Cadence.com will be under maintenance from Friday, Oct. 3rd at 6pm (PST) thru Sunday, Oct 5th at 11pm (PST).
Cadence.com login, registration, community posting and commenting functionalities will be disabled.
Home > Community > Blogs > Functional Verification > dvcon 09 saas panel thoughts part 2
 
Login with a Cadence account.
Not a member yet?
Create a permanent login account to make interactions with Cadence more convenient.

Register | Membership benefits
Get email delivery of the Functional Verification blog (individual posts).
 

Email

* Required Fields

Recipients email * (separate multiple addresses with commas)

Your name *

Your email *

Message *

Contact Us

* Required Fields
First Name *

Last Name *

Email *

Company / Institution *

Comments: *

DVCon '09 SaaS Panel Thoughts, Part 2

Comments(1)Filed under: Functional Verification, DVcon, SaaS, Harry The ASIC Guy, security

In my last post on the DVCon 2009 panel on Software As A Service, or "SaaS" as it applies to EDA, recall that the main issues that came up were:

* Security
* EDA applications that can clearly benefit from SaaS
* Bandwidth needs
* Configuration control
* Dealing with and/or migrating legacy flows & data

Of these issues, the panelists uniformly reported that security is *always* the first thing that prospects ask about SaaS.  Reinforcing the primacy of this issue was the fact that nearly all the initial questions from the audience were about security as well.  Unfortunately I missed out on some of this discussion because I was multi-tasking with my laptop to check on the status of my mortgage refinancing, and seeing how badly my stock portfolio was beaten down that day ....

I'm KIDDING!!!  The panel was way too engaging to be tempted by such distractions, and my point is that even 5 years ago many consumers were still fearful of doing any kind of financial transaction over the internet, vs. today where hardly anyone gives it a second thought.  While I don't mean to trivialize security concerns, I assert that with the proper stewardship, SaaS security risks can be managed to the same extent they are today on existing platforms.

For starters, at Cadence we have a well thought out, easy-to-use set of procedures to manage sensitive data (the "Label, Log, Secure" program, complete with annual refresher training and enhancements based on real world feedback) that's similar to procedures used in my past life in aerospace.  Of course any vendor that needs to manage access to sensitive data -- which is to say all vendors in EDA -- have similar procedures I'm sure, for the same reasons all our customers do as well.  In short, there is no lack of experience or ongoing motivation in the EDA industry as a whole to extend the same security programs used on current platforms to SaaS solutions.

In fact, one could argue that the bulk of EDA work is already being done with "internal SaaS" today.  Specifically, I'd say 95% of the customers I visit enable their engineers to do EDA work from their homes, or while traveling, via their company's VPN.  (Recall this video showing how you can securely control EDA tools with a smart phone via a VPN).  In effect, many EDA customers are already doing their own flavor of secure cloud computing, where the end users working "outside the plant" are largely ignorant of where exactly the CPUs they are using are physically located.  Furthermore, by hosting most of their sensitive data in physically secure locations, customers and EDA vendors alike are already guarding against the danger of an employee's laptop being stolen and other common physical security risks.

Add up all of the above, and you have to imagine that it's only a matter of time before the folks in the Customers' Finance & Purchasing departments start to wonder where exactly the "make vs. buy" line lies for their IT infrastructure (that burns obscene amounts of electricity and HVAC resources, not to mention obsoletes itself every 18 months) vs. outsourcing all of that.  This is not to say that SaaS is or will be automatically cheaper than traditional, "home-based" solutions.  In fact, some of the comments from the panel and audience noted that SaaS offerings today can be visibly more expensive in the longer term than home-based solutions, but I digress ...

Assuming security risks for SaaS can be managed to the same or greater standards as existing platforms, this brings us to the next big issue, and subject of a future blog post, "what EDA applications can clearly benefit from SaaS"?  Stay tuned ...


Reference Links:
The last 4 frames of this set are photos from the DVCon 2009 SaaS panel: http://www.flickr.com/photos/24605532@N08/sets/72157614375923457/

What Cadence offers in the SaaS space today (in short, pretty much our whole line of products and services):
http://www.cadence.com/products/hds/Pages/Default.aspx

Panel moderator Harry "The ASIC Guy" Gries' site/blog:
http://theasicguy.com

Comments(1)

By James Colgan on March 23, 2009
Keen observations Joe - thank you.  "Private Clouds" are indeed employed today all over the world.  And those Clouds are made available to external service providers on a regular basis.  In essence, "security concerns" are valid questions to raise, but as with any new technology adoption more than just the technical solution is needed before some people *believe* the answer.  We at Xuropa (www.xuropa.com) have the technology to enable SaaS/Cloud Computing solutions for EDA and look forward to discussing with interested parties.  I'm curious as to what you see as early adopter applications.  Here are my thoughts on this: Cloud Computing, SaaS and Electronic Design: www.xuropa.com/.../cloud-computing-saas-and-electronic-design-part-3

Leave a Comment


Name
E-mail (will not be published)
Comment
 I have read and agree to the Terms of use and Community Guidelines.
Community Guidelines
The Cadence Design Communities support Cadence users and technologists interacting to exchange ideas, news, technical information, and best practices to solve problems and get the most from Cadence technology. The community is open to everyone, and to provide the most value, we require participants to follow our Community Guidelines that facilitate a quality exchange of ideas and information. By accessing, contributing, using or downloading any materials from the site, you agree to be bound by the full Community Guidelines.