AMD Platform Security Processor


The AMD Platform Security Processor, officially known as AMD Secure Technology, is a trusted execution environment subsystem incorporated since about 2013 into AMD microprocessors. According to an AMD developer's guide, the subsystem is "responsible for creating, monitoring and maintaining the security environment" and "its functions include managing the boot process, initializing various security related mechanisms, and monitoring the system for any suspicious activity or events and implementing an appropriate response". Critics worry it can be used as a backdoor and is a security concern. AMD has denied requests to open source the code that runs on the PSP.
The PSP is similar to the Intel Management Engine for Intel processors.

Details

The PSP itself is an ARM core with TrustZone inserted into the main CPU as a coprocessor. In 2019 Berlin based security group found that AMD-signed PSP proprietary firmware is redistributed via ordinary UEFI image files which can be easily analyzed. By using a few python-based tools it was found that the image's PSP firmware contained application resembling an entire micro operating system. Investigation of Lenovo Thinkpad A285 motherboard's flash chip that stored UEFI also revealed that PSP core itself is run before the main CPU and that its firmware bootstrapping process starts just before basic UEFI gets loaded. The major discovery was that the firmware is run inside the system memory space as user applicaton and has unrestricted access to it raising concerns over data safety.

Security history

In September 2017, Google security researcher Cfir Cohen reported a vulnerability to AMD of a PSP subsystem that could allow an attacker access to passwords, certificates, and other sensitive information; a patch was rumored to become available to vendors in December 2017.
In March 2018, a handful of alleged serious flaws were announced in AMD's Zen architecture CPUs by an Israeli IT security company related to the PSP that could allow malware to run and gain access to sensitive information. AMD has announced firmware updates to handle these flaws. While there were claims that the flaws were published for the purpose of stock manipulation, their validity from a technical standpoint was upheld by independent security experts who reviewed the disclosures, although the high risks claimed by CTS Labs were often dismissed by said independent experts.