ICSF system resource planning for random number generation

Several ICSF callable services support psuedo-random number generation on behalf of system and application requests. ICSF's random number generation implementation utilizes a minimum virtual storage footprint of 256 kilobytes. To avoid system paging overhead, installations should plan for 256 kilobytes of central storage to back this footprint. This should be sufficient for most workloads, but for some workloads that are excessively heavy with multitasking random number generation requests, ICSF may dynamically extend that footprint 64 kilobytes at a time to optimize random number request handling.

In some cases, the system or application random number request may require that FIPS (Federal Information Processing Standards) certified random content be provided. In other cases, FIPS certified random content is not required. In either case, ICSF may employ one of multiple techniques to derive the random content. For both FIPS certified random content and for non-FIPS certified random content, the availability of CCA and/or PKCS #11 coprocessors enables ICSF to derive the random content without imposing significant CPU overhead on the system. Either type of coprocessor can be exploited for non-FIPS certified content, but only a PKCS #11 coprocessor can be used to avoid CPU cycles for FIPS certified random content.

Installations may wish to plan for CCA and/or PKCS #11 coprocessor availability to avoid potentially excessive CPU cycles being exhausted on random number content generation.