Download the full case study as a PDF

A multinational provider of solutions for large-scale high-security financial transaction processing requested CriticalBlue to look into increasing the throughput of one of their Hardware Security Module (HSM) platforms by ensuring a smooth transition of its software to next-generation Freescale QorIQ multicore processors, while improving the reliability of the system against exploitable vulnerabilities.

Results

By re-calibrating the throttling parameters for the QorIQ platform, and complementing hardware cryptography with a localized software implementation for frequent burst-like low-intensity processing needs, the security processor hardware was left free to run the occasional large processing job more efficiently with lower contention, reaching a speed up of around 4x.

This ultimately allowed the transaction server to be migrated from a single processor with cryptography co-processor platform running a single software instance to a 4 core SoC with integrated security hardware hosting multiple virtualized images of the software.

Process and Technology

CriticalBlue investigated the performance increase obtainable by varying the number of cores and the workload. This key preliminary phase led to the discovery of parallelization bottlenecks in the throttling of incoming connections and in the suboptimal use of the cryptographic co-processor hardware. Insight into these issues was made possible by using the Prism Technology to trace the HSM server software itself.

Download the full case study as a PDF