SS02-0B00-02: Broadcom PEX88096 PCIe Gen4 Switch Guide

SS02-0B00-02: The Two Digits That Make This 98-Lane PCIe Switch a Data Center Security Device, Not Just a Fabric Chip

The Broadcom PEX88096 PCIe Gen4 switch family is available in two closely related ordering codes: SS02-0B00-00 and SS02-0B00-02. The hardware is the same die. The lane count is the same — 96 active lanes, 98 logical ports. The latency is the same — 105 nanoseconds. The footprint is the same — a 37.5 × 42.5 mm BGA package consuming approximately 36 watts.

The -02 suffix adds Secure Boot. That two-character suffix means the switch's embedded firmware can be cryptographically verified before execution — preventing a class of supply chain attacks where a counterfeit or tampered switch is loaded with modified firmware that silently intercepts or manipulates PCIe traffic between hosts, accelerators, and storage.

In a 2020-era data center, this distinction was largely academic. In a 2024-era AI cluster where a single server rack may have eight high-value GPU accelerators interconnected through a PCIe fabric switch, with the switch firmware running an embedded management CPU that has visibility into all traffic flowing through 98 ports, the security of that firmware is no longer academic. A compromised PCIe switch in an AI training cluster is a man-in-the-middle position on every data movement between compute and storage. Secure Boot is the mechanism that ensures the firmware executing at that position is the firmware Broadcom built and signed, not a modification.

This guide covers what SS02-0B00-02 is, what its architecture enables, and why the specific combination of 98 ports, Non-Transparent Bridging, and Secure Boot defines its application domain.

---

1.0 Part Number Decoded: SS02-0B00-02

Broadcom's PEX88000 series ordering part numbers follow a structured convention distinct from their networking IC numbering. Here is the complete decode for SS02-0B00-02:

SS — Product family prefix: SS = Broadcom's PCIe Switch and ExpressFabric product line designator (as opposed to BCM which is their Ethernet networking prefix)

02 — Device density/lane count tier within the PEX88000 series:

• SS02 = 98-lane / 98-port → maps to PEX88096
• SS03 = 82-lane / 82-port → maps to PEX88080
• SS04 = 66-lane / 66-port → maps to PEX88064
• SS05 = 50-lane / 50-port → maps to PEX88048

-0B — Silicon revision: B = B-stepping (the current production revision of the PEX88096 die)

00 — Configuration variant:

• The primary product configuration code within this device family

-02 — Security variant: 02 = Secure Boot enabled

• -00 = Standard (no Secure Boot)
• -02 = Secure Boot enabled — firmware cryptographic authentication before execution

The full marketing part number that corresponds to SS02-0B00-02 is PEX88096B0-2-DB:

• PEX88096 = product family and lane count
• B0 = B-stepping, revision 0
• 2 = Secure Boot enabled variant
• DB = Development Board / production silicon ordering designation

Packaging: Tray (54 units per tray). No tape-and-reel option for this device class — it is exclusively for system integrators and OEMs building servers, AI compute platforms, and storage arrays, not for distribution to end-consumers.

---

2.0 Specifications at a Glance

From Broadcom's PEX88000 series product brief (BC-0484EN) and PEX88096 product page:

PCIe switching fabric:

• Total lanes: 96 active PCIe Gen4 lanes (plus 2 management lanes = 98 total)
• Total ports: 98 logical ports (each port configurable as ×1, ×2, ×4, ×8, ×16)
• PCIe generation: Gen4 (16 GT/s per lane, 2× the bandwidth per lane of Gen3)
• Aggregate bidirectional bandwidth: 96 lanes × 16 GT/s × 2 bytes/transfer = approximately 3.07 TB/s full-duplex
• Switch latency: 105 ns (cut-through forwarding)
• Non-Transparent Bridge (NTB) ports: Up to 48 NT ports — enables multi-host communication between independent root complexes

Advanced features:

