Industry-leading firmware products born from AMI technology and innovation
September 23, 2020:
NORCROSS, GEORGIA - AMI®, a global leader in powering, managing and securing the world’s connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce its participation in facilitating the acceptance of TianoCore as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE®) Program.
CVE is an international, community-based effort that maintains a community-driven, open data registry of vulnerabilities. The CVE IDs assigned through the registry enable program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks. The CVE Program currently has 140 CNAs in 24 countries, globally across technologies and services.
TianoCore is a community-supported open source implementation of the Unified Extensible Firmware Interface (UEFI), developed and promoted by the UEFI Forum, a non-profit industry standards body responsible for developing, managing and promoting UEFI specifications. TianoCore represents a modern and cross-platform firmware implementation for the UEFI and UEFI Platform Initialization (PI) specifications, which has ultimately evolved into other open source projects under the TianoCore community. AMI is a founding member and promoter of the UEFI Forum, holding a seat on the Board of Directors and contributing to its formation from its inception.
The acceptance of TianoCore as a CNA by the CVE Program means that it will be able to issue CVEs for vulnerabilities affecting TianoCore or EDK-II source. The CVE Program has added TianoCore to its list of CNA participants, available on its website at https://cve.mitre.org/cve/request_id.html#cna_participants. This acceptance will also help to streamline the work of the TianoCore Infosec Group, which documents the community's findings on known vulnerabilities and security issues at https://github.com/tianocore/tianocore.github.io/wiki/Reporting-Security-Issues.
As part of this announcement, AMI will participate in a coordinating role together with other industry leaders in BIOS and UEFI firmware as well as Intel® Corporation. For over a decade, AMI engineers have donated time and their combined years of firmware development expertise to help with open source vulnerabilities originating from TianoCore or EDK-II. In this role, AMI and the other participating companies are granted the authority to request a CVE on behalf of TianoCore, both for the project or any other OSS project that consumes TianoCore projects or code.
"As firmware security and trust become an increasingly important area of cybersecurity focus, we are grateful to AMI for the role it has played in driving the acceptance of TianoCore as a CVE Numbering Authority with the CVE Program," said Beverly Alvarez, Lenovo PSIRT Program Manager and member of the CVE Board. "Their leadership, together with all of the leading names in the BIOS/UEFI space, underscores the importance that each of these organizations see in supporting standardized, industry-wide terminology for the naming and classifications of all types of vulnerabilities."
"AMI is extremely pleased to have played a role in the acceptance of TianoCore as a CVE Numbering Authority by the CVE Program," said Eric Johnson, Managing Engineer for Software and Security Services at AMI. "Over the years, AMI has strengthened its commitment both to firmware security leadership and to deeper participation in relevant open source software (OSS) projects, and today's announcement is one of the results of that effort, something of which all AMI contributors can be very proud," he added.
Stefano Righi, Vice President of Global Software, Security Engineering & Services and AMI's representative on the UEFI Board of Directors, added that "this achievement is the culmination of over 15 years of contribution by AMI to UEFI, with an ever-increasing focus on the security of firmware implementation based on the UEFI Specification. With the granting of CVE Numbering Authority for TianoCore, in addition to the ability to specify security features AMI can now contribute to the security of the entire firmware development lifecycle - monitoring the ecosystem of released products and identifying mitigations for new vulnerabilities detected by security researchers."
All trademarks and registered trademarks are the property of their respective owners in the US and other countries.
September 16, 2020:
NORCROSS, GEORGIA - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce its upcoming participation in a Virtual UEFI Plugfest webinar hosted by the UEFI Forum titled "Implementing and Using the UEFI Key Management Service (KMS)" on Thursday, September 17, 2020 at 11:00 am ET / 8:00 am PT and on demand following the live presentation. Participants can register for the webinar at https://www.brighttalk.com/webcast/18206/435558.
AMI experts Zachary Bobroff, Director of the AMI Product Office, and Alex Podgorsky, Principal Manager for BIOS Core Engineering, will represent AMI on this topic, speaking from their joint vantage point of many years' experience and thought leadership in UEFI firmware security best practices and development.
