HP Sure Start

critical data, and Gen3+ can initiate a recovery of the critical data if corruption is detected.

Gen3+’s ESC implements the recovery capability.

A successful attack on the platform rmware will not impact Gen3+’s RTRec. The RTRec

is maintained in a private ash area inaccessible to the system software that might

compromise the platform rmware.

Gen3+’s RTRec has access to a locally stored copy of the platform’s UEFI image in its

private ash area, which is inaccessible to (protected from) system software.

Gen3+ can update the locally stored authentic UEFI image in its private ash area through

compromise Active Critical Data.

Gen3+ can recover critical data back to factory defaults including per-platform-specic

data that is backed up in isolated & protected storage.

Gen3+ can recover non-per-platform-specic defaults from the backup BIOS image

stored in isolated and protected storage.

Gen3+ does not use policies included as part of Critical Data to restore critical data.

Gen3+ will notify user of corruption and log the event.

Gen3+’s detection mechanism is capable of logging events when corruption is detected.

Gen3+ Runtime Detection can initiate a recovery process automatically or after

notication of detection corruptions to the user.

Gen3+ can automatically perform its recovery operations without user interaction or it

may require user approval, dependent on policy setting.

Gen3+ gains approval from the user before replacing the current Critical Data, based on

recovery policy setting.

Gen3+ can recover Critical Data back to a last-known good state.

Gen3+ gains approval from the user before replacing the current Critical Data, based on

recovery policy setting.