EDA software licenses on-demand
While an array of industries began migrating their functions and processes to the cloud years ago, the electronic design community has taken a more guarded approach. It’s no wonder, given the valuable intellectual property at stake. However, it hasn’t taken long for the chip industry to recognize that the benefits of cloud-based design flows, particularly when bolstered by robust security, are too attractive to pass up.
Semiconductor design has long been driven by exacting quality requirements and aggressive time-to-market targets, with burgeoning costs infringing upon the bottom line. What’s more, emerging applications in compute-intensive areas such as artificial intelligence (AI) and high-performance computing (HPC) continue to place enormous pressure on chip designs. And the push continues for reduced cycle times for chip design and verification.
Cloud-optimized electronic design automation (EDA) solutions alleviate these challenges, while providing an avenue for continued innovation even as Moore’s law slows. The key advantages?
As attractive as these advantages are, cloud-based chip design and verification cannot thrive without the highest levels of security. In this blog post, we’ll take a closer look at how EDA vendors are building trust in their cloud-optimized solutions via modern cloud security and cloud-native processes and technologies.
Above all, chip designers want to be sure that their designs and their IP are safe in the environment in which they’re working. It’s imperative that as we transition chip design and verification flows into cloud environments, we also embed security in all aspects of the software development lifecycle, infrastructure, and platforms.
Typically, cloud providers operate under a shared responsibility model. Security of the cloud, such as the data centers, is the provider’s responsibility; as such, it’s in their best interest to build in security from the ground up in their infrastructures and applications.
Cloud service providers are responsible for the security of the underlying cloud infrastructure, such as physical security of the environment, security of the hypervisor for the compute, network security of the multi-tenant software-defined network environment, and security of the provided applications/services used for management of certain operations. Cloud customers are responsible for securing workloads such as infrastructure setup, network security within the environment, ingress/egress control, and application security.
If you’re considering best practices, much of this comes down to a shift left: putting security at the inception phase of a project and integrating security into all aspects of the environment. When building the cloud infrastructure, for instance, the architects should have answers to several key questions:
At the application level, it’s essential to scan the code for security vulnerabilities throughout the software development lifecycle. Access to the applications should be controlled as well as secured via techniques such as multi-factor authentication. Establishing different levels of data classification, along with associated access permissions, may be appropriate. Cloud workload protection should be applied to virtual machines and containers, with monitoring for critical vulnerabilities.
Synopsys offers our expansive portfolio of design and verification solutions in the cloud, backed by our commitment toward security. The silicon design solutions are production proven on major public cloud platforms and also endorsed by major semiconductor foundries to work with their libraries and process design kits. The verification solutions can accelerate software bring-up and system validation.
Our cloud security pillars provide an end-to-end approach for our cloud-optimized EDA and IP solutions as well as for customers who are migrating their own software or applications to the cloud. The pillars address these key areas:
Our innovative tools offer advanced protection against vulnerabilities. And we're uniquely positioned to provide these products built with security in mind from the start because we use the entire suite of Synopsys security tools and services.
Given Synopsys investments in security solutions, including offerings like our Black Duck® and Coverity® technologies, we have the expertise in house to understand where data breaches occur, to assess source code and application weaknesses and vulnerabilities, and to mitigate security issues. We also work closely with cloud providers to ensure that our mutual customers feel confident running their designs on our cloud-based tools.
When it comes to cloud adoption, the finance industry offers some parallels to the electronic design industry. Given the sensitivity of financial data, it's no wonder that this sector also was slow to migrate to the cloud. But once big banks began doing so, others in the industry followed. The semiconductor design industry looks to follow a similar trajectory as more and more designers experience the benefits of designing and verifying chips in the cloud.
Cloud-based chip design and verification bring the flexibility in compute resources for better results and faster turnaround time. With chips growing in complexity and size, particularly for demanding applications like AI and HPC, the cloud provides a welcome and secure avenue for greater productivity and innovation.