"TrustZone technology, tightly integrated tightly into Cortex™-A processors, extends throughout the system via the AMBA® AXI™ bus and specific TrustZone System IP blocks. This system approach means that it is possible to secure peripherals such as secure memory, crypto blocks, keyboard and screen to ensure they can be protected from software attack."
In part, AMD is embarrassed that their employees can only bring Intel processors onto their secure work network due to lack of hardware security on AMD's own chips. Hardware level security is the future.
Which site and business group runs Pentium 4 laptops? I don't think I've run across anyone at Intel that runs a P4. I have one of the older series for design engineers, and it's a T9400 which is Core2 and still supports TXT. Of course, I'm at the very end of my model's life and moving to SNB within the next month or two.
Trusted computing is the holy grail of DRM. The name comes from a CIA in joke, you can only trust a system you compromised and whose user has less control then you do.
It includes hardware chips that verify the hash of software before it is allowed to run. Making it impossible to get a virus. It also makes it impossible to run open source software and it allows remote censorship.
They can decide for example that a certain document needs to go, they send a kill signal and any trusted computing computer out there deletes all copies of said document without the user consent.
It should be noted that to leverage it in such a manner it needs to be standard everywhere. The hardware makers already put it everywhere.
But the problem is laws, which is why there are ongoing attempts to make it legally required (just like for a time HDCP was mandated by law). So far they have failed to do so in the USA. And have yet to mandate big brother.
It is really quite annoying and downright frightening. An implementation for consumer protection is one thing. For example, modern cars have an electronic ignition key that prevents thieves from making a plain mechanical key and driving off with it. But the key and car, once paired, make a standalone system. Ford can't remotely revoke the key if they decide that you are not driving the car in compliance with an "end user license". Sound crazy? Well, the car and key combination is a form of TPM. It is certainly possible from a technology standpoint for the car to phone home and validate the key.
This whole DRM / TPM thing is subverting the very concept of ownership. What does it mean these days to own something? Do you really own something if someone else can control whether or not you may use it? If this is the future, then the future is not unlike the "company store" concept from the 19th century.
Haven't you read the EULA for any software in the past two decades? You do NOT own any software; you own a license to USE the software. You don't own anything except a software license.
Since I will run linux and disable secure boot in the UEFI/BIOS, this arm chip won't be able to affect linux, right? So it won't be able to, for instance, enforce DRM, right? What code is this arm chip running? Is it in ram, or separate eprom in its own memory space? Can I nuke it from orbit? Is this arm code pre-approved by NSA/MAFIAA ? Does this mean new systems are pre-pwned? Why should I trust any US corporation?
security portion? useless. AMD ARM? significant, at least to me. This sounds like a hybrid ARM/X86 processor....hello desktop competition? Intel? Microsoft?
umm? just because it's being designed for security doesn't limit AMD's arm expansions solely to that area. This represents an early foray into ARM, which they previously claimed no plans to do (granted, not for the same purpose).
It wouldn't exactly be a stretch to go "hey, they're going to use arm for security, maybe they'll use arm for other stuff too". Duh.
It is not really an issue if all they're doing is running trusted execution software. I don't see it any different than integrating a Sandforce controller onto their APU. My understanding is that none of the ARM cores in devices you can buy today are 64bit anyhow. Additionally, you would require ARM based code on Windows and x86 code in one OS version to run applications from both architectures concurrently. The included A5 is a slug anyhow, so don't plan on seeing any of that in this iteration. It does really provide some interesting possibilities given virtualization software.
Apple might find a product like this really interesting in their minute laptops; think subsequent APUs with a built-in Apple ARM core running applications from both their environments.
But basically AMD wants to create an open standard around heterogeneous computing. The aim is to make using heterogeneous architectures easier to use for software developers by eliminating proprietary ABIs and APIs.
There is nothing wrong with mixing processor ISAs within a single chip. IBM did it with the Cell processor. I'd actually like to see hybrid chips for tablets and palmtops.
That would be interesting, and it's a bit like what Nvidia is rumored to be doing with Project Denver. Take a few relatively more powerful AMD cores and surround them with smaller ARM cores that they can dish out certain tasks to.
