Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Intel platforms

Over the years and decades, Intel has developed many hardware platforms1.

Since the 4-bit 4004 in 1971, they have progressed over 8-bit up to 64-bit systems, retaining a lot of backwards compatibility. Starting with the ICH7 based platforms, Intel introduced their AMT (Active Management Technology)2, an out-of-band management solution3 for remote provisioning and support.

AMT evolved with more features over time, carrying the vPro label for machines targeting the business market4 and finally converging with more security features such as Boot Guard5, Intel’s secure boot implementation, digital content protection (DRM), and more6.

Now running on a coprocessor called the (Converged Security and) Manageability Engine7, or (CS)ME for short, henceforth abbreviated as ME, a full second operating system of its own is backing the platform.

Boot flow

The ME has its own firmware and bootstraps an Intel platform8. The main x86 cores are held in reset until the ME releases them to boot with their own firmware.

Both the ME firmware and the main x86 firmware are stored in the same flash part on a mainboard, partitioned via the Intel Flash Descriptior (IFD).

The following diagram is based on knowledge from various sources, including the coreboot documentation on Intel.

The boot flow for trusted boot is documented publicly9 by Intel.

ME classification and security

Security researchers have analyzed the ME10 and divided hardware variants into 3 generations11 thus far, each with their own multiple firmware versions, including security patch releases12 13. One core aspect in security research has been Boot Guard14 15, which had been introduced with Haswell, Intel’s 4th generation Core series platforms16, and discussed in the coreboot community17.

Note that the ME generations roughly correspond with the overall platform, in that ranges of Intel platforms are expected to carry a certain ME hardware generation and specific platforms a certain firmware version range. For example, Lenovo ThinkPad X270 laptops came with 6th/7th gen Intel Core processors, which means 3rd generation ME hardware and version 11.x.x.x ME firmware.

The following table is not necessarily correct nor complete, based on rough findings and notes on Wikipedia18.

YearMicroarchitectureChipset seriesGenerationME version
2015Broadwell5th11.x.x.x
Skylake100196th11.x.x.x
2016
2017Kaby Lake200207th11.5.x.x
Coffee Lake8th12.x.x.x
2018Coffee Lake300219th12.x.x.x
2019
2020Comet Lake4002210th14.x.x.x
2021Rocket Lake11th15.x.x.x
2022Alder Lake12th15.x.x.x
2023Raptor Lake13th15.x.x.x
Raptor Lake14th15.x.x.x
2024Arrow LakeSeries 215.x.x.x

Processor names

Intel publicly documents how to interpret procesor names23 and what their suffixes mean24.

Abbreviations

abbr.expansion
ACMAuthenticated Code Module
AMTActive Management Technology
CSMEConverged Security and Manageability Engine
DALDynamic Application Loader
FITFirmware Interface Table
FPTFirmware Partition Table
HAPHigh-Assurance Platform
{I,M,P}CH{I/O,Memory,Platform} Controller Hub25
IFDIntel Flash Descriptor
LMSLocal Manageability Service26
PTTPlatform Trust Technology
RBEROM Boot Extensions (part of ME firmware)
SPSServer Platform Services
TXETrusted Execution Engine
TXTTrusted Execution Technology

Ambiguities

There are colliding acronyms, even within this domain. The following abbreviations have a second meaning:

  • FIT: Flash Image Tool (sometimes also called FITC)
  • FPT: Flash Programming Tool

  1. https://en.wikipedia.org/wiki/List_of_Intel_processors

  2. https://en.wikipedia.org/wiki/Intel_AMT_versions

  3. https://www.amplicon-usa.com/actions/viewDoc.cfm?doc=iAMT-white-paper.pdf

  4. https://www.intel.com/content/www/us/en/architecture-and-technology/vpro/overview.html

  5. https://edc.intel.com/content/www/us/en/design/ipla/software-development-platforms/client/platforms/alder-lake-desktop/12th-generation-intel-core-processors-datasheet-volume-1-of-2/010/boot-guard-technology/

  6. https://www.intel.com/content/dam/support/us/en/documents/technologies/intel_amt_linux_enablement_guide_revision_1_1.pdf

  7. https://i.blackhat.com/USA-19/Wednesday/us-19-Hasarfaty-Behind-The-Scenes-Of-Intel-Security-And-Manageability-Engine.pdf

  8. https://www.intel.com/content/dam/www/public/us/en/security-advisory/documents/intel-csme-security-white-paper.pdf

  9. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/key-usage-in-integrated-firmware-images.html

  10. https://bitkeks.eu/blog/2017/12/the-intel-management-engine.html

  11. https://papers.put.as/papers/firmware/2014/2014-10_Breakpoint_Intel_ME_-_Two_Years_Later.pdf

  12. https://www.intel.com/content/www/us/en/support/articles/000029389/software/chipset-software.html?wapkw=csme

  13. https://www.intel.com/content/www/us/en/support/articles/000055675/technologies.html?wapkw=csme

  14. https://prohoster.info/en/blog/administrirovanie/doverennaya-zagruzka-shryodingera-intel-boot-guard

  15. https://github.com/flothrone/bootguard

  16. https://web.archive.org/web/20201129154607/https://www.intel.com/content/dam/www/public/us/en/documents/product-briefs/4th-gen-core-family-mobile-brief.pdf

  17. https://web.archive.org/web/20230322090345/https://patrick.georgi.family/2015/02/17/intel-boot-guard/

  18. https://en.wikipedia.org/wiki/Intel_AMT_versions

  19. https://www.intel.com/content/www/us/en/products/sku/90587/intel-q170-chipset/specifications.html

  20. https://www.intel.com/content/www/us/en/products/sku/98088/intel-q270-chipset/specifications.html

  21. https://www.intel.com/content/www/us/en/products/sku/133282/intel-q370-chipset/specifications.html

  22. https://www.intel.com/content/www/us/en/products/sku/201836/intel-q470-chipset/specifications.html

  23. https://www.intel.com/content/www/us/en/processors/processor-numbers.html

  24. https://www.intel.com/content/www/us/en/support/articles/000058567/processors/intel-core-processors.html

  25. https://en.wikipedia.org/wiki/Intel_Hub_Architecture

  26. https://web.archive.org/web/20070630000420/http://www.openamt.org/