The presentation will begin with an overview of the Key Management Service (KMS) protocol definition, which has been present in the UEFI specification since version 2.3.1 and provides services to generate, store, retrieve and manage cryptographic keys.
While the UEFI specification provides the definition for KMS, the underlying implementation can vary – meaning there are several options to implement the KMS protocol. Although one simple implementation option is to build KMS on top of something already in the system such as a TPM, the most practical implementation requires interfacing with a Key Management Interoperability Protocol (KMIP) Server over a secure network connection.
The presentation will therefore cover the high-level interactions between the UEFI firmware and a KMIP server to implement the UEFI KMS protocol, along with several real-world use cases of the KMS protocol in modern systems - useful information for developers and engineers who are interested in learning how to add practical, time-tested KMS implementation techniques to their UEFI development toolkits.
This Virtual UEFI Plugfest presentation is organized by the Unified Extensible Firmware Interface (UEFI) Forum, a non-profit industry standards body responsible for developing, managing and promoting UEFI specifications. AMI remains a long-standing contributor member of UEFI, participating in and hosting virtual and in-person Plugfest events throughout the year and contributing to the formation of the UEFI specification since its inception. To learn more about the UEFI Forum, please visit https://uefi.org/.
To stay up-to-date on the latest UEFI Forum event details, see https://uefi.org/events/upcoming/.
To learn more about Aptio® V UEFI Firmware from AMI, please visit https://ami.com/aptio/.
June 16, 2020:
NORCROSS, GEORGIA - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce the opening of its new East Asia Regional Headquarters Office in Hong Kong.
This new Hong Kong Regional Headquarters office will provide critical support for the AMI Branch and Field Offices throughout the East Asia region, including China, Japan, Korea and Taiwan. Among other things, this location will coordinate Finance, Regulatory and related business functions in support of key AMI customers in the region, who will continue to be serviced by their nearest AMI Branch Offices.
As a point of pride for AMI, the addition of this new Hong Kong Regional Headquarters office now brings the number of AMI locations in East Asia to a total of seven offices. This tally represents a first for the company and underscores its dedication to supporting its customers in the regions where they are located and host many of their business activities.
Contact information for the new AMI East Asia Regional Headquarters is:
AMI Hong Kong, Regional Headquarters
Unit 1103A, 11/F, Cosco Tower
183 Queen’s Road Central
Sheung Wan, Hong Kong
Tel:  2256 4068
Fax:  2256 4078
"Today we are extremely excited to announce our new Regional Headquarters in Hong Kong, as we continue our expansion and growth in this market that is so vital to our business on so many different levels," said Sanjoy Maity, Chief Executive Officer of AMI.
"Our intention with the opening of this office is to establish a central hub of East Asian operations, to coordinate and streamline our business operations there and establish an even stronger presence in that part of the world. This is a key component of our new and evolving business strategy at AMI: to recognize the continually growing importance of this region to our business, as our customer base, design and development operations, and the end-user community for AMI products there continues to expand exponentially," he added.
May 29, 2020:
NORCROSS, GEORGIA - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce the new AMI DevNet™ Firmware Source Code Development and Distribution Environment for AMI OEM and ODM Customers.
AMI DevNet™ is a web-based source code distribution and development environment that combines a unique, enhanced source code hosting service featuring metadata-aware microservices and bots together with a complete DevOps solution for BIOS and BMC firmware development. It features an enhanced robust Git™-based source control system with powerful integrated DevOps capabilities to help make firmware development simpler, faster and more secure. With fully integrated virtual and physical hardware testing services, AMI DevNet is a vital tool for bringing products to market on budget and on time.
AMI DevNet is available to AMI ODM and OEM firmware customers with the option to use specific components of the solution as needed and the ability to integrate and add custom DevOps capabilities. The solution is not intended to replace each customer’s own development methodologies, but rather to provide an opportunity to enhance and complement them, with the aim of shortening the development cycle and time to market.
One of the key benefits of AMI DevNet is a highly streamlined development experience for all types of firmware engineering teams. It also has secure development at its core – as all source code developed in conjunction with AMI DevNet is required to pass static code analysis and other tests to ensure customer coding standards are enforced.
