Intel® Platform Service Record (Intel® PSR) Introduction

ID 标签 774510
已更新 8/12/2024
版本 Latest
公共

author-image

作者

System Requirements

Intel® Platform Service Record (Intel® PSR) is supported on Intel vPro® Essentials and Intel vPro® Enterprise on:

  • Lunar Lake platforms (PSR 2.1)
  • Meteor Lake Platforms (PSR 2.0)
  • Raptor Lake platforms (PSR 1.0)
  • Alder Lake platforms with Raptor Lake CPU (PSR 1.0)

Intel PSR requires Intel® CSME 16.1 firmware and later, and requires enablement by the OEM.

Note: Intel PSR is supported only if Intel® UPID is supported. In addition, the Intel PSR log can be retrieved only if Intel UPID is enabled on the platform. For details on enabling Intel UPID, refer to Intel Unique Platform ID Usage.

Highlights

The Platform Service Record provides on-platform persistent / tamper resistant ledgers and counters of the various items belonging to the platform.

Following is the structure of the Platform Service Record:

  • Identifiers
Item Size (bytes)
Intel® Unique Platform ID 64
Platform Service Record ID 16

 

  • Platform Genesis Record that includes the following information:
Item Size (bytes)
Log Start Date (set at End of Manufacturing) 8
OEM 64
OEM Make 64
OEM Model 64
Country of Manufacture 64
OEM-defined metadata 1024

 

  • Capabilities section (in PSR 2.0) that indicates whether a feature or mechanism is supported by the OEM's design. A value of 0 indicates that a capability is not supported. A value of 1 indicates that the capability is supported:
Capability Size (bytes) Comments
Chassis intrusion 1 Optional
Excessive shock detection 1 PSR 2.0; optional
Requires implementing a modified ISH solution to report this event to Intel CSME
Critical temperature detection 1 PSR 2.0; optional
Requires implementing a temperature sensor and modifying the EC and BIOS
Remote Platform Erase 1 PSR 2.0; optional
Local Platform Erase 1 PSR 2.0; optional
Firmware Recovery detection 1 PSR 2.1; optional
Firmware Update detection 1 PSR 2.1; optional
System Hang detection 1 PSR 2.1; optional
Power Drop detection 1 PSR 2.1; optional
Reserved 23  

 

Sanitization events are events in which the BIOS performs a Remote platform erase, Local platform erase, or Intel ME unconfigure (PSR 2.0; optional). These require enabling RPE and modifying the BIOS. Following are the types of events and devices whose statuses can be logged in the PSR:

  • TPM
  • Supported Storage Erase (storage supported with RPE)
  • Storage Erase Verification comparison
  • Clear BIOS variables
  • BIOS reload golden configuration
  • OEM Custom Actions (if defined)
  • Intel CSME Unconfigure

Note: Only the latest sanitization event of each type (SSD, TPM, etc.) is recorded in the Platform Service Record Event Log.  Older specific sanitization events are overwritten with the last event, regardless of its status (failed/passed) or origin (LPE/RPE).

  • Counters (4 bytes each) for:
    • Number of seconds in S0 state
    • Number of S0->S5 transitions
    • Number of S0->S4 transitions
    • Number of S0->S3 transitions
    • Number of platform power-ons
    • Platform resets
    • ISH Connection Count (PSR 2.0). This is always less than or equal to the total boot count (S0->S5 transitions + S0->S4 transitions + S0->S3 transitions + Resets). Preferably at least 90% of the total boot count.
    • CSME Reset Count (PSR 2.0)
    • Reserved (36 bytes)
    • PRTC Reset Count (PSR 2.0)
    • Log in Recovery State Count (PSR 2.0)
    • DAM (Delayed Authentication Mode) State Entered Count (PSR 2.0)
    • Unlocked State Entered Count (PSR 2.0)
    • PSR SVN Incremented Count (PSR 2.0)
    • Reserved (12 bytes)
    • Excessive Shock Count (PSR 2.0)
    • Excessive  Operational Temperature Count (PSR 2.0)
    • Firmware Recovery Count (PSR 2.1)
    • Firmware Update Count (PSR 2.1)
    • System Hang Count (PSR 2.1)
    • Power Drop Count (PSR 2.1)
    • Reserved (20 bytes)

