ATLANTA, GEORGIA – AMI, a global leader in the Dynamic Firmware market for worldwide computing, today announces the latest version of its Tektagon™ XFR Platform Root of Trust Firmware Protection Security Solution.
Recent news of high-profile breaches confirm that platform firmware increasingly presents a large and ever-expanding attack surface. Earlier this year, the U.S. Department of Homeland Security (DHS) and Department of Commerce issued a new joint report on supply chain security in the US IT and communications industries, outlining how firmware is now a priority target for hackers and represents a significant threat vector for computer systems and IT infrastructure. It urged businesses and individuals to take steps to protect their critical infrastructure from such firmware attacks.
To address this growing threat and provide users with the latest tools in firmware protection and security, today’s release of Tektagon XFR adds several new features to this already robust solution from AMI. Key among them is support for the Mach™-NX FPGAs from Lattice Semiconductor, which enables Tektagon XFR to deliver dual SPI support and real-time platform security monitoring. Tektagon XFR now also offers support for server architectures from AMD and Arm®, bringing affordable, easy-to-deploy Platform Firmware Resilience (PFR) to an even wider range of platforms for datacenter and cloud service provider applications.
Additional new features in this latest release of Tektagon XFR include Intel® PFR 3.0 support, seamless updates for the next-generation Intel® Xeon® (“Eagle Stream”) data center platform, attestation support and integration with our Aptio® V UEFI Firmware and MegaRAC® SP-X BMC Firmware. Tektagon XFR also gains support for AES, SHA and ECDSA encryption, key management and support for MegaRAC OpenEdition™ BMC Firmware from AMI.
About Tektagon XFR
Tektagon XFR is a hardware-based platform firmware security solution for servers that utilizes an AMI firmware stack on Lattice FPGA devices, strengthening system security by protecting firmware from unauthorized modification, detecting firmware-based malware and recovering the platform to a known good state. These capabilities make Tektagon XFR the perfect solution for protecting critical infrastructure firmware from unauthorized modification during power up and runtime.
Tektagon XFR is compliant with NIST Platform Firmware Resiliency (PFR) Guidelines (NIST SP 800-193) and compatible with the current draft of the Data Center Secure Control Module (DC-SCM) 2.0 Specification under the management of the Open Compute Project (OCP). It also supports Security Protocol and Data Model (SPDM) from DMTF for monitoring of a server’s peripheral devices, enabling firmware attestation for Broadcom’s MegaRAID™ 9600 Storage Adapter and 200G NIC family. With Tektagon XFR in place, you can be confident that your firmware is safe from tampering or corruption.
Recognizing the challenges that OEMs face developing a PFR solution from scratch, AMI and Lattice Semiconductor worked closely together to bring the industry an integrated, fully featured, pre-verified and secure PFR solution that is flexible, scalable, low cost, and easy to implement. Our partnership allows us to offer our PFR Firmware on secure FPGA solutions from Lattice, in combination with the Lattice Sentry™ solution stack and a full suite of design and development tools – for holistic, robust system security that conforms to PFR industry guidelines and represents a significant advancement in platform security for our customers.
Zachary Bobroff, Senior Director of Product Office at AMI, commented that “With security breaches becoming more prevalent, organizations must have a system to validate their platform firmware – to be aware of all firmware running on your platforms and ensure that it is trusted. AMI’s Tektagon solutions provide this root of trust, so you can be confident that your platform is secure against potential threats. Today’s new release is the next step in our vision for Tektagon XFR, bringing customers an affordable, flexible and comprehensive alternative to existing competitor solutions that is rooted in essential firmware security guidelines and truly breaks new ground in platform security.”
“As the security threat landscape continues to evolve, enabling system and platform developers to integrate added layers of protection and resilience is a key priority at Lattice,” said Nilesh Narayan, Marketing Director, Server Segment, Lattice Semiconductor. “We are excited to continue our strong collaboration with AMI by enabling Tektagon XFR with broader support for our award-winning low power product portfolio, giving our customers more ways to implement next-generation security and cyber resiliency.”
Zee Shirazi, Global Head of Marketing, Business Operations and Strategy, Data Center Solutions Group, Broadcom added that “With the growing number of sophisticated security threats, the Security Protocol and Data Model (SPDM) specification from DMTF will play a central role in platform security for both hyperscale and enterprise data centers by ensuring only authentic hardware and firmware components are being used. We are pleased to see that AMI has added a SPDM feature, to the Tektagon XFR platform, that supports our storage and server components including our MegaRAID™ 9600 storage adapter, 200G NIC, and PEX89xxx PCIe switch products— seamlessly protecting the same security attestation umbrella as other platform firmware.”
Lattice Mach™-NX and Lattice Sentry™ are trademarks of Lattice Semiconductor. MegaRAID™ is a trademark of Broadcom Inc. Intel® and Xeon® are registered trademarks of Intel Corporation. All other trademarks and registered trademarks are the property of their respective owners in the US and other countries.