I'm not sure if I'm reading this correctly, but could this mean theoretically that future APUs with an Arm core may be able to run both Winx86 and Android? (or even Winx86 and WinRT - but that would be redundant....) Or could even Microsoft make an os that would allow for some type of core switching to take advantage of both Arm's low power and x86 performance? Or is the point that the way Amd is moving, switching cores explicitly wouldn't be necessary as everything on the chip would be seen I guess as 'modules' of performance that can be turned on and off?
No you aren't reading this correctly. All that was announced was the inclusion of an old Cortex A5 - an architecture almost half the speed of current Cortex A9s. AMD is using the ARM chip as a security offload for DRM.
Speculation about an ARM/x86 future is sure to follow given this partnership. There is no way AMD could just swap x86/ARM "modules" transparently without deep software and OS support.
If the ARM core has enough tendrils into the video and IO subsystems, it should be able to run BMC functionality. KVM remote control, flash the BIOS, program the CMOS RAM, temperature monitoring, fan control... That would be a much more worthy endeavor than TPM for me.
Apple's just implemented, and Intel's talked about, having your PC sync while asleep. That's one of the really handy features of my phone, too -- recent e-mail, etc. is always already there. An ARM environment that's just smart enough to stay connected and pull down new e-mail, etc., without eating much battery, would be awesome. It wouldn't necessarily have to talk super-closely with the main OS -- just save the new data it pulls down to a little bit of dedicated flash or memory it has, say.
To switch between the x86 cores and ARM cores interchangeably in Windows 8, it would need a special version with both binaries of course. That could save a lot of power, or feature a quick boot mode, or both.
The Cortex-A5 in AMD's next APU is not going to run ARM code. It is mainly going to sit in the chip and monitor data that requires security. The microcode of the APU will handle everything transparently. The processor by itself will still be an 80x86 processor, but all the security requests will be off-loaded to the ARM processor. This is not any different compared to other processors that uses another ARM processor to handle something besides applications. nVidia uses another ARM processor to control power management and data flow to other parts of their Tegra chips.
Switching from Windows to Android and then Android to Windows already been done with an 80x86 and ARM processor.
Not to mention this would be akin to a featured article here some time ago. Concerning the Curcial SSD that had dual A9's for controllers on it. You'd have a driver at most I would think.
The Cortex A5 is also capable of big endian, or little endian byte ordering. So to some extent. The "ARM / x86 code issue" is rendered moot. No need for two abstraction layers.
Think of it like this. A Cortex A5 MCU can/could be used as a keyboard controller. Among many other possible uses. Do you ever worry about about what any I/O device connected to your computer. Uses for a processor ? I don't . . .
Since some of this idea does not josh- that is ARM cpus are not that powerful,and thus the 'front-end'will mean (at least at this examined/explained emplementation) of notebooks,devices little for the actual compute end. DRM can still be vacated,and well as instilled,but dont force this as a necesary hardware implementation. As for most applications,the user has the choice use it or dont'. Howebeit the environment you have shown in this article (might be__) byo device etc. The article does a lot to generalize 'front-end,and back-end'. However does not make much sense if both the smallish ARM cpu described here will ''only'' be used with 'end-user' technologies. As I can tell,the small cpus simply barf at doing cryptollogy,and if an additive must of doing high resolution video ,and e.g. wireless vid conf etc, that would be about the limit of that platform. And being so,this 'weak-end',is fairly self serving. Since if a business was to buy into the technology described here,they would also have to outfit themselves with the back-end side of the ARM Trusted Platform technology. Being so said,meaning,if you buy this here 'front-end',you will also have to buy-it-here 'back-end'. Larger back-end say server side ARM technology ? I'm a little confused,as I have seen some large performance of cryptography static from other smallish technology manufacturers. Performance that did not necesitate comparing the specific technology here as ARM Trusted Platform technology. Why I say, APU for ARM,rather than ARM for APU. Gleefully pretensing that perhaps (and I dont know),AMD is simply assisting getting a silicon vendor an off the floor assist.
