Computing is moving to the cloud. So will design of electronic systems. The cloud is shifting the computing paradigm once again, and with that, the electronic design automation landscape is changing as well.
EDA is entering a new phase.
nCloud, EDA’s first secure and scalable cloud computing solution, is igniting this new phase. Utilizing nCloud, solutions to even the most complex designs can be delivered cost-effectively in near real time.
nCloud offers multiple advantages
- On-demand provisioning of computing resources in minutes, with virtually unlimited scalability
- A highly secure compute platform
- Resources to exploit parallelism at the tool and at the design-methodology level
- An easy-to-use design environment with pre-installed and ready-to-run design tools
- Reduced need for on-premises hardware IT infrastructure
- Reduced need for upfront purchase of EDA licenses
- A cost-effective pay-for-use and pay-as-you-go software-as-a-service (SaaS) model
Simply put, large-scale commodity computing (millions of servers) delivered through the Internet are better than small compute centers, regarding virtually every criteria: Cost, scalability/performance, availability of service, utilization, security, provisioning, ease of use/maintenance and need for qualified IT personnel. The cloud enables delivery of hosted software, platforms and infrastructure as a service.
The advantages of the cloud for designing integrated circuits, packages and boards are obvious. Imagine designing in a server farm, having access to a virtually unlimited number of computers, being able to run as many parallel jobs as necessary, provisioning new servers in minutes, exploiting parallelism in tools to get your jobs done with minimum turn around time. No need to purchase computers or tools upfront, installing them, maintaining them. All you need is an Internet connection. And you pay just for what you use, as you go.
nCloud – Nimbic’s cloud solution
nCloud is Nimbic’s cloud solution. It consists of a Web portal to access the services, infrastructure to host and deliver the software that constitutes nWave and nApex.
To use nCloud, the customer logs in through the portal and establishes an account. The instance n (a virtual machine running in the cloud), which belongs to Nimbic, then instantiates a persistent virtual machine p, dedicated to the customer (of exclusive use by the customer, no one else has access to it). The customer uses the services, in our case runs nWave, by communicating with p. p instantiates as many additional virtual machines (the cluster) as necessary to execute the jobs submitted by the customer to p. Results are collected by p and sent to the customer. p is persistent for as long as the customer purchases services (“has an account”).
When a customer needs to submit a job, communication is established with the persistent instance p, which is running in the cloud. Communication happens at Internet speed, usually in tens to hundreds of milliseconds as determined by the latency and bandwidth of the connection. There is no new machine to provision. Once a job is submitted, p will provision the virtual machines necessary to execute the job. Typically this happens in minutes. Provisioning is straightforward and is done by the end user. If a project requires a spike of jobs to be run at a given time, additional licenses (services) can be purchased on a short-term basis and provisioned in minutes.
Parallelism and scaling
Using nCloud, the customer can run as many jobs in parallel as purchased. Running n jobs in parallel costs the same than running them sequentially (at the granularity of the service, in our case one hour): Running 10 jobs during a day costs the same than running 1 job during 10 days. In addition, design tools such as nWave can exploit parallelism: by running many instances in parallel a job is accelerated. nCloud will allocate machines in the cluster to speed up a job according to how many copies a customer wishes to dedicate to a given job. In this way, a job that may take many days on one machine can be completed in hours by using dozens of machines in parallel. Jobs that take hours finish in a few minutes.
nCloud has been engineered with security in mind. The implemented security mechanisms can be divided into three groups: Isolation, security of data in transit and security of data at rest.
Each Customer account is allocated a dedicated private virtual machine p that is isolated from the world. After being instantiated by the Nimbic n instance, login is disabled and the customer generates a key pair to communicate with p. The only mode of communication is through data transfer via SSL. p autonomously governs all communications, autonomously allocates a private compute cluster for performing parallel tasks, submits the parallel jobs and collects results for the customer and finally autonomously shuts down the cluster when it is not needed. Additionally, p can be configured to only receive data from a fixed IP address. Summarizing, p is a virtual machine running somewhere in the Amazon cloud, with login disabled, only exchanging data encrypted with a customer owned key via SSL, autonomously executing a limited number of tasks. All Customer specific data, communication, and computations are completely isolated in dedicated virtual instances.
For data in transit, all data uploads and downloads to the Amazon cloud are done using secure transfer utilizing RSA key pairs. The customer locally generates and uploads public keys but the private keys stay known only to the customer. Inside the of Amazon cloud, all data transfers are among virtualized machines, so that it is practically impossible to packet sniff. In addition, all data exchange is done with secure protocols (SSH) using locally generated key-pairs known only on the customer dedicated compute instances.
The data at rest in the cloud is stored only on local “ephemeral” disks, which belong to an instance and are wiped once the instance is terminated. In addition the ephemeral disk is mounted as an encrypted drive that uses a locally generated random key at boot time that is not stored on disk. The format used does not signal that encrypted data is present. Data on the persistent p customer instance is not archival, it is deleted on request from the local ephemeral disk. The customer needs to retrieve and store this data with the option to encrypt and store it on persistent storage in the cloud.
nCloud supports a flexible licensing model, ranging from hourly pay-as-you-go software-as-a-service (SaaS) licensing to longer term subscriptions such as monthly or annual.