AMD Platform Security Processor: Difference between revisions

Line 8:

|Logo=AMD logo.svg|Website=https://www.amd.com/en.html}}

The '''[[AMD]] Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com}}</ref>

The '''[[AMD]] Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com |url-status=live |archive-url=https://web.archive.org/web/20260215213932/https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |archive-date=15 Feb 2026}}</ref>

AMD has not provided much information about the PSP, but several features are know, including:<ref name=":0">{{Cite web |date=2023-04-17 |title=Reversing the AMD Secure Processor (PSP) |url=https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |url-status=live |archive-url=https://web.archive.org/web/20260112172321/https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |archive-date=2026-01-12 |access-date=2026-02-04 |website=dayzerosec.com}}</ref>

Line 21:

AMD has denied requests to open-source the software running on the PSP.<ref>{{Cite web |last=Williams |first=Rob |date=19 Jul 2017 |title=AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code |url=https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |url-status=live |archive-url=https://web.archive.org/web/20251123014437/https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |archive-date=2025-11-23 |access-date=2026-02-04 |website=HotHardware}}</ref> This means that the inner workings of the PSP cannot be independently verified and bug-fixing can only be performed by AMD. This is an example of [[Security through obscurity|"security through obscurity"]], which has been criticized for taking away consumer rights.

Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.<ref>{{Cite web |date=15 Mar 2021 |title=Every modern computer has a backdoor |url=https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |url-status=live |access-date=2026-02-04 |website=sysjolt.com}}</ref>

Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.<ref>{{Cite web |date=15 Mar 2021 |title=Every modern computer has a backdoor |url=https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |url-status=live |access-date=2026-02-04 |website=sysjolt.com |url-status=live |archive-url=https://web.archive.org/web/20260215213945/https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |archive-date=15 Feb 2026}}</ref>

==Vulnerabilities==

@@ Line 8: / Line 8: @@
 |Logo=AMD logo.svg|Website=https://www.amd.com/en.html}}
-The '''[[AMD]] Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com}}</ref>
+The '''[[AMD]] Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com |url-status=live |archive-url=https://web.archive.org/web/20260215213932/https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |archive-date=15 Feb 2026}}</ref>
 AMD has not provided much information about the PSP, but several features are know, including:<ref name=":0">{{Cite web |date=2023-04-17 |title=Reversing the AMD Secure Processor (PSP) |url=https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |url-status=live |archive-url=https://web.archive.org/web/20260112172321/https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |archive-date=2026-01-12 |access-date=2026-02-04 |website=dayzerosec.com}}</ref>
@@ Line 21: / Line 21: @@
 AMD has denied requests to open-source the software running on the PSP.<ref>{{Cite web |last=Williams |first=Rob |date=19 Jul 2017 |title=AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code |url=https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |url-status=live |archive-url=https://web.archive.org/web/20251123014437/https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |archive-date=2025-11-23 |access-date=2026-02-04 |website=HotHardware}}</ref> This means that the inner workings of the PSP cannot be independently verified and bug-fixing can only be performed by AMD. This is an example of [[Security through obscurity|"security through obscurity"]], which has been criticized for taking away consumer rights.
-Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.<ref>{{Cite web |date=15 Mar 2021 |title=Every modern computer has a backdoor |url=https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |url-status=live |access-date=2026-02-04 |website=sysjolt.com}}</ref>
+Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.<ref>{{Cite web |date=15 Mar 2021 |title=Every modern computer has a backdoor |url=https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |url-status=live |access-date=2026-02-04 |website=sysjolt.com |url-status=live |archive-url=https://web.archive.org/web/20260215213945/https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |archive-date=15 Feb 2026}}</ref>
 ==Vulnerabilities==