We’ve updated our terms. By continuing to use the site and/or by logging into your account, you agree to the Site’s updated Terms of Use and Privacy Policy.
Facebook
Twitter
RSS
36 Comments
Back to Article
Ben90 - Wednesday, June 13, 2012 - link
Pardon my noobness, but I just don't understand the concepts of why this is necessary.Yuriman - Wednesday, June 13, 2012 - link
Taken from arm.com:"TrustZone technology, tightly integrated tightly into Cortex™-A processors, extends throughout the system via the AMBA® AXI™ bus and specific TrustZone System IP blocks. This system approach means that it is possible to secure peripherals such as secure memory, crypto blocks, keyboard and screen to ensure they can be protected from software attack."
In part, AMD is embarrassed that their employees can only bring Intel processors onto their secure work network due to lack of hardware security on AMD's own chips. Hardware level security is the future.
ExarKun333 - Wednesday, June 13, 2012 - link
LOL, yeah they should be a little embarrassed that their own workers cannot bring AMD CPUs into work. :)JKflipflop98 - Wednesday, June 13, 2012 - link
That's funny because Intel still uses Pentium 4's and 1st gen Core 2's internally.Beleaguered - Wednesday, June 13, 2012 - link
Which site and business group runs Pentium 4 laptops? I don't think I've run across anyone at Intel that runs a P4. I have one of the older series for design engineers, and it's a T9400 which is Core2 and still supports TXT. Of course, I'm at the very end of my model's life and moving to SNB within the next month or two.actionjksn - Wednesday, June 20, 2012 - link
How much do you want for the T9400 Processor and is it compatible with a laptop that has a T7300?microlithx - Wednesday, June 13, 2012 - link
DRM, mainly. TrustZone is what Apple and all the Android vendors use to lock down their bootloaders.Netflix requires such locks to appease the MPAA.
taltamir - Wednesday, June 13, 2012 - link
Trusted computing is the holy grail of DRM.The name comes from a CIA in joke, you can only trust a system you compromised and whose user has less control then you do.
It includes hardware chips that verify the hash of software before it is allowed to run. Making it impossible to get a virus. It also makes it impossible to run open source software and it allows remote censorship.
They can decide for example that a certain document needs to go, they send a kill signal and any trusted computing computer out there deletes all copies of said document without the user consent.
taltamir - Wednesday, June 13, 2012 - link
It should be noted that to leverage it in such a manner it needs to be standard everywhere. The hardware makers already put it everywhere.But the problem is laws, which is why there are ongoing attempts to make it legally required (just like for a time HDCP was mandated by law). So far they have failed to do so in the USA. And have yet to mandate big brother.
Jaybus - Thursday, June 14, 2012 - link
It is really quite annoying and downright frightening. An implementation for consumer protection is one thing. For example, modern cars have an electronic ignition key that prevents thieves from making a plain mechanical key and driving off with it. But the key and car, once paired, make a standalone system. Ford can't remotely revoke the key if they decide that you are not driving the car in compliance with an "end user license". Sound crazy? Well, the car and key combination is a form of TPM. It is certainly possible from a technology standpoint for the car to phone home and validate the key.This whole DRM / TPM thing is subverting the very concept of ownership. What does it mean these days to own something? Do you really own something if someone else can control whether or not you may use it? If this is the future, then the future is not unlike the "company store" concept from the 19th century.
gamerk2 - Friday, June 15, 2012 - link
Haven't you read the EULA for any software in the past two decades? You do NOT own any software; you own a license to USE the software. You don't own anything except a software license.taltamir - Saturday, June 16, 2012 - link
They took it a step further.Blizzard won a case vs a married couple that wanted to share their WoW license with each other.
BLIZZARD owns the license, you pay them to register you as the sole user of the license they own.