To make it familiar and compatible with existing OEM/ODM customer development methodologies, AMI DevNet also incorporates several well-known industry tools into its framework, such as Git, GitLab™, Docker™, Ansible®, Kubernetes™ and more. AMI DevNet leverages the widely used Git source-control system to support standard git commands, minimize complexity, and enable easy migration of existing projects to the AMI DevNet environment.
As part of its code verification process, AMI DevNet performs continuous integration to ensure every check-in still builds. AMI DevNet also features automated testing to ensure the latest source is always well tested and the latest firmware image is ready for deployment at any time. Any issues detected are clearly listed in a report format pointing to exact lines of code for quick analysis and resolution. All security issues require a logged sign-off if not corrected, while tool selection and aggressiveness also can be customized.
Finally, AMI DevNet provides flexible hosting and development models for easy multi-party development. It scales to cloud environments with ease and delivers the ultimate in modularity, security and compatibility while accommodating the preferred deployment models of each customer. Its flexibility means that multi-party development models can be arranged between any combination of AMI/OEM/ODM engineering teams. For quick on-boarding of engineering or development teams, AMI DevNet moves complicated tool setup to the cloud and allows for test hardware to be connected at AMI or the customer site.
"Throughout our history, providing best-in-class tools that enable our OEM and ODM customers to improve their development workflows, reduce development costs and errors and speed time to market has always been at the core of our mission," said Sanjoy Maity, Chief Executive Officer of AMI.
“AMI DevNet represents the next evolution in that mission – a modern solution based on industry-standard tools like Git and Kubernetes that will not only continue our legacy of first-class support for our firmware customers, but also deepen the potential for collaboration with AMI. AMI DevNet will also enable our customers to augment their own internal development processes, which will contribute to better, more innovative products that will ultimately benefit us all,” he added.
For more information on the new AMI DevNet Firmware Source Code Development and Distribution Environment, please visit ami.com/devnet or call 1-800-828-9264 to speak with an AMI Sales Representative.
May 20, 2020:
NORCROSS, GEORGIA – AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce barcode support in its world class Aptio® V UEFI Firmware.
Barcode support allows OEMs and ODMs the ability to encode the computer system serial number, platform ID or other identifiers into the BIOS and display it during system power on.
Barcode technology has been used for decades in manufacturing for inventory control, accuracy and speed. One can typically associate a barcode with the serial number of a device. While serial number inclusion into the firmware has been around for some time, the ability to view the serial number as a barcode is a recent event.
"Passing this information around or recording this data manually could lead to errors. Scanning barcodes using a standard barcode scanner can help eliminate this problem. A barcode scan is not only more reliable, but it takes less time than by hand-entered data," said Sanjoy Maity, Chief Executive Officer of AMI.
"However, what if the system has no barcode or any type of identifying information on the outside of the device?" he asked.
Serial numbers that were once found on the bottom of laptops and cellular phones, are slowly making their way into the firmware. The reason for this is related to how an OEM's repair and support contract is structured. If an end-user wants to get support for their device, they typically are required to provide the serial number of their device first. This is a simple way to find out if a device is still covered by a support contract or manufacturer's warranty.
Large OEMs and ODMs can become targets of fraud perpetrated by non-reputable companies that offer repair and support. These firms can obtain serial numbers by browsing classified listings with the intent to report devices associated with them as being repaired by their facility and requesting compensation for services that they did not render.
While this is one type of fraud, there are others that are not going to be mentioned in this release due to the sensitive nature of the subject. Hiding the serial number offers additional security benefits to the end-user of the device as well.
A device without a serial number printed on the outside of the device needs to be powered on to display the serial number. Traditionally, the serial number would be listed in the BIOS setup menu. If the owner password protects their device, then their serial number would remain secure.
However, obtaining the serial number by powering on the device and going into the BIOS setup menu to view the serial number limits the accuracy and speed of processing the device, whether it is during production, quality control or support of the device.
This is where barcode support in the BIOS has its clear benefit. Barcode support returns accuracy and speed back into the process by allowing the OEM, ODM and its authorized support representatives to quickly bring up the serial number or other platform identifier via a visual barcode, which can be quickly scanned.
For more information on AptioV and all its licensable eModules, please visit ami.com/aptio or call 1-800-828-9264 to speak with an AMI Sales Representative.