AMD Security Processor

from Wikipedia, the free encyclopedia

The AMD Platform Security Processor ( PSP ), officially known as AMD Secure Technology , is a Trusted Execution Environment Subsystem that has been built into AMD microprocessors since around 2013 . According to an AMD development guide, the subsystem is " responsible for creating, monitoring and maintaining the security environment " and " its functions include managing the boot process, initializing various security mechanisms and monitoring the system for suspicious activities or events and is the appropriate answer to this. "

Critics are concerned it is a backdoor and a security risk. AMD has rejected requests to disclose the source code running on the PSP .

The PSP is similar to the Intel Active Management Technology for Intel processors . The PSP itself is an ARM processor core on the CPU which is integrated.

history

In September 2017, the Google security researcher Cfir Cohen pointed out a vulnerability in AMD's PSP subsystem that allows an attacker to steal passwords, certificates and other sensitive information. It was rumored that a patch will be made available to providers in December 2017.

In March 2018, an Israeli IT security company announced a handful of alleged serious flaws in AMD's Zen architecture CPUs ( EPYC , Ryzen , Ryzen Pro, and Ryzen Mobile) in relation to the PSP that could allow malware to run and access to get sensitive information. AMD has announced firmware updates to address these deficiencies.

While there have been allegations that the deficiencies were for market manipulation, their validity has been confirmed from a technical point of view by independent security experts who reviewed the disclosures.

Web links

Individual evidence

  1. a b c AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code . July 19, 2017 .: "This chip is found on most AMD platforms from 2013 on, and behaves much like Intel's Management Engine does [...] The rather blunt realization that PSP wasn't being open sourced came out during a discussion with AMD top brass about EPYC. "
  2. BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors (PDF) AMD . 2016.
  3. NSA could have planted permanent backdoors in Intel and AMD chips. Retrieved January 25, 2019 .
  4. Expert Says NSA Have Backdoors Built Into Intel And AMD Processors . eteknix.com. July 2013. Retrieved January 19, 2018. AMD Reportedly Allows Disabling PSP Secure Processor With Latest AGESA . December 7, 2017 .: "This built-in AMD Secure Processor has been criticized by some as another possible attack vector ..."
  5. Libreboot FAQ .: "The PSP is an ARM core with TrustZone technology, built onto the main CPU die."
  6. ^ Security issue found in AMD's Platform Security Processor . January 8, 2018.
  7. Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online . January 6, 2018.
  8. A raft of flaws in AMD chips makes bad hacks much, much worse . Ars Technica . March 13, 2018.
  9. AMD promises firmware fixes for security processor bugs All bugs require administrative access to exploit . Ars Technica . 20th March 2018.
  10. ^ Initial AMD Technical Assessment of CTS Labs Research . AMD Community. March 21, 2018.
  11. https://www.gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs
  12. https://seekingalpha.com/article/4157242-amd-cts-labs-story-failed-stock-manipulation?page=2
  13. ^ "AMD Flaws" Technical Summary .