 

  • Event data ledger
Item Size (bytes)
Number of events 4
Event 1...100 12 bytes for each event

 

Structure of each event in the event data ledger:

Field Size (bytes) Value
Event ID 1  

Event sub ID (PSR 2.0. Reserved in PSR 1.0)

3 Event specific
Time stamp 4  
Reserved 4  

 

Event Details

The following table lists the different events that can be logged in the event data ledger:

Event Name Description Event ID
Log Started First event in the log. Generate when the log is initiated. 8
Log Ended Event added at the end of the log. This is to have the timestamp when the log is retrieved. 9
Log Full Indicates that there is no more free storage in the log to add events 10
Replay Protection Infrastructure Failure A Replay Protection infrastructure failure has been detected (e.g., loss of RTC power when anti-replay is RTC-based) 16
Log Missing One of the files used to store the PSR is found missing by the PSR firmware 17
Log Integrity Compromised The log's integrity or replay protection is found to be compromised by the PSR firmware 18
PRTC Reset PRTC failure detected 19
Log in Recovery State PSR cannot operate or is not recording 20
DAM State Entered Intel CSME has entered DAM (Delayed Authentication Mode) state. Platform is ready for debug. Recording halted temporarily 21
Unlocked State Entered Intel CSME firmware has been unlocked for debugging. PSR is not available and is not recording. 22
PSR SVN Incremented The firmware's SVN has been incremented via a TCB recovery, or the SVN of the PSR process has been incremented via a firmware update. 23

Chassis Intrusion Detected

BIOS has detected a chassis intrusion 32
Excessive Shock (PSR 2.0) ISH has detected that the platform underwent excessive shock 33
Excessive Operational Temperature (PSR 2.0) Platform has reached the specified excessive operational temperature as managed by the EC 34
Erase Platform Erase Action result 35

 

The Intel® Platform Service Record provides an indicator that can attest to the PSR Data having been generated by the platform, allowing for potential tampering detection.

Intel® CSME provides an API over Intel MEI interface, available both before and after POST, that allows the Platform Service Record Data to be retrieved in a Data Structured Blob.

The Platform Service Record can be retrieved from the platform through UEFI and OS driver interfaces, enabling access to the PSR Data Structure through:

  • The Intel® Management and Security Status application, to display PSR Data and Export to File
  • UEFI BIOS setup menu to display PSR or Export PSR Data to USB
  • 3rd party applications. Customers can use the PSR SDK sample code and the APIs described below to build applications that access the data in the PSR.

For information on the Intel® MEI interface that Intel® CSME provides for software applications to enable them to retrieve the PSR information and state, see Platform Service Record Intel MEI Protocol.

 

Use Cases for the Intel Platform Service Record

  • The Platform Service Record ID can be captured during manufacturing. It can be subsequently compared with the Platform Service Record ID on the platform to determine whether it was changed after the platform was shipped by the OEM. A mismatch would indicate that the PSR has been reset, and that historical data is therefore missing.
  • Key events captured within the PSR Event Ledger, e.g., Chassis Intrusion Detection, can be observed over the life cycle of the platform to help assess confidence
  • Platform S0 operational use and power state transitions can be assessed to aid in the determination of general wear or correlations of other platform events when determining platform decommission plans (repurpose, resell, recycle).
  • Ability to export PSR data and attesting of the platform (for example, via a cloud service)

 

Using the Intel Management and Security Status Application with Intel Platform Service Record

This section shows highlights of how the Intel PSR is accessed via the Intel IMSS application. For details on using the Intel IMSS application, see the Intel Management and Security Status Application User Guide.

You access the Intel PSR via the Intel® Unique Platform ID tab:

 

If the Intel UPID has been enabled on the platform, the View Intel® PSR and Save Intel® PSR buttons are enabled.

To view the platform's Intel PSR information:

Click View Intel® PSR. The System Information window is displayed.

 

Clicking General displays:

  • Log State
  • PSR version
  • PSR ID
  • UPID

Clicking Genesis displays:

  • Log Start Date
  • OEM Name
  • OEM Make
  • OEM Model
  • Country of Manufacturer
  • OEM Data

Clicking Ledger displays:

  • S0 Run Time in Seconds
  • S0 to S5 Transition Count
  • S0 to S4 Transition Count
  • S0 to S3 Transition Count
  • Warm Reset Count

Clicking Events displays a list of events recorded in the log:

 

Clicking an event displays information about the event:

 

Critical Event Table

Event name Event ID Meaning Logging behavior

Start Log

8

First event in the log. Generated when logging is started.