• DMA engines: 4 independent DMA channels — enables peer-to-peer data movement between endpoints without host CPU involvement
• Hot-plug controllers: Per-port hot-plug and surprise-plug support
• Downstream Port Containment (DPC): Fault isolation — a device error on one downstream port is contained to that port without propagating to the switch fabric
• Spread Spectrum Clock Isolation (SSC): Allows mixing of SSC and non-SSC clock sources across ports
• SRIS/SRNS/ClkS: Separate Reference Clock with Independent SSC/SRNS/ClkS support
• MSI-X: Message Signaled Interrupts Extended for efficient interrupt handling
• Embedded management CPU: On-chip processor running Broadcom's Switchtec management firmware
• Security (SS02-0B00-02 specific): Secure Boot — cryptographic verification of firmware before execution

Power and package:

• Typical power consumption: 35.78W at full load (PCIe Gen4, all ports active)
• Package: BGA, 37.5 mm × 42.5 mm body
• Operating temperature: 0°C to +70°C junction (commercial grade)
• Supply voltage: Multiple rails (PCIe switch ASICs require complex power sequencing — see Section 5)
• RoHS: Compliant (RoHS3)
• Lifecycle status: Active

---

3.0 How PCIe Switches Work: NTB, ExpressFabric, and Multi-Host Architecture

Standard PCIe topology (tree, one root complex):

In a standard PCIe topology, one root complex (the CPU's PCIe controller) sits at the top of a tree. PCIe switches extend the tree downward — one upstream port connects to the root complex, multiple downstream ports connect to endpoint devices (GPUs, SSDs, NICs). All traffic flows through the switch fabric, but there is one addressing domain and one host in control. This is how a desktop PC's PCIe topology works: one CPU sees all M.2 SSDs and PCIe GPU slots through a PCIe switch or direct root complex connections.

The problem with one-host topologies for AI clusters:

An AI training cluster may have 8 GPUs and 4 NVMe SSDs. If all 12 devices are behind a single PCIe switch and one host CPU, the CPU becomes the traffic cop for all GPU-to-SSD and GPU-to-GPU communication. More practically: two CPUs (dual-socket server) each want direct access to 4 of the 8 GPUs without going through the other CPU's memory bus. Standard PCIe trees cannot do this — two root complexes cannot share the same PCIe address space without a bridging mechanism.

Non-Transparent Bridging (NTB) — the key to multi-host:

The PEX88096's 48 NTB-capable ports solve the multi-host problem. An NTB port presents an opaque "non-transparent" boundary between two independent PCIe domains. From the perspective of each host, the NTB appears as a normal PCIe endpoint (a BAR-mapped device). Behind the NTB, the other host's devices are accessible through shared memory windows that are explicitly programmed. Neither host can enumerate the other host's address space directly — they communicate through managed shared memory regions.

This enables architectures like:

• Two CPU hosts each accessing 4 dedicated GPUs plus 4 shared GPUs through NTB boundaries
• A management CPU with full switch visibility (via the embedded management port) while compute CPUs see only their assigned devices
• Disaggregated storage: a storage server exposes NVMe namespaces through NTB to multiple compute hosts, each of which sees the NVMe as a local PCIe device

Broadcom ExpressFabric:

ExpressFabric is Broadcom's software and management framework built on top of the PEX88000 hardware NTB capability. It adds dynamic reconfiguration (reassigning port connectivity without physical cable changes), shared-memory peer-to-peer communication APIs, and centralized topology management through the embedded management CPU. The management CPU runs Switchtec firmware that handles topology discovery, error containment, and configuration; this is the firmware that Secure Boot protects in the SS02-0B00-02 variant.

---

4.0 ⚠️ Four Pitfalls in PEX88096 Designs

Pitfall 1: Treating all 98 ports as equivalent and independently configurable

The 98 ports of the PEX88096 are not all identical in capability or configuration flexibility. Some ports are designated for upstream (root complex) connections, others for downstream (endpoint) connections, and up to 48 can be configured as NTB ports. The port type assignments are partially fixed by hardware and partially configurable through Switchtec firmware. A system design that assumes any port can function as any type — upstream, downstream, NTB — without consulting Broadcom's port configuration guide will encounter constraints during bring-up that require hardware revision. Map the required port types against the PEX88096's port capability matrix before finalizing the PCB topology.

