Industry-leading firmware products born from AMI technology and innovation
November 19, 2020:
DULUTH, GEORGIA / HILLSBORO, OREGON - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, and Lattice Semiconductor, the low power programmable leader, are pleased to announce a new jointly-developed platform firmware security solution, AMI PlatFire™ Firmware with the Lattice Sentry™ solutions stack. The solution enables developers to quickly and easily implement system-level cyber resiliency that is pre-validated as compliant with NIST Platform Firmware Resiliency (PFR) Guidelines (NIST SP 800-193), making it easy for developers with limited hardware security expertise or limited time-to-market to implement PFR on the latest industry-standard server platforms.
The solution combines technology from two of the leading names in PFR - AMI and Lattice Semiconductor - to bring the industry an integrated, fully-featured, pre-verified and secure Platform Root-of-Trust (PRoT) solution that is flexible, scalable, low cost, and easy to implement. The solution uses the Lattice Sentry stack, featuring a low-power Lattice MachXO3D™ secure control FPGA running pre-verified, PFR-compliant IP, to implement a PRoT on a server's motherboard. The AMI PlatFire firmware then orchestrates the connection between the PRoT and other on-board components, such as SoCs and RoCs, to confirm the firmware they are running is valid.
"We're excited by the growing interest from customers across markets in implementing PFR to protect their systems. Pairing our Sentry solutions stack with AMI's new PlatFire firmware provides a comprehensive, system-level PFR solution that helps developers quickly and easily protect their system firmware, making PFR support possible for a larger potential customer base," said Esam Elashmawi, Chief Strategy and Marketing Officer, Lattice Semiconductor.
Sanjoy Maity, Chief Executive Officer of AMI, added that "Our AMI PlatFire PRoT firmware provides customers an affordable, flexible and comprehensive alternative to existing competitor solutions. By partnering with Lattice Semiconductor to deliver AMI PlatFire on a secure Lattice MachXO3D FPGA with the Lattice Sentry Security stack and a full suite of design and development tools, together we can offer complete system security that is fully compliant with NIST PFR Guidelines and is host CPU vendor agnostic - so customers don't have to feel locked into a particular ecosystem or platform to have a secured system."
Firmware is an increasingly popular attack vector; the National Vulnerability Database reported that between 2016 and 2019 the number of firmware vulnerabilities grew over 700 percent1. The NIST PFR guidelines were written to help developers understand how to protect legitimate firmware, detect unauthorized firmware, and restore compromised firmware to a known good state by establishing a PRoT. PRoT solutions validate platform firmware at boot to ensure it has not been modified illegitimately. Currently, developers with PFR design expertise are in limited supply, and OEMs requiring support for PFR often have strict time-to-market requirements that preclude developing a PFR solution from scratch. Recognizing these trends, AMI and Lattice worked together to deliver a tightly integrated, pre-validated PFR solution. It provides a robust PRoT, for real-time I2C bus and SPI monitoring of both BIOS and BMC SPIs, so from the moment a system boots all transactions over the SPI bus are monitored.
AMI has applied its 35 years of deep expertise in BIOS and BMC firmware development to deliver a robust PFR solution designed to detect, protect and recover firmware from unauthorized modification. As implemented in the AMI-Lattice joint solution, the PlatFire firmware executing on the Lattice MachXO3D with the Lattice Sentry solution stack orchestrates the connection between the solution's PRoT and all other ICs on the motherboard. Moreover, AMI PlatFire firmware is host CPU-agnostic, to give system developers greater flexibility in supporting the CPU requirements of their chosen server platform.
Thanks to its seamless integration with Aptio® UEFI Firmware and MegaRAC® SPX BMC Firmware from AMI, AMI PlatFire delivers a truly turnkey PFR solution - making use of the Lattice MachXO3D IP blocks to support detection and recovery of platform firmware, together with runtime monitoring of SPI flash memory used to store the platform firmware.
The Lattice Sentry solutions stack delivers a robust combination of customizable embedded software, reference designs based on the Lattice MachXO3D secure control FPGA, IP, and development tools to accelerate the implementation of secure systems compliant with PFR guidelines. As the system controller, the MachXO3D is the first component to execute code and attest power sequencing logic at system startup, making it an ideal platform for establishing a PRoT. Thanks to the MachXO3D FPGA's parallel processing architecture and flash memory, the device monitors for and detects attacks in real time - a truly groundbreaking innovation as real time monitoring is currently beyond the processing capabilities of competing PRoT solutions like MCUs.
