Azure Hardware Security: Host HSMs and Caliptra RoT

Microsoft’s presentation at Hot Chips 2025 pulled back the curtain on a quiet but pivotal shift in how Azure defends the cloud: security is moving from centralized, cluster-level appliances into the silicon and server chassis themselves, with the Azure Integrated HSM and companion custom silicon (and open Caliptra 2.0 root of trust) designed to protect keys, detect tamper, and reduce cryptographic latency at hyperscale. rlem bluntly: cloud operators no longer only face external network threats — they must secure multi‑tenant workloads, protect against insider threats, and satisfy customers who demand protections that extend even against the cloud operator itself. To meet that challenge, Microsoft’s Secure Future Initiative (SFI) layers hardware security, custom accelerators, and verified silicon roots of trust across Azure’s global fabric.
The company’s scale helps explain the int: Microsoft reported dozens of regions, hundreds of datacenters, hundreds of thousands of miles of fiber, and tens of thousands of dedicated security staff — a scale that makes any marginal reduction in risk a business-critical engineering problem. These scale figures were presented as part of Microsoft’s rationale for rethinking hardware security.

---

Why hardware matters now: the threat model and perfor The modern cloud threat model​

Cloud providers must defend across multiple axes simultaneously: perimeter threats, tenant isolation, supply-chain integrity, and data-in-use exposures. Confidential computing has elevated the last axis — protecting secrets while code executes — into a must‑have for many regulated customers and IP‑sensitive workloads. Microsoft places confidential computing, HSM integrity, and tamper detection at the center of its roadmap.

Why move HSMs from clusters to hosts?​

Historically, HSMs were deployed as net‑appliance devices: secure, certified black boxes that handled keys for many services. Those centralized models are proven, but they introduce network latency and operational complexity at hyperscale. Microsoft’s pivot is clear: host‑attached cryptographic services reduce round‑trip latency, enable per‑host isolation, and better support confidential VMs and containerized workloads that expect low-latency, always-on crypto. This is the core motivation behind the Azure Integrated HSM and host‑attached designs described at Hot Chips.

The trade-offs​

Moving HSM functionality into each server requires different engineering choices:
owithin server thermal and area budgets.

• Power efficiency becomes critical: thousands of hosts multiply per‑server power costs.
• Certification and tamper resistance still matter: the module must meet strong attestation and compliance targets despite its smaller form factor.

Microsoft acknowledges these trade‑offs and—according to presenters—balanced cost, power, and security by sizing HSM capabilities to the host while preserving cluster-level availability and management semantics.

---

Azure Integrated HSM: architecture, features, and implications​

What the Azure Integrated HSM is designed to do​

At its heart, the Az an ASIC (or silicon module) integrated close to the CPU, intended to:

• Provide locally attached cryptographic services for both general-purpose and confidential workloads.
• Keep keys in use inside a protected boundary to prevent leakage.
• Accelerate AES and public-key operations to reduce latency for workload‑sensitive tasks.
• Detect physical intrusion and tampering at the host level.

Microsoft’s materials emphasize that keys do not need to leave the host for many operations, and that the local HSM can service signing, encryption, and attestation oemote TLS handshake to a centralized HSM cluster. That reduction in network dependency is a foundational design goal.

Key technical capabilities (what Microsoft highlighted)​

• In‑use key protection: Keys remain inside the module during operations rather than being exfiltrated to general RAM.
• *g for multi‑tenancy**: Logical boundaries let multiple tenants use hardware‑protected partitions without cross‑contamination.
• Tamper detection and response: Physical and logical tamper sensors and corresponding firmware controls to zeroize or lock state on suspicious events.
• Cryptographic acceleration: AES, public-key operations, and algorithm offload to limit impact on CPU and reduce latency for high‑frequency workloads.

Certification and compliance posture​

Microsoft is positioning the integrated approach in service of compliance: the company has been moving Azure HSM firmware and services toward FIPS 140‑3 Level 3 validy adopted host‑attached and PCIe HSM modules in certain Cloud HSM configurations. While host‑attached HSMs complicate certification workflows (because form factor and firmware scope vary), the net effect is to enable a broader set of regulated workloads to run in Azure with similar or improved latency and operational models compared with classic appliance HSMs.

