From spring 2022 through to spring 2025, NCC Group has been a member of a collaborative Innovate UK funded project called Quantum Data Centre of the Future (QDCF)[^QDCF]. The objectives of the project included:
- A blueprint for a quantum/classical hybrid data centre
- 6 data-centre compliant, photonic and optical fibre-based quantum computing modules.
- Data-centre compliant quantum communication modules comprising Quantum Key Distribution and Post-Quantum crypto, to secure inter and intra data centre links
- Pivotal components in the future of the quantum internet
- A demonstration of a quantum/classical hybrid data centre, within an actual data centre environment
NCC Group has collaborated with other project members (ORCA Computing and BT) to develop threat models for key quantum data centre capabilities including quantum computing and quantum security. The outputs of this activity were presented alongside other project members at the third and final demonstration day at the UK National Quantum Computing Centre (NQCC) on March 19th.
- ORCA Computing presented on their progress installing their PT series quantum computers in various data centres and research facilities including an overview of some of the use cases being explored by various organisations for research, optimisation and simulation problems.
- BT presented their progress during the course of the project in QKD, quantum networks and architectures.
- University of Bristol delivered a demonstration of entanglement based quantum security within a QDC.
Previous demonstration days [^DEMO1][^DEMO2] have showcased ORCA Computing's PT-1 quantum computer integrated with Machine Learning algorithms, quantum resource estimation tools, QKD integrated with Quantum Random Number Generators (QRNG) and hardware accelerated implementations of Post-Quantum Cryptography (PQC) as well as innovations in delivering quantum memory and a distributed quantum internet.
This blog presents the high level findings of the threat modelling exercise and recommended controls relevant to developers of quantum enabled data centres.
Overview
The QDCF is comprised of different quantum components to deliver new capabilities and benefits both in terms of computing use cases, to enable advanced computation methods not currently feasible with classical computing systems, and security use cases, to protect against the threats of a cryptographically relevant quantum computer able to compromise current widely deployed cryptographic algorithms.
Four separate threat models were developed covering:
- QDCF Architecture
- Quantum Co-Processors
- Quantum Key Distribution (QKD)
- Entropy as a Service (EaaS) provided by a Quantum Random Number Generator (QRNG)
Reviewing the design of these elements allowed NCC Group to build threat models and identify potential threats within the system design which could result in security flaws within the documented systems. The purpose of identifying these threats is to enable researchers and developers to identify and understand potential security risks within their systems and designs and to build interventions into product development at appropriate phases to manage and mitigate risks.
Assessment Summary
Quantum Data Centre of the Future Architecture
The key assets identified in the review of the QDCF architecture included quantum enabled algorithms developed to process data on a quantum computer, customer data passed as inputs to the quantum algorithms, the results of the processing and the quantum processors themselves.
The main threats to consider for QDCF primarily relate to the appropriate protection of customer data from internal and external threat actors and other customers, as well as ensuring the integrity of the quantum computations. This includes the protection of algorithms, input and output data from threats such as account compromise, tampering and deliberate or accidental disclosure and protection of quantum processors from tampering and escalation of privilege. Since quantum processing hardware cannot currently be virtualised, in contrast to classical computing, there is a reliance on the job scheduling and management processes to ensure that the quantum processing environment is securely prepared for each job to avoid data leakage between customer computations.
Quantum Co-Processors
The key assets identified in the review of the Quantum Co-Processor architecture included the quantum hardware, control software (including updates), telemetry data and the customer interface.
The main threats to consider for the Quantum Co-Processor system are related to the confidentiality of the sensitive intellectual property contained within the Control Server software and the hardware design of the Quantum Co-Processor. These threats are relevant both from an unauthenticated external attacker perspective, from an authenticated customer perspective and from a data centre operator perspective so key controls include ensuring robust authentication, secure development practices and tamper protection for the most sensitive hardware components.
Quantum Key Distribution
The key assets identified in the review of the QKD architecture included the hardware used to generate and distribute the keys, the Key Management System (KMS) which stores the keys and the keys themselves.
The main threats to consider for the QKD system are threats related to the availability and confidentiality of the keys generated. Since the benefits of QKD are directly related to the detection of eavesdropping or tampering with the keys being distributed, this is also a potential weak point where they may be more susceptible to denial of service and therefore other controls such as link redundancy might be required depending on the availability requirements of the services being protected. In addition, whilst the keys are protected from tampering during transit between sites thanks to their quantum nature, they still require careful protection when stored in a KMS to avoid key disclosure via channels other than the QKD.
Entropy as a Service
The key assets identified in the review of the EaaS architecture were very similar to those identified in the QKD use case, namely QRNG hardware and generated random numbers, with the addition of an EaaS client and server representing a classical distribution mechanism rather than one reliant on quantum properties.
The main threats to consider for the EaaS system are threats related to the availability and confidentiality of the keys generated by the QRNG end to end, from generation to delivery to the EaaS clients. Since the random numbers form the foundation of the client's ability to communicate securely with other services, any compromise of the random numbers could lead to a weakening of the security of any interactions reliant on them.
Strategic Recommendations
Common themes emerged in the controls recommended to ensure the security of the systems and data in scope of the threat modelling:
- Robust authentication methods and implementing principles of least privilege to protect data and processes from deliberate or accidental tampering or disclosure.
- Encryption and integrity protection for quantum processed or generated data in transit and at rest.
- Security monitoring for detection, prevention and forensic analysis.
- Physical security including tamper evident or tamper proof controls for the most critical intellectual property present in hardware components
- For quantum security applications such as QKD and EaaS consider the impact on security of a loss of availability and whether Denial of Service (DoS) attacks need to be mitigated through improved resilience and redundancy.
- Implement secure coding practices, patch management and utilise penetration testing to minimise the risk of elevation of privileges on systems containing, or adjacent to, sensitive intellectual property such as quantum algorithms, control software and customer data.
- Implement code signing, encryption and secure boot processes to protect the integrity and confidentiality of key software components and their updates.
Ultimately, using secure by design principles and incorporating activities including threat modelling into the earlier design stages of a quantum system, be it quantum computing or quantum security, will help to ensure that the system is deployed and operated securely, significantly reducing risks to operators and customers alike.
[^DEMO1]: Quantum Data Centre of the Future Demonstration and Feedback Day (NCC Group)
[^DEMO2]: Quantum Data Centre of the Future Demonstration Day (PQShield)
[^QDCF]: The quantum data centre of the future - Innovate UK