Pitfall 2: Underestimating the power delivery complexity for a 36W BGA device

The PEX88096 consumes approximately 36W in full operation. This power is delivered across multiple supply rails — PCIe switch ASICs typically require separate core voltage (0.9V or similar), I/O voltage (1.8V), and reference voltage rails, each requiring careful sequencing. The large 37.5 × 42.5 mm BGA package has hundreds of power and ground balls that must be decoupled individually. A power delivery network with inadequate bulk capacitance or insufficient decoupling bandwidth produces intermittent link training failures and lane errors that are difficult to distinguish from signal integrity problems. Use Broadcom's reference design power delivery schematic from the evaluation board as the starting point, not a from-scratch design.

Pitfall 3: Confusing SS02-0B00-00 and SS02-0B00-02 when sourcing replacement stock

The -00 and -02 variants are physically identical packages with the same pin-out. A system designed for -02 (Secure Boot) will function with a -00 part loaded but the Secure Boot verification chain will be broken — the switch will boot but without verifying firmware integrity. In a security-certified data center deployment, running -00 hardware in a -02 slot violates the security posture. In a non-security-critical deployment, the -00 is functionally equivalent. Verify the ordered variant code (specifically the last two digits of the ordering part number) before accepting inventory for production.

Pitfall 4: Attempting to manage the PEX88096 without the Switchtec driver

The embedded management CPU inside the PEX88096 runs Switchtec firmware that handles topology configuration, port state management, error handling, and diagnostic reporting. This firmware communicates with the host through a dedicated management port (a PCIe endpoint presented by the switch's management CPU to the host's root complex). Managing the switch — reading port status, configuring NTB windows, initiating DMA operations, updating firmware — requires the Switchtec kernel driver (available in mainline Linux as the switchtec module from kernel 4.11 onward). A system bring-up that does not load the Switchtec driver has no mechanism to configure NTB, diagnose link errors, or update switch firmware. Without the Switchtec driver, the switch fabric operates in default mode but complex configurations (NTB, DMA, port partitioning) are inaccessible.

---

5.0 System Design Notes: Power, PCB, and Management

Power supply sequencing:

PCIe switch ASICs require a defined power-up sequence. For the PEX88096, consult Broadcom's evaluation board schematic (available under NDA through authorized distribution) for the specific sequence. The general principle: core voltage must ramp before I/O voltage, and both must be stable before PCIe reference clock is applied and before PERST# is deasserted. Violating the power sequence order can permanently damage the device or cause it to enter an unrecoverable state requiring cold power cycle.

PCB requirements for 37.5 × 42.5 mm BGA:

A package of this size with multiple power planes and high-speed PCIe Gen4 signals (16 GT/s, 8 GHz Nyquist) requires a minimum 12-layer PCB with dedicated power planes for each supply rail. PCIe Gen4 signal integrity requirements: 85-100 Ω differential impedance for differential pairs, matched length within ±10 mil within a lane, ±500 mil between lanes in a port, no stubs, via design using backdrilling or blind/buried vias for high-layer count boards. Reference Broadcom's PCIe Gen4 signal integrity application note and use a 3D electromagnetic simulation tool to verify the PCIe connector breakout region before tape-out.

Thermal management:

At 36W in a dense server chassis, the PEX88096 requires a heatsink with direct airflow. At typical data center ambient (40-45°C air inlet), with 36W and θJA target of approximately 1-2°C/W from case to ambient, a dedicated heatsink with 30-50 CFM direct airflow or a cold plate for liquid-cooled chassis is required. The switch's embedded temperature sensor (readable via Switchtec) should be monitored and used as a thermal throttling trigger in the management software.

Switchtec management interface:

The embedded management CPU exposes a management endpoint to the host PCIe bus. The Linux switchtec driver enumerates this endpoint and provides sysfs and ioctl interfaces for:

• Firmware update (switchtec-nvram)
• Port status and error counters
• NTB window configuration
• DMA engine control
• Temperature and power monitoring

For systems with Secure Boot (SS02-0B00-02), firmware updates must be signed with Broadcom's private key. Only firmware images obtained through Broadcom's authorized channel will pass the Secure Boot verification.

