At Microsoft, secure design begins at the foundation of our computing stack—the silicon level—and extends through every layer of the cloud.
At Microsoft, secure design begins at the foundation of our computing stack—the silicon level—and extends through every layer of the cloud. Since launching the Secure Future Initiative (SFI)—a company-wide commitment to security, we continue to prioritize delivering products and solutions that are secure by design, secure by default, and secure in operation.
SFI sits at the core of Azure’s approach to designing hardware systems, reshaping the architecture, deployment, and operations of our physical cloud and AI infrastructure. Azure is redefining workload security from the datacenter to the edge. Our comprehensive approach includes Azure Boost, which isolates control and data planes for virtual machines; the Azure Integrated HSM, a custom security chip providing FIPS 140-3 Level 3 key protection within our servers; and confidential computing, which protects data in-use through hardware-based trusted execution environments (TEEs).
Microsoft has also made ongoing efforts to advance systematic security audits and contribute to the open-source community through Caliptra—a silicon root-of-trust designed to anchor security in hardware. Combining these initiatives with technologies such as confidential computing and code transparency services, our aim is to ensure that every component in the supply chain can be securely verified.
Purpose built silicon for defense-in-depth
Azure Boost serves as the system’s security controller, managing secure access to Azure. Only systems with a verified and approved security configuration are granted access.
To enhance security and performance, Azure Boost offloads control plane services from the host CPU to a dedicated Azure Boost system controller. This setup creates a hardware separation between Azure’s control plane—running on the Azure Boost controller—and customer workloads—running on the CPU—ensuring strong isolation and protection.
Azure Integrated HSM is a server local Hardware Security Module (HSM) for high-assurance workloads. It is designed to meet the stringent requirements of the Federal Information Processing Standards (FIPS) 140-3 Level 3 security requirements, requiring strong isolation, tamper-resistant hardware, identity-based authentication, and automatic zeroization. Azure Integrated HSM protects keys in-use, by ensuring keys always remain within the bounds of the HSM.
Unlike centralized remote HSM services, Azure Integrated HSM eliminates network roundtrips for key operations and avoids the need to release keys into the workload environment. Instead of relying on remote access, the Azure Integrated HSM is securely bound to the local workload and provides oracle-style key usage to authorized services within the local environment.
Azure Datacenter Secure Control Module (DC-SCM)—DC-SCM is a security and server control module that contains Hydra—a security-focused Board Management Controller (BMC) design, with an integrated root-of-trust and hardware-based security protection on all management interfaces. This root of trust restricts unauthorized access to BMC firmware and ensures the firmware is authenticated and cryptographically measured.
Confidential Computing offers a spectrum of guarantees
Confidential computing makes use of hardware-based Trusted Execution Environments (TEEs) to protect workloads—such as virtual machines—from other system software, including the hypervisor.
Microsoft, a founding member of the Confidential Computing Consortium, works closely with CPU and GPU manufacturers to design and integrate confidential computing technologies directly into their hardware. Earlier this year at the Confidential Computing Summit we defined a spectrum of guarantees users can enable with confidential computing when they port their applications, including:
- On by default, is the lift and shift existing applications with minimal change.
- Build in confidential computing by designing services and applications that make deeper use of hardware-based protections.
- Leverage transparent confidential computing to gain deeper insights into how confidential services interact and operate securely.
Azure has the most comprehensive portfolio of confidential computing solutions, including confidential virtual machines, containers, generative AI, and services like Azure Confidential Ledger, Azure Attestation, and Managed HSM—each designed to protect code and data throughout its lifecycle using hardware-backed security.
Hardware Security Transparency
Caliptra is a hardware root of trust that plays a critical role in securing devices. It anchors the chain of trust directly in silicon, establishing foundational security properties that support the integrity of higher-level features. This foundation provides workloads the ability to verify the code and configuration of the underlying platform, enabling workloads establish trust in the hardware platform.
Caliptra is a fully open-source silicon root of trust developed through a collaboration between Microsoft, AMD, Google, and NVIDIA. In April, we released Caliptra 2.0, which included Adams Bridge—an open-source accelerator designed for post-quantum resilient cryptography. This integration made Caliptra the first open-source root of trust to feature hardened post-quantum cryptography, driving broader adoption across the hardware ecosystem.
Systematic Security Reviews play a critical role in protecting hardware infrastructure, which relies on both low-level hardware features and the firmware that runs on top of them. Ensuring firmware security involves rigorous code scanning, continuous security reviews, and hardware-based attestation.
Historically, Microsoft conducted these reviews internally. To enhance transparency and extend security assurance beyond Microsoft, we partnered with Google and the Open Compute Project in 2023 to establish OCP SAFE—a framework for systematic security reviews.
Under OCP SAFE, approved Security Review Providers (SRPs) perform independent evaluations and issue verifiable endorsements of a manufacturer’s security compliance. These endorsements serve as trusted evidence, supporting secure device attestations and reinforcing confidence in the hardware supply chains.
Enhancing security with Code Transparency Services
Code Transparency Services (CTS) is an immutable ledger technology built to meet the standards of Supply Chain Integrity, Transparency, and Trust (SCITT). It operates exclusively within confidential computing environments, enhancing trust in Azure’s hardware and firmware by ensuring that every component is verifiably secure .
CTS addresses key challenges in firmware provenance, integrity, and auditability across both first-party and third-party supply chains. When paired with a silicon root of trust like Caliptra, and supported by audits such as OCP-SAFE, CTS ensures that hardware and firmware are authorized, non-repudiable, and immutably auditable.
Today, CTS is a central component in Azure’s confidential cloud services. In addition to Azure’s own usage, CTS will be available as a managed service—allowing Azure customers to create and operate their own transparency service instances.
Staying secure with Microsoft
Microsoft’s Secure Future Initiative (SFI) provides a guiding framework for building secure and trustworthy cloud infrastructure. By embedding security into every layer—from silicon to systems to services—Azure takes a defense-in-depth approach to cloud security. Through innovations like Azure Boost, Azure Integrated HSM, and confidential computing, and through collaborative efforts such as Caliptra, OCP SAFE, and SCITT, Microsoft is not only securing today’s workloads but also laying the foundation for a more secure and transparent future.
