05-26, 12:50–13:20 (UTC), Presentation Room
Parsec is an open-source project within the Cloud Native Compute Foundation (CNCF). It aims to provide convenient and portable interfaces to hardware security in the programming language of your choice. Parsec is being integrated into the meta-security layer of Yocto Project. This is an opportunity to learn more about Parsec and the value it can bring to your Yocto-based deployment.
More and more compute workloads are migrating from the cloud to the edge, where they can be executed in closer proximity to sensor devices, avoiding expensive backhaul of data volumes to the cloud. Developers are used to deploying workloads with cloud-native tools and technologies, where APIs are portable and decoupled from physical platform details. But the threat landscape of edge computing is different from that of the cloud. It demands hardware security protection for private assets such as keys. A variety of hardware security solutions exist in the highly-diverse ecosystem of the edge. Using these requires knowledge of specialised APIs, which can be difficult to consume, and are not always portable. Parsec creates abstractions for hardware security, providing interfaces that are portable, and creating ergonomic developer experiences in multiple programming languages.
This year, Parsec recipes are being added to the meta-security Yocto layer, making it possible for developers and systems integrators to gain the advantages of Parsec in their Yocto-based deployments.
In this talk, we present a high-level overview of the Parsec project. We will describe its architecture and talk about the project status and roadmap. We will also talk about our experiences of integrating this Rust-based security project into the meta-security layer.
Paul Howard is a Principal System Solutions Architect within the Architecture and Technology group at Arm, based in Cambridge UK. He leads the team within Arm that is contributing to the Parsec project.
I'm a computer engineer in ARM with experience in networking, Linux administration and deployments and clouds.