---

6.0 Comparison: SS02-0B00-02 vs -00 vs Competing PCIe Switches

Within the PEX88000 series (SS02-0B00-xx variants):

Part	Description	Secure Boot	Use case
SS02-0B00-02	PEX88096, 98-lane, Secure Boot ✅	Yes	Security-critical AI/HPC clusters, confidential computing
SS02-0B00-00	PEX88096, 98-lane, standard	No	Standard data center, dev/test

PEX88000 series by lane count (all -00 suffix, no Secure Boot):

Part	Device	Lanes	Ports	Typ. Power	Package
SS02-0B00-02	PEX88096	98	98	35.78W	37.5×42.5mm
SS03-0B00-00	PEX88080	82	82	30.98W	37.5×42.5mm
SS04-0B00-00	PEX88064	66	66	26.12W	37.5×42.5mm
SS05-0B00-00	PEX88048	50	50	18.81W	27×24mm

vs Microchip Switchtec PSX Gen4:

Parameter	Broadcom PEX88096	Microchip Switchtec PSX Gen4
Max lanes	98	100
Max ports	98	52
NTB ports	48	48
DMA channels	4	Multiple
Embedded CPU	Yes (Switchtec-compatible)	Yes (MIPS processor)
Secure Boot	Yes (-02 variant)	Yes
Switch latency	105 ns	Similar
Linux driver	switchtec (mainline)	switchtec (mainline)
Package size	37.5×42.5mm	Various

Both Broadcom and Microchip PCIe switches use the switchtec Linux kernel driver (Microchip acquired Microsemi which developed the Switchtec architecture; Broadcom licensed compatible management firmware). For systems already using Switchtec-based tools, both vendors' hardware integrates with the same software stack.

---

7.0 Sourcing SS02-0B00-02

The SS02-0B00-02 is an active Broadcom production part with a manufacturer lead time of approximately 50 weeks at standard distribution (as indicated in distributor listings). Broadcom sells PCIe switch ICs exclusively to OEMs and system integrators through authorized distribution (Arrow, Avnet) — there is a strict no-brokers policy on new production. The part is not stocked at DigiKey for immediate shipment; orders go to Broadcom and ship when manufactured.

Lead time management: The 50-week lead time reflects Broadcom's fabless manufacturing model and capacity allocation for this high-complexity device. Design-in customers with volume commitments can negotiate priority allocation. For time-critical projects, engage Broadcom's field application engineering team directly for allocation support.

Counterfeit risk: Large BGA PCIe switch ICs are difficult to counterfeit functionally (the internal complexity makes simulation of the management firmware impractical), but package remarking of lower-lane devices as PEX88096 is a documented risk. Verify via Switchtec firmware query: the switchtec info command reports the device model, firmware version, and security configuration — a genuine PEX88096 with Secure Boot will report correctly; a remarked lower-tier device will not.

For verified authentic Broadcom SS02-0B00-02 inventory with competitive pricing and traceability, visit aichiplink.com.

---

8.0 Real Questions from System Architects

Q: We need to connect 8 NVIDIA H100 GPUs and 2 host CPUs to a shared NVMe storage pool using a single PCIe switch. Can SS02-0B00-02 support this topology, and how many NTB ports would be required?

A: Yes, this is a well-suited use case for the PEX88096. A typical topology: Host CPU 1 connects via one upstream port (×16). Host CPU 2 connects via a second upstream port (×16). Each H100 GPU (supporting PCIe Gen4 ×16) connects via one downstream port per GPU (8 × ×16 downstream ports = 128 lanes, which exceeds the 96 available lanes on the PEX88096 if all are ×16). In practice, H100 GPUs in NVLink-configured clusters use PCIe ×16 to the switch for storage I/O only, and direct NVLink for GPU-to-GPU traffic — this reduces the PCIe bandwidth requirement per GPU. The NVMe storage pool connects via downstream ports. NTB ports needed: at minimum 2 (one between Host CPU 1's domain and Host CPU 2's domain), potentially more depending on whether each host needs isolated access to specific GPU groups. The exact topology requires detailed port allocation planning using Broadcom's ExpressFabric configuration tool.

Q: The Secure Boot feature in SS02-0B00-02 — does it protect against runtime attacks on the switch firmware, or only against tampering before power-up?

