HP Sure Start for AMD Technical whitepaper
July 2019
L75214-001
HP Sure Start for AMD
© Copyright 2019 HP Development Company, L.P.
5 Appendix A–NIST SP 800-193: Platform Firmware Resiliency Guidelines 16
Table 2 Critical Platform Device Firmware protected by HP Sure Start for AMD or other technology
NIST SP 800-193 Platform
Architecture Reference
HP Commercial PC critical platform
device firmware
Protected by:
1. Embedded Controller
(EC)/Super I/O (SIO)
4. Host Processor
6. Graphics Processing Unit (GPU)
when implemented as Unified
Memory Architecture (UMA)
8. Host Controller (HC) for mass
storage device
9. Host Processor Boot Firmware
10. Platform Runtime Firmware
11. Power Supply
15. Fans
HP ESC firmware
HP UEFI BIOS firmware
HP Sure Start for AMD
2. Trusted Platform Module
(TPM)
Discrete TPM component firmware
1
TPM
3. Baseboard Management
Controller (BMC)/Management
Engine (ME)
AMD Secure Processor firmware
Not protected
5. Network Interface Controller
(NIC)
Network Controller firmware
2
Not protected
2
7. Serial Peripheral Interface (SPI)
Flash
N/A
4
N/A
4
9. Hard Disk Drive (HDD)/Solid
State Drive (SSD)
HDD/SSD firmware
N/A
3
10. Embedded MultiMediaCard
(eMMC)/ Universal Flash
Storage (UFS)
N/A
4
N/A
4
14. Glue Logic (CPLD’s, FPGA’s)
N/A
4
N/A
4
1
This component is not critical to boot of the platform.
2
This component is not critical to minimally restore operation of the system but is required to establish
Ethernet connectivity in environments where that connectivity is deemed critical to platform resiliency.
3
Mass storage devices are outside the scope of this document. Resiliency capabilities vary by storage supplier
and by storage device. Not all suppliers or devices currently meet all Resiliency requirements in 800-193.
4
No devices of this type are included.
5.3 Acronyms
• BIOS – Basic Input/Output System (aka host processor boot firmware)
• CPU – Central processing unit
• ESC – HP Endpoint Security Controller
• HMAC – Hash-based message authentication code
• HW – Hardware
• OS – Operating system