Presented by Zachary Bobroff (AMI) | Dong Wei (Arm)
Secure system designs rely on entities such as a Platform Root of Trust (PRoT) to attest/authenticate all firmware, and guarantee confidentiality and integrity. The Arm ecosystem collaborates on defining specifications, such as the Server Base Manageability Requirements, that architect the interactions between the hardware components (BMC, PRoT, and the Host, among others), enabling the creation of secure systems on Arm. This effort is in symbiosis with OCP initiatives like the DC-SCM and PA-RoT. This presentation showcases the design challenges and turnkey solutions for developing secure systems. We will highlight host and management firmware attestation and use SPDM to attest a peripheral device (PCIe card), leveraging the cryptographic capability on the PRoT chip. The results from an AMI Tektagon demo performing this task will also be used to add real-world proof points to this discussion.
