HP Sure Start Automatic Firmware Intrusion Detection and Repair System - White Paper

May 2016

902696-002

HP Sure Start Technical White Paper

1 Introduction 1

1 Introduction

HP Sure Start is the industry leader in a chipset and processor independent, firmware intrusion detection and automatic

repair system. HP Sure Start provides a robust level of cyber-resiliency unique to HP platforms, while conforming to NIST

800-147 and 800-155 guidelines.

HP Sure Start provides the following capabilities:

 HP Core Platform Firmware authenticity enforcement and tamper protection

HP Sure Start Hardware enforcement of the system booting only authentic and un-modified HP firmware and HP BIOS

 Firmware Health Monitoring & Compliance

Logging of firmware health related events via isolated HP Sure Start hardware auditing exposes platform firmware state

along with any anomalies that could be indicative of thwarted attacks.

 Self-healing

Automatic repair of HP BIOS and HP firmware corruption using a hardware isolated backup copy of HP BIOS and HP

firmware

Together, the above capabilities provide the following benefits to platform owners and administrators:

 Uninterrupted productivity

HP Sure Start maintains business continuity in the event of an attack or accidental corruption in that there is no

downtime waiting for IT/Service event

 Lower cost

HP Sure Start’s ability to recovery automatically reduces calls to IT Help Desk and enhances productivity which ultimately

helps lower the maintenance cost for the platform