Intel® Innovation, one of Intel®’s flagship developer events, continues to span the worlds of architecture innovation, software tools and technology & research. Canonical is proud to be the silver sponsor in 2023 and will demonstrate our joint solutions from cloud to the edge.
As industry leaders in hardware and software, Intel and Canonical create solutions that customers often use together. For more than a decade, we have worked closely to advance our technologies, and simplify the product experience for our shared customers. By aligning our product roadmaps and conducting pre-integration work, we’re enabling customers to more easily implement new technologies, to accelerate their time to market, and to have a smoother product development experience.
Intel and Canonical also have a common mission to further open source software, and our collaboration is from cloud, desktop to the edge, across various industries and verticals. Join Canonical at [add booth number], Intel Innovation 2023 in San Jose, California from 19-20 September. We will showcase our joint solutions in confidential computing, real-time technologies and more.
Securing secrets with confidential computing
A major gap in today’s security paradigm is the lack of protection for data at run-time. Data breaches can occur when data is in use and can have various origins, such as malicious insiders with administrative privileges or hackers exploiting bugs or vulnerabilities in privileged system software (such as the OS, hypervisor, or firmware).
Confidential computing has emerged as the solution to restore control over the security assurances of your workloads, and Canonical is firmly committed to empowering Ubuntu users with the robust confidentiality and integrity guarantees that confidential computing affords.
Fostering widespread acceptance of confidential computing requires a collaborative effort involving various industry stakeholders.
Join us for a live demonstration showcasing how sensitive data remains encrypted and shielded from potential threats even by the privileged system software. This immersive experience will reveal how confidential computing guarantees the confidentiality and integrity of data. Discover how Intel® Trust Domaine Extensions (Intel® TDX) is poised to redefine data security standards and foster new levels of trust in computing environments.
Visit us at Booth 313 in the Edge to Cloud Anchor
Presentation: Secure Your Data with Ubuntu confidential virtual machines and Intel® TDX
Speaker: Ijlal Loutfi, Product Manager, Canonical
Location: Spark Theatre
Description: Confidential computing introduces a new system security primitive which decouples resource management from data access. In this new paradigm, the hypervisor and other privileged system software retain their responsibilities for workload scheduling, execution and memory management but should no longer have direct access to your workload’s data when deployed in a confidential virtual machine.
Canonical and Intel have been working closely together on enabling Intel TDX on Ubuntu host and guest images, in order to give customers control back over their data.
In this session, we will first establish why Intel TDX is needed for both private and public cloud deployments. We will then discuss the two technical pillars that Intel TDX leverages to realise confidential VMs, namely its hardware based memory encryption, and hardware-rooted remote attestation. We then will discuss what gaps currently exist in current implementations of confidential VMs, and how you can mitigate them when choosing Ubuntu confidential VMs and Ubuntu Pro.
Finally, we will highlight innovative use cases where you can use confidential computing to not only enhance your security posture, but to also enable secure data sharing and secure multi-party computation.
Low Latency with Real-time Ubuntu on Intel® SoCs
Delivering a comprehensive real-time solution for industrial systems requires careful work at every layer of the stack. Furthermore, legacy and traditional CPUs for desktop and server computing are complex machines characterised by out-of-order execution and tricks to speed up throughput at the cost of (among other things) execution time predictability. On the other hand, Real-time Ubuntu on a specific SoC architecture tailored for real-time applications is the ideal solution for mission-critical scenarios with stringent latency requirements. Since standalone hardware or software components are not sufficient, Canonical and Intel have joined forces to deliver an out-of-the-box real-time solution, now generally available on Intel® Core™ processors.
Canonical and Intel’s integrated approach offers a pre-integrated stack with enabled and supported technologies, ensuring ease of use for developers. With the addition of Intel® Time Coordinated Computing (Intel® TCC) and IEEE 802.1 Time Sensitive Networking (TSN), enterprises can achieve enhanced performance, time synchronisation, and temporal isolation at the silicon layer. TSN primarily focuses on the network space, ensuring that time-sensitive applications and workloads receive the necessary processing and network priorities. On the other hand, Intel® TCC is the equivalent solution designed specifically for the latest Intel® processors. It optimises the entire System-on-Chip (SoC) to deliver the time-sensitive and deterministic needs of real-time workloads.
Intel and Canonical collaborated to prepare a scalable testbed to emulate a real-world industrial usage scenario, using Real-time Ubuntu and Intel’s technologies. The demo showcases a servo controlled by an industrial-grade PC and a display showing what’s happening on the machine.It demonstrates real-world mixed-criticality real-time scenarios. By enabling real-time Ubuntu and isolating the workloads through Intel’s TCC features, enterprises can get predictable results for industrial-grade use cases.
Visit us at Booth 313 in the Edge to Cloud Anchor to check it out!
Explore more about our partnership
Beyond confidential computing and the IoT solutions, Canonical and Intel have been partnered on a variety of projects, such us:
- Power optimisation for desktop and laptop devices.
- Virtualisation in the radio access network.
- Trusted containers for software development kits to accelerate the development and deployment of AI solutions.
Read the joint whitepaper to learn more.