---

Caliptra 2.0 and the silicon root of trust: confidential computing at scale​

Caliptra 2.0 — an open silicon root of trust​

Microsoft’s presentation included Caliptra 2.0, described as an *open source silicon root oe boot sequences, and provide attestation for higher layers of the platform. Open‑sourcing a root of trust is unusual but deliberate: Microsoft argues transparency incentives, third‑party review, and ecosystem interoperability outweigh the risks of revealing internal design.
The Hot Chips material included gate‑count slides and verification gates for Caliptra 2.0 — unusually candid engineering detail for a cloud hyperscaler and an invaluable resource for researchers and integrators evaluating hardware‑backed attestation. Those slides lay out vts and feature tradeoffs implemented to balance silicon area, power, and security capability.

Why an open root of trust matters​

• Transparency increases trust: Open designs let third parties audit assumptions and detect logic-level weaknesses early.
• Ecosystem integration: Vendors and customers can build complementary attestation flows and tooling around a known baseline.dening**: Public silicon encourages academic and industry analysis, which can surface subtle side-channel or protocol vulnerabilities before widescale deployment.

Caveats and limits​

Opening the design does not automatically make implementation safe. Actual device security depends on manufacturing processes, key provisioning, and supply‑chain controls. An open design makes these facets observable, but not inherently secure — they still require strong operational contr Microsoft’s verification gates and test harnesses (as presented) are essential pieces of the overall trust story.

---

The ecosystem: host‑attached HSMs, DPUs, and Marvell’s LiquidSecurity​

A hybrid market: Microsoft’s design and third‑party PCIe HSMs​

While Microsoft moves to integrate HSMs at the server level, the cloud HSM market remains heterogeneous. Vendors such as Marvell supply high‑density PCIe HSM modules (LiquidSecurity) that ar Azure Key Vault and Azure Managed HSM offerings and have been selected for Azure Cloud HSM clusters to provide compact, certifiable hardware security in customer‑owned, single‑tenant cluster configurations. These cards are purpose‑built for hyperscale: PCIe form factor, DPU acceleration, and hardware partitioning for multi‑tenant isolation.

Data Processing Units (DPUs) and offload​

Microsoft’s Azure Boost DPU was presented alongside security silicon, signaling a broader strategy: offload networking, storage, and security primitives from the CPU to dedicated silicon, improving performance and reducing attack surface in some models. The DPU and host‑attached HSMs together form a platfor s while preserving CPU cycles for application logic. The Azure Boost DPU claims substantial power and performance improvements, which underpin these architectural shifts.

What the mixed approach gives customers​

• Lower latency cryptographic services for latency-sensitive workloads.
• A pathway to FIPS-calibrated services in the cloud, matching on‑prem appliance semantics with cloud scale.
• Dense, energy-efficient hardware options (PCIe cards or integrated ASICs) that let cloud operators achieve cost and OPEX benefits at scale.

---

Operational realitiesl# Rollout mechanics​

Microsoft indicated the Azure Integrated HSM will ship in new servers as part of ongoing infrastructure refreshes, meaning customers will see the benefits as new hardware comes online rather than via wholesale retrofits of older racks. This incremental approach reduces immediate capital burden for Azure but means benefits will phase in over timeusters.

Management model and customer control​

Azure Cloud HSM offerings continue to provide models where customers retain administrative control of keys even when Microsoft operates availability and lifecycle tasks. That operational balance — customer key control with provider-managed availability — is central to the single‑tenant HSM cluster model Azure offers, and Microsoft has extended that model with PCIe modules and integrated HSM approaches. Enterprises wilexact SKUs, firmware versions, and regional certification status when mapping compliance requirements.

Patch, attest, and audit​

Hosts with integrated HSMs or PCIe HSMs demand robust firmware update processes, attestation logs, and audit trails. Microsoft emphasized continuous verification gates and supply‑chain controls to ensure devices boot in a known-good state, and Caliptra 2.0 is a central attestation component in that chain. Organizations relying on these capabilities should plan for integration with their own key‑management and audit systems, and should validate certifie coverage for compliance audits.

---

Strengths: what Microsoft got right​

• Performance-sensitive cryptography: Local HSMs cut network round trips and materially reduce latency for signing, TLS offload, and high-frequency crypto operations.
• Layered approach: Combining DPUs, integrated HSMs, and silicon roots of trust creates multiple, independent defensive layers rather than a single monolithic appliance.
• Open root of trust: Publishing Caliptra 2.0 accelerates external review and helps customers and partners intekflows.
• Ecosystem pragmatism: Maintaining PCIe HSM options (e.g., Marvell LiquidSecurity) while deploying integrated ASICs gives Azure flexibility to meet diverse customer and compliance needs.