For more information on the joint AMI PlatFire™ PRoT Firmware on Lattice Sentry solutions stack, please call 1-800-828-9264 to speak with an AMI Security Solutions expert or contact us via https://ami.com/en/contact-us/.
For more information about Lattice Sentry, please visit https://www.latticesemi.com/latticesentry.
About Lattice Semiconductor Lattice Semiconductor (NASDAQ: LSCC) is the low power programmable leader. We solve customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive, and consumer markets. Our technology, long-standing relationships, and commitment to world-class support lets our customers quickly and easily unleash their innovation to create a smart, secure and connected world.
MachXO3D™ is a trademark of Lattice Semiconductor Corporation. All other trademarks and registered trademarks are the property of their respective owners.
November 18, 2020:
DULUTH, GEORGIA - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to be named as a collaborator in the new NIST® National Cybersecurity Center of Excellence (NCCoE) 5G Cybersecurity Project.
AMI joins an impressive roster of technology providers and industry experts to collaborate on the project - including AT&T, CableLabs, Cisco, Dell Inc., Intel, Keysight, MiTAC, Nokia, Palo Alto Networks and T-Mobile - as they work together with the NCCoE 5G team to identify several 5G use case scenarios and demonstrate how the components of the 5G architecture can provide security capabilities to mitigate identified risks and meet industry sectors' compliance requirements.
Through a Cooperative Research and Development Agreement with NIST, these organizations will form a consortium in which they will each contribute their expertise and hardware or software to help refine a reference design and build example standards-based solutions. This project will result in a publicly available NIST Cybersecurity Practice Guide in the Special Publication 1800 series, a detailed guide describing the practical steps needed to implement a cybersecurity reference design.
Sanjoy Maity, Chief Executive Officer of AMI, expressed his pleasure at the news by saying, "We are delighted to be a participant in the NCCoE 5G Cybersecurity project. This announcement once again highlights our deep commitment to security across all sectors of the compute, cloud and connected devices ecosystems. AMI looks forward to working together with the NIST team and this stellar group of industry leaders over the coming months to deliver the forthcoming NIST Cybersecurity Practice Guide, which will help build a solid foundation of security best practices for the dawning era of 5G communications and give actionable, practical guidance and solutions to the industry as they design the next generation of networks and transform our world."
For more information about the NIST NCCoE 5G Cybersecurity project, please visit the 5G project page at https://www.nccoe.nist.gov/projects/building-blocks/5g-cybersecurity. To receive news and information about the progress of the project, please join the 5G Community of Interest by emailing email@example.com.
For more information on AMI Security Solutions, please contact AMI via https://ami.com/en/contact-us/ or call 1-800-828-9264 to speak with an AMI Security Solutions expert.
About the NIST National Cybersecurity Center of Excellence The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses' most pressing cybersecurity issues. This public-private partnership enables the creation of practical cybersecurity solutions for specific industries, as well as for broad, cross-sector technology challenges. Through consortia under Cooperative Research and Development Agreements (CRADAs), the NCCoE applies standards and best practices to develop modular, easily adaptable example cybersecurity solutions using commercially available technology. The NCCoE documents these example solutions in the NIST Special Publication 1800 series, which maps capabilities to the NIST Cybersecurity Framework and details the steps needed for another entity to recreate the example solution.
NIST® is a registered trademark of the U.S. Department of Commerce's National Institute of Standards and Technology. All other trademarks and registered trademarks are the property of their owners in the US and other countries.
November 16, 2020:
DULUTH, GEORGIA - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce support for Intel Memory Failure Protection (Intel MFP) capabilities in its Aptio® V UEFI Firmware and MegaRAC® BMC Firmware.
Intel MFP, optimized for Intel Xeon Scalable platforms, is specifically designed to improve customers' datacenter uptime and total cost of operation (TCO) by predicting DDR4 memory failures. For Aptio V UEFI Firmware, the Intel MFP solution comes in the form of the IntelMfpSupport eModule and includes OEM IPMI command additions. For MegaRAC BMC Firmware this support is available as an Option Pack, which includes code to process the memory errors complemented by the DIMM Health Assessment Model (DHAM) from Intel, along with periodic module updates.
