AMD Secure Processor (AMD-SP) formerly Platform Security Processor (PSP) is a tiny microcontroller coprocessor integrated within AMD's own chips that provide the necessary functionality needed for remote corporate asset management, dedicated security subsystem, and secure booting. The secure processor runs its own secure closed-source AMD-signed kernel code and provides the majority of crypto-related functionality for AMD's SoCs including key generation and management, validated boot, and various other AMD secure platform features.

Overview

AMD-SP is a dedicated security processor incorporated into AMD's processors that provides the infrastructure for the security-related functionalities. Unlike a similar solution by Intel's ME which is integrated into the chipset, AMD-SP is integrated into AMD's actual microprocessor die. AMD-SP itself is an ARM Cortex-A5 core which uses the TrustZone extension as the isolated execution environment for their privileged processes and data.

Functionalities

• Secure Memory Encryption
• Secure Encrypted Virtualization

Vulnerabilities

• January 3 2018: fTPM Remote Code Execution

Secure Coprocessors

• Intel: Management Engine (ME)
• AMD: Secure Processor (SP)
• Apple: Secure Enclave Processor (SEP)