Technical whitepaper HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 Table of contents 1 HP Sure Start with Runtime Intrusion Detection................................................................... 3 1.1 Background ..................................................................................................................................................... 3 1.2 HP Sure Start with Runtime Intrusion Detection overview....
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 1 HP Sure Start with Runtime Intrusion Detection 1.1 Background HP has a holistic view of client security that aims to address security at every layer of the client device computing stack. Our focus is not just within the OS or on cloud-based security solutions—we believe that “Below the OS” device firmware and hardware security are also crucial.
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 Note that the focus is on monitoring the BIOS code in the system flash that is executed by the host CPU at boot. This is an important distinction from BIOS code that remains resident in the main (DRAM) memory to provide power management and other critical services after the system has booted to OS. Next, we explore that distinction in greater detail.
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 1.3.3 Runtime Intrusion Detection architecture Figure 2 provides details on the Runtime Intrusion Detection (RTID) capability implementation. The RTID feature utilizes specialized hardware in the platform chipset to detect modifications to the Runtime HP SMM BIOS.
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 1.3.4 Events The HP Sure Start RTID feature will generate events to the HP Sure Start hardware when any modification to the HP SMM BIOS code is detected. The HP Sure Start hardware will take the action associated with the event policy configured in BIOS setup.
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 1.4.2 BIOS setting protection overview HP Sure Start BIOS setting protection provides the capability to configure the system such that the HP Sure Start hardware is used to back up and provide integrity-checking of all the BIOS settings preferred by the user.
HP Sure Start with Runtime Intrusion Detection As implemented on HP EliteBook products equipped with 7th generation AMD processors January 2017 As the microprocessor enters SMM, it asserts a hardware output pin, SMI Active (SMIACT). This pin serves notice to the chipset hardware that the microprocessor is entering SMM. An SMI can be asserted at any time, during any process operating mode, except from within SMM itself.
