Semiconductor & Computer Engineering
| Line 1: | Line 1: | ||
{{amd title|Secure Processor (AMD-SP)}}[[File:amd-sp.png|left|100px]] | {{amd title|Secure Processor (AMD-SP)}}[[File:amd-sp.png|left|100px]] | ||
'''AMD Secure Processor''' ('''AMD-SP''') formerly '''Platform Security Processor''' ('''PSP''') is a tiny [[microcontroller]] [[coprocessor]] integrated within [[AMD]]'s own chips that provide the necessary functionality needed for remote corporate asset management, dedicated security subsystem, and secure booting. The secure processor runs its own secure [[closed-source]] AMD-signed kernel code and provides the majority of crypto-related functionality for AMD's SoCs including key generation and management, validated boot, and various other AMD secure platform features. | '''AMD Secure Processor''' ('''AMD-SP''') formerly '''Platform Security Processor''' ('''PSP''') is a tiny [[microcontroller]] [[coprocessor]] integrated within [[AMD]]'s own chips that provide the necessary functionality needed for remote corporate asset management, dedicated security subsystem, and secure booting. The secure processor runs its own secure [[closed-source]] AMD-signed kernel code and provides the majority of crypto-related functionality for AMD's SoCs including key generation and management, validated boot, and various other AMD secure platform features. | ||
| + | {{clear}} | ||
| + | == Overview == | ||
| + | AMD-SP is a dedicated security processor incorporated into AMD's processors that provides the infrastructure for the security-related functionalities. Unlike a similar solution by Intel's {{intel|Management Engine|ME}} which is integrated into the chipset, AMD-SP is integrated into AMD's actual microprocessor die. AMD-SP itself is an [[ARM]] {{armh|Cortex-A5|l=arch}} core which uses the {{arm|TrustZone}} {{arm|extension}} as the isolated execution environment for their privileged processes and data. | ||
| + | |||
| + | === Functionalities === | ||
| + | * {{x86|Secure Memory Encryption}} | ||
| + | * {{x86|Secure Encrypted Virtualization}} | ||
| + | |||
| + | == Vulnerabilities == | ||
| + | * January 3 2018: [http://seclists.org/fulldisclosure/2018/Jan/12 fTPM Remote Code Execution] | ||
== Secure Coprocessors == | == Secure Coprocessors == | ||
Revision as of 12:23, 6 January 2018
AMD Secure Processor (AMD-SP) formerly Platform Security Processor (PSP) is a tiny microcontroller coprocessor integrated within AMD's own chips that provide the necessary functionality needed for remote corporate asset management, dedicated security subsystem, and secure booting. The secure processor runs its own secure closed-source AMD-signed kernel code and provides the majority of crypto-related functionality for AMD's SoCs including key generation and management, validated boot, and various other AMD secure platform features.
Overview
AMD-SP is a dedicated security processor incorporated into AMD's processors that provides the infrastructure for the security-related functionalities. Unlike a similar solution by Intel's ME which is integrated into the chipset, AMD-SP is integrated into AMD's actual microprocessor die. AMD-SP itself is an ARM Cortex-A5 core which uses the TrustZone extension as the isolated execution environment for their privileged processes and data.
Functionalities
Vulnerabilities
- January 3 2018: fTPM Remote Code Execution
Secure Coprocessors
- Intel: Management Engine (ME)
- AMD: Secure Processor (SP)
- Apple: Secure Enclave Processor (SEP)
