Apparatus and method to harden computer system

摘要

In some embodiments, a processor-based system may include a processor, the processor having a processor identification, one or more electronic components coupled to the processor, at least one of the electronic components having a component identification, and a hardware security component coupled to the processor and the electronic component. The hardware security component may include a secure non-volatile memory and a controller. The controller may be configured to receive the processor identification from the processor, receive the at least one component identification from the one or more electronic components, and determine if a boot of the processor-based system is a provisioning boot of the processor-based system. If the boot is determined to be the provisioning boot, the controller may be configured to store a security code in the secure non-volatile memory, wherein the security code is based on the processor identification and the at least one component identification. Other embodiments are disclosed and claimed.

主权项

1. At least one non-transitory computer readable storage medium comprising a set of embedded controller firmware instructions which, if executed by an embedded controller that is integrated into a computing platform, cause the embedded controller to:
determine a platform code based on a processor identification of a processor and a component identification of at least one electronic component upon a non-provisioning boot of the processor-based system; and determine if the platform code is valid based on a comparison with a stored security code wherein the security code is based on a processor identification of the processor and an a component identification of the at least one electronic component upon a provisioning boot of the processor-based system.