Computer hardware platforms typically include several components which execute dedicated firmware to provide initialization and low-level runtime control thereof. These components may include not only one or more central processing units (CPUs), but also peripheral components mounted on the motherboard and/or on attached peripheral cards.
Dedicated firmware may be stored in memory associated with the computer hardware platforms. Such memory may be random access memory (RAM), dynamic random-access memory (DRAM), static random-access memory (SRAM), read only memory (ROM), programmable read only memory (PROM), electrically programmable read only memory (E-PROM), electrically erasable programmable read only memory (EEPROM), or flash memory.
An interface may be used by CPUs and other peripherals to allow access to the firmware and other executable instructions and data stored in the memory associated with the computer hardware platforms. For example, the interface may be a serial peripheral interface (SPI) that provides an asynchronous serial data link between a CPU (e.g., master device) and the memory (e.g., slave device).
Firmware security is integral to maintaining the integrity of computer hardware platforms. Firmware attack vectors include host/driver access, network access, power-on and reset, boot and pre-boot, and virtual machine access. Server platforms within modern data centers present additional surfaces for firmware attacks, by allowing third-party applications and operating systems to provision bare metal, and by allowing guest Virtual Machines physical access to a variety of hardware resources (e.g., CPUs, GPUs, FPGAs, memory and/or SSDs).
It can be appreciated that there is an ongoing need to enhance the security and integrity of computer hardware platforms. Specifically, operators of server platforms within modern data centers desire to enhance the security and integrity of firmware and other computer executable instructions stored in memory accessed by hardware resources associated with modern data centers.