A: Secure Boot in the PEX88096 context verifies the firmware image's cryptographic signature at boot time, before the embedded management CPU begins executing the firmware. This protects against: (1) supply chain attacks where modified firmware is loaded onto the switch before delivery; (2) physical access attacks where a malicious actor updates the switch firmware directly via JTAG or flash programming. It does not protect against: runtime exploitation of vulnerabilities in the Switchtec firmware itself (a memory corruption bug in the running firmware is not prevented by Secure Boot); side-channel attacks on the PCIe fabric traffic; or software-layer attacks through the host management interface. Secure Boot provides firmware integrity assurance at the boot stage — it is one layer of a defense-in-depth security architecture, not a comprehensive security solution.

Q: Can the PEX88096's 4 DMA engines be used for GPU-to-NVMe direct data movement without involving the host CPU?

A: Yes, and this is a primary use case for the on-switch DMA capability. The DMA engines in the PEX88096 can be programmed to move data between any two PCIe-attached devices visible to the switch — including from an NVMe SSD's namespace directly to a GPU's BAR-mapped memory — without issuing any DMA commands through the host CPU's PCIe DMA hardware. The management CPU programs the DMA descriptor, the DMA engine executes the transfer, and completion is signaled via MSI-X to the host management software. This "peer-to-peer DMA" capability is particularly valuable for AI training data loading pipelines where NVMe → GPU transfers would otherwise bottleneck on host CPU bandwidth. The GPUDirect Storage (GDS) technology used in NVIDIA's CUDA ecosystem leverages exactly this capability — though GDS in practice uses the GPU's own DMA engines rather than the switch's; the switch DMA provides an alternative path for management-plane initiated transfers.

---

9.0 Quick Reference Card

Part Number Decode:

Field	Value	Meaning
SS	SS	Broadcom PCIe Switch / ExpressFabric family
02	02	98-lane density → PEX88096
0B	0B	B-stepping silicon revision
00	00	Base configuration
-02	-02	Secure Boot enabled

Key Specifications:

Parameter	Value
PCIe generation	Gen4 (16 GT/s per lane)
Active lanes	96
Total ports	98
NTB ports (max)	48
Switch latency	105 ns
DMA engines	4
Aggregate bandwidth	~3.07 TB/s full-duplex
Typical power	35.78W
Package	37.5 × 42.5 mm BGA
Temperature	0°C to +70°C
Secure Boot	Yes (−02 variant)
Linux driver	switchtec (kernel 4.11+)

-00 vs -02 — The Only Difference That Matters:

	SS02-0B00-00	SS02-0B00-02
Die	Same	Same
Lanes / Ports	98 / 98	98 / 98
Secure Boot	No	Yes
Firmware signing	Not required	Required (Broadcom key)
Use case	Standard data center	Security-critical AI/HPC

PEX88000 Series Lineup:

Part	Lanes	Typ. Power	Best for
SS02-0B00-02	98	35.78W	Maximum density + Secure Boot
SS03-0B00-00	82	30.98W	Large-scale fabric
SS04-0B00-00	66	26.12W	Mid-size compute node
SS05-0B00-00	50	18.81W	Smaller platform

When to choose SS02-0B00-02: Confidential computing platforms, AI cluster with security requirements, multi-host GPU sharing architectures requiring maximum NTB port count, any deployment where firmware integrity verification is a compliance requirement.

---

For sourcing Broadcom SS02-0B00-02 with verified authenticity and competitive pricing, visit aichiplink.com.

Search Broadcom SS02-0B00-02 Stock Now

 

 

 

 

 

Written by Jack Elliott from AIChipLink.

 

AIChipLink, one of the fastest-growing global independent electronic   components distributors in the world, offers millions of products from thousands of manufacturers, and many of our in-stock parts is available to ship same day.

 

We mainly source and distribute integrated circuit (IC) products of brands such as Broadcom, Microchip, Texas Instruments, Infineon, NXP, Analog Devices, Qualcomm, Intel, etc., which are widely used in communication & network, telecom, industrial control, new energy and automotive electronics. 

 

Empowered by AI, Linked to the Future. Get started on AIChipLink and submit your RFQ online today!