IT pros know that a root-of-trust is the foundation to an effective security strategy. AMD GuardMI technology enables power-on-to-power-off protection with a powerful security co-processor inside every AMD Ryzen™ PRO CPU. Whether it’s virtualization or boot, DRM or TPM, the capabilities of our independent and isolated engine minimize attack vectors available to malicious agents.

 

 

 

 

 

Transparent Secure Memory Encryption:

Provides OS- and application-independent DRAM encryption without requiring software modifications. Transparent Secure Memory Encryption adds another line of defense against sophisticated physical attacks.

 

 

 

 

 

Secure Boot:

Utilizing the AMD Secure Processor Secure Boot helps ensure that a PC boots using only BIOS software that is trusted by the PC manufacturer. With Secure Boot, security starts from the moment of power, defending your PC before threats can attack the system.

 

 

 

 

 

Trusted Application Enablement:

The AMD Secure Processor running a separate trusted execution environment is a dedicated security subsystem allowing Ryzen™ PRO to run a variety of AMD and third-party security features. Based on industry-standard approaches, these trusted applications based on a hardware-based root of trust allow for increased security and ability for OEMs to create customized security solutions. Ryzen™ PRO trusted applications include support for firmware Trusted Platform Module (fTPM).

 

 

 

 

 

Secure Production Environment:

Security requires that systems, platforms, and products are correctly set up and configured at the moment of production. The correct firmware must be verified and a set of production verifications performed to ensure that all elements of security are properly set before anything leaves the OEM’s factory. Security must start from the moment of production.

 

 

 

Source: AMD