 

End Log

9

Marks the end of the log. This provides the timestamp when the log is retrieved.

Note: This event is not written to the flash memory.

 

Max Event Number Reached

10

No free storage in the log for adding events.

  • New events are not logged

  • Count continues to be incremented

Replay Protection Infrastructure Failure 

16

A Replay Protection infrastructure failure was detected (e.g., loss of power to the real-time clock when anti-replay is RTC-based).

  • Logging is moved to Stopped state.

  • New events are not logged.

  • Counters are not incremented.

  • PSRID is changed.

  • Previous data is lost.

PSR Missing

17

The Intel PSR firmware fails to find one of the files used for storing the Intel PSR.

  • Logging is moved to Stopped state.

  • No new events are logged.

  • Counters are not incremented

  • PSRID is changed.

  • Previous event data is lost

PSR Invalid

18

Intel PSR is present but the Intel PSR firmware determined that the log’s integrity or replay protection has been compromised.

  • No new events are logged.

  • Counters are not incremented.

  • PSRID is changed.

  • Previous event data is lost.

PRTC Failure

19

PRTC (Protected Run-Time Clock) failure was detected. 

In this case, the platform’s real-time clock is reset.

Logging continues but new event time stamps may be inaccurate. See Time Stamp Structure and Calculation.

Intel CSME entered Recovery/Disabled/SKU Mismatch State

20

Intel CSME firmware has entered a state or condition where the Intel PSR cannot operate or is not recording. The event is recorded when normal operation resumes.

Logging continues.

Intel CSME Entered DAM State

21


Recording halted temporarily and platform moved to DAM (Delayed Authentication Mode) state. The platform is ready for debugging.

Logging continues.

Intel CSME Entered Unlock State

22


Intel CSME firmware has been unlocked for debugging. In this state, Intel PSR is not available and is not recording. When normal operation resumes. an event indicating that state is added and recording resumes.

 

PSR_SVN_ INCREASE

23

The firmware's SVN  was incremented (via a TCB recovery) or the SVN of the Intel PSR process was incremented (via a firmware update that increased the SVN).

 

Chassis Intrusion

32

The computer case has been opened.

 

Firmware Recovery 36 A recovery event has occurred. Exact details of the recovery may differ between OEMs. The last 5 occurrences of this event are logged.
Firmware Update 37 A firmware update has occurred. Exact details of the firmware that was updated may differ between OEMs. The last 5 occurrences of this event are logged.
System Hang 38 System hang has occurred. Exact details may differ between OEMs. The last 5 occurrences of this event are logged.
Power Drop 39 Power drop has occurred. Exact details may differ between OEMs. The last 5 occurrences of this event are logged.

 

 

Time Stamp Structure and Calculation

The timestamp in the Intel PSR is displayed in UTC format: YYYY-MM-DDThh:mmZ. This applies to both the genesis record and the events.

Genesis record time: the number of seconds that have passed since 1.1.1970.

Event time: the number of seconds that have passed since the log was created.

To calculate the time that an event occurred, you add the event time to the genesis time.

If an event causes the Intel CSME clock to reset its time (e.g., removal of the PRTC coin battery), a PRTC Failure event with a timestamp of zero is added to the log. The timestamps of all subsequent events will show the number of seconds since the PRTC Failure event that caused the time loss (they will not display the date in YYYY-MM-DDThh:mmZ format).

Intel Platform Service Record Sample Output Example

The Intel PSR SDK includes a sample application (PlatformServiceRecord.exe) that demonstrates how to use the Intel PSR. The application includes the following functions:

  • Retrieving the Platform Service Record log status
  • Retrieving the Platform Service Record Log and verifying it
  • Parsing and displaying the Platform Service Record log blob
  • Saving the Platform Service Record to a file

For details on these options and others, and examples of running the sample application for various purposes, see the documentation included with the sample application.

Following is one example of the output that is generated when you run the sample application:

 

Download Sample Application