Consumer Rights Wiki

AMD Platform Security Processor: Difference between revisions

← Older editNewer edit →
VisualWikitext
SinexTitan (talk | contribs)
confirmed, superconfirmed
1,335 edits
Advanced but Micro edit
Added information and concerns.
Line 6: Line 6:
|Category=Surveillance, Security, Hardware, Computers, Firmware
|Category=Surveillance, Security, Hardware, Computers, Firmware
|Description=An autonomous chip running closed-source code with full system access, found on most AMD platforms.
|Description=An autonomous chip running closed-source code with full system access, found on most AMD platforms.
}}
|Logo=AMD logo.svg|Website=https://www.amd.com/en.html}}
{{Ph-C-Int}}


==Consumer-impact summary==
The '''AMD Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com}}</ref>
{{Ph-C-CIS}}


==Incidents==
AMD has not provided much information about the PSP, but several features are know, including:<ref>{{Cite web |date=2023-04-17 |title=Reversing the AMD Secure Processor (PSP) |url=https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |url-status=live |archive-url=https://web.archive.org/web/20260112172321/https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |archive-date=2026-01-12 |access-date=2026-02-04 |website=dayzerosec.com}}</ref>
{{Ph-C-Inc}}
This is a list of all consumer-protection incidents related to this product. Any incidents not mentioned here can be found in the [[:Category:{{PAGENAME}}|{{PAGENAME}} category]].


===Example incident one (''date'')===
* CPU initialization
{{Main|link to the main CR Wiki article}}
* Hardware-accelerated cryptography
Short summary of the incident (could be the same as the summary preceding the article).
* Hardware/software integrity verification ([[wikipedia:Trusted_Platform_Module|TPM]])
===Example incident two (''date'')===
* Facilitating Secure Encrypted Virtualization ([https://www.amd.com/en/developer/sev.html SEV])
...


==Concerns==
AMD has denied requests to open-source the software running on the PSP.<ref>{{Cite web |last=Williams |first=Rob |date=19 Jul 2017 |title=AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code |url=https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |url-status=live |archive-url=https://web.archive.org/web/20251123014437/https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |archive-date=2025-11-23 |access-date=2026-02-04 |website=HotHardware}}</ref> This means that the inner workings of the PSP cannot be independently verified and bugfixes can only be performed by AMD. This is an example of [[Security through obscurity|"security through obscurity"]], which has been criticized for taking away consumer rights.
==Vulnerabilities==
{{Ph-C-Inc}}'''[Placeholder]'''


==See also==
==See also==
{{Ph-C-SA}}


* [[AMD]]
* [[Intel Management Engine]]


==References==
==References==
Retrieved from "https://consumerrights.wiki/w/AMD_Platform_Security_Processor"