StarlingX: Secure Device Onboarding

Storyboard: https://storyboard.openstack.org/#!/story/2008117

This spec describes a new feature to enable secure Zero Touch Provisioning (ZTP) of SDO devices securely.

Problem description

Secure Device Onboard(SDO) is an open source software that is in the process of becoming an industry standard through the FIDO alliance, which automates the process of securely onboarding SDO capable devices. By “onboard” we mean the process by which device establishes its first trusted connection with the device management service.

SDO brings in late binding, wherein the device owner can choose the Device management platform to which the device onboards just at or before comissioning of the device at the point of installation.

StarlingX needs to support deployments in environments that have a combination of compute systems ranging from small IOT devices to high compute Xeon platforms. Considering StarlingX is installed on some of these systems and requires to support the secure provisioning of the other non-StarlingX based devices, integrating/developing the SDO on Starlingx would add an additional capability to provision a non-Starlingx based devices.

The devices to be onboarded through SDO can be X-86/ARM based platform. Also, as earlier stated ranging from small compute IoT devices to higher compute Xeon devices. The only condition is that, the device must come with necessary credentials and SDO client software during the manufacturing stage.

Use Cases

This proposal aims to support SDO onboarding capability on the StarlingX based platforms so that these systems can provision other devices that supports SDO. Thus ideally, the user deploying an SDO device would just power on it and connect to the network, whereupon the device would boot, connect itself to a StarlingX cloud and be fully provisioned by StarlingX SDO services and support in bringing up the device to fully functional state.

Proposed change

Overview of SDO and Integration on Starlingx

The SDO on-boarding process automates the secure provisioning of devices and it involves interactions between number of different entities that participate in the process. Those include: Manufacturer, Device, Owner, Rendezvous service, Device platform service.

We aim to enable SDO Rendezvous service and Device platform service on Starlingx kubernetes cluster.

The Device platform service provides the components for the device owner to integrate his choice of Device management service.

The device will be initialized with SDO special software load and security credentials created by utilizing the supply chain tools by the device manufacturer. Device’s ownership vouchers will also be generated by the same tool, and then be feed into the Device platform service before going through the SDO process.

Device platform service synchronizes the voucher information with Rendezvous service which plays the role of directing the target device to the owner Device platfrom service.

Once the device powers on, It can establish a secure connection with the desired Device management service through standard SDO process. After that, the provision operation of the device node can be automatically performed.

The enabling of services are taken up in phases. The details of which are below:

• Phase One: Enable Rendezvous service as an application on Starlingx.

• Phase two: Enable the Device platform service on Starlingx.

This spec aims to close on Phase one details.

StarlingX support of SDO

There will be an Armada manifest and SDO helm charts for Rendezvous service, which will be uploaded and applied to pull the container images from a public registry, configure and launch the SDO services pods.

The SDO applications will be packaged as a tarball that can be transferred to the system and activated with system application-upload & system application-apply.

Alternatives

None

Data model impact

None

REST API impact

None

Security impact

None

Other end user impact

None

Performance Impact

TBD

Developer impact

TBD

Upgrade impact

None

Implementation

Assignee(s)

Primary assignee:

• Poornima Y N

Repos Impacted

• SDO-armada-app

Work Items

• Create new repo for the new application ‘SDO’, define required armada manifests and import helm charts for app

Dependencies

• TBD

Testing

Test cases will be developed for adding systems of various personalities and capabilities to the StarlingX cloud. Both positive and negative tests (e.g. tests with bad credentials which should be rejected) will be defined.

Documentation Impact

We will add new documents for the SDO process.

References

• Code: https://github.com/secure-device-onboard

• Release: https://github.com/secure-device-onboard/release/releases/

• Document: https://secure-device-onboard.github.io/docs/

History

Revisions

Release Name	Description
STX 5.0	Introduced