Since you don't actually own ANYTHING you cannot share it with a spouse even though the law says all property is shared.
rolandl - Monday, June 23, 2014 - link
Since I will run linux and disable secure boot in the UEFI/BIOS, this arm chip won't be able to affect linux, right? So it won't be able to, for instance, enforce DRM, right? What code is this arm chip running? Is it in ram, or separate eprom in its own memory space? Can I nuke it from orbit? Is this arm code pre-approved by NSA/MAFIAA ? Does this mean new systems are pre-pwned? Why should I trust any US corporation?designerfx - Wednesday, June 13, 2012 - link
because we're talking about an AMD ARM chip.security portion? useless. AMD ARM? significant, at least to me. This sounds like a hybrid ARM/X86 processor....hello desktop competition? Intel? Microsoft?
I see potentially big things happening with this.
JKflipflop98 - Wednesday, June 13, 2012 - link
Read more.Post less.
designerfx - Wednesday, June 13, 2012 - link
umm? just because it's being designed for security doesn't limit AMD's arm expansions solely to that area. This represents an early foray into ARM, which they previously claimed no plans to do (granted, not for the same purpose).It wouldn't exactly be a stretch to go "hey, they're going to use arm for security, maybe they'll use arm for other stuff too". Duh.
silverblue - Wednesday, June 13, 2012 - link
...but is there a potential software issue integrating a 32-bit CPU, or rather, controller I suppose, inside a 64-bit CPU?eanazag - Wednesday, June 13, 2012 - link
It is not really an issue if all they're doing is running trusted execution software. I don't see it any different than integrating a Sandforce controller onto their APU. My understanding is that none of the ARM cores in devices you can buy today are 64bit anyhow. Additionally, you would require ARM based code on Windows and x86 code in one OS version to run applications from both architectures concurrently. The included A5 is a slug anyhow, so don't plan on seeing any of that in this iteration. It does really provide some interesting possibilities given virtualization software.Apple might find a product like this really interesting in their minute laptops; think subsequent APUs with a built-in Apple ARM core running applications from both their environments.
phatboye - Wednesday, June 13, 2012 - link
What is this HSA that was mentioned in the article? I've tried google but nothing relevant has came up.JarredWalton - Wednesday, June 13, 2012 - link
You could try searching our site! :-)http://www.anandtech.com/show/5847/answered-by-the...
Or if you want the quick expansion of the acronym: Heterogeneous Systems Architecture.
Arnulf - Wednesday, June 13, 2012 - link
You haven't tried nearly hard enough.http://hsafoundation.com/
spunlex - Wednesday, June 13, 2012 - link
It's "heterogeneous system architecture".But basically AMD wants to create an open standard around heterogeneous computing. The aim is to make using heterogeneous architectures easier to use for software developers by eliminating proprietary ABIs and APIs.
This Guy - Wednesday, June 13, 2012 - link
"Heterogenous System Architecture, formerly known as the Fusion architecture, an open specification by AMD for heterogenous computing" - WikipediaI had the same problem :)
dagamer34 - Wednesday, June 13, 2012 - link
*Jedi voice* This isn't the AMD-ARM partnership I was looking for....Lucky Stripes 99 - Wednesday, June 13, 2012 - link
There is nothing wrong with mixing processor ISAs within a single chip. IBM did it with the Cell processor. I'd actually like to see hybrid chips for tablets and palmtops.tipoo - Monday, June 18, 2012 - link
That would be interesting, and it's a bit like what Nvidia is rumored to be doing with Project Denver. Take a few relatively more powerful AMD cores and surround them with smaller ARM cores that they can dish out certain tasks to.Mishera - Wednesday, June 13, 2012 - link
I'm not sure if I'm reading this correctly, but could this mean theoretically that future APUs with an Arm core may be able to run both Winx86 and Android? (or even Winx86 and WinRT - but that would be redundant....) Or could even Microsoft make an os that would allow for some type of core switching to take advantage of both Arm's low power and x86 performance? Or is the point that the way Amd is moving, switching cores explicitly wouldn't be necessary as everything on the chip would be seen I guess as 'modules' of performance that can be turned on and off?mabellon - Wednesday, June 13, 2012 - link
No you aren't reading this correctly. All that was announced was the inclusion of an old Cortex A5 - an architecture almost half the speed of current Cortex A9s. AMD is using the ARM chip as a security offload for DRM.Speculation about an ARM/x86 future is sure to follow given this partnership. There is no way AMD could just swap x86/ARM "modules" transparently without deep software and OS support.
