Behind the Scenes of Intel Security and Manageability Engine

Conference:  BlackHat USA 2019



The presentation discusses the architecture and security features of the CSM II system, including pre and post-manufacturing abilities, secure firmware updates, and the microkernel architecture.
  • CSM II system has pre and post-manufacturing abilities to configure features such as manageability and anti-roll back
  • Secure firmware updates ensure version control and integrity protection
  • Microkernel architecture ensures proper isolation between critical security features and manageability
  • Auditing and mitigation measures are in place to prevent vulnerabilities
The presentation mentions that previous research found vulnerabilities in the high privilege component of the bring up process, leading to a reduction in its privileges to prevent unauthorized access to critical security features.


Today low-level firmware vulnerabilities are becoming more a focus than in the past, mainly due to the nature of having highest privilege on the system and due to the advanced security protection and mitigation that exist in the host Operating System (OS).Intel has developed a security engine named CSME (Converged Security and Manageability Engine) that provides a key security value to the platform from start to enablement of the “Root of Trust” concept.Continuous improvements have been made to the CSME firmware during the past few years that aim to make it more difficult to exploit common memory corruption issues and reduce complexity/privileges of some of the CSME firmware (FW) modules due to security issues published in previous years. We will describe how Intel CSME FW is mitigating these type of security challenges by applying industry standards mitigation tailored to the FW environment.We will share deep technical detail on how other firmware environments can achieve the same results by applying the same technology and we will share the why of how we apply a feedback fuzzing and queue-management in a generic form, so it could be applied on any given existing fuzzer.Overall, in this presentation we will introduce the following:CSME Hardware, its limitation and security challenges it poses.CSME µKernel OS internals, boot flow, Debugging capabilities.Processes & Key features.CSME customizations support & OEM role in manufacturing.Recovery and update mechanisms.Exploitation mitigations against memory corruptions & defense in depthFuzzers & monitoring technologies.