As part of this initiative, AMI is authorized to provide the same world-class technical support for the Aptio V eModule and the MegaRAC Option Pack that is represented by all AMI products. Moreover, both AMI and Intel will continue to offer information and training for customers considering integration of these value-added firmware solutions.
DIMM failures are one of the most common causes of server downtime, notorious for severely impacting system reliability, availability and serviceability (RAS). These failures can be caused by a wide range of sources beyond normal use, such as manufacturing defects or extreme environmental or operating conditions. While currently accepted techniques such as Error Correcting Code (ECC) and correctable errors threshold-based Predictive Failure Analysis (PFA) help overcome some correctable errors with DIMM, they have cost, reliability, coverage and performance implications - and cannot help to overcome uncorrectable errors.
As a more complete solution, Intel MFP features several innovative and original capabilities. It predicts micro-level failures in rows, columns and cells based on historical data, using a low-overhead online learning method to improve its prediction accuracy and avoid interfering with critical compute tasks. This also enables Intel MFP to generate an estimated memory health score for proactive memory failure management.
For datacenters and cloud service providers, the benefits of adding Intel MFP support in Aptio V UEFI Firmware and MegaRAC BMC Firmware are clear and immediate. Datacenter service level agreements (SLA) are improved, DIMM failure rates are reduced through proactive memory health evaluation and enhanced memory page offlining policies, and most importantly, higher DIMM performance and reliability optimizes workload and VM migration decision-making to boost efficiency, flexibility and TCO.
To highlight the benefits of Intel MFP in the datacenter, an Intel case study conducted with Tencent, the leading provider of cloud services in the APAC region, identified a five-fold improvement in DIMM failure prediction and reduced downtime, as well as fewer unnecessary DIMM replacement and upgrade expenses. A similar case study carried out by Intel with Meituan, the leading eCommerce services provider in the APAC region, revealed that Intel MFP could enable Meituan to reduce server crashes caused by memory failure by up to 40% through intelligent analysis of server memory health and proactive memory failure prediction.
Sanjoy Maity, Chief Executive Officer of AMI, commented that "AMI is commited to adopting ground-breaking technologies from industry drivers like Intel that make our products more relevant and effective for datacenter and cloud services end-users. This commitment has been a key component of our long-standing and successful relationship with Intel from the very beginning. Now, our new Aptio V IntelMfpSupport eModule and MegaRAC BMC Firmware Option Pack featuring lntel MFP support are a simple and effective way for OEMs and ODMs to add enhanced DDRAM failure prediction capabilities into their designs and deliver the improved RAS and SLAs that their customers demand."
"Improving server uptime and lowering TCO is a core component of our mission to support the datacenter and cloud services ecosystems," said Jeff Klaus, General Manager, Data Center Management Solutions Group at Intel. "AMI's distribution and support for Intel MFP technology in its Aptio V UEFI and MegaRAC BMC firmware solutions will help datacenter operators focus on delivering differentiated services and help avoid costly, disruptive memory failure-related downtime."
For more information on the Aptio V IntelMfpSupport eModule and MegaRAC BMC Firmware Option Pack featuring Intel MFP capabilities, please call 1-800-828-9264 to speak with an AMI expert or contact us via https://ami.com/en/contact-us/.
Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Memory failure prediction results provided through the use of Intel MFP are estimated and may vary based on differences in system hardware, software, or configuration. Results are derived using multi-dimensional models and algorithms to predict potential memory failures and do not constitute a representation or guarantee regarding memory failure.
November 13, 2020:
DULUTH, GEORGIA - AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce its participation in a recent publication on BMC security best practices and Hardware Root of Trust (HRoT) / Platform Root of Trust (PRoT) released by the Cloud Security Industry Summit (CSIS), a group of cloud service providers facilitated by Intel® Corporation who share a mission to align on a vision and approach to developing best-of-breed security solutions for their industry.
The paper is titled "A Case for a Trustworthy BMC" and outlines the current state of known hardware vulnerabilities in BMCs, providing a breakdown of its different layers, including hardware, firmware, OS, applications and services so readers can better understand potential threat vectors and risks. It also discusses the landscape of currently available BMC security solutions and provides recommended guidelines and approaches for bolstering BMC security, including a helpful Recommendation Checklist for cloud providers and other interested parties. The paper concludes with a look to future developments as well as some promising trends in the ecosystem and is available now for download on the CSIS website at https://www.cloudsecurityindustrysummit.org/#documents.