Malih - Thursday, June 14, 2012 - link
current APUs has been capable of running both Winx86 and Android for some time (www.android-x86.org).rrohbeck - Wednesday, June 13, 2012 - link
If the ARM core has enough tendrils into the video and IO subsystems, it should be able to run BMC functionality. KVM remote control, flash the BIOS, program the CMOS RAM, temperature monitoring, fan control... That would be a much more worthy endeavor than TPM for me.Craig234 - Wednesday, June 13, 2012 - link
Don't assume the reader knows what an APU is, the first time it's used define it.Not needed with CPU or probably GPU, but I think it is with APU.
twotwotwo - Wednesday, June 13, 2012 - link
Apple's just implemented, and Intel's talked about, having your PC sync while asleep. That's one of the really handy features of my phone, too -- recent e-mail, etc. is always already there. An ARM environment that's just smart enough to stay connected and pull down new e-mail, etc., without eating much battery, would be awesome. It wouldn't necessarily have to talk super-closely with the main OS -- just save the new data it pulls down to a little bit of dedicated flash or memory it has, say.tipoo - Wednesday, June 13, 2012 - link
To switch between the x86 cores and ARM cores interchangeably in Windows 8, it would need a special version with both binaries of course. That could save a lot of power, or feature a quick boot mode, or both.tecknurd - Wednesday, June 13, 2012 - link
The Cortex-A5 in AMD's next APU is not going to run ARM code. It is mainly going to sit in the chip and monitor data that requires security. The microcode of the APU will handle everything transparently. The processor by itself will still be an 80x86 processor, but all the security requests will be off-loaded to the ARM processor. This is not any different compared to other processors that uses another ARM processor to handle something besides applications. nVidia uses another ARM processor to control power management and data flow to other parts of their Tegra chips.Switching from Windows to Android and then Android to Windows already been done with an 80x86 and ARM processor.
yyrkoon - Wednesday, June 13, 2012 - link
Not to mention this would be akin to a featured article here some time ago. Concerning the Curcial SSD that had dual A9's for controllers on it. You'd have a driver at most I would think.The Cortex A5 is also capable of big endian, or little endian byte ordering. So to some extent. The "ARM / x86 code issue" is rendered moot. No need for two abstraction layers.
Think of it like this. A Cortex A5 MCU can/could be used as a keyboard controller. Among many other possible uses. Do you ever worry about about what any I/O device connected to your computer. Uses for a processor ? I don't . . .
Tujan - Friday, June 15, 2012 - link
.. you mean. Not ARM for APU .Since some of this idea does not josh- that is ARM cpus are not that powerful,and thus the 'front-end'will mean (at least at this examined/explained emplementation) of notebooks,devices little for the actual compute end. DRM can still be vacated,and well as instilled,but dont force this as a necesary hardware implementation. As for most applications,the user has the choice use it or dont'. Howebeit the environment you have shown in this article (might be__) byo device etc.
The article does a lot to generalize 'front-end,and back-end'. However does not make much sense if both the smallish ARM cpu described here will ''only'' be used with 'end-user' technologies. As I can tell,the small cpus simply barf at doing cryptollogy,and if an additive must of doing high resolution video ,and e.g. wireless vid conf etc, that would be about the limit of that platform. And being so,this 'weak-end',is fairly self serving.
Since if a business was to buy into the technology described here,they would also have to outfit themselves with the back-end side of the ARM Trusted Platform technology. Being so said,meaning,if you buy this here 'front-end',you will also have to buy-it-here 'back-end'. Larger back-end say server side ARM technology ?
I'm a little confused,as I have seen some large performance of cryptography static from other smallish technology manufacturers. Performance that did not necesitate comparing the specific technology here as ARM Trusted Platform technology. Why I say, APU for ARM,rather than ARM for APU.
Gleefully pretensing that perhaps (and I dont know),AMD is simply assisting getting a silicon vendor an off the floor assist.