---

Risks, gs to watch​

Certification scope and comparability​

FIPS 140‑3 and other certifications are often firmware, SKU, and region‑specific. Customers should not assume all instaing are certified everywhere — confirmation of SKU and firmware coverage is essential. Microsoft’s move to integrated HSMs does not eliminate thecific certifications for regulatory workloads.

Supply‑chain and manufacturing risk​

Opening a root of trust design is helpful for review, but it also makes architecture details visible. Sufacturing integrity, provisioning controls, and secure supply chain operations as much as on the design itself. Those operational areas remain high‑risk unless tightly managed. Customers should expect Microsoft and partners to emphasize secure provisioning and hardware attestation as part of their service contracts.

Vendor lock‑in and portability concerns​

Tighter integration between hardware, attestation, and cloud service management ccosts for customers who commit to vendor‑specific attestation and HSM workflows. Enterprises with multi‑cloud strategies should evaluate portability and exportability of their cryptographic assets and attestation records. Microsoft’s hybrid model (allowing PCIe modules and customer-managed clusters) mitigates this somewhat, but organizations should model migration scenarios.

The limits of design vs. deployment​

Open designs and strong verification gates do not guarantee flawlelions of devices are deployed. Operational misconfigurations, faulty firmware updates, or localized manufacturing defects can still produce compromises. Continuous testing, red‑teaming, and patch pipelines remain essential.

---

Practical guidance for enterprises and architects​

• Inventory cryptographic dependencies. Start by mapping which applications require low-latency, in-use key protection or FIPS-level guarantees.
• Match SKU to compliance. Confirm specific HSM/firmware SKUs and region coverage before assertits.
• Plan for phased benefit realization. Expect integrated HSM advantages to accrue as new server generations roll in; don’t assume immediate global coverage.
• Prepare attestation and audit integrations. Integrate Caliptra (or similar) attestation logs with SIEM and key‑management systems to ensure traceability.
• Model migration and portability.c migration paths in multi-cloud strategies early to avoid future lock‑in.

---

Broader industry implications​

Microsoft’s approach highlights a broader hyperscaler trend: custom silicon, including DPUs and security ASICs, is moving from proof‑of‑concept into productionized infrastructure. That shift has three major consequences:

• Performance and cost: Purpose-built silicon lets cloud providers optimize power and throughput for specific workloads, improving both latency and operating costs at scale.
• Security models: Hardware-backed attestation and host-level HSMs enable new confidentiality assurances for multi‑tenant clouds, making certain regulated workloads more viable in public cloud.
• Ecosystem bifurcation: Some customers will adopt intind performance, while others will prefer single‑tenant PCIe HSM clusters to retain appliance semantics and portability. Both models will coexist and compete.

---

Final assessment​

Microsoft’s Hot Chips disclosure is notable for its combination of engineering candor and pragmatic ecosystem thinking. The Azure Integrated HSM, paired with Caliptra 2.0 and a DPU strategy, reduces long-standing performance barriers for hardware-backed swhile expanding the range of workloads that can be confidently migrated to Azure. The inclusion of host-attached and PCIe HSM options shows an understanding that one size does not fit all.
However, ome hand‑in‑hand with new operational demands: careful certification checks, supply‑chain assurance, and rigorous lifecycle management are now prerequisites for realizing the promise of integrated hardware security. The open Caliptra design and Microsoft’s veriortant mitigations, but they are not substitutes for disciplined operational security.
For enterprise architects and security teams, the short‑term imperative is practical: update procurement and audit checklists to include host‑level HSM SKUs and attestation capabilities, validate regional certification scopes, and plan for phased rollouts tied to server refresh cycles. In the medium term, expect custom security silicon and DPUs to reshape cloud security baselines, making hardware-backed confidentiality and low‑latency cryptography a standard offering rather than a niche capability.
The bottom line: Microsoft’s hardware security play is not a single product announcement. It’s an architectural shift — a re‑balancing of where trust, detection, and cryptography live in the cloud stack — and it raises the bar for both hyperscalers and enterprises that expect substantive, verifiable protections for data-in-use.

---

Source: ServeTheHome Microsoft Azure Hardware Security to Help Thwart the World's 3rd Largest GDP