In addition to contributing its hardware and platform security expertise to CSIS, AMI offers several security solutions for BMC hardware for true BMC HRoT / PRoT - including a new Security Tech Pack for its popular MegaRAC® SP-X BMC Firmware.
MegaRAC SP-X is a powerful server management solution composed of firmware and software components based on industry standards like IPMI 2.0, Restful APIs, SMASH, Serial over LAN (SOL) and key serviceability features like remote presence, CIM profiles and advanced automation. It is available for all the major System-On-Chip (SoC) designs and supports Intel® / AMD x86, Arm® 64 (including Ampere eMAG™, Marvell and Qualcomm) and IBM POWER® 8/9 architectures.
MegaRAC SP-X also features a high level of modularity, with the ability to easily configure and build the firmware image by selecting features using an intuitive graphical development tool chain. These features are available in independently maintained Technology Packages, for superior manageability of the firmware stack and an expandable solution that supports hooks which allow for OEM customization on top of the AMI solution.
Stefano Righi, Vice President of Global Software, Security Engineering & Services at AMI, commented in this way: "In recent years, AMI has strongly focused its efforts in platform security by integrating the BMC as a core component of PRoT, developing several innovative new products that deliver this capability. Many of our innovations are founded on the concept of the BMC essentially taking the role of ensuring RoT for the entire platform - including the system BIOS firmware, such as our Aptio® V UEFI Firmware. In this way, AMI can deliver increased functionality and value with MegaRAC SP-X and its Security Tech Pack, as it provides RoT support all the way to system firmware like Aptio V."
"AMI is grateful for the opportunity to collaborate with security thought leaders at CSIS and contribute to moving the industry forward together on BMC and cloud security best practices," said Eric Johnson, Engineering Manager of Global Software, Security Engineering & Services at AMI and a contributor to the CSIS workgroup that issued the report. "This document provides meaningful insight into the current state of BMC security and optimism that the challenges can be met – all in a way that that cloud providers can easily grasp and apply."
For more information on AMI Security Solutions for BMC Firmware, including MegaRAC SP-X BMC Firmware and its new Security Tech Pack, please contact AMI via https://ami.com/en/contact-us/ or call 1-800-828-9264.
About the Cloud Security Industry Summit: The Cloud Security Industry Summit (CSIS) is a group of Cloud Service Providers, with a mission to align on a vision and approach to developing best-of-breed security solutions. The group includes members from top Cloud Service Providers, partnering as an industry team and evolving a coordinated approach for improving cloud security from component to system to solution.
All trademarks and registered trademarks are the property of their owners in the US and other countries.
November 4, 2020:
DULUTH, GEORGIA / CHENNAI, INDIA: AMI®, a global leader in powering, managing and securing the world's connected digital infrastructure through its BIOS, BMC and security solutions, is pleased to announce that Mr. Arvind Jayabal has been named Country Head for the AMI India branch, effective November 2, 2020.
Mr. Jayabal ("Arvind") comes to AMI with nearly thirty years of experience in semiconductor, telecommunications, mobile, automotive, and related technology industries, with a focus on delivering product development services in VLSI design and embedded systems development.
With this experience, he brings to AMI a strong capacity for implementing innovative services business models across diverse technology domains, each with the common goal of helping customers realize maximum value. Arvind has performed a wide range of roles in his career including sales, delivery, large account management, head of practice and business unit leader for firms in India, Japan and the US.
As President of Tessolve Semiconductor, Arvind managed VLSI Design and Embedded Systems businesses, overseeing a team of 700 employees. Before that, he was Vice President at GlobalLogic, leading business development in the telecommunications segment with a specific focus on mobility and embedded engineering. Prior to his time at GlobalLogic, Arvind was with Wipro for over 21 years in multiple roles, moving quickly from engineering to management.
Arvind holds a bachelor's degree in Mechanical Engineering from the PSG College of Technology, Coimbatore and a post-graduate diploma in Management from the Indian Institute of Management, Bangalore.
"We are most excited to welcome Arvind to AMI as our new Country Head at AMI India," said Sanjoy Maity, AMI Chief Executive Officer. "His extensive experience in India - and the APAC region as a whole – along with his track record of success in management and revenue growth make him a perfect fit to drive our new goals and initiatives in India and to help support our teams across the greater APAC region."